You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@milagro.apache.org by sa...@apache.org on 2020/05/14 22:47:31 UTC

[incubator-milagro-MPC] 15/27: Amend model and test vector generation for double schnorr

This is an automated email from the ASF dual-hosted git repository.

sandreoli pushed a commit to branch update-model-no-replay
in repository https://gitbox.apache.org/repos/asf/incubator-milagro-MPC.git

commit 4690dbe888409702157398fb6400b81aea005265
Author: Samuele Andreoli <sa...@yahoo.it>
AuthorDate: Thu Feb 6 13:29:58 2020 +0000

    Amend model and test vector generation for double schnorr
---
 model/examples/run_schnorr.py        | 13 +++++--------
 model/sec256k1/schnorr.py            | 27 +++++++++++++++++++--------
 model/vectors/schnorr/genDSCHNORR.py | 29 +++++++++++++++--------------
 model/vectors/schnorr/genVector.py   | 13 ++++++-------
 4 files changed, 45 insertions(+), 37 deletions(-)

diff --git a/model/examples/run_schnorr.py b/model/examples/run_schnorr.py
index 4cb5de8..7f929b9 100755
--- a/model/examples/run_schnorr.py
+++ b/model/examples/run_schnorr.py
@@ -94,26 +94,23 @@ if __name__ == "__main__":
     # C is the commitment, a and b are kept secret
     a, b, C = schnorr.d_commit(R, a, b)
 
-    print("[Alice] Commit")
+    print("Commit")
     print("\ta {}".format(hex(a)[2:].zfill(64)))
     print("\tb {}".format(hex(b)[2:].zfill(64)))
     print("\tC {}\n".format(C))
 
     # Challenge
-    if DETERMINISTIC:
-        c = 0x52fad3d74fd4589f5792dd045626e23dd596b6e4c24c5af6dbb15cfa3c71b55a
-    else:
-        c = schnorr.d_challenge()
+    c = schnorr.d_challenge(R, V, C)
 
-    print("[Bob] Challenge {}\n".format(hex(c)[2:].zfill(64)))
+    print("Challenge {}\n".format(hex(c)[2:].zfill(64)))
 
     # Proof
     t, u = schnorr.d_prove(a, b, c, s, l)
 
-    print("[Alice] Prove\n\tt {}\n\tu {}\n".format(
+    print("Prove\n\tt {}\n\tu {}\n".format(
         hex(t)[2:].zfill(64), hex(u)[2:].zfill(64)))
 
     # Verification
     ok = schnorr.d_verify(R, V, C, c, t, u)
 
-    print("[Bob] Verify: {}".format(ok))
+    print("Verify: {}".format(ok))
diff --git a/model/sec256k1/schnorr.py b/model/sec256k1/schnorr.py
index 1d10084..6cc54be 100644
--- a/model/sec256k1/schnorr.py
+++ b/model/sec256k1/schnorr.py
@@ -25,26 +25,37 @@ def d_commit(R, a=None, b=None):
     return a, b, C
 
 
-def d_challenge():
-    return big.rand(curve.r)
+def d_challenge(R, V, C):
+    H = hashlib.new("sha256")
+
+    H.update(ecp.generator().toBytes(True))
+    H.update(R.toBytes(True))
+    H.update(C.toBytes(True))
+    H.update(V.toBytes(True))
+
+    e_bytes = H.digest()
+    e = big.from_bytes(e_bytes)
+    e = e % curve.r
+
+    return e
 
 
-def d_prove(a, b, c, s, l):
-    t = (a + c * s) % curve.r
-    u = (b + c * l) % curve.r
+def d_prove(a, b, e, s, l):
+    t = (a + e * s) % curve.r
+    u = (b + e * l) % curve.r
 
     return t, u
 
 
-def d_verify(R, V, C, c, t, u):
+def d_verify(R, V, C, e, t, u):
     '''
-        Verify t.R + u.G = C + c.V
+        Verify t.R + u.G = C + e.V
     '''
 
     P = ecp.ECp.mul(R, t, ecp.generator(), u)
 
     Q = C.copy()
-    Q.add(c * V)
+    Q.add(e * V)
 
     if DEBUG:
         print("P {}".format(P))
diff --git a/model/vectors/schnorr/genDSCHNORR.py b/model/vectors/schnorr/genDSCHNORR.py
index 4e5f81a..da1931c 100755
--- a/model/vectors/schnorr/genDSCHNORR.py
+++ b/model/vectors/schnorr/genDSCHNORR.py
@@ -16,35 +16,36 @@ from genVector import genDoubleSchnorrVector
 from Crypto.Util import number
 
 vector_fields = {
-    "commit": ["TEST", "R", "A", "B", "CO"],
-    "prove": ["TEST", "A", "B", "CH", "S", "L", "T", "U"],
-    "verify": ["TEST", "R", "V", "CO", "CH", "T", "U"],
+    "commit": ["TEST", "R", "A", "B", "C"],
+    "challenge": ["TEST", "R", "V", "C", "E"],
+    "prove": ["TEST", "A", "B", "E", "S", "L", "T", "U"],
+    "verify": ["TEST", "R", "V", "C", "E", "T", "U"],
 }
 
 if __name__ == '__main__':
     parser = argparse.ArgumentParser()
 
-    parser.add_argument('--type', dest='type', type=str, default='commit',
-                        help='test vector type', choices=["commit", "prove", "verify"])
-    parser.add_argument(
-        'nVec', type=int, help='number of test vectors to generate')
+    parser.add_argument('-t', dest='type', type=str, default='commit',
+                        help='test vector type', choices=["commit", "challenge", "prove", "verify"])
+    parser.add_argument('-n', dest='n', type=int, default=10,
+                        help='number of test vectors to generate')
 
     args = parser.parse_args()
-
-    print("Generate {} vector(s). Type '{}'".format(args.nVec, args.type))
+    vecType = args.type
+    keys = vector_fields[vecType]
 
     vectors = []
 
-    for i in range(args.nVec):
+    for i in range(args.n):
         vector = genDoubleSchnorrVector(i)
 
-        vector = {k: vector[k] for k in vector_fields[args.type]}
+        vector = {k: vector[k] for k in keys}
         vectors.append(vector)
 
-    json.dump(vectors, open("{}.json".format(args.type), "w"), indent=2)
+    json.dump(vectors, open("d{}.json".format(vecType), "w"), indent=2)
 
-    with open("{}.txt".format(args.type), "w") as f:
+    with open("d{}.txt".format(vecType), "w") as f:
         for vector in vectors:
-            for field in vector_fields[args.type]:
+            for field in keys:
                 f.write("{} = {},\n".format(field, vector[field]))
             f.write("\n")
diff --git a/model/vectors/schnorr/genVector.py b/model/vectors/schnorr/genVector.py
index bcaf81c..432313b 100644
--- a/model/vectors/schnorr/genVector.py
+++ b/model/vectors/schnorr/genVector.py
@@ -54,7 +54,7 @@ def genSchnorrVector(test_no, x=None, r=None):
     return vector
 
 
-def genDoubleSchnorrVector(test_no, R=None, s=None, l=None, a=None, b=None, c=None):
+def genDoubleSchnorrVector(test_no, R=None, s=None, l=None, a=None, b=None):
     """Generate a single test vector
 
         Use parameters to generate a single test vector
@@ -93,8 +93,7 @@ def genDoubleSchnorrVector(test_no, R=None, s=None, l=None, a=None, b=None, c=No
     # ZK proof
     a, b, C = schnorr.d_commit(R, a, b)
 
-    if c is None:
-        c = schnorr.d_challenge()
+    c = schnorr.d_challenge(R, V, C)
 
     t, u = schnorr.d_prove(a, b, c, s, l)
 
@@ -102,14 +101,14 @@ def genDoubleSchnorrVector(test_no, R=None, s=None, l=None, a=None, b=None, c=No
 
     vector = {
         "TEST": test_no,
-        "R": "{}".format(R),
+        "R": "{}".format(R.toBytes(True).hex()),
         "S": hex(s)[2:].zfill(64),
         "L": hex(l)[2:].zfill(64),
-        "V": "{}".format(V),
+        "V": "{}".format(V.toBytes(True).hex()),
         "A": hex(a)[2:].zfill(64),
         "B": hex(b)[2:].zfill(64),
-        "CO": "{}".format(C),
-        "CH": hex(c)[2:].zfill(64),
+        "C": "{}".format(C.toBytes(True).hex()),
+        "E": hex(c)[2:].zfill(64),
         "T": hex(t)[2:].zfill(64),
         "U": hex(u)[2:].zfill(64),
     }