diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml deleted file mode 100644 index d6aeb256..00000000 --- a/.github/workflows/build.yaml +++ /dev/null @@ -1,36 +0,0 @@ -name: Build - -on: - push: - branches: [ main ] - pull_request: - branches: [ main ] - -env: - CARGO_TERM_COLOR: always - -jobs: - build: - runs-on: ubuntu-latest - container: - image: rustlang/rust:nightly - steps: - - uses: actions/checkout@v2 - - name: Build - run: cargo build --verbose --all --tests --benches - - name: Lint - run: cargo fmt --all -- --check - - name: Run tests - run: cargo test --verbose - - security: - runs-on: ubuntu-latest - container: - image: rustlang/rust:nightly - steps: - - uses: actions/checkout@v2 - - name: Install cargo-audit - run: cargo install cargo-audit - - name: Cargo Audit - run: cargo audit - diff --git a/.github/workflows/manual.yml b/.github/workflows/manual.yml deleted file mode 100644 index 4adce10a..00000000 --- a/.github/workflows/manual.yml +++ /dev/null @@ -1,18 +0,0 @@ -name: Manual - -on: [workflow_dispatch] - -env: - CARGO_TERM_COLOR: always - -jobs: - build: - runs-on: ubuntu-latest - container: - image: rustlang/rust:nightly - steps: - - uses: actions/checkout@v2 - - name: Build - run: cargo build --verbose - - name: Run tests - run: cargo test --verbose diff --git a/.github/workflows/workspace.yml b/.github/workflows/workspace.yml new file mode 100644 index 00000000..7a0c7a26 --- /dev/null +++ b/.github/workflows/workspace.yml @@ -0,0 +1,50 @@ +name: Workspace + +on: + pull_request: + paths-ignore: + - README.md + push: + branches: + - main + paths-ignore: + - README.md + tags: + - v* + +env: + CARGO_INCREMENTAL: 0 + RUSTFLAGS: "-Dwarnings" + +jobs: + clippy: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v1 + - uses: actions-rs/toolchain@v1 + with: + toolchain: stable + components: clippy + override: true + profile: minimal + - run: cargo clippy --all --all-features -- -D warnings + + rustfmt: + runs-on: ubuntu-latest + steps: + - name: Checkout sources + uses: actions/checkout@v1 + + - name: Install stable toolchain + uses: actions-rs/toolchain@v1 + with: + toolchain: stable + components: rustfmt + profile: minimal + override: true + + - name: Run cargo fmt + uses: actions-rs/cargo@v1 + with: + command: fmt + args: --all -- --check diff --git a/.gitignore b/.gitignore index ea8c4bf7..9240575c 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,3 @@ -/target +target +*.wasm +tpke-python/py-benches/inputs/ \ No newline at end of file diff --git a/Cargo.lock b/Cargo.lock index 2f09c4f0..6d6161a3 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -38,6 +38,21 @@ dependencies = [ "version_check", ] +[[package]] +name = "android_system_properties" +version = "0.1.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "819e7219dbd41043ac279b19830f2efc897156490d7fd6ea916720117ee66311" +dependencies = [ + "libc", +] + +[[package]] +name = "anes" +version = "0.1.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4b46cbb362ab8752921c97e041f5e366ee6297bd428a31275b9fcf1e380f7299" + [[package]] name = "anyhow" version = "1.0.61" @@ -212,13 +227,19 @@ checksum = "cab84319d616cfb654d03394f38ab7e6f0919e181b1b57e1fd15e7fb4077d9a7" dependencies = [ "addr2line", "cc", - "cfg-if", + "cfg-if 1.0.0", "libc", "miniz_oxide", "object", "rustc-demangle", ] +[[package]] +name = "base64" +version = "0.13.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9e1b586273c5702936fe7b7d6896644d8be71e6314cfe09d3167c95f712589e8" + [[package]] name = "bincode" version = "1.3.3" @@ -359,6 +380,12 @@ version = "1.0.73" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2fff2a6927b3bb87f9595d67196a70493f627687a71d87a0d692242c33f58c11" +[[package]] +name = "cfg-if" +version = "0.1.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4785bdd1c96b2a846b2bd7cc02e86b6b3dbf14e7e53446c4f54c92a361040822" + [[package]] name = "cfg-if" version = "1.0.0" @@ -371,7 +398,7 @@ version = "0.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c7fc89c7c5b9e7a02dfe45cd2367bae382f9ed31c61ca8debe5f827c420a2f08" dependencies = [ - "cfg-if", + "cfg-if 1.0.0", "cipher", "cpufeatures", ] @@ -389,6 +416,46 @@ dependencies = [ "zeroize", ] +[[package]] +name = "chrono" +version = "0.4.22" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bfd4d1b31faaa3a89d7934dbded3111da0d2ef28e3ebccdb4f0179f5929d1ef1" +dependencies = [ + "iana-time-zone", + "num-integer", + "num-traits", + "serde", + "winapi", +] + +[[package]] +name = "ciborium" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b0c137568cc60b904a7724001b35ce2630fd00d5d84805fbb608ab89509d788f" +dependencies = [ + "ciborium-io", + "ciborium-ll", + "serde", +] + +[[package]] +name = "ciborium-io" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "346de753af073cc87b52b2083a506b38ac176a44cfb05497b622e27be899b369" + +[[package]] +name = "ciborium-ll" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "213030a2b5a4e0c0892b6652260cf6ccac84827b83a85a534e178e3906c4cf1b" +dependencies = [ + "ciborium-io", + "half", +] + [[package]] name = "cipher" version = "0.4.3" @@ -407,23 +474,70 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a0610544180c38b88101fecf2dd634b174a62eef6946f84dfc6a7127512b381c" dependencies = [ "bitflags", - "textwrap", + "textwrap 0.11.0", + "unicode-width", +] + +[[package]] +name = "clap" +version = "3.2.23" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "71655c45cb9845d3270c9d6df84ebe72b4dad3c2ba3f7023ad47c144e4e473a5" +dependencies = [ + "bitflags", + "clap_lex", + "indexmap", + "textwrap 0.16.0", +] + +[[package]] +name = "clap_lex" +version = "0.2.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2850f2f5a82cbf437dd5af4d49848fbdfc27c157c3d010345776f952765261c5" +dependencies = [ + "os_str_bytes", +] + +[[package]] +name = "codespan-reporting" +version = "0.11.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3538270d33cc669650c4b093848450d380def10c331d38c768e34cac80576e6e" +dependencies = [ + "termcolor", "unicode-width", ] +[[package]] +name = "console_error_panic_hook" +version = "0.1.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a06aeb73f470f66dcdbf7223caeebb85984942f22f1adb2a088cf9668146bbbc" +dependencies = [ + "cfg-if 1.0.0", + "wasm-bindgen", +] + [[package]] name = "constant_time_eq" version = "0.1.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "245097e9a4535ee1e3e3931fcfcd55a796a44c643e8596ff6566d68f09b87bbc" +[[package]] +name = "core-foundation-sys" +version = "0.8.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5827cebf4670468b8772dd191856768aedcb1b0278a04f989f7766351917b9dc" + [[package]] name = "cpp_demangle" version = "0.3.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "eeaa953eaad386a53111e47172c2fedba671e5684c8dd601a5f474f4f118710f" dependencies = [ - "cfg-if", + "cfg-if 1.0.0", ] [[package]] @@ -443,8 +557,8 @@ checksum = "b01d6de93b2b6c65e17c634a26653a29d107b3c98c607c765bf38d041531cd8f" dependencies = [ "atty", "cast", - "clap", - "criterion-plot", + "clap 2.34.0", + "criterion-plot 0.4.5", "csv", "itertools", "lazy_static", @@ -461,6 +575,30 @@ dependencies = [ "walkdir", ] +[[package]] +name = "criterion" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e7c76e09c1aae2bc52b3d2f29e13c6572553b30c4aa1b8a49fd70de6412654cb" +dependencies = [ + "anes", + "atty", + "cast", + "ciborium", + "clap 3.2.23", + "criterion-plot 0.5.0", + "itertools", + "lazy_static", + "num-traits", + "oorandom", + "regex", + "serde", + "serde_derive", + "serde_json", + "tinytemplate", + "walkdir", +] + [[package]] name = "criterion-plot" version = "0.4.5" @@ -471,13 +609,23 @@ dependencies = [ "itertools", ] +[[package]] +name = "criterion-plot" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6b50826342786a51a89e2da3a28f1c32b06e387201bc2d19791f622c673706b1" +dependencies = [ + "cast", + "itertools", +] + [[package]] name = "crossbeam-channel" version = "0.5.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c2dd04ddaf88237dc3b8d8f9a3c1004b506b54b3313403944054d23c0870c521" dependencies = [ - "cfg-if", + "cfg-if 1.0.0", "crossbeam-utils", ] @@ -487,7 +635,7 @@ version = "0.8.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "715e8152b692bba2d374b53d4875445368fdf21a94751410af607a5ac677d1fc" dependencies = [ - "cfg-if", + "cfg-if 1.0.0", "crossbeam-epoch", "crossbeam-utils", ] @@ -499,7 +647,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "045ebe27666471bb549370b4b0b3e51b07f56325befa4284db65fc89c02511b1" dependencies = [ "autocfg", - "cfg-if", + "cfg-if 1.0.0", "crossbeam-utils", "memoffset", "once_cell", @@ -512,7 +660,7 @@ version = "0.8.11" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "51887d4adc7b564537b15adcfb307936f8075dfcd5f00dde9a9f1d29383682bc" dependencies = [ - "cfg-if", + "cfg-if 1.0.0", "once_cell", ] @@ -562,6 +710,85 @@ dependencies = [ "zeroize", ] +[[package]] +name = "cxx" +version = "1.0.81" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "97abf9f0eca9e52b7f81b945524e76710e6cb2366aead23b7d4fbf72e281f888" +dependencies = [ + "cc", + "cxxbridge-flags", + "cxxbridge-macro", + "link-cplusplus", +] + +[[package]] +name = "cxx-build" +version = "1.0.81" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7cc32cc5fea1d894b77d269ddb9f192110069a8a9c1f1d441195fba90553dea3" +dependencies = [ + "cc", + "codespan-reporting", + "once_cell", + "proc-macro2", + "quote", + "scratch", + "syn", +] + +[[package]] +name = "cxxbridge-flags" +version = "1.0.81" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8ca220e4794c934dc6b1207c3b42856ad4c302f2df1712e9f8d2eec5afaacf1f" + +[[package]] +name = "cxxbridge-macro" +version = "1.0.81" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b846f081361125bfc8dc9d3940c84e1fd83ba54bbca7b17cd29483c828be0704" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "darling" +version = "0.14.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b0dd3cd20dc6b5a876612a6e5accfe7f3dd883db6d07acfbf14c128f61550dfa" +dependencies = [ + "darling_core", + "darling_macro", +] + +[[package]] +name = "darling_core" +version = "0.14.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a784d2ccaf7c98501746bf0be29b2022ba41fd62a2e622af997a03e9f972859f" +dependencies = [ + "fnv", + "ident_case", + "proc-macro2", + "quote", + "strsim", + "syn", +] + +[[package]] +name = "darling_macro" +version = "0.14.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7618812407e9402654622dd402b0a89dff9ba93badd6540781526117b92aab7e" +dependencies = [ + "darling_core", + "quote", + "syn", +] + [[package]] name = "debugid" version = "0.7.3" @@ -659,7 +886,7 @@ dependencies = [ "blake2", "blake2b_simd", "borsh", - "criterion", + "criterion 0.3.6", "digest 0.10.3", "ed25519-dalek", "either", @@ -671,7 +898,6 @@ dependencies = [ "miracl_core", "num", "pprof", - "rand 0.7.3", "rand 0.8.5", "serde", "serde_bytes", @@ -708,6 +934,12 @@ dependencies = [ "winapi", ] +[[package]] +name = "fnv" +version = "1.0.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1" + [[package]] name = "generic-array" version = "0.14.6" @@ -724,7 +956,7 @@ version = "0.1.16" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8fc3cb4d91f53b50155bdcfd23f6a4c39ae1969c2ae85982b135750cccaf5fce" dependencies = [ - "cfg-if", + "cfg-if 1.0.0", "libc", "wasi 0.9.0+wasi-snapshot-preview1", ] @@ -735,9 +967,11 @@ version = "0.2.7" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4eb1a864a501629691edf6c15a593b7a51eebaa1e8468e9ddc623de7c9b58ec6" dependencies = [ - "cfg-if", + "cfg-if 1.0.0", + "js-sys", "libc", "wasi 0.11.0+wasi-snapshot-preview1", + "wasm-bindgen", ] [[package]] @@ -757,15 +991,18 @@ dependencies = [ "ark-poly", "ark-serialize", "ark-std", + "bincode", "blake2b_simd", "chacha20poly1305", - "criterion", + "criterion 0.4.0", "hex", "itertools", "miracl_core", "rand 0.8.5", "rand_core 0.6.3", "rayon", + "serde", + "serde_with", "subproductdomain", "thiserror", ] @@ -806,6 +1043,36 @@ version = "0.4.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "7f24254aa9a54b5c858eaee2f5bccdb46aaf0e486a595ed5fd8f86ba55232a70" +[[package]] +name = "iana-time-zone" +version = "0.1.53" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "64c122667b287044802d6ce17ee2ddf13207ed924c712de9a66a5814d5b64765" +dependencies = [ + "android_system_properties", + "core-foundation-sys", + "iana-time-zone-haiku", + "js-sys", + "wasm-bindgen", + "winapi", +] + +[[package]] +name = "iana-time-zone-haiku" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0703ae284fc167426161c2e3f1da3ea71d94b21bedbcc9494e92b28e334e3dca" +dependencies = [ + "cxx", + "cxx-build", +] + +[[package]] +name = "ident_case" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b9e0384b61958566e926dc50660321d12159025e767c18e043daf26b70104c39" + [[package]] name = "indexmap" version = "1.9.1" @@ -814,8 +1081,15 @@ checksum = "10a35a97730320ffe8e2d410b5d3b69279b98d2c14bdb8b70ea89ecf7888d41e" dependencies = [ "autocfg", "hashbrown 0.12.3", + "serde", ] +[[package]] +name = "indoc" +version = "1.0.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "adab1eaa3408fb7f0c777a73e7465fd5656136fc93b670eb6df3c88c2c1344e3" + [[package]] name = "inferno" version = "0.10.12" @@ -849,7 +1123,7 @@ version = "0.1.12" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "7a5bbe824c507c5da5956355e86a746d82e0e1464f65d862cc5e71da70e94b2c" dependencies = [ - "cfg-if", + "cfg-if 1.0.0", "js-sys", "wasm-bindgen", "web-sys", @@ -903,6 +1177,15 @@ version = "0.2.129" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "64de3cc433455c14174d42e554d4027ee631c4d046d43e3ecc6efc4636cdc7a7" +[[package]] +name = "link-cplusplus" +version = "1.0.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9272ab7b96c9046fbc5bc56c06c117cb639fe2d509df0c421cad82d2915cf369" +dependencies = [ + "cc", +] + [[package]] name = "lock_api" version = "0.4.7" @@ -919,7 +1202,7 @@ version = "0.4.17" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "abb12e687cfb44aa40f41fc3978ef76448f9b6038cad6aef4259d3c095a2382e" dependencies = [ - "cfg-if", + "cfg-if 1.0.0", ] [[package]] @@ -956,6 +1239,12 @@ dependencies = [ "autocfg", ] +[[package]] +name = "memory_units" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8452105ba047068f40ff7093dd1d9da90898e63dd61736462e9cdda6a90ad3c3" + [[package]] name = "merlin" version = "2.0.1" @@ -991,7 +1280,7 @@ checksum = "9f866317acbd3a240710c63f065ffb1e4fd466259045ccb504130b7f668f35c6" dependencies = [ "bitflags", "cc", - "cfg-if", + "cfg-if 1.0.0", "libc", "memoffset", ] @@ -1125,6 +1414,12 @@ version = "0.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "624a8340c38c1b80fd549087862da4ba43e08858af025b236e509b6649fc13d5" +[[package]] +name = "os_str_bytes" +version = "6.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3baf96e39c5359d2eb0dd6ccb42c62b91d9678aa68160d261b9e0ccbf9e9dea9" + [[package]] name = "parking_lot" version = "0.11.2" @@ -1142,7 +1437,7 @@ version = "0.8.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d76e8e1493bcac0d2766c42737f34458f1c8c50c0d23bcb24ea953affb273216" dependencies = [ - "cfg-if", + "cfg-if 1.0.0", "instant", "libc", "redox_syscall", @@ -1211,8 +1506,8 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "55f35f865aa964be21fcde114cbd1cfbd9bf8a471460ed965b0f84f96c711401" dependencies = [ "backtrace", - "cfg-if", - "criterion", + "cfg-if 1.0.0", + "criterion 0.3.6", "findshlibs", "inferno", "lazy_static", @@ -1250,6 +1545,75 @@ dependencies = [ "unicode-ident", ] +[[package]] +name = "pyo3" +version = "0.16.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0220c44442c9b239dd4357aa856ac468a4f5e1f0df19ddb89b2522952eb4c6ca" +dependencies = [ + "cfg-if 1.0.0", + "indoc", + "libc", + "parking_lot", + "pyo3-build-config 0.16.6", + "pyo3-ffi", + "pyo3-macros", + "unindent", +] + +[[package]] +name = "pyo3-build-config" +version = "0.16.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9c819d397859445928609d0ec5afc2da5204e0d0f73d6bf9e153b04e83c9cdc2" +dependencies = [ + "once_cell", + "target-lexicon", +] + +[[package]] +name = "pyo3-build-config" +version = "0.17.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "28fcd1e73f06ec85bf3280c48c67e731d8290ad3d730f8be9dc07946923005c8" +dependencies = [ + "once_cell", + "target-lexicon", +] + +[[package]] +name = "pyo3-ffi" +version = "0.16.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ca882703ab55f54702d7bfe1189b41b0af10272389f04cae38fe4cd56c65f75f" +dependencies = [ + "libc", + "pyo3-build-config 0.16.6", +] + +[[package]] +name = "pyo3-macros" +version = "0.16.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "568749402955ad7be7bad9a09b8593851cd36e549ac90bfd44079cea500f3f21" +dependencies = [ + "proc-macro2", + "pyo3-macros-backend", + "quote", + "syn", +] + +[[package]] +name = "pyo3-macros-backend" +version = "0.16.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "611f64e82d98f447787e82b8e7b0ebc681e1eb78fc1252668b2c605ffb4e1eb8" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + [[package]] name = "quick-xml" version = "0.22.0" @@ -1441,12 +1805,24 @@ dependencies = [ "winapi-util", ] +[[package]] +name = "scoped-tls" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e1cf6437eb19a8f4a6cc0f7dca544973b0b78843adbfeb3683d1a94a0024a294" + [[package]] name = "scopeguard" version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d29ab0c6d3fc0ee92fe66e2d99f700eab17a8d57d1c1d3b748380fb20baa78cd" +[[package]] +name = "scratch" +version = "1.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9c8132065adcfd6e02db789d9285a0deb2f3fcb04002865ab67d5fb103533898" + [[package]] name = "semver" version = "0.11.0" @@ -1515,6 +1891,34 @@ dependencies = [ "serde", ] +[[package]] +name = "serde_with" +version = "2.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "368f2d60d049ea019a84dcd6687b0d1e0030fe663ae105039bdf967ed5e6a9a7" +dependencies = [ + "base64", + "chrono", + "hex", + "indexmap", + "serde", + "serde_json", + "serde_with_macros", + "time", +] + +[[package]] +name = "serde_with_macros" +version = "2.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1ccadfacf6cf10faad22bbadf55986bdd0856edfb5d9210aa1dcf1f516e84e93" +dependencies = [ + "darling", + "proc-macro2", + "quote", + "syn", +] + [[package]] name = "sha2" version = "0.9.9" @@ -1522,7 +1926,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4d58a1e1bf39749807d89cf2d98ac2dfa0ff1cb3faa38fbb64dd88ac8013d800" dependencies = [ "block-buffer 0.9.0", - "cfg-if", + "cfg-if 1.0.0", "cpufeatures", "digest 0.9.0", "opaque-debug", @@ -1552,6 +1956,12 @@ version = "0.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9091b6114800a5f2141aee1d1b9d6ca3592ac062dc5decb3764ec5895a47b4eb" +[[package]] +name = "strsim" +version = "0.10.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "73473c0e59e6d5812c5dfe2a064a6444949f089e20eec9a2e5506596494e4623" + [[package]] name = "subproductdomain" version = "0.1.0" @@ -1617,13 +2027,19 @@ dependencies = [ "unicode-xid", ] +[[package]] +name = "target-lexicon" +version = "0.12.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9410d0f6853b1d94f0e519fb95df60f29d2c1eff2d921ffdf01a4c8a3b54f12d" + [[package]] name = "tempfile" version = "3.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "5cdb1ef4eaeeaddc8fbd371e5017057064af0911902ef36b39801f67cc6d79e4" dependencies = [ - "cfg-if", + "cfg-if 1.0.0", "fastrand", "libc", "redox_syscall", @@ -1631,6 +2047,15 @@ dependencies = [ "winapi", ] +[[package]] +name = "termcolor" +version = "1.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bab24d30b911b2376f3a13cc2cd443142f0c81dda04c118693e35b3835757755" +dependencies = [ + "winapi-util", +] + [[package]] name = "textwrap" version = "0.11.0" @@ -1640,6 +2065,12 @@ dependencies = [ "unicode-width", ] +[[package]] +name = "textwrap" +version = "0.16.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "222a222a5bfe1bba4a77b45ec488a741b3cb8872e5e499451fd7d0129c9c7c3d" + [[package]] name = "thiserror" version = "1.0.30" @@ -1660,6 +2091,33 @@ dependencies = [ "syn", ] +[[package]] +name = "time" +version = "0.3.17" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a561bf4617eebd33bca6434b988f39ed798e527f51a1e797d0ee4f61c0a38376" +dependencies = [ + "itoa 1.0.3", + "serde", + "time-core", + "time-macros", +] + +[[package]] +name = "time-core" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2e153e1f1acaef8acc537e68b44906d2db6436e2b35ac2c6b42640fff91f00fd" + +[[package]] +name = "time-macros" +version = "0.2.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d967f99f534ca7e495c575c62638eebc2898a8c84c119b89e250477bc4ba16b2" +dependencies = [ + "time-core", +] + [[package]] name = "tinytemplate" version = "1.2.1" @@ -1679,6 +2137,39 @@ dependencies = [ "serde", ] +[[package]] +name = "tpke-python" +version = "0.1.0" +dependencies = [ + "group-threshold-cryptography", + "pyo3", + "pyo3-build-config 0.17.3", +] + +[[package]] +name = "tpke-wasm" +version = "0.1.0" +dependencies = [ + "ark-bls12-381", + "ark-ec", + "ark-ff", + "ark-serialize", + "ark-std", + "bincode", + "console_error_panic_hook", + "criterion 0.4.0", + "getrandom 0.2.7", + "group-threshold-cryptography", + "js-sys", + "rand 0.8.5", + "rand_core 0.6.3", + "serde", + "serde_with", + "wasm-bindgen", + "wasm-bindgen-test", + "wee_alloc", +] + [[package]] name = "typenum" version = "1.15.0" @@ -1709,6 +2200,12 @@ version = "0.2.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "957e51f3646910546462e67d5f7599b9e4fb8acdd304b087a6494730f9eebf04" +[[package]] +name = "unindent" +version = "0.1.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "58ee9362deb4a96cef4d437d1ad49cffc9b9e92d202b6995674e928ce684f112" + [[package]] name = "universal-hash" version = "0.5.0" @@ -1760,7 +2257,9 @@ version = "0.2.82" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "fc7652e3f6c4706c8d9cd54832c4a4ccb9b5336e2c3bd154d5cccfbf1c1f5f7d" dependencies = [ - "cfg-if", + "cfg-if 1.0.0", + "serde", + "serde_json", "wasm-bindgen-macro", ] @@ -1779,6 +2278,18 @@ dependencies = [ "wasm-bindgen-shared", ] +[[package]] +name = "wasm-bindgen-futures" +version = "0.4.32" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fa76fb221a1f8acddf5b54ace85912606980ad661ac7a503b4570ffd3a624dad" +dependencies = [ + "cfg-if 1.0.0", + "js-sys", + "wasm-bindgen", + "web-sys", +] + [[package]] name = "wasm-bindgen-macro" version = "0.2.82" @@ -1808,6 +2319,30 @@ version = "0.2.82" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6598dd0bd3c7d51095ff6531a5b23e02acdc81804e30d8f07afb77b7215a140a" +[[package]] +name = "wasm-bindgen-test" +version = "0.3.32" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "513df541345bb9fcc07417775f3d51bbb677daf307d8035c0afafd87dc2e6599" +dependencies = [ + "console_error_panic_hook", + "js-sys", + "scoped-tls", + "wasm-bindgen", + "wasm-bindgen-futures", + "wasm-bindgen-test-macro", +] + +[[package]] +name = "wasm-bindgen-test-macro" +version = "0.3.32" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6150d36a03e90a3cf6c12650be10626a9902d70c5270fd47d7a47e5389a10d56" +dependencies = [ + "proc-macro2", + "quote", +] + [[package]] name = "web-sys" version = "0.3.59" @@ -1818,6 +2353,18 @@ dependencies = [ "wasm-bindgen", ] +[[package]] +name = "wee_alloc" +version = "0.4.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dbb3b5a6b2bb17cb6ad44a2e68a43e8d2722c997da10e928665c72ec6c0a0b8e" +dependencies = [ + "cfg-if 0.1.10", + "libc", + "memory_units", + "winapi", +] + [[package]] name = "winapi" version = "0.3.9" diff --git a/Cargo.toml b/Cargo.toml index b9e747e7..72edf305 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -5,6 +5,8 @@ members = [ "ferveo-common", "subproductdomain", "tpke", + "tpke-wasm", + "tpke-python", ] [profile.bench] diff --git a/ferveo-common/src/keypair.rs b/ferveo-common/src/keypair.rs index fcc13cd3..b57a3f1c 100644 --- a/ferveo-common/src/keypair.rs +++ b/ferveo-common/src/keypair.rs @@ -22,8 +22,8 @@ impl From> for PreparedPublicKey { Copy, Clone, Debug, - PartialEq, Eq, + PartialEq, Serialize, Deserialize, CanonicalSerialize, @@ -46,8 +46,8 @@ impl Default for PublicKey { Clone, Copy, Debug, - PartialEq, Eq, + PartialEq, Serialize, Deserialize, CanonicalSerialize, diff --git a/ferveo/Cargo.toml b/ferveo/Cargo.toml index a23475f2..840d9c41 100644 --- a/ferveo/Cargo.toml +++ b/ferveo/Cargo.toml @@ -18,7 +18,6 @@ ark-ff = "0.3" ark-serialize = "0.3" ark-poly = "0.3" rand = "0.8" -rand_old = { package = "rand", version = "0.7" } either = "1.6.1" hex = "0.4.2" miracl_core = "2.3.0" diff --git a/ferveo/src/dkg.rs b/ferveo/src/dkg.rs index 0795e8ae..daba9172 100644 --- a/ferveo/src/dkg.rs +++ b/ferveo/src/dkg.rs @@ -28,7 +28,7 @@ pub struct Params { pub retry_after: u32, } -#[derive(Clone, Debug, PartialEq, Eq)] +#[derive(Clone, Debug, Eq, PartialEq)] pub enum PvssScheduler { Wait, Issue, diff --git a/tpke-python/.gitignore b/tpke-python/.gitignore new file mode 100644 index 00000000..b2417b63 --- /dev/null +++ b/tpke-python/.gitignore @@ -0,0 +1,7 @@ +__pycache__ +*.egg-info +*.so +build/ +dist/ +docs/_build + diff --git a/tpke-python/BENCHMARK.md b/tpke-python/BENCHMARK.md new file mode 100644 index 00000000..6115eaff --- /dev/null +++ b/tpke-python/BENCHMARK.md @@ -0,0 +1,52 @@ +# Benchmarks + +## Hardware + +Benchmarks produced on: + +- Intel® Core™ i7-10875H CPU @ 2.30GHz × 16 (single-threaded), +- Version 107.0.5304.110 (Official Build) (64-bit), +- Pop!\_OS 22.04 LTS (64-bit), + +### Setup + +First, build the WASM target and make inputs for Python benchmarks: + +```bash +cd tpke-wasm +wasm-pack build --release --target nodejs # Notice the target +node scripts/make-python-bench-inputs.js +``` + +Then, build and install the Python package: + +```bash +cd tpke-python +pip install -e . +``` + +### Running + +```bash +cd tpke-python +python py-benches/benchmark.py + +``` + +## Results + +Using fixed values, such that `shares=num_entities=threshold`. + +Rounding to nearest ms. + +### Python Results + +Filename refers to the number of shares. + +``` +participant-payloads-8.json: 2 ms +participant-payloads-16.json: 3 ms +participant-payloads-32.json: 6 ms +participant-payloads-64.json: 12 ms +participant-payloads-128.json: 25 ms +``` diff --git a/tpke-python/Cargo.toml b/tpke-python/Cargo.toml new file mode 100644 index 00000000..4387875e --- /dev/null +++ b/tpke-python/Cargo.toml @@ -0,0 +1,15 @@ +[package] +name = "tpke-python" +authors = ["Piotr Roslaniec "] +version = "0.1.0" +edition = "2018" + +[lib] +crate-type = ["cdylib"] + +[dependencies] +pyo3 = "0.16" +group-threshold-cryptography = { path = "../tpke"} + +[build-dependencies] +pyo3-build-config = "*" diff --git a/tpke-python/LICENSE b/tpke-python/LICENSE new file mode 100755 index 00000000..2fb2e74d --- /dev/null +++ b/tpke-python/LICENSE @@ -0,0 +1,675 @@ +### GNU GENERAL PUBLIC LICENSE + +Version 3, 29 June 2007 + +Copyright (C) 2007 Free Software Foundation, Inc. + + +Everyone is permitted to copy and distribute verbatim copies of this +license document, but changing it is not allowed. + +### Preamble + +The GNU General Public License is a free, copyleft license for +software and other kinds of works. + +The licenses for most software and other practical works are designed +to take away your freedom to share and change the works. By contrast, +the GNU General Public License is intended to guarantee your freedom +to share and change all versions of a program--to make sure it remains +free software for all its users. We, the Free Software Foundation, use +the GNU General Public License for most of our software; it applies +also to any other work released this way by its authors. You can apply +it to your programs, too. + +When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +them if you wish), that you receive source code or can get it if you +want it, that you can change the software or use pieces of it in new +free programs, and that you know you can do these things. + +To protect your rights, we need to prevent others from denying you +these rights or asking you to surrender the rights. Therefore, you +have certain responsibilities if you distribute copies of the +software, or if you modify it: responsibilities to respect the freedom +of others. + +For example, if you distribute copies of such a program, whether +gratis or for a fee, you must pass on to the recipients the same +freedoms that you received. You must make sure that they, too, receive +or can get the source code. And you must show them these terms so they +know their rights. + +Developers that use the GNU GPL protect your rights with two steps: +(1) assert copyright on the software, and (2) offer you this License +giving you legal permission to copy, distribute and/or modify it. + +For the developers' and authors' protection, the GPL clearly explains +that there is no warranty for this free software. For both users' and +authors' sake, the GPL requires that modified versions be marked as +changed, so that their problems will not be attributed erroneously to +authors of previous versions. + +Some devices are designed to deny users access to install or run +modified versions of the software inside them, although the +manufacturer can do so. This is fundamentally incompatible with the +aim of protecting users' freedom to change the software. The +systematic pattern of such abuse occurs in the area of products for +individuals to use, which is precisely where it is most unacceptable. +Therefore, we have designed this version of the GPL to prohibit the +practice for those products. If such problems arise substantially in +other domains, we stand ready to extend this provision to those +domains in future versions of the GPL, as needed to protect the +freedom of users. + +Finally, every program is threatened constantly by software patents. +States should not allow patents to restrict development and use of +software on general-purpose computers, but in those that do, we wish +to avoid the special danger that patents applied to a free program +could make it effectively proprietary. To prevent this, the GPL +assures that patents cannot be used to render the program non-free. + +The precise terms and conditions for copying, distribution and +modification follow. + +### TERMS AND CONDITIONS + +#### 0. Definitions. + +"This License" refers to version 3 of the GNU General Public License. + +"Copyright" also means copyright-like laws that apply to other kinds +of works, such as semiconductor masks. + +"The Program" refers to any copyrightable work licensed under this +License. Each licensee is addressed as "you". "Licensees" and +"recipients" may be individuals or organizations. + +To "modify" a work means to copy from or adapt all or part of the work +in a fashion requiring copyright permission, other than the making of +an exact copy. The resulting work is called a "modified version" of +the earlier work or a work "based on" the earlier work. + +A "covered work" means either the unmodified Program or a work based +on the Program. + +To "propagate" a work means to do anything with it that, without +permission, would make you directly or secondarily liable for +infringement under applicable copyright law, except executing it on a +computer or modifying a private copy. Propagation includes copying, +distribution (with or without modification), making available to the +public, and in some countries other activities as well. + +To "convey" a work means any kind of propagation that enables other +parties to make or receive copies. Mere interaction with a user +through a computer network, with no transfer of a copy, is not +conveying. + +An interactive user interface displays "Appropriate Legal Notices" to +the extent that it includes a convenient and prominently visible +feature that (1) displays an appropriate copyright notice, and (2) +tells the user that there is no warranty for the work (except to the +extent that warranties are provided), that licensees may convey the +work under this License, and how to view a copy of this License. If +the interface presents a list of user commands or options, such as a +menu, a prominent item in the list meets this criterion. + +#### 1. Source Code. + +The "source code" for a work means the preferred form of the work for +making modifications to it. "Object code" means any non-source form of +a work. + +A "Standard Interface" means an interface that either is an official +standard defined by a recognized standards body, or, in the case of +interfaces specified for a particular programming language, one that +is widely used among developers working in that language. + +The "System Libraries" of an executable work include anything, other +than the work as a whole, that (a) is included in the normal form of +packaging a Major Component, but which is not part of that Major +Component, and (b) serves only to enable use of the work with that +Major Component, or to implement a Standard Interface for which an +implementation is available to the public in source code form. A +"Major Component", in this context, means a major essential component +(kernel, window system, and so on) of the specific operating system +(if any) on which the executable work runs, or a compiler used to +produce the work, or an object code interpreter used to run it. + +The "Corresponding Source" for a work in object code form means all +the source code needed to generate, install, and (for an executable +work) run the object code and to modify the work, including scripts to +control those activities. However, it does not include the work's +System Libraries, or general-purpose tools or generally available free +programs which are used unmodified in performing those activities but +which are not part of the work. For example, Corresponding Source +includes interface definition files associated with source files for +the work, and the source code for shared libraries and dynamically +linked subprograms that the work is specifically designed to require, +such as by intimate data communication or control flow between those +subprograms and other parts of the work. + +The Corresponding Source need not include anything that users can +regenerate automatically from other parts of the Corresponding Source. + +The Corresponding Source for a work in source code form is that same +work. + +#### 2. Basic Permissions. + +All rights granted under this License are granted for the term of +copyright on the Program, and are irrevocable provided the stated +conditions are met. This License explicitly affirms your unlimited +permission to run the unmodified Program. The output from running a +covered work is covered by this License only if the output, given its +content, constitutes a covered work. This License acknowledges your +rights of fair use or other equivalent, as provided by copyright law. + +You may make, run and propagate covered works that you do not convey, +without conditions so long as your license otherwise remains in force. +You may convey covered works to others for the sole purpose of having +them make modifications exclusively for you, or provide you with +facilities for running those works, provided that you comply with the +terms of this License in conveying all material for which you do not +control copyright. Those thus making or running the covered works for +you must do so exclusively on your behalf, under your direction and +control, on terms that prohibit them from making any copies of your +copyrighted material outside their relationship with you. + +Conveying under any other circumstances is permitted solely under the +conditions stated below. Sublicensing is not allowed; section 10 makes +it unnecessary. + +#### 3. Protecting Users' Legal Rights From Anti-Circumvention Law. + +No covered work shall be deemed part of an effective technological +measure under any applicable law fulfilling obligations under article +11 of the WIPO copyright treaty adopted on 20 December 1996, or +similar laws prohibiting or restricting circumvention of such +measures. + +When you convey a covered work, you waive any legal power to forbid +circumvention of technological measures to the extent such +circumvention is effected by exercising rights under this License with +respect to the covered work, and you disclaim any intention to limit +operation or modification of the work as a means of enforcing, against +the work's users, your or third parties' legal rights to forbid +circumvention of technological measures. + +#### 4. Conveying Verbatim Copies. + +You may convey verbatim copies of the Program's source code as you +receive it, in any medium, provided that you conspicuously and +appropriately publish on each copy an appropriate copyright notice; +keep intact all notices stating that this License and any +non-permissive terms added in accord with section 7 apply to the code; +keep intact all notices of the absence of any warranty; and give all +recipients a copy of this License along with the Program. + +You may charge any price or no price for each copy that you convey, +and you may offer support or warranty protection for a fee. + +#### 5. Conveying Modified Source Versions. + +You may convey a work based on the Program, or the modifications to +produce it from the Program, in the form of source code under the +terms of section 4, provided that you also meet all of these +conditions: + +- a) The work must carry prominent notices stating that you modified + it, and giving a relevant date. +- b) The work must carry prominent notices stating that it is + released under this License and any conditions added under + section 7. This requirement modifies the requirement in section 4 + to "keep intact all notices". +- c) You must license the entire work, as a whole, under this + License to anyone who comes into possession of a copy. This + License will therefore apply, along with any applicable section 7 + additional terms, to the whole of the work, and all its parts, + regardless of how they are packaged. This License gives no + permission to license the work in any other way, but it does not + invalidate such permission if you have separately received it. +- d) If the work has interactive user interfaces, each must display + Appropriate Legal Notices; however, if the Program has interactive + interfaces that do not display Appropriate Legal Notices, your + work need not make them do so. + +A compilation of a covered work with other separate and independent +works, which are not by their nature extensions of the covered work, +and which are not combined with it such as to form a larger program, +in or on a volume of a storage or distribution medium, is called an +"aggregate" if the compilation and its resulting copyright are not +used to limit the access or legal rights of the compilation's users +beyond what the individual works permit. Inclusion of a covered work +in an aggregate does not cause this License to apply to the other +parts of the aggregate. + +#### 6. Conveying Non-Source Forms. + +You may convey a covered work in object code form under the terms of +sections 4 and 5, provided that you also convey the machine-readable +Corresponding Source under the terms of this License, in one of these +ways: + +- a) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by the + Corresponding Source fixed on a durable physical medium + customarily used for software interchange. +- b) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by a + written offer, valid for at least three years and valid for as + long as you offer spare parts or customer support for that product + model, to give anyone who possesses the object code either (1) a + copy of the Corresponding Source for all the software in the + product that is covered by this License, on a durable physical + medium customarily used for software interchange, for a price no + more than your reasonable cost of physically performing this + conveying of source, or (2) access to copy the Corresponding + Source from a network server at no charge. +- c) Convey individual copies of the object code with a copy of the + written offer to provide the Corresponding Source. This + alternative is allowed only occasionally and noncommercially, and + only if you received the object code with such an offer, in accord + with subsection 6b. +- d) Convey the object code by offering access from a designated + place (gratis or for a charge), and offer equivalent access to the + Corresponding Source in the same way through the same place at no + further charge. You need not require recipients to copy the + Corresponding Source along with the object code. If the place to + copy the object code is a network server, the Corresponding Source + may be on a different server (operated by you or a third party) + that supports equivalent copying facilities, provided you maintain + clear directions next to the object code saying where to find the + Corresponding Source. Regardless of what server hosts the + Corresponding Source, you remain obligated to ensure that it is + available for as long as needed to satisfy these requirements. +- e) Convey the object code using peer-to-peer transmission, + provided you inform other peers where the object code and + Corresponding Source of the work are being offered to the general + public at no charge under subsection 6d. + +A separable portion of the object code, whose source code is excluded +from the Corresponding Source as a System Library, need not be +included in conveying the object code work. + +A "User Product" is either (1) a "consumer product", which means any +tangible personal property which is normally used for personal, +family, or household purposes, or (2) anything designed or sold for +incorporation into a dwelling. In determining whether a product is a +consumer product, doubtful cases shall be resolved in favor of +coverage. For a particular product received by a particular user, +"normally used" refers to a typical or common use of that class of +product, regardless of the status of the particular user or of the way +in which the particular user actually uses, or expects or is expected +to use, the product. A product is a consumer product regardless of +whether the product has substantial commercial, industrial or +non-consumer uses, unless such uses represent the only significant +mode of use of the product. + +"Installation Information" for a User Product means any methods, +procedures, authorization keys, or other information required to +install and execute modified versions of a covered work in that User +Product from a modified version of its Corresponding Source. The +information must suffice to ensure that the continued functioning of +the modified object code is in no case prevented or interfered with +solely because modification has been made. + +If you convey an object code work under this section in, or with, or +specifically for use in, a User Product, and the conveying occurs as +part of a transaction in which the right of possession and use of the +User Product is transferred to the recipient in perpetuity or for a +fixed term (regardless of how the transaction is characterized), the +Corresponding Source conveyed under this section must be accompanied +by the Installation Information. But this requirement does not apply +if neither you nor any third party retains the ability to install +modified object code on the User Product (for example, the work has +been installed in ROM). + +The requirement to provide Installation Information does not include a +requirement to continue to provide support service, warranty, or +updates for a work that has been modified or installed by the +recipient, or for the User Product in which it has been modified or +installed. Access to a network may be denied when the modification +itself materially and adversely affects the operation of the network +or violates the rules and protocols for communication across the +network. + +Corresponding Source conveyed, and Installation Information provided, +in accord with this section must be in a format that is publicly +documented (and with an implementation available to the public in +source code form), and must require no special password or key for +unpacking, reading or copying. + +#### 7. Additional Terms. + +"Additional permissions" are terms that supplement the terms of this +License by making exceptions from one or more of its conditions. +Additional permissions that are applicable to the entire Program shall +be treated as though they were included in this License, to the extent +that they are valid under applicable law. If additional permissions +apply only to part of the Program, that part may be used separately +under those permissions, but the entire Program remains governed by +this License without regard to the additional permissions. + +When you convey a copy of a covered work, you may at your option +remove any additional permissions from that copy, or from any part of +it. (Additional permissions may be written to require their own +removal in certain cases when you modify the work.) You may place +additional permissions on material, added by you to a covered work, +for which you have or can give appropriate copyright permission. + +Notwithstanding any other provision of this License, for material you +add to a covered work, you may (if authorized by the copyright holders +of that material) supplement the terms of this License with terms: + +- a) Disclaiming warranty or limiting liability differently from the + terms of sections 15 and 16 of this License; or +- b) Requiring preservation of specified reasonable legal notices or + author attributions in that material or in the Appropriate Legal + Notices displayed by works containing it; or +- c) Prohibiting misrepresentation of the origin of that material, + or requiring that modified versions of such material be marked in + reasonable ways as different from the original version; or +- d) Limiting the use for publicity purposes of names of licensors + or authors of the material; or +- e) Declining to grant rights under trademark law for use of some + trade names, trademarks, or service marks; or +- f) Requiring indemnification of licensors and authors of that + material by anyone who conveys the material (or modified versions + of it) with contractual assumptions of liability to the recipient, + for any liability that these contractual assumptions directly + impose on those licensors and authors. + +All other non-permissive additional terms are considered "further +restrictions" within the meaning of section 10. If the Program as you +received it, or any part of it, contains a notice stating that it is +governed by this License along with a term that is a further +restriction, you may remove that term. If a license document contains +a further restriction but permits relicensing or conveying under this +License, you may add to a covered work material governed by the terms +of that license document, provided that the further restriction does +not survive such relicensing or conveying. + +If you add terms to a covered work in accord with this section, you +must place, in the relevant source files, a statement of the +additional terms that apply to those files, or a notice indicating +where to find the applicable terms. + +Additional terms, permissive or non-permissive, may be stated in the +form of a separately written license, or stated as exceptions; the +above requirements apply either way. + +#### 8. Termination. + +You may not propagate or modify a covered work except as expressly +provided under this License. Any attempt otherwise to propagate or +modify it is void, and will automatically terminate your rights under +this License (including any patent licenses granted under the third +paragraph of section 11). + +However, if you cease all violation of this License, then your license +from a particular copyright holder is reinstated (a) provisionally, +unless and until the copyright holder explicitly and finally +terminates your license, and (b) permanently, if the copyright holder +fails to notify you of the violation by some reasonable means prior to +60 days after the cessation. + +Moreover, your license from a particular copyright holder is +reinstated permanently if the copyright holder notifies you of the +violation by some reasonable means, this is the first time you have +received notice of violation of this License (for any work) from that +copyright holder, and you cure the violation prior to 30 days after +your receipt of the notice. + +Termination of your rights under this section does not terminate the +licenses of parties who have received copies or rights from you under +this License. If your rights have been terminated and not permanently +reinstated, you do not qualify to receive new licenses for the same +material under section 10. + +#### 9. Acceptance Not Required for Having Copies. + +You are not required to accept this License in order to receive or run +a copy of the Program. Ancillary propagation of a covered work +occurring solely as a consequence of using peer-to-peer transmission +to receive a copy likewise does not require acceptance. However, +nothing other than this License grants you permission to propagate or +modify any covered work. These actions infringe copyright if you do +not accept this License. Therefore, by modifying or propagating a +covered work, you indicate your acceptance of this License to do so. + +#### 10. Automatic Licensing of Downstream Recipients. + +Each time you convey a covered work, the recipient automatically +receives a license from the original licensors, to run, modify and +propagate that work, subject to this License. You are not responsible +for enforcing compliance by third parties with this License. + +An "entity transaction" is a transaction transferring control of an +organization, or substantially all assets of one, or subdividing an +organization, or merging organizations. If propagation of a covered +work results from an entity transaction, each party to that +transaction who receives a copy of the work also receives whatever +licenses to the work the party's predecessor in interest had or could +give under the previous paragraph, plus a right to possession of the +Corresponding Source of the work from the predecessor in interest, if +the predecessor has it or can get it with reasonable efforts. + +You may not impose any further restrictions on the exercise of the +rights granted or affirmed under this License. For example, you may +not impose a license fee, royalty, or other charge for exercise of +rights granted under this License, and you may not initiate litigation +(including a cross-claim or counterclaim in a lawsuit) alleging that +any patent claim is infringed by making, using, selling, offering for +sale, or importing the Program or any portion of it. + +#### 11. Patents. + +A "contributor" is a copyright holder who authorizes use under this +License of the Program or a work on which the Program is based. The +work thus licensed is called the contributor's "contributor version". + +A contributor's "essential patent claims" are all patent claims owned +or controlled by the contributor, whether already acquired or +hereafter acquired, that would be infringed by some manner, permitted +by this License, of making, using, or selling its contributor version, +but do not include claims that would be infringed only as a +consequence of further modification of the contributor version. For +purposes of this definition, "control" includes the right to grant +patent sublicenses in a manner consistent with the requirements of +this License. + +Each contributor grants you a non-exclusive, worldwide, royalty-free +patent license under the contributor's essential patent claims, to +make, use, sell, offer for sale, import and otherwise run, modify and +propagate the contents of its contributor version. + +In the following three paragraphs, a "patent license" is any express +agreement or commitment, however denominated, not to enforce a patent +(such as an express permission to practice a patent or covenant not to +sue for patent infringement). To "grant" such a patent license to a +party means to make such an agreement or commitment not to enforce a +patent against the party. + +If you convey a covered work, knowingly relying on a patent license, +and the Corresponding Source of the work is not available for anyone +to copy, free of charge and under the terms of this License, through a +publicly available network server or other readily accessible means, +then you must either (1) cause the Corresponding Source to be so +available, or (2) arrange to deprive yourself of the benefit of the +patent license for this particular work, or (3) arrange, in a manner +consistent with the requirements of this License, to extend the patent +license to downstream recipients. "Knowingly relying" means you have +actual knowledge that, but for the patent license, your conveying the +covered work in a country, or your recipient's use of the covered work +in a country, would infringe one or more identifiable patents in that +country that you have reason to believe are valid. + +If, pursuant to or in connection with a single transaction or +arrangement, you convey, or propagate by procuring conveyance of, a +covered work, and grant a patent license to some of the parties +receiving the covered work authorizing them to use, propagate, modify +or convey a specific copy of the covered work, then the patent license +you grant is automatically extended to all recipients of the covered +work and works based on it. + +A patent license is "discriminatory" if it does not include within the +scope of its coverage, prohibits the exercise of, or is conditioned on +the non-exercise of one or more of the rights that are specifically +granted under this License. You may not convey a covered work if you +are a party to an arrangement with a third party that is in the +business of distributing software, under which you make payment to the +third party based on the extent of your activity of conveying the +work, and under which the third party grants, to any of the parties +who would receive the covered work from you, a discriminatory patent +license (a) in connection with copies of the covered work conveyed by +you (or copies made from those copies), or (b) primarily for and in +connection with specific products or compilations that contain the +covered work, unless you entered into that arrangement, or that patent +license was granted, prior to 28 March 2007. + +Nothing in this License shall be construed as excluding or limiting +any implied license or other defenses to infringement that may +otherwise be available to you under applicable patent law. + +#### 12. No Surrender of Others' Freedom. + +If conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot convey a +covered work so as to satisfy simultaneously your obligations under +this License and any other pertinent obligations, then as a +consequence you may not convey it at all. For example, if you agree to +terms that obligate you to collect a royalty for further conveying +from those to whom you convey the Program, the only way you could +satisfy both those terms and this License would be to refrain entirely +from conveying the Program. + +#### 13. Use with the GNU Affero General Public License. + +Notwithstanding any other provision of this License, you have +permission to link or combine any covered work with a work licensed +under version 3 of the GNU Affero General Public License into a single +combined work, and to convey the resulting work. The terms of this +License will continue to apply to the part which is the covered work, +but the special requirements of the GNU Affero General Public License, +section 13, concerning interaction through a network will apply to the +combination as such. + +#### 14. Revised Versions of this License. + +The Free Software Foundation may publish revised and/or new versions +of the GNU General Public License from time to time. Such new versions +will be similar in spirit to the present version, but may differ in +detail to address new problems or concerns. + +Each version is given a distinguishing version number. If the Program +specifies that a certain numbered version of the GNU General Public +License "or any later version" applies to it, you have the option of +following the terms and conditions either of that numbered version or +of any later version published by the Free Software Foundation. If the +Program does not specify a version number of the GNU General Public +License, you may choose any version ever published by the Free +Software Foundation. + +If the Program specifies that a proxy can decide which future versions +of the GNU General Public License can be used, that proxy's public +statement of acceptance of a version permanently authorizes you to +choose that version for the Program. + +Later license versions may give you additional or different +permissions. However, no additional obligations are imposed on any +author or copyright holder as a result of your choosing to follow a +later version. + +#### 15. Disclaimer of Warranty. + +THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY +APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT +HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT +WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND +PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE +DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR +CORRECTION. + +#### 16. Limitation of Liability. + +IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR +CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, +INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES +ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT +NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR +LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM +TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER +PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. + +#### 17. Interpretation of Sections 15 and 16. + +If the disclaimer of warranty and limitation of liability provided +above cannot be given local legal effect according to their terms, +reviewing courts shall apply local law that most closely approximates +an absolute waiver of all civil liability in connection with the +Program, unless a warranty or assumption of liability accompanies a +copy of the Program in return for a fee. + +END OF TERMS AND CONDITIONS + +### How to Apply These Terms to Your New Programs + +If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these +terms. + +To do so, attach the following notices to the program. It is safest to +attach them to the start of each source file to most effectively state +the exclusion of warranty; and each file should have at least the +"copyright" line and a pointer to where the full notice is found. + + + Copyright (C) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . + +Also add information on how to contact you by electronic and paper +mail. + +If the program does terminal interaction, make it output a short +notice like this when it starts in an interactive mode: + + Copyright (C) + This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands \`show w' and \`show c' should show the +appropriate parts of the General Public License. Of course, your +program's commands might be different; for a GUI interface, you would +use an "about box". + +You should also get your employer (if you work as a programmer) or +school, if any, to sign a "copyright disclaimer" for the program, if +necessary. For more information on this, and how to apply and follow +the GNU GPL, see . + +The GNU General Public License does not permit incorporating your +program into proprietary programs. If your program is a subroutine +library, you may consider it more useful to permit linking proprietary +applications with the library. If this is what you want to do, use the +GNU Lesser General Public License instead of this License. But first, +please read . diff --git a/tpke-python/MANIFEST.in b/tpke-python/MANIFEST.in new file mode 100644 index 00000000..2dff285a --- /dev/null +++ b/tpke-python/MANIFEST.in @@ -0,0 +1,4 @@ +include Cargo.toml +include README.md +include LICENSE +recursive-include src * diff --git a/tpke-python/README.md b/tpke-python/README.md new file mode 100644 index 00000000..5bc58a51 --- /dev/null +++ b/tpke-python/README.md @@ -0,0 +1,5 @@ +# Python bindings for `tpke` + +## Build + +You will need to have `setuptools-rust` installed. Then, for development, you can just do `pip install -e .` as usual. diff --git a/tpke-python/build.rs b/tpke-python/build.rs new file mode 100644 index 00000000..dace4a9b --- /dev/null +++ b/tpke-python/build.rs @@ -0,0 +1,3 @@ +fn main() { + pyo3_build_config::add_extension_module_link_args(); +} diff --git a/tpke-python/py-benches/benchmark.py b/tpke-python/py-benches/benchmark.py new file mode 100644 index 00000000..b2aa3cba --- /dev/null +++ b/tpke-python/py-benches/benchmark.py @@ -0,0 +1,39 @@ +import os +import time +import json +import statistics +from tpke import ParticipantPayload + +# First, load pre-generated data + +inputs_path = 'py-benches/inputs' + +inputs = {} +for file_name in os.listdir(inputs_path): + with open(os.path.join(inputs_path, file_name)) as f: + payloads = [] + for payload_hex in json.load(f): + payload = ParticipantPayload.from_bytes(bytes.fromhex(payload_hex)) + payloads.append(payload) + inputs[file_name] = payloads + + +# Now, benchmark + +def bench_fn(fn, inputs): + BENCHMARK_TRIALS = 25 + + times = [] + for _ in range(BENCHMARK_TRIALS): + start_time = time.perf_counter() + fn(inputs) + end_time = time.perf_counter() + execution_time = (end_time - start_time) + times.append(execution_time) + return statistics.median(times) + + +for file_name, payloads in inputs.items(): + def fn(inputs): return [p.to_decryption_share() for p in inputs] + median_time = bench_fn(fn, payloads) + print(f"{file_name}: {int(median_time * 1000)} ms") # Rounding to ms diff --git a/tpke-python/pyproject.toml b/tpke-python/pyproject.toml new file mode 100644 index 00000000..31ffe048 --- /dev/null +++ b/tpke-python/pyproject.toml @@ -0,0 +1,2 @@ +[build-system] +requires = ["setuptools", "wheel", "setuptools-rust"] diff --git a/tpke-python/setup.py b/tpke-python/setup.py new file mode 100644 index 00000000..dee29136 --- /dev/null +++ b/tpke-python/setup.py @@ -0,0 +1,39 @@ +from setuptools import setup +from setuptools_rust import Binding, RustExtension + +from pathlib import Path +this_directory = Path(__file__).parent +long_description = (this_directory / "README.md").read_text() + +setup( + name="tpke", + description="Ferveo DKG scheme", + long_description=long_description, + long_description_content_type="text/markdown", + version="0.1.0", + author="Piotr Roslaniec", + author_email="p.roslaniec@gmail.com", + url="https://github.com/nucypher/ferveo/tree/master/tpke-python", + rust_extensions=[RustExtension( + "tpke._tpke", binding=Binding.PyO3, debug=False)], + packages=["tpke"], + package_data={ + 'tpke': ['py.typed', '__init__.pyi'], + }, + # rust extensions are not zip safe, just like C-extensions. + zip_safe=False, + classifiers=[ + "Development Status :: 3 - Alpha", + "Intended Audience :: Developers", + "License :: OSI Approved :: GNU General Public License v3 (GPLv3)", + "Natural Language :: English", + "Programming Language :: Rust", + "Programming Language :: Python :: Implementation :: CPython", + "Programming Language :: Python :: 3 :: Only", + "Programming Language :: Python :: 3.7", + "Programming Language :: Python :: 3.8", + "Programming Language :: Python :: 3.9", + "Programming Language :: Python :: 3.10", + "Topic :: Security :: Cryptography", + ], +) diff --git a/tpke-python/src/lib.rs b/tpke-python/src/lib.rs new file mode 100644 index 00000000..0e616760 --- /dev/null +++ b/tpke-python/src/lib.rs @@ -0,0 +1,46 @@ +// Clippy shows false positives in PyO3 methods. +// See https://github.com/rust-lang/rust-clippy/issues/8971 +// Will probably be fixed by Rust 1.65 +#![allow(clippy::borrow_deref_ref)] + +extern crate alloc; + +extern crate group_threshold_cryptography as tpke; + +use pyo3::prelude::*; +use pyo3::types::PyBytes; + +#[pyclass(module = "tpke")] +pub struct DecryptionShare(tpke::api::DecryptionShare); + +impl DecryptionShare { + pub fn to_bytes(&self) -> PyResult { + Ok(Python::with_gil(|py| -> PyObject { + PyBytes::new(py, &self.0.to_bytes()).into() + })) + } +} + +#[pyclass(module = "tpke")] +pub struct ParticipantPayload(tpke::api::ParticipantPayload); + +#[pymethods] +impl ParticipantPayload { + #[staticmethod] + pub fn from_bytes(bytes: &[u8]) -> Self { + Self(tpke::api::ParticipantPayload::from_bytes(bytes)) + } + + pub fn to_decryption_share(&self) -> DecryptionShare { + DecryptionShare(self.0.to_decryption_share()) + } +} + +/// A Python module implemented in Rust. +#[pymodule] +fn _tpke(_py: Python, m: &PyModule) -> PyResult<()> { + m.add_class::()?; + m.add_class::()?; + + Ok(()) +} diff --git a/tpke-python/tpke/__init__.py b/tpke-python/tpke/__init__.py new file mode 100644 index 00000000..b85ea156 --- /dev/null +++ b/tpke-python/tpke/__init__.py @@ -0,0 +1,4 @@ +from ._tpke import ( + DecryptionShare, + ParticipantPayload +) diff --git a/tpke-python/tpke/__init__.pyi b/tpke-python/tpke/__init__.pyi new file mode 100644 index 00000000..413af70c --- /dev/null +++ b/tpke-python/tpke/__init__.pyi @@ -0,0 +1,16 @@ +class DecryptionShare: + + def __bytes__(self) -> bytes: + ... + + +class ParticipantPayload: + + @staticmethod + def from_bytes(data: bytes) -> ParticipantPayload: + ... + + def to_decryption_share(self) -> DecryptionShare: + ... + + diff --git a/tpke-python/tpke/py.typed b/tpke-python/tpke/py.typed new file mode 100644 index 00000000..e69de29b diff --git a/tpke-wasm/.cargo-ok b/tpke-wasm/.cargo-ok new file mode 100644 index 00000000..e69de29b diff --git a/tpke-wasm/.gitignore b/tpke-wasm/.gitignore new file mode 100644 index 00000000..bb9a2539 --- /dev/null +++ b/tpke-wasm/.gitignore @@ -0,0 +1,6 @@ +/target +**/*.rs.bk +Cargo.lock +bin/ +pkg +wasm-pack.log diff --git a/tpke-wasm/BENCHMARK.md b/tpke-wasm/BENCHMARK.md new file mode 100644 index 00000000..ce51030c --- /dev/null +++ b/tpke-wasm/BENCHMARK.md @@ -0,0 +1,104 @@ +# Benchmarks + +## Hardware + +Benchmarks produced on: + +- Intel® Core™ i7-10875H CPU @ 2.30GHz × 16 (single-threaded), +- Version 107.0.5304.110 (Official Build) (64-bit), +- Pop!\_OS 22.04 LTS (64-bit), + +## Benchmarking WASM + +This time we may not use [`centurion.rs`](https://github.com/bheisler/criterion.rs/blob/version-0.4/book/src/user_guide/wasi.md#webasseblywasi-benchmarking) because `wasm32-wasi` is incompatible with `wasm_bindgen` ([1](https://github.com/rustwasm/wasm-bindgen/issues/2554), [2](https://github.com/bevyengine/bevy/discussions/5908?sort=new)). Instead, we're going to measure performance directly in the browser. + +### Setup + +```bash +wasm-pack build --release --target web + +cd js-benches +ln -s ../pkg . +``` + +### Running + +```bash +npx http-server +# Visit localhost:8080/index.html +``` + +## Benchmarking Rust + +```bash +cargo bench +``` + +## Results + +Using fixed values, such that `shares=num_entities=threshold`. + +Rounding to nearest ms. + +### WASM Results + +``` +encrypt: shares=8: 71 ms +encrypt: shares=16: 70 ms +encrypt: shares=32: 70 ms +encrypt: shares=64: 70 ms +encrypt: shares=128: 72 ms + +combine: shares=8: 145 ms +combine: shares=16: 278 ms +combine: shares=32: 554 ms +combine: shares=64: 1079 ms +combine: shares=128: 2253 ms +``` + +### Rust Results + +Results rewritten for clarity: + +``` +encrypt: shares=8: 5 ms +encrypt: shares=16: 5 ms +encrypt: shares=32: 5 ms +encrypt: shares=64: 5 ms +encrypt: shares=128: 5 ms + +combine: shares=8: 10 ms +combine: shares=16: 20 ms +combine: shares=32: 39 ms +combine: shares=64: 82 ms +combine: shares=128: 162 ms +``` + +Raw results from `cargo bench`: + +``` +TPKE-WASM/tpke-wasm::encrypt - num_shares=8, num_entities=8, threshold=8 +time: [4.8288 ms 4.9155 ms 5.0219 ms] +TPKE-WASM/tpke-wasm::combine - num_shares=8, num_entities=8, threshold=8 +time: [10.197 ms 10.452 ms 10.994 ms] + +TPKE-WASM/tpke-wasm::encrypt - num_shares=16, num_entities=16, threshold=16 +time: [4.9404 ms 5.0003 ms 5.1142 ms] +TPKE-WASM/tpke-wasm::combine - num_shares=16, num_entities=16, threshold=16 +time: [19.536 ms 20.278 ms 20.924 ms] + +TPKE-WASM/tpke-wasm::encrypt - num_shares=32, num_entities=32, threshold=32 +time: [4.8744 ms 5.0070 ms 5.1049 ms] +TPKE-WASM/tpke-wasm::combine - num_shares=32, num_entities=32, threshold=32 +time: [38.619 ms 39.276 ms 39.939 ms] + +TPKE-WASM/tpke-wasm::encrypt - num_shares=64, num_entities=64, threshold=64 +time: [5.0275 ms 5.1389 ms 5.2306 ms] +TPKE-WASM/tpke-wasm::combine - num_shares=64, num_entities=64, threshold=64 +time: [76.279 ms 82.054 ms 87.068 ms] + +TPKE-WASM/tpke-wasm::encrypt - num_shares=128, num_entities=128, threshold=128 +time: [4.9211 ms 5.0305 ms 5.1302 ms] +TPKE-WASM/tpke-wasm::combine - num_shares=128, num_entities=128, threshold=128 +time: [155.29 ms 162.48 ms 174.21 ms] +``` diff --git a/tpke-wasm/Cargo.toml b/tpke-wasm/Cargo.toml new file mode 100644 index 00000000..9eab8584 --- /dev/null +++ b/tpke-wasm/Cargo.toml @@ -0,0 +1,41 @@ +[package] +name = "tpke-wasm" +version = "0.1.0" +authors = ["Piotr Roslaniec "] +edition = "2021" +license = "GPL-3.0-only" +readme = "README.md" +categories = ["cryptography", "no-std"] + +[lib] +crate-type = ["cdylib", "rlib"] + +[features] +default = ["console_error_panic_hook"] + +[dependencies] +wasm-bindgen = { version = "0.2.74", features = ["serde-serialize"] } +js-sys = "0.3.51" +console_error_panic_hook = { version = "0.1.7", optional = true } +wee_alloc = { version = "0.4.5" } +group-threshold-cryptography = { path = "../tpke"} +getrandom = { version = "0.2", features = ["js"] } +rand = "0.8.5" +ark-bls12-381 = "0.3.0" +ark-ff = "0.3.0" +bincode = "1.3.3" +serde = { version = "1.0", features = ["derive"] } +serde_with = "2.0.1" +ark-serialize = { version = "0.3", features = ["derive"] } +ark-ec = "0.3" +ark-std = "0.3.0" + +[dev-dependencies] +wasm-bindgen-test = "0.3.13" +console_error_panic_hook = "0.1.7" +criterion = { version = "0.4", default-features = false } +rand_core = "0.6" + +[[bench]] +name = "benchmarks" +harness = false \ No newline at end of file diff --git a/tpke-wasm/README.md b/tpke-wasm/README.md new file mode 100644 index 00000000..855d0191 --- /dev/null +++ b/tpke-wasm/README.md @@ -0,0 +1 @@ +# tpke-wasm \ No newline at end of file diff --git a/tpke-wasm/benches/benchmarks.rs b/tpke-wasm/benches/benchmarks.rs new file mode 100644 index 00000000..3b2ec960 --- /dev/null +++ b/tpke-wasm/benches/benchmarks.rs @@ -0,0 +1,77 @@ +use criterion::{black_box, criterion_group, criterion_main, Criterion}; + +pub fn bench_encrypt_combine(c: &mut Criterion) { + use tpke_wasm::*; + + fn bench_encrypt( + num_shares: usize, + num_entities: usize, + threshold: usize, + ) -> impl Fn() { + let message = "my-secret-message".as_bytes().to_vec(); + let aad = "my-aad".as_bytes().to_vec(); + let setup = Setup::new(threshold, num_shares, num_entities); + move || { + let message = message.clone(); + let aad = aad.clone(); + black_box(encrypt(&message, &aad, &setup.public_key)); + } + } + + fn bench_combine( + num_shares: usize, + num_entities: usize, + threshold: usize, + ) -> impl Fn() { + let message = "my-secret-message".as_bytes().to_vec(); + let aad = "my-aad".as_bytes().to_vec(); + let setup = Setup::new(threshold, num_shares, num_entities); + let ciphertext = encrypt(&message.to_vec(), &aad, &setup.public_key); + let participant_payloads: Vec = setup + .decrypter_indexes() + .iter() + .map(|index| { + ParticipantPayload::new( + &setup.private_context_at(*index), + &ciphertext.clone(), + ) + }) + .collect(); + let decryption_shares: Vec = participant_payloads + .iter() + .map(|p| p.to_decryption_share()) + .collect(); + + move || { + let setup = setup.clone(); + let decryption_shares = decryption_shares.clone(); + black_box({ + let mut ss_builder = SharedSecretBuilder::new(&setup); + for share in decryption_shares { + ss_builder.add_decryption_share(&share); + } + ss_builder.build(); + }) + } + } + + let mut group = c.benchmark_group("TPKE-WASM"); + group.sample_size(10); + + for num_shares in [8, 16, 32, 64, 128].iter() { + let encrypt_fn = bench_encrypt(*num_shares, *num_shares, *num_shares); + group.measurement_time(core::time::Duration::new(30, 0)); + group.bench_function(format!("tpke-wasm::encrypt - num_shares={}, num_entities={}, threshold={}", num_shares, num_shares, num_shares), |b| { + b.iter(|| encrypt_fn()) + }); + + let combine_fn = bench_combine(*num_shares, *num_shares, *num_shares); + group.measurement_time(core::time::Duration::new(30, 0)); + group.bench_function(format!("tpke-wasm::combine - num_shares={}, num_entities={}, threshold={}", num_shares, num_shares, num_shares), |b| { + b.iter(|| combine_fn()) + }); + } +} + +criterion_group!(benches, bench_encrypt_combine); +criterion_main!(benches); diff --git a/tpke-wasm/js-benches/index.html b/tpke-wasm/js-benches/index.html new file mode 100644 index 00000000..70068db4 --- /dev/null +++ b/tpke-wasm/js-benches/index.html @@ -0,0 +1,9 @@ + + + + + TPKE benchmark + + + + diff --git a/tpke-wasm/js-benches/index.js b/tpke-wasm/js-benches/index.js new file mode 100644 index 00000000..0fbda838 --- /dev/null +++ b/tpke-wasm/js-benches/index.js @@ -0,0 +1,74 @@ +import init, { + Setup, + encrypt, + ParticipantPayload, + SharedSecretBuilder, +} from "./pkg/tpke_wasm.js"; + +const BENCHMARK_TRIALS = 10; + +const median = (arr) => { + const mid = Math.floor(arr.length / 2), + nums = [...arr].sort((a, b) => a - b); + return arr.length % 2 !== 0 ? nums[mid] : (nums[mid - 1] + nums[mid]) / 2; +}; + +function benchmark_encrypt(setup) { + const message = Uint8Array.from([1, 2, 3, 4, 5, 6, 7, 8, 9, 10]); + const aad = Uint8Array.from([1, 2, 3, 4, 5, 6, 7, 8, 9, 10]); + + const perf = Array.from({ length: BENCHMARK_TRIALS }, (_, _i) => { + const t0 = performance.now(); + encrypt(message, aad, setup.public_key); + const t1 = performance.now(); + return t1 - t0; + }); + return `${median(perf)} ms`; +} + +function benchmark_combine(setup) { + const message = Uint8Array.from([1, 2, 3, 4, 5, 6, 7, 8, 9, 10]); + const aad = Uint8Array.from([1, 2, 3, 4, 5, 6, 7, 8, 9, 10]); + const ciphertext = encrypt(message, aad, setup.public_key); + // Using a push to array here instead of map because somehow map breaks + // DecryptionShare into Uint8Array during iteration + const decryptionShares = []; + setup.decrypter_indexes().forEach((index) => { + const decryptionContext = setup.private_context_at(index); + const share = new ParticipantPayload( + decryptionContext, + ciphertext + ).to_decryption_share(); + decryptionShares.push(share); + }); + + const perf = Array.from({ length: BENCHMARK_TRIALS }, (_, _i) => { + const t0 = performance.now(); + const ssBuilder = new SharedSecretBuilder(setup); + decryptionShares.forEach((share) => ssBuilder.add_decryption_share(share)); + ssBuilder.build(); + const t1 = performance.now(); + return t1 - t0; + }); + return `${median(perf)} ms`; +} + +const runBenchmarks = async () => { + console.log("Initializing ..."); + + const numShares = [8, 16, 32, 64, 128]; + for (const shares of numShares) { + const setup = new Setup(shares, shares, shares); + + const encrypt_results = benchmark_encrypt(setup); + console.log(`encrypt: shares=${shares}: ${encrypt_results}`); + + const combine_results = benchmark_combine(setup); + console.log(`combine: shares=${shares}: ${combine_results}`); + } + console.log("Done!"); +}; + +init() + .then(runBenchmarks) + .catch((err) => console.error(err)); diff --git a/tpke-wasm/js-benches/pkg b/tpke-wasm/js-benches/pkg new file mode 120000 index 00000000..43942700 --- /dev/null +++ b/tpke-wasm/js-benches/pkg @@ -0,0 +1 @@ +../pkg \ No newline at end of file diff --git a/tpke-wasm/scripts/make-python-bench-inputs.js b/tpke-wasm/scripts/make-python-bench-inputs.js new file mode 100644 index 00000000..893eaa7e --- /dev/null +++ b/tpke-wasm/scripts/make-python-bench-inputs.js @@ -0,0 +1,63 @@ +const { + Setup, + encrypt, + ParticipantPayload, +} = require("../pkg/tpke_wasm.js"); +const fs = require("fs"); + +// Convert a byte array to a hex string +function bytesToHex(bytes) { + for (var hex = [], i = 0; i < bytes.length; i++) { + var current = bytes[i] < 0 ? bytes[i] + 256 : bytes[i]; + hex.push((current >>> 4).toString(16)); + hex.push((current & 0xF).toString(16)); + } + return hex.join(""); +} + +function persist(filePath, data) { + try { + fs.writeFileSync(filePath, data); + } catch (err) { + console.error(err); + } +} + +const makeParticipantPayloads = (setup) => { + const message = Uint8Array.from([1, 2, 3, 4, 5, 6, 7, 8, 9, 10]); + const aad = Uint8Array.from([1, 2, 3, 4, 5, 6, 7, 8, 9, 10]); + const ciphertext = encrypt(message, aad, setup.public_key); + + // Using a push to array here instead of map because somehow map breaks + // DecryptionShare into Uint8Array during iteration + const payloads = []; + setup.decrypter_indexes().forEach((index) => { + const decryptionContext = setup.private_context_at(index); + const payload = new ParticipantPayload( + decryptionContext, + ciphertext + ).to_bytes() + payloads.push(payload); + }); + return payloads; +} + +const makeInputs = async () => { + console.log("Running"); + + const numShares = [8, 16, 32, 64, 128]; + for (const shares of numShares) { + const setup = new Setup(shares, shares, shares); + + const payloads = makeParticipantPayloads(setup).map(bytesToHex); + const filePath = `../tpke-python/py-benches/inputs/participant-payloads-${shares}.json`; + + console.log(`Writing ${filePath}`); + persist(filePath, JSON.stringify(payloads)); + + } + console.log("Done!"); +}; + +makeInputs() + .catch((err) => console.error(err)); diff --git a/tpke-wasm/src/lib.rs b/tpke-wasm/src/lib.rs new file mode 100644 index 00000000..3b3705fb --- /dev/null +++ b/tpke-wasm/src/lib.rs @@ -0,0 +1,308 @@ +mod utils; + +extern crate group_threshold_cryptography as tpke; + +use ark_serialize::{CanonicalDeserialize, CanonicalSerialize}; +use serde::{Deserialize, Serialize}; +use serde_with::serde_as; +use utils::set_panic_hook; +use wasm_bindgen::prelude::*; + +extern crate wee_alloc; + +pub type E = ark_bls12_381::Bls12_381; +pub type TpkePublicKey = ark_bls12_381::G1Affine; +pub type TpkePrivateKey = ark_bls12_381::G2Affine; +pub type TpkeCiphertext = tpke::Ciphertext; +pub type TpkeDecryptionShare = tpke::DecryptionShare; +pub type TpkePublicDecryptionContext = tpke::PublicDecryptionContext; +pub type TpkeSharedSecret = + ::Fqk; + +#[wasm_bindgen] +#[derive(Clone, Debug)] +pub struct PrivateDecryptionContext(tpke::api::PrivateDecryptionContext); +#[wasm_bindgen] +impl PrivateDecryptionContext { + pub(crate) fn serialized_size() -> usize { + tpke::api::PrivateDecryptionContext::serialized_size() + } + + #[wasm_bindgen] + pub fn to_bytes(&self) -> Vec { + self.0.to_bytes() + } + + #[wasm_bindgen] + pub fn from_bytes(bytes: &[u8]) -> Self { + Self(tpke::api::PrivateDecryptionContext::from_bytes(bytes)) + } +} + +#[wasm_bindgen] +#[derive(Clone, Debug)] +pub struct DecryptionShare(tpke::api::DecryptionShare); + +#[wasm_bindgen] +impl DecryptionShare { + #[wasm_bindgen] + pub fn to_bytes(&self) -> Vec { + self.0.to_bytes() + } + + #[wasm_bindgen] + pub fn from_bytes(bytes: &[u8]) -> Self { + let share = tpke::api::DecryptionShare::from_bytes(bytes); + Self(share) + } +} + +#[wasm_bindgen] +#[derive(Clone, Debug)] +pub struct ParticipantPayload(tpke::api::ParticipantPayload); + +#[wasm_bindgen] +impl ParticipantPayload { + #[wasm_bindgen(constructor)] + pub fn new( + decryption_context: &PrivateDecryptionContext, + ciphertext: &Ciphertext, + ) -> Self { + Self(tpke::api::ParticipantPayload::new( + &decryption_context.0, + &ciphertext.ciphertext, + )) + } + + #[wasm_bindgen] + pub fn to_bytes(&self) -> Vec { + let mut bytes = self.0.decryption_context.to_bytes(); + bytes.extend(&self.0.ciphertext.to_bytes()); + bytes + } + + #[wasm_bindgen] + pub fn from_bytes(bytes: &[u8]) -> Self { + let decryption_context_bytes = + &bytes[0..PrivateDecryptionContext::serialized_size()]; + let decryption_context = + PrivateDecryptionContext::from_bytes(decryption_context_bytes); + + let ciphertext_bytes = + bytes[PrivateDecryptionContext::serialized_size()..].to_vec(); + let ciphertext = tpke::Ciphertext::from_bytes(&ciphertext_bytes); + + Self(tpke::api::ParticipantPayload { + decryption_context: decryption_context.0, + ciphertext, + }) + } + + #[wasm_bindgen] + pub fn to_decryption_share(&self) -> DecryptionShare { + DecryptionShare(self.0.to_decryption_share()) + } +} + +#[serde_as] +#[wasm_bindgen] +#[derive(Copy, Clone, Debug, Serialize, Deserialize)] +pub struct PublicKey( + #[serde_as(as = "tpke::serialization::SerdeAs")] pub(crate) TpkePublicKey, +); + +#[wasm_bindgen] +impl PublicKey { + #[wasm_bindgen] + pub fn from_bytes(bytes: &[u8]) -> Self { + let mut reader = bytes; + let pk = TpkePublicKey::deserialize_uncompressed(&mut reader).unwrap(); + PublicKey(pk) + } + + #[wasm_bindgen] + pub fn to_bytes(&self) -> Vec { + let mut bytes = Vec::new(); + self.0.serialize_uncompressed(&mut bytes).unwrap(); + bytes + } +} +#[serde_as] +#[wasm_bindgen] +#[derive(Copy, Clone, Debug, Serialize, Deserialize)] +pub struct PrivateKey( + #[serde_as(as = "tpke::serialization::SerdeAs")] pub(crate) TpkePrivateKey, +); + +#[wasm_bindgen] +impl PrivateKey { + #[wasm_bindgen] + pub fn from_bytes(bytes: &[u8]) -> Self { + let mut reader = bytes; + let pk = TpkePrivateKey::deserialize_uncompressed(&mut reader).unwrap(); + PrivateKey(pk) + } + + #[wasm_bindgen] + pub fn to_bytes(&self) -> Vec { + let mut bytes = Vec::new(); + self.0.serialize_uncompressed(&mut bytes).unwrap(); + bytes + } +} + +#[wasm_bindgen] +#[derive(Clone, Debug)] +pub struct Setup { + pub public_key: PublicKey, + pub private_key: PrivateKey, + private_contexts: Vec, + public_contexts: Vec, +} + +#[wasm_bindgen] +impl Setup { + #[wasm_bindgen(constructor)] + pub fn new( + threshold: usize, + shares_num: usize, + num_entities: usize, + ) -> Self { + set_panic_hook(); + + let mut rng = rand::thread_rng(); + let (public_key, private_key, contexts) = + tpke::setup::(threshold, shares_num, num_entities, &mut rng); + let private_contexts = contexts + .clone() + .into_iter() + .map(|x| { + PrivateDecryptionContext( + tpke::api::PrivateDecryptionContext::new(&x.b_inv, x.index), + ) + }) + .collect(); + let public_contexts = contexts[0].public_decryption_contexts.to_vec(); + + Self { + public_key: PublicKey(public_key), + private_key: PrivateKey(private_key), + private_contexts, + public_contexts, + } + } + + // Using `private_context_at` and `decrypter_indexes` instead of making `private_context` public + // as a workaround for wasm-bindgen not supporting `Vec` with a custom defined types without serde + // serialization. + + #[wasm_bindgen] + pub fn private_context_at(&self, index: usize) -> PrivateDecryptionContext { + set_panic_hook(); + let context = self.private_contexts[index].clone(); + assert_eq!(context.0.decrypter_index, index); + context + } + + #[wasm_bindgen] + pub fn decrypter_indexes(&self) -> Vec { + set_panic_hook(); + self.private_contexts + .iter() + .map(|x| x.0.decrypter_index) + .collect() + } + + // TODO: Add `decryptorShares` helper method +} + +#[wasm_bindgen] +#[derive(Clone, Debug)] +pub struct Ciphertext { + pub(crate) ciphertext: TpkeCiphertext, + pub(crate) aad: Vec, +} + +#[wasm_bindgen] +pub fn encrypt( + message: &[u8], + aad: &[u8], + public_key: &PublicKey, +) -> Ciphertext { + set_panic_hook(); + + let mut rng = rand::thread_rng(); + let ciphertext = + tpke::encrypt::<_, E>(message, aad, &public_key.0, &mut rng); + Ciphertext { + ciphertext, + aad: aad.to_vec(), + } +} + +#[wasm_bindgen] +pub fn decrypt(ciphertext: &Ciphertext, private_key: &PrivateKey) -> Vec { + set_panic_hook(); + + tpke::checked_decrypt( + &ciphertext.ciphertext, + &ciphertext.aad, + private_key.0, + ) +} + +#[wasm_bindgen] +#[derive(Clone, Debug)] +pub struct SharedSecret(TpkeSharedSecret); + +#[wasm_bindgen] +#[derive(Clone, Debug)] +pub struct SharedSecretBuilder { + shares: Vec, + contexts: Vec, +} + +#[wasm_bindgen] +impl SharedSecretBuilder { + #[wasm_bindgen(constructor)] + pub fn new(setup: &Setup) -> Self { + SharedSecretBuilder { + shares: vec![], + contexts: setup.public_contexts.clone(), + } + } + + #[wasm_bindgen] + pub fn add_decryption_share(&mut self, share: &DecryptionShare) { + self.shares.push(share.0 .0.clone()); + } + + #[wasm_bindgen] + pub fn build(&self) -> SharedSecret { + set_panic_hook(); + + if self.shares.len() != self.contexts.len() { + panic!("Number of shares and contexts must be equal"); + } + + let prepared_blinded_key_shares = + tpke::prepare_combine(&self.contexts, &self.shares); + let shared_secret = + tpke::share_combine(&self.shares, &prepared_blinded_key_shares); + SharedSecret(shared_secret) + } +} + +#[wasm_bindgen] +pub fn decrypt_with_shared_secret( + ciphertext: &Ciphertext, + shared_secret: &SharedSecret, +) -> Vec { + set_panic_hook(); + + tpke::checked_decrypt_with_shared_secret( + &ciphertext.ciphertext, + &ciphertext.aad, + &shared_secret.0, + ) +} diff --git a/tpke-wasm/src/serialization.rs b/tpke-wasm/src/serialization.rs new file mode 100644 index 00000000..4d31db92 --- /dev/null +++ b/tpke-wasm/src/serialization.rs @@ -0,0 +1,86 @@ +//! This adds a few utility functions for serializing and deserializing +//! [arkworks](http://arkworks.rs/) types that implement [CanonicalSerialize] and [CanonicalDeserialize]. +//! Adapted from [o1-labs/proof-systems](https://raw.githubusercontent.com/o1-labs/proof-systems/31c76ceae3122f0ce09cded8260960ed5cbbe3d8/utils/src/serialization.rs). + +use ark_serialize::{CanonicalDeserialize, CanonicalSerialize}; +use serde_with::Bytes; + +// +// Serialization with serde +// + +#[allow(dead_code)] +pub mod ser { + //! You can use this module for serialization and deserializing arkworks types with [serde]. + //! Simply use the following attribute on your field: + //! `#[serde(with = "serialization::ser") attribute"]` + + use super::*; + use serde_with::{DeserializeAs, SerializeAs}; + + /// You can use this to serialize an arkworks type with serde and the "serialize_with" attribute. + /// See + pub fn serialize( + val: impl CanonicalSerialize, + serializer: S, + ) -> Result + where + S: serde::Serializer, + { + let mut bytes = vec![]; + val.serialize(&mut bytes) + .map_err(serde::ser::Error::custom)?; + + Bytes::serialize_as(&bytes, serializer) + } + + /// You can use this to deserialize an arkworks type with serde and the "deserialize_with" attribute. + /// See + pub fn deserialize<'de, T, D>(deserializer: D) -> Result + where + T: CanonicalDeserialize, + D: serde::Deserializer<'de>, + { + let bytes: Vec = Bytes::deserialize_as(deserializer)?; + T::deserialize(&mut &bytes[..]).map_err(serde::de::Error::custom) + } +} + +// +// Serialization with [serde_with] +// + +/// You can use [SerdeAs] with [serde_with] in order to serialize and deserialize types that implement [CanonicalSerialize] and [CanonicalDeserialize], +/// or containers of types that implement these traits (Vec, arrays, etc.) +/// Simply add annotations like `#[serde_as(as = "serialization::SerdeAs")]` +/// See +pub struct SerdeAs; + +impl serde_with::SerializeAs for SerdeAs +where + T: CanonicalSerialize, +{ + fn serialize_as(val: &T, serializer: S) -> Result + where + S: serde::Serializer, + { + let mut bytes = vec![]; + val.serialize(&mut bytes) + .map_err(serde::ser::Error::custom)?; + + Bytes::serialize_as(&bytes, serializer) + } +} + +impl<'de, T> serde_with::DeserializeAs<'de, T> for SerdeAs +where + T: CanonicalDeserialize, +{ + fn deserialize_as(deserializer: D) -> Result + where + D: serde::Deserializer<'de>, + { + let bytes: Vec = Bytes::deserialize_as(deserializer)?; + T::deserialize(&mut &bytes[..]).map_err(serde::de::Error::custom) + } +} diff --git a/tpke-wasm/src/utils.rs b/tpke-wasm/src/utils.rs new file mode 100644 index 00000000..b1d7929d --- /dev/null +++ b/tpke-wasm/src/utils.rs @@ -0,0 +1,10 @@ +pub fn set_panic_hook() { + // When the `console_error_panic_hook` feature is enabled, we can call the + // `set_panic_hook` function at least once during initialization, and then + // we will get better error messages if our code ever panics. + // + // For more details see + // https://github.com/rustwasm/console_error_panic_hook#readme + #[cfg(feature = "console_error_panic_hook")] + console_error_panic_hook::set_once(); +} diff --git a/tpke-wasm/tests/node.rs b/tpke-wasm/tests/node.rs new file mode 100644 index 00000000..ad1f66da --- /dev/null +++ b/tpke-wasm/tests/node.rs @@ -0,0 +1,131 @@ +//! Test suite for the Nodejs. + +extern crate wasm_bindgen_test; + +use tpke_wasm::*; +use wasm_bindgen_test::*; + +extern crate group_threshold_cryptography as tpke; + +#[test] +#[wasm_bindgen_test] +pub fn participant_payload_serialization() { + // Taking a shortcut here to generate a ciphertext + // TODO: Build a ciphertext from scratch + let threshold = 3; + let shares_num = 5; + let num_entities = 5; + let message = "my-secret-message".as_bytes().to_vec(); + let aad = "my-aad".as_bytes().to_vec(); + let setup = Setup::new(threshold, shares_num, num_entities); + let ciphertext = encrypt(&message, &aad, &setup.public_key); + + let participant_payload = + ParticipantPayload::new(&setup.private_context_at(0), &ciphertext); + let serialized = participant_payload.to_bytes(); + let deserialized: ParticipantPayload = + ParticipantPayload::from_bytes(&serialized); + + assert_eq!(serialized, deserialized.to_bytes()) +} + +#[test] +#[wasm_bindgen_test] +fn encrypts_and_decrypts() { + let threshold = 3; + let shares_num = 5; + let num_entities = 5; + let message = "my-secret-message".as_bytes().to_vec(); + let aad = "my-aad".as_bytes().to_vec(); + + let setup = Setup::new(threshold, shares_num, num_entities); + + let ciphertext = encrypt(&message, &aad, &setup.public_key); + let plaintext = decrypt(&ciphertext, &setup.private_key); + + // TODO: Plaintext is padded to 32 bytes. Fix this. + assert_eq!(message, plaintext[..message.len()]) +} + +#[test] +#[wasm_bindgen_test] +fn threshold_encryption() { + let threshold = 16 * 2 / 3; + let shares_num = 16; + let num_entities = 5; + let message = "my-secret-message".as_bytes().to_vec(); + let aad = "my-aad".as_bytes().to_vec(); + + // + // On the client side + // + + // Initialize the DKG setup + let setup = Setup::new(threshold, shares_num, num_entities); + + // Encrypt the message + let ciphertext = encrypt(&message, &aad, &setup.public_key); + + // Craete and serialize participant payloads for transport + let participant_payloads_bytes: Vec> = setup + .decrypter_indexes() + .iter() + .map(|index| { + ParticipantPayload::new( + &setup.private_context_at(*index), + &ciphertext, + ) + .to_bytes() + }) + .collect(); + + // Now, deal the payloads to participants + + // ================================================ + + // + // On the participants side + // + + // Deserialize from transport + let participant_payloads: Vec = + participant_payloads_bytes + .iter() + .map(|p| ParticipantPayload::from_bytes(p)) + .collect(); + + // Create decryption shares + let decryption_shares: Vec = participant_payloads + .iter() + .map(|p| p.to_decryption_share()) + .collect(); + + // Serialize for transport + let decryption_shares_bytes: Vec> = + decryption_shares.iter().map(|s| s.to_bytes()).collect(); + + // Now, we send the shares back to the client + + // ================================================ + + // + // On the client side + // + + // Deserialize from transport + let decryption_shares: Vec = decryption_shares_bytes + .iter() + .map(|s| DecryptionShare::from_bytes(s)) + .collect(); + + // Combine shares into a shared secret + let mut ss_builder = SharedSecretBuilder::new(&setup); + for share in decryption_shares { + ss_builder.add_decryption_share(&share); + } + let shared_secret = ss_builder.build(); + + // Decrypt the message + let plaintext = decrypt_with_shared_secret(&ciphertext, &shared_secret); + assert_eq!(message, plaintext) +} diff --git a/tpke/BENCHMARK.md b/tpke/BENCHMARK.md new file mode 100644 index 00000000..1e3c61cc --- /dev/null +++ b/tpke/BENCHMARK.md @@ -0,0 +1,120 @@ +# Benchmarks + +## Hardware + +Benchmarks produced on: + +- Intel® Core™ i7-10875H CPU @ 2.30GHz × 16 (single-threaded), +- Version 107.0.5304.110 (Official Build) (64-bit), +- Pop!\_OS 22.04 LTS (64-bit), + +````bash + +## Benchmarking WASM + +Based on `centurion.rs` (docs)[https://github.com/bheisler/criterion.rs/blob/version-0.4/book/src/user_guide/wasi.md#webasseblywasi-benchmarking] + +### Setup + +```bash +cargo install cargo-wasi +npm install -g @wasmer/cli + +cargo wasi build --bench=benchmarks --release +cp `ls -t ../target/wasm32-wasi/release/deps/*.wasm | head -n 1` benchmarks.wasm +```` + +### Running + +```bash +wasmer-js run --dir=. benchmarks.wasm -- --bench +``` + +## Benchmarking Rust + +```bash +cargo bench +``` + +## Results + +### WASM Results + +``` +TPKE/share_combine: 100 validators threshold 1024*2/3 - #msg 1 - msg-size = 100 bytes + time: [203.07 ms 203.63 ms 204.31 ms] +TPKE/share_combine: 100 validators threshold 2048*2/3 - #msg 1 - msg-size = 100 bytes + time: [202.04 ms 202.49 ms 203.37 ms] +TPKE/share_combine: 100 validators threshold 4096*2/3 - #msg 1 - msg-size = 100 bytes + time: [201.94 ms 202.74 ms 203.32 ms] +TPKE/share_combine: 100 validators threshold 8192*2/3 - #msg 1 - msg-size = 100 bytes + time: [194.89 ms 195.44 ms 196.43 ms] +TPKE/share_combine: 150 validators threshold 1024*2/3 - #msg 1 - msg-size = 100 bytes + time: [291.00 ms 291.93 ms 292.94 ms] +TPKE/share_combine: 150 validators threshold 2048*2/3 - #msg 1 - msg-size = 100 bytes + time: [287.92 ms 291.28 ms 293.63 ms] +TPKE/share_combine: 150 validators threshold 4096*2/3 - #msg 1 - msg-size = 100 bytes + time: [291.20 ms 291.94 ms 292.61 ms] +TPKE/share_combine: 150 validators threshold 8192*2/3 - #msg 1 - msg-size = 100 bytes + time: [292.36 ms 293.98 ms 295.60 ms] +TPKE/share_combine: 200 validators threshold 1024*2/3 - #msg 1 - msg-size = 100 bytes + time: [429.51 ms 431.92 ms 434.20 ms] +TPKE/share_combine: 200 validators threshold 2048*2/3 - #msg 1 - msg-size = 100 bytes + time: [427.99 ms 429.13 ms 430.25 ms] +TPKE/share_combine: 200 validators threshold 4096*2/3 - #msg 1 - msg-size = 100 bytes + time: [428.54 ms 429.52 ms 430.93 ms] +TPKE/share_combine: 200 validators threshold 8192*2/3 - #msg 1 - msg-size = 100 bytes + time: [413.68 ms 426.59 ms 434.22 ms] +``` + +### Rust Results + +``` +TPKE/share_combine: 100 validators threshold 1024*2/3 - #msg 1 - msg-size = 100 bytes + time: [39.402 ms 39.933 ms 40.442 ms] + change: [-78.967% -78.479% -78.003%] (p = 0.00 < 0.05) +TPKE/share_combine: 100 validators threshold 2048*2/3 - #msg 1 - msg-size = 100 bytes + time: [36.905 ms 37.714 ms 38.555 ms] + change: [-79.026% -78.298% -77.409%] (p = 0.00 < 0.05) + Performance has improved. +TPKE/share_combine: 100 validators threshold 4096*2/3 - #msg 1 - msg-size = 100 bytes + time: [38.335 ms 39.103 ms 40.138 ms] + change: [-79.030% -78.666% -78.289%] (p = 0.00 < 0.05) + Performance has improved. +TPKE/share_combine: 100 validators threshold 8192*2/3 - #msg 1 - msg-size = 100 bytes + time: [37.560 ms 39.477 ms 41.840 ms] + change: [-78.908% -78.079% -77.420%] (p = 0.00 < 0.05) + Performance has improved. +TPKE/share_combine: 150 validators threshold 1024*2/3 - #msg 1 - msg-size = 100 bytes + time: [59.445 ms 60.015 ms 60.918 ms] + change: [-77.813% -77.500% -77.138%] (p = 0.00 < 0.05) + Performance has improved. +TPKE/share_combine: 150 validators threshold 2048*2/3 - #msg 1 - msg-size = 100 bytes + time: [57.400 ms 58.897 ms 59.917 ms] + change: [-79.208% -78.475% -77.800%] (p = 0.00 < 0.05) + Performance has improved. +TPKE/share_combine: 150 validators threshold 4096*2/3 - #msg 1 - msg-size = 100 bytes + time: [55.343 ms 56.937 ms 59.751 ms] + change: [-79.182% -78.302% -77.213%] (p = 0.00 < 0.05) + Performance has improved. +TPKE/share_combine: 150 validators threshold 8192*2/3 - #msg 1 - msg-size = 100 bytes + time: [58.516 ms 59.499 ms 60.542 ms] + change: [-79.088% -78.442% -77.787%] (p = 0.00 < 0.05) + Performance has improved. +TPKE/share_combine: 200 validators threshold 1024*2/3 - #msg 1 - msg-size = 100 bytes + time: [78.889 ms 79.303 ms 79.871 ms] + change: [-79.477% -78.764% -78.196%] (p = 0.00 < 0.05) + Performance has improved. +TPKE/share_combine: 200 validators threshold 2048*2/3 - #msg 1 - msg-size = 100 bytes + time: [78.631 ms 79.323 ms 79.960 ms] + change: [-78.776% -78.250% -77.742%] (p = 0.00 < 0.05) + Performance has improved. +TPKE/share_combine: 200 validators threshold 4096*2/3 - #msg 1 - msg-size = 100 bytes + time: [76.580 ms 77.272 ms 78.058 ms] + change: [-78.700% -78.253% -77.767%] (p = 0.00 < 0.05) + Performance has improved. +TPKE/share_combine: 200 validators threshold 8192*2/3 - #msg 1 - msg-size = 100 bytes + time: [76.676 ms 77.459 ms 78.123 ms] + change: [-80.315% -79.559% -78.876%] (p = 0.00 < 0.05) + Performance has improved. +``` diff --git a/tpke/Cargo.toml b/tpke/Cargo.toml index 7ac710b1..40860908 100644 --- a/tpke/Cargo.toml +++ b/tpke/Cargo.toml @@ -26,9 +26,12 @@ ark-bls12-381 = "0.3" itertools="0.10" subproductdomain = { path = "../subproductdomain" } chacha20poly1305 = "0.10.1" +serde = { version = "1.0", features = ["derive"] } +serde_with = "2.0.1" +bincode = "1.3.3" [dev-dependencies] -criterion = "0.3" +criterion = { version = "0.4", default-features = false } [[bench]] name = "benchmarks" diff --git a/tpke/README.md b/tpke/README.md new file mode 100644 index 00000000..cf7ddad7 --- /dev/null +++ b/tpke/README.md @@ -0,0 +1,21 @@ +# tpke + +## Benchmarking WASM + +Based on `centurion.rs` (docs)[https://github.com/bheisler/criterion.rs/blob/version-0.4/book/src/user_guide/wasi.md#webasseblywasi-benchmarking] + +### Setup + +```bash +cargo install cargo-wasi +npm install -g @wasmer/cli + +cargo wasi build --bench=benchmarks --release +cp `ls -t ../target/wasm32-wasi/release/deps/*.wasm | head -n 1` benchmarks.wasm +``` + +### Running + +```bash +wasmer-js run --dir=. benchmarks.wasm -- --bench +``` \ No newline at end of file diff --git a/tpke/benches/benchmarks.rs b/tpke/benches/benchmarks.rs index 39b006a1..a440a8fc 100644 --- a/tpke/benches/benchmarks.rs +++ b/tpke/benches/benchmarks.rs @@ -14,14 +14,14 @@ pub fn bench_decryption(c: &mut Criterion) { num_entities: usize, msg_size: usize, ) -> impl Fn() { - let rng = &mut rand::rngs::StdRng::seed_from_u64(0); + let mut rng = &mut rand::rngs::StdRng::seed_from_u64(0); let aad: &[u8] = "my-aad".as_bytes(); type E = ark_bls12_381::Bls12_381; let threshold = num_shares * 2 / 3; let (pubkey, _, contexts) = - setup::(threshold, num_shares, num_entities); + setup::(threshold, num_shares, num_entities, &mut rng); // let mut messages: Vec<[u8; NUM_OF_TX]> = vec![]; let mut messages: Vec> = vec![]; @@ -34,26 +34,26 @@ pub fn bench_decryption(c: &mut Criterion) { rng.fill_bytes(&mut msg[..]); messages.push(msg.clone()); - ciphertexts.push(encrypt::<_, E>(&messages[j], aad, pubkey, rng)); + ciphertexts.push(encrypt::<_, E>(&messages[j], aad, &pubkey, rng)); dec_shares.push(Vec::with_capacity(threshold)); for ctx in contexts.iter().take(num_entities) { dec_shares[j].push(ctx.create_share(&ciphertexts[j])); } } - let prepared_blinded_key_shares = - contexts[0].prepare_combine(&dec_shares[0]); + let prepared_blinded_key_shares = prepare_combine( + &contexts[0].public_decryption_contexts, + &dec_shares[0], + ); move || { let shares: Vec>> = dec_shares.clone(); for i in 0..ciphertexts.len() { - black_box( - contexts[0].share_combine( - &shares[i], - &prepared_blinded_key_shares, - ), - ); + black_box(share_combine( + &shares[i], + &prepared_blinded_key_shares, + )); } } } @@ -64,14 +64,14 @@ pub fn bench_decryption(c: &mut Criterion) { num_entities: usize, msg_size: usize, ) -> impl Fn() { - let rng = &mut rand::rngs::StdRng::seed_from_u64(0); + let mut rng = &mut rand::rngs::StdRng::seed_from_u64(0); let aad: &[u8] = "my-aad".as_bytes(); type E = ark_bls12_381::Bls12_381; let threshold = num_shares * 2 / 3; let (pubkey, _, contexts) = - setup::(threshold, num_shares, num_entities); + setup::(threshold, num_shares, num_entities, &mut rng); // let mut messages: Vec<[u8; NUM_OF_TX]> = vec![]; let mut messages: Vec> = vec![]; @@ -84,7 +84,7 @@ pub fn bench_decryption(c: &mut Criterion) { rng.fill_bytes(&mut msg); messages.push(msg.clone()); - ciphertexts.push(encrypt::<_, E>(&messages[j], aad, pubkey, rng)); + ciphertexts.push(encrypt::<_, E>(&messages[j], aad, &pubkey, rng)); dec_shares.push(Vec::with_capacity(threshold)); for ctx in contexts.iter().take(num_entities) { @@ -98,16 +98,16 @@ pub fn bench_decryption(c: &mut Criterion) { let shares: Vec>> = dec_shares.clone(); contexts[0].batch_verify_decryption_shares(&c, &shares, rng); - let prepared_blinded_key_shares = - contexts[0].prepare_combine(&dec_shares[0]); + let prepared_blinded_key_shares = prepare_combine( + &contexts[0].public_decryption_contexts, + &dec_shares[0], + ); for i in 0..ciphertexts.len() { - black_box( - contexts[0].share_combine( - &shares[i], - &prepared_blinded_key_shares, - ), - ); + black_box(share_combine( + &shares[i], + &prepared_blinded_key_shares, + )); } } } diff --git a/tpke/src/api.rs b/tpke/src/api.rs new file mode 100644 index 00000000..6ac420f3 --- /dev/null +++ b/tpke/src/api.rs @@ -0,0 +1,145 @@ +//! Contains the public API of the library. + +// TODO: Refactor this module to deduplicate shared code from tpke-wasm and tpke-wasm. + +use std::convert::TryInto; + +use ark_ec::{AffineCurve, ProjectiveCurve}; +use ark_ff::{BigInteger256, ToBytes}; + +// Fixing some of the types here on our target engine +// TODO: Consider fixing on crate::api level instead of bindings level +type E = ark_bls12_381::Bls12_381; +type TpkePublicKey = ark_bls12_381::G1Affine; +type TpkePrivateKey = ark_bls12_381::G2Affine; +type TpkeCiphertext = crate::Ciphertext; +type TpkeDecryptionShare = crate::DecryptionShare; +type TpkePublicDecryptionContext = crate::PublicDecryptionContext; +type TpkeSharedSecret = + ::Fqk; + +#[derive(Clone, Debug)] +pub struct PrivateDecryptionContext { + pub b_inv: ark_bls12_381::Fr, + pub decrypter_index: usize, +} + +impl PrivateDecryptionContext { + const B_INV_LEN: usize = 32; + const DECRYPTER_INDEX_LEN: usize = 8; + + pub fn new(b_inv: &ark_bls12_381::Fr, decrypter_index: usize) -> Self { + Self { + b_inv: *b_inv, + decrypter_index, + } + } + + pub fn serialized_size() -> usize { + Self::B_INV_LEN + Self::DECRYPTER_INDEX_LEN + } + + pub fn to_bytes(&self) -> Vec { + let mut bytes = Vec::new(); + self.b_inv.0.write(&mut bytes).unwrap(); + + let decrypter_index = + bincode::serialize(&self.decrypter_index).unwrap(); + bytes.extend(decrypter_index); + + bytes + } + + pub fn from_bytes(bytes: &[u8]) -> Self { + let b_inv_bytes = &bytes[0..Self::B_INV_LEN]; + // Chunking bytes to u64s to construct a BigInteger256. + let b_inv = b_inv_bytes + .chunks(8) + .map(|x| { + let mut bytes = [0u8; 8]; + bytes.copy_from_slice(x); + u64::from_le_bytes(bytes) + }) + .collect::>(); + let b_inv: [u64; 4] = b_inv.try_into().unwrap(); + let b_inv = ark_bls12_381::Fr::new(BigInteger256::new(b_inv)); + + let decrypter_index_bytes = &bytes + [Self::B_INV_LEN..Self::B_INV_LEN + Self::DECRYPTER_INDEX_LEN]; + let decrypter_index = + bincode::deserialize(decrypter_index_bytes).unwrap(); + + Self { + b_inv, + decrypter_index, + } + } +} + +#[derive(Clone, Debug)] +pub struct DecryptionShare(pub TpkeDecryptionShare); + +impl DecryptionShare { + pub fn to_bytes(&self) -> Vec { + self.0.to_bytes() + } + + pub fn from_bytes(bytes: &[u8]) -> Self { + let share = TpkeDecryptionShare::from_bytes(bytes); + Self(share) + } +} + +#[derive(Clone, Debug)] +pub struct ParticipantPayload { + pub decryption_context: PrivateDecryptionContext, + pub ciphertext: TpkeCiphertext, +} +impl ParticipantPayload { + pub fn new( + decryption_context: &PrivateDecryptionContext, + ciphertext: &TpkeCiphertext, + ) -> Self { + Self { + decryption_context: decryption_context.clone(), + ciphertext: ciphertext.clone(), + } + } + + pub fn to_bytes(&self) -> Vec { + let mut bytes = self.decryption_context.to_bytes(); + bytes.extend(&self.ciphertext.to_bytes()); + bytes + } + + pub fn from_bytes(bytes: &[u8]) -> Self { + let decryption_context_bytes = + &bytes[0..PrivateDecryptionContext::serialized_size()]; + let decryption_context = + PrivateDecryptionContext::from_bytes(decryption_context_bytes); + + let ciphertext_bytes = + bytes[PrivateDecryptionContext::serialized_size()..].to_vec(); + let ciphertext: crate::Ciphertext = + crate::Ciphertext::from_bytes(&ciphertext_bytes); + + Self { + decryption_context, + ciphertext, + } + } + + pub fn to_decryption_share(&self) -> DecryptionShare { + // TODO: Add verification steps + let decryption_share = self + .ciphertext + .commitment + .mul(self.decryption_context.b_inv) + .into_affine(); + + DecryptionShare(TpkeDecryptionShare { + decrypter_index: self.decryption_context.decrypter_index, + decryption_share, + }) + } +} diff --git a/tpke/src/ciphertext.rs b/tpke/src/ciphertext.rs index fa916e23..c5e477d7 100644 --- a/tpke/src/ciphertext.rs +++ b/tpke/src/ciphertext.rs @@ -1,5 +1,7 @@ +use crate::*; + use ark_ec::{AffineCurve, PairingEngine}; -use ark_ff::{One, ToBytes, UniformRand}; +use ark_ff::{FromBytes, One, ToBytes, UniformRand}; use ark_serialize::CanonicalSerialize; use chacha20poly1305::{ aead::{generic_array::GenericArray, Aead, KeyInit}, @@ -12,8 +14,8 @@ use crate::{construct_tag_hash, hash_to_g2}; #[derive(Clone, Debug)] pub struct Ciphertext { pub commitment: E::G1Affine, // U - pub ciphertext: Vec, // V pub auth_tag: E::G2Affine, // W + pub ciphertext: Vec, // V } impl Ciphertext { @@ -25,6 +27,7 @@ impl Ciphertext { (g_inv.clone(), E::G2Prepared::from(self.auth_tag)), ]) == E::Fqk::one() } + fn construct_tag_hash(&self) -> E::G2Affine { let mut hash_input = Vec::::new(); self.commitment.write(&mut hash_input).unwrap(); @@ -32,12 +35,42 @@ impl Ciphertext { hash_to_g2(&hash_input) } + + pub fn to_bytes(&self) -> Vec { + let mut bytes = Vec::new(); + self.commitment.write(&mut bytes).unwrap(); + self.auth_tag.write(&mut bytes).unwrap(); + bytes + } + + pub fn from_bytes(bytes: &[u8]) -> Self { + const COMMITMENT_LEN: usize = 97; + let mut commitment_bytes = [0u8; COMMITMENT_LEN]; + commitment_bytes.copy_from_slice(&bytes[..COMMITMENT_LEN]); + let commitment = E::G1Affine::read(&commitment_bytes[..]).unwrap(); + + const AUTH_TAG_LEN: usize = 193; + let mut auth_tag_bytes = [0u8; AUTH_TAG_LEN]; + auth_tag_bytes.copy_from_slice( + &bytes[COMMITMENT_LEN..COMMITMENT_LEN + AUTH_TAG_LEN], + ); + let auth_tag = E::G2Affine::read(&auth_tag_bytes[..]).unwrap(); + + const CIPHERTEXT_LEN: usize = 33; + let ciphertext = bytes[COMMITMENT_LEN + AUTH_TAG_LEN..].to_vec(); + + Self { + commitment, + ciphertext, + auth_tag, + } + } } pub fn encrypt( message: &[u8], aad: &[u8], - pubkey: E::G1Affine, + pubkey: &E::G1Affine, rng: &mut R, ) -> Ciphertext { // r @@ -85,10 +118,25 @@ pub fn check_ciphertext_validity( ]) == E::Fqk::one() } -pub fn decrypt( +fn decrypt( + ciphertext: &Ciphertext, + privkey: E::G2Affine, +) -> Vec { + let s = E::product_of_pairings(&[( + E::G1Prepared::from(ciphertext.commitment), + E::G2Prepared::from(privkey), + )]); + decrypt_with_shared_secret(ciphertext, &s) +} + +pub fn checked_decrypt( ciphertext: &Ciphertext, + aad: &[u8], privkey: E::G2Affine, ) -> Vec { + if !check_ciphertext_validity(ciphertext, aad) { + panic!("Ciphertext is invalid"); + } let s = E::product_of_pairings(&[( E::G1Prepared::from(ciphertext.commitment), E::G2Prepared::from(privkey), diff --git a/tpke/src/combine.rs b/tpke/src/combine.rs index 2b6da335..1391f281 100644 --- a/tpke/src/combine.rs +++ b/tpke/src/combine.rs @@ -3,74 +3,68 @@ use crate::*; use ark_ec::ProjectiveCurve; -impl PrivateDecryptionContext { - pub fn prepare_combine( - &self, - shares: &[DecryptionShare], - ) -> Vec { - let mut domain = vec![]; - let mut n_0 = E::Fr::one(); - for d_i in shares.iter() { - domain.extend( - self.public_decryption_contexts[d_i.decryptor_index] - .domain - .iter(), - ); - n_0 *= self.public_decryption_contexts[d_i.decryptor_index] - .lagrange_n_0; - } - let s = SubproductDomain::::new(domain); - let mut lagrange = s.inverse_lagrange_coefficients(); - ark_ff::batch_inversion_and_mul(&mut lagrange, &n_0); - let mut start = 0usize; - shares - .iter() - .map(|d_i| { - let decryptor = - &self.public_decryption_contexts[d_i.decryptor_index]; - let end = start + decryptor.domain.len(); - let lagrange_slice = &lagrange[start..end]; - start = end; - E::G2Prepared::from( - izip!( - lagrange_slice.iter(), - decryptor.blinded_key_shares.blinded_key_shares.iter() //decryptor.blinded_key_shares.window_tables.iter() - ) - .map(|(lambda, blinded_key_share)| { - blinded_key_share.mul(*lambda) - }) - /*.map(|(lambda, base_table)| { - FixedBaseMSM::multi_scalar_mul::( - self.scalar_bits, - self.window_size, - &base_table.window_table, - &[*lambda], - )[0] - })*/ - .sum::() - .into_affine(), - ) - }) - .collect::>() +pub fn prepare_combine( + public_decryption_contexts: &[PublicDecryptionContext], + shares: &[DecryptionShare], +) -> Vec { + let mut domain = vec![]; + let mut n_0 = E::Fr::one(); + for d_i in shares.iter() { + domain.extend( + public_decryption_contexts[d_i.decrypter_index] + .domain + .iter(), + ); + n_0 *= public_decryption_contexts[d_i.decrypter_index].lagrange_n_0; } - pub fn share_combine( - &self, - shares: &[DecryptionShare], - prepared_key_shares: &[E::G2Prepared], - ) -> E::Fqk { - let mut pairing_product: Vec<(E::G1Prepared, E::G2Prepared)> = vec![]; + let s = SubproductDomain::::new(domain); + let mut lagrange = s.inverse_lagrange_coefficients(); + ark_ff::batch_inversion_and_mul(&mut lagrange, &n_0); + let mut start = 0usize; + shares + .iter() + .map(|d_i| { + let decrypter = &public_decryption_contexts[d_i.decrypter_index]; + let end = start + decrypter.domain.len(); + let lagrange_slice = &lagrange[start..end]; + start = end; + E::G2Prepared::from( + izip!( + lagrange_slice.iter(), + decrypter.blinded_key_shares.blinded_key_shares.iter() //decrypter.blinded_key_shares.window_tables.iter() + ) + .map(|(lambda, blinded_key_share)| { + blinded_key_share.mul(*lambda) + }) + /*.map(|(lambda, base_table)| { + FixedBaseMSM::multi_scalar_mul::( + scalar_bits, + window_size, + &base_table.window_table, + &[*lambda], + )[0] + })*/ + .sum::() + .into_affine(), + ) + }) + .collect::>() +} - for (d_i, blinded_key_share) in - izip!(shares, prepared_key_shares.iter()) - { - // e(D_i, [b*omega_i^-1] Z_{i,omega_i}) - pairing_product.push(( - E::G1Prepared::from(d_i.decryption_share), - blinded_key_share.clone(), - )); - } - E::product_of_pairings(&pairing_product) +pub fn share_combine( + shares: &[DecryptionShare], + prepared_key_shares: &[E::G2Prepared], +) -> E::Fqk { + let mut pairing_product: Vec<(E::G1Prepared, E::G2Prepared)> = vec![]; + + for (d_i, blinded_key_share) in izip!(shares, prepared_key_shares.iter()) { + // e(D_i, [b*omega_i^-1] Z_{i,omega_i}) + pairing_product.push(( + E::G1Prepared::from(d_i.decryption_share), + blinded_key_share.clone(), + )); } + E::product_of_pairings(&pairing_product) } #[cfg(test)] diff --git a/tpke/src/context.rs b/tpke/src/context.rs index d5c79b7f..38e3dd66 100644 --- a/tpke/src/context.rs +++ b/tpke/src/context.rs @@ -9,7 +9,7 @@ pub struct PublicDecryptionContext { pub lagrange_n_0: E::Fr, } -#[derive(Debug)] +#[derive(Clone, Debug)] pub struct PrivateDecryptionContext { pub index: usize, pub b: E::Fr, diff --git a/tpke/src/decryption.rs b/tpke/src/decryption.rs index cbf3a699..028d5225 100644 --- a/tpke/src/decryption.rs +++ b/tpke/src/decryption.rs @@ -1,14 +1,42 @@ #![allow(non_snake_case)] #![allow(dead_code)] + use crate::*; use ark_ec::ProjectiveCurve; #[derive(Debug, Clone)] pub struct DecryptionShare { - pub decryptor_index: usize, + pub decrypter_index: usize, pub decryption_share: E::G1Affine, } +impl DecryptionShare { + pub fn to_bytes(&self) -> Vec { + let mut bytes = Vec::new(); + let decrypter_index = + bincode::serialize(&self.decrypter_index).unwrap(); + bytes.extend(&decrypter_index); + CanonicalSerialize::serialize(&self.decryption_share, &mut bytes) + .unwrap(); + + bytes + } + + pub fn from_bytes(bytes: &[u8]) -> Self { + let INDEX_BYTE_LEN = 8; + let decrypter_index = + bincode::deserialize(&bytes[0..INDEX_BYTE_LEN]).unwrap(); + let decryption_share = + CanonicalDeserialize::deserialize(&bytes[INDEX_BYTE_LEN..]) + .unwrap(); + + DecryptionShare { + decrypter_index, + decryption_share, + } + } +} + impl PrivateDecryptionContext { pub fn create_share( &self, @@ -18,7 +46,7 @@ impl PrivateDecryptionContext { ciphertext.commitment.mul(self.b_inv).into_affine(); DecryptionShare { - decryptor_index: self.index, + decrypter_index: self.index, decryption_share, } } @@ -36,7 +64,7 @@ impl PrivateDecryptionContext { let blinding_keys = shares[0] .iter() .map(|d| { - self.public_decryption_contexts[d.decryptor_index] + self.public_decryption_contexts[d.decrypter_index] .blinded_key_shares .blinding_key_prepared .clone() diff --git a/tpke/src/key_share.rs b/tpke/src/key_share.rs index 9c9e05f9..99212fa7 100644 --- a/tpke/src/key_share.rs +++ b/tpke/src/key_share.rs @@ -5,14 +5,14 @@ use crate::*; use ark_ec::ProjectiveCurve; use itertools::Itertools; -#[derive(Clone, Debug)] +#[derive(Debug, Clone)] pub struct PublicKeyShares { pub public_key_shares: Vec, // A_{i, \omega_i} } -#[derive(Clone, Debug)] +#[derive(Debug, Clone)] pub struct BlindedKeyShares { - pub blinding_key: E::G2Affine, // [b] H + pub blinding_key: E::G2Affine, pub blinding_key_prepared: E::G2Prepared, // [b] H pub blinded_key_shares: Vec, // [b] Z_{i, \omega_i} pub window_tables: Vec>, // [b*omega_i^-1] Z_{i, \omega_i} @@ -81,12 +81,12 @@ impl BlindedKeyShares { ) } } -#[derive(Clone, Debug)] +#[derive(Debug, Clone)] pub struct BlindedKeyShareWindowTable { pub window_table: Vec>, } -#[derive(Clone, Debug)] +#[derive(Debug, Clone)] pub struct PrivateKeyShare { pub private_key_shares: Vec, } diff --git a/tpke/src/lib.rs b/tpke/src/lib.rs index 6e833c23..d1a1277d 100644 --- a/tpke/src/lib.rs +++ b/tpke/src/lib.rs @@ -5,7 +5,7 @@ use ark_ec::{msm::FixedBaseMSM, AffineCurve, PairingEngine}; use ark_ff::{Field, One, PrimeField, ToBytes, UniformRand, Zero}; use ark_poly::EvaluationDomain; use ark_poly::{univariate::DensePolynomial, UVPolynomial}; -use ark_serialize::CanonicalSerialize; +use ark_serialize::{CanonicalDeserialize, CanonicalSerialize}; use itertools::izip; use subproductdomain::SubproductDomain; @@ -25,6 +25,10 @@ pub use combine::*; mod context; pub use context::*; +// TODO: Turn into a crate features +pub mod api; +pub mod serialization; + pub trait ThresholdEncryptionParameters { type E: PairingEngine; } @@ -70,8 +74,8 @@ pub fn setup( threshold: usize, shares_num: usize, num_entities: usize, + rng: &mut impl RngCore, ) -> (E::G1Affine, E::G2Affine, Vec>) { - let rng = &mut ark_std::test_rng(); let g = E::G1Affine::prime_subgroup_generator(); let h = E::G2Affine::prime_subgroup_generator(); let _g_inv = E::G1Prepared::from(-g); @@ -172,6 +176,42 @@ mod tests { type E = ark_bls12_381::Bls12_381; + #[test] + fn ciphertext_serialization() { + let mut rng = test_rng(); + let threshold = 3; + let shares_num = 5; + let num_entities = 5; + let msg: &[u8] = "abc".as_bytes(); + let aad: &[u8] = "aad".as_bytes(); + + let (pubkey, _privkey, _) = + setup::(threshold, shares_num, num_entities, &mut rng); + + let ciphertext = encrypt::( + msg, aad, &pubkey, &mut rng, + ); + + let serialized = ciphertext.to_bytes(); + let deserialized: Ciphertext = Ciphertext::from_bytes(&serialized); + + assert!(serialized == deserialized.to_bytes()) + } + + #[test] + fn decryption_share_serialization() { + let decryption_share = DecryptionShare:: { + decrypter_index: 1, + decryption_share: ark_bls12_381::G1Affine::prime_subgroup_generator( + ), + }; + + let serialized = decryption_share.to_bytes(); + let deserialized: DecryptionShare = + DecryptionShare::from_bytes(&serialized); + assert_eq!(serialized, deserialized.to_bytes()) + } + #[test] fn symmetric_encryption() { let mut rng = test_rng(); @@ -182,14 +222,14 @@ mod tests { let aad: &[u8] = "my-aad".as_bytes(); let (pubkey, privkey, _) = - setup::(threshold, shares_num, num_entities); + setup::(threshold, shares_num, num_entities, &mut rng); let ciphertext = encrypt::( - msg, aad, pubkey, &mut rng, + msg, aad, &pubkey, &mut rng, ); - let plaintext = decrypt(&ciphertext, privkey); + let plaintext = checked_decrypt(&ciphertext, aad, privkey); - assert!(msg == plaintext) + assert_eq!(msg, plaintext) } // Source: https://stackoverflow.com/questions/26469715/how-do-i-write-a-rust-unit-test-that-ensures-that-a-panic-has-occurred @@ -207,7 +247,7 @@ mod tests { #[test] fn threshold_encryption() { - let rng = &mut test_rng(); + let mut rng = &mut test_rng(); let threshold = 16 * 2 / 3; let shares_num = 16; let num_entities = 5; @@ -215,26 +255,27 @@ mod tests { let aad: &[u8] = "my-aad".as_bytes(); let (pubkey, _privkey, contexts) = - setup::(threshold, shares_num, num_entities); - let mut ciphertext = encrypt::<_, E>(msg, aad, pubkey, rng); + setup::(threshold, shares_num, num_entities, &mut rng); + let mut ciphertext = encrypt::<_, E>(msg, aad, &pubkey, rng); let mut shares: Vec> = vec![]; for context in contexts.iter() { shares.push(context.create_share(&ciphertext)); } + /*for pub_context in contexts[0].public_decryption_contexts.iter() { assert!(pub_context .blinded_key_shares .verify_blinding(&pub_context.public_key_shares, rng)); }*/ - let prepared_blinded_key_shares = contexts[0].prepare_combine(&shares); - let s = - contexts[0].share_combine(&shares, &prepared_blinded_key_shares); + let prepared_blinded_key_shares = + prepare_combine(&contexts[0].public_decryption_contexts, &shares); + let s = share_combine(&shares, &prepared_blinded_key_shares); // So far, the ciphertext is valid let plaintext = checked_decrypt_with_shared_secret(&ciphertext, aad, &s); - assert!(plaintext == msg); + assert_eq!(plaintext, msg); // Malformed the ciphertext ciphertext.ciphertext[0] += 1; @@ -261,9 +302,9 @@ mod tests { let aad: &[u8] = "my-aad".as_bytes(); let (pubkey, _privkey, _) = - setup::(threshold, shares_num, num_entities); + setup::(threshold, shares_num, num_entities, &mut rng); let mut ciphertext = encrypt::( - msg, aad, pubkey, &mut rng, + msg, aad, &pubkey, &mut rng, ); // So far, the ciphertext is valid diff --git a/tpke/src/serialization.rs b/tpke/src/serialization.rs new file mode 100644 index 00000000..6117bd0c --- /dev/null +++ b/tpke/src/serialization.rs @@ -0,0 +1,85 @@ +//! This adds a few utility functions for serializing and deserializing +//! [arkworks](http://arkworks.rs/) types that implement [CanonicalSerialize] and [CanonicalDeserialize]. +//! Adapted from [o1-labs/proof-systems](https://raw.githubusercontent.com/o1-labs/proof-systems/31c76ceae3122f0ce09cded8260960ed5cbbe3d8/utils/src/serialization.rs). + +use ark_serialize::{CanonicalDeserialize, CanonicalSerialize}; +use serde_with::Bytes; + +// +// Serialization with serde +// + +pub mod ser { + //! You can use this module for serialization and deserializing arkworks types with [serde]. + //! Simply use the following attribute on your field: + //! `#[serde(with = "serialization::ser") attribute"]` + + use super::*; + use serde_with::{DeserializeAs, SerializeAs}; + + /// You can use this to serialize an arkworks type with serde and the "serialize_with" attribute. + /// See + pub fn serialize( + val: impl CanonicalSerialize, + serializer: S, + ) -> Result + where + S: serde::Serializer, + { + let mut bytes = vec![]; + val.serialize(&mut bytes) + .map_err(serde::ser::Error::custom)?; + + Bytes::serialize_as(&bytes, serializer) + } + + /// You can use this to deserialize an arkworks type with serde and the "deserialize_with" attribute. + /// See + pub fn deserialize<'de, T, D>(deserializer: D) -> Result + where + T: CanonicalDeserialize, + D: serde::Deserializer<'de>, + { + let bytes: Vec = Bytes::deserialize_as(deserializer)?; + T::deserialize(&mut &bytes[..]).map_err(serde::de::Error::custom) + } +} + +// +// Serialization with [serde_with] +// + +/// You can use [SerdeAs] with [serde_with] in order to serialize and deserialize types that implement [CanonicalSerialize] and [CanonicalDeserialize], +/// or containers of types that implement these traits (Vec, arrays, etc.) +/// Simply add annotations like `#[serde_as(as = "serialization::SerdeAs")]` +/// See +pub struct SerdeAs; + +impl serde_with::SerializeAs for SerdeAs +where + T: CanonicalSerialize, +{ + fn serialize_as(val: &T, serializer: S) -> Result + where + S: serde::Serializer, + { + let mut bytes = vec![]; + val.serialize(&mut bytes) + .map_err(serde::ser::Error::custom)?; + + Bytes::serialize_as(&bytes, serializer) + } +} + +impl<'de, T> serde_with::DeserializeAs<'de, T> for SerdeAs +where + T: CanonicalDeserialize, +{ + fn deserialize_as(deserializer: D) -> Result + where + D: serde::Deserializer<'de>, + { + let bytes: Vec = Bytes::deserialize_as(deserializer)?; + T::deserialize(&mut &bytes[..]).map_err(serde::de::Error::custom) + } +}