|
@@ -38,15 +38,6 @@ Curvepoint PrsonaClient::get_short_term_public_key() const
|
|
return currentFreshGenerator * longTermPrivateKey;
|
|
return currentFreshGenerator * longTermPrivateKey;
|
|
}
|
|
}
|
|
|
|
|
|
-Curvepoint PrsonaClient::get_short_term_public_key(bool unused) const
|
|
|
|
-{
|
|
|
|
- std::cout << "g^r: " << std::hex << currentFreshGenerator << std::dec << std::endl;
|
|
|
|
- std::cout << "ltsk: " << longTermPrivateKey << std::endl;
|
|
|
|
- std::cout << "stpk: " << std::hex << currentFreshGenerator * longTermPrivateKey << std::dec << std::endl;
|
|
|
|
-
|
|
|
|
- return currentFreshGenerator * longTermPrivateKey;
|
|
|
|
-}
|
|
|
|
-
|
|
|
|
Curvepoint PrsonaClient::get_short_term_public_key(Proof &pi) const
|
|
Curvepoint PrsonaClient::get_short_term_public_key(Proof &pi) const
|
|
{
|
|
{
|
|
pi = generate_ownership_proof();
|
|
pi = generate_ownership_proof();
|
|
@@ -69,15 +60,17 @@ std::vector<CurveBipoint> PrsonaClient::make_votes(
|
|
const std::vector<Scalar>& votes,
|
|
const std::vector<Scalar>& votes,
|
|
const std::vector<bool>& replaces) const
|
|
const std::vector<bool>& replaces) const
|
|
{
|
|
{
|
|
- std::vector<Scalar> seeds(oldEncryptedVotes.size());
|
|
|
|
- std::vector<CurveBipoint> newEncryptedVotes(oldEncryptedVotes.size());
|
|
|
|
|
|
+ Curvepoint shortTermPublicKey = get_short_term_public_key();
|
|
|
|
|
|
- if (!verify_valid_vote_row_proof(serverProof))
|
|
|
|
|
|
+ if (!verify_valid_vote_row_proof(serverProof, shortTermPublicKey, oldEncryptedVotes))
|
|
{
|
|
{
|
|
std::cerr << "Could not verify proof of valid votes." << std::endl;
|
|
std::cerr << "Could not verify proof of valid votes." << std::endl;
|
|
- return newEncryptedVotes;
|
|
|
|
|
|
+ return oldEncryptedVotes;
|
|
}
|
|
}
|
|
|
|
|
|
|
|
+ std::vector<Scalar> seeds(oldEncryptedVotes.size());
|
|
|
|
+ std::vector<CurveBipoint> newEncryptedVotes(oldEncryptedVotes.size());
|
|
|
|
+
|
|
for (size_t i = 0; i < votes.size(); i++)
|
|
for (size_t i = 0; i < votes.size(); i++)
|
|
{
|
|
{
|
|
if (replaces[i])
|
|
if (replaces[i])
|
|
@@ -119,7 +112,7 @@ bool PrsonaClient::receive_vote_tally()
|
|
EGCiphertext score =
|
|
EGCiphertext score =
|
|
servers->get_current_user_encrypted_tally(pi, shortTermPublicKey);
|
|
servers->get_current_user_encrypted_tally(pi, shortTermPublicKey);
|
|
|
|
|
|
- if (!verify_valid_user_tally_proof(pi))
|
|
|
|
|
|
+ if (!verify_valid_user_tally_proof(pi, shortTermPublicKey, score))
|
|
{
|
|
{
|
|
std::cerr << "Could not verify proof of valid tally." << std::endl;
|
|
std::cerr << "Could not verify proof of valid tally." << std::endl;
|
|
return false;
|
|
return false;
|
|
@@ -134,26 +127,26 @@ bool PrsonaClient::receive_new_user_data(const std::vector<Proof>& mainProof)
|
|
{
|
|
{
|
|
Proof currProof;
|
|
Proof currProof;
|
|
Curvepoint shortTermPublicKey = get_short_term_public_key();
|
|
Curvepoint shortTermPublicKey = get_short_term_public_key();
|
|
-
|
|
|
|
- EGCiphertext userEncryptedScore =
|
|
|
|
- servers->get_current_user_encrypted_tally(currProof, shortTermPublicKey);
|
|
|
|
- if (!verify_valid_user_tally_proof(currProof))
|
|
|
|
- {
|
|
|
|
- std::cerr << "Could not verify preliminary proof of user encrypted tally." << std::endl;
|
|
|
|
- return false;
|
|
|
|
- }
|
|
|
|
|
|
|
|
TwistBipoint serverEncryptedScore =
|
|
TwistBipoint serverEncryptedScore =
|
|
servers->get_current_server_encrypted_tally(currProof, shortTermPublicKey);
|
|
servers->get_current_server_encrypted_tally(currProof, shortTermPublicKey);
|
|
- if (!verify_valid_server_tally_proof(currProof))
|
|
|
|
|
|
+ if (!verify_valid_server_tally_proof(currProof, shortTermPublicKey, serverEncryptedScore))
|
|
{
|
|
{
|
|
std::cerr << "Could not verify preliminary proof of server encrypted tally." << std::endl;
|
|
std::cerr << "Could not verify preliminary proof of server encrypted tally." << std::endl;
|
|
return false;
|
|
return false;
|
|
}
|
|
}
|
|
|
|
|
|
|
|
+ EGCiphertext userEncryptedScore =
|
|
|
|
+ servers->get_current_user_encrypted_tally(currProof, shortTermPublicKey);
|
|
|
|
+ if (!verify_valid_user_tally_proof(currProof, shortTermPublicKey, userEncryptedScore))
|
|
|
|
+ {
|
|
|
|
+ std::cerr << "Could not verify preliminary proof of user encrypted tally." << std::endl;
|
|
|
|
+ return false;
|
|
|
|
+ }
|
|
|
|
+
|
|
std::vector<std::vector<CurveBipoint>> encryptedVoteMatrix =
|
|
std::vector<std::vector<CurveBipoint>> encryptedVoteMatrix =
|
|
servers->get_all_current_votes(currProof);
|
|
servers->get_all_current_votes(currProof);
|
|
- if (!verify_valid_vote_matrix_proof(currProof))
|
|
|
|
|
|
+ if (!verify_valid_vote_matrix_proof(currProof, encryptedVoteMatrix))
|
|
{
|
|
{
|
|
std::cerr << "Could not verify preliminary proof of encrypted votes." << std::endl;
|
|
std::cerr << "Could not verify preliminary proof of encrypted votes." << std::endl;
|
|
return false;
|
|
return false;
|
|
@@ -161,7 +154,7 @@ bool PrsonaClient::receive_new_user_data(const std::vector<Proof>& mainProof)
|
|
|
|
|
|
std::vector<Curvepoint> currentPseudonyms =
|
|
std::vector<Curvepoint> currentPseudonyms =
|
|
servers->get_current_pseudonyms(currProof);
|
|
servers->get_current_pseudonyms(currProof);
|
|
- if (!verify_valid_pseudonyms_proof(currProof))
|
|
|
|
|
|
+ if (!verify_valid_pseudonyms_proof(currProof, currentPseudonyms))
|
|
{
|
|
{
|
|
std::cerr << "Could not verify preliminary proof of pseudonyms." << std::endl;
|
|
std::cerr << "Could not verify preliminary proof of pseudonyms." << std::endl;
|
|
return false;
|
|
return false;
|
|
@@ -230,7 +223,7 @@ bool PrsonaClient::verify_reputation_proof(
|
|
EGCiphertext encryptedScore =
|
|
EGCiphertext encryptedScore =
|
|
servers->get_current_user_encrypted_tally(serverProof, shortTermPublicKey);
|
|
servers->get_current_user_encrypted_tally(serverProof, shortTermPublicKey);
|
|
|
|
|
|
- if (!verify_valid_user_tally_proof(serverProof))
|
|
|
|
|
|
+ if (!verify_valid_user_tally_proof(serverProof, shortTermPublicKey, encryptedScore))
|
|
{
|
|
{
|
|
std::cerr << "Error getting score from server, aborting." << std::endl;
|
|
std::cerr << "Error getting score from server, aborting." << std::endl;
|
|
return false;
|
|
return false;
|
|
@@ -319,3 +312,70 @@ std::vector<Proof> PrsonaClient::generate_vote_proof(
|
|
seeds,
|
|
seeds,
|
|
votes);
|
|
votes);
|
|
}
|
|
}
|
|
|
|
+
|
|
|
|
+/*
|
|
|
|
+ * SERVER AGREEMENT PROOFS
|
|
|
|
+ */
|
|
|
|
+
|
|
|
|
+bool PrsonaClient::verify_valid_vote_row_proof(
|
|
|
|
+ const Proof& pi,
|
|
|
|
+ const Curvepoint& shortTermPublicKey,
|
|
|
|
+ const std::vector<CurveBipoint>& commitment) const
|
|
|
|
+{
|
|
|
|
+ std::vector<Proof> fullProof;
|
|
|
|
+ fullProof.push_back(pi);
|
|
|
|
+
|
|
|
|
+ servers->get_other_vote_row_commitments(fullProof, shortTermPublicKey);
|
|
|
|
+
|
|
|
|
+ return PrsonaBase::verify_valid_vote_row_proof(fullProof, commitment);
|
|
|
|
+}
|
|
|
|
+
|
|
|
|
+bool PrsonaClient::verify_valid_vote_matrix_proof(
|
|
|
|
+ const Proof& pi,
|
|
|
|
+ const std::vector<std::vector<CurveBipoint>>& commitment) const
|
|
|
|
+{
|
|
|
|
+ std::vector<Proof> fullProof;
|
|
|
|
+ fullProof.push_back(pi);
|
|
|
|
+
|
|
|
|
+ servers->get_other_vote_matrix_commitments(fullProof);
|
|
|
|
+
|
|
|
|
+ return PrsonaBase::verify_valid_vote_matrix_proof(fullProof, commitment);
|
|
|
|
+}
|
|
|
|
+
|
|
|
|
+bool PrsonaClient::verify_valid_user_tally_proof(
|
|
|
|
+ const Proof& pi,
|
|
|
|
+ const Curvepoint& shortTermPublicKey,
|
|
|
|
+ const EGCiphertext& commitment) const
|
|
|
|
+{
|
|
|
|
+ std::vector<Proof> fullProof;
|
|
|
|
+ fullProof.push_back(pi);
|
|
|
|
+
|
|
|
|
+ servers->get_other_user_tally_commitments(fullProof, shortTermPublicKey);
|
|
|
|
+
|
|
|
|
+ return PrsonaBase::verify_valid_user_tally_proof(fullProof, commitment);
|
|
|
|
+}
|
|
|
|
+
|
|
|
|
+bool PrsonaClient::verify_valid_server_tally_proof(
|
|
|
|
+ const Proof& pi,
|
|
|
|
+ const Curvepoint& shortTermPublicKey,
|
|
|
|
+ const TwistBipoint& commitment) const
|
|
|
|
+{
|
|
|
|
+ std::vector<Proof> fullProof;
|
|
|
|
+ fullProof.push_back(pi);
|
|
|
|
+
|
|
|
|
+ servers->get_other_server_tally_commitments(fullProof, shortTermPublicKey);
|
|
|
|
+
|
|
|
|
+ return PrsonaBase::verify_valid_server_tally_proof(fullProof, commitment);
|
|
|
|
+}
|
|
|
|
+
|
|
|
|
+bool PrsonaClient::verify_valid_pseudonyms_proof(
|
|
|
|
+ const Proof& pi,
|
|
|
|
+ const std::vector<Curvepoint>& commitment) const
|
|
|
|
+{
|
|
|
|
+ std::vector<Proof> fullProof;
|
|
|
|
+ fullProof.push_back(pi);
|
|
|
|
+
|
|
|
|
+ servers->get_other_pseudonyms_commitments(fullProof);
|
|
|
|
+
|
|
|
|
+ return PrsonaBase::verify_valid_pseudonyms_proof(fullProof, commitment);
|
|
|
|
+}
|