Commit b34305dd authored by Stephane Glondu's avatar Stephane Glondu
Browse files

Add simple distributed key generation

parent e9e96f6d
......@@ -78,6 +78,46 @@ module MakeSimpleMonad (G : GROUP) = struct
let fold f x () = List.fold_left (fun accu b -> f b accu ()) x !ballots
end
(** Distributed key generation *)
module MakeSimpleDistKeyGen (G : GROUP) (M : RANDOM) = struct
open G
open M
let ( >>= ) = bind
let ( / ) x y = x *~ invert y
(** Fiat-Shamir non-interactive zero-knowledge proofs of
knowledge *)
let fs_prove gs x oracle =
random q >>= fun w ->
let commitments = Array.map (fun g -> g **~ w) gs in
let challenge = oracle commitments in
let response = Z.((w + x * challenge) mod q) in
return {challenge; response}
let generate_and_prove () =
random q >>= fun x ->
let trustee_public_key = g **~ x in
fs_prove [| g |] x G.hash >>= fun trustee_pok ->
return (x, {trustee_pok; trustee_public_key})
let check {trustee_pok; trustee_public_key = y} =
G.check y &&
let {challenge; response} = trustee_pok in
check_modulo q challenge &&
check_modulo q response &&
let commitment = g **~ response / (y **~ challenge) in
challenge =% G.hash [| commitment |]
let combine pks =
Array.fold_left (fun y {trustee_public_key; _} ->
y *~ trustee_public_key
) G.one pks
end
(** Homomorphic elections *)
module MakeElection (P : ELECTION_PARAMS) (M : RANDOM) = struct
......
......@@ -38,6 +38,28 @@ module MakeSimpleMonad (G : GROUP) : sig
end
(** Simple election monad that keeps all ballots in memory. *)
module MakeSimpleDistKeyGen (G : GROUP) (M : RANDOM) : sig
(** This module implements a simple distributed key generation. Each
share is a number modulo q, and the secret key is their sum. All
shares are needed to decrypt, but the decryptions can be done in
a distributed fashion. *)
val generate_and_prove :
unit -> (Z.t * G.t Serializable_t.trustee_public_key) M.t
(** [generate_and_prove ()] returns a new keypair [(x, y)]. [x] is
the secret exponent, [y] contains the public key and a
zero-knowledge proof of knowledge. *)
val check : G.t Serializable_t.trustee_public_key -> bool
(** Check a public key and its proof. *)
val combine : G.t Serializable_t.trustee_public_key array -> G.t
(** Combine all public key shares into an election public key. *)
end
(** Simple distributed generation of an election public key. *)
module MakeElection (P : ELECTION_PARAMS) (M : RANDOM) :
ELECTION with type elt = P.G.t and type 'a m = 'a M.t
(** Implementation of {!Signatures.ELECTION}. *)
......@@ -22,6 +22,13 @@ type proof = {
type disjunctive_proof = proof list <ocaml repr="array">
<doc text="A disjunctive ZKP. The size of the array is the number of disjuncts. ">
(** {2 Trustees} *)
type 'a trustee_public_key = {
pok : proof;
public_key : 'a;
} <ocaml field_prefix="trustee_">
(** {2 Elections} *)
type question = {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment