signBlind

src/main/java/edu/jhu/isi/CLSign/CLSign.java

@@ -25,113 +25,43 @@ import edu.jhu.isi.CLSign.entities.KeyPair;
 import edu.jhu.isi.CLSign.entities.PublicKey;
 import edu.jhu.isi.CLSign.entities.SecretKey;
 import edu.jhu.isi.CLSign.entities.Signature;
+import edu.jhu.isi.CLSign.keygen.KeyGen;
+import edu.jhu.isi.CLSign.sign.Sign;
+import edu.jhu.isi.CLSign.verify.Verify;
 import it.unisa.dia.gas.jpbc.Element;
 import it.unisa.dia.gas.jpbc.Pairing;
-import it.unisa.dia.gas.jpbc.PairingParameters;
 import it.unisa.dia.gas.plaf.jpbc.field.z.ZrElement;
-import it.unisa.dia.gas.plaf.jpbc.pairing.PairingFactory;
-import it.unisa.dia.gas.plaf.jpbc.pairing.a.TypeACurveGenerator;
 
-import java.util.ArrayList;
 import java.util.List;
-import java.util.stream.Collectors;
 
 public class CLSign {
     public static KeyPair keyGen(final int messageSize) {
-        final Pairing pairing = createPairing();
-        final SecretKey sk = createSecretKey(pairing, messageSize);
-        final PublicKey pk = createPublicKey(pairing, sk);
+        final Pairing pairing = KeyGen.createPairing();
+        final SecretKey sk = KeyGen.createSecretKey(pairing, messageSize);
+        final PublicKey pk = KeyGen.createPublicKey(pairing, sk);
         return new KeyPair(pk, sk);
     }
 
-    private static PublicKey createPublicKey(final Pairing pairing, final SecretKey sk) {
-        final Element generator = pairing.getG1().newRandomElement().getImmutable();
-        final Element generatorT = pairing.getGT().newRandomElement().getImmutable();
-        final Element X = generator.powZn(sk.getX());
-        final Element Y = generator.powZn(sk.getY());
-        final List<Element> Z = sk.getZ().stream()
-                .map(generator::powZn).collect(Collectors.toList());
-        final List<Element> W = sk.getZ().stream()
-                .map(Y::powZn).collect(Collectors.toList());
-        return new PublicKey(pairing, generator, generatorT,
-                X, Y, Z, W);
-    }
-
-    private static SecretKey createSecretKey(final Pairing pairing, final int messageSize) {
-        final ZrElement[] z = new ZrElement[messageSize];
-        for (int i = 0; i < messageSize; i++) {
-            z[i] = (ZrElement) pairing.getZr().newRandomElement().getImmutable();
-        }
-        return new SecretKey((ZrElement) pairing.getZr().newRandomElement().getImmutable(),
-                (ZrElement) pairing.getZr().newRandomElement().getImmutable(), z);
-    }
-
-    private static Pairing createPairing() {
-        int rBits = 160;
-        int qBits = 512;
-
-        final TypeACurveGenerator pairingGenerator = new TypeACurveGenerator(rBits, qBits);
-        final PairingParameters params = pairingGenerator.generate();
-        return PairingFactory.getPairing(params);
-    }
-
-    public static Signature sign(final List<ZrElement> messages, final KeyPair keys) {
-        final PublicKey pk = keys.getPk();
-        final SecretKey sk = keys.getSk();
-        final Element a = pk.getPairing().getG1().newRandomElement().getImmutable();
-        final List<Element> A = sk.getZ().stream().map(a::powZn).collect(Collectors.toCollection(ArrayList::new));
-        final Element b = a.powZn(sk.getY()).getImmutable();
-        final List<Element> B = A.stream().map(Ai -> Ai.powZn(sk.getY())).collect(Collectors.toCollection(ArrayList::new));
-        final Element cPart = pk.getPairing().getG1().newOneElement();
-        final ZrElement xTimesY = sk.getX().mul(sk.getY());
+    public static Element commit(final List<ZrElement> messages, final PublicKey pk) {
+        Element commitment = pk.getGenerator().powZn(messages.get(0));
         for (int i = 1; i < messages.size(); i++) {
-            cPart.mul(A.get(i).powZn(xTimesY.mul(messages.get(i))));
+            commitment = commitment.mul(pk.getZ(i).powZn(messages.get(i)));
         }
-        final Element c = a.powZn(sk.getX().add(xTimesY.mul(messages.get(0)))).mul(cPart).getImmutable();
-
-        return new Signature(a, b, c, A, B);
+        return commitment.getImmutable();
     }
 
-    public static boolean verify(final List<ZrElement> messages, final Signature sigma, final PublicKey pk) {
-        return aFormedCorrectly(sigma, pk)
-                && bFormedCorrectly(sigma, pk)
-                && cFormedCorrectly(messages, sigma, pk);
-    }
-
-    private static boolean aFormedCorrectly(final Signature sigma, final PublicKey pk) {
-        final Pairing p = pk.getPairing();
-        for (int i = 0; i < sigma.getAList().size(); i++) {
-            if (!p.pairing(sigma.getA(), pk.getZ(i))
-                    .isEqual(p.pairing(pk.getGenerator(), sigma.getAList().get(i)))) {
-                return false;
-            }
-        }
-        return true;
+    public static Signature sign(final List<ZrElement> messages, final KeyPair keys) {
+        final Element commitment = commit(messages, keys.getPk());
+        return signBlind(commitment, keys);
     }
 
-    private static boolean bFormedCorrectly(final Signature sigma, final PublicKey pk) {
-        final Pairing p = pk.getPairing();
-        if (!p.pairing(sigma.getA(), pk.getY()).isEqual(p.pairing(pk.getGenerator(), sigma.getB()))) {
-            return false;
-        }
-        for (int i = 0; i < sigma.getBList().size(); i++) {
-            if (!p.pairing(sigma.getAList().get(i), pk.getY())
-                    .isEqual(p.pairing(pk.getGenerator(), sigma.getBList().get(i)))) {
-                return false;
-            }
-        }
-        return true;
+    public static Signature signBlind(final Element commitment, final KeyPair keys) {
+        return Sign.sign(commitment, keys);
     }
 
-    private static boolean cFormedCorrectly(final List<ZrElement> messages, final Signature sigma, final PublicKey pk) {
-        final Pairing p = pk.getPairing();
-        final Element product = p.getGT().newOneElement();
-        for (int i = 1; i < messages.size(); i++) {
-            product.mul(p.pairing(pk.getX(), sigma.getBList().get(i)).powZn(messages.get(i)));
-        }
-        final Element lhs = p.pairing(pk.getX(), sigma.getA())
-                .mul(p.pairing(pk.getX(), sigma.getB()).powZn(messages.get(0)))
-                .mul(product);
-        return lhs.isEqual(p.pairing(pk.getGenerator(), sigma.getC()));
+    public static boolean verify(final List<ZrElement> messages, final Signature sigma, final PublicKey pk) {
+        return Verify.aFormedCorrectly(sigma, pk)
+                && Verify.bFormedCorrectly(sigma, pk)
+                && Verify.cFormedCorrectly(messages, sigma, pk);
     }
 }

src/main/java/edu/jhu/isi/CLSign/keygen/KeyGen.java

+package edu.jhu.isi.CLSign.keygen;
+
+import edu.jhu.isi.CLSign.entities.PublicKey;
+import edu.jhu.isi.CLSign.entities.SecretKey;
+import it.unisa.dia.gas.jpbc.Element;
+import it.unisa.dia.gas.jpbc.Pairing;
+import it.unisa.dia.gas.jpbc.PairingParameters;
+import it.unisa.dia.gas.plaf.jpbc.field.z.ZrElement;
+import it.unisa.dia.gas.plaf.jpbc.pairing.PairingFactory;
+import it.unisa.dia.gas.plaf.jpbc.pairing.a.TypeACurveGenerator;
+
+import java.util.List;
+import java.util.stream.Collectors;
+
+public class KeyGen {
+    public static PublicKey createPublicKey(final Pairing pairing, final SecretKey sk) {
+        final Element generator = pairing.getG1().newRandomElement().getImmutable();
+        final Element generatorT = pairing.getGT().newRandomElement().getImmutable();
+        final Element X = generator.powZn(sk.getX());
+        final Element Y = generator.powZn(sk.getY());
+        final List<Element> Z = sk.getZ().stream()
+                .map(generator::powZn).collect(Collectors.toList());
+        final List<Element> W = sk.getZ().stream()
+                .map(Y::powZn).collect(Collectors.toList());
+        return new PublicKey(pairing, generator, generatorT,
+                X, Y, Z, W);
+    }
+
+    public static SecretKey createSecretKey(final Pairing pairing, final int messageSize) {
+        final ZrElement[] z = new ZrElement[messageSize];
+        for (int i = 0; i < messageSize; i++) {
+            z[i] = (ZrElement) pairing.getZr().newRandomElement().getImmutable();
+        }
+        return new SecretKey((ZrElement) pairing.getZr().newRandomElement().getImmutable(),
+                (ZrElement) pairing.getZr().newRandomElement().getImmutable(), z);
+    }
+
+    public static Pairing createPairing() {
+        int rBits = 160;
+        int qBits = 512;
+
+        final TypeACurveGenerator pairingGenerator = new TypeACurveGenerator(rBits, qBits);
+        final PairingParameters params = pairingGenerator.generate();
+        return PairingFactory.getPairing(params);
+    }
+}

src/main/java/edu/jhu/isi/CLSign/sign/Sign.java

+package edu.jhu.isi.CLSign.sign;
+
+import edu.jhu.isi.CLSign.entities.KeyPair;
+import edu.jhu.isi.CLSign.entities.PublicKey;
+import edu.jhu.isi.CLSign.entities.SecretKey;
+import edu.jhu.isi.CLSign.entities.Signature;
+import it.unisa.dia.gas.jpbc.Element;
+import it.unisa.dia.gas.plaf.jpbc.field.z.ZrElement;
+
+import java.util.ArrayList;
+import java.util.List;
+import java.util.stream.Collectors;
+
+public class Sign {
+    public static Signature sign(final Element commitment, final KeyPair keys) {
+        final PublicKey pk = keys.getPk();
+        final SecretKey sk = keys.getSk();
+        final ZrElement alpha = (ZrElement) pk.getPairing().getZr().newRandomElement().getImmutable();
+        final Element a = pk.getGenerator().powZn(alpha);
+        final List<Element> A = sk.getZ().stream().map(a::powZn).collect(Collectors.toCollection(ArrayList::new));
+        final Element b = a.powZn(sk.getY()).getImmutable();
+        final List<Element> B = A.stream().map(Ai -> Ai.powZn(sk.getY())).collect(Collectors.toCollection(ArrayList::new));
+        final ZrElement xTimesY = alpha.mul(sk.getX().mul(sk.getY()));
+        final Element c = a.powZn(sk.getX()).mul(commitment.powZn(xTimesY)).getImmutable();
+
+        return new Signature(a, b, c, A, B);
+    }
+}

src/main/java/edu/jhu/isi/CLSign/verify/Verify.java

+package edu.jhu.isi.CLSign.verify;
+
+import edu.jhu.isi.CLSign.entities.PublicKey;
+import edu.jhu.isi.CLSign.entities.Signature;
+import it.unisa.dia.gas.jpbc.Element;
+import it.unisa.dia.gas.jpbc.Pairing;
+import it.unisa.dia.gas.plaf.jpbc.field.z.ZrElement;
+
+import java.util.List;
+
+public class Verify {
+    public static boolean aFormedCorrectly(final Signature sigma, final PublicKey pk) {
+        final Pairing p = pk.getPairing();
+        for (int i = 0; i < sigma.getAList().size(); i++) {
+            if (!p.pairing(sigma.getA(), pk.getZ(i))
+                    .isEqual(p.pairing(pk.getGenerator(), sigma.getAList().get(i)))) {
+                return false;
+            }
+        }
+        return true;
+    }
+
+    public static boolean bFormedCorrectly(final Signature sigma, final PublicKey pk) {
+        final Pairing p = pk.getPairing();
+        if (!p.pairing(sigma.getA(), pk.getY()).isEqual(p.pairing(pk.getGenerator(), sigma.getB()))) {
+            return false;
+        }
+        for (int i = 0; i < sigma.getBList().size(); i++) {
+            if (!p.pairing(sigma.getAList().get(i), pk.getY())
+                    .isEqual(p.pairing(pk.getGenerator(), sigma.getBList().get(i)))) {
+                return false;
+            }
+        }
+        return true;
+    }
+
+    public static boolean cFormedCorrectly(final List<ZrElement> messages, final Signature sigma, final PublicKey pk) {
+        final Pairing p = pk.getPairing();
+        final Element product = p.getGT().newOneElement();
+        for (int i = 1; i < messages.size(); i++) {
+            product.mul(p.pairing(pk.getX(), sigma.getBList().get(i)).powZn(messages.get(i)));
+        }
+        final Element lhs = p.pairing(pk.getX(), sigma.getA())
+                .mul(p.pairing(pk.getX(), sigma.getB()).powZn(messages.get(0)))
+                .mul(product);
+        return lhs.isEqual(p.pairing(pk.getGenerator(), sigma.getC()));
+    }
+}