Split MKLHS in offline and online portions.

relic-toolkit · Jan 28, 2020 · fc3e267 · fc3e267
1 parent 6ef6470
commit fc3e267
Show file tree

Hide file tree

Showing 5 changed files with 277 additions and 27 deletions.
diff --git a/bench/bench_cp.c b/bench/bench_cp.c
@@ -1012,6 +1012,7 @@ static void lhs(void) {
 	g2_t _s, s[S][L], pk[S], y[S], z[S];
 	gt_t hs[S][RLC_TERMS];
 	char *id = "id";
+	dig_t ft[S];
 
 	bn_null(m);
 	bn_null(n);
@@ -1072,7 +1073,9 @@ static void lhs(void) {
 	int flen[S];
 	for (int i = 0; i < S; i++) {
 		for (int j = 0; j < RLC_TERMS; j++) {
-			rand_bytes((uint8_t *)&f[i][j], sizeof(uint32_t));
+			uint32_t t;
+			rand_bytes((uint8_t *)&t, sizeof(uint32_t));
+			f[i][j] = t;
 		}
 		flen[i] = L;
 	}
@@ -1167,7 +1170,8 @@ static void lhs(void) {
 		for (int j = 0; j < S; j++) {
 			for (int l = 0; l < L; l++) {
 				bn_mod(msg[l], msg[l], n);
-				BENCH_ADD(cp_mklhs_sig(a[j][l], msg[l], ls[l], lens[l], sk[j]));
+				BENCH_ADD(cp_mklhs_sig(a[j][l], msg[l], id, sizeof(id),
+					ls[l], lens[l], sk[j]));
 			}
 		}
 	} BENCH_DIV(S * L);
@@ -1202,14 +1206,24 @@ static void lhs(void) {
 	}
 
 	BENCH_BEGIN("cp_mklhs_ver") {
-		BENCH_ADD(cp_mklhs_ver(_r, m, d, ls, lens, f, flen, pk, S));
+		BENCH_ADD(cp_mklhs_ver(_r, m, d, id, sizeof(id), ls, lens, f, flen,
+			pk, S));
+	} BENCH_DIV(S);
+
+	BENCH_BEGIN("cp_mklhs_off") {
+		BENCH_ADD(cp_mklhs_off(cs, ft, ls, lens, f, flen, S));
+	} BENCH_DIV(S);
+
+	BENCH_BEGIN("cp_mklhs_onv") {
+		BENCH_ADD(cp_mklhs_onv(_r, m, d, id, sizeof(id), cs, ft, pk, S));
 	} BENCH_DIV(S);
 
 #ifdef BENCH_LHS
 	for (int t = 1; t <= S; t++) {
 		util_print("(%2d ids) ", t);
 		BENCH_BEGIN("cp_mklhs_ver") {
-			BENCH_ADD(cp_mklhs_ver(_r, m, d, ls, lens, f, flen, pk, t));
+			BENCH_ADD(cp_mklhs_ver(_r, m, d, id, sizeof(id), ls, lens, f, flen,
+				pk, t));
 		} BENCH_END;
 	}
 
@@ -1219,7 +1233,33 @@ static void lhs(void) {
 			flen[u] = t;
 		}
 		BENCH_BEGIN("cp_mklhs_ver") {
-			BENCH_ADD(cp_mklhs_ver(_r, m, d, ls, lens, f, flen, pk, S));
+			BENCH_ADD(cp_mklhs_ver(_r, m, d, id, sizeof(id), ls, lens, f, flen,
+				pk, S));
+		} BENCH_END;
+	}
+
+	for (int t = 1; t <= S; t++) {
+		util_print("(%2d ids) ", t);
+		BENCH_BEGIN("cp_mklhs_off") {
+			BENCH_ADD(cp_mklhs_off(cs, ft, ls, lens, f, flen, t));
+		} BENCH_END;
+
+		BENCH_BEGIN("cp_mklhs_onv") {
+			BENCH_ADD(cp_mklhs_onv(_r, m, d, id, sizeof(id), cs, ft, pk, t));
+		} BENCH_END;
+	}
+
+	for (int t = 1; t <= L; t++) {
+		util_print("(%2d lbs) ", t);
+		for (int u = 0; u < S; u++) {
+			flen[u] = t;
+		}
+		BENCH_BEGIN("cp_mklhs_off") {
+			BENCH_ADD(cp_mklhs_off(cs, ft, ls, lens, f, flen, S));
+		} BENCH_END;
+
+		BENCH_BEGIN("cp_mklhs_onv") {
+			BENCH_ADD(cp_mklhs_onv(_r, m, d, id, sizeof(id), cs, ft, pk, S));
 		} BENCH_END;
 	}
 #endif /* BENCH_LHS */

diff --git a/include/relic_cp.h b/include/relic_cp.h
@@ -1617,6 +1617,7 @@ int cp_cmlhs_fun(g1_t a, g1_t c, g1_t as[], g1_t cs[], dig_t f[], int len);
  * @param[in] ss			- the vector of fourth components of the signatures.
  * @param[in] f 			- the linear coefficients in the function.
  * @param[in] len			- the number of coefficients.
+ * @return RLC_OK if no errors occurred, RLC_ERR otherwise.
  */
 int cp_cmlhs_evl(g1_t r, g2_t s, g1_t rs[], g2_t ss[], dig_t f[], int len);
 
@@ -1661,12 +1662,15 @@ int cp_mklhs_gen(bn_t sk, g2_t pk);
  *
  * @param[out] s 			- the resulting signature.
  * @param[in] m 			- the message to sign.
+ * @param[in] data 			- the dataset identifier.
+ * @param[in] dlen 			- the length of the dataset identifier.
  * @param[in] label 		- the label.
- * @param[in] len 			- the length of the label.
+ * @param[in] llen 			- the length of the label.
  * @param[in] sk 			- the private key for the signature scheme.
  * @return RLC_OK if no errors occurred, RLC_ERR otherwise.
  */
-int cp_mklhs_sig(g1_t s, bn_t m, char *label, int len, bn_t sk);
+int cp_mklhs_sig(g1_t s, bn_t m, char *data, int dlen, char *label, int llen,
+		bn_t sk);
 
 /**
  * Applies a function over a set of messages from the same user.
@@ -1686,6 +1690,7 @@ int cp_mklhs_fun(bn_t mu, bn_t m[], dig_t f[], int len);
  * @param[in] s				- the set of signatures.
  * @param[in] f 			- the linear coefficients in the function.
  * @param[in] len			- the number of coefficients.
+ * @return RLC_OK if no errors occurred, RLC_ERR otherwise.
  */
 int cp_mklhs_evl(g1_t sig, g1_t s[], dig_t f[], int len);
 
@@ -1695,15 +1700,52 @@ int cp_mklhs_evl(g1_t sig, g1_t s[], dig_t f[], int len);
  * @param[in] sig 			- the homomorphic signature to verify.
  * @param[in] m 			- the signed message.
  * @param[in] mu			- the vector of signed messages per user.
+ * @param[in] data 			- the dataset identifier.
+ * @param[in] dlen 			- the length of the dataset identifier.
+ * @param[in] label 		- the vector of labels.
+ * @param[in] llen 			- the vector of label lengths.
+ * @param[in] f 			- the linear coefficients in the function.
+ * @param[in] flen			- the number of coefficients.
+ * @param[in] pk 			- the public keys of the users.
+ * @param[in] slen 			- the number of signatures.
+ * @return a boolean value indicating the verification result.
+ */
+int cp_mklhs_ver(g1_t sig, bn_t m, bn_t mu[], char *data, int dlen,
+		char *label[], int llen[], dig_t f[][RLC_TERMS], int flen[], g2_t pk[],
+		int slen);
+
+/**
+ * Computes the offline part of veryfying a MKLHS signature over a set of
+ * messages.
+ *
+ * @param[out] h 			- the hashes of labels
+ * @param[out] ft 			- the precomputed linear coefficients.
  * @param[in] label 		- the vector of labels.
  * @param[in] llen 			- the vector of label lengths.
  * @param[in] f 			- the linear coefficients in the function.
  * @param[in] flen			- the number of coefficients.
+ * @param[in] slen 			- the number of signatures.
+ * @return RLC_OK if no errors occurred, RLC_ERR otherwise.
+ */
+int cp_mklhs_off(g1_t h[], dig_t ft[], char *label[], int llen[],
+	dig_t f[][RLC_TERMS], int flen[], int slen);
+
+/**
+ * Computes the online part of veryfying a MKLHS signature over a set of
+ * messages.
+ *
+ * @param[in] sig 			- the homomorphic signature to verify.
+ * @param[in] m 			- the signed message.
+ * @param[in] mu			- the vector of signed messages per user.
+ * @param[in] data 			- the dataset identifier.
+ * @param[in] dlen 			- the length of the dataset identifier.
+ * @param[in] d 			- the hashes of labels.
+ * @param[in] ft 			- the precomputed linear coefficients.
  * @param[in] pk 			- the public keys of the users.
  * @param[in] slen 			- the number of signatures.
  * @return a boolean value indicating the verification result.
  */
-int cp_mklhs_ver(g1_t sig, bn_t m, bn_t mu[], char *label[], int llen[],
-		dig_t f[][RLC_TERMS], int flen[], g2_t pk[], int slen);
+int cp_mklhs_onv(g1_t sig, bn_t m, bn_t mu[], char *data, int dlen,
+		g1_t h[], dig_t ft[], g2_t pk[], int slen);
 
 #endif /* !RLC_CP_H */
diff --git a/src/cp/relic_cp_cmlhs.c b/src/cp/relic_cp_cmlhs.c
@@ -104,19 +104,19 @@ int cp_cmlhs_sig(g1_t sig, g2_t z, g1_t a, g1_t c, g1_t r, g2_t s, bn_t msg,
 	g1_null(t);
 
 	TRY {
+		bn_new(k);
 		bn_new(m);
 		bn_new(n);
-		bn_new(k);
 		g1_new(t);
 		if (buf == NULL) {
 			THROW(ERR_NO_MEMORY);
 		}
 
 		g1_get_ord(n);
-
 		/* Generate r and s. */
 		bn_rand_mod(k, n);
 		bn_rand_mod(m, n);
+
 		/* Compute S = -g2^s, C = g1^s. */
 		g2_mul_gen(s, m);
 		g2_neg(s, s);