paillier

package
v1.0.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 23, 2023 License: Apache-2.0 Imports: 14 Imported by: 1

README

Paillier homomorphic cryptosystem

A partial homomorphic encryption scheme whose security relies on the hardness of the integer factorization. This Golang library implements the scheme.

Guildline

This Library offers main 5 public functions: NewPaillier, Encrypt, Decrypt, Add, MulConst.

Example
var keySize = 2048 

// Generate a private key and the corresponding public key.
p, _ = NewPaillier(keySize)

m1 := big.NewInt(100)
m2 := big.NewInt(200)
c1, _ := p.Encrypt(m1.Bytes())
c2, _ := p.Encrypt(m2.Bytes())
sum, _ := p.PublicKey.Add(c1, c2)
// The output is 300 = 100 + 200.
decryptSum, _ := p.Decrypt(sum)

m := big.NewInt(100)
scalar := big.NewInt(50)
c, _ := p.Encrypt(m.Bytes())
mulConst, _ := p.PublicKey.MulConst(c, scalar)
// The output is 5000 = 100 * 50.
decryptResult, _ := p.Decrypt(mulConst)

fmt.Println("The decryption of adding m1 and m2 to be", decryptSum)
fmt.Println("The decryption of m by multiplying the scalar is", decryptResult)

Remark:

  1. Generally speaking, the larger keySize is safer[Security Level].

Experiment

Our benchmarks were in local computation and ran on an Intel qualcore-i5 CPU 2.3 GHz and 16GB of RAM.

Security Level

The Table below is referenced by Improved Efficiency of a Linearly Homomorphic Cryptosystem.

+-----------------+---------------+
| Security Level  |  RSA modulus  |
+-----------------+---------------+
|          112    |          2048 |
|          128    |          3072 |
|          192    |          7680 |
|          256    |         15360 |
+-----------------+---------------+
Benchmark
+---------------+--------------------+-------------------+--------------------+--------------------+
|  Operation    |  Message space (256 bit)                                                         |
+---------------+--------------------+-------------------+--------------------+--------------------+
| Discriminant  |  2048 bit          | 3072 bit          | 7680 bit           | 15360 bit          |
| Encryption    |  16.42 ms/op       | 551.80 ms/op      | 21.56 s/op         |  _                 |
| Decryption    |  15.93 ms/op       | 678.46 ms/op      | 27.22 s/op         |  _                 |
| Add           |  0.013 ms/op       | 394    ms/op      | 3.081 s/op         |  -                 |
| EvalMul       |  0.345 ms/op       | 1095.05 ms/op     | 11.733 s/op        |  -                 |
+---------------+--------------------+-------------------+--------------------+--------------------+

Reference

  1. Public-Key Cryptosystems Based on Composite Degree Residuosity Classes

  2. Paillier cryptosystem

Other Library

  1. A library for Partially Homomorphic Encryption in Python
  2. A Go implementation of the partially homomorphic Paillier Cryptosystem.
  3. A pure-Rust implementation of the Paillier encryption scheme
  4. Javascript proof-of-concept implementation of the Paillier cryptosystem
    ..... and so on.

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	//ErrExceedMaxRetry is returned if we retried over times
	ErrExceedMaxRetry = errors.New("exceed max retries")
	//ErrInvalidInput is returned if the input is invalid
	ErrInvalidInput = errors.New("invalid input")
	//ErrInvalidMessage is returned if the message is invalid
	ErrInvalidMessage = errors.New("invalid message")
	//ErrSmallPublicKeySize is returned if the size of public key is small
	ErrSmallPublicKeySize = errors.New("small public key")
	//ErrSmallFactorPubKey is returned if there exist small factor of a public key
	ErrSmallFactorPubKey = errors.New("there exist small factor of a public key")
)
View Source 
var File_github_com_getamis_alice_crypto_homo_paillier_message_proto protoreflect.FileDescriptor

Functions

func NewPedersenOpenParameter added in v1.0.2 

func NewPedersenOpenParameter(n, s, t *big.Int) (*zkPaillier.PederssenOpenParameter, error)

func ToPaillierPubKeyWithSpecialG added in v1.0.2 

func ToPaillierPubKeyWithSpecialG(ped *zkPaillier.PederssenOpenParameter) *publicKey

func ToPaillierPubKeyWithSpecialGFromMsg added in v1.0.2 

func ToPaillierPubKeyWithSpecialGFromMsg(ssidInfo []byte, msg *zkPaillier.RingPederssenParameterMessage) (*publicKey, error)

Types

type Paillier 

type Paillier struct {
	// contains filtered or unexported fields
}

func NewPaillier 

func NewPaillier(keySize int) (*Paillier, error)

func NewPaillierSafePrime added in v1.0.2 

func NewPaillierSafePrime(keySize int) (*Paillier, error)

func NewPaillierUnSafe added in v1.0.2 

func NewPaillierUnSafe(keySize int, isSafe bool) (*Paillier, error)

Warning: No check the size of public key.

func NewPaillierWithGivenPrimes added in v1.0.2 

func NewPaillierWithGivenPrimes(p, q *big.Int) (*Paillier, error)

func (Paillier) Add added in v1.0.2 

func (pub Paillier) Add(c1Bytes []byte, c2Bytes []byte) ([]byte, error)

1. Check that c1, c2 is correct. 2. Choose (r, N)=1 with r in [1, N-1] randomly. 3. Compute c1*c2*r^N mod N^2.

func (*Paillier) Decrypt 

func (p *Paillier) Decrypt(cBytes []byte) ([]byte, error)

Decrypt computes the plaintext from the ciphertext

func (Paillier) Encrypt added in v1.0.2 

func (pub Paillier) Encrypt(mBytes []byte) ([]byte, error)

func (Paillier) EncryptWithOutputSalt added in v1.0.2 

func (pub Paillier) EncryptWithOutputSalt(m *big.Int) (*big.Int, *big.Int, error)

func (Paillier) GetG added in v1.0.2 

func (pub Paillier) GetG() *big.Int

func (Paillier) GetMessageRange added in v1.0.2 

func (pub Paillier) GetMessageRange(fieldOrder *big.Int) *big.Int

func (*Paillier) GetMtaProof 

func (p *Paillier) GetMtaProof(curve elliptic.Curve, beta *big.Int, b *big.Int) ([]byte, error)

func (Paillier) GetN added in v1.0.2 

func (pub Paillier) GetN() *big.Int

func (Paillier) GetNSquare added in v1.0.2 

func (pub Paillier) GetNSquare() *big.Int

func (*Paillier) GetNthRoot added in v1.0.2 

func (p *Paillier) GetNthRoot() (*big.Int, error)

func (*Paillier) GetPQ added in v1.0.3 

func (p *Paillier) GetPQ() (*big.Int, *big.Int)

func (*Paillier) GetPubKey 

func (p *Paillier) GetPubKey() homo.Pubkey

func (Paillier) MulConst added in v1.0.2 

func (pub Paillier) MulConst(cBytes []byte, scalar *big.Int) ([]byte, error)

1. Check that c is correct. 2. Compute scalar mod N. 3. Choose (r, N)=1 with r in [1, N-1] randomly. 4. Compute c^scalar*r^N mod N^2.

func (*Paillier) NewPedersenParameterByPaillier added in v1.0.2 

func (paillier *Paillier) NewPedersenParameterByPaillier() (*PederssenParameter, error)

By paillier

func (*Paillier) NewPubKeyFromBytes 

func (p *Paillier) NewPubKeyFromBytes(bs []byte) (homo.Pubkey, error)

func (Paillier) ToPubKeyBytes added in v1.0.2 

func (pub Paillier) ToPubKeyBytes() []byte

func (Paillier) VerifyEnc added in v1.0.2 

func (pub Paillier) VerifyEnc([]byte) error

In paillier, we cannot verify enc message. Therefore, we always return nil.

func (*Paillier) VerifyMtaProof 

func (p *Paillier) VerifyMtaProof(bs []byte, curve elliptic.Curve, alpha *big.Int, a *big.Int) (*pt.ECPoint, error)

type PederssenParameter added in v1.0.2 

type PederssenParameter struct {
	PedersenOpenParameter *zkPaillier.PederssenOpenParameter
	// contains filtered or unexported fields
}

func (*PederssenParameter) GetEulerValue added in v1.0.2 

func (ped *PederssenParameter) GetEulerValue() *big.Int

func (*PederssenParameter) GetP added in v1.0.2 

func (ped *PederssenParameter) GetP() *big.Int

func (*PederssenParameter) GetQ added in v1.0.2 

func (ped *PederssenParameter) GetQ() *big.Int

func (*PederssenParameter) Getlambda added in v1.0.2 

func (ped *PederssenParameter) Getlambda() *big.Int

type PubKeyMessage 

type PubKeyMessage struct {
	Proof *zkproof.IntegerFactorizationProofMessage `protobuf:"bytes,1,opt,name=proof,proto3" json:"proof,omitempty"`
	G     []byte                                    `protobuf:"bytes,2,opt,name=g,proto3" json:"g,omitempty"`
	// contains filtered or unexported fields
}

func (*PubKeyMessage) Descriptor deprecated 

func (*PubKeyMessage) Descriptor() ([]byte, []int)

Deprecated: Use PubKeyMessage.ProtoReflect.Descriptor instead.

func (*PubKeyMessage) GetG 

func (x *PubKeyMessage) GetG() []byte

func (*PubKeyMessage) GetProof 

func (x *PubKeyMessage) GetProof() *zkproof.IntegerFactorizationProofMessage

func (*PubKeyMessage) ProtoMessage 

func (*PubKeyMessage) ProtoMessage()

func (*PubKeyMessage) ProtoReflect added in v1.0.2 

func (x *PubKeyMessage) ProtoReflect() protoreflect.Message

func (*PubKeyMessage) Reset 

func (x *PubKeyMessage) Reset()

func (*PubKeyMessage) String 

func (x *PubKeyMessage) String() string

func (*PubKeyMessage) ToPubkey 

func (msg *PubKeyMessage) ToPubkey() (*publicKey, error)

type ZkBetaAndBMessage added in v1.0.2 

type ZkBetaAndBMessage struct {
	ProofB    *zkproof.SchnorrProofMessage `protobuf:"bytes,1,opt,name=proofB,proto3" json:"proofB,omitempty"`
	ProofBeta *zkproof.SchnorrProofMessage `protobuf:"bytes,2,opt,name=proofBeta,proto3" json:"proofBeta,omitempty"`
	// contains filtered or unexported fields
}

func (*ZkBetaAndBMessage) Descriptor deprecated added in v1.0.2 

func (*ZkBetaAndBMessage) Descriptor() ([]byte, []int)

Deprecated: Use ZkBetaAndBMessage.ProtoReflect.Descriptor instead.

func (*ZkBetaAndBMessage) GetProofB added in v1.0.2 

func (x *ZkBetaAndBMessage) GetProofB() *zkproof.SchnorrProofMessage

func (*ZkBetaAndBMessage) GetProofBeta added in v1.0.2 

func (x *ZkBetaAndBMessage) GetProofBeta() *zkproof.SchnorrProofMessage

func (*ZkBetaAndBMessage) ProtoMessage added in v1.0.2 

func (*ZkBetaAndBMessage) ProtoMessage()

func (*ZkBetaAndBMessage) ProtoReflect added in v1.0.2 

func (x *ZkBetaAndBMessage) ProtoReflect() protoreflect.Message

func (*ZkBetaAndBMessage) Reset added in v1.0.2 

func (x *ZkBetaAndBMessage) Reset()

func (*ZkBetaAndBMessage) String added in v1.0.2 

func (x *ZkBetaAndBMessage) String() string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.