1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
#![no_std]
#![cfg_attr(feature = "nightly", feature(external_doc))]
#![cfg_attr(feature = "nightly", doc(include = "../README.md"))]
mod ciphertext;
mod decrypt;
mod encrypt;
pub mod util;
use curve25519_dalek::constants::{RISTRETTO_BASEPOINT_POINT, RISTRETTO_BASEPOINT_TABLE};
use curve25519_dalek::ristretto::RistrettoBasepointTable;
pub use curve25519_dalek::scalar::Scalar;
pub use curve25519_dalek::ristretto::RistrettoPoint;
pub use ciphertext::Ciphertext;
pub use decrypt::DecryptionKey;
pub use encrypt::EncryptionKey;
pub const GENERATOR_POINT: RistrettoPoint = RISTRETTO_BASEPOINT_POINT;
pub const GENERATOR_TABLE: RistrettoBasepointTable = RISTRETTO_BASEPOINT_TABLE;
#[cfg(test)]
mod tests {
use rand::prelude::StdRng;
use rand_core::SeedableRng;
use crate::DecryptionKey;
use crate::util::random_point;
#[test]
fn encrypt_decrypt() {
const N: usize = 100;
let mut rng = StdRng::from_entropy();
let dk = DecryptionKey::new(&mut rng);
let ek = dk.encryption_key();
for _ in 0..N {
let m = random_point(&mut rng);
let ct = ek.encrypt(m, &mut rng);
let decrypted = dk.decrypt(ct);
assert_eq!(m, decrypted);
}
}
#[test]
fn rerandomisation() {
const N: usize = 100;
let mut rng = StdRng::from_entropy();
let dk = DecryptionKey::new(&mut rng);
let ek = dk.encryption_key();
let m = random_point(&mut rng);
let ct = ek.encrypt(m, &mut rng);
for _ in 0..N {
let ct = ek.rerandomise(ct, &mut rng);
let decrypted = dk.decrypt(ct);
assert_eq!(m, decrypted);
}
}
#[test]
fn homomorphism() {
const N: usize = 100;
let mut rng = StdRng::from_entropy();
let dk = DecryptionKey::new(&mut rng);
let ek = dk.encryption_key();
for _ in 0..N {
let m1 = random_point(&mut rng);
let m2 = random_point(&mut rng);
let sum = m1 + m2;
let ct1 = ek.encrypt(m1, &mut rng);
let ct2 = ek.encrypt(m2, &mut rng);
let ct_sum = ct1 + ct2;
let decrypted = dk.decrypt(ct_sum);
assert_eq!(sum, decrypted);
}
}
}