Commit 1ca08985 authored by Stephane Glondu's avatar Stephane Glondu

Uniformly check partial decryptions in combine_factors

parent f9949778
...@@ -587,13 +587,9 @@ module MakeElection (G : GROUP) (M : RANDOM) = struct ...@@ -587,13 +587,9 @@ module MakeElection (G : GROUP) (M : RANDOM) = struct
let result = Array.mmap log results in let result = Array.mmap log results in
{num_tallied; encrypted_tally; partial_decryptions; result} {num_tallied; encrypted_tally; partial_decryptions; result}
let check_result combinator pks r = let check_result combinator r =
let {encrypted_tally; partial_decryptions; result; _} = r in let {encrypted_tally; partial_decryptions; result; _} = r in
check_ciphertext encrypted_tally && check_ciphertext encrypted_tally &&
(* decryption factors may be not in the same order as pks! *)
Array.forall (fun pd ->
Array.exists (fun pk -> check_factor encrypted_tally pk pd) pks
) partial_decryptions &&
let factors = combinator partial_decryptions in let factors = combinator partial_decryptions in
let results = Array.mmap2 (fun {beta; _} f -> let results = Array.mmap2 (fun {beta; _} f ->
beta / f beta / f
......
...@@ -230,7 +230,7 @@ module type ELECTION = sig ...@@ -230,7 +230,7 @@ module type ELECTION = sig
produce the election result. The first argument is the number of produce the election result. The first argument is the number of
tallied ballots. May raise [Invalid_argument]. *) tallied ballots. May raise [Invalid_argument]. *)
val check_result : combinator -> public_key array -> result -> bool val check_result : combinator -> result -> bool
val extract_tally : result -> plaintext val extract_tally : result -> plaintext
(** Extract the plaintext result of the election. *) (** Extract the plaintext result of the election. *)
......
...@@ -69,9 +69,12 @@ module MakeSimpleDistKeyGen (G : GROUP) (M : RANDOM) = struct ...@@ -69,9 +69,12 @@ module MakeSimpleDistKeyGen (G : GROUP) (M : RANDOM) = struct
y *~ trustee_public_key y *~ trustee_public_key
) G.one pks ) G.one pks
let combine_factors pds = type checker = G.t -> G.t partial_decryption -> bool
let combine_factors checker pks pds =
assert (Array.length pds > 0); assert (Array.length pds > 0);
let dummy = Array.mmap (fun _ -> G.one) pds.(0).decryption_factors in let dummy = Array.mmap (fun _ -> G.one) pds.(0).decryption_factors in
assert (Array.forall (fun pk -> Array.exists (checker pk) pds) pks);
Array.fold_left (fun a b -> Array.fold_left (fun a b ->
Array.mmap2 ( *~ ) a b.decryption_factors Array.mmap2 ( *~ ) a b.decryption_factors
) dummy pds ) dummy pds
......
...@@ -43,7 +43,8 @@ module MakeSimpleDistKeyGen (G : GROUP) (M : RANDOM) : sig ...@@ -43,7 +43,8 @@ module MakeSimpleDistKeyGen (G : GROUP) (M : RANDOM) : sig
val combine : G.t trustee_public_key array -> G.t val combine : G.t trustee_public_key array -> G.t
(** Combine all public key shares into an election public key. *) (** Combine all public key shares into an election public key. *)
val combine_factors : G.t partial_decryption array -> G.t array array type checker = G.t -> G.t partial_decryption -> bool
val combine_factors : checker -> G.t array -> G.t partial_decryption array -> G.t array array
end end
(** Simple distributed generation of an election public key. *) (** Simple distributed generation of an election public key. *)
......
...@@ -201,12 +201,11 @@ module Make (P : PARSED_PARAMS) : S = struct ...@@ -201,12 +201,11 @@ module Make (P : PARSED_PARAMS) : S = struct
let combinator = let combinator =
match threshold with match threshold with
| None -> | None ->
assert (Array.forall2 checker (Lazy.force pks) factors); KG.combine_factors checker (Lazy.force pks)
KG.combine_factors
| Some t -> KP.combine_factors checker t | Some t -> KP.combine_factors checker t
in in
let result = E.compute_result (M.cardinal ()) tally factors combinator in let result = E.compute_result (M.cardinal ()) tally factors combinator in
assert (E.check_result combinator (Lazy.force pks) result); assert (E.check_result combinator result);
string_of_result G.write result string_of_result G.write result
let verify () = let verify () =
...@@ -224,11 +223,12 @@ module Make (P : PARSED_PARAMS) : S = struct ...@@ -224,11 +223,12 @@ module Make (P : PARSED_PARAMS) : S = struct
| Some result -> | Some result ->
let result = result_of_string G.read result in let result = result_of_string G.read result in
assert (Lazy.force encrypted_tally = result.encrypted_tally); assert (Lazy.force encrypted_tally = result.encrypted_tally);
let checker = E.check_factor result.encrypted_tally in
let combinator = match threshold with let combinator = match threshold with
| None -> KG.combine_factors | None -> KG.combine_factors checker (Lazy.force pks)
| Some t -> KP.combine_factors (E.check_factor result.encrypted_tally) t | Some t -> KP.combine_factors checker t
in in
assert (E.check_result combinator (Lazy.force pks) result) assert (E.check_result combinator result)
| None -> print_msg "W: no result to check" | None -> print_msg "W: no result to check"
); );
print_msg "I: all checks passed" print_msg "I: all checks passed"
......
...@@ -1389,6 +1389,17 @@ let handle_election_tally_release (uuid, ()) () = ...@@ -1389,6 +1389,17 @@ let handle_election_tally_release (uuid, ()) () =
| `EncryptedTally (npks, ntallied, _) -> return (npks, ntallied) | `EncryptedTally (npks, ntallied, _) -> return (npks, ntallied)
| _ -> forbidden () | _ -> forbidden ()
in in
let%lwt pks =
match%lwt Web_persist.get_public_keys uuid_s with
| Some l -> return (Array.of_list l)
| _ -> fail_http 404
in
let pks =
Array.map (fun pk ->
(trustee_public_key_of_string W.G.read pk).trustee_public_key
) pks
in
assert (npks = Array.length pks);
let%lwt pds = Web_persist.get_partial_decryptions uuid_s in let%lwt pds = Web_persist.get_partial_decryptions uuid_s in
let%lwt pds = let%lwt pds =
try try
...@@ -1402,7 +1413,9 @@ let handle_election_tally_release (uuid, ()) () = ...@@ -1402,7 +1413,9 @@ let handle_election_tally_release (uuid, ()) () =
Lwt_io.chars_of_file |> Lwt_stream.to_string >>= Lwt_io.chars_of_file |> Lwt_stream.to_string >>=
wrap1 (encrypted_tally_of_string W.G.read) wrap1 (encrypted_tally_of_string W.G.read)
in in
let result = E.compute_result ntallied et pds KG.combine_factors in let checker = E.check_factor et in
let combinator = KG.combine_factors checker pks in
let result = E.compute_result ntallied et pds combinator in
let%lwt () = let%lwt () =
let open Lwt_io in let open Lwt_io in
with_file with_file
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment