Performs a proof of shuffle of commitments. It is an implementation of the Verfication class. More...

#include <proofofshuffleofcommitments.hpp>

Inheritance diagram for proofs::ProofOfShuffleOfCommitments:

Collaboration diagram for proofs::ProofOfShuffleOfCommitments:

Public Member Functions
	ProofOfShuffleOfCommitments (bool &readingWasOK, XmlConfig config, std::vector< uint8_t > prefix, unsigned int nZero, arithm::ArrayOfElmts pedersen, verifierUtils::ByteTree commitmentFSproof, verifierUtils::ByteTree *replyFSproof)
	Creates an instance of a Verification class by setting its two attributes.
bool	isEverythingOK ()
	Checks that the mix-servers commited themselves correctly and knew how to this.
Public Member Functions inherited from proofs::Verification
	Verification (XmlConfig *config, std::vector< uint8_t > prefix, unsigned int nZero)
	Creates an instance of a Verification class by setting its two attributes.
arithm::ArrayOfElmts	randomExponents (verifierUtils::ByteTree *bts, std::vector< uint8_t > &s)
	Used to compute a random exponents vector according to the specification.
arithm::Elmt	getChallenge (std::vector< uint8_t > s)
	Returns a challenge computed from the original seed s and a bytetree.
arithm::ArrayOfElmts	getGenerators ()
	Returns the h attribute.

Private Attributes
arithm::ArrayOfElmts	u
	$u = (u_0,...,u_{N_0-1})$ , an array of Pedersen commitments in .

Additional Inherited Members
Protected Attributes inherited from proofs::Verification
XmlConfig *	protocolFile
	A class containing the information in the protocol info file.
cryptoTools::SHAx *	H
	The hashfunction to be used by the random oracles.
cryptoTools::RO *	ROs
	The random oracle to use to seed the PRG.
cryptoTools::RO *	ROv
	The random oracle to use to generate challenges.
std::vector< uint8_t >	rho
	$\rho$ , a prefix for the random oracle.
unsigned int	n0
	(or ), the size of the arrays.
unsigned int	ne
	, number of bits in each component of random vectors used for batching.
unsigned int	nr
	, acceptable "statistical error" when deriving independent generators.
unsigned int	nv
	, number of bits in challenges.
cryptoTools::PRG *	prg
	Pseudo-random generator used to derive random vectors for batching.
arithm::Group *	gq
	a group of prime order with characteristic .
arithm::Field *	zq
	The field in which the exponent live, .
arithm::ArrayOfElmts	h
	An array of independant generators $h = (h_0,...h_{N_0-1})$ .
verifierUtils::ByteTree *	tau
	The commitment of the Fiat-Shamir proof, $\tau$ .
verifierUtils::ByteTree *	sigma
	The reply of the Fiat-Shamir proof, $\sigma$ .

Detailed Description

Performs a proof of shuffle of commitments. It is an implementation of the Verfication class.

The operation performed in this class are just implementation of the verificatum verifier specification, namely page 15.

Definition at line 32 of file proofofshuffleofcommitments.hpp.

Constructor & Destructor Documentation

ProofOfShuffleOfCommitments::ProofOfShuffleOfCommitments	(	bool &	readingWasOK,
		XmlConfig *	config,
		std::vector< uint8_t >	prefix,
		unsigned int	nZero,
		arithm::ArrayOfElmts	pedersen,
		verifierUtils::ByteTree *	commitmentFSproof,
		verifierUtils::ByteTree *	replyFSproof
	)

Creates an instance of a Verification class by setting its two attributes.

If any variable is wrong, readingWasOK takes the value false. Otherwise, this variable is equal to true at the end of the construction.

Parameters

[out]	readingWasOK	Is false at the end of the construction if there was a problem.
	config	The protocol info file to use.
	prefix	The value to give to the rho attribute.
	nZero	The value to give to the n0 attribute.
	pedersen	Arrays of Pedersen commitments.
	commitmentFSproof	Commitments of the Fiat-Shamir proof.
	replyFSproof	Reply of the Fiat-Shamir proof.

Definition at line 19 of file proofofshuffleofcommitments.cpp.

                                              :
        Verification(config,prefix,nZero)
{
        readingWasOK = true;
        
        u = pedersen;
        if (u.size() != n0)
        {
                std::cout<<"ERROR: in ProofOfShuffleOfCommitments:"
                         <<"u is not of the correct size."
                         <<"u->getSize()="<<u.size()
                         <<"n0="<<n0<<std::endl;
                readingWasOK = false;;
        }
        
        tau = commitmentFSproof;
        if ((tau->size()<5) || (!tau->isNode()))
        {
                std::cout<<"ERROR: in ProofOfShuffleOfCommitments:"
                         <<"tau is not valid.\ntau="<<std::endl;
                tau->prettyPrint("");
                std::cout<<std::endl;
                readingWasOK = false;
        }
        
        sigma = replyFSproof;
        if ((sigma->size()<5) || (!sigma->isNode())
            || (!sigma->getChild(0)->isLeaf())
            || (!sigma->getChild(1)->isNode()) || (sigma->getChild(1)->size() != n0)
            || (!sigma->getChild(2)->isLeaf())
            || (!sigma->getChild(3)->isLeaf())
            || (!sigma->getChild(4)->isNode()) || (sigma->getChild(4)->size() != n0)
                )
        {
                std::cout<<"ERROR: in ProofOfShuffleOfCommitments:"
                         <<"sigma is not valid.\nsigma="<<std::endl;
                sigma->prettyPrint("");
                std::cout<<std::endl;
                readingWasOK = false;;
        }

}

Public Member Functions

Private Attributes

Additional Inherited Members

Detailed Description

Constructor & Destructor Documentation

Member Function Documentation

Member Data Documentation