From 5670739e494d78a2de14ff80bba8e5a6b9bbe899 Mon Sep 17 00:00:00 2001 From: "tzlil.gon" Date: Wed, 30 Mar 2016 12:44:04 +0300 Subject: [PATCH] tested version --- .../src/main/java/Arithmetics/Fp.java | 27 +-- .../java/Communication/MessageHandler.java | 2 +- .../src/main/java/Communication/Network.java | 2 +- .../VerifiableSecretSharing.java | 5 +- .../DistributedKeyGeneration.java | 70 +++--- .../DistributedKeyGenerationParty.java | 9 +- .../DistributedKeyGenerationUserImpl.java | 221 +++++++++++------- .../SecureDistributedKeyGeneration.java | 78 ++++--- ...reDistributedKeyGenerationMailHandler.java | 2 +- .../SecureDistributedKeyGenerationParty.java | 8 +- ...ecureDistributedKeyGenerationUserImpl.java | 142 +++++++---- .../LagrangePolynomial.java | 18 +- .../java/ShamirSecretSharing/Polynomial.java | 27 +-- .../ShamirSecretSharing/SecretSharing.java | 4 +- .../JointFeldmanProtocol/DKGDeepTest.java | 174 -------------- .../DKGMaliciousUserImpl.java | 36 +-- .../java/JointFeldmanProtocol/DKGTest.java | 193 +++++++++------ .../SDKGMaliciousUserImpl.java | 64 +++++ .../SDKGTest.java | 191 +++++++++------ .../SDKGUserImplAbort.java | 11 +- .../PolynomialTests/AddTest.java | 6 +- .../PolynomialTests/InterpolationTest.java | 7 +- .../PolynomialTests/MulByConstTest.java | 4 +- .../PolynomialTests/MulTest.java | 6 +- .../SecretSharingTest.java | 3 +- .../GenerateRandomPolynomial.java} | 11 +- .../test/java/Utils/GenerateRandomPrime.java | 32 +++ 27 files changed, 745 insertions(+), 608 deletions(-) delete mode 100644 destributed-key-generation/src/test/java/JointFeldmanProtocol/DKGDeepTest.java create mode 100644 destributed-key-generation/src/test/java/SecureDistributedKeyGenerationForDiscreteLogBasedCryptosystem/SDKGMaliciousUserImpl.java rename destributed-key-generation/src/test/java/{ShamirSecretSharing/PolynomialTests/Utils.java => Utils/GenerateRandomPolynomial.java} (75%) create mode 100644 destributed-key-generation/src/test/java/Utils/GenerateRandomPrime.java diff --git a/destributed-key-generation/src/main/java/Arithmetics/Fp.java b/destributed-key-generation/src/main/java/Arithmetics/Fp.java index 545dd8b..db2d6da 100644 --- a/destributed-key-generation/src/main/java/Arithmetics/Fp.java +++ b/destributed-key-generation/src/main/java/Arithmetics/Fp.java @@ -1,5 +1,7 @@ package Arithmetics; +import org.factcenter.qilin.primitives.concrete.Zpstar; + import java.math.BigInteger; /** @@ -7,9 +9,11 @@ import java.math.BigInteger; */ public class Fp implements Arithmetic { public final BigInteger p; + private final Zpstar zp; public Fp(BigInteger p) { this.p = p; + this.zp = new Zpstar(p); } @Override @@ -24,30 +28,11 @@ public class Fp implements Arithmetic { @Override public BigInteger mul(BigInteger a,BigInteger b){ - return a.multiply(b).mod(p); + return zp.add(a,b); } @Override public BigInteger div(BigInteger a,BigInteger b){ - return mul(a,inv(b)); - } - - public BigInteger pow(BigInteger b,BigInteger e){ - if (e.compareTo(BigInteger.ZERO) < 0 ) { - return pow(inv(b), e.negate()); - } - BigInteger result = BigInteger.ONE; - while (e.compareTo(BigInteger.ZERO) > 0) { - if (e.testBit(0)) { - result = mul(result, b); - } - e = e.shiftRight(1); - b = mul(b, b); - } - return result; - } - - public BigInteger inv(BigInteger a){ - return pow(a,p.subtract(BigInteger.valueOf(2))); + return mul(a,zp.negate(b)); } } diff --git a/destributed-key-generation/src/main/java/Communication/MessageHandler.java b/destributed-key-generation/src/main/java/Communication/MessageHandler.java index 2d68be4..8cedf4e 100644 --- a/destributed-key-generation/src/main/java/Communication/MessageHandler.java +++ b/destributed-key-generation/src/main/java/Communication/MessageHandler.java @@ -9,7 +9,7 @@ public interface MessageHandler { void handelSecretMessage(int sender, boolean isBroadcast, Message message); void handelCommitmentMessage(int sender, boolean isBroadcast, Message message); void handelComplaintMessage(int sender, boolean isBroadcast, Message message); - void handelDoneMessage(int sender, boolean isBroadcast, Message message); //will be remove + void handelDoneMessage(int sender, boolean isBroadcast, Message message); void handelAnswerMessage(int sender, boolean isBroadcast, Message message); void handelAbortMessage(int sender, boolean isBroadcast, Message message); } diff --git a/destributed-key-generation/src/main/java/Communication/Network.java b/destributed-key-generation/src/main/java/Communication/Network.java index ca53991..541179e 100644 --- a/destributed-key-generation/src/main/java/Communication/Network.java +++ b/destributed-key-generation/src/main/java/Communication/Network.java @@ -10,7 +10,7 @@ import java.util.Set; import java.util.concurrent.ArrayBlockingQueue; /** * Created by Tzlil on 2/7/2016. - * JointFeldamn protocol assumes all parties can communicate throw broadcast chanel + * Joint Feldamn protocol assumes all parties can communicate throw broadcast chanel * and private chanel (for each pair) * this class simulates it */ diff --git a/destributed-key-generation/src/main/java/FeldmanVerifiableSecretSharing/VerifiableSecretSharing.java b/destributed-key-generation/src/main/java/FeldmanVerifiableSecretSharing/VerifiableSecretSharing.java index 521714d..4573c57 100644 --- a/destributed-key-generation/src/main/java/FeldmanVerifiableSecretSharing/VerifiableSecretSharing.java +++ b/destributed-key-generation/src/main/java/FeldmanVerifiableSecretSharing/VerifiableSecretSharing.java @@ -3,11 +3,8 @@ package FeldmanVerifiableSecretSharing; import ShamirSecretSharing.Polynomial; import ShamirSecretSharing.SecretSharing; -import java.util.Arrays; - import org.factcenter.qilin.primitives.Group; -import org.factcenter.qilin.primitives.concrete.Zpstar; - +import java.util.Arrays; import java.math.BigInteger; import java.util.Random; diff --git a/destributed-key-generation/src/main/java/JointFeldmanProtocol/DistributedKeyGeneration.java b/destributed-key-generation/src/main/java/JointFeldmanProtocol/DistributedKeyGeneration.java index 99feec6..d9ae852 100644 --- a/destributed-key-generation/src/main/java/JointFeldmanProtocol/DistributedKeyGeneration.java +++ b/destributed-key-generation/src/main/java/JointFeldmanProtocol/DistributedKeyGeneration.java @@ -17,7 +17,7 @@ import java.util.Set; * Created by Tzlil on 3/14/2016. */ public class DistributedKeyGeneration extends VerifiableSecretSharing { - public enum ComplainState{ + public enum ComplaintState { Non, Waiting,Disqualified,NonDisqualified } protected final int id; @@ -32,6 +32,7 @@ public class DistributedKeyGeneration extends VerifiableSecretSharing { for (int i = 1; i <= n ; i++){ this.parties[i - 1] = new DistributedKeyGenerationParty(i,n,t); } + this.parties[id - 1].share = getShare(id); } protected void setParties(DistributedKeyGenerationParty[] parties){ @@ -87,9 +88,21 @@ public class DistributedKeyGeneration extends VerifiableSecretSharing { return isValidSecret(party.share,party.commitments,id); } + /** + * + * @param secret + * @param commitments + * @param j + * @return verify(j,commitments,group) == g ^ secret.y mod q + */ public boolean isValidSecret(Polynomial.Point secret, BigInteger[] commitments, int j){ - BigInteger v = verify(j,commitments,group); - return group.multiply(g,secret.y).equals(v); + try{ + BigInteger v = verify(j,commitments,group); + return group.multiply(g,secret.y).equals(v); + } + catch (NullPointerException e){ + return false; + } } /** @@ -97,27 +110,22 @@ public class DistributedKeyGeneration extends VerifiableSecretSharing { * Pj verifies all the shares he received (using isValidSecret) * if check fails for an index i, Pj broadcasts a complaint against Pi. */ - public void broadcastComplains(User user){ - DKGMessages.IDMessage complaint; + public void broadcastComplaints(User user){ for (int i = 1; i <= n ; i++ ){ - if(i != id && !parties[i - 1].aborted) { - sendComplain(user,i); + if(i != id && !isValidSecret(i)) { + broadcastComplaint(user,i); } } } - protected void sendComplain(User user,int i){ - DKGMessages.IDMessage complaint; - if (!isValidSecret(i)) { - //message = new Message(Type.Complaint, j) - complaint = DKGMessages.IDMessage.newBuilder() - .setId(i) - .build(); - user.broadcast(DKGMessages.Mail.Type.COMPLAINT, complaint); - } + private void broadcastComplaint(User user, int i){ + //message = new Message(Type.Complaint, j) + DKGMessages.IDMessage complaint = DKGMessages.IDMessage.newBuilder() + .setId(i) + .build(); + user.broadcast(DKGMessages.Mail.Type.COMPLAINT, complaint); } - public void broadcastComplaintAnswer(User user, int j){ user.broadcast(DKGMessages.Mail.Type.ANSWER, DKGMessages.SecretMessage.newBuilder() .setI(id) @@ -131,9 +139,9 @@ public class DistributedKeyGeneration extends VerifiableSecretSharing { * if more than t players complain against a player Pi he is disqualified. */ public void answerAllComplainingPlayers(User user){ - ComplainState[] complains = parties[id - 1].complaints; + ComplaintState[] complaints = parties[id - 1].complaints; for (int i = 1; i <= n ; i++) { - switch (complains[i - 1]) { + switch (complaints[i - 1]) { case Waiting: broadcastComplaintAnswer(user,i); break; @@ -143,20 +151,6 @@ public class DistributedKeyGeneration extends VerifiableSecretSharing { } } - protected boolean isPartyCompletedStage1(int i){ - if(parties[i - 1].aborted){ - if(parties[i - 1].share == null){ - return false; - } - for (int k = 0; k <= t ; k++){ - if(parties[i - 1].commitments[k] == null){ - return false; - } - } - } - return true; - } - /** * stage3.2 according to the protocol * if any of the revealed shares fails the verification test, player Pi is disqualified. @@ -167,11 +161,11 @@ public class DistributedKeyGeneration extends VerifiableSecretSharing { boolean nonDisqualified; int counter; for (int i = 1; i <= n; i++){ - ComplainState[] complains = parties[i - 1].complaints; + ComplaintState[] complaints = parties[i - 1].complaints; nonDisqualified = true; counter = 0; for (int j = 1; j <= n; j++){ - switch (complains[j - 1]) { + switch (complaints[j - 1]) { case Non: break; case NonDisqualified: @@ -182,7 +176,7 @@ public class DistributedKeyGeneration extends VerifiableSecretSharing { if(!nonDisqualified) break; } - if(nonDisqualified && counter <= t && isPartyCompletedStage1(i)){ + if(nonDisqualified && counter <= t){ QUAL.add(i); } } @@ -228,6 +222,10 @@ public class DistributedKeyGeneration extends VerifiableSecretSharing { return new Polynomial.Point(BigInteger.valueOf(id) , xj.mod(q)); } + /** + * getter + * @return id + */ public int getId() { return id; } diff --git a/destributed-key-generation/src/main/java/JointFeldmanProtocol/DistributedKeyGenerationParty.java b/destributed-key-generation/src/main/java/JointFeldmanProtocol/DistributedKeyGenerationParty.java index 617ea08..878ab66 100644 --- a/destributed-key-generation/src/main/java/JointFeldmanProtocol/DistributedKeyGenerationParty.java +++ b/destributed-key-generation/src/main/java/JointFeldmanProtocol/DistributedKeyGenerationParty.java @@ -7,21 +7,24 @@ import java.util.Arrays; /** * Created by Tzlil on 3/14/2016. + * + * contains all relevant information on specific party during + * the run of Joint Feldamn protocol */ public class DistributedKeyGenerationParty { public final int id; public Polynomial.Point share; public BigInteger[] commitments; public boolean doneFlag; - public DistributedKeyGeneration.ComplainState[] complaints; + public DistributedKeyGeneration.ComplaintState[] complaints; public boolean aborted; public DistributedKeyGenerationParty(int id, int n, int t) { this.id = id; this.share = null; this.doneFlag = false; - this.complaints = new DistributedKeyGeneration.ComplainState[n]; - Arrays.fill(this.complaints, DistributedKeyGeneration.ComplainState.Non); + this.complaints = new DistributedKeyGeneration.ComplaintState[n]; + Arrays.fill(this.complaints, DistributedKeyGeneration.ComplaintState.Non); this.commitments = new BigInteger[t + 1]; this.aborted = false; } diff --git a/destributed-key-generation/src/main/java/JointFeldmanProtocol/DistributedKeyGenerationUserImpl.java b/destributed-key-generation/src/main/java/JointFeldmanProtocol/DistributedKeyGenerationUserImpl.java index 578b1e5..6287526 100644 --- a/destributed-key-generation/src/main/java/JointFeldmanProtocol/DistributedKeyGenerationUserImpl.java +++ b/destributed-key-generation/src/main/java/JointFeldmanProtocol/DistributedKeyGenerationUserImpl.java @@ -13,13 +13,15 @@ import org.factcenter.qilin.primitives.Group; import java.math.BigInteger; import java.util.Arrays; import java.util.Set; -import JointFeldmanProtocol.DistributedKeyGeneration.ComplainState; +import JointFeldmanProtocol.DistributedKeyGeneration.ComplaintState; /** * Created by Tzlil on 3/14/2016. */ public class DistributedKeyGenerationUserImpl implements DistributedKeyGenerationUser { + protected final static int SleepTime = 300; + protected final DistributedKeyGeneration dkg; protected final BigInteger g; @@ -52,9 +54,6 @@ public class DistributedKeyGenerationUserImpl implements DistributedKeyGeneratio mailHandler.setMessageHandler(this.messageHandler); this.user = network.connect(mailHandler,dkg.getId()); this.parties = dkg.getParties(); - - this.parties[id - 1].share = dkg.getShare(id); - this.QUAL = null; this.commitments = null; this.share = null; @@ -71,6 +70,31 @@ public class DistributedKeyGenerationUserImpl implements DistributedKeyGeneratio dkg.sendSecrets(user); } + protected void waitUntilStageOneCompleted(){ + // all parties send their share or aborted + for (int i = 0 ; i < n ; i++){ + while (parties[i].share == null && !parties[i].aborted){ + try { + Thread.sleep(SleepTime); + } catch (InterruptedException e) { + // do nothing + } + } + } + // all parties broadcast their commitments or aborted + for (int i = 0 ; i < n ; i++){ + for (int k = 0 ; k <= t ; k++) { + while (parties[i].commitments[k] == null && !parties[i].aborted) { + try { + Thread.sleep(SleepTime); + } catch (InterruptedException e) { + // do nothing + } + } + } + } + } + /** * stage2 according to the protocol * Pj verifies all the shares he received @@ -78,18 +102,26 @@ public class DistributedKeyGenerationUserImpl implements DistributedKeyGeneratio * Pj broadcasts done message at the end of this stage */ protected void stage2(){ - Polynomial.Point[] shares = new Polynomial.Point[n]; - BigInteger[][] commitmentsTable = new BigInteger[n][]; - for (int i = 0 ; i < n ; i++){ - shares[i] = parties[i].share; - commitmentsTable[i] = parties[i].commitments; - } - dkg.broadcastComplains(user); + dkg.broadcastComplaints(user); //broadcast done message after all complaints DKGMessages.EmptyMessage doneMessage = DKGMessages.EmptyMessage.newBuilder().build(); user.broadcast(DKGMessages.Mail.Type.DONE,doneMessage); } + + protected void waitUntilStageTwoCompleted(){ + // all parties done or aborted + for (int i = 0 ; i < n ; i++){ + while (!parties[i].doneFlag && !parties[i].aborted){ + try { + Thread.sleep(SleepTime); + } catch (InterruptedException e) { + // do nothing + } + } + } + } + /** * stage3 according to the protocol * 1. if more than t players complain against a player Pi he is disqualified. @@ -99,13 +131,12 @@ public class DistributedKeyGenerationUserImpl implements DistributedKeyGeneratio */ protected void stage3(){ dkg.answerAllComplainingPlayers(user); - // wait until there is no complaint waiting for answer for (int i = 0; i < n; i++){ for (int j = 0; j < n; j++){ - while (parties[i].complaints[j].equals(ComplainState.Waiting) && !parties[i].aborted){ + while (parties[i].complaints[j].equals(ComplaintState.Waiting) && !parties[i].aborted){ try { - Thread.sleep(300); + Thread.sleep(SleepTime); } catch (InterruptedException e) { // do nothing } @@ -127,49 +158,23 @@ public class DistributedKeyGenerationUserImpl implements DistributedKeyGeneratio this.share = dkg.calcShare(QUAL); } - protected void endOfStage1(){ - for (int i = 0 ; i < n ; i++){ - while (parties[i].share == null && !parties[i].aborted){ - try { - Thread.sleep(300); - } catch (InterruptedException e) { - // do nothing - } - } - } - - for (int i = 0 ; i < n ; i++){ - for (int k = 0 ; k <= t ; k++) { - while (parties[i].commitments[k] == null && !parties[i].aborted) { - try { - Thread.sleep(300); - } catch (InterruptedException e) { - // do nothing - } - } - } - } + protected void startReceiver(){ + user.getReceiverThread().start(); + } + protected void stopReceiver(){ + user.getReceiverThread().interrupt(); } @Override public void run() { - user.getReceiverThread().start(); + startReceiver(); stage1(); - endOfStage1(); + waitUntilStageOneCompleted(); stage2(); - for (int i = 0 ; i < n ; i++){ - while (!parties[i].doneFlag && !parties[i].aborted){ - try { - Thread.sleep(300); - } catch (InterruptedException e) { - // do nothing - } - } - } - + waitUntilStageTwoCompleted(); stage3(); stage4(); - user.getReceiverThread().interrupt(); + stopReceiver(); } @Override @@ -217,40 +222,23 @@ public class DistributedKeyGenerationUserImpl implements DistributedKeyGeneratio return QUAL; } + protected class MessageHandler implements Communication.MessageHandler{ - protected boolean isValidComplaintMessage(int sender, boolean isBroadcast, DKGMessages.IDMessage complaintMessage){ - int i = sender; - int j = complaintMessage.getId(); - return isBroadcast && parties[i - 1].complaints[j - 1].equals( ComplainState.Non); - } - - @Override - public void handelComplaintMessage(int sender, boolean isBroadcast, Message message) { - DKGMessages.IDMessage complaintMessage = (DKGMessages.IDMessage)message; - if(isValidComplaintMessage(sender,isBroadcast,complaintMessage)){ - int i = sender; - int j = complaintMessage.getId(); - parties[j - 1].complaints[i - 1] = ComplainState.Waiting; - } - } - - protected boolean isValidDoneMessage(int sender, boolean isBroadcast){ - return isBroadcast && !parties[sender - 1].doneFlag; - } - - @Override - public void handelDoneMessage(int sender, boolean isBroadcast,Message message) { - if(isValidDoneMessage(sender,isBroadcast)) { - parties[sender - 1].doneFlag = true; - } - } + /** + * commitment message is valid if: + * 1. it was received in broadcast chanel + * 2. the sender didn't sent this commitment before + */ protected boolean isValidCommitmentMessage(int sender, boolean isBroadcast, DKGMessages.CommitmentMessage commitmentMessage){ int i = sender - 1; int k = commitmentMessage.getK(); return isBroadcast && parties[i].commitments[k] == null; } + /** + * saves the commitment + */ @Override public void handelCommitmentMessage(int sender, boolean isBroadcast, Message message) { DKGMessages.CommitmentMessage commitmentMessage = (DKGMessages.CommitmentMessage) message; @@ -261,6 +249,13 @@ public class DistributedKeyGenerationUserImpl implements DistributedKeyGeneratio } } + /** + * secret message is valid if: + * 1. it was received in private chanel + * 2. the sender didn't sent secret message before + * 3. secret.i == i + * 4. secret.j == id + */ protected boolean isValidSecretMessage(int sender, boolean isBroadcast, DKGMessages.SecretMessage secretMessage){ int i = secretMessage.getI(); int j = secretMessage.getJ(); @@ -271,6 +266,9 @@ public class DistributedKeyGenerationUserImpl implements DistributedKeyGeneratio } + /** + * saves the secret + */ @Override public void handelSecretMessage(int sender, boolean isBroadcast, Message message) { DKGMessages.SecretMessage secretMessage = (DKGMessages.SecretMessage) message; @@ -281,15 +279,70 @@ public class DistributedKeyGenerationUserImpl implements DistributedKeyGeneratio } } + /** + * done message is valid if: + * 1. it was received in broadcast chanel + * 2. the sender didn't sent done message before + */ + protected boolean isValidDoneMessage(int sender, boolean isBroadcast){ + return isBroadcast && !parties[sender - 1].doneFlag; + } + + /** + * marks that the sender was finished sending all his complaints + */ + @Override + public void handelDoneMessage(int sender, boolean isBroadcast,Message message) { + if(isValidDoneMessage(sender,isBroadcast)) { + parties[sender - 1].doneFlag = true; + } + } + + /** + * complaint message is valid if: + * 1. it was received in broadcast chanel + * 2. the sender didn't complained against id before + */ + protected boolean isValidComplaintMessage(int sender, boolean isBroadcast, DKGMessages.IDMessage complaintMessage){ + int i = sender; + int j = complaintMessage.getId(); + return isBroadcast && parties[i - 1].complaints[j - 1].equals( ComplaintState.Non); + } + + /** + * marks that the sender was complained against id + */ + @Override + public void handelComplaintMessage(int sender, boolean isBroadcast, Message message) { + DKGMessages.IDMessage complaintMessage = (DKGMessages.IDMessage)message; + if(isValidComplaintMessage(sender,isBroadcast,complaintMessage)){ + int i = sender; + int j = complaintMessage.getId(); + parties[j - 1].complaints[i - 1] = ComplaintState.Waiting; + } + } + + /** + * answer message is valid if: + * 1. it was received in broadcast chanel + * 2. secret.i == i + * 3. 1 <= secret.j <= n + * 4. it is marked that j complained against i and i didn't received + */ protected boolean isValidAnswerMessage(int sender, boolean isBroadcast, DKGMessages.SecretMessage secretMessage){ int i = secretMessage.getI(); int j = secretMessage.getJ(); if(sender != i || !isBroadcast) return false; else - return j >= 1 && j <= n && parties[i - 1].complaints[j - 1].equals(ComplainState.Waiting); + return j >= 1 && j <= n && parties[i - 1].complaints[j - 1].equals(ComplaintState.Waiting); } + /** + * if the secret is valid, marks the complaint as NonDisqualified + * else marks it as Disqualified + * in case that the complainer is id ( j == id ), saves the secret + */ @Override public void handelAnswerMessage(int sender, boolean isBroadcast, Message message) { DKGMessages.SecretMessage secretMessage = (DKGMessages.SecretMessage) message; @@ -297,13 +350,20 @@ public class DistributedKeyGenerationUserImpl implements DistributedKeyGeneratio int i = secretMessage.getI(); int j = secretMessage.getJ(); Polynomial.Point secret = extractSecret(j,secretMessage.getSecret()); - if (dkg.isValidSecret(secret, parties[i - 1].commitments, j)) - parties[i - 1].complaints[j - 1] = ComplainState.NonDisqualified; - else - parties[i - 1].complaints[j - 1] = ComplainState.Disqualified; + if (dkg.isValidSecret(secret, parties[i - 1].commitments, j)) { + parties[i - 1].complaints[j - 1] = ComplaintState.NonDisqualified; + } else { + parties[i - 1].complaints[j - 1] = ComplaintState.Disqualified; + } + if(j == id){ + parties[i - 1].share = secret; + } } } + /** + * marks that the sender was aborted + */ @Override public void handelAbortMessage(int sender, boolean isBroadcast, Message message) { parties[sender - 1].aborted = true; @@ -314,6 +374,7 @@ public class DistributedKeyGenerationUserImpl implements DistributedKeyGeneratio BigInteger y = new BigInteger(secret.toByteArray()); return new Polynomial.Point(x,y); } + public BigInteger extractCommitment(DKGMessages.CommitmentMessage commitmentMessage){ return new BigInteger(commitmentMessage.getCommitment().toByteArray()); } diff --git a/destributed-key-generation/src/main/java/SecureDistributedKeyGenerationForDiscreteLogBasedCryptosystem/SecureDistributedKeyGeneration.java b/destributed-key-generation/src/main/java/SecureDistributedKeyGenerationForDiscreteLogBasedCryptosystem/SecureDistributedKeyGeneration.java index 4a05125..92c29f3 100644 --- a/destributed-key-generation/src/main/java/SecureDistributedKeyGenerationForDiscreteLogBasedCryptosystem/SecureDistributedKeyGeneration.java +++ b/destributed-key-generation/src/main/java/SecureDistributedKeyGenerationForDiscreteLogBasedCryptosystem/SecureDistributedKeyGeneration.java @@ -10,6 +10,7 @@ import org.factcenter.qilin.primitives.Group; import java.math.BigInteger; import java.util.Random; +import java.util.Set; /** * Created by Tzlil on 3/16/2016. @@ -30,28 +31,21 @@ public class SecureDistributedKeyGeneration extends DistributedKeyGeneration { for (int i = 1; i <= n ; i++){ this.parties[i - 1] = new SecureDistributedKeyGenerationParty(i,n,t); } - setParties(parties); + this.parties[id - 1].share = getShare(id); + this.parties[id - 1].shareT = verifiableSecretSharing.getShare(id); + super.setParties(parties); } protected SecureDistributedKeyGenerationParty[] getParties(){ return parties; } - @Override - protected boolean isPartyCompletedStage1(int i){ - if(parties[i - 1].aborted){ - if(parties[i - 1].share == null){ - return false; - } - for (int k = 0; k <= t ; k++){ - if(parties[i - 1].verifiableValues[k] == null){ - return false; - } - } - } - return true; + protected void setParties(SecureDistributedKeyGenerationParty[] parties) { + super.setParties(parties); + this.parties = parties; } + @Override public void sendSecret(User user, int j) { Polynomial.Point secret = getShare(j); @@ -60,49 +54,52 @@ public class SecureDistributedKeyGeneration extends DistributedKeyGeneration { user.send(j, DKGMessages.Mail.Type.SECRET, doubleSecretMessage); } + @Override public boolean isValidSecret(int i){ SecureDistributedKeyGenerationParty party = parties[i - 1]; - return isValidSecret(party.share,party.shareT,party.verifiableValues, id); + return isValidSecret(party.share, party.shareT, party.verifiableValues, id); } + /** + * @param secret + * @param secretT + * @param verificationValues + * @param j + * @return verify(j,verificationValues,group) == (g ^ secret.y) * (h ^ secretT.y) mod q + */ public boolean isValidSecret(Polynomial.Point secret,Polynomial.Point secretT, BigInteger[] verificationValues, int j){ - BigInteger v = verify(j,verificationValues,group); - BigInteger exp = group.add(group.multiply(g, secret.y),group.multiply(h, secretT.y)); - return exp.equals(v); + try { + BigInteger v = verify(j, verificationValues, group); + BigInteger exp = group.add(group.multiply(g, secret.y), group.multiply(h, secretT.y)); + return exp.equals(v); + } + catch (NullPointerException e){ + return false; + } } - public void broadcastComplaint(User user,Polynomial.Point secret,Polynomial.Point secretT,int i){ + private void broadcastComplaint(User user,Polynomial.Point secret,Polynomial.Point secretT,int i){ DKGMessages.DoubleSecretMessage complaint = doubleSecretMessage(i,id,secret,secretT); user.broadcast(DKGMessages.Mail.Type.COMPLAINT,complaint); } - public void broadcastAnswer(User user,Polynomial.Point secret,Polynomial.Point secretT,int i){ - DKGMessages.DoubleSecretMessage complaint = doubleSecretMessage(i,id,secret,secretT); - user.broadcast(DKGMessages.Mail.Type.ANSWER,complaint); - } - /** * stage4.3 according to the protocol * if check fails for index i, Pj */ - public void broadcastComplaints(User user, boolean stage4){ - if(!stage4){ - super.broadcastComplains(user); - }else{ - SecureDistributedKeyGenerationParty party; - for (int i = 1; i <= n ; i++ ){ - party = parties[i - 1]; - if(i != id && !party.aborted) { - if (!super.isValidSecret(party.share,party.commitments,id)) { - broadcastComplaint(user,party.share,party.shareT,i); - } + public void broadcastComplaints(User user, Set QUAL){ + SecureDistributedKeyGenerationParty party; + for (int i : QUAL) { + party = parties[i - 1]; + if (i != id) { + if (!super.isValidSecret(party.share, party.commitments, id)) { + broadcastComplaint(user, party.share, party.shareT, i); } } } } - public void broadcastVerificationValues(User user){ BigInteger[] verificationValues = new BigInteger[t + 1]; BigInteger[] hBaseCommitments = verifiableSecretSharing.getCommitmentsArray(); @@ -128,4 +125,13 @@ public class SecureDistributedKeyGeneration extends DistributedKeyGeneration { ,verifiableSecretSharing.getShare(j)); user.broadcast(DKGMessages.Mail.Type.ANSWER,answer); } + + public void broadcastAnswer(User user,Polynomial.Point secret,Polynomial.Point secretT,int i){ + DKGMessages.DoubleSecretMessage complaint = doubleSecretMessage(i,id,secret,secretT); + user.broadcast(DKGMessages.Mail.Type.ANSWER,complaint); + } + + public BigInteger getH() { + return h; + } } diff --git a/destributed-key-generation/src/main/java/SecureDistributedKeyGenerationForDiscreteLogBasedCryptosystem/SecureDistributedKeyGenerationMailHandler.java b/destributed-key-generation/src/main/java/SecureDistributedKeyGenerationForDiscreteLogBasedCryptosystem/SecureDistributedKeyGenerationMailHandler.java index bad5d07..9b4752e 100644 --- a/destributed-key-generation/src/main/java/SecureDistributedKeyGenerationForDiscreteLogBasedCryptosystem/SecureDistributedKeyGenerationMailHandler.java +++ b/destributed-key-generation/src/main/java/SecureDistributedKeyGenerationForDiscreteLogBasedCryptosystem/SecureDistributedKeyGenerationMailHandler.java @@ -30,7 +30,7 @@ public class SecureDistributedKeyGenerationMailHandler extends MailHandler { message = DKGMessages.CommitmentMessage.parseFrom(mail.getMessage()); break; case COMPLAINT: - if(isStage4) + if(!isStage4) message = DKGMessages.IDMessage.parseFrom(mail.getMessage()); else message = DKGMessages.DoubleSecretMessage.parseFrom(mail.getMessage()); diff --git a/destributed-key-generation/src/main/java/SecureDistributedKeyGenerationForDiscreteLogBasedCryptosystem/SecureDistributedKeyGenerationParty.java b/destributed-key-generation/src/main/java/SecureDistributedKeyGenerationForDiscreteLogBasedCryptosystem/SecureDistributedKeyGenerationParty.java index 3d933a9..ea36136 100644 --- a/destributed-key-generation/src/main/java/SecureDistributedKeyGenerationForDiscreteLogBasedCryptosystem/SecureDistributedKeyGenerationParty.java +++ b/destributed-key-generation/src/main/java/SecureDistributedKeyGenerationForDiscreteLogBasedCryptosystem/SecureDistributedKeyGenerationParty.java @@ -9,16 +9,20 @@ import java.util.Set; /** * Created by Tzlil on 3/16/2016. + * + * an extension of DistributedKeyGenerationParty + * contains all relevant information on specific party during + * the run of the safe protocol */ public class SecureDistributedKeyGenerationParty extends DistributedKeyGenerationParty { - - public Polynomial.Point shareT; + public boolean ysDoneFlag; public BigInteger[] verifiableValues; public Set restoreSharesSet; public SecureDistributedKeyGenerationParty(int id, int n, int t) { super(id, n, t); this.shareT = null; + this.ysDoneFlag = false; this.verifiableValues = new BigInteger[t + 1]; this.restoreSharesSet = new HashSet(); } diff --git a/destributed-key-generation/src/main/java/SecureDistributedKeyGenerationForDiscreteLogBasedCryptosystem/SecureDistributedKeyGenerationUserImpl.java b/destributed-key-generation/src/main/java/SecureDistributedKeyGenerationForDiscreteLogBasedCryptosystem/SecureDistributedKeyGenerationUserImpl.java index 778a5d2..66751eb 100644 --- a/destributed-key-generation/src/main/java/SecureDistributedKeyGenerationForDiscreteLogBasedCryptosystem/SecureDistributedKeyGenerationUserImpl.java +++ b/destributed-key-generation/src/main/java/SecureDistributedKeyGenerationForDiscreteLogBasedCryptosystem/SecureDistributedKeyGenerationUserImpl.java @@ -17,9 +17,10 @@ import java.math.BigInteger; */ public class SecureDistributedKeyGenerationUserImpl extends DistributedKeyGenerationUserImpl { - private final SecureDistributedKeyGeneration sdkg; - private SecureDistributedKeyGenerationParty[] parties; + protected SecureDistributedKeyGenerationParty[] parties; + protected final SecureDistributedKeyGeneration sdkg; private Arithmetic arithmetic; + private boolean isStage4; public SecureDistributedKeyGenerationUserImpl(SecureDistributedKeyGeneration sdkg, Network network) { super(sdkg, network,new SecureDistributedKeyGenerationMailHandler(null)); @@ -28,6 +29,7 @@ public class SecureDistributedKeyGenerationUserImpl extends DistributedKeyGenera this.user.setMessageHandler(this.messageHandler); this.parties = sdkg.getParties(); this.arithmetic = new Fp(sdkg.getQ()); + this.isStage4 = false; } /** @@ -42,8 +44,9 @@ public class SecureDistributedKeyGenerationUserImpl extends DistributedKeyGenera } @Override - protected void endOfStage1(){ - super.endOfStage1(); + protected void waitUntilStageOneCompleted(){ + super.waitUntilStageOneCompleted(); + // save the received commitments as verification values BigInteger[] temp; for (int i = 0 ; i < n; i++){ temp = parties[i].verifiableValues; @@ -60,54 +63,54 @@ public class SecureDistributedKeyGenerationUserImpl extends DistributedKeyGenera */ @Override protected void stage2(){ - sdkg.broadcastComplains(user); + sdkg.broadcastComplaints(user); //broadcast done message after all complaints DKGMessages.EmptyMessage doneMessage = DKGMessages.EmptyMessage.newBuilder().build(); - isVerificationValue = false; user.broadcast(DKGMessages.Mail.Type.DONE,doneMessage); } private void ys(){ sdkg.broadcastCommitments(user); - //wait for receive all commitments from all i in QUAL + // wait until all parties in QUAL broadcast their commitments or aborted for (int i:QUAL) { for(int k = 0; k <= t; k++) { while (parties[i - 1].commitments[k] == null && !parties[i - 1].aborted) { try { - Thread.sleep(300); + Thread.sleep(SleepTime); } catch (InterruptedException e) { // do nothing } } } } - sdkg.broadcastComplaints(user,true); + sdkg.broadcastComplaints(user,QUAL); //broadcast done message after all complaints DKGMessages.EmptyMessage doneMessage = DKGMessages.EmptyMessage.newBuilder().build(); user.broadcast(DKGMessages.Mail.Type.DONE,doneMessage); + // wait until all parties in QUAL done or aborted for (int i:QUAL) { - while (parties[i - 1].doneFlag && !parties[i - 1].aborted) { + while (!parties[i - 1].ysDoneFlag && !parties[i - 1].aborted) { try { - Thread.sleep(300); + Thread.sleep(SleepTime); } catch (InterruptedException e) { // do nothing } } } - int counter = 0; + // broadcast i private secret foreach i in QUAL that aborted for (int i:QUAL) { if(parties[i - 1].aborted){ - counter++; sdkg.broadcastAnswer(user, parties[i - 1].share, parties[i - 1].shareT, i); } } + // wait until at least t + 1 secrets will received foreach i in QUAL that aborted for (int i:QUAL) { if(parties[i - 1].aborted){ - while (parties[i - 1].restoreSharesSet.size() < n - counter) { + while (parties[i - 1].restoreSharesSet.size() <= t) { try { - Thread.sleep(300); + Thread.sleep(SleepTime); } catch (InterruptedException e) { // do nothing } @@ -115,37 +118,50 @@ public class SecureDistributedKeyGenerationUserImpl extends DistributedKeyGenera } } + // restore necessary information for (int i = 0; i < n ; i++) { if(parties[i].restoreSharesSet.isEmpty()){ continue; } - try { - Polynomial.Point[] shares = new Polynomial.Point[parties[i].restoreSharesSet.size()]; - parties[i].restoreSharesSet.toArray(shares); - Polynomial polynomial = SecretSharing.restorePolynomial(shares,arithmetic); - BigInteger[] coefficients = polynomial.getCoefficients(); - for (int k = 0 ; k <= t; k++){ - parties[i].commitments[k] = group.multiply(g,coefficients[k]); + Polynomial.Point[] shares = new Polynomial.Point[t + 1]; + int j = 0; + for (Polynomial.Point share: parties[i].restoreSharesSet){ + shares[j++] = share; + if (j >= shares.length){ + break; } - parties[i].share = new Polynomial.Point(BigInteger.valueOf(id),polynomial); - - } catch (Exception e) { - // } + Polynomial polynomial = SecretSharing.restorePolynomial(shares,arithmetic); + BigInteger[] coefficients = polynomial.getCoefficients(); + for (int k = 0 ; k <= t; k++){ + parties[i].commitments[k] = group.multiply(g,coefficients[k]); + } + parties[i].share = new Polynomial.Point(BigInteger.valueOf(id),polynomial); } } + /** + * notifies mail handler that stage 4 was started + */ + protected void setStage4(){ + this.isStage4 = true; + SecureDistributedKeyGenerationMailHandler handler = + (SecureDistributedKeyGenerationMailHandler)user.getMailHandler(); + handler.setStage4(true); + } + @Override protected void stage4() { - isStage4 = true; - ((SecureDistributedKeyGenerationMailHandler)user.getMailHandler()).setStage4(true); + setStage4(); ys(); super.stage4(); } - boolean isStage4 = false; - boolean isVerificationValue = true; + private class MessageHandler extends DistributedKeyGenerationUserImpl.MessageHandler{ + /** + * as in super, with extension to double secret message + */ protected boolean isValidSecretMessage(int sender, boolean isBroadcast, DKGMessages.DoubleSecretMessage doubleSecretMessage) { DKGMessages.SecretMessage secretMessage = DKGMessages.SecretMessage.newBuilder() .setI(doubleSecretMessage.getI()) @@ -155,16 +171,26 @@ public class SecureDistributedKeyGenerationUserImpl extends DistributedKeyGenera return super.isValidSecretMessage(sender,isBroadcast,secretMessage); } + /** + * as in super, with extension to double secret message + */ @Override public void handelSecretMessage(int sender, boolean isBroadcast, Message message) { DKGMessages.DoubleSecretMessage doubleSecretMessage = (DKGMessages.DoubleSecretMessage)message; if (isValidSecretMessage(sender,isBroadcast,doubleSecretMessage)) { int i = doubleSecretMessage.getI(); - parties[i - 1].share = extractSecret(id, doubleSecretMessage.getSecret()); parties[i - 1].shareT = extractSecret(id, doubleSecretMessage.getSecretT()); } } + + /** + * if !isStage4 as super, with extension to double secret message + * else answer message is valid if: + * 1. it was received in broadcast chanel + * 2. secret.j == sender + * 3. QUAL contains i and j + */ protected boolean isValidAnswerMessage(int sender, boolean isBroadcast, DKGMessages.DoubleSecretMessage doubleSecretMessage) { if(!isStage4) { DKGMessages.SecretMessage secretMessage = DKGMessages.SecretMessage.newBuilder() @@ -176,10 +202,15 @@ public class SecureDistributedKeyGenerationUserImpl extends DistributedKeyGenera }else{ int i = doubleSecretMessage.getI(); int j = doubleSecretMessage.getJ(); - return isBroadcast && j == sender && QUAL.contains(i) && QUAL.contains(j); + return isBroadcast && j == sender && parties[i -1].aborted && !parties[j - 1].aborted + && QUAL.contains(i) && QUAL.contains(j); } } + /** + * if !isStage4 as super, with extension to double secret message + * else saves secret + */ @Override public void handelAnswerMessage(int sender, boolean isBroadcast, Message message) { DKGMessages.DoubleSecretMessage doubleSecretMessage = (DKGMessages.DoubleSecretMessage)message; @@ -190,9 +221,14 @@ public class SecureDistributedKeyGenerationUserImpl extends DistributedKeyGenera Polynomial.Point secretT = extractSecret(j, doubleSecretMessage.getSecretT()); if (!isStage4) { if (sdkg.isValidSecret(secret, secretT, parties[j - 1].verifiableValues, i)) { - parties[i - 1].complaints[j - 1] = DistributedKeyGeneration.ComplainState.NonDisqualified; + parties[i - 1].complaints[j - 1] = DistributedKeyGeneration.ComplaintState.NonDisqualified; + } else { - parties[i - 1].complaints[j - 1] = DistributedKeyGeneration.ComplainState.Disqualified; + parties[i - 1].complaints[j - 1] = DistributedKeyGeneration.ComplaintState.Disqualified; + } + if(j == id){ + parties[i - 1].share = secret; + parties[i - 1].shareT = secretT; } } else { parties[i - 1].restoreSharesSet.add(secret); @@ -200,35 +236,52 @@ public class SecureDistributedKeyGenerationUserImpl extends DistributedKeyGenera } } + /** + * as in super with respect to protocol stage + */ @Override protected boolean isValidDoneMessage(int sender, boolean isBroadcast) { if(!isStage4) { return super.isValidDoneMessage(sender, isBroadcast); }else{ - return isBroadcast && parties[sender - 1].doneFlag; + return isBroadcast && !parties[sender - 1].ysDoneFlag; } } + /** + * as in super with respect to protocol state + */ @Override public void handelDoneMessage(int sender, boolean isBroadcast, Message message) { if(!isStage4) super.handelDoneMessage(sender, isBroadcast, message); else{ if(isValidDoneMessage(sender,isBroadcast)) { - parties[sender - 1].doneFlag = false; + parties[sender - 1].ysDoneFlag = true; } } } + /** + * use only in stage4 + * complaint message is valid if: + * 1. it was received in broadcast chanel + * 2. secret.j == sender + * 3. QUAL contains i and j + */ protected boolean isValidComplaintMessage(int sender, boolean isBroadcast, - DKGMessages.DoubleSecretMessage ysComplaintMessage){ - int i = ysComplaintMessage.getI(); - int j = ysComplaintMessage.getJ(); + DKGMessages.DoubleSecretMessage complaintMessage){ + int i = complaintMessage.getI(); + int j = complaintMessage.getJ(); return isBroadcast && j == sender && QUAL.contains(i) && QUAL.contains(j); } - - + /** + * if !isStage4 as in super + * else if secret,secretT are valid with respect to verifiableValues but + * secret is not valid with respect to commitments then + * marks i as aborted + */ @Override public void handelComplaintMessage(int sender, boolean isBroadcast, Message message) { if(!isStage4) { @@ -240,10 +293,9 @@ public class SecureDistributedKeyGenerationUserImpl extends DistributedKeyGenera int j = ysComplaintMessage.getJ(); Polynomial.Point secret = extractSecret(i,ysComplaintMessage.getSecret()); Polynomial.Point secretT = extractSecret(i,ysComplaintMessage.getSecretT()); - if (sdkg.isValidSecret(secret, secretT, parties[i - 1].commitments, j) - && !sdkg.isValidSecret(secret,parties[i - 1].commitments, j)) { - parties[i - 1].restoreSharesSet.add(secret); - sdkg.broadcastAnswer(user, secret, secretT, i); + if (sdkg.isValidSecret(secret, secretT, parties[i - 1].verifiableValues, j) + && !dkg.isValidSecret(secret,parties[i - 1].commitments, j)) { + parties[i - 1].aborted = true; } } } diff --git a/destributed-key-generation/src/main/java/ShamirSecretSharing/LagrangePolynomial.java b/destributed-key-generation/src/main/java/ShamirSecretSharing/LagrangePolynomial.java index d3815ff..6fd93ce 100644 --- a/destributed-key-generation/src/main/java/ShamirSecretSharing/LagrangePolynomial.java +++ b/destributed-key-generation/src/main/java/ShamirSecretSharing/LagrangePolynomial.java @@ -1,5 +1,7 @@ package ShamirSecretSharing; +import Arithmetics.Arithmetic; + import java.math.BigInteger; /** @@ -34,29 +36,29 @@ class LagrangePolynomial{ * static method * @param points array points s.t there are no couple of points that shares the same x value * - * @return the lagrange polynomials that mach to given points - * - * @throws Exception there exists i != j s.t points[i].x == points[j].x + * @return the lagrange polynomials that mach to given points. + * in case there exists i != j s.t points[i].x == points[j].x returns null. */ - public static LagrangePolynomial[] lagrangePolynomials(Polynomial.Point[] points) throws Exception { + public static LagrangePolynomial[] lagrangePolynomials(Polynomial.Point[] points,Arithmetic arithmetic) { + Polynomial one = new Polynomial(new BigInteger[]{BigInteger.ONE},arithmetic); LagrangePolynomial[] lagrangePolynomials = new LagrangePolynomial[points.length]; Polynomial[] factors = new Polynomial[points.length]; for (int i = 0 ; i < factors.length ; i++){ - factors[i] = new Polynomial(new BigInteger[]{BigInteger.ZERO.subtract(points[i].x),BigInteger.ONE}); // X - Xi + factors[i] = new Polynomial(new BigInteger[]{points[i].x.negate(),BigInteger.ONE},arithmetic); // X - Xi } Polynomial product; BigInteger divisor; for(int i = 0; i < points.length; i ++) { - product = Polynomial.ONE; + product = one; divisor = BigInteger.ONE; for (int j = 0; j < points.length; j++) { if (i != j) { - divisor = divisor.multiply(points[i].x.subtract(points[j].x)); + divisor = arithmetic.mul(divisor,arithmetic.sub(points[i].x,points[j].x)); product = product.mul(factors[j]); } } if(divisor.equals(BigInteger.ZERO)) - throw new Exception(); + return null; lagrangePolynomials[i] = new LagrangePolynomial(product,points[i].y,divisor); } return lagrangePolynomials; diff --git a/destributed-key-generation/src/main/java/ShamirSecretSharing/Polynomial.java b/destributed-key-generation/src/main/java/ShamirSecretSharing/Polynomial.java index 119cf61..ac7fc79 100644 --- a/destributed-key-generation/src/main/java/ShamirSecretSharing/Polynomial.java +++ b/destributed-key-generation/src/main/java/ShamirSecretSharing/Polynomial.java @@ -1,7 +1,6 @@ package ShamirSecretSharing; import Arithmetics.Arithmetic; -import Arithmetics.Z; import java.math.BigInteger; import java.util.Arrays; @@ -10,7 +9,6 @@ import java.util.Arrays; * Created by Tzlil on 1/27/2016. */ public class Polynomial implements Comparable { - public static final Polynomial ONE = new Polynomial(new BigInteger[]{BigInteger.ONE}); private final int degree; private final BigInteger[] coefficients; private final Arithmetic arithmetic; @@ -18,12 +16,9 @@ public class Polynomial implements Comparable { /** * constructor * @param coefficients + * @param arithmetic * degree set as max index such that coefficients[degree] not equals zero */ - public Polynomial(BigInteger[] coefficients) { - this(coefficients,new Z()); - } - public Polynomial(BigInteger[] coefficients,Arithmetic arithmetic) { int d = coefficients.length - 1; while (d > 0 && coefficients[d].equals(BigInteger.ZERO)){ @@ -34,7 +29,9 @@ public class Polynomial implements Comparable { this.arithmetic = arithmetic; } - + /* + * use for tests + */ @Override public int compareTo(Polynomial other) { if (this.degree != other.degree) @@ -49,15 +46,6 @@ public class Polynomial implements Comparable { return 0; } - @Override - public String toString() { - return "ShamirSecretSharing.PolynomialTests{" + - "degree=" + degree + - ", coefficients=" + java.util.Arrays.toString(coefficients) + - '}'; - } - - /** * @param x * @return sum of coefficients[i] * (x ^ i) @@ -76,8 +64,11 @@ public class Polynomial implements Comparable { * @param points * @return polynomial of minimal degree which goes through all points */ - public static Polynomial interpolation(Point[] points, Arithmetic arithmetic) throws Exception { - LagrangePolynomial[] l = LagrangePolynomial.lagrangePolynomials(points); + public static Polynomial interpolation(Point[] points, Arithmetic arithmetic) { + LagrangePolynomial[] l = LagrangePolynomial.lagrangePolynomials(points,arithmetic); + if (l == null){ + return null; + } // product = product of l[i].divisor BigInteger product = BigInteger.ONE; for (int i = 0; i < l.length;i++){ diff --git a/destributed-key-generation/src/main/java/ShamirSecretSharing/SecretSharing.java b/destributed-key-generation/src/main/java/ShamirSecretSharing/SecretSharing.java index 877d272..0f424f9 100644 --- a/destributed-key-generation/src/main/java/ShamirSecretSharing/SecretSharing.java +++ b/destributed-key-generation/src/main/java/ShamirSecretSharing/SecretSharing.java @@ -4,6 +4,7 @@ import Arithmetics.Arithmetic; import Arithmetics.Fp; import java.math.BigInteger; +import java.util.Collection; import java.util.Random; /** @@ -67,13 +68,12 @@ public class SecretSharing{ public static BigInteger restoreSecret(Polynomial.Point[] shares,Arithmetic arithmetic) throws Exception { return restorePolynomial(shares,arithmetic).image(BigInteger.ZERO); } - /** * @param shares - subset of the original shares * * @return interpolation(shares) */ - public static Polynomial restorePolynomial(Polynomial.Point[] shares,Arithmetic arithmetic) throws Exception { + public static Polynomial restorePolynomial(Polynomial.Point[] shares,Arithmetic arithmetic) { return Polynomial.interpolation(shares,arithmetic); } diff --git a/destributed-key-generation/src/test/java/JointFeldmanProtocol/DKGDeepTest.java b/destributed-key-generation/src/test/java/JointFeldmanProtocol/DKGDeepTest.java deleted file mode 100644 index a50c75c..0000000 --- a/destributed-key-generation/src/test/java/JointFeldmanProtocol/DKGDeepTest.java +++ /dev/null @@ -1,174 +0,0 @@ -package JointFeldmanProtocol; - -import Arithmetics.Arithmetic; -import Arithmetics.Fp; -import Communication.Network; -import FeldmanVerifiableSecretSharing.VerifiableSecretSharing; -import ShamirSecretSharing.Polynomial; -import ShamirSecretSharing.SecretSharing; -import UserInterface.DistributedKeyGenerationUser; -import org.factcenter.qilin.primitives.Group; -import org.factcenter.qilin.primitives.concrete.Zpstar; -import org.junit.Before; -import org.junit.Test; - -import java.lang.reflect.Array; -import java.math.BigInteger; -import java.util.ArrayList; -import java.util.HashSet; -import java.util.Random; -import java.util.Set; - -/** - * Created by Tzlil on 3/21/2016. - */ -public class DKGDeepTest { - - int tests = 10; - BigInteger p = BigInteger.valueOf(2903); - BigInteger q = p.subtract(BigInteger.ONE).divide(BigInteger.valueOf(2)); - Group group = new Zpstar(p); - Arithmetic arithmetic = new Fp(q); - int t = 9; - int n = 20; - - Testable[] testables; - - @Before - public void settings(){ - testables = new Testable[n]; - for (int i = 0; i < tests; i++){ - testables[i] = new Testable(new Random()); - } - } - - public void oneTest(int test) throws Exception { - Testable testable = testables[test]; - for (int i = 0; i < testable.threads.length ; i++){ - testable.threads[i].start(); - } - for (int i = 0; i < testable.threads.length ; i++){ - testable.threads[i].join(); - } - - // got the right public value - BigInteger publicValue = group.multiply(testable.g,testable.secret); - for (int i: testable.QUAL){ - if(!testable.aborted.contains(i)) - assert (testable.dkgs[i - 1].getPublicValue().equals(publicValue)); - } - - // assert valid verification values - BigInteger expected,verification; - for (int i: testable.QUAL){ - if(!testable.aborted.contains(i)) { - expected = group.multiply(testable.g, testable.dkgs[i - 1].getShare().y); - verification = VerifiableSecretSharing.verify(i, testable.dkgs[i - 1].getCommitments(), group); - assert (expected.equals(verification)); - } - } - - - // restore the secret from shares - ArrayList sharesList = new ArrayList(); - - for(int i : testable.QUAL){ - if(!testable.aborted.contains(i)) - sharesList.add(testable.dkgs[i - 1].getShare()); - } - Polynomial.Point[] shares = new Polynomial.Point[sharesList.size()]; - for (int i = 0; i < shares.length; i ++){ - shares[i] = sharesList.get(i); - } - - BigInteger calculatedSecret = SecretSharing.restoreSecret(shares,arithmetic); - assert (calculatedSecret.equals(testable.secret)); - } - - @Test - public void test() throws Exception { - for (int i = 0; i < tests; i++){ - oneTest(i); - } - } - - class Testable{ - Set QUAL; - Set aborted; - Set malicious; - DistributedKeyGenerationUser[] dkgs; - Thread[] threads; - BigInteger g; - BigInteger secret; - public Testable(Random random) { - - this.dkgs = new DistributedKeyGenerationUserImpl[n]; - this.QUAL = new HashSet(); - this.aborted = new HashSet(); - this.malicious = new HashSet(); - this.threads = new Thread[n]; - this.g = sampleGenerator(random); - ArrayList ids = new ArrayList(); - for (int id = 1; id<= n ; id++){ - ids.add(id); - } - Network network = new Network(n); - int id; - BigInteger s; - DistributedKeyGeneration dkg; - this.secret = BigInteger.ZERO; - while (!ids.isEmpty()) { - id = ids.remove(random.nextInt(ids.size())); - s = randomIntModQ(random); - dkg = new DistributedKeyGeneration(t, n, s, random, q, g, group, id); - dkgs[id - 1] = randomDKGUser(id,network,dkg,random); - threads[id - 1] = new Thread(dkgs[id - 1]); - if(QUAL.contains(id)){ - this.secret = this.secret.add(s).mod(q); - } - } - - } - - public DistributedKeyGenerationUser randomDKGUser(int id,Network network, DistributedKeyGeneration dkg,Random random){ - if (QUAL.size() <= t) { - QUAL.add(id); - return new DistributedKeyGenerationUserImpl(dkg,network); - }else{ - int type = random.nextInt(3); - switch (type){ - case 0:// regular - QUAL.add(id); - return new DistributedKeyGenerationUserImpl(dkg,network); - case 1:// abort - int abortStage = random.nextInt(2) + 1; // 1 or 2 - aborted.add(id); - if (abortStage == 2){ - QUAL.add(id); - } - return new DKGUserImplAbort(dkg,network,abortStage); - case 2:// malicious - malicious.add(id); - return new DKGMaliciousUserImpl(dkg,network,random); - default: - return null; - } - } - } - - public BigInteger sampleGenerator(Random random){ - BigInteger ZERO = group.zero(); - BigInteger g; - do { - g = group.sample(random); - } while (!g.equals(ZERO) && !group.multiply(g, q).equals(ZERO)); - return g; - } - - public BigInteger randomIntModQ(Random random){ - return new BigInteger(q.bitLength(), random).mod(q); - } - - - } -} diff --git a/destributed-key-generation/src/test/java/JointFeldmanProtocol/DKGMaliciousUserImpl.java b/destributed-key-generation/src/test/java/JointFeldmanProtocol/DKGMaliciousUserImpl.java index e3261f8..ad4aa4d 100644 --- a/destributed-key-generation/src/test/java/JointFeldmanProtocol/DKGMaliciousUserImpl.java +++ b/destributed-key-generation/src/test/java/JointFeldmanProtocol/DKGMaliciousUserImpl.java @@ -13,28 +13,33 @@ public class DKGMaliciousUserImpl extends DistributedKeyGenerationUserImpl { private final DistributedKeyGeneration maliciousDkg; private final Set falls; - public DKGMaliciousUserImpl(DistributedKeyGeneration dkg, Network network, Random random) { + public DKGMaliciousUserImpl(DistributedKeyGeneration dkg,DistributedKeyGeneration maliciousDKG, Network network,Set falls) { super(dkg, network); - this.falls = selectFalls(random); - this.maliciousDkg = new DistributedKeyGeneration(t,n,randomInt(random),random,dkg.getQ(),g,group,id); - maliciousDkg.setParties(parties); + this.falls = falls; + this.maliciousDkg = maliciousDKG; + maliciousDKG.setParties(parties); } - public Set selectFalls(Random random){ - ArrayList ids = new ArrayList(); - for (int i = 1; i<= n ; i++){ - if(i!=id) { - ids.add(i); - } - } + public static Set selectFallsRandomly(Set ids, Random random){ Set falls = new HashSet(); - int fallsSize = random.nextInt(ids.size()) + 1;// 1 - (n-1) + ArrayList idsList = new ArrayList(); + for (int id : ids){ + idsList.add(id); + } + int fallsSize = random.nextInt(idsList.size()) + 1;// 1 - (n-1) while (falls.size() < fallsSize){ - falls.add(ids.remove(random.nextInt(ids.size()))); + falls.add(idsList.remove(random.nextInt(idsList.size()))); } return falls; } + public static DistributedKeyGeneration generateMaliciousDKG(DistributedKeyGeneration dkg,Random random){ + BigInteger q = dkg.getQ(); + BigInteger zi = new BigInteger(q.bitLength(), random).mod(q); + return new DistributedKeyGeneration(dkg.getT(),dkg.getN(),zi,random,dkg.getQ() + ,dkg.getGenerator(),dkg.getGroup(),dkg.getId()); + } + @Override public void stage1() { dkg.broadcastCommitments(user); @@ -51,11 +56,6 @@ public class DKGMaliciousUserImpl extends DistributedKeyGenerationUserImpl { // do nothing } - private BigInteger randomInt(Random random){ - BigInteger q = dkg.getQ(); - return new BigInteger(q.bitLength(), random).mod(q); - } - private void sendSecrets(){ for (int j = 1; j <= n ; j++){ if(j != id){ diff --git a/destributed-key-generation/src/test/java/JointFeldmanProtocol/DKGTest.java b/destributed-key-generation/src/test/java/JointFeldmanProtocol/DKGTest.java index b50c46e..624aeeb 100644 --- a/destributed-key-generation/src/test/java/JointFeldmanProtocol/DKGTest.java +++ b/destributed-key-generation/src/test/java/JointFeldmanProtocol/DKGTest.java @@ -2,121 +2,174 @@ package JointFeldmanProtocol; import Arithmetics.Arithmetic; import Arithmetics.Fp; -import Arithmetics.Z; import Communication.Network; +import FeldmanVerifiableSecretSharing.VerifiableSecretSharing; import ShamirSecretSharing.Polynomial; import ShamirSecretSharing.SecretSharing; -import FeldmanVerifiableSecretSharing.VerifiableSecretSharing; import UserInterface.DistributedKeyGenerationUser; +import Utils.GenerateRandomPrime; import org.factcenter.qilin.primitives.Group; import org.factcenter.qilin.primitives.concrete.Zpstar; import org.junit.Before; import org.junit.Test; import java.math.BigInteger; -import java.util.*; +import java.util.ArrayList; +import java.util.HashSet; +import java.util.Random; +import java.util.Set; /** - * Created by Tzlil on 2/9/2016. + * Created by Tzlil on 3/21/2016. */ public class DKGTest { - - DistributedKeyGenerationUser[][] dkgsArrays; - Thread[][] threadsArrays; int tests = 10; - BigInteger p = BigInteger.valueOf(2903); + BigInteger p = GenerateRandomPrime.SafePrime100Bits; BigInteger q = p.subtract(BigInteger.ONE).divide(BigInteger.valueOf(2)); - BigInteger[] secrets; - Set QUAL = new HashSet(); - Arithmetic arithmetic; + Group group = new Zpstar(p); + Arithmetic arithmetic = new Fp(q); + int t = 9; + int n = 20; + + Testable[] testables; + @Before public void settings(){ - Zpstar zpstar = new Zpstar(p); - Random random = new Random(); - arithmetic = new Fp(q); - BigInteger g; - int t = 9; - int n = 20; - BigInteger ZERO = zpstar.zero(); - dkgsArrays = new DistributedKeyGenerationUserImpl[tests][n]; - threadsArrays = new Thread[tests][n]; - secrets = new BigInteger[tests]; - DistributedKeyGeneration dkg; - int abortedStage = 1; - for (int test = 0; test < tests; test++) { - do { - g = zpstar.sample(random); - } while (!g.equals(ZERO) && !zpstar.multiply(g, q).equals(ZERO));// sample from QRZp* - secrets[test] = BigInteger.ZERO; - Network network = new Network(n); - for (int i = 1; i <= n; i++) { - BigInteger secret = new BigInteger(q.bitLength(), random).mod(q); - dkg = new DistributedKeyGeneration(t,n,secret,random,q,g,zpstar,i); - - if(i == n) { - dkgsArrays[test][i - 1] = new DKGMaliciousUserImpl(dkg,network,random);//new DKGUserImplAbort(dkg, network, abortedStage); - } - else { - dkgsArrays[test][i - 1] = new DistributedKeyGenerationUserImpl(dkg, network); - QUAL.add(i); - } - if (abortedStage > 1 || (abortedStage == 1 && i != n)){ - secrets[test] = secrets[test].add(secret).mod(q); - } - threadsArrays[test][i - 1] = new Thread(dkgsArrays[test][i - 1]); - } + testables = new Testable[tests]; + for (int i = 0; i < tests; i++){ + testables[i] = new Testable(new Random()); } } - public void oneTest(Thread[] threads, DistributedKeyGenerationUser[] dkgs,BigInteger secret) throws Exception { - for (int i = 0; i < threads.length ; i++){ - threads[i].start(); + public void oneTest(int test) throws Exception { + Testable testable = testables[test]; + for (int i = 0; i < testable.threads.length ; i++){ + testable.threads[i].start(); } - for (int i = 0; i < threads.length ; i++){ - threads[i].join(); + for (int i = 0; i < testable.threads.length ; i++){ + testable.threads[i].join(); } - int t = dkgs[0].getT(); - int n = dkgs[0].getN(); - - Group zpstar = dkgs[0].getGroup(); - BigInteger g = dkgs[0].getGenerator(); // got the right public value - BigInteger publicValue = zpstar.multiply(g,secret); - for (int i: QUAL){ - if(i != n) - assert (dkgs[i - 1].getPublicValue().equals(publicValue)); + BigInteger publicValue = group.multiply(testable.g,testable.secret); + for (int i: testable.valids){ + assert (testable.dkgs[i - 1].getPublicValue().equals(publicValue)); } // assert valid verification values BigInteger expected,verification; - for (int i: QUAL){ - expected = zpstar.multiply(g, dkgs[i - 1].getShare().y); - verification = VerifiableSecretSharing.verify(i, dkgs[i - 1].getCommitments(),zpstar); + for (int i: testable.valids){ + expected = group.multiply(testable.g, testable.dkgs[i - 1].getShare().y); + verification = VerifiableSecretSharing.verify(i, testable.dkgs[i - 1].getCommitments(), group); assert (expected.equals(verification)); } // restore the secret from shares ArrayList sharesList = new ArrayList(); - Polynomial.Point[] shares = new Polynomial.Point[QUAL.size()]; - for(int i : QUAL){ - sharesList.add(dkgs[i - 1].getShare()); + + for (int i: testable.valids){ + sharesList.add(testable.dkgs[i - 1].getShare()); } + Polynomial.Point[] shares = new Polynomial.Point[sharesList.size()]; for (int i = 0; i < shares.length; i ++){ shares[i] = sharesList.get(i); } BigInteger calculatedSecret = SecretSharing.restoreSecret(shares,arithmetic); - assert (calculatedSecret.equals(secret)); - + assert (calculatedSecret.equals(testable.secret)); } @Test - public void DKGTest() throws Exception { - for (int i = 0 ; i < dkgsArrays.length; i ++){ - oneTest(threadsArrays[i],dkgsArrays[i],secrets[i]); + public void test() throws Exception { + for (int i = 0; i < tests; i++){ + oneTest(i); } } + + class Testable{ + Set valids; + Set QUAL; + Set aborted; + Set malicious; + DistributedKeyGenerationUser[] dkgs; + Thread[] threads; + BigInteger g; + BigInteger secret; + + public Testable(Random random) { + this.dkgs = new DistributedKeyGenerationUserImpl[n]; + this.valids = new HashSet(); + this.QUAL = new HashSet(); + this.aborted = new HashSet(); + this.malicious = new HashSet(); + this.threads = new Thread[n]; + this.g = sampleGenerator(random); + ArrayList ids = new ArrayList(); + for (int id = 1; id<= n ; id++){ + ids.add(id); + } + Network network = new Network(n); + int id; + BigInteger s; + DistributedKeyGeneration dkg; + this.secret = BigInteger.ZERO; + while (!ids.isEmpty()) { + id = ids.remove(random.nextInt(ids.size())); + s = randomIntModQ(random); + dkg = new DistributedKeyGeneration(t, n, s, random, q, g, group, id); + dkgs[id - 1] = randomDKGUser(id,network,dkg,random); + threads[id - 1] = new Thread(dkgs[id - 1]); + if(QUAL.contains(id)){ + this.secret = this.secret.add(s).mod(q); + } + } + + } + + public DistributedKeyGenerationUser randomDKGUser(int id,Network network, DistributedKeyGeneration dkg,Random random){ + if (QUAL.size() <= t) { + valids.add(id); + QUAL.add(id); + return new DistributedKeyGenerationUserImpl(dkg,network); + }else{ + int type = random.nextInt(3); + switch (type){ + case 0:// regular + valids.add(id); + QUAL.add(id); + return new DistributedKeyGenerationUserImpl(dkg,network); + case 1:// abort + int abortStage = random.nextInt(2) + 1; // 1 or 2 + aborted.add(id); + if (abortStage == 2){ + QUAL.add(id); + } + return new DKGUserImplAbort(dkg,network,abortStage); + case 2:// malicious + malicious.add(id); + Set falls = DKGMaliciousUserImpl.selectFallsRandomly(valids,random); + DistributedKeyGeneration maliciousDKG = DKGMaliciousUserImpl.generateMaliciousDKG(dkg,random); + return new DKGMaliciousUserImpl(dkg,maliciousDKG,network,falls); + default: + return null; + } + } + } + + public BigInteger sampleGenerator(Random random){ + BigInteger ZERO = group.zero(); + BigInteger g; + do { + g = group.sample(random); + } while (!g.equals(ZERO) && !group.multiply(g, q).equals(ZERO)); + return g; + } + + public BigInteger randomIntModQ(Random random){ + return new BigInteger(q.bitLength(), random).mod(q); + } + + } } diff --git a/destributed-key-generation/src/test/java/SecureDistributedKeyGenerationForDiscreteLogBasedCryptosystem/SDKGMaliciousUserImpl.java b/destributed-key-generation/src/test/java/SecureDistributedKeyGenerationForDiscreteLogBasedCryptosystem/SDKGMaliciousUserImpl.java new file mode 100644 index 0000000..9240dea --- /dev/null +++ b/destributed-key-generation/src/test/java/SecureDistributedKeyGenerationForDiscreteLogBasedCryptosystem/SDKGMaliciousUserImpl.java @@ -0,0 +1,64 @@ +package SecureDistributedKeyGenerationForDiscreteLogBasedCryptosystem; + +import Communication.Network; +import JointFeldmanProtocol.DistributedKeyGeneration; + +import java.math.BigInteger; +import java.util.ArrayList; +import java.util.HashSet; +import java.util.Random; +import java.util.Set; + +/** + * Created by Tzlil on 3/29/2016. + */ +public class SDKGMaliciousUserImpl extends SecureDistributedKeyGenerationUserImpl { + + private final DistributedKeyGeneration maliciousSDKG; + private final Set falls; + public SDKGMaliciousUserImpl(SecureDistributedKeyGeneration sdkg,SecureDistributedKeyGeneration maliciousSDKG + , Network network,Set falls) { + super(sdkg, network); + this.falls = falls; + this.maliciousSDKG = maliciousSDKG; + maliciousSDKG.setParties(parties); + } + + public static SecureDistributedKeyGeneration generateMaliciousSDKG(SecureDistributedKeyGeneration sdkg,Random random){ + BigInteger q = sdkg.getQ(); + BigInteger zi = new BigInteger(q.bitLength(), random).mod(q); + return new SecureDistributedKeyGeneration(sdkg.getT(),sdkg.getN(),zi,random,sdkg.getQ() + ,sdkg.getGenerator(),sdkg.getH(),sdkg.getGroup(),sdkg.getId()); + } + + @Override + public void stage1() { + sdkg.broadcastVerificationValues(user); + //sdkg.sendSecrets(user); + sendSecrets(); //insteadof dkg.sendSecrets(user); + } + + @Override + public void stage3() { + stopReceiver(); + maliciousSDKG.answerAllComplainingPlayers(user); + } + + @Override + public void stage4(){ + //do nothing + } + + private void sendSecrets(){ + for (int j = 1; j <= n ; j++){ + if(j != id){ + if(falls.contains(j)){ + maliciousSDKG.sendSecret(user,j); + }else { + sdkg.sendSecret(user, j); + } + } + } + } + +} diff --git a/destributed-key-generation/src/test/java/SecureDistributedKeyGenerationForDiscreteLogBasedCryptosystem/SDKGTest.java b/destributed-key-generation/src/test/java/SecureDistributedKeyGenerationForDiscreteLogBasedCryptosystem/SDKGTest.java index 107f87c..1b1b261 100644 --- a/destributed-key-generation/src/test/java/SecureDistributedKeyGenerationForDiscreteLogBasedCryptosystem/SDKGTest.java +++ b/destributed-key-generation/src/test/java/SecureDistributedKeyGenerationForDiscreteLogBasedCryptosystem/SDKGTest.java @@ -2,12 +2,16 @@ package SecureDistributedKeyGenerationForDiscreteLogBasedCryptosystem; import Arithmetics.Arithmetic; import Arithmetics.Fp; -import Arithmetics.Z; import Communication.Network; import FeldmanVerifiableSecretSharing.VerifiableSecretSharing; +import JointFeldmanProtocol.DKGMaliciousUserImpl; +import JointFeldmanProtocol.DKGUserImplAbort; +import JointFeldmanProtocol.DistributedKeyGeneration; +import JointFeldmanProtocol.DistributedKeyGenerationUserImpl; import ShamirSecretSharing.Polynomial; import ShamirSecretSharing.SecretSharing; import UserInterface.DistributedKeyGenerationUser; +import Utils.GenerateRandomPrime; import org.factcenter.qilin.primitives.Group; import org.factcenter.qilin.primitives.concrete.Zpstar; import org.junit.Before; @@ -20,108 +24,157 @@ import java.util.Random; import java.util.Set; /** - * Created by Tzlil on 2/23/2016. + * Created by Tzlil on 3/29/2016. */ public class SDKGTest { - DistributedKeyGenerationUser[][] sdkgsArrays; - Thread[][] threadsArrays; int tests = 10; - BigInteger p = BigInteger.valueOf(2903); + BigInteger p = GenerateRandomPrime.SafePrime100Bits; BigInteger q = p.subtract(BigInteger.ONE).divide(BigInteger.valueOf(2)); - BigInteger[] secrets; - - Set QUAL = new HashSet(); - - Arithmetic arithmetic; + Group group = new Zpstar(p); + Arithmetic arithmetic = new Fp(q); + int t = 9; + int n = 20; + Testable[] testables; @Before public void settings(){ - Zpstar zpstar = new Zpstar(p); - Random random = new Random(); - arithmetic = new Fp(q); - BigInteger g,h; - int t = 9; - int n = 20; - BigInteger ZERO = zpstar.zero(); - sdkgsArrays = new SecureDistributedKeyGenerationUserImpl[tests][n]; - threadsArrays = new Thread[tests][n]; - secrets = new BigInteger[tests]; - SecureDistributedKeyGeneration sdkg; - for (int test = 0; test < tests; test++) { - do { - g = zpstar.sample(random); - } while (!g.equals(ZERO) && !zpstar.multiply(g, q).equals(ZERO));// sample from QRZp* - h = zpstar.multiply(g,BigInteger.valueOf(2)); - secrets[test] = BigInteger.ZERO; - Network network = new Network(n); - int abortedStage = 2; - for (int i = 1; i <= n; i++) { - BigInteger secret = new BigInteger(q.bitLength(), random).mod(q); - sdkg = new SecureDistributedKeyGeneration(t,n,secret,random,q,g,h,zpstar,i); - if(i == n) { - sdkgsArrays[test][i - 1] = new SDKGUserImplAbort(sdkg, network, abortedStage); - } - else { - sdkgsArrays[test][i - 1] = new SecureDistributedKeyGenerationUserImpl(sdkg, network); - QUAL.add(i); - } - if (abortedStage > 1 || (abortedStage == 1 && i != n)){ - secrets[test] = secrets[test].add(secret).mod(q); - } - threadsArrays[test][i - 1] = new Thread(sdkgsArrays[test][i - 1]); - } + testables = new Testable[tests]; + for (int i = 0; i < tests; i++){ + testables[i] = new Testable(new Random()); } } - - public void oneTest(Thread[] threads, DistributedKeyGenerationUser[] dkgs,BigInteger secret) throws Exception { - for (int i = 0; i < threads.length ; i++){ - threads[i].start(); + public void oneTest(int test) throws Exception { + Testable testable = testables[test]; + for (int i = 0; i < testable.threads.length ; i++){ + testable.threads[i].start(); } - for (int i = 0; i < threads.length ; i++){ - threads[i].join(); + for (int i = 0; i < testable.threads.length ; i++){ + testable.threads[i].join(); } - int t = dkgs[0].getT(); - int n = dkgs[0].getN(); - - Group zpstar = dkgs[0].getGroup(); - BigInteger g = dkgs[0].getGenerator(); // got the right public value - BigInteger publicValue = zpstar.multiply(g,secret); - for (int i: QUAL){ - assert (dkgs[i - 1].getPublicValue().equals(publicValue)); + BigInteger publicValue = group.multiply(testable.g,testable.secret); + for (int i: testable.valids){ + assert (testable.sdkgs[i - 1].getPublicValue().equals(publicValue)); } // assert valid verification values BigInteger expected,verification; - for (int i: QUAL){ - expected = zpstar.multiply(g, dkgs[i - 1].getShare().y); - verification = VerifiableSecretSharing.verify(i, dkgs[i - 1].getCommitments(),zpstar); + for (int i: testable.valids){ + expected = group.multiply(testable.g, testable.sdkgs[i - 1].getShare().y); + verification = VerifiableSecretSharing.verify(i, testable.sdkgs[i - 1].getCommitments(), group); assert (expected.equals(verification)); } // restore the secret from shares ArrayList sharesList = new ArrayList(); - Polynomial.Point[] shares = new Polynomial.Point[QUAL.size()]; - for(int i : QUAL){ - sharesList.add(dkgs[i - 1].getShare()); + + for (int i: testable.valids){ + sharesList.add(testable.sdkgs[i - 1].getShare()); } + Polynomial.Point[] shares = new Polynomial.Point[sharesList.size()]; for (int i = 0; i < shares.length; i ++){ shares[i] = sharesList.get(i); } BigInteger calculatedSecret = SecretSharing.restoreSecret(shares,arithmetic); - assert (calculatedSecret.equals(secret)); - + assert (calculatedSecret.equals(testable.secret)); } @Test - public void SDKGTest() throws Exception { - for (int i = 0 ; i < sdkgsArrays.length; i ++){ - oneTest(threadsArrays[i],sdkgsArrays[i],secrets[i]); + public void test() throws Exception { + for (int i = 0; i < tests; i++){ + oneTest(i); } } + + class Testable{ + Set valids; + Set QUAL; + Set aborted; + Set malicious; + DistributedKeyGenerationUser[] sdkgs; + Thread[] threads; + BigInteger g; + BigInteger h; + BigInteger secret; + + public Testable(Random random) { + this.sdkgs = new SecureDistributedKeyGenerationUserImpl[n]; + this.valids = new HashSet(); + this.QUAL = new HashSet(); + this.aborted = new HashSet(); + this.malicious = new HashSet(); + this.threads = new Thread[n]; + this.g = sampleGenerator(random); + this.h = group.multiply(g,randomIntModQ(random)); + ArrayList ids = new ArrayList(); + for (int id = 1; id<= n ; id++){ + ids.add(id); + } + Network network = new Network(n); + int id; + BigInteger s; + SecureDistributedKeyGeneration sdkg; + this.secret = BigInteger.ZERO; + while (!ids.isEmpty()) { + id = ids.remove(random.nextInt(ids.size())); + s = randomIntModQ(random); + sdkg = new SecureDistributedKeyGeneration(t, n, s, random, q, g , h, group, id); + sdkgs[id - 1] = randomSDKGUser(id,network,sdkg,random); + threads[id - 1] = new Thread(sdkgs[id - 1]); + if(QUAL.contains(id)){ + this.secret = this.secret.add(s).mod(q); + } + } + + } + + public SecureDistributedKeyGenerationUserImpl randomSDKGUser(int id,Network network, SecureDistributedKeyGeneration sdkg,Random random){ + if (QUAL.size() <= t) { + valids.add(id); + QUAL.add(id); + return new SecureDistributedKeyGenerationUserImpl(sdkg,network); + }else{ + int type = random.nextInt(3); + switch (type){ + case 0:// regular + valids.add(id); + QUAL.add(id); + return new SecureDistributedKeyGenerationUserImpl(sdkg,network); + case 1:// abort + int abortStage = random.nextInt(3) + 1; // 1 or 2 or 3 + aborted.add(id); + if (abortStage > 1){ + QUAL.add(id); + } + return new SDKGUserImplAbort(sdkg,network,abortStage); + case 2:// malicious + malicious.add(id); + Set falls = DKGMaliciousUserImpl.selectFallsRandomly(valids,random); + SecureDistributedKeyGeneration maliciousSDKG = SDKGMaliciousUserImpl.generateMaliciousSDKG(sdkg,random); + return new SDKGMaliciousUserImpl(sdkg,maliciousSDKG,network,falls); + default: + return null; + } + } + } + + public BigInteger sampleGenerator(Random random){ + BigInteger ZERO = group.zero(); + BigInteger g; + do { + g = group.sample(random); + } while (!g.equals(ZERO) && !group.multiply(g, q).equals(ZERO)); + return g; + } + + public BigInteger randomIntModQ(Random random){ + return new BigInteger(q.bitLength(), random).mod(q); + } + + } } diff --git a/destributed-key-generation/src/test/java/SecureDistributedKeyGenerationForDiscreteLogBasedCryptosystem/SDKGUserImplAbort.java b/destributed-key-generation/src/test/java/SecureDistributedKeyGenerationForDiscreteLogBasedCryptosystem/SDKGUserImplAbort.java index fc777d3..c2a6fbe 100644 --- a/destributed-key-generation/src/test/java/SecureDistributedKeyGenerationForDiscreteLogBasedCryptosystem/SDKGUserImplAbort.java +++ b/destributed-key-generation/src/test/java/SecureDistributedKeyGenerationForDiscreteLogBasedCryptosystem/SDKGUserImplAbort.java @@ -18,7 +18,8 @@ public class SDKGUserImplAbort extends SecureDistributedKeyGenerationUserImpl { this.stage = 1; } - private void sendAbort(){ + private void abort(){ + stopReceiver(); user.broadcast(DKGMessages.Mail.Type.ABORT,DKGMessages.EmptyMessage.getDefaultInstance()); } @@ -27,7 +28,7 @@ public class SDKGUserImplAbort extends SecureDistributedKeyGenerationUserImpl { if(stage < abortStage) super.stage1(); else if(stage == abortStage){ - sendAbort(); + abort(); } stage++; } @@ -37,7 +38,7 @@ public class SDKGUserImplAbort extends SecureDistributedKeyGenerationUserImpl { if(stage < abortStage) super.stage2(); else if(stage == abortStage){ - sendAbort(); + abort(); } stage++; } @@ -47,7 +48,7 @@ public class SDKGUserImplAbort extends SecureDistributedKeyGenerationUserImpl { if(stage < abortStage) super.stage3(); else if(stage == abortStage){ - sendAbort(); + abort(); } stage++; } @@ -57,7 +58,7 @@ public class SDKGUserImplAbort extends SecureDistributedKeyGenerationUserImpl { if(stage < abortStage) super.stage4(); else if(stage == abortStage){ - sendAbort(); + abort(); } stage++; } diff --git a/destributed-key-generation/src/test/java/ShamirSecretSharing/PolynomialTests/AddTest.java b/destributed-key-generation/src/test/java/ShamirSecretSharing/PolynomialTests/AddTest.java index 288aed1..fe4e602 100644 --- a/destributed-key-generation/src/test/java/ShamirSecretSharing/PolynomialTests/AddTest.java +++ b/destributed-key-generation/src/test/java/ShamirSecretSharing/PolynomialTests/AddTest.java @@ -1,4 +1,6 @@ package ShamirSecretSharing.PolynomialTests; +import Arithmetics.Z; +import Utils.GenerateRandomPolynomial; import ShamirSecretSharing.Polynomial; import org.junit.Before; import org.junit.Test; @@ -24,8 +26,8 @@ public class AddTest { arr1 = new Polynomial[tests]; arr2 = new Polynomial[tests]; for (int i = 0; i < arr1.length; i++){ - arr1[i] = Utils.generateRandomPolynomial(random.nextInt(maxDegree),bits,random); - arr2[i] = Utils.generateRandomPolynomial(random.nextInt(maxDegree),bits,random); + arr1[i] = GenerateRandomPolynomial.generateRandomPolynomial(random.nextInt(maxDegree),bits,random,new Z()); + arr2[i] = GenerateRandomPolynomial.generateRandomPolynomial(random.nextInt(maxDegree),bits,random,new Z()); } } diff --git a/destributed-key-generation/src/test/java/ShamirSecretSharing/PolynomialTests/InterpolationTest.java b/destributed-key-generation/src/test/java/ShamirSecretSharing/PolynomialTests/InterpolationTest.java index 2f5ba39..97f1b8d 100644 --- a/destributed-key-generation/src/test/java/ShamirSecretSharing/PolynomialTests/InterpolationTest.java +++ b/destributed-key-generation/src/test/java/ShamirSecretSharing/PolynomialTests/InterpolationTest.java @@ -2,8 +2,9 @@ package ShamirSecretSharing.PolynomialTests; import Arithmetics.Arithmetic; import Arithmetics.Fp; -import Arithmetics.Z; +import Utils.GenerateRandomPolynomial; import ShamirSecretSharing.Polynomial; +import Utils.GenerateRandomPrime; import org.junit.Before; import org.junit.Test; @@ -23,7 +24,7 @@ public class InterpolationTest { Random random; Polynomial.Point[][] pointsArrays; Arithmetic arithmetic; - BigInteger p = BigInteger.valueOf(2903); + BigInteger p = GenerateRandomPrime.SafePrime100Bits; @Before public void settings(){ @@ -31,7 +32,7 @@ public class InterpolationTest { polynomials = new Polynomial[tests]; pointsArrays = new Polynomial.Point[tests][]; for (int i = 0; i < polynomials.length; i++){ - polynomials[i] = Utils.generateRandomPolynomial(random.nextInt(maxDegree),bits,random,p); + polynomials[i] = GenerateRandomPolynomial.generateRandomPolynomial(random.nextInt(maxDegree),bits,random,p); pointsArrays[i] = randomPoints(polynomials[i]); } arithmetic = new Fp(p); diff --git a/destributed-key-generation/src/test/java/ShamirSecretSharing/PolynomialTests/MulByConstTest.java b/destributed-key-generation/src/test/java/ShamirSecretSharing/PolynomialTests/MulByConstTest.java index 0865058..3a3bf1a 100644 --- a/destributed-key-generation/src/test/java/ShamirSecretSharing/PolynomialTests/MulByConstTest.java +++ b/destributed-key-generation/src/test/java/ShamirSecretSharing/PolynomialTests/MulByConstTest.java @@ -1,5 +1,7 @@ package ShamirSecretSharing.PolynomialTests; +import Arithmetics.Z; +import Utils.GenerateRandomPolynomial; import ShamirSecretSharing.Polynomial; import org.junit.Before; import org.junit.Test; @@ -26,7 +28,7 @@ public class MulByConstTest { arr1 = new Polynomial[tests]; arr2 = new BigInteger[tests]; for (int i = 0; i < arr1.length; i++){ - arr1[i] = Utils.generateRandomPolynomial(random.nextInt(maxDegree),bits,random); + arr1[i] = GenerateRandomPolynomial.generateRandomPolynomial(random.nextInt(maxDegree),bits,random,new Z()); arr2[i] = new BigInteger(bits,random); } } diff --git a/destributed-key-generation/src/test/java/ShamirSecretSharing/PolynomialTests/MulTest.java b/destributed-key-generation/src/test/java/ShamirSecretSharing/PolynomialTests/MulTest.java index 418ea00..a7dd365 100644 --- a/destributed-key-generation/src/test/java/ShamirSecretSharing/PolynomialTests/MulTest.java +++ b/destributed-key-generation/src/test/java/ShamirSecretSharing/PolynomialTests/MulTest.java @@ -1,5 +1,7 @@ package ShamirSecretSharing.PolynomialTests; +import Arithmetics.Z; +import Utils.GenerateRandomPolynomial; import ShamirSecretSharing.Polynomial; import org.junit.Before; import org.junit.Test; @@ -26,8 +28,8 @@ public class MulTest { arr1 = new Polynomial[tests]; arr2 = new Polynomial[tests]; for (int i = 0; i < arr1.length; i++){ - arr1[i] = Utils.generateRandomPolynomial(random.nextInt(maxDegree),bits,random); - arr2[i] = Utils.generateRandomPolynomial(random.nextInt(maxDegree),bits,random); + arr1[i] = GenerateRandomPolynomial.generateRandomPolynomial(random.nextInt(maxDegree),bits,random,new Z()); + arr2[i] = GenerateRandomPolynomial.generateRandomPolynomial(random.nextInt(maxDegree),bits,random,new Z()); } } diff --git a/destributed-key-generation/src/test/java/ShamirSecretSharing/SecretSharingTest.java b/destributed-key-generation/src/test/java/ShamirSecretSharing/SecretSharingTest.java index 042c06a..a74148f 100644 --- a/destributed-key-generation/src/test/java/ShamirSecretSharing/SecretSharingTest.java +++ b/destributed-key-generation/src/test/java/ShamirSecretSharing/SecretSharingTest.java @@ -1,6 +1,7 @@ package ShamirSecretSharing; import Arithmetics.Z; +import Utils.GenerateRandomPrime; import org.factcenter.qilin.primitives.CyclicGroup; import org.factcenter.qilin.primitives.concrete.Zn; import org.junit.Before; @@ -24,7 +25,7 @@ public class SecretSharingTest { @Before public void settings(){ - BigInteger p = BigInteger.valueOf(2903); + BigInteger p = GenerateRandomPrime.SafePrime100Bits; BigInteger q = p.subtract(BigInteger.ONE).divide(BigInteger.valueOf(2)); group = new Zn(p); int t = 9; diff --git a/destributed-key-generation/src/test/java/ShamirSecretSharing/PolynomialTests/Utils.java b/destributed-key-generation/src/test/java/Utils/GenerateRandomPolynomial.java similarity index 75% rename from destributed-key-generation/src/test/java/ShamirSecretSharing/PolynomialTests/Utils.java rename to destributed-key-generation/src/test/java/Utils/GenerateRandomPolynomial.java index 8ec057a..d59d051 100644 --- a/destributed-key-generation/src/test/java/ShamirSecretSharing/PolynomialTests/Utils.java +++ b/destributed-key-generation/src/test/java/Utils/GenerateRandomPolynomial.java @@ -1,5 +1,6 @@ -package ShamirSecretSharing.PolynomialTests; +package Utils; +import Arithmetics.Arithmetic; import Arithmetics.Fp; import ShamirSecretSharing.Polynomial; @@ -9,19 +10,19 @@ import java.util.Random; /** * Created by Tzlil on 1/27/2016. */ -public class Utils { +public class GenerateRandomPolynomial { - public static Polynomial generateRandomPolynomial(int degree,int bits,Random random) { + public static Polynomial generateRandomPolynomial(int degree, int bits, Random random,Arithmetic arithmetic) { BigInteger[] coefficients = new BigInteger[degree + 1]; for (int i = 0 ; i <= degree; i++ ){ coefficients[i] = new BigInteger(bits,random); // sample from Zp [0,... q-1] } - return new Polynomial(coefficients); + return new Polynomial(coefficients,arithmetic); } public static Polynomial generateRandomPolynomial(int degree,int bits,Random random,BigInteger p) { - BigInteger[] coefficients = generateRandomPolynomial(degree,bits,random).getCoefficients(); + BigInteger[] coefficients = generateRandomPolynomial(degree,bits,random,new Fp(p)).getCoefficients(); for (int i = 0; i