README
¶
Paillier homomorphic cryptosystem
A partial homomorphic encryption scheme whose security relies on the hardness of the integer factorization. This Golang library implements the scheme.
Guildline
This Library offers main 5 public functions: NewPaillier, Encrypt, Decrypt, Add, MulConst.
Example
var keySize = 2048
// Generate a private key and the corresponding public key.
p, _ = NewPaillier(keySize)
m1 := big.NewInt(100)
m2 := big.NewInt(200)
c1, _ := p.Encrypt(m1.Bytes())
c2, _ := p.Encrypt(m2.Bytes())
sum, _ := p.PublicKey.Add(c1, c2)
// The output is 300 = 100 + 200.
decryptSum, _ := p.Decrypt(sum)
m := big.NewInt(100)
scalar := big.NewInt(50)
c, _ := p.Encrypt(m.Bytes())
mulConst, _ := p.PublicKey.MulConst(c, scalar)
// The output is 5000 = 100 * 50.
decryptResult, _ := p.Decrypt(mulConst)
fmt.Println("The decryption of adding m1 and m2 to be", decryptSum)
fmt.Println("The decryption of m by multiplying the scalar is", decryptResult)
Remark:
- Generally speaking, the larger keySize is safer[Security Level].
Experiment
Our benchmarks were in local computation and ran on an Intel qualcore-i5 CPU 2.3 GHz and 16GB of RAM.
Security Level
The Table below is referenced by Improved Efficiency of a Linearly Homomorphic Cryptosystem.
+-----------------+---------------+
| Security Level | RSA modulus |
+-----------------+---------------+
| 112 | 2048 |
| 128 | 3072 |
| 192 | 7680 |
| 256 | 15360 |
+-----------------+---------------+
Benchmark
+---------------+--------------------+-------------------+--------------------+--------------------+
| Operation | Message space (256 bit) |
+---------------+--------------------+-------------------+--------------------+--------------------+
| Discriminant | 2048 bit | 3072 bit | 7680 bit | 15360 bit |
| Encryption | 16.42 ms/op | 551.80 ms/op | 21.56 s/op | _ |
| Decryption | 15.93 ms/op | 678.46 ms/op | 27.22 s/op | _ |
| Add | 0.013 ms/op | 394 ms/op | 3.081 s/op | - |
| EvalMul | 0.345 ms/op | 1095.05 ms/op | 11.733 s/op | - |
+---------------+--------------------+-------------------+--------------------+--------------------+
Reference
Other Library
Documentation
¶
Index ¶
- Variables
- func NewPedersenOpenParameter(n, s, t *big.Int) (*zkPaillier.PederssenOpenParameter, error)
- func ToPaillierPubKeyWithSpecialG(ped *zkPaillier.PederssenOpenParameter) *publicKey
- func ToPaillierPubKeyWithSpecialGFromMsg(ssidInfo []byte, msg *zkPaillier.RingPederssenParameterMessage) (*publicKey, error)
- type Paillier
- func (pub Paillier) Add(c1Bytes []byte, c2Bytes []byte) ([]byte, error)
- func (p *Paillier) Decrypt(cBytes []byte) ([]byte, error)
- func (pub Paillier) Encrypt(mBytes []byte) ([]byte, error)
- func (pub Paillier) EncryptWithOutputSalt(m *big.Int) (*big.Int, *big.Int, error)
- func (pub Paillier) GetG() *big.Int
- func (pub Paillier) GetMessageRange(fieldOrder *big.Int) *big.Int
- func (p *Paillier) GetMtaProof(curve elliptic.Curve, beta *big.Int, b *big.Int) ([]byte, error)
- func (pub Paillier) GetN() *big.Int
- func (pub Paillier) GetNSquare() *big.Int
- func (p *Paillier) GetNthRoot() (*big.Int, error)
- func (p *Paillier) GetPQ() (*big.Int, *big.Int)
- func (p *Paillier) GetPubKey() homo.Pubkey
- func (pub Paillier) MulConst(cBytes []byte, scalar *big.Int) ([]byte, error)
- func (paillier *Paillier) NewPedersenParameterByPaillier() (*PederssenParameter, error)
- func (p *Paillier) NewPubKeyFromBytes(bs []byte) (homo.Pubkey, error)
- func (pub Paillier) ToPubKeyBytes() []byte
- func (pub Paillier) VerifyEnc([]byte) error
- func (p *Paillier) VerifyMtaProof(bs []byte, curve elliptic.Curve, alpha *big.Int, a *big.Int) (*pt.ECPoint, error)
- type PederssenParameter
- type PubKeyMessage
- func (*PubKeyMessage) Descriptor() ([]byte, []int)deprecated
- func (x *PubKeyMessage) GetG() []byte
- func (x *PubKeyMessage) GetProof() *zkproof.IntegerFactorizationProofMessage
- func (*PubKeyMessage) ProtoMessage()
- func (x *PubKeyMessage) ProtoReflect() protoreflect.Message
- func (x *PubKeyMessage) Reset()
- func (x *PubKeyMessage) String() string
- func (msg *PubKeyMessage) ToPubkey() (*publicKey, error)
- type ZkBetaAndBMessage
- func (*ZkBetaAndBMessage) Descriptor() ([]byte, []int)deprecated
- func (x *ZkBetaAndBMessage) GetProofB() *zkproof.SchnorrProofMessage
- func (x *ZkBetaAndBMessage) GetProofBeta() *zkproof.SchnorrProofMessage
- func (*ZkBetaAndBMessage) ProtoMessage()
- func (x *ZkBetaAndBMessage) ProtoReflect() protoreflect.Message
- func (x *ZkBetaAndBMessage) Reset()
- func (x *ZkBetaAndBMessage) String() string
Constants ¶
This section is empty.
Variables ¶
View Source
var ( //ErrExceedMaxRetry is returned if we retried over times ErrExceedMaxRetry = errors.New("exceed max retries") //ErrInvalidInput is returned if the input is invalid ErrInvalidInput = errors.New("invalid input") //ErrInvalidMessage is returned if the message is invalid ErrInvalidMessage = errors.New("invalid message") //ErrSmallPublicKeySize is returned if the size of public key is small ErrSmallPublicKeySize = errors.New("small public key") //ErrSmallFactorPubKey is returned if there exist small factor of a public key ErrSmallFactorPubKey = errors.New("there exist small factor of a public key") )
View Source
var File_github_com_getamis_alice_crypto_homo_paillier_message_proto protoreflect.FileDescriptor
Functions ¶
func NewPedersenOpenParameter ¶ added in v1.0.2
func NewPedersenOpenParameter(n, s, t *big.Int) (*zkPaillier.PederssenOpenParameter, error)
func ToPaillierPubKeyWithSpecialG ¶ added in v1.0.2
func ToPaillierPubKeyWithSpecialG(ped *zkPaillier.PederssenOpenParameter) *publicKey
func ToPaillierPubKeyWithSpecialGFromMsg ¶ added in v1.0.2
func ToPaillierPubKeyWithSpecialGFromMsg(ssidInfo []byte, msg *zkPaillier.RingPederssenParameterMessage) (*publicKey, error)
Types ¶
type Paillier ¶
type Paillier struct {
// contains filtered or unexported fields
}
func NewPaillier ¶
func NewPaillierSafePrime ¶ added in v1.0.2
func NewPaillierUnSafe ¶ added in v1.0.2
Warning: No check the size of public key.
func NewPaillierWithGivenPrimes ¶ added in v1.0.2
func (Paillier) Add ¶ added in v1.0.2
1. Check that c1, c2 is correct. 2. Choose (r, N)=1 with r in [1, N-1] randomly. 3. Compute c1*c2*r^N mod N^2.
func (Paillier) EncryptWithOutputSalt ¶ added in v1.0.2
func (Paillier) GetMessageRange ¶ added in v1.0.2
func (*Paillier) GetMtaProof ¶
func (Paillier) GetNSquare ¶ added in v1.0.2
func (Paillier) MulConst ¶ added in v1.0.2
1. Check that c is correct. 2. Compute scalar mod N. 3. Choose (r, N)=1 with r in [1, N-1] randomly. 4. Compute c^scalar*r^N mod N^2.
func (*Paillier) NewPedersenParameterByPaillier ¶ added in v1.0.2
func (paillier *Paillier) NewPedersenParameterByPaillier() (*PederssenParameter, error)
By paillier
func (*Paillier) NewPubKeyFromBytes ¶
func (Paillier) ToPubKeyBytes ¶ added in v1.0.2
func (pub Paillier) ToPubKeyBytes() []byte
type PederssenParameter ¶ added in v1.0.2
type PederssenParameter struct {
PedersenOpenParameter *zkPaillier.PederssenOpenParameter
// contains filtered or unexported fields
}
func (*PederssenParameter) GetEulerValue ¶ added in v1.0.2
func (ped *PederssenParameter) GetEulerValue() *big.Int
func (*PederssenParameter) GetP ¶ added in v1.0.2
func (ped *PederssenParameter) GetP() *big.Int
func (*PederssenParameter) GetQ ¶ added in v1.0.2
func (ped *PederssenParameter) GetQ() *big.Int
func (*PederssenParameter) Getlambda ¶ added in v1.0.2
func (ped *PederssenParameter) Getlambda() *big.Int
type PubKeyMessage ¶
type PubKeyMessage struct {
Proof *zkproof.IntegerFactorizationProofMessage `protobuf:"bytes,1,opt,name=proof,proto3" json:"proof,omitempty"`
G []byte `protobuf:"bytes,2,opt,name=g,proto3" json:"g,omitempty"`
// contains filtered or unexported fields
}
func (*PubKeyMessage) Descriptor
deprecated
func (*PubKeyMessage) Descriptor() ([]byte, []int)
Deprecated: Use PubKeyMessage.ProtoReflect.Descriptor instead.
func (*PubKeyMessage) GetG ¶
func (x *PubKeyMessage) GetG() []byte
func (*PubKeyMessage) GetProof ¶
func (x *PubKeyMessage) GetProof() *zkproof.IntegerFactorizationProofMessage
func (*PubKeyMessage) ProtoMessage ¶
func (*PubKeyMessage) ProtoMessage()
func (*PubKeyMessage) ProtoReflect ¶ added in v1.0.2
func (x *PubKeyMessage) ProtoReflect() protoreflect.Message
func (*PubKeyMessage) Reset ¶
func (x *PubKeyMessage) Reset()
func (*PubKeyMessage) String ¶
func (x *PubKeyMessage) String() string
func (*PubKeyMessage) ToPubkey ¶
func (msg *PubKeyMessage) ToPubkey() (*publicKey, error)
type ZkBetaAndBMessage ¶ added in v1.0.2
type ZkBetaAndBMessage struct {
ProofB *zkproof.SchnorrProofMessage `protobuf:"bytes,1,opt,name=proofB,proto3" json:"proofB,omitempty"`
ProofBeta *zkproof.SchnorrProofMessage `protobuf:"bytes,2,opt,name=proofBeta,proto3" json:"proofBeta,omitempty"`
// contains filtered or unexported fields
}
func (*ZkBetaAndBMessage) Descriptor
deprecated
added in
v1.0.2
func (*ZkBetaAndBMessage) Descriptor() ([]byte, []int)
Deprecated: Use ZkBetaAndBMessage.ProtoReflect.Descriptor instead.
func (*ZkBetaAndBMessage) GetProofB ¶ added in v1.0.2
func (x *ZkBetaAndBMessage) GetProofB() *zkproof.SchnorrProofMessage
func (*ZkBetaAndBMessage) GetProofBeta ¶ added in v1.0.2
func (x *ZkBetaAndBMessage) GetProofBeta() *zkproof.SchnorrProofMessage
func (*ZkBetaAndBMessage) ProtoMessage ¶ added in v1.0.2
func (*ZkBetaAndBMessage) ProtoMessage()
func (*ZkBetaAndBMessage) ProtoReflect ¶ added in v1.0.2
func (x *ZkBetaAndBMessage) ProtoReflect() protoreflect.Message
func (*ZkBetaAndBMessage) Reset ¶ added in v1.0.2
func (x *ZkBetaAndBMessage) Reset()
func (*ZkBetaAndBMessage) String ¶ added in v1.0.2
func (x *ZkBetaAndBMessage) String() string
Source Files
Click to show internal directories.
Click to hide internal directories.