Skip to content

Commit

Permalink
Sigma verifier batching
Browse files Browse the repository at this point in the history
  • Loading branch information
AaronFeickert committed Jun 2, 2021
1 parent 677b54c commit a256f64
Show file tree
Hide file tree
Showing 6 changed files with 279 additions and 259 deletions.
2 changes: 1 addition & 1 deletion src/sigma/sigma_primitives.h
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ class SigmaPrimitives {

static void convert_to_sigma(uint64_t num, uint64_t n, uint64_t m, std::vector<Exponent>& out);

static std::vector<uint64_t> convert_to_nal(uint64_t num, uint64_t n, uint64_t m);
static std::vector<std::size_t> convert_to_nal(std::size_t num, std::size_t n, std::size_t m);

static void generate_challenge(const std::vector<GroupElement>& group_elements,
Exponent& result_out);
Expand Down
17 changes: 7 additions & 10 deletions src/sigma/sigma_primitives.hpp
Original file line number Diff line number Diff line change
Expand Up @@ -44,19 +44,16 @@ void SigmaPrimitives<Exponent, GroupElement>::convert_to_sigma(
}

template<class Exponent, class GroupElement>
std::vector<uint64_t> SigmaPrimitives<Exponent, GroupElement>::convert_to_nal(
uint64_t num,
uint64_t n,
uint64_t m) {
std::vector<uint64_t> result;
uint64_t rem;
uint64_t j = 0;
std::vector<std::size_t> SigmaPrimitives<Exponent, GroupElement>::convert_to_nal(
std::size_t num,
std::size_t n,
std::size_t m) {
std::vector<std::size_t> result;
result.reserve(m);
while (num != 0)
{
rem = num % n;
result.emplace_back(num % n);
num /= n;
result.push_back(rem);
j++;
}
result.resize(m);
return result;
Expand Down
26 changes: 13 additions & 13 deletions src/sigma/sigmaplus_prover.hpp
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ void SigmaPlusProver<Exponent, GroupElement>::proof(
// Values of Ro_k from Figure 5.
std::vector<Exponent> Pk;
Pk.resize(m_);
for (int k = 0; k < m_; ++k) {
for (std::size_t k = 0; k < m_; ++k) {
Pk[k].randomize();
}
R1ProofGenerator<secp_primitives::Scalar, secp_primitives::GroupElement> r1prover(g_, h_, sigma, rB, n_, m_);
Expand All @@ -49,10 +49,10 @@ void SigmaPlusProver<Exponent, GroupElement>::proof(
// last polynomial is special case if fPadding is true
for (std::size_t i = 0; i < (fPadding ? N-1 : N); ++i) {
std::vector<Exponent>& coefficients = P_i_k[i];
std::vector<uint64_t> I = SigmaPrimitives<Exponent, GroupElement>::convert_to_nal(i, n_, m_);
std::vector<std::size_t> I = SigmaPrimitives<Exponent, GroupElement>::convert_to_nal(i, n_, m_);
coefficients.push_back(a[I[0]]);
coefficients.push_back(sigma[I[0]]);
for (int j = 1; j < m_; ++j) {
for (std::size_t j = 1; j < m_; ++j) {
SigmaPrimitives<Exponent, GroupElement>::new_factor(sigma[j * n_ + I[j]], a[j * n_ + I[j]], coefficients);
}
}
Expand All @@ -76,23 +76,23 @@ void SigmaPlusProver<Exponent, GroupElement>::proof(
* \right]
*/

std::vector<uint64_t> I = SigmaPrimitives<Exponent, GroupElement>::convert_to_nal(N-1, n_, m_);
std::vector<uint64_t> lj = SigmaPrimitives<Exponent, GroupElement>::convert_to_nal(l, n_, m_);
std::vector<std::size_t> I = SigmaPrimitives<Exponent, GroupElement>::convert_to_nal(N-1, n_, m_);
std::vector<std::size_t> lj = SigmaPrimitives<Exponent, GroupElement>::convert_to_nal(l, n_, m_);

std::vector<Exponent> p_i_sum;
p_i_sum.emplace_back(uint64_t(1));
std::vector<std::vector<Exponent>> partial_p_s;

// Pre-calculate product parts and calculate p_s(x) at the same time, put the latter into p_i_sum
for (int j = m_ - 1; j >= 0; j--) {
for (std::size_t j = m_; j > 0; j--) {
partial_p_s.push_back(p_i_sum);
SigmaPrimitives<Exponent, GroupElement>::new_factor(sigma[j * n_ + I[j]], a[j * n_ + I[j]], p_i_sum);
SigmaPrimitives<Exponent, GroupElement>::new_factor(sigma[(j - 1) * n_ + I[j - 1]], a[(j - 1) * n_ + I[j - 1]], p_i_sum);
}

for (int j = 0; j < m_; j++) {
for (std::size_t j = 0; j < m_; j++) {
// \sum_{i=s_j+1}^{n-1}(\delta_{l_j,i}x+a_{j,i})
Exponent a_sum(uint64_t(0));
for (int i = I[j] + 1; i < n_; i++)
for (std::size_t i = I[j] + 1; i < n_; i++)
a_sum += a[j * n_ + i];
Exponent x_sum(uint64_t(lj[j] >= I[j]+1 ? 1 : 0));

Expand All @@ -101,7 +101,7 @@ void SigmaPlusProver<Exponent, GroupElement>::proof(
SigmaPrimitives<Exponent, GroupElement>::new_factor(x_sum, a_sum, polynomial);

// Multiply by x^j and add to the result
for (int k = 0; k < m_ - j; k++)
for (std::size_t k = 0; k < m_ - j; k++)
p_i_sum[j + k] += polynomial[k];
}

Expand All @@ -111,10 +111,10 @@ void SigmaPlusProver<Exponent, GroupElement>::proof(
//computing G_k`s;
std::vector <GroupElement> Gk;
Gk.reserve(m_);
for (int k = 0; k < m_; ++k) {
for (std::size_t k = 0; k < m_; ++k) {
std::vector <Exponent> P_i;
P_i.reserve(N);
for (size_t i = 0; i < N; ++i) {
for (std::size_t i = 0; i < N; ++i) {
P_i.emplace_back(P_i_k[i][k]);
}
secp_primitives::MultiExponent mult(commits, P_i);
Expand All @@ -138,7 +138,7 @@ void SigmaPlusProver<Exponent, GroupElement>::proof(
z = r * x.exponent(uint64_t(m_));
Exponent sum;
Exponent x_k(uint64_t(1));
for (int k = 0; k < m_; ++k) {
for (std::size_t k = 0; k < m_; ++k) {
sum += (Pk[k] * x_k);
x_k *= x;
}
Expand Down
11 changes: 8 additions & 3 deletions src/sigma/sigmaplus_verifier.h
Original file line number Diff line number Diff line change
Expand Up @@ -11,12 +11,17 @@ class SigmaPlusVerifier{
public:
SigmaPlusVerifier(const GroupElement& g,
const std::vector<GroupElement>& h_gens,
int n, int m_);
std::size_t n, std::size_t m_);

bool verify(const std::vector<GroupElement>& commits,
const SigmaPlusProof<Exponent, GroupElement>& proof,
bool fPadding) const;

bool verify(const std::vector<GroupElement>& commits,
const SigmaPlusProof<Exponent, GroupElement>& proof,
bool fPadding,
std::size_t setSize) const;

bool batch_verify(const std::vector<GroupElement>& commits,
const std::vector<Exponent>& serials,
const vector<bool>& fPadding,
Expand All @@ -43,8 +48,8 @@ class SigmaPlusVerifier{
private:
GroupElement g_;
std::vector<GroupElement> h_;
int n;
int m;
std::size_t n;
std::size_t m;
};

} // namespace sigma
Expand Down
Loading

0 comments on commit a256f64

Please sign in to comment.