Skip to content

Instantly share code, notes, and snippets.

@kushti

kushti/task.md

Created September 23, 2016 18:01
Show Gist options
  • Save kushti/896bb16750904a2d08c9021ea42a5fe8 to your computer and use it in GitHub Desktop.
Save kushti/896bb16750904a2d08c9021ea42a5fe8 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
task.md

A Proof of a Product (Scala Team Test Task)

Alice knows an integer number A. Bob knows an integer number B. Both do not want to share the numbers with each other but want Carroll to compute multiplication result A * B. Both Alice and Bob do want to check that Carroll produces a correct product of the numbers given.

The parties conclude to follow the protocol below.

  1. The broker (Carroll) is starting the interaction by sending invitations to the users (Alice and Bob).
  2. The users are sending their numbers encrypted with Damgard-Jurik cryptosystem c_A and c_B to the broker. If timeout has been reached before both the numbers got then the broker states protocol abortion.
  3. Broker announces encrypted numbers (c_A, c_B) to the users.
  4. Users send their numbers in encrypted form to the broker. Any encryption scheme could be used for that. In case of symmetric encryption it could be assumed that keys are known to appropriate parties before protocol execution being started (so hardcoded). If timeout has been reached before both the numbers got then the broker states protocol abortion.
  5. Broker produces C = A * B and announces c_C value encrypted with Damgard-Jurik cryptosystem.

Next steps of the protocol are omitted, but the idea is as follows: users now can ask the broker to prove in a zero-knowledge way that c_A, c_B, c_C are encryptions of values A, B, C such as C = A * B. The concrete 3-move protocol for that is provided in Section 2.13 of https://github.com/kushti/scapi-cookbook/blob/master/SDK_Pseudocode.pdf . Users can ask broker to prove the fact arbitrary number of times.

Java part of the ScAPI framework (https://github.com/cryptobiu/scapi) contains a wrapper for a native library implementing Damgard-Jurik cryptosystem and also a zero-knowledge interactive protocol for a product. The latter is implemented with a communication framework hard-wired though, and we require Akka to be used for all the interactions.

Implement users and a broker as a different actors, also route all the message via environment actor logging all the messages coming in.

Implement at least one property test and at least one test of actors interaction(using akka-testkit).

The protocol given could be incomplete. We would like to hear about that.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment