Struct zk_paillier::zkproofs::MulProof
source · pub struct MulProof {
pub f: BigInt,
pub z1: BigInt,
pub z2: BigInt,
pub e_d: BigInt,
pub e_db: BigInt,
}
Expand description
This proof is a non-interactive version of Multiplication-mod-n^s protocol taken from DJ01 [https://www.brics.dk/RS/00/45/BRICS-RS-00-45.pdf ]
The prover knows 3 plaintexts a,b,c such that ab = c mod n. The prover goal is to prove that a triplet of ciphertexts encrypts plaintexts a,b,c holding the multiplication relationship
Witness: {a,b,c,r_a,r_b,r_c}
Statement: {e_a, e_b, e_c, ek}
Protocol:
- P picks random values d from Z_n, r_d from Z_n* and computes e_d = Enc_ek(d,r_d), e_db = Enc_ek(db, r_d*r_b)
- using Fiat-Shamir the parties computes a challenge e
- P sends f = ea + d mod n , z1 = r_a^e *r_d mod n^2, z2 = r_b^f * (r_db * r_c^e)^-1 mod n^2
- V checks: e_a^e * e_d = Enc_ek(f, z1), e_b^f*(e_db*e_c^e)^-1 = Enc_pk(0, z2)
Fields
f: BigInt
z1: BigInt
z2: BigInt
e_d: BigInt
e_db: BigInt
Implementations
sourceimpl MulProof
impl MulProof
pub fn prove(witness: &MulWitness, statement: &MulStatement) -> Self
pub fn verify(&self, statement: &MulStatement) -> Result<(), IncorrectProof>
Trait Implementations
sourceimpl<'de> Deserialize<'de> for MulProof
impl<'de> Deserialize<'de> for MulProof
sourcefn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>where
__D: Deserializer<'de>,
fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>where
__D: Deserializer<'de>,
Deserialize this value from the given Serde deserializer. Read more
impl StructuralPartialEq for MulProof
Auto Trait Implementations
impl RefUnwindSafe for MulProof
impl Send for MulProof
impl Sync for MulProof
impl Unpin for MulProof
impl UnwindSafe for MulProof
Blanket Implementations
sourceimpl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
const: unstable · sourcefn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more