/* Cryptography functions written by Bingsheng Zhang Uses the milagro-crypto-js library at: https://github.com/milagro-crypto/milagro-crypto-js */ //Group parameter generator: returns rng object and generators g1,g2 for G1,G2 as well as order gpGen = function(){ //init, and base generators var ctx = new CTX("BN254CX"); var n=new ctx.BIG(0); n.rcopy(ctx.ROM_CURVE.CURVE_Order); //get generator P for G1 P = new ctx.ECP(0); gx = new ctx.BIG(0); gx.rcopy(ctx.ROM_CURVE.CURVE_Gx); if (ctx.ECP.CURVETYPE != ctx.ECP.MONTGOMERY) { gy = new ctx.BIG(0); gy.rcopy(ctx.ROM_CURVE.CURVE_Gy); P.setxy(gx, gy); } else P.setx(gx); //get generator Q for G2 var A=new ctx.BIG(0); var B=new ctx.BIG(0); A.rcopy(ctx.ROM_CURVE.CURVE_Pxa); B.rcopy(ctx.ROM_CURVE.CURVE_Pxb); var Qx=new ctx.FP2(0); Qx.bset(A,B); A.rcopy(ctx.ROM_CURVE.CURVE_Pya); B.rcopy(ctx.ROM_CURVE.CURVE_Pyb); var Qy=new ctx.FP2(0); Qy.bset(A,B); var Q=new ctx.ECP2(); var Q=new ctx.ECP2(); Q.setxy(Qy,Qy); return{ n:n, g1:P, g2:Q } } //creates ElGamal public and secret key keyGen=function(params){ var ctx = new CTX("BN254CX"); //set rng var RAW = []; var d = new Date();//time for seed, not secure var rng = new ctx.RAND(); rng.clean(); RAW[0] = d.getSeconds(); RAW[1] = d.getMinutes(); RAW[2] = d.getMilliseconds(); rng.seed(3, RAW); //ElGamal var sk = new ctx.BIG(0); sk = ctx.BIG.randomnum(params.n,rng); var pk = new ctx.ECP(0); pk = ctx.PAIR.G1mul(params.g1,sk); return{ PK:pk, SK:sk } } //combine multiple public key together //the input is an array of PKs combine=function(PKs){ var ctx = new CTX("BN254CX"); var pk=new ctx.ECP(); //copy the first pk pk.copy(PKs[0]); //multiple the rest PKs for(i=1;i