av_crypto generate proof of correct encryption

aion-dk · Nov 20, 2024 · d0bded2 · d0bded2
1 parent 9612e06
commit d0bded2
Show file tree

Hide file tree

Showing 2 changed files with 33 additions and 0 deletions.
diff --git a/lib/av_crypto.ts b/lib/av_crypto.ts
@@ -5,6 +5,7 @@ import * as elGamalScheme from "./av_crypto/el_gamal/scheme";
 import {commit as pedersenCommit, isValid as isValidPedersen} from "./av_crypto/pedersen/scheme";
 import {Commitment} from "./av_crypto/pedersen/commitment";
 import * as elGamalCryptogram from "./av_crypto/el_gamal/cryptogram";
+import * as discreteLogarithmScheme from "./av_crypto/discrete_logarithm/scheme"
 
 export const SUPPORTED_ELLIPTIC_CURVE_NAMES = {
   'secp256k1': 'k256',
@@ -83,6 +84,24 @@ export class AVCrypto {
     return c3.toString()
   }
 
+  /**
+   * Generates the proof of correct encryption.
+   *
+   * Used to prove that the empty cryptograms were used in the process of ballot encryption.
+   * This generates one proof for one cryptogram. This should be called for each cryptogram
+   * of the encrypted ballot.
+   *
+   * @param randomizer The encryption randomizer generated by the voter.
+   * @returns Returns the proof string.
+   */
+  public generateProofOfCorrectEncryption(randomizer: string): string {
+    const r = hexToScalar(randomizer, this.curve);
+    const context = "";
+    const proof = discreteLogarithmScheme.prove(r, context, this.curve)
+
+    return proof.toString()
+  }
+
   /**
    * Revert the encryption done by the randomizer.
    * Basically, it decrypts using the randomizer instead of the decryption key.

diff --git a/test/av_crypto/av_crypto.test.ts b/test/av_crypto/av_crypto.test.ts
@@ -2,6 +2,7 @@ import { expect } from "chai";
 import {AVCrypto} from "../../lib/av_crypto";
 import {fixedPoint1Hex, fixedPoint2Hex, fixedScalar1Hex, fixedScalar2Hex} from "./test_helpers";
 import {pattern as cryptogramPattern} from "../../lib/av_crypto/el_gamal/cryptogram";
+import {pattern as proofPattern} from "../../lib/av_crypto/discrete_logarithm/proof";
 
 describe("AVCrypto", () => {
   describe("constructor", () => {
@@ -121,6 +122,19 @@ describe("AVCrypto", () => {
     })
   })
 
+  describe("generateProofOfCorrectEncryption", () => {
+    const curveName = "secp256k1";
+    const crypto = new AVCrypto(curveName)
+    const curve = crypto.curve
+    const randomizer = fixedScalar1Hex(curve)
+
+    it("return a discrete logarithm proof", () => {
+      const proof = crypto.generateProofOfCorrectEncryption(randomizer)
+
+      expect(proof).to.match(proofPattern(curve))
+    })
+  })
+
   describe("commit()", () => {
     const curveName = "secp256k1";
     const crypto = new AVCrypto(curveName)