meerkat
/
meerkat-java
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

abort message

DKG
tzlil.gon 2016-03-18 14:20:47 +02:00
parent cc7e138a43
commit e4a33af4d4
24 changed files with 705 additions and 325 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
destributed-key-generation/src/main/java/Arithmetics/Arithmetic.java Normal file
View File

@ -0,0 +1,14 @@
package Arithmetics;
import java.math.BigInteger;
/**
* Created by Tzlil on 3/17/2016.
*/
public interface Arithmetic<T> {
BigInteger add(T a,T b);
BigInteger sub(T a,T b);
BigInteger mul(T a,T b);
BigInteger div(T a,T b);
}

53
destributed-key-generation/src/main/java/Arithmetics/Fp.java Normal file
View File

@ -0,0 +1,53 @@
package Arithmetics;
import java.math.BigInteger;
/**
* Created by Tzlil on 3/17/2016.
*/
public class Fp implements Arithmetic<BigInteger> {
public final BigInteger p;
public Fp(BigInteger p) {
this.p = p;
}
@Override
public BigInteger add(BigInteger a,BigInteger b){
return a.add(b).mod(p);
}
@Override
public BigInteger sub(BigInteger a,BigInteger b){
return a.add(p).subtract(b).mod(p);
}
@Override
public BigInteger mul(BigInteger a,BigInteger b){
return a.multiply(b).mod(p);
}
@Override
public BigInteger div(BigInteger a,BigInteger b){
return mul(a,inv(b));
}
public BigInteger pow(BigInteger b,BigInteger e){
if (e.compareTo(BigInteger.ZERO) < 0 ) {
return pow(inv(b), e.negate());
}
BigInteger result = BigInteger.ONE;
while (e.compareTo(BigInteger.ZERO) > 0) {
if (e.testBit(0)) {
result = mul(result, b);
}
e = e.shiftRight(1);
b = mul(b, b);
}
return result;
}
public BigInteger inv(BigInteger a){
return pow(a,p.subtract(BigInteger.valueOf(2)));
}
}

29
destributed-key-generation/src/main/java/Arithmetics/Z.java Normal file
View File

@ -0,0 +1,29 @@
package Arithmetics;
import java.math.BigInteger;
/**
* Created by Tzlil on 3/17/2016.
*/
public class Z implements Arithmetic<BigInteger> {
@Override
public BigInteger add(BigInteger a, BigInteger b) {
return a.add(b);
}
@Override
public BigInteger sub(BigInteger a, BigInteger b) {
return a.subtract(b);
}
@Override
public BigInteger mul(BigInteger a, BigInteger b) {
return a.multiply(b);
}
@Override
public BigInteger div(BigInteger a, BigInteger b) {
return a.divide(b);
}
}

5
destributed-key-generation/src/main/java/Communication/MailHandler.java
View File

@ -42,6 +42,11 @@ public abstract class MailHandler {
case ANSWER: case ANSWER:
messageHandler.handelAnswerMessage(mail.getSender(), mail.getDestination() == Network.BROADCAST messageHandler.handelAnswerMessage(mail.getSender(), mail.getDestination() == Network.BROADCAST
, message); , message);
break;
case ABORT:
messageHandler.handelAbortMessage(mail.getSender(), mail.getDestination() == Network.BROADCAST
, message);
break;
default: default:
break; break;
} }

1
destributed-key-generation/src/main/java/Communication/MessageHandler.java
View File

@ -11,4 +11,5 @@ public interface MessageHandler {
void handelComplaintMessage(int sender, boolean isBroadcast, Message message); void handelComplaintMessage(int sender, boolean isBroadcast, Message message);
void handelDoneMessage(int sender, boolean isBroadcast, Message message); //will be remove void handelDoneMessage(int sender, boolean isBroadcast, Message message); //will be remove
void handelAnswerMessage(int sender, boolean isBroadcast, Message message); void handelAnswerMessage(int sender, boolean isBroadcast, Message message);
void handelAbortMessage(int sender, boolean isBroadcast, Message message);
} }

2
destributed-key-generation/src/main/java/Communication/User.java
View File

@ -18,7 +18,7 @@ public class User{
private final Network network; private final Network network;
protected User(int ID, Network network, MailHandler mailHandler) { protected User(int ID, Network network, MailHandler mailHandler) {
this.mailbox = new ArrayBlockingQueue<DKGMessages.Mail>(2 * network.n * network.n); this.mailbox = new ArrayBlockingQueue<DKGMessages.Mail>( network.n * network.n * network.n);
this.ID = ID; this.ID = ID;
this.mailHandler = mailHandler; this.mailHandler = mailHandler;
this.receiverThread = new Thread(new Receiver()); this.receiverThread = new Thread(new Receiver());

116
destributed-key-generation/src/main/java/JointFeldmanProtocol/DistributedKeyGeneration.java
View File

@ -1,10 +1,10 @@
package JointFeldmanProtocol; package JointFeldmanProtocol;
import Communication.User; import Communication.User;
import ShamirSecretSharing.Polynomial;
import FeldmanVerifiableSecretSharing.VerifiableSecretSharing; import FeldmanVerifiableSecretSharing.VerifiableSecretSharing;
import ShamirSecretSharing.Polynomial;
import com.google.protobuf.ByteString; import com.google.protobuf.ByteString;
import meerkat.protobuf.DKGMessages.*; import meerkat.protobuf.DKGMessages;
import org.factcenter.qilin.primitives.Group; import org.factcenter.qilin.primitives.Group;
import java.math.BigInteger; import java.math.BigInteger;
@ -14,20 +14,31 @@ import java.util.Random;
import java.util.Set; import java.util.Set;
/** /**
* Created by Tzlil on 2/5/2016. * Created by Tzlil on 3/14/2016.
*
* an implementation of a version of Pedersen's distributed key generation protocol
*/ */
public class DistributedKeyGeneration extends VerifiableSecretSharing{ public class DistributedKeyGeneration extends VerifiableSecretSharing {
public enum ComplainState{
Non, Waiting,Disqualified,NonDisqualified
}
protected final int id; protected final int id;
protected Polynomial.Point[] shares; private DistributedKeyGenerationParty[] parties;
public DistributedKeyGeneration(int t, int n, BigInteger zi, Random random, BigInteger q, BigInteger g public DistributedKeyGeneration(int t, int n, BigInteger zi, Random random, BigInteger q, BigInteger g
, Group<BigInteger> group, int id) { , Group<BigInteger> group, int id) {
super(t, n, zi, random, q, g,group); super(t, n, zi, random, q, g,group);
this.id = id; this.id = id;
this.shares = null; this.parties = new DistributedKeyGenerationParty[n];
for (int i = 1; i <= n ; i++){
this.parties[i - 1] = new DistributedKeyGenerationParty(i,n,t);
}
}
protected void setParties(DistributedKeyGenerationParty[] parties){
this.parties = parties;
}
protected DistributedKeyGenerationParty[] getParties(){
return parties;
} }
/** /**
@ -39,20 +50,20 @@ public class DistributedKeyGeneration extends VerifiableSecretSharing{
} }
public void broadcastCommitments(User user, BigInteger[] commitments){ public void broadcastCommitments(User user, BigInteger[] commitments){
CommitmentMessage commitmentMessage; DKGMessages.CommitmentMessage commitmentMessage;
for (int k = 0; k <= t ; k++){ for (int k = 0; k <= t ; k++){
commitmentMessage = CommitmentMessage.newBuilder() commitmentMessage = DKGMessages.CommitmentMessage.newBuilder()
.setCommitment(ByteString.copyFrom(commitments[k].toByteArray())) .setCommitment(ByteString.copyFrom(commitments[k].toByteArray()))
.setK(k) .setK(k)
.build(); .build();
user.broadcast(Mail.Type.COMMITMENT, commitmentMessage); user.broadcast(DKGMessages.Mail.Type.COMMITMENT, commitmentMessage);
} }
} }
public void sendSecret(User user, int j){ public void sendSecret(User user, int j){
ByteString secret = ByteString.copyFrom(getShare(j).y.toByteArray()); ByteString secret = ByteString.copyFrom(getShare(j).y.toByteArray());
user.send(j, Mail.Type.SECRET, user.send(j, DKGMessages.Mail.Type.SECRET,
SecretMessage.newBuilder() DKGMessages.SecretMessage.newBuilder()
.setI(id) .setI(id)
.setJ(j) .setJ(j)
.setSecret(secret) .setSecret(secret)
@ -71,9 +82,9 @@ public class DistributedKeyGeneration extends VerifiableSecretSharing{
} }
} }
public boolean isValidSecret(int i,BigInteger[] commitments,int j){ public boolean isValidSecret(int i){
Polynomial.Point secret = shares[i - 1]; DistributedKeyGenerationParty party = parties[i - 1];
return isValidSecret(secret,commitments,j); return isValidSecret(party.share,party.commitments,id);
} }
public boolean isValidSecret(Polynomial.Point secret, BigInteger[] commitments, int j){ public boolean isValidSecret(Polynomial.Point secret, BigInteger[] commitments, int j){
@ -86,24 +97,29 @@ public class DistributedKeyGeneration extends VerifiableSecretSharing{
* Pj verifies all the shares he received (using isValidSecret) * Pj verifies all the shares he received (using isValidSecret)
* if check fails for an index i, Pj broadcasts a complaint against Pi. * if check fails for an index i, Pj broadcasts a complaint against Pi.
*/ */
public void broadcastComplains(User user, BigInteger[][]commitmentsTable){ public void broadcastComplains(User user){
ComplaintMessage complaint; DKGMessages.IDMessage complaint;
for (int i = 1; i <= n ; i++ ){ for (int i = 1; i <= n ; i++ ){
if(i != id) { if(i != id && !parties[i - 1].aborted) {
if (!isValidSecret(i,commitmentsTable[i - 1],id)) { sendComplain(user,i);
//message = new Message(Type.Complaint, j)
complaint = ComplaintMessage.newBuilder()
.setId(i)
.build();
user.broadcast(Mail.Type.COMPLAINT, complaint);
}
} }
} }
} }
protected void sendComplain(User user,int i){
DKGMessages.IDMessage complaint;
if (!isValidSecret(i)) {
//message = new Message(Type.Complaint, j)
complaint = DKGMessages.IDMessage.newBuilder()
.setId(i)
.build();
user.broadcast(DKGMessages.Mail.Type.COMPLAINT, complaint);
}
}
public void broadcastComplaintAnswer(User user, int j){ public void broadcastComplaintAnswer(User user, int j){
user.broadcast(Mail.Type.ANSWER, SecretMessage.newBuilder() user.broadcast(DKGMessages.Mail.Type.ANSWER, DKGMessages.SecretMessage.newBuilder()
.setI(id) .setI(id)
.setJ(j) .setJ(j)
.setSecret(ByteString.copyFrom(getShare(j).y.toByteArray())) .setSecret(ByteString.copyFrom(getShare(j).y.toByteArray()))
@ -114,7 +130,8 @@ public class DistributedKeyGeneration extends VerifiableSecretSharing{
* stage3.1 according to the protocol * stage3.1 according to the protocol
* if more than t players complain against a player Pi he is disqualified. * if more than t players complain against a player Pi he is disqualified.
*/ */
public void answerAllComplainingPlayers(User user, DistributedKeyGenerationUserImpl.ComplainState[] complains){ public void answerAllComplainingPlayers(User user){
ComplainState[] complains = parties[id - 1].complaints;
for (int i = 1; i <= n ; i++) { for (int i = 1; i <= n ; i++) {
switch (complains[i - 1]) { switch (complains[i - 1]) {
case Waiting: case Waiting:
@ -126,20 +143,35 @@ public class DistributedKeyGeneration extends VerifiableSecretSharing{
} }
} }
protected boolean isPartyCompletedStage1(int i){
if(parties[i - 1].aborted){
if(parties[i - 1].share == null){
return false;
}
for (int k = 0; k <= t ; k++){
if(parties[i - 1].commitments[k] == null){
return false;
}
}
}
return true;
}
/** /**
* stage3.2 according to the protocol * stage3.2 according to the protocol
* if any of the revealed shares fails the verification test, player Pi is disqualified. * if any of the revealed shares fails the verification test, player Pi is disqualified.
* set QUAL to be the set of non-disqualified players. * set QUAL to be the set of non-disqualified players.
*/ */
public Set<Integer> calcQUAL(DistributedKeyGenerationUserImpl.ComplainState[][] complains){ public Set<Integer> calcQUAL(){
Set<Integer> QUAL = new HashSet<Integer>(); Set<Integer> QUAL = new HashSet<Integer>();
boolean nonDisqualified; boolean nonDisqualified;
int counter; int counter;
for (int i = 1; i <= complains.length; i++){ for (int i = 1; i <= n; i++){
ComplainState[] complains = parties[i - 1].complaints;
nonDisqualified = true; nonDisqualified = true;
counter = 0; counter = 0;
for (int j = 1; j <= complains[i - 1].length; j++){ for (int j = 1; j <= n; j++){
switch (complains[i - 1][j - 1]) { switch (complains[j - 1]) {
case Non: case Non:
break; break;
case NonDisqualified: case NonDisqualified:
@ -150,7 +182,7 @@ public class DistributedKeyGeneration extends VerifiableSecretSharing{
if(!nonDisqualified) if(!nonDisqualified)
break; break;
} }
if(nonDisqualified && counter <= t){ if(nonDisqualified && counter <= t && isPartyCompletedStage1(i)){
QUAL.add(i); QUAL.add(i);
} }
} }
@ -161,10 +193,10 @@ public class DistributedKeyGeneration extends VerifiableSecretSharing{
* stage4.1 according to the protocol * stage4.1 according to the protocol
* public value y is computed as y = multiplication of yi mod p for i in QUAL * public value y is computed as y = multiplication of yi mod p for i in QUAL
*/ */
public BigInteger calcY(BigInteger[] ys,Set<Integer> QUAL){ public BigInteger calcY(Set<Integer> QUAL){
BigInteger y = group.zero(); BigInteger y = group.zero();
for (int i : QUAL) { for (int i : QUAL) {
y = group.add(y , ys[i - 1]); y = group.add(y , parties[i - 1].commitments[0]);
} }
return y; return y;
} }
@ -173,12 +205,12 @@ public class DistributedKeyGeneration extends VerifiableSecretSharing{
* stage4.2 according to the protocol * stage4.2 according to the protocol
* public verification values are computed as Ak = multiplication of Aik mod p for i in QUAL for k = 0,...,t * public verification values are computed as Ak = multiplication of Aik mod p for i in QUAL for k = 0,...,t
*/ */
public BigInteger[] calcCommitments(BigInteger[][] commitmentsTable,Set<Integer> QUAL){ public BigInteger[] calcCommitments(Set<Integer> QUAL){
BigInteger[] commitments = new BigInteger[t + 1]; BigInteger[] commitments = new BigInteger[t + 1];
Arrays.fill(commitments,group.zero()); Arrays.fill(commitments,group.zero());
for (int i : QUAL) { for (int i : QUAL) {
for (int k = 0; k <= t; k++){ for (int k = 0; k <= t; k++){
commitments[k] = group.add(commitments[k],commitmentsTable[i - 1][k]); commitments[k] = group.add(commitments[k], parties[i - 1].commitments[k]);
} }
} }
return commitments; return commitments;
@ -188,10 +220,10 @@ public class DistributedKeyGeneration extends VerifiableSecretSharing{
* stage4.3 according to the protocol * stage4.3 according to the protocol
* Pj sets is share of the secret as xj = sum of Sij mod q for i in QUAL * Pj sets is share of the secret as xj = sum of Sij mod q for i in QUAL
*/ */
public Polynomial.Point calcShare(Polynomial.Point[] shares,Set<Integer> QUAL){ public Polynomial.Point calcShare(Set<Integer> QUAL){
BigInteger xj = BigInteger.ZERO; BigInteger xj = BigInteger.ZERO;
for (int i : QUAL) { for (int i : QUAL) {
xj = xj.add(shares[i - 1].y); xj = xj.add(parties[i - 1].share.y);
} }
return new Polynomial.Point(BigInteger.valueOf(id) , xj.mod(q)); return new Polynomial.Point(BigInteger.valueOf(id) , xj.mod(q));
} }
@ -200,8 +232,4 @@ public class DistributedKeyGeneration extends VerifiableSecretSharing{
return id; return id;
} }
public void setShares(Polynomial.Point[] shares){
this.shares = shares;
}
} }

7
destributed-key-generation/src/main/java/JointFeldmanProtocol/DistributedKeyGenerationMailHandler.java
View File

@ -27,14 +27,17 @@ public class DistributedKeyGenerationMailHandler extends MailHandler {
message = DKGMessages.CommitmentMessage.parseFrom(mail.getMessage()); message = DKGMessages.CommitmentMessage.parseFrom(mail.getMessage());
break; break;
case COMPLAINT: case COMPLAINT:
message = DKGMessages.ComplaintMessage.parseFrom(mail.getMessage()); message = DKGMessages.IDMessage.parseFrom(mail.getMessage());
break; break;
case DONE: case DONE:
message = DKGMessages.DoneMessage.parseFrom(mail.getMessage()); message = DKGMessages.EmptyMessage.parseFrom(mail.getMessage());
break; break;
case ANSWER: case ANSWER:
message = DKGMessages.SecretMessage.parseFrom(mail.getMessage()); message = DKGMessages.SecretMessage.parseFrom(mail.getMessage());
break; break;
case ABORT:
message = DKGMessages.EmptyMessage.parseFrom(mail.getMessage());
break;
default: default:
return null; return null;
} }

28
destributed-key-generation/src/main/java/JointFeldmanProtocol/DistributedKeyGenerationParty.java Normal file
View File

@ -0,0 +1,28 @@
package JointFeldmanProtocol;
import ShamirSecretSharing.Polynomial;
import java.math.BigInteger;
import java.util.Arrays;
/**
* Created by Tzlil on 3/14/2016.
*/
public class DistributedKeyGenerationParty {
public final int id;
public Polynomial.Point share;
public BigInteger[] commitments;
public boolean doneFlag;
public DistributedKeyGeneration.ComplainState[] complaints;
public boolean aborted;
public DistributedKeyGenerationParty(int id, int n, int t) {
this.id = id;
this.share = null;
this.doneFlag = false;
this.complaints = new DistributedKeyGeneration.ComplainState[n];
Arrays.fill(this.complaints, DistributedKeyGeneration.ComplainState.Non);
this.commitments = new BigInteger[t + 1];
this.aborted = false;
}
}

149
destributed-key-generation/src/main/java/JointFeldmanProtocol/DistributedKeyGenerationUserImpl.java
View File

@ -13,14 +13,12 @@ import org.factcenter.qilin.primitives.Group;
import java.math.BigInteger; import java.math.BigInteger;
import java.util.Arrays; import java.util.Arrays;
import java.util.Set; import java.util.Set;
import JointFeldmanProtocol.DistributedKeyGeneration.ComplainState;
/** /**
* Created by Tzlil on 2/21/2016. * Created by Tzlil on 3/14/2016.
*/ */
public class DistributedKeyGenerationUserImpl implements DistributedKeyGenerationUser { public class DistributedKeyGenerationUserImpl implements DistributedKeyGenerationUser {
protected enum ComplainState{
Non, Waiting,Disqualified,NonDisqualified
}
protected final DistributedKeyGeneration dkg; protected final DistributedKeyGeneration dkg;
@ -31,12 +29,8 @@ public class DistributedKeyGenerationUserImpl implements DistributedKeyGeneratio
protected final int id; protected final int id;
protected MessageHandler messageHandler; protected MessageHandler messageHandler;
protected final Polynomial.Point[] shares;
protected final BigInteger[][] commitmentsTable;
protected final boolean[] doneFlags;
protected final User user; protected final User user;
protected final ComplainState[][] complaintsTable; protected final DistributedKeyGenerationParty[] parties;
protected Set<Integer> QUAL; // set of all non-disqualified parties protected Set<Integer> QUAL; // set of all non-disqualified parties
protected BigInteger[] commitments; // public verification values protected BigInteger[] commitments; // public verification values
protected Polynomial.Point share; // final share of the secrete protected Polynomial.Point share; // final share of the secrete
@ -57,14 +51,9 @@ public class DistributedKeyGenerationUserImpl implements DistributedKeyGeneratio
this.messageHandler = new MessageHandler(); this.messageHandler = new MessageHandler();
mailHandler.setMessageHandler(this.messageHandler); mailHandler.setMessageHandler(this.messageHandler);
this.user = network.connect(mailHandler); this.user = network.connect(mailHandler);
this.shares = new Polynomial.Point[n]; this.parties = dkg.getParties();
this.shares[id - 1] = dkg.getShare(id);
this.commitmentsTable = new BigInteger[n][t + 1]; this.parties[id - 1].share = dkg.getShare(id);
this.doneFlags = new boolean[n];
this.complaintsTable = new ComplainState[n][n];
for (int i = 0; i < n; i++){
Arrays.fill(complaintsTable[i],ComplainState.Non);
}
this.QUAL = null; this.QUAL = null;
this.commitments = null; this.commitments = null;
@ -89,10 +78,15 @@ public class DistributedKeyGenerationUserImpl implements DistributedKeyGeneratio
* Pj broadcasts done message at the end of this stage * Pj broadcasts done message at the end of this stage
*/ */
protected void stage2(){ protected void stage2(){
dkg.setShares(shares); Polynomial.Point[] shares = new Polynomial.Point[n];
dkg.broadcastComplains(user,commitmentsTable); BigInteger[][] commitmentsTable = new BigInteger[n][];
for (int i = 0 ; i < n ; i++){
shares[i] = parties[i].share;
commitmentsTable[i] = parties[i].commitments;
}
dkg.broadcastComplains(user);
//broadcast done message after all complaints //broadcast done message after all complaints
DKGMessages.DoneMessage doneMessage = DKGMessages.DoneMessage.newBuilder().build(); DKGMessages.EmptyMessage doneMessage = DKGMessages.EmptyMessage.newBuilder().build();
user.broadcast(DKGMessages.Mail.Type.DONE,doneMessage); user.broadcast(DKGMessages.Mail.Type.DONE,doneMessage);
} }
@ -104,13 +98,12 @@ public class DistributedKeyGenerationUserImpl implements DistributedKeyGeneratio
* set QUAL to be the set of non-disqualified players. * set QUAL to be the set of non-disqualified players.
*/ */
protected void stage3(){ protected void stage3(){
dkg.answerAllComplainingPlayers(user);
dkg.answerAllComplainingPlayers(user,complaintsTable[id - 1]);
// wait until there is no complaint waiting for answer // wait until there is no complaint waiting for answer
for (int i = 0; i < complaintsTable.length; i++){ for (int i = 0; i < n; i++){
for (int j = 0; j < complaintsTable[i].length; j++){ for (int j = 0; j < n; j++){
while (complaintsTable[i][j].equals(ComplainState.Waiting)){ while (parties[i].complaints[j].equals(ComplainState.Waiting) && !parties[i].aborted){
try { try {
Thread.sleep(300); Thread.sleep(300);
} catch (InterruptedException e) { } catch (InterruptedException e) {
@ -119,7 +112,7 @@ public class DistributedKeyGenerationUserImpl implements DistributedKeyGeneratio
} }
} }
} }
this.QUAL = dkg.calcQUAL(complaintsTable); this.QUAL = dkg.calcQUAL();
} }
/** /**
@ -129,34 +122,51 @@ public class DistributedKeyGenerationUserImpl implements DistributedKeyGeneratio
* 3. Pj sets is share of the secret as xj = sum of Sij mod q for i in QUAL * 3. Pj sets is share of the secret as xj = sum of Sij mod q for i in QUAL
*/ */
protected void stage4(){ protected void stage4(){
BigInteger[] ys = new BigInteger[n]; this.y = dkg.calcY(QUAL);
for (int i = 0; i < n; i++){ this.commitments = dkg.calcCommitments(QUAL);
ys[i] = commitmentsTable[i][0]; this.share = dkg.calcShare(QUAL);
}
protected void endOfStage1(){
for (int i = 0 ; i < n ; i++){
while (parties[i].share == null && !parties[i].aborted){
try {
Thread.sleep(300);
} catch (InterruptedException e) {
// do nothing
}
}
}
for (int i = 0 ; i < n ; i++){
for (int k = 0 ; k <= t ; k++) {
while (parties[i].commitments[k] == null && !parties[i].aborted) {
try {
Thread.sleep(300);
} catch (InterruptedException e) {
// do nothing
}
}
}
} }
this.y = dkg.calcY(ys,QUAL);
this.commitments = dkg.calcCommitments(commitmentsTable,QUAL);
this.share = dkg.calcShare(shares,QUAL);
} }
@Override @Override
public void run() { public void run() {
user.getReceiverThread().start(); user.getReceiverThread().start();
stage1(); stage1();
while (messageHandler.secretsCounter != n - 1 || messageHandler.commitmentsCounter != n * (t + 1)){ endOfStage1();
try {
Thread.sleep(300);
} catch (InterruptedException e) {
// do nothing
}
}
stage2(); stage2();
while (messageHandler.doneCounter != n){ for (int i = 0 ; i < n ; i++){
try { while (!parties[i].doneFlag && !parties[i].aborted){
Thread.sleep(300); try {
} catch (InterruptedException e) { Thread.sleep(300);
// do nothing } catch (InterruptedException e) {
// do nothing
}
} }
} }
stage3(); stage3();
stage4(); stage4();
user.getReceiverThread().interrupt(); user.getReceiverThread().interrupt();
@ -208,49 +218,37 @@ public class DistributedKeyGenerationUserImpl implements DistributedKeyGeneratio
} }
protected class MessageHandler implements Communication.MessageHandler{ protected class MessageHandler implements Communication.MessageHandler{
protected boolean isValidComplaintMessage(int sender, boolean isBroadcast, DKGMessages.IDMessage complaintMessage){
public int doneCounter;
public int commitmentsCounter;
public int secretsCounter;
public MessageHandler() {
this.doneCounter = 0;
this.secretsCounter = 0;
this.commitmentsCounter = 0;
}
protected boolean isValidComplaintMessage(int sender, boolean isBroadcast, DKGMessages.ComplaintMessage complaintMessage){
int i = sender; int i = sender;
int j = complaintMessage.getId(); int j = complaintMessage.getId();
return isBroadcast && complaintsTable[i - 1][j - 1].equals( ComplainState.Non); return isBroadcast && parties[i - 1].complaints[j - 1].equals( ComplainState.Non);
} }
@Override @Override
public void handelComplaintMessage(int sender, boolean isBroadcast, Message message) { public void handelComplaintMessage(int sender, boolean isBroadcast, Message message) {
DKGMessages.ComplaintMessage complaintMessage = (DKGMessages.ComplaintMessage)message; DKGMessages.IDMessage complaintMessage = (DKGMessages.IDMessage)message;
if(isValidComplaintMessage(sender,isBroadcast,complaintMessage)){ if(isValidComplaintMessage(sender,isBroadcast,complaintMessage)){
int i = sender; int i = sender;
int j = complaintMessage.getId(); int j = complaintMessage.getId();
complaintsTable[i - 1][j - 1] = ComplainState.Waiting; parties[i - 1].complaints[j - 1] = ComplainState.Waiting;
} }
} }
protected boolean isValidDoneMessage(int sender, boolean isBroadcast){ protected boolean isValidDoneMessage(int sender, boolean isBroadcast){
return isBroadcast && !doneFlags[sender - 1]; return isBroadcast && !parties[sender - 1].doneFlag;
} }
@Override @Override
public void handelDoneMessage(int sender, boolean isBroadcast,Message message) { public void handelDoneMessage(int sender, boolean isBroadcast,Message message) {
if(isValidDoneMessage(sender,isBroadcast)) { if(isValidDoneMessage(sender,isBroadcast)) {
doneFlags[sender - 1] = true; parties[sender - 1].doneFlag = true;
doneCounter++;
} }
} }
protected boolean isValidCommitmentMessage(int sender, boolean isBroadcast, DKGMessages.CommitmentMessage commitmentMessage){ protected boolean isValidCommitmentMessage(int sender, boolean isBroadcast, DKGMessages.CommitmentMessage commitmentMessage){
int i = sender - 1; int i = sender - 1;
int k = commitmentMessage.getK(); int k = commitmentMessage.getK();
return isBroadcast && commitmentsTable[i][k] == null; return isBroadcast && parties[i].commitments[k] == null;
} }
@Override @Override
@ -259,8 +257,7 @@ public class DistributedKeyGenerationUserImpl implements DistributedKeyGeneratio
if(isValidCommitmentMessage(sender,isBroadcast,commitmentMessage)){ if(isValidCommitmentMessage(sender,isBroadcast,commitmentMessage)){
int i = sender - 1; int i = sender - 1;
int k = commitmentMessage.getK(); int k = commitmentMessage.getK();
commitmentsTable[i][k] = extractCommitment(commitmentMessage); parties[i].commitments[k] = extractCommitment(commitmentMessage);
commitmentsCounter++;
} }
} }
@ -270,7 +267,7 @@ public class DistributedKeyGenerationUserImpl implements DistributedKeyGeneratio
if(sender != i || isBroadcast) if(sender != i || isBroadcast)
return false; return false;
else else
return shares[i - 1] == null && j == id; return parties[i - 1].share == null && j == id;
} }
@ -279,9 +276,8 @@ public class DistributedKeyGenerationUserImpl implements DistributedKeyGeneratio
DKGMessages.SecretMessage secretMessage = (DKGMessages.SecretMessage) message; DKGMessages.SecretMessage secretMessage = (DKGMessages.SecretMessage) message;
if(isValidSecretMessage(sender,isBroadcast,secretMessage)) { if(isValidSecretMessage(sender,isBroadcast,secretMessage)) {
int i = secretMessage.getI(); int i = secretMessage.getI();
Polynomial.Point secret = extractSecret(i,secretMessage.getSecret()); Polynomial.Point secret = extractSecret(id,secretMessage.getSecret());
shares[i - 1] = secret; parties[i - 1].share = secret;
secretsCounter++;
} }
} }
@ -291,7 +287,7 @@ public class DistributedKeyGenerationUserImpl implements DistributedKeyGeneratio
if(sender != i || !isBroadcast) if(sender != i || !isBroadcast)
return false; return false;
else else
return j >= 1 && j <= n && complaintsTable[i - 1][j - 1].equals(ComplainState.Waiting); return j >= 1 && j <= n && parties[i - 1].complaints[j - 1].equals(ComplainState.Waiting);
} }
@Override @Override
@ -300,14 +296,19 @@ public class DistributedKeyGenerationUserImpl implements DistributedKeyGeneratio
if(isValidAnswerMessage(sender,isBroadcast,secretMessage)) { if(isValidAnswerMessage(sender,isBroadcast,secretMessage)) {
int i = secretMessage.getI(); int i = secretMessage.getI();
int j = secretMessage.getJ(); int j = secretMessage.getJ();
Polynomial.Point secret = extractSecret(i,secretMessage.getSecret()); Polynomial.Point secret = extractSecret(j,secretMessage.getSecret());
if (dkg.isValidSecret(secret, commitmentsTable[i - 1], j)) if (dkg.isValidSecret(secret, parties[i - 1].commitments, j))
complaintsTable[i - 1][j - 1] = ComplainState.NonDisqualified; parties[i - 1].complaints[j - 1] = ComplainState.NonDisqualified;
else else
complaintsTable[i - 1][j - 1] = ComplainState.Disqualified; parties[i - 1].complaints[j - 1] = ComplainState.Disqualified;
} }
} }
@Override
public void handelAbortMessage(int sender, boolean isBroadcast, Message message) {
parties[sender - 1].aborted = true;
}
public Polynomial.Point extractSecret(int i, ByteString secret){ public Polynomial.Point extractSecret(int i, ByteString secret){
BigInteger x = BigInteger.valueOf(i); BigInteger x = BigInteger.valueOf(i);
BigInteger y = new BigInteger(secret.toByteArray()); BigInteger y = new BigInteger(secret.toByteArray());

54
destributed-key-generation/src/main/java/SecureDistributedKeyGenerationForDiscreteLogBasedCryptosystem/SecureDistributedKeyGeneration.java
View File

@ -12,13 +12,13 @@ import java.math.BigInteger;
import java.util.Random; import java.util.Random;
/** /**
* Created by Tzlil on 2/17/2016. * Created by Tzlil on 3/16/2016.
*/ */
public class SecureDistributedKeyGeneration extends DistributedKeyGeneration { public class SecureDistributedKeyGeneration extends DistributedKeyGeneration {
private VerifiableSecretSharing verifiableSecretSharing; private VerifiableSecretSharing verifiableSecretSharing;
private final BigInteger h; private final BigInteger h;
private Polynomial.Point[] sharesT; private SecureDistributedKeyGenerationParty[] parties;
public SecureDistributedKeyGeneration(int t, int n, BigInteger zi, Random random, BigInteger q, BigInteger g public SecureDistributedKeyGeneration(int t, int n, BigInteger zi, Random random, BigInteger q, BigInteger g
, BigInteger h, Group<BigInteger> group, int id) { , BigInteger h, Group<BigInteger> group, int id) {
@ -26,10 +26,34 @@ public class SecureDistributedKeyGeneration extends DistributedKeyGeneration {
this.h = h; this.h = h;
BigInteger r = new BigInteger(q.bitLength(),random).mod(q); BigInteger r = new BigInteger(q.bitLength(),random).mod(q);
this.verifiableSecretSharing = new VerifiableSecretSharing(t,n,r,random,q,h,group); this.verifiableSecretSharing = new VerifiableSecretSharing(t,n,r,random,q,h,group);
this.parties = new SecureDistributedKeyGenerationParty[n];
for (int i = 1; i <= n ; i++){
this.parties[i - 1] = new SecureDistributedKeyGenerationParty(i,n,t);
}
setParties(parties);
}
protected SecureDistributedKeyGenerationParty[] getParties(){
return parties;
} }
@Override @Override
public void sendSecret(User user,int j) { protected boolean isPartyCompletedStage1(int i){
if(parties[i - 1].aborted){
if(parties[i - 1].share == null){
return false;
}
for (int k = 0; k <= t ; k++){
if(parties[i - 1].verifiableValues[k] == null){
return false;
}
}
}
return true;
}
@Override
public void sendSecret(User user, int j) {
Polynomial.Point secret = getShare(j); Polynomial.Point secret = getShare(j);
Polynomial.Point secretT = verifiableSecretSharing.getShare(j); Polynomial.Point secretT = verifiableSecretSharing.getShare(j);
DKGMessages.DoubleSecretMessage doubleSecretMessage = doubleSecretMessage(id,j,secret,secretT); DKGMessages.DoubleSecretMessage doubleSecretMessage = doubleSecretMessage(id,j,secret,secretT);
@ -37,10 +61,9 @@ public class SecureDistributedKeyGeneration extends DistributedKeyGeneration {
} }
@Override @Override
public boolean isValidSecret(int i, BigInteger[] commitments, int j){ public boolean isValidSecret(int i){
Polynomial.Point secret = shares[i - 1]; SecureDistributedKeyGenerationParty party = parties[i - 1];
Polynomial.Point secretT = sharesT[i - 1]; return isValidSecret(party.share,party.shareT,party.verifiableValues, id);
return isValidSecret(secret,secretT,commitments, j);
} }
public boolean isValidSecret(Polynomial.Point secret,Polynomial.Point secretT, BigInteger[] verificationValues, int j){ public boolean isValidSecret(Polynomial.Point secret,Polynomial.Point secretT, BigInteger[] verificationValues, int j){
@ -49,7 +72,6 @@ public class SecureDistributedKeyGeneration extends DistributedKeyGeneration {
return exp.equals(v); return exp.equals(v);
} }
public void broadcastComplaint(User user,Polynomial.Point secret,Polynomial.Point secretT,int i){ public void broadcastComplaint(User user,Polynomial.Point secret,Polynomial.Point secretT,int i){
DKGMessages.DoubleSecretMessage complaint = doubleSecretMessage(i,id,secret,secretT); DKGMessages.DoubleSecretMessage complaint = doubleSecretMessage(i,id,secret,secretT);
user.broadcast(DKGMessages.Mail.Type.COMPLAINT,complaint); user.broadcast(DKGMessages.Mail.Type.COMPLAINT,complaint);
@ -64,14 +86,16 @@ public class SecureDistributedKeyGeneration extends DistributedKeyGeneration {
* stage4.3 according to the protocol * stage4.3 according to the protocol
* if check fails for index i, Pj * if check fails for index i, Pj
*/ */
public void broadcastComplaints(User user, BigInteger[][] commitmentsTable, boolean stage4){ public void broadcastComplaints(User user, boolean stage4){
if(!stage4){ if(!stage4){
broadcastComplains(user,commitmentsTable); super.broadcastComplains(user);
}else{ }else{
SecureDistributedKeyGenerationParty party;
for (int i = 1; i <= n ; i++ ){ for (int i = 1; i <= n ; i++ ){
if(i != id) { party = parties[i - 1];
if (!isValidSecret(shares[i - 1],commitmentsTable[i - 1],id)) { if(i != id && !party.aborted) {
broadcastComplaint(user,shares[i - 1],sharesT[i - 1],i); if (!super.isValidSecret(party.share,party.commitments,id)) {
broadcastComplaint(user,party.share,party.shareT,i);
} }
} }
} }
@ -104,8 +128,4 @@ public class SecureDistributedKeyGeneration extends DistributedKeyGeneration {
,verifiableSecretSharing.getShare(j)); ,verifiableSecretSharing.getShare(j));
user.broadcast(DKGMessages.Mail.Type.ANSWER,answer); user.broadcast(DKGMessages.Mail.Type.ANSWER,answer);
} }
public void setSharesT(Polynomial.Point[] sharesT) {
this.sharesT = sharesT;
}
} }

7
destributed-key-generation/src/main/java/SecureDistributedKeyGenerationForDiscreteLogBasedCryptosystem/SecureDistributedKeyGenerationMailHandler.java
View File

@ -31,16 +31,19 @@ public class SecureDistributedKeyGenerationMailHandler extends MailHandler {
break; break;
case COMPLAINT: case COMPLAINT:
if(isStage4) if(isStage4)
message = DKGMessages.ComplaintMessage.parseFrom(mail.getMessage()); message = DKGMessages.IDMessage.parseFrom(mail.getMessage());
else else
message = DKGMessages.DoubleSecretMessage.parseFrom(mail.getMessage()); message = DKGMessages.DoubleSecretMessage.parseFrom(mail.getMessage());
break; break;
case DONE: case DONE:
message = DKGMessages.DoneMessage.parseFrom(mail.getMessage()); message = DKGMessages.EmptyMessage.parseFrom(mail.getMessage());
break; break;
case ANSWER: case ANSWER:
message = DKGMessages.DoubleSecretMessage.parseFrom(mail.getMessage()); message = DKGMessages.DoubleSecretMessage.parseFrom(mail.getMessage());
break; break;
case ABORT:
message = DKGMessages.EmptyMessage.parseFrom(mail.getMessage());
break;
default: default:
return null; return null;
} }

25
destributed-key-generation/src/main/java/SecureDistributedKeyGenerationForDiscreteLogBasedCryptosystem/SecureDistributedKeyGenerationParty.java Normal file
View File

@ -0,0 +1,25 @@
package SecureDistributedKeyGenerationForDiscreteLogBasedCryptosystem;
import JointFeldmanProtocol.DistributedKeyGenerationParty;
import ShamirSecretSharing.Polynomial;
import java.math.BigInteger;
import java.util.HashSet;
import java.util.Set;
/**
* Created by Tzlil on 3/16/2016.
*/
public class SecureDistributedKeyGenerationParty extends DistributedKeyGenerationParty {
public Polynomial.Point shareT;
public BigInteger[] verifiableValues;
public Set<Polynomial.Point> restoreSharesSet;
public SecureDistributedKeyGenerationParty(int id, int n, int t) {
super(id, n, t);
this.shareT = null;
this.verifiableValues = new BigInteger[t + 1];
this.restoreSharesSet = new HashSet<Polynomial.Point>();
}
}

153
destributed-key-generation/src/main/java/SecureDistributedKeyGenerationForDiscreteLogBasedCryptosystem/SecureDistributedKeyGenerationUserImpl.java
View File

@ -1,6 +1,9 @@
package SecureDistributedKeyGenerationForDiscreteLogBasedCryptosystem; package SecureDistributedKeyGenerationForDiscreteLogBasedCryptosystem;
import Arithmetics.Arithmetic;
import Arithmetics.Fp;
import Communication.Network; import Communication.Network;
import JointFeldmanProtocol.DistributedKeyGeneration;
import JointFeldmanProtocol.DistributedKeyGenerationUserImpl; import JointFeldmanProtocol.DistributedKeyGenerationUserImpl;
import ShamirSecretSharing.Polynomial; import ShamirSecretSharing.Polynomial;
import ShamirSecretSharing.SecretSharing; import ShamirSecretSharing.SecretSharing;
@ -8,28 +11,23 @@ import com.google.protobuf.Message;
import meerkat.protobuf.DKGMessages; import meerkat.protobuf.DKGMessages;
import java.math.BigInteger; import java.math.BigInteger;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Set;
/** /**
* Created by Tzlil on 2/22/2016. * Created by Tzlil on 3/16/2016.
*/ */
public class SecureDistributedKeyGenerationUserImpl extends DistributedKeyGenerationUserImpl { public class SecureDistributedKeyGenerationUserImpl extends DistributedKeyGenerationUserImpl {
private final SecureDistributedKeyGeneration sdkg; private final SecureDistributedKeyGeneration sdkg;
private final Polynomial.Point[] sharesT; private SecureDistributedKeyGenerationParty[] parties;
private final BigInteger[][] verificationValuesTable; private Arithmetic<BigInteger> arithmetic;
private final Hashtable<Integer,Set<Polynomial.Point>> ysRestoreShares;
public SecureDistributedKeyGenerationUserImpl(SecureDistributedKeyGeneration sdkg, Network network) { public SecureDistributedKeyGenerationUserImpl(SecureDistributedKeyGeneration sdkg, Network network) {
super(sdkg, network,new SecureDistributedKeyGenerationMailHandler(null)); super(sdkg, network,new SecureDistributedKeyGenerationMailHandler(null));
this.sdkg = sdkg; this.sdkg = sdkg;
this.sharesT = new Polynomial.Point[n];
this.verificationValuesTable = new BigInteger[n][t + 1];
this.ysRestoreShares = new Hashtable<Integer, Set<Polynomial.Point>>();
this.messageHandler = new MessageHandler(); this.messageHandler = new MessageHandler();
this.user.setMessageHandler(this.messageHandler); this.user.setMessageHandler(this.messageHandler);
this.parties = sdkg.getParties();
this.arithmetic = new Fp(sdkg.getQ());
} }
/** /**
@ -43,6 +41,17 @@ public class SecureDistributedKeyGenerationUserImpl extends DistributedKeyGenera
sdkg.sendSecrets(user); sdkg.sendSecrets(user);
} }
@Override
protected void endOfStage1(){
super.endOfStage1();
BigInteger[] temp;
for (int i = 0 ; i < n; i++){
temp = parties[i].verifiableValues;
parties[i].verifiableValues = parties[i].commitments;
parties[i].commitments = temp;
}
}
/** /**
* stage2 according to the protocol * stage2 according to the protocol
* Pj verifies all the shares,sharesT he received * Pj verifies all the shares,sharesT he received
@ -51,11 +60,10 @@ public class SecureDistributedKeyGenerationUserImpl extends DistributedKeyGenera
*/ */
@Override @Override
protected void stage2(){ protected void stage2(){
sdkg.setShares(shares); sdkg.broadcastComplains(user);
sdkg.setSharesT(sharesT);
sdkg.broadcastComplains(user,verificationValuesTable);
//broadcast done message after all complaints //broadcast done message after all complaints
DKGMessages.DoneMessage doneMessage = DKGMessages.DoneMessage.newBuilder().build(); DKGMessages.EmptyMessage doneMessage = DKGMessages.EmptyMessage.newBuilder().build();
isVerificationValue = false;
user.broadcast(DKGMessages.Mail.Type.DONE,doneMessage); user.broadcast(DKGMessages.Mail.Type.DONE,doneMessage);
} }
@ -64,7 +72,7 @@ public class SecureDistributedKeyGenerationUserImpl extends DistributedKeyGenera
//wait for receive all commitments from all i in QUAL //wait for receive all commitments from all i in QUAL
for (int i:QUAL) { for (int i:QUAL) {
for(int k = 0; k <= t; k++) { for(int k = 0; k <= t; k++) {
while (commitmentsTable[i - 1][k] == null) { while (parties[i - 1].commitments[k] == null && !parties[i - 1].aborted) {
try { try {
Thread.sleep(300); Thread.sleep(300);
} catch (InterruptedException e) { } catch (InterruptedException e) {
@ -73,13 +81,13 @@ public class SecureDistributedKeyGenerationUserImpl extends DistributedKeyGenera
} }
} }
} }
sdkg.broadcastComplaints(user,commitmentsTable,true); sdkg.broadcastComplaints(user,true);
//broadcast done message after all complaints //broadcast done message after all complaints
DKGMessages.DoneMessage doneMessage = DKGMessages.DoneMessage.newBuilder().build(); DKGMessages.EmptyMessage doneMessage = DKGMessages.EmptyMessage.newBuilder().build();
user.broadcast(DKGMessages.Mail.Type.DONE,doneMessage); user.broadcast(DKGMessages.Mail.Type.DONE,doneMessage);
for (int i:QUAL) { for (int i:QUAL) {
while (doneFlags[i - 1]) { while (parties[i - 1].doneFlag && !parties[i - 1].aborted) {
try { try {
Thread.sleep(300); Thread.sleep(300);
} catch (InterruptedException e) { } catch (InterruptedException e) {
@ -87,11 +95,40 @@ public class SecureDistributedKeyGenerationUserImpl extends DistributedKeyGenera
} }
} }
} }
BigInteger secret;
for (Integer i: ysRestoreShares.keySet()) { int counter = 0;
for (int i:QUAL) {
if(parties[i - 1].aborted){
counter++;
sdkg.broadcastAnswer(user, parties[i - 1].share, parties[i - 1].shareT, i);
}
}
for (int i:QUAL) {
if(parties[i - 1].aborted){
while (parties[i - 1].restoreSharesSet.size() < n - counter) {
try {
Thread.sleep(300);
} catch (InterruptedException e) {
// do nothing
}
}
}
}
for (int i = 0; i < n ; i++) {
if(parties[i].restoreSharesSet.isEmpty()){
continue;
}
try { try {
secret = SecretSharing.restoreSecret((Polynomial.Point[])ysRestoreShares.get(i).toArray()); Polynomial.Point[] shares = new Polynomial.Point[parties[i].restoreSharesSet.size()];
//ToDo use restored secret... parties[i].restoreSharesSet.toArray(shares);
Polynomial polynomial = SecretSharing.restorePolynomial(shares,arithmetic);
BigInteger[] coefficients = polynomial.getCoefficients();
for (int k = 0 ; k <= t; k++){
parties[i].commitments[k] = group.multiply(g,coefficients[k]);
}
parties[i].share = new Polynomial.Point(BigInteger.valueOf(id),polynomial);
} catch (Exception e) { } catch (Exception e) {
// //
} }
@ -106,37 +143,9 @@ public class SecureDistributedKeyGenerationUserImpl extends DistributedKeyGenera
super.stage4(); super.stage4();
} }
boolean isStage4 = false; boolean isStage4 = false;
boolean isVerificationValue = true;
private class MessageHandler extends DistributedKeyGenerationUserImpl.MessageHandler{ private class MessageHandler extends DistributedKeyGenerationUserImpl.MessageHandler{
final int NumberOfCommitmentsInStage1 = n * (t + 1);
@Override
protected boolean isValidCommitmentMessage(int sender, boolean isBroadcast, DKGMessages.CommitmentMessage commitmentMessage) {
if(commitmentsCounter < NumberOfCommitmentsInStage1) {
int i = sender - 1;
int k = commitmentMessage.getK();
return isBroadcast && verificationValuesTable[i][k] == null;
}else {
return super.isValidCommitmentMessage(sender, isBroadcast, commitmentMessage);
}
}
@Override
public void handelCommitmentMessage(int sender, boolean isBroadcast, Message message) {
DKGMessages.CommitmentMessage commitmentMessage = ( DKGMessages.CommitmentMessage)message;
if(commitmentsCounter < NumberOfCommitmentsInStage1) {
if(isValidCommitmentMessage(sender,isBroadcast,commitmentMessage)) {
int i = sender - 1;
int k = commitmentMessage.getK();
verificationValuesTable[i][k] = extractCommitment(commitmentMessage);
commitmentsCounter++;
}
}
else{
super.handelCommitmentMessage(sender,isBroadcast,commitmentMessage);
}
}
protected boolean isValidSecretMessage(int sender, boolean isBroadcast, DKGMessages.DoubleSecretMessage doubleSecretMessage) { protected boolean isValidSecretMessage(int sender, boolean isBroadcast, DKGMessages.DoubleSecretMessage doubleSecretMessage) {
DKGMessages.SecretMessage secretMessage = DKGMessages.SecretMessage.newBuilder() DKGMessages.SecretMessage secretMessage = DKGMessages.SecretMessage.newBuilder()
.setI(doubleSecretMessage.getI()) .setI(doubleSecretMessage.getI())
@ -152,11 +161,8 @@ public class SecureDistributedKeyGenerationUserImpl extends DistributedKeyGenera
if (isValidSecretMessage(sender,isBroadcast,doubleSecretMessage)) { if (isValidSecretMessage(sender,isBroadcast,doubleSecretMessage)) {
int i = doubleSecretMessage.getI(); int i = doubleSecretMessage.getI();
Polynomial.Point secret = extractSecret(i, doubleSecretMessage.getSecret()); parties[i - 1].share = extractSecret(id, doubleSecretMessage.getSecret());
Polynomial.Point secretT = extractSecret(i, doubleSecretMessage.getSecretT()); parties[i - 1].shareT = extractSecret(id, doubleSecretMessage.getSecretT());
shares[i - 1] = secret;
sharesT[i - 1] = secretT;
secretsCounter++;
} }
} }
protected boolean isValidAnswerMessage(int sender, boolean isBroadcast, DKGMessages.DoubleSecretMessage doubleSecretMessage) { protected boolean isValidAnswerMessage(int sender, boolean isBroadcast, DKGMessages.DoubleSecretMessage doubleSecretMessage) {
@ -170,7 +176,7 @@ public class SecureDistributedKeyGenerationUserImpl extends DistributedKeyGenera
}else{ }else{
int i = doubleSecretMessage.getI(); int i = doubleSecretMessage.getI();
int j = doubleSecretMessage.getJ(); int j = doubleSecretMessage.getJ();
return isBroadcast && j == sender && QUAL.contains(i) && QUAL.contains(j)&& ysRestoreShares.containsKey(i); return isBroadcast && j == sender && QUAL.contains(i) && QUAL.contains(j);
} }
} }
@ -180,38 +186,36 @@ public class SecureDistributedKeyGenerationUserImpl extends DistributedKeyGenera
if(isValidAnswerMessage(sender,isBroadcast,doubleSecretMessage)) { if(isValidAnswerMessage(sender,isBroadcast,doubleSecretMessage)) {
int i = doubleSecretMessage.getI(); int i = doubleSecretMessage.getI();
int j = doubleSecretMessage.getJ(); int j = doubleSecretMessage.getJ();
Polynomial.Point secret = extractSecret(i, doubleSecretMessage.getSecret()); Polynomial.Point secret = extractSecret(j, doubleSecretMessage.getSecret());
Polynomial.Point secretT = extractSecret(i, doubleSecretMessage.getSecretT()); Polynomial.Point secretT = extractSecret(j, doubleSecretMessage.getSecretT());
if (!isStage4) { if (!isStage4) {
if (sdkg.isValidSecret(secret, secretT, verificationValuesTable[j - 1], i)) { if (sdkg.isValidSecret(secret, secretT, parties[j - 1].verifiableValues, i)) {
complaintsTable[i - 1][j - 1] = ComplainState.NonDisqualified; parties[i - 1].complaints[j - 1] = DistributedKeyGeneration.ComplainState.NonDisqualified;
} else { } else {
complaintsTable[i - 1][j - 1] = ComplainState.Disqualified; parties[i - 1].complaints[j - 1] = DistributedKeyGeneration.ComplainState.Disqualified;
} }
} else { } else {
if (ysRestoreShares.get(i).add(secret) && sender != id) { parties[i - 1].restoreSharesSet.add(secret);
sdkg.broadcastAnswer(user, secret, secretT, i);
}
} }
} }
} }
@Override @Override
protected boolean isValidDoneMessage(int sender, boolean isBroadcast) { protected boolean isValidDoneMessage(int sender, boolean isBroadcast) {
if(doneCounter < n) { if(!isStage4) {
return super.isValidDoneMessage(sender, isBroadcast); return super.isValidDoneMessage(sender, isBroadcast);
}else{ }else{
return isBroadcast && doneFlags[sender - 1]; return isBroadcast && parties[sender - 1].doneFlag;
} }
} }
@Override @Override
public void handelDoneMessage(int sender, boolean isBroadcast, Message message) { public void handelDoneMessage(int sender, boolean isBroadcast, Message message) {
if(doneCounter < n) if(!isStage4)
super.handelDoneMessage(sender, isBroadcast, message); super.handelDoneMessage(sender, isBroadcast, message);
else{ else{
if(isValidDoneMessage(sender,isBroadcast)) { if(isValidDoneMessage(sender,isBroadcast)) {
doneFlags[sender - 1] = false; parties[sender - 1].doneFlag = false;
} }
} }
} }
@ -220,9 +224,11 @@ public class SecureDistributedKeyGenerationUserImpl extends DistributedKeyGenera
DKGMessages.DoubleSecretMessage ysComplaintMessage){ DKGMessages.DoubleSecretMessage ysComplaintMessage){
int i = ysComplaintMessage.getI(); int i = ysComplaintMessage.getI();
int j = ysComplaintMessage.getJ(); int j = ysComplaintMessage.getJ();
return isBroadcast && j == sender && QUAL.contains(i) && QUAL.contains(j)&&!ysRestoreShares.containsKey(i); return isBroadcast && j == sender && QUAL.contains(i) && QUAL.contains(j);
} }
@Override @Override
public void handelComplaintMessage(int sender, boolean isBroadcast, Message message) { public void handelComplaintMessage(int sender, boolean isBroadcast, Message message) {
if(!isStage4) { if(!isStage4) {
@ -234,10 +240,9 @@ public class SecureDistributedKeyGenerationUserImpl extends DistributedKeyGenera
int j = ysComplaintMessage.getJ(); int j = ysComplaintMessage.getJ();
Polynomial.Point secret = extractSecret(i,ysComplaintMessage.getSecret()); Polynomial.Point secret = extractSecret(i,ysComplaintMessage.getSecret());
Polynomial.Point secretT = extractSecret(i,ysComplaintMessage.getSecretT()); Polynomial.Point secretT = extractSecret(i,ysComplaintMessage.getSecretT());
if (sdkg.isValidSecret(secret, secretT, verificationValuesTable[i - 1], j) if (sdkg.isValidSecret(secret, secretT, parties[i - 1].commitments, j)
&& !sdkg.isValidSecret(secret, commitmentsTable[i - 1], j)) { && !sdkg.isValidSecret(secret,parties[i - 1].commitments, j)) {
ysRestoreShares.put(i, new HashSet<Polynomial.Point>()); parties[i - 1].restoreSharesSet.add(secret);
ysRestoreShares.get(i).add(secret);
sdkg.broadcastAnswer(user, secret, secretT, i); sdkg.broadcastAnswer(user, secret, secretT, i);
} }
} }

73
destributed-key-generation/src/main/java/ShamirSecretSharing/Polynomial.java
View File

@ -1,18 +1,19 @@
package ShamirSecretSharing; package ShamirSecretSharing;
import com.google.protobuf.ByteString; import Arithmetics.Arithmetic;
import meerkat.protobuf.DKGMessages; import Arithmetics.Z;
import org.bouncycastle.util.Arrays;
import java.math.BigInteger; import java.math.BigInteger;
import java.util.Arrays;
/** /**
* Created by Tzlil on 1/27/2016. * Created by Tzlil on 1/27/2016.
*/ */
public class Polynomial implements Comparable<Polynomial> { public class Polynomial implements Comparable<Polynomial> {
public static final Polynomial ZERO = new Polynomial(new BigInteger[]{BigInteger.ZERO}); // neutral for add public static final Polynomial ONE = new Polynomial(new BigInteger[]{BigInteger.ONE});
public static final Polynomial ONE = new Polynomial(new BigInteger[]{BigInteger.ONE}); // neutral for mul
private final int degree; private final int degree;
private final BigInteger[] coefficients; private final BigInteger[] coefficients;
private final Arithmetic<BigInteger> arithmetic;
/** /**
* constructor * constructor
@ -20,12 +21,17 @@ public class Polynomial implements Comparable<Polynomial> {
* degree set as max index such that coefficients[degree] not equals zero * degree set as max index such that coefficients[degree] not equals zero
*/ */
public Polynomial(BigInteger[] coefficients) { public Polynomial(BigInteger[] coefficients) {
this(coefficients,new Z());
}
public Polynomial(BigInteger[] coefficients,Arithmetic<BigInteger> arithmetic) {
int d = coefficients.length - 1; int d = coefficients.length - 1;
while (d > 0 && coefficients[d].equals(BigInteger.ZERO)){ while (d > 0 && coefficients[d].equals(BigInteger.ZERO)){
d--; d--;
} }
this.degree = d; this.degree = d;
this.coefficients = coefficients; this.coefficients = coefficients;
this.arithmetic = arithmetic;
} }
@ -60,7 +66,7 @@ public class Polynomial implements Comparable<Polynomial> {
BigInteger result = BigInteger.ZERO; BigInteger result = BigInteger.ZERO;
BigInteger power = BigInteger.ONE; BigInteger power = BigInteger.ONE;
for(int i = 0 ; i <= degree ; i++){ for(int i = 0 ; i <= degree ; i++){
result = result.add(coefficients[i].multiply(power)); result = arithmetic.add(result,arithmetic.mul(coefficients[i],power));
power = power.multiply(x); power = power.multiply(x);
} }
return result; return result;
@ -70,19 +76,18 @@ public class Polynomial implements Comparable<Polynomial> {
* @param points * @param points
* @return polynomial of minimal degree which goes through all points * @return polynomial of minimal degree which goes through all points
*/ */
public static Polynomial interpolation(Point[] points) throws Exception { public static Polynomial interpolation(Point[] points, Arithmetic<BigInteger> arithmetic) throws Exception {
LagrangePolynomial[] l = LagrangePolynomial.lagrangePolynomials(points); LagrangePolynomial[] l = LagrangePolynomial.lagrangePolynomials(points);
// product = product of l[i].divisor // product = product of l[i].divisor
BigInteger product = BigInteger.ONE; BigInteger product = BigInteger.ONE;
for (int i = 0; i < l.length;i++){ for (int i = 0; i < l.length;i++){
product = product.multiply(l[i].divisor); product = arithmetic.mul(product,l[i].divisor);
} }
// factor[i] = product divided by l[i].divisor = product of l[j].divisor s.t j!=i // factor[i] = product divided by l[i].divisor = product of l[j].divisor s.t j!=i
BigInteger[] factors = new BigInteger[l.length]; BigInteger[] factors = new BigInteger[l.length];
for (int i = 0; i < l.length;i++){ for (int i = 0; i < l.length;i++){
factors[i] = product.divide(l[i].divisor); factors[i] = arithmetic.div(product,l[i].divisor);
} }
int degree = l[0].polynomial.degree; int degree = l[0].polynomial.degree;
@ -92,11 +97,13 @@ public class Polynomial implements Comparable<Polynomial> {
for (int j = 0; j < coefficients.length;j++){ for (int j = 0; j < coefficients.length;j++){
coefficients[j] = BigInteger.ZERO; coefficients[j] = BigInteger.ZERO;
for (int i = 0; i < l.length; i++){ for (int i = 0; i < l.length; i++){
coefficients[j] = coefficients[j].add(l[i].image.multiply(factors[i]).multiply(l[i].polynomial.coefficients[j])); BigInteger current = arithmetic.mul(l[i].image,factors[i]);
current = arithmetic.mul(current,l[i].polynomial.coefficients[j]);
coefficients[j] = arithmetic.add(coefficients[j],current);
} }
coefficients[j] = coefficients[j].divide(product); coefficients[j] = arithmetic.div(coefficients[j],product);
} }
return new Polynomial(coefficients); return new Polynomial(coefficients,arithmetic);
} }
/** /**
@ -116,14 +123,14 @@ public class Polynomial implements Comparable<Polynomial> {
BigInteger[] coefficients = bigger.getCoefficients(); BigInteger[] coefficients = bigger.getCoefficients();
for (int i = 0; i <= smaller.degree ; i++){ for (int i = 0; i <= smaller.degree ; i++){
coefficients[i] = smaller.coefficients[i].add(bigger.coefficients[i]); coefficients[i] = arithmetic.add(smaller.coefficients[i],bigger.coefficients[i]);
} }
return new Polynomial(coefficients); return new Polynomial(coefficients,other.arithmetic);
} }
/** /**
* @param constant * @param constant
* @return new ShamirSecretSharing.PolynomialTests of degree this.degree s.t for all x in Z * @return new Polynomial of degree this.degree s.t for all x in Z
* new.image(x) = constant * this.image(x) * new.image(x) = constant * this.image(x)
*/ */
public Polynomial mul(BigInteger constant){ public Polynomial mul(BigInteger constant){
@ -131,27 +138,27 @@ public class Polynomial implements Comparable<Polynomial> {
BigInteger[] coefficients = this.getCoefficients(); BigInteger[] coefficients = this.getCoefficients();
for (int i = 0; i <= this.degree ; i++){ for (int i = 0; i <= this.degree ; i++){
coefficients[i] = constant.multiply(coefficients[i]); coefficients[i] = arithmetic.mul(constant,coefficients[i]);
} }
return new Polynomial(coefficients); return new Polynomial(coefficients,arithmetic);
} }
/** /**
* @param other * @param other
* @return new ShamirSecretSharing.PolynomialTests of degree this degree + other degree + 1 s.t for all x in Z * @return new Polynomial of degree this degree + other degree + 1 s.t for all x in Z
* new.image(x) = this.image(x) * other.image(x) * new.image(x) = this.image(x) * other.image(x)
*/ */
public Polynomial mul(Polynomial other){ public Polynomial mul(Polynomial other){
BigInteger[] coefficients = new BigInteger[this.degree + other.degree + 1]; BigInteger[] coefficients = new BigInteger[this.degree + other.degree + 1];
java.util.Arrays.fill(coefficients,BigInteger.ZERO); Arrays.fill(coefficients,BigInteger.ZERO);
for (int i = 0; i <= this.degree ; i++){ for (int i = 0; i <= this.degree ; i++){
for (int j = 0; j <= other.degree; j++){ for (int j = 0; j <= other.degree; j++){
coefficients[i+j] = coefficients[i+j].add(this.coefficients[i].multiply(other.coefficients[j])); coefficients[i+j] = arithmetic.add(coefficients[i+j],arithmetic.mul(this.coefficients[i],other.coefficients[j]));
} }
} }
return new Polynomial(coefficients); return new Polynomial(coefficients,arithmetic);
} }
@ -159,7 +166,7 @@ public class Polynomial implements Comparable<Polynomial> {
* @return copy of coefficients * @return copy of coefficients
*/ */
public BigInteger[] getCoefficients() { public BigInteger[] getCoefficients() {
return Arrays.clone(coefficients); return Arrays.copyOf(coefficients,coefficients.length);
} }
/** getter /** getter
@ -187,18 +194,6 @@ public class Polynomial implements Comparable<Polynomial> {
this.y = polynomial.image(x); this.y = polynomial.image(x);
} }
/**
* constructor
* @param x
* @param p
* @param polynomial y = polynomial.image(x) % q
*
*/
public Point(BigInteger x, Polynomial polynomial,BigInteger p) {
this.x = x;
this.y = polynomial.image(x);
}
/** /**
* constructor * constructor
* @param x * @param x
@ -208,6 +203,14 @@ public class Polynomial implements Comparable<Polynomial> {
this.x = x; this.x = x;
this.y = y; this.y = y;
} }
@Override
public boolean equals(Object obj) {
if(!super.equals(obj))
return false;
Point other = (Point)obj;
return this.x.equals(other.x) && this.y.equals(other.y);
}
} }
} }

21
destributed-key-generation/src/main/java/ShamirSecretSharing/SecretSharing.java
View File

@ -1,9 +1,6 @@
package ShamirSecretSharing; package ShamirSecretSharing;
import Arithmetics.Arithmetic;
import Communication.Network;
import Communication.User;
import meerkat.protobuf.DKGMessages;
import java.math.BigInteger; import java.math.BigInteger;
import java.util.Random; import java.util.Random;
@ -58,7 +55,7 @@ public class SecretSharing{
*/ */
public Polynomial.Point getShare(int i){ public Polynomial.Point getShare(int i){
assert (i > 0 && i <= n); assert (i > 0 && i <= n);
return new Polynomial.Point(BigInteger.valueOf(i), polynomial, q); return new Polynomial.Point(BigInteger.valueOf(i), polynomial);
} }
/** /**
@ -66,9 +63,17 @@ public class SecretSharing{
* *
* @return image of interpolation(shares) at x = 0 * @return image of interpolation(shares) at x = 0
*/ */
public static BigInteger restoreSecret(Polynomial.Point[] shares) throws Exception { public static BigInteger restoreSecret(Polynomial.Point[] shares,Arithmetic<BigInteger> arithmetic) throws Exception {
Polynomial polynomial = Polynomial.interpolation(shares); return restorePolynomial(shares,arithmetic).image(BigInteger.ZERO);
return polynomial.image(BigInteger.ZERO); }
/**
* @param shares - subset of the original shares
*
* @return interpolation(shares)
*/
public static Polynomial restorePolynomial(Polynomial.Point[] shares,Arithmetic<BigInteger> arithmetic) throws Exception {
return Polynomial.interpolation(shares,arithmetic);
} }
/** /**

65
destributed-key-generation/src/test/java/JointFeldmanProtocol/DKGTest.java
View File

@ -1,5 +1,6 @@
package JointFeldmanProtocol; package JointFeldmanProtocol;
import Arithmetics.Z;
import Communication.Network; import Communication.Network;
import ShamirSecretSharing.Polynomial; import ShamirSecretSharing.Polynomial;
import ShamirSecretSharing.SecretSharing; import ShamirSecretSharing.SecretSharing;
@ -11,7 +12,7 @@ import org.junit.Before;
import org.junit.Test; import org.junit.Test;
import java.math.BigInteger; import java.math.BigInteger;
import java.util.Random; import java.util.*;
/** /**
* Created by Tzlil on 2/9/2016. * Created by Tzlil on 2/9/2016.
@ -25,6 +26,7 @@ public class DKGTest {
BigInteger p = BigInteger.valueOf(2903); BigInteger p = BigInteger.valueOf(2903);
BigInteger q = p.subtract(BigInteger.ONE).divide(BigInteger.valueOf(2)); BigInteger q = p.subtract(BigInteger.ONE).divide(BigInteger.valueOf(2));
BigInteger[] secrets; BigInteger[] secrets;
Set<Integer> QUAL = new HashSet<Integer>();
@Before @Before
public void settings(){ public void settings(){
Zpstar zpstar = new Zpstar(p); Zpstar zpstar = new Zpstar(p);
@ -37,18 +39,28 @@ public class DKGTest {
threadsArrays = new Thread[tests][n]; threadsArrays = new Thread[tests][n];
secrets = new BigInteger[tests]; secrets = new BigInteger[tests];
DistributedKeyGeneration dkg; DistributedKeyGeneration dkg;
int abortedStage = 2;
for (int test = 0; test < tests; test++) { for (int test = 0; test < tests; test++) {
do { do {
g = zpstar.sample(random); g = zpstar.sample(random);
} while (!g.equals(ZERO) && !zpstar.multiply(g, q).equals(ZERO));// sample from QRZp* } while (!g.equals(ZERO) && !zpstar.multiply(g, q).equals(ZERO));// sample from QRZp*
secrets[test] = BigInteger.ZERO; secrets[test] = BigInteger.ZERO;
Network network = new Network(n); Network network = new Network(n);
for (int i = 0; i < n; i++) { for (int i = 1; i <= n; i++) {
BigInteger secret = new BigInteger(q.bitLength(), random).mod(q); BigInteger secret = new BigInteger(q.bitLength(), random).mod(q);
secrets[test] = secrets[test].add(secret).mod(q); dkg = new DistributedKeyGeneration(t,n,secret,random,q,g,zpstar,i);
dkg = new DistributedKeyGeneration(t,n,secret,random,q,g,zpstar,i + 1);
dkgsArrays[test][i] = new DistributedKeyGenerationUserImpl(dkg,network); if(i == n) {
threadsArrays[test][i] = new Thread(dkgsArrays[test][i]); dkgsArrays[test][i - 1] = new DKGUserImplAbort(dkg, network, abortedStage);
}
else {
dkgsArrays[test][i - 1] = new DistributedKeyGenerationUserImpl(dkg, network);
QUAL.add(i);
}
if (abortedStage > 1 || (abortedStage == 1 && i != n)){
secrets[test] = secrets[test].add(secret).mod(q);
}
threadsArrays[test][i - 1] = new Thread(dkgsArrays[test][i - 1]);
} }
} }
} }
@ -67,39 +79,32 @@ public class DKGTest {
BigInteger g = dkgs[0].getGenerator(); BigInteger g = dkgs[0].getGenerator();
// got the right public value // got the right public value
BigInteger publicValue = dkgs[0].getPublicValue(); BigInteger publicValue = zpstar.multiply(g,secret);
assert(zpstar.multiply(g,secret).equals(publicValue)); for (int i: QUAL){
if(i != n)
// assert all players agreed on the same public value assert (dkgs[i - 1].getPublicValue().equals(publicValue));
for (int i = 0; i < dkgs.length - 1 ; i++){
assert (dkgs[i].getPublicValue().equals(dkgs[i+1].getPublicValue()));
} }
// assert valid verification values // assert valid verification values
BigInteger expected,verification; BigInteger expected,verification;
for (int j = 1; j <= dkgs.length ; j++){ for (int i: QUAL){
expected = zpstar.multiply(g, dkgs[j - 1].getShare().y); expected = zpstar.multiply(g, dkgs[i - 1].getShare().y);
verification = VerifiableSecretSharing.verify(j, dkgs[j - 1].getCommitments(),zpstar); verification = VerifiableSecretSharing.verify(i, dkgs[i - 1].getCommitments(),zpstar);
assert (expected.equals(verification)); assert (expected.equals(verification));
} }
// restore the secret from t + 1 random shares // restore the secret from shares
Polynomial.Point[] shares = new Polynomial.Point[t + 1]; ArrayList<Polynomial.Point> sharesList = new ArrayList<Polynomial.Point>();
for (int i = 0 ; i < shares.length; i++){ Polynomial.Point[] shares = new Polynomial.Point[QUAL.size()];
shares[i] = dkgs[i].getShare(); for(int i : QUAL){
sharesList.add(dkgs[i - 1].getShare());
} }
//List<Integer> indexes = new ArrayList<Integer>(n); for (int i = 0; i < shares.length; i ++){
//for (int i = 1 ; i <= n; i ++){ shares[i] = sharesList.get(i);
// indexes.add(i); }
//}
//Random random = new Random(); BigInteger calculatedSecret = SecretSharing.restoreSecret(shares,new Z()).mod(q);
//int index;
//for (int i = 0 ; i < shares.length ; i++){
// index = indexes.remove(random.nextInt(indexes.size()));
// shares[i] = dkgs[index - 1].getShare();
//}
BigInteger calculatedSecret = SecretSharing.restoreSecret(shares).mod(q);
assert (calculatedSecret.equals(secret)); assert (calculatedSecret.equals(secret));
} }

63
destributed-key-generation/src/test/java/JointFeldmanProtocol/DKGUserImplAbort.java Normal file
View File

@ -0,0 +1,63 @@
package JointFeldmanProtocol;
import Communication.Network;
import meerkat.protobuf.DKGMessages;
/**
* Created by Tzlil on 3/14/2016.
*/
public class DKGUserImplAbort extends DistributedKeyGenerationUserImpl {
final int abortStage;
int stage;
public DKGUserImplAbort(DistributedKeyGeneration dkg, Network network, int abortStage) {
super(dkg, network);
this.abortStage = abortStage;// 1 - 2
this.stage = 1;
}
private void sendAbort(){
user.broadcast(DKGMessages.Mail.Type.ABORT,DKGMessages.EmptyMessage.getDefaultInstance());
}
@Override
protected void stage1() {
if(stage < abortStage)
super.stage1();
else if(stage == abortStage){
sendAbort();
}
stage++;
}
@Override
protected void stage2() {
if(stage < abortStage)
super.stage2();
else if(stage == abortStage){
sendAbort();
}
stage++;
}
@Override
protected void stage3() {
if(stage < abortStage)
super.stage3();
else if(stage == abortStage){
sendAbort();
}
stage++;
}
@Override
protected void stage4() {
if(stage < abortStage)
super.stage4();
else if(stage == abortStage){
sendAbort();
}
stage++;
}
}

67
destributed-key-generation/src/test/java/SDKGTest.java
View File

@ -1,3 +1,4 @@
import Arithmetics.Z;
import Communication.Network; import Communication.Network;
import FeldmanVerifiableSecretSharing.VerifiableSecretSharing; import FeldmanVerifiableSecretSharing.VerifiableSecretSharing;
import SecureDistributedKeyGenerationForDiscreteLogBasedCryptosystem.SecureDistributedKeyGeneration; import SecureDistributedKeyGenerationForDiscreteLogBasedCryptosystem.SecureDistributedKeyGeneration;
@ -11,7 +12,10 @@ import org.junit.Before;
import org.junit.Test; import org.junit.Test;
import java.math.BigInteger; import java.math.BigInteger;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.Random; import java.util.Random;
import java.util.Set;
/** /**
* Created by Tzlil on 2/23/2016. * Created by Tzlil on 2/23/2016.
@ -24,6 +28,9 @@ public class SDKGTest {
BigInteger p = BigInteger.valueOf(2903); BigInteger p = BigInteger.valueOf(2903);
BigInteger q = p.subtract(BigInteger.ONE).divide(BigInteger.valueOf(2)); BigInteger q = p.subtract(BigInteger.ONE).divide(BigInteger.valueOf(2));
BigInteger[] secrets; BigInteger[] secrets;
Set<Integer> QUAL = new HashSet<Integer>();
@Before @Before
public void settings(){ public void settings(){
Zpstar zpstar = new Zpstar(p); Zpstar zpstar = new Zpstar(p);
@ -43,16 +50,26 @@ public class SDKGTest {
h = zpstar.multiply(g,BigInteger.valueOf(2)); h = zpstar.multiply(g,BigInteger.valueOf(2));
secrets[test] = BigInteger.ZERO; secrets[test] = BigInteger.ZERO;
Network network = new Network(n); Network network = new Network(n);
for (int i = 0; i < n; i++) { int abortedStage = 2;
for (int i = 1; i <= n; i++) {
BigInteger secret = new BigInteger(q.bitLength(), random).mod(q); BigInteger secret = new BigInteger(q.bitLength(), random).mod(q);
secrets[test] = secrets[test].add(secret).mod(q); sdkg = new SecureDistributedKeyGeneration(t,n,secret,random,q,g,h,zpstar,i);
sdkg = new SecureDistributedKeyGeneration(t,n,secret,random,q,g,h,zpstar,i + 1); if(i == n) {
sdkgsArrays[test][i] = new SecureDistributedKeyGenerationUserImpl(sdkg,network); sdkgsArrays[test][i - 1] = new SDKGUserImplAbort(sdkg, network, abortedStage);
threadsArrays[test][i] = new Thread(sdkgsArrays[test][i]); }
else {
sdkgsArrays[test][i - 1] = new SecureDistributedKeyGenerationUserImpl(sdkg, network);
QUAL.add(i);
}
if (abortedStage > 1 || (abortedStage == 1 && i != n)){
secrets[test] = secrets[test].add(secret).mod(q);
}
threadsArrays[test][i - 1] = new Thread(sdkgsArrays[test][i - 1]);
} }
} }
} }
public void oneTest(Thread[] threads, DistributedKeyGenerationUser[] dkgs,BigInteger secret) throws Exception { public void oneTest(Thread[] threads, DistributedKeyGenerationUser[] dkgs,BigInteger secret) throws Exception {
for (int i = 0; i < threads.length ; i++){ for (int i = 0; i < threads.length ; i++){
threads[i].start(); threads[i].start();
@ -67,39 +84,31 @@ public class SDKGTest {
BigInteger g = dkgs[0].getGenerator(); BigInteger g = dkgs[0].getGenerator();
// got the right public value // got the right public value
BigInteger publicValue = dkgs[0].getPublicValue(); BigInteger publicValue = zpstar.multiply(g,secret);
assert(zpstar.multiply(g,secret).equals(publicValue)); for (int i: QUAL){
assert (dkgs[i - 1].getPublicValue().equals(publicValue));
// assert all players agreed on the same public value
for (int i = 0; i < dkgs.length - 1 ; i++){
assert (dkgs[i].getPublicValue().equals(dkgs[i+1].getPublicValue()));
} }
// assert valid verification values // assert valid verification values
BigInteger expected,verification; BigInteger expected,verification;
for (int j = 1; j <= dkgs.length ; j++){ for (int i: QUAL){
expected = zpstar.multiply(g, dkgs[j - 1].getShare().y); expected = zpstar.multiply(g, dkgs[i - 1].getShare().y);
verification = VerifiableSecretSharing.verify(j, dkgs[j - 1].getCommitments(),zpstar); verification = VerifiableSecretSharing.verify(i, dkgs[i - 1].getCommitments(),zpstar);
assert (expected.equals(verification)); assert (expected.equals(verification));
} }
// restore the secret from t + 1 random shares // restore the secret from shares
Polynomial.Point[] shares = new Polynomial.Point[t + 1]; ArrayList<Polynomial.Point> sharesList = new ArrayList<Polynomial.Point>();
for (int i = 0 ; i < shares.length; i++){ Polynomial.Point[] shares = new Polynomial.Point[QUAL.size()];
shares[i] = dkgs[i].getShare(); for(int i : QUAL){
sharesList.add(dkgs[i - 1].getShare());
} }
//List<Integer> indexes = new ArrayList<Integer>(n); for (int i = 0; i < shares.length; i ++){
//for (int i = 1 ; i <= n; i ++){ shares[i] = sharesList.get(i);
// indexes.add(i); }
//}
//Random random = new Random(); BigInteger calculatedSecret = SecretSharing.restoreSecret(shares,new Z()).mod(q);
//int index;
//for (int i = 0 ; i < shares.length ; i++){
// index = indexes.remove(random.nextInt(indexes.size()));
// shares[i] = dkgs[index - 1].getShare();
//}
BigInteger calculatedSecret = SecretSharing.restoreSecret(shares).mod(q);
assert (calculatedSecret.equals(secret)); assert (calculatedSecret.equals(secret));
} }

62
destributed-key-generation/src/test/java/SDKGUserImplAbort.java Normal file
View File

@ -0,0 +1,62 @@
import Communication.Network;
import SecureDistributedKeyGenerationForDiscreteLogBasedCryptosystem.SecureDistributedKeyGeneration;
import SecureDistributedKeyGenerationForDiscreteLogBasedCryptosystem.SecureDistributedKeyGenerationUserImpl;
import meerkat.protobuf.DKGMessages;
/**
* Created by Tzlil on 3/14/2016.
*/
public class SDKGUserImplAbort extends SecureDistributedKeyGenerationUserImpl {
final int abortStage;
int stage;
public SDKGUserImplAbort(SecureDistributedKeyGeneration sdkg, Network network, int abortStage) {
super(sdkg, network);
this.abortStage = abortStage;// 1 - 4
this.stage = 1;
}
private void sendAbort(){
user.broadcast(DKGMessages.Mail.Type.ABORT,DKGMessages.EmptyMessage.getDefaultInstance());
}
@Override
protected void stage1() {
if(stage < abortStage)
super.stage1();
else if(stage == abortStage){
sendAbort();
}
stage++;
}
@Override
protected void stage2() {
if(stage < abortStage)
super.stage2();
else if(stage == abortStage){
sendAbort();
}
stage++;
}
@Override
protected void stage3() {
if(stage < abortStage)
super.stage3();
else if(stage == abortStage){
sendAbort();
}
stage++;
}
@Override
protected void stage4() {
if(stage < abortStage)
super.stage4();
else if(stage == abortStage){
sendAbort();
}
stage++;
}
}

19
destributed-key-generation/src/test/java/ShamirSecretSharing/PolynomialTests/InterpolationTest.java
View File

@ -1,5 +1,8 @@
package ShamirSecretSharing.PolynomialTests; package ShamirSecretSharing.PolynomialTests;
import Arithmetics.Arithmetic;
import Arithmetics.Fp;
import Arithmetics.Z;
import ShamirSecretSharing.Polynomial; import ShamirSecretSharing.Polynomial;
import org.junit.Before; import org.junit.Before;
import org.junit.Test; import org.junit.Test;
@ -19,35 +22,39 @@ public class InterpolationTest {
int bits = 128; int bits = 128;
Random random; Random random;
Polynomial.Point[][] pointsArrays; Polynomial.Point[][] pointsArrays;
Arithmetic<BigInteger> arithmetic;
BigInteger p = BigInteger.valueOf(2903);
@Before @Before
public void settings(){ public void settings(){
random = new Random(); random = new Random();
polynomials = new Polynomial[tests]; polynomials = new Polynomial[tests];
pointsArrays = new Polynomial.Point[tests][]; pointsArrays = new Polynomial.Point[tests][];
for (int i = 0; i < polynomials.length; i++){ for (int i = 0; i < polynomials.length; i++){
polynomials[i] = Utils.generateRandomPolynomial(random.nextInt(maxDegree),bits,random); polynomials[i] = Utils.generateRandomPolynomial(random.nextInt(maxDegree),bits,random,p);
pointsArrays[i] = randomPoints(polynomials[i]); pointsArrays[i] = randomPoints(polynomials[i]);
} }
arithmetic = new Fp(p);
} }
public Polynomial.Point[] randomPoints(Polynomial p){ public Polynomial.Point[] randomPoints(Polynomial polynomial){
Polynomial.Point[] points = new Polynomial.Point[p.getDegree() + 1]; Polynomial.Point[] points = new Polynomial.Point[polynomial.getDegree() + 1];
BigInteger x; BigInteger x;
Set<BigInteger> set = new HashSet(); Set<BigInteger> set = new HashSet();
for (int i = 0; i < points.length; i++){ for (int i = 0; i < points.length; i++){
x = new BigInteger(bits,random); x = new BigInteger(bits,random).mod(p);
if(set.contains(x)){ if(set.contains(x)){
i--; i--;
continue; continue;
} }
set.add(x); set.add(x);
points[i] = new Polynomial.Point(x,p); points[i] = new Polynomial.Point(x,polynomial);
} }
return points; return points;
} }
public void oneTest(Polynomial p, Polynomial.Point[] points) throws Exception { public void oneTest(Polynomial p, Polynomial.Point[] points) throws Exception {
Polynomial interpolation = Polynomial.interpolation(points); Polynomial interpolation = Polynomial.interpolation(points,arithmetic);
assert (p.compareTo(interpolation) == 0); assert (p.compareTo(interpolation) == 0);
} }

9
destributed-key-generation/src/test/java/ShamirSecretSharing/PolynomialTests/Utils.java
View File

@ -1,5 +1,6 @@
package ShamirSecretSharing.PolynomialTests; package ShamirSecretSharing.PolynomialTests;
import Arithmetics.Fp;
import ShamirSecretSharing.Polynomial; import ShamirSecretSharing.Polynomial;
import java.math.BigInteger; import java.math.BigInteger;
@ -18,4 +19,12 @@ public class Utils {
} }
return new Polynomial(coefficients); return new Polynomial(coefficients);
} }
public static Polynomial generateRandomPolynomial(int degree,int bits,Random random,BigInteger p) {
BigInteger[] coefficients = generateRandomPolynomial(degree,bits,random).getCoefficients();
for (int i = 0; i<coefficients.length;i++){
coefficients[i] = coefficients[i].mod(p);
}
return new Polynomial(coefficients,new Fp(p));
}
} }

3
destributed-key-generation/src/test/java/ShamirSecretSharing/SecretSharingTest.java
View File

@ -1,5 +1,6 @@
package ShamirSecretSharing; package ShamirSecretSharing;
import Arithmetics.Z;
import org.factcenter.qilin.primitives.CyclicGroup; import org.factcenter.qilin.primitives.CyclicGroup;
import org.factcenter.qilin.primitives.concrete.Zn; import org.factcenter.qilin.primitives.concrete.Zn;
import org.junit.Before; import org.junit.Before;
@ -49,7 +50,7 @@ public class SecretSharingTest {
for (int i = 0 ; i < shares.length ; i++){ for (int i = 0 ; i < shares.length ; i++){
shares[i] = secretSharing.getShare(indexes.remove(random.nextInt(indexes.size()))); shares[i] = secretSharing.getShare(indexes.remove(random.nextInt(indexes.size())));
} }
assert(secret.equals(SecretSharing.restoreSecret(shares))); assert(secret.equals(SecretSharing.restoreSecret(shares,new Z())));
} }
@Test @Test

5
meerkat-common/src/main/proto/meerkat/DKGMessages.proto
View File

@ -14,6 +14,7 @@ message Mail{
YCOMMITMENT = 5; YCOMMITMENT = 5;
YCOMPLAINT = 6; YCOMPLAINT = 6;
YANSWER = 7; YANSWER = 7;
ABORT = 8;
} }
int32 sender = 1; int32 sender = 1;
int32 destination = 2; int32 destination = 2;
@ -40,8 +41,8 @@ message CommitmentMessage{
bytes commitment = 2; bytes commitment = 2;
} }
message DoneMessage{} message EmptyMessage{}
message ComplaintMessage{ message IDMessage{
int32 id = 1; int32 id = 1;
} }