Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add negative tests shuffle package #503

Merged
merged 6 commits into from
Mar 21, 2024
Merged

Add negative tests shuffle package #503

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
c3fca19
Some refactoring
K1li4nL Mar 17, 2024
3f60ce2
Add test wrong shuffles on pair
K1li4nL Mar 17, 2024
2925950
Add test wrong Shuffle Sequence
K1li4nL Mar 17, 2024
e04ef54
Add negative test for shuffle/Biffle
K1li4nL Mar 18, 2024
a7a0352
Fix comment
K1li4nL Mar 18, 2024
b00ef18
Reduce code duplication
K1li4nL Mar 20, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
63 changes: 44 additions & 19 deletions shuffle/biffle_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,49 +15,74 @@ func TestBiffle(t *testing.T) {
biffleTest(s, N)
}

func TestInvalidBiffle(t *testing.T) {
rand := blake2xb.New(nil)
s := edwards25519.NewBlakeSHA256Ed25519WithRand(rand)
biffleInvalidTest(s)
}

func biffleTest(suite Suite, N int) {
rand := suite.RandomStream()

// Create a "server" private/public keypair
h := suite.Scalar().Pick(rand)
H := suite.Point().Mul(h, nil)

// Create a set of ephemeral "client" keypairs to shuffle
var c [2]kyber.Scalar
var C [2]kyber.Point
// fmt.Println("\nclient keys:")
for i := 0; i < 2; i++ {
c[i] = suite.Scalar().Pick(rand)
C[i] = suite.Point().Mul(c[i], nil)
// fmt.Println(" "+C[i].String())
}
h, c := setShuffleKeyPairs(rand, suite, 2)

// ElGamal-encrypt all these keypairs with the "server" key
var X, Y [2]kyber.Point
r := suite.Scalar() // temporary
for i := 0; i < 2; i++ {
r.Pick(rand)
X[i] = suite.Point().Mul(r, nil)
Y[i] = suite.Point().Mul(r, H) // ElGamal blinding factor
Y[i].Add(Y[i], C[i]) // Encrypted client public key
Y[i] = suite.Point().Mul(r, h) // ElGamal blinding factor
Y[i].Add(Y[i], c[i]) // Encrypted client public key
}

// Repeat only the actual shuffle portion for test purposes.
// Repeat only the actual shuffle portion for benchmark purposes.
for i := 0; i < N; i++ {

// Do a key-shuffle
Xbar, Ybar, prover := Biffle(suite, nil, H, X, Y, rand)
Xbar, Ybar, prover := Biffle(suite, nil, h, X, Y, rand)
prf, err := proof.HashProve(suite, "Biffle", prover)
if err != nil {
panic("Biffle proof failed: " + err.Error())
}
//fmt.Printf("proof:\n%s\n",hex.Dump(prf))

// Check it
verifier := BiffleVerifier(suite, nil, H, X, Y, Xbar, Ybar)
verifier := BiffleVerifier(suite, nil, h, X, Y, Xbar, Ybar)
err = proof.HashVerify(suite, "Biffle", verifier, prf)
if err != nil {
panic("Biffle verify failed: " + err.Error())
}
}
}

func biffleInvalidTest(suite Suite) {
rand := suite.RandomStream()
h, c := setShuffleKeyPairs(rand, suite, 2)

// ElGamal-encrypt all these keypairs with the "server" key
var X, Y [2]kyber.Point
r := suite.Scalar() // temporary
for i := 0; i < 2; i++ {
r.Pick(rand)
X[i] = suite.Point().Mul(r, nil)
Y[i] = suite.Point().Mul(r, h) // ElGamal blinding factor
Y[i].Add(Y[i], c[i]) // Encrypted client public key
}

// Do a key-shuffle
Xbar, Ybar, prover := Biffle(suite, nil, h, X, Y, rand)
prf, err := proof.HashProve(suite, "Biffle", prover)
if err != nil {
panic("Biffle proof failed: " + err.Error())
}

// Corrupt inputs
X[0], Y[0] = X[1], Y[1]

// Check it
verifier := BiffleVerifier(suite, nil, h, X, Y, Xbar, Ybar)
err = proof.HashVerify(suite, "Biffle", verifier, prf)
if err == nil {
panic("Biffle verify should have failed")
}
}
146 changes: 109 additions & 37 deletions shuffle/shuffle_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,10 @@
package shuffle

import (
"crypto/cipher"
"testing"

"github.com/stretchr/testify/assert"
"go.dedis.ch/kyber/v3"
"go.dedis.ch/kyber/v3/group/edwards25519"
"go.dedis.ch/kyber/v3/proof"
Expand All @@ -11,82 +13,113 @@ import (

var k = 5
var NQ = 6
var N = 10
var N = 1
AnomalRoil marked this conversation as resolved.
Show resolved Hide resolved

func TestShufflePair(t *testing.T) {
s := edwards25519.NewBlakeSHA256Ed25519WithRand(blake2xb.New(nil))
pairShuffleTest(s, k, N)
}

func TestShuffleInvalidPair(t *testing.T) {
s := edwards25519.NewBlakeSHA256Ed25519WithRand(blake2xb.New(nil))
pairInvalidShuffleTest(t, s, k)
}

func TestShuffleSequence(t *testing.T) {
s := edwards25519.NewBlakeSHA256Ed25519WithRand(blake2xb.New(nil))
sequenceShuffleTest(s, k, NQ, N)
}

func pairShuffleTest(suite Suite, k, N int) {
rand := suite.RandomStream()
func TestInvalidShuffleSequence(t *testing.T) {
s := edwards25519.NewBlakeSHA256Ed25519WithRand(blake2xb.New(nil))
sequenceInvalidShuffleTest(t, s, k, NQ)
}

func setShuffleKeyPairs(rand cipher.Stream, suite Suite, k int) (kyber.Point, []kyber.Point) {
// Create a "server" private/public keypair
h := suite.Scalar().Pick(rand)
H := suite.Point().Mul(h, nil)
h0 := suite.Scalar().Pick(rand)
h1 := suite.Point().Mul(h0, nil)

// Create a set of ephemeral "client" keypairs to shuffle
c := make([]kyber.Scalar, k)
C := make([]kyber.Point, k)
// fmt.Println("\nclient keys:")
c1 := make([]kyber.Point, k)

for i := 0; i < k; i++ {
c[i] = suite.Scalar().Pick(rand)
C[i] = suite.Point().Mul(c[i], nil)
// fmt.Println(" "+C[i].String())
c0 := suite.Scalar().Pick(rand)
c1[i] = suite.Point().Mul(c0, nil)
}

return h1, c1
}

func elGamalEncryptPair(
rand cipher.Stream,
suite Suite,
c []kyber.Point,
h kyber.Point, k int) ([]kyber.Point, []kyber.Point) {

// ElGamal-encrypt all these keypairs with the "server" key
X := make([]kyber.Point, k)
Y := make([]kyber.Point, k)
x := make([]kyber.Point, k)
y := make([]kyber.Point, k)
r := suite.Scalar() // temporary
for i := 0; i < k; i++ {
r.Pick(rand)
X[i] = suite.Point().Mul(r, nil)
Y[i] = suite.Point().Mul(r, H) // ElGamal blinding factor
Y[i].Add(Y[i], C[i]) // Encrypted client public key
x[i] = suite.Point().Mul(r, nil)
y[i] = suite.Point().Mul(r, h) // ElGamal blinding factor
y[i].Add(y[i], c[i]) // Encrypted client public key
}

// Repeat only the actual shuffle portion for test purposes.
for i := 0; i < N; i++ {
return x, y
}

func pairShuffleTest(suite Suite, k, n int) {
rand := suite.RandomStream()
h, c := setShuffleKeyPairs(rand, suite, k)
x, y := elGamalEncryptPair(rand, suite, c, h, k)

// Repeat only the actual shuffle portion for benchmark purposes.
AnomalRoil marked this conversation as resolved.
Show resolved Hide resolved
for i := 0; i < n; i++ {
// Do a key-shuffle
Xbar, Ybar, prover := Shuffle(suite, nil, H, X, Y, rand)
Xbar, Ybar, prover := Shuffle(suite, nil, h, x, y, rand)
prf, err := proof.HashProve(suite, "PairShuffle", prover)
if err != nil {
panic("Shuffle proof failed: " + err.Error())
}
//fmt.Printf("proof:\n%s\n",hex.Dump(prf))

// Check it
verifier := Verifier(suite, nil, H, X, Y, Xbar, Ybar)
verifier := Verifier(suite, nil, h, x, y, Xbar, Ybar)
err = proof.HashVerify(suite, "PairShuffle", verifier, prf)
if err != nil {
panic("Shuffle verify failed: " + err.Error())
}
}
}

func sequenceShuffleTest(suite Suite, k, NQ, N int) {
func pairInvalidShuffleTest(t *testing.T, suite Suite, k int) {
rand := suite.RandomStream()
h, c := setShuffleKeyPairs(rand, suite, k)
x, y := elGamalEncryptPair(rand, suite, c, h, k)

// Create a "server" private/public keypair
h := suite.Scalar().Pick(rand)
H := suite.Point().Mul(h, nil)
// Do a key-shuffle
Xbar, Ybar, prover := Shuffle(suite, nil, h, x, y, rand)

// Create a set of ephemeral "client" keypairs to shuffle
c := make([]kyber.Scalar, k)
C := make([]kyber.Point, k)
// Corrupt the shuffle
Xbar[1], Xbar[0] = Xbar[0], Xbar[1]

for i := 0; i < k; i++ {
c[i] = suite.Scalar().Pick(rand)
C[i] = suite.Point().Mul(c[i], nil)
}
prf, err := proof.HashProve(suite, "PairShuffle", prover)
assert.Nil(t, err)

// Check it
verifier := Verifier(suite, nil, h, x, y, Xbar, Ybar)
err = proof.HashVerify(suite, "PairShuffle", verifier, prf)
assert.Error(t, err)
}

func generateAndEncryptRandomSequences(
rand cipher.Stream,
suite Suite,
h kyber.Point,
c []kyber.Point,
k int) ([][]kyber.Point, [][]kyber.Point) {
X := make([][]kyber.Point, NQ)
Y := make([][]kyber.Point, NQ)

Expand All @@ -110,16 +143,24 @@ func sequenceShuffleTest(suite Suite, k, NQ, N int) {
for i := 0; i < k; i++ {
r.Pick(rand)
X[j][i] = suite.Point().Mul(r, nil)
Y[j][i] = suite.Point().Mul(r, H) // ElGamal blinding factor
Y[j][i].Add(Y[j][i], C[i]) // Encrypted client public key
Y[j][i] = suite.Point().Mul(r, h) // ElGamal blinding factor
Y[j][i].Add(Y[j][i], c[i]) // Encrypted client public key
}
}

// Repeat only the actual shuffle portion for test purposes.
return X, Y
}

func sequenceShuffleTest(suite Suite, k, NQ, N int) {
rand := suite.RandomStream()
h, c := setShuffleKeyPairs(rand, suite, k)
X, Y := generateAndEncryptRandomSequences(rand, suite, h, c, k)

// Repeat only the actual shuffle portion for benchmark purposes.
for i := 0; i < N; i++ {

// Do a key-shuffle
XX, YY, getProver := SequencesShuffle(suite, nil, H, X, Y, rand)
XX, YY, getProver := SequencesShuffle(suite, nil, h, X, Y, rand)

e := make([]kyber.Scalar, NQ)
for j := 0; j < NQ; j++ {
Expand All @@ -139,11 +180,42 @@ func sequenceShuffleTest(suite Suite, k, NQ, N int) {
XXUp, YYUp, XXDown, YYDown := GetSequenceVerifiable(suite, X, Y, XX, YY, e)

// Check it
verifier := Verifier(suite, nil, H, XXUp, YYUp, XXDown, YYDown)
verifier := Verifier(suite, nil, h, XXUp, YYUp, XXDown, YYDown)

err = proof.HashVerify(suite, "PairShuffle", verifier, prf)
if err != nil {
panic("failed to hashVerify: " + err.Error())
}
}
}

func sequenceInvalidShuffleTest(t *testing.T, suite Suite, k, NQ int) {
rand := suite.RandomStream()
h, c := setShuffleKeyPairs(rand, suite, k)
X, Y := generateAndEncryptRandomSequences(rand, suite, h, c, k)

// Do a key-shuffle
XX, YY, getProver := SequencesShuffle(suite, nil, h, X, Y, rand)

// Corrupt original inputs
X[0][0], Y[0][0] = X[0][1], Y[0][1]

e := make([]kyber.Scalar, NQ)
for j := 0; j < NQ; j++ {
e[j] = suite.Scalar().Pick(suite.RandomStream())
}

prover, err := getProver(e)
assert.Nil(t, err)

prf, err := proof.HashProve(suite, "PairShuffle", prover)
assert.Nil(t, err)

XXUp, YYUp, XXDown, YYDown := GetSequenceVerifiable(suite, X, Y, XX, YY, e)

// Check it
verifier := Verifier(suite, nil, h, XXUp, YYUp, XXDown, YYDown)

err = proof.HashVerify(suite, "PairShuffle", verifier, prf)
assert.Error(t, err)
}
Loading