paillier

package
v1.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 24, 2020 License: Apache-2.0 Imports: 11 Imported by: 1

README

Paillier homomorphic cryptosystem

A partial homomorphic encryption scheme whose security relies on the hardness of the integer factorization. This Golang library implements the scheme.

Guildline

This Library offers main 5 public functions: NewPaillier, Encrypt, Decrypt, Add, MulConst.

Example
var keySize = 2048 

// Generate a private key and the corresponding public key.
p, _ = NewPaillier(keySize)

m1 := big.NewInt(100)
m2 := big.NewInt(200)
c1, _ := p.Encrypt(m1.Bytes())
c2, _ := p.Encrypt(m2.Bytes())
sum, _ := p.PublicKey.Add(c1, c2)
// The output is 300 = 100 + 200.
decryptSum, _ := p.Decrypt(sum)

m := big.NewInt(100)
scalar := big.NewInt(50)
c, _ := p.Encrypt(m.Bytes())
mulConst, _ := p.PublicKey.MulConst(c, scalar)
// The output is 5000 = 100 * 50.
decryptResult, _ := p.Decrypt(mulConst)

fmt.Println("The decryption of adding m1 and m2 to be", decryptSum)
fmt.Println("The decryption of m by multiplying the scalar is", decryptResult)

Remark:

  1. Generally speaking, the larger keySize is safer[Security Level].

Experiment

Our benchmarks were in local computation and ran on an Intel qualcore-i5 CPU 2.3 GHz and 16GB of RAM.

Security Level

The Table below is referenced by Improved Efficiency of a Linearly Homomorphic Cryptosystem.

+-----------------+---------------+
| Security Level  |  RSA modulus  |
+-----------------+---------------+
|          112    |          2048 |
|          128    |          3072 |
|          192    |          7680 |
|          256    |         15360 |
+-----------------+---------------+
Benchmark
+---------------+--------------------+-------------------+--------------------+--------------------+
|  Operation    |  Message space (256 bit)                                                         |
+---------------+--------------------+-------------------+--------------------+--------------------+
| Discriminant  |  2048 bit          | 3072 bit          | 7680 bit           | 15360 bit          |
| Encryption    |  16.42 ms/op       | 551.80 ms/op      | 21.56 s/op         |  _                 |
| Decryption    |  15.93 ms/op       | 678.46 ms/op      | 27.22 s/op         |  _                 |
| Add           |  0.013 ms/op       | 394    ms/op      | 3.081 s/op         |  -                 |
| EvalMul       |  0.345 ms/op       | 1095.05 ms/op     | 11.733 s/op        |  -                 |
+---------------+--------------------+-------------------+--------------------+--------------------+

Reference

  1. Public-Key Cryptosystems Based on Composite Degree Residuosity Classes

  2. Paillier cryptosystem

Other Library

  1. A library for Partially Homomorphic Encryption in Python
  2. A Go implementation of the partially homomorphic Paillier Cryptosystem.
  3. A pure-Rust implementation of the Paillier encryption scheme
  4. Javascript proof-of-concept implementation of the Paillier cryptosystem
    ..... and so on.

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	//ErrExceedMaxRetry is returned if we retried over times
	ErrExceedMaxRetry = errors.New("exceed max retries")
	//ErrInvalidInput is returned if the input is invalid
	ErrInvalidInput = errors.New("invalid input")
	//ErrInvalidMessage is returned if the message is invalid
	ErrInvalidMessage = errors.New("invalid message")
)

Functions

This section is empty.

Types

type Paillier 

type Paillier struct {
	*PublicKey
	// contains filtered or unexported fields
}

func NewPaillier 

func NewPaillier(keySize int) (*Paillier, error)

func (*Paillier) Decrypt 

func (p *Paillier) Decrypt(cBytes []byte) ([]byte, error)

Decrypt computes the plaintext from the ciphertext

func (*Paillier) GetMtaProof 

func (p *Paillier) GetMtaProof(curve elliptic.Curve, _ *big.Int, a *big.Int) ([]byte, error)

func (*Paillier) GetPubKey 

func (p *Paillier) GetPubKey() homo.Pubkey

func (*Paillier) NewPubKeyFromBytes 

func (p *Paillier) NewPubKeyFromBytes(bs []byte) (homo.Pubkey, error)

func (*Paillier) VerifyMtaProof 

func (p *Paillier) VerifyMtaProof(bs []byte, curve elliptic.Curve, _ *big.Int, _ *big.Int) (*pt.ECPoint, error)

type PubKeyMessage 

type PubKeyMessage struct {
	Proof                *zkproof.IntegerFactorizationProofMessage `protobuf:"bytes,1,opt,name=proof,proto3" json:"proof,omitempty"`
	G                    []byte                                    `protobuf:"bytes,2,opt,name=g,proto3" json:"g,omitempty"`
	XXX_NoUnkeyedLiteral struct{}                                  `json:"-"`
	XXX_unrecognized     []byte                                    `json:"-"`
	XXX_sizecache        int32                                     `json:"-"`
}

func (*PubKeyMessage) Descriptor 

func (*PubKeyMessage) Descriptor() ([]byte, []int)

func (*PubKeyMessage) GetG 

func (m *PubKeyMessage) GetG() []byte

func (*PubKeyMessage) GetProof 

func (m *PubKeyMessage) GetProof() *zkproof.IntegerFactorizationProofMessage

func (*PubKeyMessage) ProtoMessage 

func (*PubKeyMessage) ProtoMessage()

func (*PubKeyMessage) Reset 

func (m *PubKeyMessage) Reset()

func (*PubKeyMessage) String 

func (m *PubKeyMessage) String() string

func (*PubKeyMessage) ToPubkey 

func (msg *PubKeyMessage) ToPubkey() (*PublicKey, error)

func (*PubKeyMessage) XXX_DiscardUnknown 

func (m *PubKeyMessage) XXX_DiscardUnknown()

func (*PubKeyMessage) XXX_Marshal 

func (m *PubKeyMessage) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*PubKeyMessage) XXX_Merge 

func (m *PubKeyMessage) XXX_Merge(src proto.Message)

func (*PubKeyMessage) XXX_Size 

func (m *PubKeyMessage) XXX_Size() int

func (*PubKeyMessage) XXX_Unmarshal 

func (m *PubKeyMessage) XXX_Unmarshal(b []byte) error

type PublicKey 

type PublicKey struct {
	// contains filtered or unexported fields
}

PublicKey is (n, g)

func (*PublicKey) Add 

func (pub *PublicKey) Add(c1Bytes []byte, c2Bytes []byte) ([]byte, error)

1. Check that c1, c2 is correct. 2. Choose (r, N)=1 with r in [1, N-1] randomly. 3. Compute c1*c2*r^N mod N^2.

func (*PublicKey) Encrypt 

func (pub *PublicKey) Encrypt(mBytes []byte) ([]byte, error)

func (*PublicKey) GetG 

func (pub *PublicKey) GetG() *big.Int

func (*PublicKey) GetMessageRange 

func (pub *PublicKey) GetMessageRange(fieldOrder *big.Int) *big.Int

func (*PublicKey) GetNSquare 

func (pub *PublicKey) GetNSquare() *big.Int

func (*PublicKey) MulConst 

func (pub *PublicKey) MulConst(cBytes []byte, scalar *big.Int) ([]byte, error)

1. Check that c is correct. 2. Compute scalar mod N. 3. Choose (r, N)=1 with r in [1, N-1] randomly. 4. Compute c^scalar*r^N mod N^2.

func (*PublicKey) ToPubKeyBytes 

func (pub *PublicKey) ToPubKeyBytes() []byte

func (*PublicKey) VerifyEnc 

func (pub *PublicKey) VerifyEnc([]byte) error

In paillier, we cannot verify enc message. Therefore, we always return nil.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.