secure_comparison.initiator module

Initiator of protocol, i.e. performs step 1. Alice; A in the paper.

class secure_comparison.initiator.Initiator(l_maximum_bit_length, communicator=None, other_party='', scheme_paillier=None, scheme_dgk=None, session_id=0)[source]

Bases: object

Player Alice in the secure comparison protocol, initiates.

__init__(l_maximum_bit_length, communicator=None, other_party='', scheme_paillier=None, scheme_dgk=None, session_id=0)[source]
Parameters:

  • l_maximum_bit_length (int) – maximum bit length used to constrain variables (\(l\)).

  • communicator (Optional[Communicator]) – object for handling communication with the KeyHolder during the protocol.

  • other_party (str) – identifier of the other party

  • scheme_paillier (Optional[Paillier]) – Paillier encryption scheme (without secret key).

  • scheme_dgk (Optional[DGK]) – DGK encryption scheme (without secret key).

  • session_id (int) – keeps track of the session.

async perform_secure_comparison(x_enc, y_enc)[source]

Performs all steps of the secure comparison protocol for Alice. Performs required communication with Bob.

Parameters:

  • x_enc (PaillierCiphertext) – first encrypted input variable \([[x]]\).

  • y_enc (PaillierCiphertext) – second encrypted input variable \([[y]]\).

Return type:

PaillierCiphertext

Returns:

Encrypted value of \((x<=y)\): \([[(x<=y)]]\).

Raises:

ValueError – raised when communicator is not propertly configured.

async receive_encryption_schemes(session_id=1)[source]

Receives encryption schemes Paillier and DGK (without secret keys) from Bob.

Parameters:

session_id (int) – distinguish communication different sessions.

Raises:

ValueError – raised when communicator is not properly configured.

Return type:

None

static shuffle(values)[source]

Shuffle the list in random order.

Parameters:

values (List[Any]) – List of objets that is to be shuffled.

Return type:

List[Any]

Returns:

Shuffled version of the input list.

static step_1(x_enc, y_enc, l, scheme_paillier)[source]

\(A\) chooses a random number \(r, 0 \leq r < N\), and computes

\[[[z]] \leftarrow [[y - x + 2^l + r]] = [[x]] \cdot [[y]]^{-1} \cdot [[2^l + r]] \mod N^2.\]

Parameters:

  • x_enc (PaillierCiphertext) – Encrypted value of \(x\): \([[x]]\).

  • y_enc (PaillierCiphertext) – Encrypted value of \(y\): \([[y]]\).

  • l (int) – Fixed value, such that \(0 \leq x,y < 2^l\), for any \(x\), \(y\) that will be given as input to this method.

  • scheme_paillier (Paillier) – Paillier encryption scheme.

Return type:

Tuple[PaillierCiphertext, int]

Returns:

Tuple containing as first entry the encrypted value of \(z\): \([[z]] \leftarrow [[y - x + 2^l + r]] = [[y]] \cdot [[x]]^{-1} \cdot [[2^l + r]] \mod N^2\). The second entry is the randomness value \(r\).

static step_3(r, l)[source]

\(A\) computes \(\alpha = r \mod 2^l\).

Parameters:

  • r (int) – The randomness value \(r\) from step 1.

  • l (int) – Fixed value, such that \(0 \leq x,y < 2^l\), for any \(x, y\) that will be given as input to this method.

Return type:

List[int]

Returns:

Value \(\alpha = r \mod 2^l\) as bits.

static step_4c(d_enc, r, scheme_dgk, scheme_paillier)[source]

\(A\) corrects \([d]\) by setting \([d] \leftarrow [0]\) whenever \(0 \leq r < (N - 1)/2\).

Parameters:

  • d_enc (DGKCiphertext) – Encrypted value of \(d\): \([d]\).

  • r (int) – The randomness value \(r\) from step 1.

  • scheme_dgk (DGK) – DGK encryption scheme.

  • scheme_paillier (Paillier) – Paillier encryption scheme.

Return type:

DGKCiphertext

Returns:

Corrected encrypted value of \(d\): \([d]\). If \(0 \leq r < (N - 1)/2\), then \([d] \leftarrow [0]\), else \([d]\) remains unaltered.

static step_4d(alpha, beta_is_enc)[source]

For each \(i, 0 \leq i < l\), \(A\) computes \([\alpha_i \oplus \beta_i]\) as follows: if \(\alpha_i = 0\) then \([\alpha_i \oplus \beta_i] \leftarrow [\beta_i]\) else \([\alpha_i \oplus \beta_i] \leftarrow [1] \cdot [\beta_i]^{-1} \mod n\).

Parameters:

  • alpha (List[int]) – The value \(\alpha\) from step 3.

  • beta_is_enc (List[DGKCiphertext]) – List containing the encrypted values of \(\beta_i\): \([\beta_i], 0 \leq i < l\).

Return type:

List[DGKCiphertext]

Returns:

List containing the encrypted values of the bits \(\alpha_i \oplus \beta_i\): \([\alpha_i \oplus \beta_i], 0 \leq i < l\).

static step_4e(r, alpha, alpha_is_xor_beta_is_enc, d_enc, scheme_paillier)[source]

A computes \(\tilde{\alpha} = (r - N) \mod 2^l\), the corrected value of \(\alpha\) in case a carry-over actually did occur and adjusts \([\alpha_i \oplus \beta_i]\) for each \(i\): If \(\alpha_i = \tilde{\alpha}_i\) then \([w_i] \leftarrow [\alpha_i \oplus \beta_i]\) else \([w_i] \leftarrow [\alpha_i \oplus \beta_i] \cdot [d]^{-1} \mod n\)

Parameters:

  • r (int) – The randomness value \(r\) from step 1.

  • alpha (List[int]) – The value \(\alpha\) from step 3.

  • alpha_is_xor_beta_is_enc (List[DGKCiphertext]) – List containing the encrypted values of the bits \(\alpha_i \oplus \beta_i\): \([\alpha_i \oplus \beta_i], 0 \leq i < l\).

  • d_enc (DGKCiphertext) – Encrypted value of \(d\): \([d]\).

  • scheme_paillier (Paillier) – Paillier encryption scheme.

Return type:

Tuple[List[DGKCiphertext], List[int]]

Returns:

Tuple containing as first entry a list containing the encrypted values of the bits \(w_i\): \([w_i], 0 \leq i < l\). The second entry is the value \(\tilde{\alpha} = (r - N) \mod 2^l\) as bits.

static step_4f(w_is_enc)[source]

For each \(i, 0 \leq i < l\), \(A\) computes \([w_i] \leftarrow [w_i]^{2^i} \mod n\) such that these values will not interfere each other when added.

Parameters:

w_is_enc (List[DGKCiphertext]) – List containing the encrypted values of the bits \(w_i\): \([w_i], 0 \leq i < l\).

Return type:

List[DGKCiphertext]

Returns:

List containing the encrypted values of the bits \(w_i\): \([w_i], 0 \leq i < l\).

static step_4g()[source]

\(A\) chooses a uniformly random bit \(\delta_A\) and computes \(s = 1 - 2 \cdot \delta_A\).

Return type:

Tuple[int, int]

Returns:

Tuple containing as first entry the value \(s = 1 - 2 \cdot \delta_A\). The second entry is the value \(\delta_A\).

static step_4h(s, alpha, alpha_tilde, d_enc, beta_is_enc, w_is_enc, delta_a, scheme_dgk)[source]

For each \(i, 0 \leq i < l\), \(A\) computes \([c_i] = [s] \cdot [\alpha_i] \cdot [d]^{\tilde{\alpha}_i-\alpha_i} \cdot [\beta_i]^{-1} \cdot (\Pi^{l-1}_{j=i+1}[w_j])^3 \mod n\). We add an additional value \([c_{-1}]\), with \(c_{-1}=\delta_A + \Sigma^{l-1}_{i=0}(x_i \oplus y_i)\) to also make the scheme work in case of equality of \(x\) and \(y\).

Parameters:

  • s (int) – The value \(s\) from step 4g.

  • alpha (List[int]) – The value \(\alpha\) from step 3.

  • alpha_tilde (List[int]) – The value \(\tilde{\alpha}\) from step 4e.

  • d_enc (DGKCiphertext) – Encrypted value of \(d\): \([d]\).

  • beta_is_enc (List[DGKCiphertext]) – List containing the encrypted values of the bits \(\beta_i\): \([\beta_i], 0 \leq i < l\).

  • w_is_enc (List[DGKCiphertext]) – List containing the encrypted values of the bits \(w_i\): \([w_i], 0 \leq i < l\).

  • delta_a (int) – The value \(\delta_A\) from step 4g.

  • scheme_dgk (DGK) – DGK encryption scheme.

Return type:

List[DGKCiphertext]

Returns:

List containing the encrypted values of the bits \(c_i\): \([c_i] = [s] \cdot [\alpha_i] \cdot [d]^{\tilde{\alpha}_i-\alpha_i} \cdot [\beta_i]^{-1} \cdot (\Pi^{l-1}_{j=i+1}[w_j])^3 \mod n, 0 \leq i < l\).

static step_4i(c_is_enc, scheme_dgk, do_shuffle=True)[source]

\(A\) blinds the numbers \(c_i\) by raising them to a random non-zero exponent \(r_i \in \{1,\ldots,u-1\}\).

Parameters:

  • c_is_enc (List[DGKCiphertext]) – List containing the encrypted values of the bits \(c_i\): \([c_i], 0 \leq i < l\).

  • scheme_dgk (DGK) – DGK encryption scheme.

  • do_shuffle (bool) – Boolean parameter stating whether or not the bits should be shuffled randomly.

Return type:

List[DGKCiphertext]

Returns:

List containing the encrypted values of the masked bits \(c_i\): \([c_i], 0 \leq i < l\).

static step_6(delta_a, delta_b_enc)[source]

\(A\) computes \([[(\beta < \alpha)]]\) as follows: if \(\delta_A = 1\) then \([[(\beta < \alpha)]] \leftarrow [[\delta_B]]\) else \([[(\beta < \alpha)]] \leftarrow [[1]] \cdot [[\delta_B]]^{-1} \mod N^2\).

Parameters:

  • delta_a (int) – The value \(\delta_A\) from step 4g.

  • delta_b_enc (PaillierCiphertext) – Encrypted value of \(\delta_B\): \([[\delta_B]]\).

Return type:

PaillierCiphertext

Returns:

Encrypted value of \((\beta < \alpha)\): \([[(\beta < \alpha)]]\).

static step_7(zeta_1_enc, zeta_2_enc, r, l, beta_lt_alpha_enc, scheme_paillier)[source]

\(A\) computes \([[(x \leq y)]] \leftarrow [[\zeta]] \cdot ([[ r \div 2^l]] \cdot [[(\beta < \alpha)]])^{-1} \mod N^2\), where \(\zeta = \zeta_1\), if \(r < (N - 1) / 2\), else \(\zeta = \zeta_2\).

Parameters:

  • zeta_1_enc (PaillierCiphertext) – Encrypted value of \(\zeta_1\): \([[\zeta_1]]\).

  • zeta_2_enc (PaillierCiphertext) – Encrypted value of \(\zeta_2\): \([[\zeta_2]]\).

  • r (int) – The randomness value \(r\) from step 1.

  • l (int) – Fixed value, such that \(0 \leq x,y < 2^l\), for any \(x, y\) that will be given as input to this method.

  • beta_lt_alpha_enc (PaillierCiphertext) – Encrypted value of \((\beta < \alpha)\): \([[(\beta < \alpha)]]\).

  • scheme_paillier (Paillier) – Paillier encryption scheme.

Return type:

PaillierCiphertext

Returns:

Encrypted value of \((x \leq y)\): \([[(x \leq y)]]\). This is the final result of the computation.