Class: ElGamalZKPoK

verificatum.crypto.ElGamalZKPoK(standard, pGroup, adapter, hashfunction, randomSource, statDist)

new ElGamalZKPoK(standard, pGroup, adapter, hashfunction, randomSource, statDist)

Generalized El Gamal cryptosystem with parameterized zero-knowledge proof of knowledge. This supports wider keys as explained in verificatum.crypto.ElGamal.

Restrictions on the ciphertexts and encrypted plaintexts are readily expressed by forming an application specific ZKPoK and setting the adapter variable.

Parameters:
Name Type Description
standard Determines if the standard or variant El Gamal cryptosystem is used.
pGroup Group G over which the cryptosystem is defined. This can be a product group if the key width is greater than one.
adapter Adapter for instantiating ZKPoKs.
hashfunction Hash function used to implement the Fiat-Shamir heuristic in ZKPoKs.
randomSource Source of randomness.
statDist Statistical distance from the uniform distribution assuming that the output of the instance of the random source is perfect.
Source:

Methods

completeEncrypt(label, publicKey, precomputed, message)

Completes the encryption.
Parameters:
Name Type Description
label Label used for encryption.
publicKey Public key.
precomputed Output from verificatum.crypto.ElGamalZKPoK.precomputeEncrypt.
message Message in G to encrypt.
Source:
Returns:
Ciphertext in the form of a byte tree.

decrypt(label, privateKey, ciphertext)

Decrypts an El Gamal ciphertext.
Parameters:
Name Type Description
label Label used for decryption.
privateKey Private key in R'.
ciphertext Ciphertext in the form of a byte tree.
Source:
Returns:
Plaintext or null to indicate that the ciphertext was invalid.

encrypt(label, publicKey, message)

Encrypts a message.
Parameters:
Name Type Description
label Label used for encryption.
publicKey Public key.
message Message in G' to encrypt.
Source:
Returns:
Ciphertext of the form of a byte tree.

gen()

Generates a key pair over the given group.
Source:
Returns:
Pair [pk, sk] such that pk is a public key in G x G or in (G x G) x G depending on if the standard or variant scheme is used, and sk is the corresponding private key contained in R.

precomputeEncrypt(publicKey)

Pre-computation for encrypting a message using verificatum.crypto.ElGamalZKPoK.completeEncrypt.
Parameters:
Name Type Description
publicKey Public key output by verificatum.crypto.ElGamalZKPoK.gen.
Source:
Returns:
A pair [e, z], where e are the values pre-computed by verificatum.crypto.ElGamal.precomputeEncrypt and z are the values pre-computed by the subclass of verificatum.crypto.ZKPoK.precompute used.