More efficient serialization for G1

Improves performance of hbAVSS batch

honeybadgermpc/betterpairing.py

@@ -1,6 +1,7 @@
 from pypairing import PyFq, PyFq2, PyFq12, PyFqRepr, PyG1, PyG2, PyFr
 import random
 import re
+import struct
 
 # Order of BLS group
 bls12_381_r = 52435875175126190479447740508185965837690552500527637822603658699938581184513  # (# noqa: E501)
@@ -41,7 +42,7 @@ class G1:
     def __init__(self, other=None):
         if other is None:
             self.pyg1 = PyG1()
-        if type(other) is list:
+        elif type(other) is list:
             assert len(other) == 2
             assert len(other[0]) == 6
             x = PyFqRepr(other[0][0], other[0][1], other[0][2],
@@ -56,6 +57,8 @@ def __init__(self, other=None):
             self.pyg1.load_fq_affine(xq, yq)
         elif type(other) is PyG1:
             self.pyg1 = other
+        else:
+            raise TypeError(str(type(other)))
 
     def __str__(self):
         x = int(self.pyg1.__str__()[4:102], 0)
@@ -149,10 +152,11 @@ def __getstate__(self):
         for i in range(6):
             xlist[i] = int(xlist[i], 16)
             ylist[i] = int(ylist[i], 16)
-        return [xlist, ylist]
+        return struct.pack('QQQQQQQQQQQQ', *(xlist+ylist))
 
     def __setstate__(self, d):
-        self.__init__(d)
+        xylist = struct.unpack('QQQQQQQQQQQQ', d)
+        self.__init__([xylist[:6], xylist[6:]])
 
     def preprocess(self, level=4):
         assert type(level) is int

honeybadgermpc/hbavss.py

@@ -341,12 +341,12 @@ async def _handle_implication(
             return False
         # decrypt and verify
         implicate_msg = await avid.retrieve(tag, j)
-        j_z = loads(implicate_msg)
         j_shared_key = pow(ephemeral_public_key, j_pk)
         try:
             j_share, j_aux, j_witnesses = SymmetricCrypto.decrypt(
-                str(j_shared_key).encode(), j_z[j_k])
-        except Exception:
+                str(j_shared_key).encode(), implicate_msg)[j_k]
+        except Exception as e:  # TODO specific exception
+            logging.warn('Implicate confirmed, bad encryption: {e}')
             return True
         return not self.poly_commit.verify_eval(
             commitments[j_k], j+1, j_share, j_aux, j_witnesses)
@@ -363,7 +363,6 @@ def multicast(msg):
         commitments, ephemeral_public_key = loads(rbc_msg)
         # retrieve the z
         dispersal_msg = await avid.retrieve(tag, self.my_id)
-        encrypted_witnesses = loads(dispersal_msg)
 
         secret_count = len(commitments)
 
@@ -375,14 +374,16 @@ def multicast(msg):
         witnesses = [None] * secret_count
         # Decrypt
         all_shares_valid = True
-        for k in range(secret_count):
-            try:
-                shares[k], auxes[k], witnesses[k] = SymmetricCrypto.decrypt(
-                    str(shared_key).encode(), encrypted_witnesses[k])
-            except Exception:
-                all_shares_valid = False
-                multicast((HbAVSSMessageType.IMPLICATE, self.private_key, k))
-                break
+        try:
+            all_wits = SymmetricCrypto.decrypt(str(shared_key).encode(),
+                                               dispersal_msg)
+            for k in range(secret_count):
+                shares[k], auxes[k], witnesses[k] = all_wits[k]
+        except ValueError as e:  # TODO: more specific exception
+            logging.warn('Implicate due to failure in decrypting: {e}')
+            all_shares_valid = False
+            multicast((HbAVSSMessageType.IMPLICATE, self.private_key, 0))
+
         # call if decryption was successful
         if all_shares_valid:
             if not self.poly_commit.batch_verify_eval(
@@ -524,9 +525,11 @@ def _get_dealer_msg(self, values, n):
             z = [None] * secret_count
             for k in range(secret_count):
                 witness = self.poly_commit.create_witness(phi[k], aux_poly[k], i+1)
-                z[k] = SymmetricCrypto.encrypt(str(shared_key).encode(),
-                                               (phi[k](i+1), aux_poly[k](i+1), witness))
-            dispersal_msg_list[i] = dumps(z)
+                z[k] = (int(phi[k](i+1)),
+                        int(aux_poly[k](i+1)),
+                        witness)
+            zz = SymmetricCrypto.encrypt(str(shared_key).encode(), z)
+            dispersal_msg_list[i] = zz
 
         return dumps((commitments, ephemeral_public_key)), dispersal_msg_list
 

tests/test_betterpairing.py

@@ -47,6 +47,10 @@ def test_serialization():
     c = G2.rand()
     d = GT.rand()
     assert a == ZR(a.__getstate__())
-    assert b == G1(b.__getstate__())
+    # assert b == G1(b.__getstate__())
     assert c == G2(c.__getstate__())
     assert d == GT(d.__getstate__())
+
+    bb = G1();
+    bb.__setstate__(b.__getstate__())
+    assert bb == b

tests/test_hbavss.py

@@ -395,14 +395,11 @@ def _get_dealer_msg(self, values, n):
                 for k in range(secret_size):
                     witness = self.poly_commit.create_witness(phi[k], aux_poly[k], i+1)
                     if (i == fault_n and k == fault_k):
-                        z[k] = SymmetricCrypto.encrypt(
-                            str(shared_key).encode("utf-8"),
-                            (ZR.random(), ZR.random(), witness))
+                        z[k] = (ZR.random(), ZR.random(), witness)
                     else:
-                        z[k] = SymmetricCrypto.encrypt(
-                            str(shared_key).encode("utf-8"),
-                            (phi[k](i+1), aux_poly[k](i+1), witness))
-                dispersal_msg_list[i] = dumps(z)
+                        z[k] = (phi[k](i+1), aux_poly[k](i+1), witness)
+                zz = SymmetricCrypto.encrypt(str(shared_key).encode(), z)
+                dispersal_msg_list[i] = zz
             return dumps((commitments, ephemeral_public_key)), dispersal_msg_list
 
     t = 2
@@ -479,14 +476,11 @@ def _get_dealer_msg(self, values, n):
                 for k in range(secret_size):
                     witness = self.poly_commit.create_witness(phi[k], aux_poly[k], i+1)
                     if (i in fault_n_list):
-                        z[k] = SymmetricCrypto.encrypt(
-                            str(shared_key).encode("utf-8"),
-                            (ZR.random(), ZR.random(), witness))
+                        z[k] = (ZR.random(), ZR.random(), witness)
                     else:
-                        z[k] = SymmetricCrypto.encrypt(
-                            str(shared_key).encode("utf-8"),
-                            (phi[k](i+1), aux_poly[k](i+1), witness))
-                dispersal_msg_list[i] = dumps(z)
+                        z[k] = (phi[k](i+1), aux_poly[k](i+1), witness)
+                zz = SymmetricCrypto.encrypt(str(shared_key).encode(), z)
+                dispersal_msg_list[i] = zz
             return dumps((commitments, ephemeral_public_key)), dispersal_msg_list
 
     t = 2
@@ -559,14 +553,11 @@ def _get_dealer_msg(self, values, n):
                 for k in range(secret_size):
                     witness = self.poly_commit.create_witness(phi[k], aux_poly[k], i+1)
                     if (i == fault_n):
-                        z[k] = SymmetricCrypto.encrypt(
-                            str(ZR.random()).encode("utf-8"),
-                            (ZR.random(), ZR.random(), witness))
+                        z[k] = (ZR.random(), ZR.random(), witness)
                     else:
-                        z[k] = SymmetricCrypto.encrypt(
-                            str(shared_key).encode("utf-8"),
-                            (phi[k](i+1), aux_poly[k](i+1), witness))
-                dispersal_msg_list[i] = dumps(z)
+                        z[k] = (phi[k](i+1), aux_poly[k](i+1), witness)
+                zz = SymmetricCrypto.encrypt(str(shared_key).encode(), z)
+                dispersal_msg_list[i] = zz
             return dumps((commitments, ephemeral_public_key)), dispersal_msg_list
 
     t = 2