module RSA::ACC::PoKE2
Non-Interactive Proof of knowledge of exponent2.
Public Instance Methods
prove(base, exp, result, modulus)
click to toggle source
Computes a proof that you know exp
s.t. base
^ exp
= result
. @param [Integer] base @param [Integer] exp @param [Integer] result @param [Integer] modulus @return [RSA::ACC::PoKE2Proof] a proof.
# File lib/rsa/acc/poke2.rb, line 44 def prove(base, exp, result, modulus) g = RSA::Accumulator::RSA2048_UNKNOWN_ELEM z = g.pow(exp, modulus) l = compute_challenge(base, result, z) alpha = blake2_hash(base, result, z, l) q, r = exp.divmod(l) RSA::ACC::PoKE2Proof.new(z, ((base * g.pow(alpha, modulus)) % modulus).pow(q, modulus), r) end
verify(base, result, proof, modulus)
click to toggle source
Verifies that the prover knows exp
s.t. base
^ exp
= result
@param [Integer] base @param [Integer] result @param [RSA::ACC::PoKE2Proof] proof @param [Integer] modulus @return [Boolean] Returns true for successful verification, false otherwise.
# File lib/rsa/acc/poke2.rb, line 59 def verify(base, result, proof, modulus) g = RSA::Accumulator::RSA2048_UNKNOWN_ELEM l = compute_challenge(base, result, proof.z) alpha = blake2_hash(base, result, proof.z, l) lhs = (proof.q.pow(l, modulus) * ((base * g.pow(alpha, modulus) % modulus)).pow(proof.r, modulus)) % modulus rhs = (result * proof.z.pow(alpha, modulus) % modulus) lhs == rhs end