Removed deterministic EdDSA.

rsempire · Jul 15, 2019 · 9c2050e · 9c2050e
1 parent c5b5fd7
commit 9c2050e
Show file tree

Hide file tree

Showing 12 changed files with 27 additions and 495 deletions.
diff --git a/src/mpc_crypto.vcxproj b/src/mpc_crypto.vcxproj
@@ -100,7 +100,6 @@
     <ClInclude Include="mpc_protocols\ecc_backup.h" />
     <ClInclude Include="mpc_protocols\mpc_core.h" />
     <ClInclude Include="mpc_protocols\mpc_ecc_core.h" />
-    <ClInclude Include="mpc_protocols\mpc_ecdh.h" />
     <ClInclude Include="mpc_protocols\mpc_ecdsa.h" />
     <ClInclude Include="mpc_protocols\mpc_eddsa.h" />
     <ClInclude Include="mpc_protocols\mpc_ot.h" />
@@ -145,7 +144,6 @@
     <ClCompile Include="mpc_protocols\ecc_backup.cpp" />
     <ClCompile Include="mpc_protocols\mpc_core.cpp" />
     <ClCompile Include="mpc_protocols\mpc_ecc_core.cpp" />
-    <ClCompile Include="mpc_protocols\mpc_ecdh.cpp" />
     <ClCompile Include="mpc_protocols\mpc_ecdsa.cpp" />
     <ClCompile Include="mpc_protocols\mpc_eddsa.cpp" />
     <ClCompile Include="mpc_protocols\mpc_ot.cpp" />

diff --git a/src/mpc_crypto.vcxproj.filters b/src/mpc_crypto.vcxproj.filters
@@ -12,9 +12,6 @@
     <ClInclude Include="mpc_protocols\mpc_core.h">
       <Filter>mpc_protocols</Filter>
     </ClInclude>
-    <ClInclude Include="mpc_protocols\mpc_ecdh.h">
-      <Filter>mpc_protocols</Filter>
-    </ClInclude>
     <ClInclude Include="mpc_protocols\mpc_ecdsa.h">
       <Filter>mpc_protocols</Filter>
     </ClInclude>
@@ -121,9 +118,6 @@
     <ClCompile Include="mpc_protocols\mpc_core.cpp">
       <Filter>mpc_protocols</Filter>
     </ClCompile>
-    <ClCompile Include="mpc_protocols\mpc_ecdh.cpp">
-      <Filter>mpc_protocols</Filter>
-    </ClCompile>
     <ClCompile Include="mpc_protocols\mpc_ecdsa.cpp">
       <Filter>mpc_protocols</Filter>
     </ClCompile>

diff --git a/src/mpc_crypto_eddsa.cpp b/src/mpc_crypto_eddsa.cpp
@@ -69,8 +69,8 @@ error_t mpc_eddsa_refresh_t::party1_step2(const message2_t& in, message3_t& out)
 {
   buf_t agree_buf;
   agree_random.peer1_step2(in, out, agree_buf);
-  bool add = (agree_buf[64*3] & 1) == 0;
-  mem_t refresh_data = mem_t(agree_buf.data(), 64*3);
+  bool add = (agree_buf[64] & 1) == 0;
+  mem_t refresh_data = mem_t(agree_buf.data(), 64);
   share.refresh(add, refresh_data);
   return 0;
 }
@@ -79,8 +79,8 @@ error_t mpc_eddsa_refresh_t::party2_step2(const message3_t& in, none_message_t&
 {
   buf_t agree_buf;
   agree_random.peer2_step2(in, agree_buf);
-  bool add = (agree_buf[64*3] & 1) != 0;
-  mem_t refresh_data = mem_t(agree_buf.data(), 64*3);
+  bool add = (agree_buf[64] & 1) != 0;
+  mem_t refresh_data = mem_t(agree_buf.data(), 64);
   share.refresh(add, refresh_data);
   return 0;
 }
@@ -140,14 +140,9 @@ error_t mpc_eddsa_gen_t::party1_step3(const message4_t& in, message5_t& out)
   return ctx.peer1_step2(share, in, out);
 }
 
-error_t mpc_eddsa_gen_t::party2_step3(const message5_t& in, message6_t& out)
+error_t mpc_eddsa_gen_t::party2_step3(const message5_t& in, none_message_t& out)
 {
-  return ctx.peer2_step2(share, in, out);
-}
-
-error_t mpc_eddsa_gen_t::party1_step4(const message6_t& in, none_message_t& out)
-{
-  return ctx.peer1_step3(share, in);
+  return ctx.peer2_step2(share, in);
 }
 
 // --------------------------------------- mpc_eddsa_sign_t ----------------------------------------------
@@ -228,9 +223,9 @@ error_t mpc_eddsa_sign_t::party2_step2(const message3_t& in, message4_t& out)
 
   if (refresh)
   {
-    buf_t agree_buf = calc_mgf(ctx.session_id, 64*3+1);
-    mem_t refresh_data = mem_t(agree_buf.data(), 64*3);
-    bool add = (agree_buf[64*3] & 1) == 0;
+    buf_t agree_buf = calc_mgf(ctx.session_id, 64+1);
+    mem_t refresh_data = mem_t(agree_buf.data(), 64);
+    bool add = (agree_buf[64] & 1) == 0;
 
     share.refresh(add, refresh_data);
   }
@@ -244,9 +239,9 @@ error_t mpc_eddsa_sign_t::party1_step3(const message4_t& in, none_message_t& out
 
   if (refresh)
   {
-    buf_t agree_buf = calc_mgf(ctx.session_id, 64*3+1);
-    mem_t refresh_data = mem_t(agree_buf.data(), 64*3);
-    bool add = (agree_buf[64*3] & 1) != 0;
+    buf_t agree_buf = calc_mgf(ctx.session_id, 64+1);
+    mem_t refresh_data = mem_t(agree_buf.data(), 64);
+    bool add = (agree_buf[64] & 1) != 0;
 
     share.refresh(add, refresh_data);
   }

diff --git a/src/mpc_crypto_eddsa.h b/src/mpc_crypto_eddsa.h
@@ -53,7 +53,7 @@ class mpc_eddsa_refresh_t : public mpc_crypto_context_t
 public:
   static const uint64_t CODE_TYPE = 0x81b6d0d69a7f4f48;
 
-  mpc_eddsa_refresh_t() : agree_random(64*3+1) {}
+  mpc_eddsa_refresh_t() : agree_random(64+1) {}
 
   virtual uint64_t get_type() const override { return CODE_TYPE; }
   virtual void convert(ub::converter_t& converter) override;
@@ -106,7 +106,7 @@ class mpc_eddsa_gen_t : public mpc_crypto_context_t
   virtual void set_share_core(const mpc_crypto_share_t& src) override { assert(false); }
   virtual void get_share_core(mpc_crypto_share_t& dst) const { ((mpc_eddsa_share_t&)dst).core = share; }
 
-  virtual int get_messages_count() const override { return 6; }
+  virtual int get_messages_count() const override { return 5; }
   virtual bool changes_share() const override { return true; }
 
   typedef mpc::agree_random_t::message1_t message1_t;
@@ -125,15 +125,13 @@ class mpc_eddsa_gen_t : public mpc_crypto_context_t
 
   typedef mpc::eddsa_gen_t::message2_t message4_t;
   typedef mpc::eddsa_gen_t::message3_t message5_t;
-  typedef mpc::eddsa_gen_t::message4_t message6_t;
 
   error_t party1_step1(message1_t& out);
   error_t party2_step1(const message1_t& in, message2_t& out);
   error_t party1_step2(const message2_t& in, message3_t& out);
   error_t party2_step2(const message3_t& in, message4_t& out);
   error_t party1_step3(const message4_t& in, message5_t& out);
-  error_t party2_step3(const message5_t& in, message6_t& out);
-  error_t party1_step4(const message6_t& in, none_message_t& out);
+  error_t party2_step3(const message5_t& in, none_message_t& out);
 
 private:
   mpc::eddsa_share_t share;

diff --git a/src/mpc_crypto_test.cpp b/src/mpc_crypto_test.cpp
@@ -564,17 +564,16 @@ MPCCRYPTO_API int MPCCrypto_test()
 {
   int rv = 0;
 
-  if (rv = test_bip()) return rv;
-
   test_key_t eddsa_key;
   if (rv = test_eddsa_gen(eddsa_key)) return rv;
   if (rv = test_eddsa_backup(eddsa_key)) return rv;
-  for (int i=0; i<3; i++)
+  for (int i=0; i<30; i++)
   {
     if (rv = test_eddsa_sign(eddsa_key)) return rv;
     if (rv = test_refresh(eddsa_key)) return rv;
   }
 
+  if (rv = test_bip()) return rv;
 
   test_key_t ecdsa_key;
   if (rv = test_ecdsa_gen(ecdsa_key)) return rv;

diff --git a/src/mpc_protocols/garbled_circuit_2party.h b/src/mpc_protocols/garbled_circuit_2party.h
@@ -27,6 +27,7 @@
 #include "garbled_circuit.h"
 #include "crypto_aesni.h"
 #include "mpc_ot.h"
+#include "mpc_ecc_core.h"
 
 enum class gc_param_type_e
 {

diff --git a/src/mpc_protocols/mpc_ecdh.cpp b/src/mpc_protocols/mpc_ecdh.cpp