Skip to content

Commit

Permalink
feat(sdk-lib-mpc): reject y not co-prime to N
Browse files Browse the repository at this point in the history
TICKET: WP-132
  • Loading branch information
johnoliverdriscoll authored and alebusse committed Oct 16, 2023
1 parent 4480b5b commit e2336de
Show file tree
Hide file tree
Showing 2 changed files with 985 additions and 985 deletions.
14 changes: 7 additions & 7 deletions modules/sdk-lib-mpc/src/tss/ecdsa/paillierBlumProof.ts
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
import { createHash } from 'crypto';
import { bitLength, randBits, isProbablyPrime } from 'bigint-crypto-utils';
import { modInv, modPow } from 'bigint-mod-arith';
import { gcd, modInv, modPow } from 'bigint-mod-arith';
import { bigIntFromBufferBE, bigIntToBufferBE } from '../../util';
import { DeserializedPaillierBlumProof } from './types';

Expand Down Expand Up @@ -33,7 +33,7 @@ function generateY(N, w): bigint[] {
.update('$')
.digest()
);
if (y > BigInt(0) && y < N) {
if (y > BigInt(0) && y < N && gcd(y, N) === BigInt(1)) {
return y;
}
}
Expand Down Expand Up @@ -110,14 +110,13 @@ export async function prove(p: bigint, q: bigint): Promise<DeserializedPaillierB
y.map(async (y_i, i) => {
// Select random a_i, b_i so that y_i' = (-1)^{a_i} * w^{b_i} * y is
// quadratic residue of N using [HOC - Fact 2.137].
let t;
while (true) {
let ab_i, t;
for (ab_i = 0; ab_i < 4; ab_i++) {
t = y_i;
ab[i] = (await randBits(2))[0];
if (ab[i] & 2) {
if (ab_i & 2) {
t = -t;
}
if (ab[i] & 1) {
if (ab_i & 1) {
t *= w;
}
if (
Expand All @@ -127,6 +126,7 @@ export async function prove(p: bigint, q: bigint): Promise<DeserializedPaillierB
break;
}
}
ab[i] = ab_i;
return modPow(t, e, N);
})
);
Expand Down
Loading

0 comments on commit e2336de

Please sign in to comment.