tiehuis / libhcs Goto Github PK

I tried to use the threshold decryption of djcs_t, but I found that the decryption result is incorrect, specifically always be 0. The code is as follows:

mpz_set_ui(plaintext, 100);
djcs_t_encrypt(pk, hr, ciphertext, plaintext);
for (int j = 0; j < required_au_servers; j++) {
     djcs_t_share_decrypt(vk, au[j], partial_shares[j], ciphertext);
}
djcs_t_share_combine(vk, rop, partial_shares);

In fact, the djcs_t_share_decrypt function works well, and each share is a reasonable big integer. However, the djcs_t_share_combine seems to be problematic (i.e., the returned rop is always 0). I print some intermediate results in the djcs_t_share_combine function, the line that rop becomes 0 is from dlog_s(vk, rop, rop). Inside of this function, the line mpz_mod(t1, a, vk->n[j-1]) always returns t1 as 0.

The OS is ubuntu 18.04 with openssl 1.1.1. I am not sure whether I used the code correctly. Any help would be highly appreciated. Thanks in advance.

Hey,
Would you help me out to see why this test fails? test_egcs.cpp. I believe it is related to multiplication part.
I have put the sample code I patched from your code to test, but it does not give the correct result.

`
#include "./elgamal-test.h"
#include
#include
#include

#include <libhcs++/egcs.hpp>
#include

using namespace std;

static hcs::random *hr;
static hcs::egcs::public_key *pk;
static hcs::egcs::private_key *vk;

int main(){

hr = new hcs::random();
pk = new hcs::egcs::public_key(*hr);
vk = new hcs::egcs::private_key(*hr);
hcs::egcs::generate_key_pair(*pk, *vk, 1024);

hcs::egcs::cipher u, v, z;
mpz_class a, b, c;
a = (10);
b = (20);
c = (200); // Should be the multiply of a and b

u = pk->encrypt(a);
v = pk->encrypt(b);
z = pk->ee_mul(u,v);

cout << "a is: " << a << '\n';
cout << "decrypted a is: " << vk->decrypt(u) << "\n\n";
cout << "b is: " << b << '\n';
cout << "decrypted b is: " << vk->decrypt(v) << "\n\n";
cout << "c is: " << c << '\n';
cout << "decrypted c is: " << vk->decrypt(z) << "\n\n";


delete hr;
delete pk;
delete vk;

return 0;

}

`

Hi,

I am facing problems when exporting and importing keys in the cryptosystem. I mean, my cryptographic algorithm works fine when I generate every time new keys, but when I try to reuse the exported keys, it produces a wrong decryption. What I am doing wrong? Here is a snippet of code I implemented to make some tests.

Thank you

	pcs_public_key * pk2 = pcs_init_public_key();
	pcs_private_key * vk2 = pcs_init_private_key();
	hcs_random * hr2 = hcs_init_random();

	pcs_generate_key_pair(pk2, vk2, hr2, 2048);

	char * pkstr=pcs_export_public_key(pk2);
	char * vkstr=pcs_export_private_key(vk2);

	printf("ecco: %s\n",pkstr);

	// initialize data structures
	pcs_public_key * pk = pcs_init_public_key();
	pcs_private_key * vk = pcs_init_private_key();
	hcs_random * hr = hcs_init_random();
	
	pcs_import_public_key(pk, pkstr);
	pcs_import_private_key(vk, vkstr);

	printf("ecco: %s\n",pcs_export_public_key(pk));

	cout<<"test decr -----> "<<DecryptString(EncryptString("test"))<<endl<<endl;

	cout<<"Valid? "<<pcs_verify_key_pair(pk,vk)<<endl;

int main(void) {
  djcs_t_public_key *pk = djcs_t_init_public_key();
  djcs_t_private_key *vk = djcs_t_init_private_key();
  hcs_random *hr = hcs_init_random();

  // key length = 2048, sharing length 128, threshold 3, decrypt participant 3
  djcs_t_generate_key_pair(pk, vk, hr, 2048, 128, 3, 3); 
}

The code never finishes its compilation.

I thought that I understand how it works (the algorithm), that is why I wrote these function for keygen.
Please help me to point out the mistake.

Thanks in advance.

Hi,
we'd like to use this library to implement a secure multi party computation protocol for a paper. Looking at the source code, I stumbled over the djcs_t_share_decrypt method which needs the private key.

This is in contrast to the equivalent method for the standard Paillier implementation here:

I've looked at the local_ecample.c and there paillier is used with the share_decrypt method and the public key as a parameter. Intuitively this seems to be the correct way to me, since share_decrypt is intended to be used to 'partially' decrypt a ciphertext with the secret key share which the auth server holds, right?

Is my understanding of the intended functionality wrong and there is a reason why djcs_t_share_decrypt needs a private key, while for the Paillier equivalent the public key suffices?

Thanks for the library :)

If the sum of two number is a negative number, the decrypted result is incorrect.

for example:
If a= -99, b = 9
then decrypt( encrypt(a) + encrypt(b)) !=-90