Add mixnets to election workflow

This commit is contained in:
Yingtong Li 2017-09-28 19:37:10 +10:00
parent b2bc6980cb
commit 3427b376b5
Signed by: RunasSudo
GPG Key ID: 7234E476BF21C61A
6 changed files with 153 additions and 63 deletions

View File

@ -61,7 +61,7 @@ class WorkflowTask(EmbeddedObject):
@classmethod @classmethod
def satisfies(cls, descriptor): def satisfies(cls, descriptor):
return cls._name == descriptor or descriptor in cls.provides return cls._name == descriptor or descriptor in cls.provides or (descriptor in EosObject.objects and issubclass(cls, EosObject.objects[descriptor]))
def on_enter(self): def on_enter(self):
self.exit() self.exit()

View File

@ -71,7 +71,6 @@ class PrimitiveField(Field):
DictField = PrimitiveField DictField = PrimitiveField
IntField = PrimitiveField IntField = PrimitiveField
ListField = PrimitiveField
StringField = PrimitiveField StringField = PrimitiveField
class EmbeddedObjectField(Field): class EmbeddedObjectField(Field):
@ -161,8 +160,10 @@ class EosObject(metaclass=EosObjectType):
@staticmethod @staticmethod
def serialise_and_wrap(value, object_type=None): def serialise_and_wrap(value, object_type=None):
if object_type: if object_type:
return value.serialise() if value:
return {'type': value._name, 'value': value.serialise()} return value.serialise()
return None
return {'type': value._name, 'value': (value.serialise() if value else None)}
@staticmethod @staticmethod
def deserialise_and_unwrap(value, object_type=None): def deserialise_and_unwrap(value, object_type=None):
@ -206,6 +207,13 @@ class EosList(EosObject):
self.impl = list(*args) self.impl = list(*args)
def post_init(self):
for i in range(len(self.impl)):
val = self.impl[i]
val._instance = (self, i)
if not val._inited:
val.post_init()
# Lists in JS are implemented as native Arrays, so no cheating here :( # Lists in JS are implemented as native Arrays, so no cheating here :(
def __len__(self): def __len__(self):
return len(self.impl) return len(self.impl)

View File

@ -14,6 +14,7 @@
# You should have received a copy of the GNU Affero General Public License # You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
from eos.core.bigint import *
from eos.core.objects import * from eos.core.objects import *
from eos.base.election import * from eos.base.election import *
from eos.psr.bitstream import * from eos.psr.bitstream import *
@ -46,9 +47,16 @@ class Trustee(EmbeddedObject):
name = StringField() name = StringField()
email = StringField() email = StringField()
class MixChallengeResponse(EmbeddedObject):
index = IntField()
reenc = EmbeddedObjectListField(BigInt)
rand = EmbeddedObjectField(BigInt)
class MixingTrustee(Trustee): class MixingTrustee(Trustee):
mix_order = IntField() mixed_questions = ListField(EmbeddedObjectListField(BlockEncryptedAnswer))
mixed_questions = EmbeddedObjectListField() commitments = ListField(EmbeddedObjectListField(BigInt))
challenge = EmbeddedObjectField(BigInt)
response = ListField(EmbeddedObjectListField(MixChallengeResponse))
class PSRElection(Election): class PSRElection(Election):
_db_name = Election._name _db_name = Election._name

View File

@ -19,7 +19,11 @@ from eos.core.objects import *
from eos.psr.election import * from eos.psr.election import *
class RPCMixnet: class RPCMixnet:
def __init__(self): def __init__(self, mix_order):
self.mix_order = mix_order
self.is_left = (self.mix_order % 2 == 0)
self.params = [] self.params = []
def random_permutation(self, n): def random_permutation(self, n):
@ -54,26 +58,26 @@ class RPCMixnet:
# Record the parameters # Record the parameters
permutations_and_reenc.append([permutations[i], block_reencryptions, block.public_key.group.random_element(), block.public_key.group.random_element()]) permutations_and_reenc.append([permutations[i], block_reencryptions, block.public_key.group.random_element(), block.public_key.group.random_element()])
commitments_left = [] commitments = []
for i in range(len(permutations_and_reenc)): if self.is_left:
val = permutations_and_reenc[i] for i in range(len(permutations_and_reenc)):
val_json = [val[0], [str(x) for x in val[1]], str(val[2])] val = permutations_and_reenc[i]
commitments_left.append(EosObject.to_sha256(EosObject.to_json(val_json))[0]) val_obj = MixChallengeResponse(index=val[0], reenc=val[1], rand=val[2])
commitments.append(EosObject.to_sha256(EosObject.to_json(val_obj.serialise()))[1])
commitments_right = [] else:
for i in range(len(permutations_and_reenc)): for i in range(len(permutations_and_reenc)):
# Find the answer that went to 'i' # Find the answer that went to 'i'
idx = next(idx for idx in range(len(permutations_and_reenc)) if permutations_and_reenc[idx][0] == i) idx = next(idx for idx in range(len(permutations_and_reenc)) if permutations_and_reenc[idx][0] == i)
val = permutations_and_reenc[idx] val = permutations_and_reenc[idx]
val_json = [idx, [str(x) for x in val[1]], str(val[3])] val_obj = MixChallengeResponse(index=idx, reenc=val[1], rand=val[3])
commitments_right.append(EosObject.to_sha256(EosObject.to_json(val_json))[0]) commitments.append(EosObject.to_sha256(EosObject.to_json(val_obj.serialise()))[1])
self.params = permutations_and_reenc self.params = permutations_and_reenc
return shuffled_answers, commitments_left, commitments_right return shuffled_answers, commitments
def challenge(self, i, is_left): def challenge(self, i):
if is_left: if self.is_left:
val = self.params[i] val = self.params[i]
return [val[0], val[1], val[2]] return [val[0], val[1], val[2]]
else: else:

View File

@ -119,7 +119,7 @@ class MixnetTestCase(EosTestCase):
# Generate plaintexts # Generate plaintexts
pts = [] pts = []
for i in range(10): for i in range(4):
pts.append(sk.public_key.group.random_element()) pts.append(sk.public_key.group.random_element())
# Encrypt plaintexts # Encrypt plaintexts
@ -130,44 +130,50 @@ class MixnetTestCase(EosTestCase):
ct = bs.map(sk.public_key.encrypt, sk.public_key.group.p.nbits() - 1) ct = bs.map(sk.public_key.encrypt, sk.public_key.group.p.nbits() - 1)
answers.append(BlockEncryptedAnswer(blocks=ct)) answers.append(BlockEncryptedAnswer(blocks=ct))
# Set up mixnet def do_mixnet(mix_order):
mixnet = RPCMixnet() # Set up mixnet
mixnet = RPCMixnet(mix_order)
# Mix answers
shuffled_answers, commitments_left, commitments_right = mixnet.shuffle(answers)
# Decrypt shuffle
msgs = []
for i in range(len(shuffled_answers)):
bs = BitStream.unmap(shuffled_answers[i].blocks, sk.decrypt, sk.public_key.group.p.nbits() - 1)
m = bs.read()
msgs.append(m)
# Check decryption
self.assertEqual(set(int(x) for x in pts), set(int(x) for x in msgs))
# Check commitments
def verify_shuffle(idx_left, idx_right, reencs):
claimed_blocks = shuffled_answers[idx_right].blocks
for j in range(len(answers[idx_left].blocks)):
reencrypted_block, _ = answers[idx_left].blocks[j].reencrypt(reencs[j])
self.assertEqual(claimed_blocks[j].gamma, reencrypted_block.gamma)
self.assertEqual(claimed_blocks[j].delta, reencrypted_block.delta)
for i in range(len(pts)):
# Left
perm, reencs, rand = mixnet.challenge(i, True)
val_json = [perm, [str(x) for x in reencs], str(rand)]
self.assertEqual(commitments_left[i], EosObject.to_sha256(EosObject.to_json(val_json))[0])
verify_shuffle(i, perm, reencs)
# Right # Mix answers
perm, reencs, rand = mixnet.challenge(i, False) shuffled_answers, commitments = mixnet.shuffle(answers)
val_json = [perm, [str(x) for x in reencs], str(rand)]
self.assertEqual(commitments_right[i], EosObject.to_sha256(EosObject.to_json(val_json))[0]) # Decrypt shuffle
verify_shuffle(perm, i, reencs) msgs = []
for i in range(len(shuffled_answers)):
bs = BitStream.unmap(shuffled_answers[i].blocks, sk.decrypt, sk.public_key.group.p.nbits() - 1)
m = bs.read()
msgs.append(m)
# Check decryption
self.assertEqual(set(int(x) for x in pts), set(int(x) for x in msgs))
# Check commitments
def verify_shuffle(idx_left, idx_right, reencs):
claimed_blocks = shuffled_answers[idx_right].blocks
for j in range(len(answers[idx_left].blocks)):
reencrypted_block, _ = answers[idx_left].blocks[j].reencrypt(reencs[j])
self.assertEqual(claimed_blocks[j].gamma, reencrypted_block.gamma)
self.assertEqual(claimed_blocks[j].delta, reencrypted_block.delta)
for i in range(len(pts)):
perm, reencs, rand = mixnet.challenge(i)
val_obj = MixChallengeResponse(index=perm, reenc=reencs, rand=rand)
self.assertEqual(commitments[i], EosObject.to_sha256(EosObject.to_json(val_obj.serialise()))[1])
if mixnet.is_left:
verify_shuffle(i, perm, reencs)
else:
verify_shuffle(perm, i, reencs)
# NB: This isn't doing it in sequence, it's just testing a left mixnet and a right mixnet respectively
do_mixnet(0)
do_mixnet(1)
class ElectionTestCase(EosTestCase): class ElectionTestCase(EosTestCase):
@classmethod
def setUpClass(cls):
client.drop_database('test')
def do_task_assert(self, election, task, next_task): def do_task_assert(self, election, task, next_task):
self.assertEqual(election.workflow.get_task(task).status, WorkflowTask.Status.READY) self.assertEqual(election.workflow.get_task(task).status, WorkflowTask.Status.READY)
if next_task is not None: if next_task is not None:
@ -191,7 +197,7 @@ class ElectionTestCase(EosTestCase):
election.voters.append(voter) election.voters.append(voter)
for i in range(3): for i in range(3):
mixing_trustee = MixingTrustee(mix_order=i) mixing_trustee = MixingTrustee()
election.mixing_trustees.append(mixing_trustee) election.mixing_trustees.append(mixing_trustee)
election.sk = EGPrivateKey.generate() election.sk = EGPrivateKey.generate()
@ -225,7 +231,38 @@ class ElectionTestCase(EosTestCase):
election.save() election.save()
# Close voting # Close voting
self.do_task_assert(election, 'eos.base.workflow.TaskCloseVoting', 'eos.base.workflow.TaskDecryptVotes') self.do_task_assert(election, 'eos.base.workflow.TaskCloseVoting', 'eos.psr.workflow.TaskMixVotes')
election.save()
# Mix votes
election.workflow.get_task('eos.psr.workflow.TaskMixVotes').enter()
election.save()
# Do the mix
for i in range(len(election.questions)):
for j in range(len(election.mixing_trustees)):
mixnet = RPCMixnet(j)
if j > 0:
orig_answers = election.mixing_trustees[j - 1].mixed_questions[i]
else:
orig_answers = []
for voter in election.voters:
for ballot in voter.ballots:
orig_answers.append(ballot.encrypted_answers[i])
shuffled_answers, commitments = mixnet.shuffle(orig_answers)
election.mixing_trustees[j].mixed_questions.append(EosList(shuffled_answers))
election.mixing_trustees[j].commitments.append(EosList(commitments))
election.workflow.get_task('eos.psr.workflow.TaskMixVotes').exit()
election.save()
# Verify mixes
election.workflow.get_task('eos.psr.workflow.TaskVerifyMixes').enter()
election.save()
# TODO
election.workflow.get_task('eos.psr.workflow.TaskVerifyMixes').exit()
election.save() election.save()
# Decrypt votes, for realsies # Decrypt votes, for realsies

View File

@ -16,10 +16,41 @@
from eos.core.objects import * from eos.core.objects import *
from eos.base.workflow import * from eos.base.workflow import *
import eos.base.workflow
# Concrete tasks # Concrete tasks
# ============== # ==============
class TaskMixVotes(WorkflowTask):
depends_on = ['eos.base.workflow.TaskCloseVoting']
def on_enter(self):
# Do not automatically exit this task
pass
class TaskVerifyMixes(WorkflowTask):
depends_on = ['eos.psr.workflow.TaskMixVotes']
def on_enter(self):
# Do not automatically exit this task
pass
class TaskDecryptVotes(eos.base.workflow.TaskDecryptVotes):
depends_on = ['eos.psr.workflow.TaskVerifyMixes']
def on_enter(self):
election = self.recurse_parents('eos.base.election.Election')
for _ in range(len(election.questions)):
election.results.append(EosObject.objects['eos.base.election.RawResult']())
for i in range(len(election.mixing_trustees[-1].mixed_questions)):
for encrypted_answer in election.mixing_trustees[-1].mixed_questions[i]:
answer = encrypted_answer.decrypt()
election.results[i].answers.append(answer)
self.exit()
# Concrete workflows # Concrete workflows
# ================== # ==================
@ -30,5 +61,7 @@ class PSRWorkflow(Workflow):
self.tasks.append(TaskConfigureElection()) self.tasks.append(TaskConfigureElection())
self.tasks.append(TaskOpenVoting()) self.tasks.append(TaskOpenVoting())
self.tasks.append(TaskCloseVoting()) self.tasks.append(TaskCloseVoting())
self.tasks.append(TaskDecryptVotes()) self.tasks.append(TaskMixVotes())
self.tasks.append(TaskVerifyMixes())
self.tasks.append(TaskDecryptVotes()) # The PSR one, not the base one
self.tasks.append(TaskReleaseResults()) self.tasks.append(TaskReleaseResults())