threshold-elgamal 0.1.0

package/src/thresholdElgamal.ts

@@ -0,0 +1,157 @@
+import { modPow, modInv } from 'bigint-mod-arith';
+
+import { GROUPS } from './constants';
+import type { EncryptedMessage, PartyKeyPair } from './types';
+import { generatePolynomial } from './utils';
+
+/**
+ * Retrieves the group parameters for a given prime bit length.
+ *
+ * @param {2048 | 3072 | 4096} primeBits - The bit length of the prime modulus (2048, 3072, or 4096).
+ * @returns {Object} The group parameters including prime and generator.
+ */
+export const getGroup = (
+    primeBits: 2048 | 3072 | 4096,
+): { prime: bigint; generator: bigint } => {
+    switch (primeBits) {
+        case 2048:
+            return GROUPS.ffdhe2048;
+        case 3072:
+            return GROUPS.ffdhe3072;
+        case 4096:
+            return GROUPS.ffdhe4096;
+        default:
+            throw new Error('Unsupported bit length');
+    }
+};
+
+/**
+ * Evaluates a polynomial at a given point using modular arithmetic.
+ *
+ * @param {bigint[]} polynomial - The coefficients of the polynomial.
+ * @param {number} x - The point at which to evaluate the polynomial.
+ * @param {bigint} prime - The prime modulus.
+ * @returns {bigint} The result of the polynomial evaluation.
+ */
+export const evaluatePolynomial = (
+    polynomial: bigint[],
+    x: number,
+    prime: bigint,
+): bigint => {
+    let result = 0n;
+    for (let i = 0; i < polynomial.length; i++) {
+        result = (result + polynomial[i] * BigInt(x) ** BigInt(i)) % prime;
+    }
+    return result;
+};
+
+/**
+ * Generates a single key share for a participant in a threshold ElGamal cryptosystem.
+ *
+ * @param {number} index - The unique index of the participant (starting from 1).
+ * @param {number} threshold - The minimum number of key shares required for decryption.
+ * @param {2048 | 3072 | 4096} primeBits - The bit length of the prime modulus (default: 2048).
+ * @returns {PartyKeyPair} The key share containing a private and public key share for the participant.
+ */
+export const generateSingleKeyShare = (
+    index: number,
+    threshold: number,
+    primeBits: 2048 | 3072 | 4096 = 2048,
+): PartyKeyPair => {
+    const group = getGroup(primeBits);
+    const prime = group.prime;
+    const generator = group.generator;
+    const polynomial = generatePolynomial(threshold, prime);
+    let partyPrivateKey = evaluatePolynomial(polynomial, index, prime);
+    // Ensure non-zero private key, adjusting index if necessary
+    while (partyPrivateKey === 0n) {
+        partyPrivateKey = evaluatePolynomial(polynomial, index + 1, prime);
+    }
+    const partyPublicKey = modPow(generator, partyPrivateKey, prime);
+
+    return { partyPrivateKey, partyPublicKey };
+};
+
+/**
+ * Generates key shares for a threshold ElGamal cryptosystem.
+ *
+ * @param {number} n - The total number of key shares.
+ * @param {number} threshold - The minimum number of key shares required for decryption.
+ * @param {2048 | 3072 | 4096} primeBits - The bit length of the prime modulus (default: 2048).
+ * @returns {PartyKeyPair[]} An array of key shares, each containing a private and public key share.
+ */
+export const generateKeyShares = (
+    n: number,
+    threshold: number,
+    primeBits: 2048 | 3072 | 4096 = 2048,
+): PartyKeyPair[] => {
+    const keyShares = [];
+    for (let i = 1; i <= n; i++) {
+        const keyShare = generateSingleKeyShare(i, threshold, primeBits);
+        keyShares.push(keyShare);
+    }
+    return keyShares;
+};
+
+/**
+ * Combines multiple public keys into a single public key.
+ *
+ * @param {bigint[]} publicKeys - An array of public keys to combine.
+ * @param {bigint} prime - The prime modulus used in the ElGamal system.
+ * @returns {bigint} The combined public key.
+ */
+export const combinePublicKeys = (
+    publicKeys: bigint[],
+    prime: bigint,
+): bigint => publicKeys.reduce((acc, current) => (acc * current) % prime, 1n);
+
+/**
+ * Performs a partial decryption on a ciphertext using an individual's private key share.
+ *
+ * @param {EncryptedMessage} encryptedMessage - The encrypted secret.
+ * @param {bigint} partyPrivateKey - The private key share of the decrypting party.
+ * @param {bigint} prime - The prime modulus used in the ElGamal system.
+ * @returns {bigint} The result of the partial decryption.
+ */
+export const createDecryptionShare = (
+    encryptedMessage: EncryptedMessage,
+    partyPrivateKey: bigint,
+    prime: bigint,
+): bigint => modPow(encryptedMessage.c1, partyPrivateKey, prime);
+
+/**
+ * Combines partial decryptions from multiple parties into a single decryption factor.
+ *
+ * @param {bigint[]} decryptionShares - An array of partial decryption results.
+ * @param {bigint} prime - The prime modulus used in the ElGamal system.
+ * @returns {bigint} The combined decryption factor.
+ */
+export const combineDecryptionShares = (
+    decryptionShares: bigint[],
+    prime: bigint,
+): bigint => {
+    let result = 1n;
+    for (const partialDecryption of decryptionShares) {
+        result = (result * partialDecryption) % prime;
+    }
+    return result;
+};
+
+/**
+ * Decrypts an encrypted secret using the combined partial decryptions in a threshold ElGamal scheme.
+ *
+ * @param {{ c1: bigint; c2: bigint }} encryptedMessage - The encrypted secret components.
+ * @param {bigint} combinedDecryptionShares - The combined partial decryptions from all parties.
+ * @param {bigint} prime - The prime modulus used in the ElGamal system.
+ * @returns {number} The decrypted secret, assuming it was small enough to be directly encrypted.
+ */
+export const thresholdDecrypt = (
+    encryptedMessage: { c1: bigint; c2: bigint },
+    combinedDecryptionShares: bigint,
+    prime: bigint,
+): number => {
+    const combinedDecryptionInverse = modInv(combinedDecryptionShares, prime);
+    const plaintext: bigint =
+        (encryptedMessage.c2 * combinedDecryptionInverse) % prime;
+    return Number(plaintext);
+};

package/src/types/random-bigint.d.ts

@@ -0,0 +1,13 @@
+declare module 'random-bigint' {
+    /**
+     * Generates a random BigInt in the range 0..2**bits-1.
+     * @param bits Number of bits.
+     * @param cb Optional callback for asynchronous operation.
+     */
+    function random(
+        bits: number,
+        cb?: (err: Error | null, num: bigint) => void,
+    ): bigint;
+
+    export = random;
+}

package/src/types.ts

@@ -0,0 +1,21 @@
+export type EncryptedMessage = {
+    c1: bigint;
+    c2: bigint;
+};
+
+export type Parameters = {
+    prime: bigint;
+    generator: bigint;
+    publicKey: bigint;
+    privateKey: bigint;
+};
+
+export type KeyPair = {
+    privateKey: bigint;
+    publicKey: bigint;
+};
+
+export type PartyKeyPair = {
+    partyPrivateKey: bigint;
+    partyPublicKey: bigint;
+};

package/src/utils.ts

@@ -0,0 +1,61 @@
+import randomBigint from 'random-bigint';
+
+import type { EncryptedMessage } from './types';
+
+/**
+ * Generates a random bigint within a specified range.
+ * @param {bigint} min - The minimum value (inclusive).
+ * @param {bigint} max - The maximum value (exclusive).
+ * @returns {bigint} A random bigint within the specified range.
+ */
+export const getRandomBigIntegerInRange = (
+    min: bigint,
+    max: bigint,
+): bigint => {
+    const range = max - min + 1n;
+    // Determine the number of bits needed for the range
+    const bitsNeeded = range.toString(2).length;
+    // Generate a random bigint within the calculated bits
+    let num = randomBigint(bitsNeeded);
+    // Adjust the number to our range
+    num = num % range;
+    // Add the minimum to align with our desired range
+    return min + num;
+};
+
+/**
+ * Performs homomorphic multiplication on two encrypted values, allowing for encrypted arithmetic operations.
+ * @param {EncryptedMessage} value1 - The first encrypted value.
+ * @param {EncryptedMessage} value2 - The second encrypted value.
+ * @param {bigint} prime - The prime modulus used in the encryption system.
+ * @returns {EncryptedMessage} The result of the multiplication, as a new encrypted message.
+ */
+export const multiplyEncryptedValues = (
+    value1: EncryptedMessage,
+    value2: EncryptedMessage,
+    prime: bigint,
+): EncryptedMessage => {
+    const c1Multiplied = (value1.c1 * value2.c1) % prime;
+    const c2Multiplied = (value1.c2 * value2.c2) % prime;
+
+    return { c1: c1Multiplied, c2: c2Multiplied };
+};
+
+/**
+ * Generates a random polynomial of a specified degree, to be used in Shamir's Secret Sharing scheme.
+ * The polynomial is of the form f(x) = a0 + a1*x + a2*x^2 + ... + a_{threshold-1}*x^{threshold-1},
+ * where a0 is the "master" secret, and the rest of the coefficients are randomly chosen.
+ * @param {number} threshold - The degree of the polynomial (also, the number of shares required to reconstruct the secret).
+ * @param {bigint} prime - The prime modulus used in the system, to ensure operations are performed in a finite field.
+ * @returns {bigint[]} An array representing the polynomial coefficients `[a0, a1, ..., a_{threshold-1}]`.
+ */
+export const generatePolynomial = (
+    threshold: number,
+    prime: bigint,
+): bigint[] => {
+    const polynomial = [getRandomBigIntegerInRange(2n, prime - 1n)]; // constant term is the "master" private key
+    for (let i = 1; i < threshold; i++) {
+        polynomial.push(getRandomBigIntegerInRange(0n, prime - 1n)); // random coefficients
+    }
+    return polynomial;
+};

package/tsconfig.build.json

@@ -0,0 +1,17 @@
+{
+    "extends": "./tsconfig.json",
+    "compilerOptions": {
+        "noEmit": false,
+        "declaration": true,
+        "sourceMap": false,
+        "removeComments": false
+    },
+    "include": ["src/**/*"],
+    "exclude": [
+        "node_modules",
+        "**/*.test.ts",
+        "**/*.spec.ts",
+        "eslint.config.js",
+        "jsdoc.config.js"
+    ]
+}

package/tsconfig.json

@@ -0,0 +1,29 @@
+{
+    "compilerOptions": {
+        "baseUrl": "./src/",
+        "lib": ["ES2022"],
+        "target": "esnext",
+        "module": "ESNext",
+        "moduleResolution": "Node",
+        "outDir": "./dist/",
+        "removeComments": true,
+        "declaration": false,
+        "allowSyntheticDefaultImports": true,
+        "forceConsistentCasingInFileNames": true,
+        "resolveJsonModule": true,
+        "strict": true,
+        "sourceMap": true,
+        "allowJs": true,
+        "noEmit": true,
+        "esModuleInterop": true,
+        "isolatedModules": true,
+        "skipLibCheck": true,
+        "noUnusedParameters": true,
+        "noUnusedLocals": true
+    },
+    "ts-node": {
+        "esm": true,
+        "experimentalSpecifierResolution": "node"
+    },
+    "include": ["src/**/*", "eslint.config.js", "jsdoc.config.js"]
+}