feat: verify ciphertext#32
Conversation
| } | ||
|
|
||
| ct := new(tfhe.TfheCiphertext) | ||
| ct.Serialization = ctBytes |
There was a problem hiding this comment.
@lovenoble this make sense. but we should try deserialize the ciphertext in order to ensure it is valid format like tfhe does? I guess we need to add TODO comments.
There was a problem hiding this comment.
So I check the format after decrypting it in the following lines of codes.
There was a problem hiding this comment.
So I check the format after decrypting it in the following lines of codes.
There was a problem hiding this comment.
@lovenoble Got it. But i see that the tfhe uses deserializecompact function which produces non-compact ciphertext serialization from compacted one. Guess like the original meaning of verifyCipherTextRun function gets changed in this implementation. I think its original purpose was to deserialize the compacted cipher text and returns hash of it.
There was a problem hiding this comment.
I'm not sure how to implement compact serialization. Do you have any idea about it? And do we need a compact serialization for TEE case, @amaury1093 , @kenta-mori3322 ?
There was a problem hiding this comment.
@lovenoble yeah actually was trying to decode rust code to golang.
There was a problem hiding this comment.
Hi @lovenoble we have actually agreed on the fact that we won't use compacted ciphertext for TEE as it won't be so long. I think I can approve your PR.
| return plaintext, nil | ||
| } | ||
|
|
||
| func GetTeeCiphertextSize(t tfhe.FheUintType) (size uint, found bool) { |
There was a problem hiding this comment.
@lovenoble Are you 100% sure that if I do:
tee.Encrypt(NewTeePlaintext(1, tfhe.Uint64))
tee.Encrypt(NewTeePlaintext(2, tfhe.Uint64))
the two ciphertexts will have the same length? Does that hold true for all elliptic curve signatures?
another question:
tee.Encrypt(NewTeePlaintext(1, tfhe.Uint64))
tee.Encrypt(NewTeePlaintext(1, tfhe.Uint32))
Are the 2 ciphertext lengths still the same?
There was a problem hiding this comment.
In general, I'd like to see in this PR the teeCiphertextSize table, what sizes we have.
For now we chose ECIES. This might change though, I would like to know if this table is still useful if we change to something else.
There was a problem hiding this comment.
The result will have the same length as long as the input length and the type are the same.
https://github.com/Inco-fhevm/zbc-go-ethereum/blob/master/crypto/ecies/ecies.go#L232
The output lenght is ct = make([]byte, len(Rb)+len(em)+len(d)), where
em, err := symEncrypt(rand, params, Ke, m)
d := messageTag(params.Hash, Km, em, s2)
Rb := elliptic.Marshal(pub.Curve, R.PublicKey.X, R.PublicKey.Y)
When we look into these functions, we can get to know that they will return the constant length for the input of same length.
As for the second question, it will usually have different lengths.
3 participants
No description provided.