org.cryptimeleon.craco.sig.sps.akot15.tc

Class TCAKOT15CommitmentScheme

java.lang.Object

org.cryptimeleon.craco.sig.sps.akot15.tc.TCAKOT15CommitmentScheme

All Implemented Interfaces:

CommitmentScheme, SPSMessageSpaceVerifier, org.cryptimeleon.math.serialization.annotations.RepresentationRestorer, org.cryptimeleon.math.serialization.Representable, org.cryptimeleon.math.serialization.StandaloneRepresentable

public class TCAKOT15CommitmentScheme
extends java.lang.Object
implements CommitmentScheme, SPSMessageSpaceVerifier

An implementation of the structure preserving commitment scheme TC presented in [1] While the scheme is intended to be a building block of the larger SPS scheme SPSFSP2SignatureScheme, the implementation can be used on its own, where it is chosen message target collision resistant under the assumptions that its building blocks SPSPOSSignatureScheme and TCGAKOT15CommitmentScheme make. Note: While the scheme is a trapdoor commitment scheme in the paper, its trapdoor functionality (SimCom, Equiv in the paper) has been omitted for this implementation, as it is not required for FSPS2 to work as intended. Note: This scheme does not possess its own implementation of an Commitment instance. It instead reuses TCGAKOT15Commitment, as the paper states com := com_gbc [1] Abe et al.: Fully Structure-Preserving Signatures and Shrinking Commitments. https://eprint.iacr.org/2015/076.pdf

Constructor Summary

Constructors

Constructor and Description
TCAKOT15CommitmentScheme(AKOT15SharedPublicParameters pp)
TCAKOT15CommitmentScheme(AKOT15SharedPublicParameters sharedPublicParametersParameters, TCGAKOT15XSIGPublicParameters tcGammaPublicParameters) Set up the scheme using a set of shared parameters, as well as special parameters for TC gamma, enabling inter-compatibility with SPSXSIGSignatureScheme Note: The original paper contains a typo in the section: "Procedure: Matching C_gbc to M_xsig -- Setup" [1, p.17] The whole of TC must be initialized with F_1, F^{tilde}_1 as the default generators, not just TC_gamma.
TCAKOT15CommitmentScheme(org.cryptimeleon.math.serialization.Representation repr)

Method Summary

Modifier and Type	Method and Description
CommitmentPair	commit(PlainText plainText) Creates a commitment to the given PlainText.
CommitmentPair	commit(PlainText plainText, CommitmentKey commitmentKey)
boolean	equals(java.lang.Object o)
TCGAKOT15CommitmentKey	generateKey()
int	getMaxNumberOfBytesForMapToPlaintext() Returns the maximal number of bytes that can be mapped injectively to a PlainText by CommitmentScheme.mapToPlaintext(byte[])
org.cryptimeleon.math.serialization.Representation	getRepresentation()
int	hashCode()
MessageBlock	mapToPlaintext(byte[] bytes) Provides an injective mapping of the given byte[] to a PlainText usable with this scheme (which may be a MessageBlock).
Commitment	restoreCommitment(org.cryptimeleon.math.serialization.Representation repr)
OpenValue	restoreOpenValue(org.cryptimeleon.math.serialization.Representation repr)
boolean	verify(Commitment commitment, OpenValue openValue, PlainText plainText) Verifies that the given announced PlainText equals the result of opening the Commitment with the OpenValue.
boolean	verify(PlainText plainText, CommitmentKey commitmentKey, Commitment commitment, OpenValue openValue)

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.cryptimeleon.craco.commitment.CommitmentScheme

restoreCommitmentPair, restoreFromRepresentation

Methods inherited from interface org.cryptimeleon.craco.sig.sps.SPSMessageSpaceVerifier

doMessageChecks

Constructor Detail

TCAKOT15CommitmentScheme

public TCAKOT15CommitmentScheme(AKOT15SharedPublicParameters pp)

TCAKOT15CommitmentScheme

public TCAKOT15CommitmentScheme(AKOT15SharedPublicParameters sharedPublicParametersParameters,
                                TCGAKOT15XSIGPublicParameters tcGammaPublicParameters)

Set up the scheme using a set of shared parameters, as well as special parameters for TC gamma, enabling inter-compatibility with SPSXSIGSignatureScheme Note: The original paper contains a typo in the section: "Procedure: Matching C_gbc to M_xsig -- Setup" [1, p.17] The whole of TC must be initialized with F_1, F^{tilde}_1 as the default generators, not just TC_gamma.

TCAKOT15CommitmentScheme

public TCAKOT15CommitmentScheme(org.cryptimeleon.math.serialization.Representation repr)

Method Detail

generateKey

public TCGAKOT15CommitmentKey generateKey()

commit

public CommitmentPair commit(PlainText plainText)

Description copied from interface: CommitmentScheme

Creates a commitment to the given PlainText.

Specified by:

commit in interface CommitmentScheme

Parameters:

plainText - the message to commit to

Returns:

the CommitmentPair containing the commitment and an OpenValue that can be used to reveal the committed message.

commit

public CommitmentPair commit(PlainText plainText,
                             CommitmentKey commitmentKey)

verify

public boolean verify(Commitment commitment,
                      OpenValue openValue,
                      PlainText plainText)

Description copied from interface: CommitmentScheme

Verifies that the given announced PlainText equals the result of opening the Commitment with the OpenValue.

A commitment scheme such as HashThenCommitCommitmentScheme may also hash the message before committing to it. This method can take this into account, i.e. by hashing the given announced plaintext before comparing.

Specified by:

verify in interface CommitmentScheme

Parameters:

commitment - commitment to verify

openValue - used to open the commitment and reveal the content

plainText - the hash of this will be compared with the opened commitment message

Returns:

true if verification succeeds, else false

verify

public boolean verify(PlainText plainText,
                      CommitmentKey commitmentKey,
                      Commitment commitment,
                      OpenValue openValue)

mapToPlaintext

public MessageBlock mapToPlaintext(byte[] bytes)

Description copied from interface: CommitmentScheme

Provides an injective mapping of the given byte[] to a PlainText usable with this scheme (which may be a MessageBlock). It only guarantees injectivity for arrays of the same length. Applications that would like to use mapToPlaintext with multiple different array lengths may want to devise a padding method and then only call mapToPlaintext with byte arrays of the same (padded) length.

Specified by:

mapToPlaintext in interface CommitmentScheme

Parameters:

bytes - byte[] to map to a PlainText that can be committed to using this commitment scheme

Returns:

PlainText usable with this commitment scheme

getMaxNumberOfBytesForMapToPlaintext

public int getMaxNumberOfBytesForMapToPlaintext()

Description copied from interface: CommitmentScheme

Returns the maximal number of bytes that can be mapped injectively to a PlainText by CommitmentScheme.mapToPlaintext(byte[])

As described in CommitmentScheme.mapToPlaintext(byte[]) there might be no injective PlainText for some byte arrays, e.g. if the byte array is too long. Therefore, this method provides the maximal number of bytes that can be mapped injectively to a PlainText.

Specified by:

getMaxNumberOfBytesForMapToPlaintext in interface CommitmentScheme

Returns:

maximal number of bytes that can be given to CommitmentScheme.mapToPlaintext(byte[]).

restoreCommitment

public Commitment restoreCommitment(org.cryptimeleon.math.serialization.Representation repr)

Specified by:

restoreCommitment in interface CommitmentScheme

restoreOpenValue

public OpenValue restoreOpenValue(org.cryptimeleon.math.serialization.Representation repr)

Specified by:

restoreOpenValue in interface CommitmentScheme

getRepresentation

public org.cryptimeleon.math.serialization.Representation getRepresentation()

Specified by:

getRepresentation in interface org.cryptimeleon.math.serialization.Representable

equals

public boolean equals(java.lang.Object o)

Overrides:

equals in class java.lang.Object

hashCode

public int hashCode()

Overrides:

hashCode in class java.lang.Object