MtA proof computation encrypts an input larger than the Paillier modulus

axelarnetwork / tofn

A threshold cryptography library in Rust

Apache License 2.0

110 stars 23 forks source link

MtA proof computation encrypts an input larger than the Paillier modulus #164

Closed milapsheth closed 2 years ago

milapsheth commented 3 years ago

In one part of the MtA proof, we compute a parameter t1 = gamma + e s, which during verify is encrypted under the Paillier keypair. Although, t1 exceeds the size of the Paillier modulus, and thus the message domain allowed for encryption. Investigate the reason why t1 exceeds the modulus.

milapsheth commented 2 years ago

The computation does occur over integers and is expected to be larger than the modulus. I'm planning on removing the debug_assert from the paillier-rs repo that is being tripped by this. (mentioned in this comment)