dgk.dgk module

Implementation of the Asymmetric Encryption Scheme known as DGK.

class dgk.dgk.DGK(public_key, secret_key, precision=0, full_decryption=True, share_secret_key=False, randomizations=None, max_size=100, total=None, nr_of_threads=1, path=None, separator=',', start_generation=True, debug=False)[source]

Bases: AsymmetricEncryptionScheme[Tuple[DGKPublicKey, DGKSecretKey], Union[int, float, FixedPoint], int, int, DGKCiphertext, DGKPublicKey, DGKSecretKey], RandomizedEncryptionScheme[Tuple[DGKPublicKey, DGKSecretKey], Union[int, float, FixedPoint], int, int, DGKCiphertext]

DGK Encryption Scheme. This is an AsymmetricEncryptionScheme, with a public and secret key. This is also a RandomizedEncryptionScheme, thus having internal randomness generation and allowing for the use of precomputed randomness.

class SerializedDGK[source]

Bases: TypedDict

prec: int
pubkey: DGKPublicKey
scheme_id: int
seckey: DGKSecretKey
__eq__(other)[source]

Compare this DGK scheme with another to determine (in)equality. Does not take the secret key into account as it might not be known and the public key combined with the precision should be sufficient to determine equality.

Parameters:

other (object) – Object to compare this DGK scheme with.

Return type:

bool

Returns:

Boolean value representing (in)equality of both objects.

__init__(public_key, secret_key, precision=0, full_decryption=True, share_secret_key=False, randomizations=None, max_size=100, total=None, nr_of_threads=1, path=None, separator=',', start_generation=True, debug=False)[source]

Construct a new DGK encryption scheme, with the given keypair, randomness object, precision for floating point encryption.

Parameters:

  • public_key (DGKPublicKey) – Public key for this DGK Scheme.

  • secret_key (Optional[DGKSecretKey]) – Optional Secret Key for this DGK Scheme (None when unknown).

  • precision (int) – Floating point precision of this encoding (Default: 0), in decimal places.

  • full_decryption (bool) – Boolean value stating whether full decryptions should be possible. If True, a decryption lookup table will be constructed. If False, only checking for 0 is possible.

  • share_secret_key (bool) – Boolean value stating whether the secret key should be included in serialization. This should only be set to True if one is really sure of it. (Default: False)

  • randomizations (Optional[Queue[int]]) – queue with randomizations. If no queue is given, it creates a fresh one. (Default: None)

  • max_size (int) – maximum size of the queue. (Default: 100)

  • total (Optional[int]) – upper bound on the total amount of randomizations to generate. (Default: None)

  • nr_of_threads (int) – number of generation worker threads that should be started. (Default: 1)

  • path (Optional[str]) – path (including filename) to the file that contains randomizations. By default no path is given and no randomness is extracted from any files. (Default: “”)

  • separator (str) – separator for the random values in the given file. (Default: “,”)

  • start_generation (bool) – flag that determines whether the scheme starts generating randomness immediately. (Default: True)

  • debug (bool) – flag to determine whether debug information should be displayed. (Default: False)

add(ciphertext_1, ciphertext_2)[source]

Add the underlying plaintext value of ciphertext_1 with the underlying plaintext value of ciphertext_2.

The resulting ciphertext is fresh only if at least one of the inputs was fresh. Both inputs are marked as non-fresh after the operation.

Parameters:

  • ciphertext_1 (DGKCiphertext) – First DGKCiphertext of which the underlying plaintext is added.

  • ciphertext_2 (Union[DGKCiphertext, int, float, FixedPoint]) – Second DGKCiphertext of which the underlying plaintext is added to the first.

Raises:

AttributeError – When ciphertext_2 does not have the same public key as ciphertext_1.

Return type:

DGKCiphertext

Returns:

A DGKCiphertext containing the encryption of the addition of both values.

decode(encoded_plaintext)[source]

Decode an EncodedPlaintext given the specified precision of this instantiation.

Parameters:

encoded_plaintext (EncodedPlaintext[int]) – Plaintext to be decoded.

Return type:

Union[int, float, FixedPoint]

Returns:

decoded Plaintext value

static deserialize(obj, *, origin=None, **_kwargs)[source]

Deserialization function for DGK schemes, which will be passed to the communication module

Parameters:

  • obj (SerializedDGK) – serialized version of a DGK scheme.

  • origin (Optional[HTTPClient]) – HTTPClient representing where the message came from if applicable

  • **_kwargs (Any) – Optional extra keyword arguments.

Raises:

  • SerializationError – When communication library is not installed.

  • ValueError – When the received scheme is received incorrectly.

Return type:

DGK

Returns:

Deserialized DGK scheme from the given dict. Might not have a secret

Returns:

Deserialized DGK scheme from the given dict. Might not have a secret key when that was not included in the received serialization.

encode(plaintext)[source]

Encode a float or int with the given precision of this instantiation. Allows for positive and negative numbers.

Parameters:

plaintext (Union[int, float, FixedPoint]) – Plaintext to be encoded.

Raises:

ValueError – If the plaintext is outside the supported range of this DGK instance.

Return type:

EncodedPlaintext[int]

Returns:

EncodedPlaintext object containing the encoded value.

static generate_key_material(v_bits, n_bits, u)[source]

Method to generate key material (DGKPublicKey and DGKPrivateKey).

Parameters:

  • v_bits (int) – Bit length \(t\) of the private key values \(v_p\) and \(v_q\)

  • n_bits (int) – Bit length of the public key RSA modulus \(n\)

  • u (int) – Bit length of the message space

Raises:

ValueError – In case \(u\) is not a prime number

Return type:

Tuple[DGKPublicKey, DGKSecretKey]

Returns:

Tuple with first the Public Key and then the Secret Key.

generate_randomness()[source]

Method to generate randomness for DGK.

Return type:

int

Returns:

A random number.

static get_composite_generator(p, q, p_min_1_prime_factors, q_min_1_prime_factors)[source]

Sample a random generator of the non-cyclic group \(\mathbb{Z}_n^*\), with \(n=p\cdot q\), and \(p\), \(q\) prime of maximum order \(\text{lcm}(p - 1, q - 1)\). This algorithm requires the primes \(p\) and \(q\) and the prime factors of \(p - 1\) and \(q - 1\).

This is based on Algorithm 4.83 of ‘Handbook of Applied Cryptography’ by Menzes, Oorschot, and Vanstone.

Parameters:

  • p (int) – First prime factor of the group modulus \(n=p\cdot q\).

  • q (int) – Second prime factor of the group modulus \(n=p\cdot q\).

  • p_min_1_prime_factors (Iterable[int]) – Prime factors of \(p - 1\).

  • q_min_1_prime_factors (Iterable[int]) – Prime factors of \(q - 1\).

Return type:

int

Returns:

Generator of maximum order \(\text{lcm}(p - 1, q - 1)\) from \(\mathbb{Z}^*_n\).

static get_cyclic_generator(modulus, prime_factors)[source]

Given a cylic group with the given modulus, that has order modulus - 1. This function obtains a random generator of this cyclic group. I.e. the output is the generator of \(\mathbb{Z}_p^*\) with the modulus \(p\) prime. The order of the group equals \(p - 1\) and its prime factors are given.

This is based on Algorithm 4.80 of ‘Handbook of Applied Cryptography’ by Menzes, Oorschot, and Vanstone.

Parameters:

  • modulus (int) – Prime modulus of the cyclic group.

  • prime_factors (Iterable[int]) – Prime factors of modulus - 1.

Return type:

int

Returns:

Generator of \(\mathbb{Z}_p^*\).

get_message_from_value(value)[source]

Get the message from the aux value based on an encrypted value

Parameters:

value (int) – Encrypted value

Raises:

ValueError – In case no original message exists in the aux table for this value, or if full decryptions are not supported.

Return type:

int

Returns:

Decrypted message

static get_prime(bits)[source]

Get a random prime with the given bit size

Parameters:

bits (int) – Amount of bits of the prime

Return type:

int

Returns:

Prime number

classmethod id_from_arguments(public_key, precision=0)[source]

Method that turns the arguments for the constructor into an identifier. This identifier is used to find constructor calls that would result in identical schemes.

Parameters:

  • public_key (DGKPublicKey) – DGKPublicKey of the DGK instance.

  • precision (int) – Precision of the DGK instance

Return type:

int

Returns:

Identifier of the DGK instance

is_zero(ciphertext)[source]

Determine if the underlying plaintext of a ciphertext equals 0, without doing a full decryption.

Parameters:

ciphertext (DGKCiphertext) – DGKCiphertext object containing the ciphertext to be checked.

Return type:

bool

Returns:

True if plaintext is 0, False otherwise.

mul(ciphertext, scalar)[source]

Multiply the underlying plaintext value of ciphertext with the given scalar.

The resulting ciphertext is fresh only if the input was fresh. The input is marked as non-fresh after the operation.

Parameters:

  • ciphertext (DGKCiphertext) – DGKCiphertext of which the underlying plaintext is multiplied.

  • scalar (int) – A scalar with which the plaintext underlying ciphertext should be multiplied.

Raises:

TypeError – When the scalar is not an integer.

Return type:

DGKCiphertext

Returns:

DGKCiphertext containing the encryption of the product of both values.

neg(ciphertext)[source]

Negate the underlying plaintext of this ciphertext. I.e. if the original plaintext of this ciphertext was 5. this method returns the ciphertext that has -5 as underlying plaintext.

The resulting ciphertext is fresh only if the input was fresh. The input is marked as non-fresh after the operation.

Parameters:

ciphertext (DGKCiphertext) – DGKCiphertext of which the underlying plaintext should be negated.

Return type:

DGKCiphertext

Returns:

DGKCiphertext object corresponding to the negated plaintext.

serialize(*, destination=None, **_kwargs)[source]

Serialization function for DGK schemes, which will be passed to the communication module. The sharing of the secret key depends on the attribute share_secret_key.

Parameters:

  • destination (Union[HTTPClient, List[HTTPClient], None]) – HTTPClient representing where the message will go if applicable, can also be a list of clients in case of a broadcast message.

  • **_kwargs (Any) – Optional extra keyword arguments.

Raises:

SerializationError – When communication library is not installed.

Return type:

SerializedDGK

Returns:

serialized version of this DGk scheme.

serialize_with_secret_key()[source]

Serialization function for DGK schemes, that does include the secret key.

Raises:

SerializationError – When communication library is not installed.

Return type:

SerializedDGK

Returns:

serialized version of this DGK scheme.

serialize_without_secret_key()[source]

Serialization function for DGK schemes, that does not include the secret key.

Raises:

SerializationError – When communication library is not installed.

Return type:

SerializedDGK

Returns:

serialized version of this DGK scheme (without the secret key).

class dgk.dgk.DGKCiphertext(raw_value, scheme, *, fresh=False)[source]

Bases: RandomizableCiphertext[Tuple[DGKPublicKey, DGKSecretKey], Union[int, float, FixedPoint], int, int]

Ciphertext for the DGK asymmetric encryption scheme. This ciphertext is rerandomizable and supports homomorphic operations.

class SerializedDGKCiphertext[source]

Bases: TypedDict

scheme: DGK
value: int
__eq__(other)[source]

Compare this DGKCiphertext with another to determine (in)equality.

Parameters:

other (object) – Object to compare this DGKCiphertext with.

Raises:

TypeError – When other object is not a DGKCiphertext.

Return type:

bool

Returns:

Boolean value representing (in)equality of both objects.

__init__(raw_value, scheme, *, fresh=False)[source]

Construct a RandomizableCiphertext, with the given value for the given EncryptionScheme.

Parameters:

  • raw_value (int) – DGKCiphertext value.

  • scheme (DGK) – DGK scheme that is used to encrypt this ciphertext.

  • fresh (bool) – Indicates whether fresh randomness is already applied to the raw_value.

Raises:

TypeError – If the given scheme is not of the type DGK.

apply_randomness(randomization_value)[source]

Rerandomize this ciphertext using the given random value.

Parameters:

randomization_value (int) – Random value used for rerandomization.

Return type:

None

copy()[source]

Create a copy of this Ciphertext, with the same value and scheme. The copy is not randomized and is considered not fresh.

Return type:

DGKCiphertext

Returns:

Copied DGKCiphertext.

static deserialize(obj, **_kwargs)[source]

Deserialization function for DGK ciphertexts, which will be passed to the communication module.

Parameters:

  • obj (SerializedDGKCiphertext) – serialized version of a DGKCiphertext.

  • **_kwargs (Any) – Optional extra keyword arguments.

Raises:

SerializationError – When communication library is not installed.

Return type:

DGKCiphertext

Returns:

Deserialized DGKCiphertext from the given dict.

is_zero()[source]

Determine if the underlying plaintext of this ciphertext equals 0, without doing a full decryption.

Return type:

bool

Returns:

True if plaintext is 0, False otherwise.

scheme: DGK
serialize(**_kwargs)[source]

Serialization function for DGK ciphertexts, which will be passed to the communication module.

If the ciphertext is not fresh, it is randomized before serialization. After serialization, it is always marked as not fresh for security reasons.

Parameters:

**_kwargs (Any) – Optional extra keyword arguments.

Raises:

SerializationError – When communication library is not installed.

Return type:

SerializedDGKCiphertext

Returns:

serialized version of this DGKCiphertext.

class dgk.dgk.DGKPublicKey(g, h, u, n, t)[source]

Bases: PublicKey

PublicKey for the DGK encryption scheme.

class SerializedDGKPublicKey[source]

Bases: TypedDict

g: int
h: int
n: int
t: int
u: int
__eq__(other)[source]

Compare this DGKPublicKey with another to determine (in)equality.

Parameters:

other (object) – Object to compare this DGKPublicKey with.

Raises:

TypeError – When other object is not a DGKPublicKey.

Return type:

bool

Returns:

Boolean value representing (in)equality of both objects.

__hash__()[source]

Compute a hash from this DGKPublicKey instance.

Return type:

int

Returns:

Hash value.

__init__(g, h, u, n, t)[source]

Constructs a new DGK public key.

Parameters:

  • g (int) – Generator of order \(v_p \cdot v_q \cdot u \mod n\)

  • h (int) – Generator of the invertible elements modulo n of order \(v_p \cdot v_q\)

  • u (int) – Modulus of the plaintext space.

  • n (int) – Modulus of the ciphertext space.

  • t (int) – The number of bits \(t\) of \(v_p\) and \(v_q\).

static deserialize(obj, **_kwargs)[source]

Deserialization function for public keys, which will be passed to the communication module.

Parameters:

  • obj (SerializedDGKPublicKey) – serialized version of a DGKPublicKey.

  • **_kwargs (Any) – Optional extra keyword arguments.

Raises:

SerializationError – When communication library is not installed.

Return type:

DGKPublicKey

Returns:

Deserialized DGKPublicKey from the given dict.

serialize(**_kwargs)[source]

Serialization function for public keys, which will be passed to the communication module.

Parameters:

**_kwargs (Any) – Optional extra keyword arguments.

Raises:

SerializationError – When communication library is not installed.

Return type:

SerializedDGKPublicKey

Returns:

serialized version of this DGKPublicKey.

class dgk.dgk.DGKSecretKey(v_p, v_q, p, q)[source]

Bases: SecretKey

SecretKey for the DGK encryption scheme.

class SerializedDGKSecretKey[source]

Bases: TypedDict

p: int
q: int
v_p: int
v_q: int
__eq__(other)[source]

Compare this DGKSecretKey with another to determine (in)equality.

Parameters:

other (object) – Object to compare this DGKSecretKey with.

Raises:

TypeError – When other object is not a DGKSecretKey.

Return type:

bool

Returns:

Boolean value representing (in)equality of both objects.

__hash__()[source]

Compute a hash from this DGKSecretKey instance.

Return type:

int

Returns:

Hash value.

__init__(v_p, v_q, p, q)[source]

Constructs a new DGK secret key.

Parameters:

  • v_p (int) – Prime number used during decryption

  • v_q (int) – Prime number used during decryption

  • p (int) – Prime factor of modulus \(n\)

  • q (int) – Prime factor of modulus \(n\)

static deserialize(obj, **_kwargs)[source]

Deserialization function for public keys, which will be passed to the communication module

Parameters:

  • obj (SerializedDGKSecretKey) – serialized version of a DGKSecretKey.

  • **_kwargs (Any) – Optional extra keyword arguments.

Raises:

SerializationError – When communication library is not installed.

Return type:

DGKSecretKey

Returns:

Deserialized DGKSecretKey from the given dict.

serialize(**_kwargs)[source]

Serialization function for secret keys, which will be passed to the communication module.

Parameters:

**_kwargs (Any) – Optional extra keyword arguments.

Raises:

SerializationError – When communication library is not installed.

Return type:

SerializedDGKSecretKey

Returns:

serialized version of this DGKSecretKey.

exception dgk.dgk.SerializationError[source]

Bases: Exception

Communication error for DGK.