Closed 7-of-9 closed 2 years ago
Hello,
We do not have any implementations of multiparty encryption/decryption in JIFF. It is possible to implement this functionality using the primitives provided by JIFF, but it will probably require significant effort and I am not sure that the resulting implementation will have good performance, depending on which public key encryption scheme you are trying to implement.
You may want to look into homomorphic encryption implementations which usually have some form of distributed key generation and decryption built in. If you are ok with symmetric key crypto, you can do this reasonably efficiently for AES, especially with garbled circuits. There are circuits online for AES (e.g. https://homes.esat.kuleuven.be/~nsmart/MPC/), and you can use these circuits with any compatible library (e.g. SCALE MAMBA, or JIGG).
You may be able to implement something like this yourself (in JIFF or from scratch) if you choose a simple enough protocol (e.g. some sort of EC OPRF-style trick with ElGamal encryption) or by following some paper. But I recommend that you try to find a mostly off-the-shelve solution along the lines of what I mentioned in the earlier paragraph.
Hope this helps.
@wyatt-howe do you have some resources or tips that may be helpful here?
As KInan states, in some cases this may be as simple as commutative encryption, e.g. encrypt multiple times in ElGamal. But this will only work when the encryptors/decryptors parties are the same both times.
If you require decryption to be possible by a subset of the encryptors, you would instead need use a threshold scheme (such as Shamir's polynomial scheme in JIFF) to secret share (or generate jointly) a private key between parties, and encrypt the message with its corresponding public key, where this public key would have to be computed under MPC. This may be possible and practical with JIFF as it is, but we have not implemented any such demo as of yet. RSA key generation may be a good candidate to try and implement in JIFF, at which point you would have all you need for multiparty encryption.
Also, the circuit based approach will not generalize nicely, so I would recommend against it unless you know exactly the number of parties who need to be involved.
Hi all, can JIFF to multiparty encryption, i.e. encrypt a message with privKeyA && privKeyB, such that privKeyA || privKeyB can decrypt the message (and extrapolating out to n encrypters/decrypters...)
If so, would be much obliged if someone could point me in the right direction!