scicrypt_traits/
threshold_cryptosystems.rs

1use crate::cryptosystems::{AssociatedCiphertext, EncryptionKey};
2use crate::randomness::GeneralRng;
3use crate::randomness::SecureRng;
4use crate::security::BitsOfSecurity;
5use crate::DecryptionError;
6
7/// An asymmetric threshold cryptosystem is a system of methods to encrypt plaintexts into
8/// ciphertexts, but instead of having a single secret key to decrypt them back into plaintexts, we
9/// require a given number of parties to decrypt with their own partial key. If enough parties
10/// partially decrypt, the resulting shares can be combined into the original plaintext. Still,
11/// anyone who has access to the public key can perform encryptions.
12///
13/// We denote a threshold cryptosystem using a tuple like (t, n). This means that t parties can
14/// collectively decrypt, and that there are in total n partial keys. In this special case, all n
15/// keys must be used to decrypt.
16///
17/// The struct that implements an `NOfNCryptosystem` will hold the general parameters
18/// of that cryptosystem. Depending on the cryptosystem, those parameters could play an important
19/// role in deciding the level of security. As such, each cryptosystem should clearly indicate
20/// these.
21pub trait NOfNCryptosystem {
22    /// The public key used to encrypt plaintexts.
23    type PublicKey: EncryptionKey;
24    /// The secret key used to partially decrypt ciphertexts.
25    type SecretKey: PartialDecryptionKey<Self::PublicKey>;
26
27    /// Sets up an instance of this cryptosystem with parameters satisfying the security parameter.
28    fn setup(security_parameter: &BitsOfSecurity) -> Self;
29
30    /// Generate a public key, and $n$ secret keys using a cryptographic RNG.
31    fn generate_keys<R: SecureRng>(
32        &self,
33        key_count_n: usize,
34        rng: &mut GeneralRng<R>,
35    ) -> (Self::PublicKey, Vec<Self::SecretKey>);
36}
37
38/// A partial decryption key partially decrypts ciphertexts to return a decryption share. If enough decryption shares of different keys are combined, they output the correct decryption.
39pub trait PartialDecryptionKey<PK: EncryptionKey> {
40    /// The type of the decryption share. If enough decryption shares of different keys are combined, they output the correct decryption.
41    type DecryptionShare: DecryptionShare<PK>;
42
43    /// Partially decrypts a ciphertext, returning a valid decryption share.
44    fn partial_decrypt<'pk>(
45        &self,
46        ciphertext: &AssociatedCiphertext<'pk, PK::Ciphertext, PK>,
47    ) -> Self::DecryptionShare {
48        self.partial_decrypt_raw(ciphertext.public_key, &ciphertext.ciphertext)
49    }
50    /// Partially decrypts a ciphertext, returning a valid decryption share.
51    fn partial_decrypt_raw(
52        &self,
53        public_key: &PK,
54        ciphertext: &PK::Ciphertext,
55    ) -> Self::DecryptionShare;
56}
57
58/// A `DecryptionShare` is the result of decrypting with a partial key. When enough of these shares
59/// are combined, they reveal the actual decryption.
60pub trait DecryptionShare<PK: EncryptionKey>: Sized {
61    /// Combine $t$ decryption shares belonging to distinct partial keys to finish decryption. It is
62    /// the responsibility of the programmer to supply the right number of decryption shares to
63    /// this function.
64    fn combine(
65        decryption_shares: &[Self],
66        public_key: &PK,
67    ) -> Result<PK::Plaintext, DecryptionError>;
68}
69
70/// An asymmetric threshold cryptosystem is a system of methods to encrypt plaintexts into
71/// ciphertexts, but instead of having a single secret key to decrypt them back into plaintexts, we
72/// require a given number of parties to decrypt with their own partial key. If enough parties
73/// partially decrypt, the resulting shares can be combined into the original plaintext. Still,
74/// anyone who has access to the public key can perform encryptions.
75///
76/// We denote a threshold cryptosystem using a tuple like (t, n). This means that t parties can
77/// collectively decrypt, and that there are in total n partial keys.
78///
79/// The struct that implements an `TOfNCryptosystem` will hold the general parameters
80/// of that cryptosystem. Depending on the cryptosystem, those parameters could play an important
81/// role in deciding the level of security. As such, each cryptosystem should clearly indicate
82/// these.
83pub trait TOfNCryptosystem {
84    /// The public key used to encrypt plaintexts.
85    type PublicKey: EncryptionKey;
86    /// The secret key used to partially decrypt ciphertexts.
87    type SecretKey: PartialDecryptionKey<Self::PublicKey>;
88
89    /// Sets up an instance of this cryptosystem with parameters satisfying the security parameter.
90    fn setup(security_parameter: &BitsOfSecurity) -> Self;
91
92    /// Generate a public and private key pair using a cryptographic RNG.
93    fn generate_keys<R: SecureRng>(
94        &self,
95        threshold_t: usize,
96        key_count_n: usize,
97        rng: &mut GeneralRng<R>,
98    ) -> (Self::PublicKey, Vec<Self::SecretKey>);
99}