Refactor API of SeqAmorE protocol.

relic-toolkit · Jan 15, 2025 · fa39349 · fa39349
1 parent 8deced7
commit fa39349
Show file tree

Hide file tree

Showing 4 changed files with 64 additions and 176 deletions.
diff --git a/bench/bench_cp.c b/bench/bench_cp.c
@@ -788,14 +788,14 @@ static void pdpub(void) {
 		BENCH_ADD(cp_lvpub_ver(r, g, r1, e));
 	} BENCH_END;
 
-	BENCH_RUN("cp_amore_gen (1, 0, 0)") {
-		BENCH_ADD(cp_amore_gen(r1, r2, t, u1, u2, x, e, 1, 0, 0));
+	BENCH_RUN("cp_amore_gen") {
+		BENCH_ADD(cp_amore_gen(x, e));
 	} BENCH_END;
 
-	BENCH_RUN("cp_amore_ask (1, 0, 0)") {
+	BENCH_RUN("cp_amore_ask (0, 0)") {
 		g1_rand(p);
 		g2_rand(q);
-		BENCH_ADD(cp_amore_ask(t, v1, v2, w1, w2, r1, r2, p, q, u1, u2, 0, 0));
+		BENCH_ADD(cp_amore_ask(t, v1, v2, w1, w2, r1, r2, x, p, q, 0, 0));
 	} BENCH_END;
 
 	BENCH_RUN("cp_amore_ans (0, 0)") {
@@ -804,43 +804,18 @@ static void pdpub(void) {
 		BENCH_ADD(cp_amore_ans(g, t, v1, v2, w1, w2, 0, 0));
 	} BENCH_END;
 
-	BENCH_RUN("cp_amore_ver (1, 0, 0)") {
+	BENCH_RUN("cp_amore_ver (0, 0)") {
 		g1_rand(p);
 		g2_rand(q);
-		cp_amore_gen(r1, r2, t, u1, u2, x, e, 1, 0, 0);
-		cp_amore_ask(t, v1, v2, w1, w2, r1, r2, p, q, u1, u2, 0, 0);
+		cp_amore_ask(t, v1, v2, w1, w2, r1, r2, x, p, q, 0, 0);
 		cp_amore_ans(g, t, v1, v2, w1, w2, 0, 0);
 		BENCH_ADD(cp_amore_ver(r, g, r1, e, 0, 0));
 	} BENCH_END;
 
-	BENCH_RUN("cp_amore_gen (0, 0, 0)") {
-		BENCH_ADD(cp_amore_gen(r1, r2, t, u1, u2, x, e, 0, 0, 0));
-	} BENCH_END;
-
-	BENCH_RUN("cp_amore_ask (0, 0, 0)") {
-		g1_rand(p);
-		g2_rand(q);
-		BENCH_ADD(cp_amore_ask(t, v1, v2, w1, w2, r1, r2, p, q, u1, u2, 0, 0));
-	} BENCH_END;
-
-	BENCH_RUN("cp_amore_ver (0, 0, 0)") {
-		g1_rand(p);
-		g2_rand(q);
-		cp_amore_gen(r1, r2, t, u1, u2, x, e, 1, 0, 0);
-		cp_amore_gen(r1, r2, t, u1, u2, x, e, 0, 0, 0);
-		cp_amore_ask(t, v1, v2, w1, w2, r1, r2, p, q, u1, u2, 0, 0);
-		cp_amore_ans(g, t, v1, v2, w1, w2, 0, 0);
-		BENCH_ADD(cp_amore_ver(r, g, r1, e, 0, 0));
-	} BENCH_END;
-
-	BENCH_RUN("cp_amore_gen (1, 0, 1)") {
-		BENCH_ADD(cp_amore_gen(r1, r2, t, u1, u2, x, e, 1, 0, 1));
-	} BENCH_END;
-
-	BENCH_RUN("cp_amore_ask (1, 0, 1)") {
+	BENCH_RUN("cp_amore_ask (0, 1)") {
 		g1_rand(p);
 		g2_rand(q);
-		BENCH_ADD(cp_amore_ask(t, v1, v2, w1, w2, r1, r2, p, q, u1, u2, 0, 1));
+		BENCH_ADD(cp_amore_ask(t, v1, v2, w1, w2, r1, r2, x, p, q, 0, 1));
 	} BENCH_END;
 
 	BENCH_RUN("cp_amore_ans (0, 1)") {
@@ -849,43 +824,18 @@ static void pdpub(void) {
 		BENCH_ADD(cp_amore_ans(g, t, v1, v2, w1, w2, 0, 1));
 	} BENCH_END;
 
-	BENCH_RUN("cp_amore_ver (1, 0, 1)") {
-		g1_rand(p);
-		g2_rand(q);
-		cp_amore_gen(r1, r2, t, u1, u2, x, e, 1, 0, 1);
-		cp_amore_ask(t, v1, v2, w1, w2, r1, r2, p, q, u1, u2, 0, 1);
-		cp_amore_ans(g, t, v1, v2, w1, w2, 0, 1);
-		BENCH_ADD(cp_amore_ver(r, g, r1, e, 0, 1));
-	} BENCH_END;
-
-	BENCH_RUN("cp_amore_gen (0, 0, 1)") {
-		BENCH_ADD(cp_amore_gen(r1, r2, t, u1, u2, x, e, 0, 0, 1));
-	} BENCH_END;
-
-	BENCH_RUN("cp_amore_ask (0, 0, 1)") {
-		g1_rand(p);
-		g2_rand(q);
-		BENCH_ADD(cp_amore_ask(t, v1, v2, w1, w2, r1, r2, p, q, u1, u2, 0, 1));
-	} BENCH_END;
-
-	BENCH_RUN("cp_amore_ver (0, 0, 1)") {
+	BENCH_RUN("cp_amore_ver (0, 1)") {
 		g1_rand(p);
 		g2_rand(q);
-		cp_amore_gen(r1, r2, t, u1, u2, x, e, 1, 0, 1);
-		cp_amore_gen(r1, r2, t, u1, u2, x, e, 0, 0, 1);
-		cp_amore_ask(t, v1, v2, w1, w2, r1, r2, p, q, u1, u2, 0, 1);
+		cp_amore_ask(t, v1, v2, w1, w2, r1, r2, x, p, q, 0, 1);
 		cp_amore_ans(g, t, v1, v2, w1, w2, 0, 1);
 		BENCH_ADD(cp_amore_ver(r, g, r1, e, 0, 1));
 	} BENCH_END;
 
-	BENCH_RUN("cp_amore_gen (1, 1, 1)") {
-		BENCH_ADD(cp_amore_gen(r1, r2, t, u1, u2, x, e, 1, 1, 1));
-	} BENCH_END;
-
 	BENCH_RUN("cp_amore_ask (1, 1)") {
 		g1_rand(p);
 		g2_rand(q);
-		BENCH_ADD(cp_amore_ask(t, v1, v2, w1, w2, r1, r2, p, q, u1, u2, 1, 1));
+		BENCH_ADD(cp_amore_ask(t, v1, v2, w1, w2, r1, r2, x, p, q, 1, 1));
 	} BENCH_END;
 
 	BENCH_RUN("cp_amore_ans (1, 1)") {
@@ -894,31 +844,11 @@ static void pdpub(void) {
 		BENCH_ADD(cp_amore_ans(g, t, v1, v2, w1, w2, 1, 1));
 	} BENCH_END;
 
-	BENCH_RUN("cp_amore_ver (1, 1, 1)") {
+	BENCH_RUN("cp_amore_ver (1, 1)") {
 		g1_rand(p);
 		g2_rand(q);
 		pc_map(e, p, q);
-		cp_amore_ask(t, v1, v2, w1, w2, r1, r2, p, q, u1, u2, 1, 1);
-		cp_amore_ans(g, t, v1, v2, w1, w2, 1, 1);
-		BENCH_ADD(cp_amore_ver(r, g, r1, e, 1, 1));
-	} BENCH_END;
-
-	BENCH_RUN("cp_amore_gen (0, 1, 1)") {
-		BENCH_ADD(cp_amore_gen(r1, r2, t, u1, u2, x, e, 0, 1, 1));
-	} BENCH_END;
-
-	BENCH_RUN("cp_amore_ask (0, 1, 1)") {
-		g1_rand(p);
-		g2_rand(q);
-		BENCH_ADD(cp_amore_ask(t, v1, v2, w1, w2, r1, r2, p, q, u1, u2, 1, 1));
-	} BENCH_END;
-
-	BENCH_RUN("cp_amore_ver (0, 1, 1)") {
-		g1_rand(p);
-		g2_rand(q);
-		cp_amore_gen(r1, r2, t, u1, u2, x, e, 1, 1, 1);
-		cp_amore_gen(r1, r2, t, u1, u2, x, e, 0, 1, 1);
-		cp_amore_ask(t, v1, v2, w1, w2, r1, r2, p, q, u1, u2, 1, 1);
+		cp_amore_ask(t, v1, v2, w1, w2, r1, r2, x, p, q, 1, 1);
 		cp_amore_ans(g, t, v1, v2, w1, w2, 1, 1);
 		BENCH_ADD(cp_amore_ver(r, g, r1, e, 1, 1));
 	} BENCH_END;

diff --git a/include/relic_cp.h b/include/relic_cp.h
@@ -1369,42 +1369,31 @@ int cp_lvprv_ver(gt_t r, const gt_t g[4], const bn_t c, const gt_t e[2]);
 /**
  * Generates parameters for the AMORE pairing delegation protocol.
  *
- * @param[out] c			- the challenge.
- * @param[out] r			- the randomness.
- * @param[out] d			- the delta value computed during setup.
- * @param[out] u			- the mask in G_1.
- * @param[out] v			- the mask in G_2.
- * @param[in,out] x			- the secret key.
- * @param[in,out] e			- the precomputed value e(U1, U2).
- * @param[in] first			- the flag to indicate if the first iteration.
- * @param[in] priva			- the flag to indicate if first point is private.
- * @param[in] privb			- the flag to indicate if second point is private.
+ * @param[out] x			- the secret key.
+ * @param[out] e			- the precomputed value e(U1, U2).
  * @return RLC_OK if no errors occurred, RLC_ERR otherwise.
  */
-int cp_amore_gen(bn_t c, bn_t r, bn_t d, g1_t u, g2_t v, bn_t x, gt_t e,
-		int first, int priva, int privb);
+int cp_amore_gen(bn_t x, gt_t e);
 
 /**
  * Executes the client-side request for the AMORE pairing delegation protocol.
  *
- * @param[in, out] d		- the delta value computed during setup.
+ * @param[out] d			- the delta value computed during setup.
  * @param[out] a1			- the first element in G_1.
  * @param[out] b1			- the first element in G_2.
  * @param[out] a2			- the second element in G_1.
  * @param[out] b2			- the second element in G_2.
- * @param[in] c				- the challenge.
- * @param[in] r				- the randomness.
+ * @param[out] c			- the challenge.
+ * @param[out] r			- the randomness.
+ * @param[in] x				- the secret key.
  * @param[in] p				- the first argument of the pairing.
  * @param[in] q				- the second argument of the pairing.
- * @param[in] u				- the U1 precomputed value in G_1.
- * @param[in] v				- the U2 precomputed value in G_2.
  * @param[in] priva			- the flag to indicate if first point is private.
  * @param[in] privb			- the flag to indicate if second point is private.
  * @return RLC_OK if no errors occurred, RLC_ERR otherwise.
  */
-int cp_amore_ask(bn_t d, g1_t a1, g2_t b1, g1_t a2, g2_t b2, const bn_t c,
-		const bn_t r, const g1_t p, const g2_t q, const g1_t u, const g2_t v,
-		int priva, int privb);
+int cp_amore_ask(bn_t d, g1_t a1, g2_t b1, g1_t a2, g2_t b2, bn_t c, bn_t r,
+		const bn_t x, const g1_t p, const g2_t q, int priva, int privb);
 
 /**
  * Executes the server-side response for the AMORE pairing delegation protocol.

diff --git a/src/cp/relic_cp_pcdel.c b/src/cp/relic_cp_pcdel.c
@@ -497,81 +497,68 @@ int cp_lvprv_ver(gt_t r, const gt_t g[4], const bn_t c, const gt_t e[2]) {
 	return result;
 }
 
-int cp_amore_gen(bn_t c, bn_t r, bn_t d, g1_t u, g2_t v, bn_t x, gt_t e,
-		int first, int priva, int privb) {
-	bn_t n, t;
+int cp_amore_gen(bn_t x, gt_t e) {
+	bn_t n;
 	int result = RLC_OK;
 
 	bn_null(n);
-	bn_null(t);
 
 	RLC_TRY {
-		bn_new(n);
-		bn_new(t);
-
 		pc_get_ord(n);
-		if (first) {
-			/* Generate random U1, U2, x, c. */
-			bn_rand_mod(x, n);
-			bn_rand_mod(t, n);
-			bn_mod_inv(d, t, n);
-			bn_mul(d, d, x);
-			bn_mod(d, d, n);
-			g1_mul_gen(u, t);
-			g2_mul_gen(v, d);
-			/* Compute gamma = e(U1, U2). */
+		bn_rand_mod(x, n);
+
 #if FP_PRIME < 1536
-			gt_get_gen(e);
-			gt_exp(e, e, x);
+		gt_get_gen(e);
+		gt_exp(e, e, x);
 #else
-			pc_map(e, u, v);
+		pc_map(e, u, v);
 #endif
-		} else {
-			bn_rand_mod(t, n);
-			/* d = x/u here. */
-			bn_mod_inv(d, t, n);
-			bn_mul(d, d, x);
-			bn_mod(d, d, n);
-			g1_mul_gen(u, t);
-			g2_mul_gen(v, d);
-		}
-
-		if (ep_curve_is_pairf() == EP_BN) {
-			bn_rand(c, RLC_POS, RAND_DIST);
-		} else {
-			bn_rand_frb(c, &(core_get()->par), n, RAND_DIST/2 + BND_STORE);
-		}
-
-		bn_rand_mod(r, n);
-		if (priva && !privb) {
-			/* In this case, make d = u. */
-			bn_copy(d, t);
-		}
-	}
-	RLC_CATCH_ANY {
+	} RLC_CATCH_ANY {
 		result = RLC_ERR;
-	}
-	RLC_FINALLY {
+	} RLC_FINALLY {
 		bn_free(n);
 		bn_free(t);
 	}
 	return result;
 }
 
-int cp_amore_ask(bn_t d, g1_t a1, g2_t b1, g1_t a2, g2_t b2, const bn_t c,
-		const bn_t r, const g1_t p, const g2_t q, const g1_t u, const g2_t v,
-		int priva, int privb) {
+int cp_amore_ask(bn_t d, g1_t a1, g2_t b1, g1_t a2, g2_t b2, bn_t c, bn_t r,
+		const bn_t x, const g1_t p, const g2_t q, int priva, int privb) {
 	bn_t n, t;
+	g1_t u;
+	g2_t v;
 	int result = RLC_OK;
 
 	bn_null(n);
 	bn_null(t);
+	g1_null(u);
+	g2_null(v);
 
 	RLC_TRY {
 		bn_new(n);
 		bn_new(t);
 
 		pc_get_ord(n);
+		bn_rand_mod(t, n);
+		/* d = x/u here. */
+		bn_mod_inv(d, t, n);
+		bn_mul(d, d, x);
+		bn_mod(d, d, n);
+		g1_mul_gen(u, t);
+		g2_mul_gen(v, d);
+
+		if (ep_curve_is_pairf() == EP_BN) {
+			bn_rand(c, RLC_POS, RAND_DIST);
+		} else {
+			bn_rand_frb(c, &(core_get()->par), n, RAND_DIST + BND_STORE);
+		}
+
+		bn_rand_mod(r, n);
+		if (priva && !privb) {
+			/* In this case, make d = u. */
+			bn_copy(d, t);
+		}
+
 		if (priva && privb) {
 			/* Compute t = 1/(rc) mod q, so d/t = x/(rcu) mod q.  */
 			bn_mul(t, r, c);
@@ -622,6 +609,8 @@ int cp_amore_ask(bn_t d, g1_t a1, g2_t b1, g1_t a2, g2_t b2, const bn_t c,
 	RLC_FINALLY {
 		bn_free(n);
 		bn_free(t);
+		g1_free(u);
+		g2_free(v);
 	}
 	return result;
 }
@@ -649,20 +638,18 @@ int cp_amore_ans(gt_t g[2], const bn_t d, const g1_t a1, const g2_t b1,
 			g1_mul_gen(_p[1], d);
 			g2_copy(_q[0], b1);
 			g2_copy(_q[1], b2);
-			pc_map_sim(g[1], _p, _q, 2);
 		} else if (!priva && !privb) {
 			g1_copy(_p[0], a1);
 			g1_copy(_p[1], a2);
 			g2_copy(_q[0], b2);
 			g2_get_gen(_q[1]);
-			pc_map_sim(g[1], _p, _q, 2);
 		} else {
 			g1_copy(_p[0], a1);
 			g1_copy(_p[1], a2);
 			g2_copy(_q[0], b2);
 			g2_mul_gen(_q[1], d);
-			pc_map_sim(g[1], _p, _q, 2);
 		}
+		pc_map_sim(g[1], _p, _q, 2);
 	} RLC_CATCH_ANY {
 		RLC_THROW(ERR_CAUGHT);
 	} RLC_FINALLY {
@@ -843,7 +830,6 @@ int cp_mvbat_ver(gt_t *rs, const gt_t *as, const gt_t *e, size_t m) {
 	return result;
 }
 
-
 int cp_ambat_gen(bn_t r, g1_t u, g2_t v, gt_t e) {
 	bn_t n, t;
 	int result = RLC_OK;