Commit b30e6fc7 authored by Stephane Glondu's avatar Stephane Glondu
Browse files

Rename "id" into "zkp" (as in "zero-knowledge prefix")

parent 356992f4
......@@ -34,7 +34,7 @@ function do_setup(message) {
function do_encrypt(message) {
console.log("encrypting answer for question " + ELECTION.questions[Q_NUM]);
var encrypted_answer = new HELIOS.EncryptedAnswer(ELECTION.questions[Q_NUM], message.answer, ELECTION.public_key, message.voter_id);
var encrypted_answer = new HELIOS.EncryptedAnswer(ELECTION.questions[Q_NUM], message.answer, ELECTION.public_key, message.zkp);
console.log("done encrypting");
......
......@@ -448,7 +448,7 @@ ElGamal.DLogProof.fromJSONObject = function(d) {
// a challenge generator based on a list of commitments of
// proofs of knowledge of plaintext. Just appends A and B with commas.
ElGamal.disjunctive_challenge_generator = function(id, c) { return function(commitments) {
ElGamal.disjunctive_challenge_generator = function(zkp, c) { return function(commitments) {
var strings_to_hash = [];
// go through all proofs and append the commitments
......@@ -460,7 +460,7 @@ ElGamal.disjunctive_challenge_generator = function(id, c) { return function(comm
// console.log(strings_to_hash);
// STRINGS = strings_to_hash;
var prefix = "prove|" + id + "|" + c.alpha.toJSONObject() + "," + c.beta.toJSONObject() + "|"
var prefix = "prove|" + zkp + "|" + c.alpha.toJSONObject() + "," + c.beta.toJSONObject() + "|"
return new BigInt(hex_sha256(prefix + strings_to_hash.join(",")), 16);
}};
......
......@@ -216,7 +216,7 @@ UTILS.generate_plaintexts = function(pk, min, max) {
HELIOS.EncryptedAnswer = Class.extend({
init: function(question, answer, pk, id, progress) {
init: function(question, answer, pk, zkp, progress) {
// if nothing in the constructor
if (question == null)
return;
......@@ -226,7 +226,7 @@ HELIOS.EncryptedAnswer = Class.extend({
this.answer = answer;
// do the encryption
var enc_result = this.doEncryption(question, answer, pk, id, null, progress);
var enc_result = this.doEncryption(question, answer, pk, zkp, null, progress);
this.choices = enc_result.choices;
this.randomness = enc_result.randomness;
......@@ -234,7 +234,7 @@ HELIOS.EncryptedAnswer = Class.extend({
this.overall_proof = enc_result.overall_proof;
},
doEncryption: function(question, answer, pk, id, randomness, progress) {
doEncryption: function(question, answer, pk, zkp, randomness, progress) {
var choices = [];
var individual_proofs = [];
var overall_proof = null;
......@@ -278,7 +278,7 @@ HELIOS.EncryptedAnswer = Class.extend({
// generate proof
if (generate_new_randomness) {
// generate proof that this ciphertext is a 0 or a 1
individual_proofs[i] = choices[i].generateDisjunctiveProof(zero_one_plaintexts, plaintext_index, randomness[i], ElGamal.disjunctive_challenge_generator(id, choices[i]));
individual_proofs[i] = choices[i].generateDisjunctiveProof(zero_one_plaintexts, plaintext_index, randomness[i], ElGamal.disjunctive_challenge_generator(zkp, choices[i]));
}
if (progress)
......@@ -306,7 +306,7 @@ HELIOS.EncryptedAnswer = Class.extend({
if (question.min)
overall_plaintext_index -= question.min;
overall_proof = hom_sum.generateDisjunctiveProof(plaintexts, overall_plaintext_index, rand_sum, ElGamal.disjunctive_challenge_generator(id, hom_sum));
overall_proof = hom_sum.generateDisjunctiveProof(plaintexts, overall_plaintext_index, rand_sum, ElGamal.disjunctive_challenge_generator(zkp, hom_sum));
if (progress) {
for (var i=0; i<question.max; i++)
......@@ -386,7 +386,7 @@ HELIOS.EncryptedAnswer.fromJSONObject = function(d, election) {
};
HELIOS.EncryptedVote = Class.extend({
init: function(election, answers, id, progress) {
init: function(election, answers, zkp, progress) {
// empty constructor
if (election == null)
return;
......@@ -416,7 +416,7 @@ HELIOS.EncryptedVote = Class.extend({
// loop through questions
for (var i=0; i<n_questions; i++) {
this.encrypted_answers[i] = new HELIOS.EncryptedAnswer(election.questions[i], answers[i], election.public_key, id, progress);
this.encrypted_answers[i] = new HELIOS.EncryptedAnswer(election.questions[i], answers[i], election.public_key, zkp, progress);
}
},
......
......@@ -205,7 +205,7 @@ BOOTH.launch_async_encryption_answer = function(question_num) {
BOOTH.workers[question_num].postMessage({
'type' : 'encrypt',
'answer' : BOOTH.ballot.answers[question_num],
'voter_id' : BOOTH.voter_id,
'zkp' : BOOTH.zkp,
'id' : BOOTH.answer_timestamps[question_num]
});
};
......@@ -466,7 +466,7 @@ BOOTH.seal_ballot_raw = function() {
if (BOOTH.synchronous) {
BOOTH.progress = new UTILS.PROGRESS();
var progress_interval = setInterval("BOOTH.check_encryption_status()", 500);
BOOTH.encrypted_ballot = new HELIOS.EncryptedVote(BOOTH.election, BOOTH.ballot.answers, BOOTH.voter_id, BOOTH.progress);
BOOTH.encrypted_ballot = new HELIOS.EncryptedVote(BOOTH.election, BOOTH.ballot.answers, BOOTH.zkp, BOOTH.progress);
BOOTH.encrypted_ballot.doSignature(BOOTH.credential);
clearInterval(progress_interval);
BOOTH._after_ballot_encryption();
......@@ -543,7 +543,7 @@ BOOTH.ask_token = function () {
try {
var token = window.prompt("Please enter your credential:");
BOOTH.credential = BOOTH.derive_key(token);
BOOTH.voter_id = BOOTH.credential.y.toString();
BOOTH.zkp = BOOTH.credential.y.toString();
BOOTH.show_question(0);
} catch (e) {
window.alert(e);
......
......@@ -189,7 +189,7 @@ module MakeElection (P : ELECTION_PARAMS) (M : RANDOM) = struct
(** ZKPs for disjunctions *)
let eg_disj_prove d id x r {alpha; beta} =
let eg_disj_prove d zkp x r {alpha; beta} =
(* prove that alpha = g^r and beta = y^r/d_x *)
(* the size of d is the number of disjuncts *)
let n = Array.length d in
......@@ -220,14 +220,14 @@ module MakeElection (P : ELECTION_PARAMS) (M : RANDOM) = struct
fs_prove [| g; y |] r (fun commitx ->
Array.blit commitx 0 commitments (2*x) 2;
let prefix = Printf.sprintf "prove|%s|%s,%s|"
id (G.to_string alpha) (G.to_string beta)
zkp (G.to_string alpha) (G.to_string beta)
in
Z.((G.hash prefix commitments + !total_challenges) mod q)
) >>= fun p ->
proofs.(x) <- p;
return proofs
let eg_disj_verify d id proofs {alpha; beta} =
let eg_disj_verify d zkp proofs {alpha; beta} =
G.check alpha && G.check beta &&
let n = Array.length d in
n = Array.length proofs &&
......@@ -244,7 +244,7 @@ module MakeElection (P : ELECTION_PARAMS) (M : RANDOM) = struct
done;
total_challenges := Z.(!total_challenges mod q);
let prefix = Printf.sprintf "prove|%s|%s,%s|"
id (G.to_string alpha) (G.to_string beta)
zkp (G.to_string alpha) (G.to_string beta)
in
hash prefix commitments =% !total_challenges
with Exit -> false
......@@ -283,9 +283,9 @@ module MakeElection (P : ELECTION_PARAMS) (M : RANDOM) = struct
) else return (Array.of_list accu)
in loop_outer (Array.length xs - 1) []
let create_answer id q r m =
let create_answer zkp q r m =
let choices = Array.map2 eg_encrypt r m in
let individual_proofs = Array.map3 (eg_disj_prove d01 id) m r choices in
let individual_proofs = Array.map3 (eg_disj_prove d01 zkp) m r choices in
(* create overall_proof from homomorphic combination of individual
weights *)
let sumr = Array.fold_left Z.(+) Z.zero r in
......@@ -293,7 +293,7 @@ module MakeElection (P : ELECTION_PARAMS) (M : RANDOM) = struct
let sumc = Array.fold_left eg_combine dummy_ciphertext choices in
assert (q.q_min <= summ && summ <= q.q_max);
let d = make_d q.q_min q.q_max in
let overall_proof = eg_disj_prove d id (summ - q.q_min) sumr sumc in
let overall_proof = eg_disj_prove d zkp (summ - q.q_min) sumr sumc in
swap individual_proofs >>= fun individual_proofs ->
overall_proof >>= fun overall_proof ->
return {choices; individual_proofs; overall_proof}
......@@ -304,7 +304,7 @@ module MakeElection (P : ELECTION_PARAMS) (M : RANDOM) = struct
) params.e_questions)
let create_ballot r m =
swap (Array.map3 (create_answer "ID") params.e_questions r m) >>= fun answers ->
swap (Array.map3 (create_answer "") params.e_questions r m) >>= fun answers ->
return {
answers;
election_hash = fingerprint;
......@@ -314,16 +314,16 @@ module MakeElection (P : ELECTION_PARAMS) (M : RANDOM) = struct
(** Ballot verification *)
let verify_answer id q a =
Array.forall2 (eg_disj_verify d01 id) a.individual_proofs a.choices &&
let verify_answer zkp q a =
Array.forall2 (eg_disj_verify d01 zkp) a.individual_proofs a.choices &&
let sumc = Array.fold_left eg_combine dummy_ciphertext a.choices in
let d = make_d q.q_min q.q_max in
eg_disj_verify d id a.overall_proof sumc
eg_disj_verify d zkp a.overall_proof sumc
let check_ballot b =
b.election_uuid = params.e_uuid &&
b.election_hash = P.fingerprint &&
let ok, id = match b.signature with
let ok, zkp = match b.signature with
| Some {s_commitment = y; s_challenge; s_response} ->
let ok =
check_modulo q s_challenge &&
......@@ -341,9 +341,9 @@ module MakeElection (P : ELECTION_PARAMS) (M : RANDOM) = struct
) |> Array.of_list in
s_challenge =% G.hash prefix ciphertexts
in ok, G.to_string y
| None -> true, "ID"
| None -> true, ""
in ok &&
Array.forall2 (verify_answer id) params.e_questions b.answers
Array.forall2 (verify_answer zkp) params.e_questions b.answers
let extract_ciphertext b = Array.map (fun x -> x.choices) b.answers
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment