Skip to content

Commit

Permalink
Implement case 2 and 3 better.
Browse files Browse the repository at this point in the history
  • Loading branch information
@dfaranha
dfaranha committed Oct 9, 2024
1 parent e8b5029 commit ac2aac6
Showing 1 changed file with 17 additions and 4 deletions.
21 changes: 17 additions & 4 deletions src/cp/relic_cp_pcdel.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -719,7 +719,7 @@ int cp_amprd_gen(bn_t *ls, g2_t *rs, bn_t c, bn_t r, bn_t d, g1_t u, g2_t v,
bn_t x, gt_t e, size_t m) {
bn_t n, xi;
int result = RLC_OK;
size_t i, j, l, eps;
size_t i, j, l, eps, bound = RLC_MIN(m, pc_param_level() - RAND_DIST);
int8_t naf[RLC_FP_BITS + 1];

bn_null(n);
Expand All @@ -741,15 +741,16 @@ int cp_amprd_gen(bn_t *ls, g2_t *rs, bn_t c, bn_t r, bn_t d, g1_t u, g2_t v,
cp_amore_gen(c, r, d, u, v, x, e, 1, 1, 0, 1);
eps = gt_size_bin(e, 1) / g2_size_bin(rs[0], 1);

for (i = 0; i < RLC_MIN(m, pc_param_level() - RAND_DIST); i++) {
for (i = 0; i < bound; i++) {
if (ep_curve_is_pairf() == EP_BN) {
bn_rand(ls[i + 1], RLC_POS, eps + BND_STORE);
} else {
bn_rand_frb(ls[i + 1], &(core_get()->par), n, eps + BND_STORE);
}
g2_mul(rs[i + 1], rs[0], ls[i + 1]);
}
for (; i < m; i++) {
for (; i < 0; i++) {
/* Case 2 is too slow in practice, so move directly to case 3. */
bn_rand(xi, RLC_POS, pc_param_level() - RAND_DIST);
l = RLC_FP_BITS + 1;
bn_rec_naf(naf, &l, xi, 2);
Expand All @@ -767,7 +768,19 @@ int cp_amprd_gen(bn_t *ls, g2_t *rs, bn_t c, bn_t r, bn_t d, g1_t u, g2_t v,
}
bn_mod(ls[i + 1], ls[i + 1], n);
}
if (m != RLC_MIN(m, pc_param_level() - RAND_DIST)) {
for (; i < m; i++) {
bn_zero(ls[i + 1]);
g2_set_infty(rs[i + 1]);
for (j = 0; j < bound/3; j++) {
size_t index;
rand_bytes((unsigned char *)&index, sizeof(size_t));
index = index % i;
bn_add(ls[i + 1], ls[i + 1], ls[index + 1]);
g2_add(rs[i + 1], rs[i + 1], rs[index + 1]);
}
bn_mod(ls[i + 1], ls[i + 1], n);
}
if (m != bound) {
g2_norm_sim(rs + RLC_MIN(m, pc_param_level() - RAND_DIST) + 1,
rs + RLC_MIN(m, pc_param_level() - RAND_DIST) + 1,
m - RLC_MIN(m, pc_param_level() - RAND_DIST) - 1);
Expand Down

0 comments on commit ac2aac6

Please sign in to comment.