Łukasz Krzywiecki

Example code - Lab 1

from charm.toolbox.ecgroup import ECGroup,ZR,G
from charm.toolbox.eccurve import prime192v1

group = ECGroup(prime192v1)

g_1 = group.random(G)
g_2 = group.random(G)

a_1 = group.random(ZR)
a_2 = group.random(ZR)

A = g_1 ** a_1 * g_2 ** a_2


rng = 10000

assert group.InitBenchmark(), "failed to initialize benchmark"
group.StartBenchmark(["CpuTime"])

for i in range(rng):
    x_1 = group.random(ZR)
    x_2 = group.random(ZR)

    X = g_1 ** x_1 * g_2 ** x_2

    c = group.random(ZR)

    s_1 = x_1 + a_1 * c
    s_2 = x_2 + a_2 * c

    Left  = X * A ** c
    Right = g_1 ** s_1 * g_2 ** s_2

group.EndBenchmark()

print("CP: ", group.GetBenchmark("CpuTime")/rng)
print(Left == Right)

Okamoto Identification Scheme - concept implementation in Charm-Crypto Python library.

Example code - Lab 1

from charm.toolbox.pairinggroup import PairingGroup,ZR,G1,G2,pair
from charm.toolbox.pairinggroup import *

#group = PairingGroup('MNT224')
group = PairingGroup('SS512')

g = group.random(G1)
h = group.random(G2)

a = group.random()      # secret key
A = h ** a              # public key

rng  = 100

assert group.InitBenchmark(), "failed to initialize benchmark"
group.StartBenchmark(["CpuTime"])

for i in range(rng):


    x = group.random()  # ephemeral secret key
    X = h ** x          # ephemeral public key

    c = group.random()  # challenge

    s = x + a * c
    S = g ** s

    e1 = pair(S, h)
    e2 = pair(g, X + A ** c)

group.EndBenchmark()
print("CP: ", group.GetBenchmark("CpuTime")/rng)

print(e1 == e2)

Mod Schnorr Identification Scheme - concept implementation in Charm-Crypto Python library.

Efficient Remote Data Possession Checking in Critical Information Infrastructures

F. Sebé, J. Domingo-Ferrer, A. Martinez-Balleste, Y. Deswarte and J. Quisquater, in IEEE Transactions on Knowledge and Data Engineering, vol. 20, no. 8, pp. 1034-1038, Aug. 2008, doi: 10.1109/TKDE.2007.190647.

Taken from: Barsoum, Ayad F. and M. A. Hasan. “Provable Possession and Replication of Data over Cloud Servers”. (2011).

Cryptographic Primitives Enforcing Communication and Storage Complexity

Golle P., Jarecki S., Mironov I. (2003). In: Blaze M. (eds) Financial Cryptography. FC 2002. Lecture Notes in Computer Science, vol 2357. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-36504-4_9

Taken from: Barsoum, Ayad F. and M. A. Hasan. “Provable Possession and Replication of Data over Cloud Servers”. (2011).

Provable data possession at untrusted stores

Giuseppe Ateniese, Randal Burns, Reza Curtmola, Joseph Herring, Lea Kissner, Zachary Peterson, and Dawn Song. 2007. In Proceedings of the 14th ACM conference on Computer and communications security (CCS '07). Association for Computing Machinery, New York, NY, USA, 598–609. DOI:https://doi.org/10.1145/1315245.1315318

Taken from: Barsoum, Ayad F. and M. A. Hasan. “Provable Possession and Replication of Data over Cloud Servers”. (2011).

Forking lemmas for ring signature schemes

J. Herranz and G. Sáez. 2007. In T. Johansson and S. Maitra, editors, INDOCRYPT, volume 2904 of Lecture Notes in Computer Science, pages 266–279. Springer, 2003

Taken from: Ł. Krzywiecki, M. Sulkowska, F. Zagórski, Hierarchical Ring Signatures Revisited - Unconditionally and Perfectly Anonymous Schnorr Version. SPACE 2015: 329-346.

k-of-n anonymous Schnorr-like identification Scheme

"Anonymous Deniable Identification in Ephemeral Setup and Leakage Scenarios"

Taken from: Ł. Krzywiecki, M. Kutyłowski, J. Pezda, M. Słowik Anonymous Deniable Identification in Ephemeral Setup and Leakage Scenarios (Brief Announcement) . CSCML 2019: 320-323

Multi-signature

Maxwell, G., Poelstra, A., Seurin, Y., Wuille, P.: Simple schnorr multi-signatures with applications to bitcoin. Designs, Codes and Cryptography 87(9), (Sep 2019) 2139–2164.

Based on (some differences in variable names): Maxwell, G., Poelstra, A., Seurin, Y., Wuille, P.: Simple schnorr multi-signatures with applications to bitcoin. Designs, Codes and Cryptography 87(9), (Sep 2019) 2139–2164.

Simple efficient 1-of-2 OT

Chou T., Orlandi C. (2015). The Simplest Protocol for Oblivious Transfer. In: Lauter K., Rodríguez-Henríquez F. (eds) Progress in Cryptology -- LATINCRYPT 2015. LATINCRYPT 2015. Lecture Notes in Computer Science, vol 9230. Springer, Cham. https://doi.org/10.1007/978-3-319-22174-8_3

Taken from: The Simplest Protocol for Oblivious Transfer. https://doi.org/10.1007/978-3-319-22174-8_3

1-of-n OT

Naor, M., Pinkas, B. Computationally Secure Oblivious Transfer. J Cryptology 18, 1–35 (2005). https://doi.org/10.1007/s00145-004-0102-6

Taken from: Computationally Secure Oblivious Transfer. J Cryptology 18, 1–35 (2005).

Private Cardinality of Set Intersection

De Cristofaro E., Gasti P., Tsudik G. (2012). Fast and Private Computation of Cardinality of Set Intersection and Union. CANS 2012. Lecture Notes in Computer Science, vol 7712. https://doi.org/10.1007/978-3-642-35404-5_17

Taken from: De Cristofaro E., Gasti P., Tsudik G. (2012). Fast and Private Computation of Cardinality of Set Intersection and Union.

Oblivious Polynomial Evaluation (OPE)

Moni Naor and Benny Pinkas. Taken from: Oblivious Polynomial Evaluation. SIAM Journal on Computing 2006 35:5, 1254-1281

Taken from: Oblivious Polynomial Evaluation. Moni Naor and Benny Pinkas. SIAM Journal on Computing 2006 35:5, 1254-1281