I'm CCing this reply to the VIFF mailing list, where the other VIFF
developers are also subscribed. I'm handing in my dissertation this
week, so you should not only discuss things with me :-)
I hope this mail finds you in great spirits. My name is Sriram and I
am currently a researcher with the Trustworthy Voting Systems group at
the University of Surrey. I recently completed my PhD from Royal
Holloway working under Prof. Kenny Paterson. My area of work of
Identity Based Cryptography.
I have just come across VIFF today and managed to get a few examples
to work on my computer after a few glitches. I am a newbie to Multi
Party Computation, but I was excited by what VIFF could do.
Great that you made it work!
I am writing with a few queries and I will be grateful for any help.
As part of our project, we have implemented an early prototype of an
electronic voting scheme which has been called Pret a Voter in the
literature. The vote casting is paper based and the voter tears the
ballot in half and shreds the left half of the ballot which has a
randomized candidate list and submits the right hand side to a scanner
that reads the vote and an encrypted barcode that eventually enables
recovery of the vote. Basically, the idea is to ensure that the device
to which the vote is submitted has no information about the vote. This
is front end.
The back end where tallying is done is currently based on mixnets but
we are hoping to develop a new version that uses Homomorphic
Encryption so that we can handle different kinds of (ranked)
elections. We have currently managed to implement (in java) the
Paillier cryptosystem as well as the Generalized Paillier
cryptosystem. Mads Jurik has very kindly given us an implementation of
the threshold version of the Generalized Paillier Cryptosystem, with a
One of the ultimate aims of the project is to be able to do
homomorphic encryption without a trusted dealer. As a first step, this
means being able to generate an RSA modulus without a trusted dealer.
From the documentation, I noticed that it was mentioned that
Distributed RSA has in fact been implemented on VIFF. Please forgive
me for firing off an e-mail without thorough investigation, but am I
right that the source code for this is not included in the current
VIFF release? Would it be possible to obtain the code for this please?
Yes, the code is available from the original author, via his university.
I've now added links to
pointing you to
Thanks for the reminder :-)
My second question is whether Distributed versions of Paillier (or
Generalized Paiilier) have been implemented or if there is any plans
to do so in the near future. I noticed there is a Paillier Module, but
I understand this is used as a basis to implement other functionality
- key generation and decryption are not done in a Threshold fashion
Right, the viff.paillier module just implements the good old Paillier
cryptosystem, without any threshold support.
I will be grateful for any help/pointers from you. VIFF looks really
exciting and I am hoping to spend more time on it and use it in our
The installation of VIFF was quite complex in that things seemed to
not work quite right with the newest versions of the various required
components. I dug out the older versions (I am working with Python 2.4
and compatible versions of PyOpenSSL, Twisted etc. for 2.4). It may be
nice in a future release to package everything together if possible.
Which platform are you on? I'm running VIFF on Debian unstable with
Python 2.5.4 and Twisted 9.0 (these are the system packages).
You are certainly right that the initial installation is daunting when
done manually. We could make it easier by bundling things, but nobody
has stepped up to do it.
VIFF (Virtual Ideal Functionality Framework) brings easy and efficient
SMPC (Secure Multiparty Computation) to Python. See: http://viff.dk/.
Description: PGP signature
viff-devel mailing list (http://viff.dk/)