search

herumi / mcl

a portable and fast pairing-based cryptography library
BSD 3-Clause "New" or "Revised" License
452 stars 152 forks source link

Elgamal Plaintext Range ? #17

Closed fionser closed 6 years ago

fionser commented 6 years ago
  1. What is the plaintxt range of the Elgamal ? If the mcl::ecparam::secp160k1 is used, shoud the plaintext domain be 160-bits (i.e., 2^160) ?
  2. Should we need to cache all the elements in the plaintext range (the setCache method in the private key class), if we want to use Elgamal to do arithmetic computation ?
herumi commented 6 years ago

What is the plaintxt range of the Elgamal? If the mcl::ecparam::secp160k1 is used, shoud the plaintext domain be 160-bits (i.e., 2^160) ?

Yes. But it is necessary to solve a small DLP to decrypt a message. So we can not use large message space. The range is set by PrivateKey::setCache(min, max); It requires (max - min) * (sizeof(Ec) + alpha) memory.

Could you see elgamal_test.cpp? It is a small sample.

The implementation to solve a small DLP in mcl/she.hpp requires less memory instead of some computation, but it is not yet backported to ElGamal.

fionser commented 6 years ago

thx

herumi commented 6 years ago

@fionser I added she::initG1only() to use secp160k1, secp192k1, etc. Please see test of initG1only if you are interested in it.