README
¶
Paillier Cryptosystem
Package paillier contains Paillier's cryptosystem (1999). All routines here from pseudocode §2.5. Fig 1: The Paillier Cryptosystem.
This module provides APIs for:
- generating a safe keypair
- encryption and decryption
- adding two encrypted values,
Enc(a)andEnc(b), and obtainingEnc(a + b), and - multiplying a plain value,
a, and an encrypted valueEnc(b), and obtainingEnc(a * b).
The encrypted values are represented as big.Int and are serializable.
This module also provides JSON serialization for the PublicKey and the SecretKey.
Documentation
¶
Overview ¶
Package paillier contains Paillier's cryptosystem (1999) [P99]. Public-Key Cryptosystems Based on Composite Degree Residuosity Class. http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.112.4035&rep=rep1&type=pdf All routines here from pseudocode §2.5. Fig 1: The Paillier Cryptosystem.
This module provides APIs for:
- generating a safe keypair,
- encryption and decryption,
- adding two encrypted values, Enc(a) and Enc(b), and obtaining Enc(a + b), and
- multiplying a plain value, a, and an encrypted value Enc(b), and obtaining Enc(a * b).
The encrypted values are represented as big.Int and are serializable. This module also provides JSON serialization for the PublicKey and the SecretKey.
Example (EncryptDecrypt) ¶
// Skip this example if -short parameter is passed.
if testing.Short() {
// Printing the expected output so that the test succeeds.
fmt.Println("Succeeded in encrypting and decrypting the input message: Hello World!")
return
}
hexMessage := hex.EncodeToString([]byte("Hello World!"))
mappedMessage, ok := new(big.Int).SetString(hexMessage, 16)
if !ok {
panic("Error mapping message to scalar point.")
}
pub, sec, err := NewKeys()
if err != nil {
log.Fatalf("Error in generating keypair: %v", err)
}
// Ignoring the random value that was generated internally by `Encrypt`.
cipher, _, err := pub.Encrypt(mappedMessage)
if err != nil {
log.Fatalf("Error in Encrypting the message: %v", err)
}
// Now decrypt using the secret key.
decrypted, err := sec.Decrypt(cipher)
if err != nil {
log.Fatalf("Error in Decrypting the ciphertext: %v", err)
}
decoded := string(decrypted.Bytes())
fmt.Println("Succeeded in encrypting and decrypting the input message:", decoded)
Output: Succeeded in encrypting and decrypting the input message: Hello World!
Example (HomomorphicAddition) ¶
// Skip this example if -short parameter is passed.
if testing.Short() {
// Printing the expected output so that the test succeeds.
fmt.Println("Encrypting 123 and 456 separately.")
fmt.Println("Adding their encrypted versions together.")
fmt.Println("Succeeded in decrypting 579")
return
}
pub, sec, err := NewKeys()
if err != nil {
log.Fatalf("Error in generating keypair: %v", err)
}
msg1 := tt.B10("123")
msg2 := tt.B10("456")
fmt.Printf("Encrypting %s and %s separately.\n", msg1, msg2)
cipher1, _, err := pub.Encrypt(msg1)
if err != nil {
log.Fatalf("Error in Encrypting the message: %v", err)
}
cipher2, _, err := pub.Encrypt(msg2)
if err != nil {
log.Fatalf("Error in Encrypting the message: %v", err)
}
fmt.Println("Adding their encrypted versions together.")
cipher3, err := pub.Add(cipher1, cipher2)
if err != nil {
log.Fatalf("Error in adding the two ciphertexts: %v", err)
}
decrypted3, err := sec.Decrypt(cipher3)
if err != nil {
log.Fatalf("Error in Decrypting the ciphertext: %v", err)
}
fmt.Println("Succeeded in decrypting", decrypted3)
Output: Encrypting 123 and 456 separately. Adding their encrypted versions together. Succeeded in decrypting 579
Example (HomomorphicMultiplication) ¶
// Skip this example if -short parameter is passed.
if testing.Short() {
// Printing the expected output so that the test succeeds.
fmt.Println("Encrypting 10.")
fmt.Println("Multiplying plain 5 with the encrypted 10.")
fmt.Println("Succeeded in decrypting 50.")
return
}
pub, sec, err := NewKeys()
if err != nil {
log.Fatalf("Error in generating keypair: %v", err)
}
msg1 := tt.B10("10")
msg2 := tt.B10("5")
fmt.Printf("Encrypting %s.\n", msg1)
cipher1, _, err := pub.Encrypt(msg1)
if err != nil {
log.Fatalf("Error in Encrypting the message: %v", err)
}
fmt.Printf("Multiplying plain %s with the encrypted %s.\n", msg2, msg1)
cipher3, err := pub.Mul(msg2, cipher1)
if err != nil {
log.Fatalf("Error in adding the two ciphertexts: %v", err)
}
decrypted3, err := sec.Decrypt(cipher3)
if err != nil {
log.Fatalf("Error in Decrypting the ciphertext: %v", err)
}
fmt.Printf("Succeeded in decrypting %s.\n", decrypted3)
Output: Encrypting 10. Multiplying plain 5 with the encrypted 10. Succeeded in decrypting 50.
Index ¶
- Constants
- func NewKeys() (*PublicKey, *SecretKey, error)
- type Ciphertext
- type PsfProof
- type PsfProofParams
- type PsfVerifyParams
- type PublicKey
- func (pk *PublicKey) Add(c, d Ciphertext) (Ciphertext, error)
- func (pk *PublicKey) Encrypt(msg *big.Int) (Ciphertext, *big.Int, error)
- func (pk PublicKey) MarshalJSON() ([]byte, error)
- func (pk *PublicKey) Mul(a *big.Int, c Ciphertext) (Ciphertext, error)
- func (pk *PublicKey) UnmarshalJSON(bytes []byte) error
- type PublicKeyJson
- type SecretKey
- type SecretKeyJson
Examples ¶
Constants ¶
const PaillierPrimeBits = 1024
PaillierPrimeBits is the number of bits used to generate Paillier Safe Primes.
const PsfProofLength = 13
[spec] 10.2 and ProvePSF, VerifyPSF fig.15
Variables ¶
This section is empty.
Functions ¶
Types ¶
type Ciphertext ¶
Ciphertext in Pailler's cryptosystem: a value $c \in Z_{N²}$ .
type PsfProof ¶
PsfProof is a slice of 13 big.Int's that prove that a Paillier modulus is square-free
func (PsfProof) Verify ¶
func (p PsfProof) Verify(psf *PsfVerifyParams) error
Verify that a Paillier modulus is square-free [spec] §10.fig 15
type PsfProofParams ¶
type PsfProofParams struct {
Curve elliptic.Curve
SecretKey *SecretKey
Pi uint32
Y *curves.EcPoint
}
PsfProofParams contains the inputs to ProvePSF
func (*PsfProofParams) Prove ¶
func (p *PsfProofParams) Prove() (PsfProof, error)
Prove that a Paillier modulus is square-free [spec] §10.fig 15
type PsfVerifyParams ¶
type PsfVerifyParams struct {
Curve elliptic.Curve
PublicKey *PublicKey
Pi uint32
Y *curves.EcPoint
}
PsfVerifyParams contains the inputs to VerifyPSF
type PublicKey ¶
type PublicKey struct {
N *big.Int // N = PQ
N2 *big.Int // N² computed and cached to prevent re-computation.
}
PublicKey is a Paillier public key: N = P*Q; for safe primes P,Q.
func (*PublicKey) Add ¶
func (pk *PublicKey) Add(c, d Ciphertext) (Ciphertext, error)
Add combines two Paillier ciphertexts.
func (PublicKey) MarshalJSON ¶
MarshalJSON converts the public key into json format.
func (*PublicKey) Mul ¶
func (pk *PublicKey) Mul(a *big.Int, c Ciphertext) (Ciphertext, error)
Mul is equivalent to adding two Paillier exponents.
func (*PublicKey) UnmarshalJSON ¶
UnmarshalJSON converts the json data into this public key.
type PublicKeyJson ¶
PublicKeyJson encapsulates the data that is serialized to JSON. It is used internally and not for external use. Public so other pieces can use for serialization.
type SecretKey ¶
type SecretKey struct {
PublicKey
Lambda *big.Int // lcm(P - 1, Q - 1)
Totient *big.Int // Euler's totient: (P - 1) * (Q - 1)
U *big.Int // L((N + 1)^λ(N) mod N²)−1 mod N
}
SecretKey is a Paillier secret key.
func NewSecretKey ¶
NewSecretKey computes intermediate values based on safe primes p, q.
func (*SecretKey) Decrypt ¶
func (sk *SecretKey) Decrypt(c Ciphertext) (*big.Int, error)
Decrypt is the reverse operation of Encrypt.
func (SecretKey) MarshalJSON ¶
MarshalJSON converts the secret key into json format.
func (*SecretKey) UnmarshalJSON ¶
UnmarshalJSON converts the json data into this secret key.
type SecretKeyJson ¶
SecretKeyJson encapsulates the data that is serialized to JSON. It is used internally and not for external use. Public so other pieces can use for serialization.
Source Files