nd: fixes
This commit is contained in:
parent
c9df69a83f
commit
8bba17f754
|
|
@ -70,7 +70,7 @@ public:
|
|||
}
|
||||
|
||||
matrix operator* (const matrix&);
|
||||
void mult (const matrix&);
|
||||
void mult (const matrix&); //right multiply - this*param
|
||||
|
||||
void compute_transpose (matrix&);
|
||||
bool compute_inversion (matrix&);
|
||||
|
|
@ -246,10 +246,10 @@ public:
|
|||
int prepare();
|
||||
|
||||
uint cipher_size() {
|
||||
return Pinv.size();
|
||||
return Sinv.size();
|
||||
}
|
||||
uint plain_size() {
|
||||
return Sinv.width();
|
||||
return Pinv.size();
|
||||
}
|
||||
uint plain_weight() {
|
||||
return g.degree();
|
||||
|
|
|
|||
|
|
@ -146,8 +146,8 @@ int privkey::sign (const bvector&in, bvector&out, uint delta, uint attempts, prn
|
|||
if (syndrome_decode (synd, fld, g, sqInv, e2, true) ) {
|
||||
|
||||
//create the decodable message
|
||||
p.add(e);
|
||||
p.add(e2);
|
||||
p.add (e);
|
||||
p.add (e2);
|
||||
|
||||
hperm.permute (p, e2); //back to systematic
|
||||
e2.resize (signature_size() ); //strip checks
|
||||
|
|
|
|||
27
lib/nd.cpp
27
lib/nd.cpp
|
|
@ -23,18 +23,27 @@ int nd::generate (pubkey&pub, privkey&priv, prng&rng, uint m, uint t)
|
|||
S.compute_inversion (priv.Sinv);
|
||||
|
||||
//permutation
|
||||
permutation P;
|
||||
P.generate_random (h.width(), rng);
|
||||
P.compute_inversion (priv.Pinv);
|
||||
priv.Pinv.generate_random (h.width(), rng);
|
||||
|
||||
/*
|
||||
* note: we actually don't need the inversion, as it inverts itself
|
||||
* when permuting SH to pubkey.
|
||||
*/
|
||||
|
||||
//pubkey
|
||||
pub.t = t;
|
||||
S.mult (h);
|
||||
P.permute (S, pub.H);
|
||||
priv.Pinv.permute (S, pub.H);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int privkey::prepare ()
|
||||
{
|
||||
g.compute_square_root_matrix (sqInv, fld);
|
||||
return 0;
|
||||
}
|
||||
|
||||
int pubkey::encrypt (const bvector& in, bvector&out)
|
||||
{
|
||||
if (in.size() != plain_size() ) return 1;
|
||||
|
|
@ -64,22 +73,22 @@ int privkey::sign (const bvector&in, bvector&out, uint delta, uint attempts, prn
|
|||
{
|
||||
uint i, s, t;
|
||||
|
||||
bvector synd_orig, synd, e;
|
||||
bvector synd_unsc, synd, e;
|
||||
|
||||
s = hash_size();
|
||||
if (in.size() != s) return 2;
|
||||
|
||||
Sinv.mult_vec_right (in, synd_orig);
|
||||
|
||||
for (t = 0; t < attempts; ++t) {
|
||||
|
||||
synd = synd_orig;
|
||||
synd = in;
|
||||
for (i = 0; i < delta; ++i) {
|
||||
uint pos = rng.random (s);
|
||||
synd[pos] = !synd[pos]; //flip a bit
|
||||
}
|
||||
|
||||
if (syndrome_decode (synd, fld, g, sqInv, e, true) ) {
|
||||
Sinv.mult_vec_right (synd, synd_unsc);
|
||||
|
||||
if (syndrome_decode (synd_unsc, fld, g, sqInv, e, true) ) {
|
||||
|
||||
Pinv.permute (e, out);
|
||||
return 0;
|
||||
|
|
|
|||
Loading…
Reference in a new issue