kuilt-deal/us.tractat.kuilt.deal/SraScheme

SraScheme

SRA (Shamir–Rivest–Adleman) commutative encryption scheme.

Encryption: m^e mod p (m = BigInteger of plaintext bytes) Stripping: c^d mod p (d = modular inverse of e, mod p-1)

Commutativity: E_A(E_B(m)) = m^(e_A·e_B) mod p = E_B(E_A(m))

Proof is a stub (ByteArray(0)). The GSet membership check is the primary double-encode defence. Full ZK proofs are a follow-up.

Security limitation (pre-1.0): the verifyEncrypt/verifyStrip methods are stubs (no cheat-detection yet), so this scheme is not yet production-secure against a malicious peer. Key material itself is drawn from the platform CSPRNG (see secureRandomBytes).

Constructors

SraScheme

constructor()

Types

Companion

object Companion

Functions

encrypt

open override fun encrypt(plaintext: ByteArray, key: SchemeKey): Pair<ByteArray, EncryptProof>

generateKey

open override fun generateKey(): SchemeKeyPair

Generates a random SRA key pair, drawing the secret exponent from the platform CSPRNG via secureRandomBytes.

strip

open override fun strip(ciphertext: ByteArray, key: SchemeKey): Pair<ByteArray, StripProof>

verifyEncrypt

open override fun verifyEncrypt(prev: ByteArray, next: ByteArray, proof: EncryptProof, pubKey: SchemeKey): Boolean

Verify that next was produced by applying the key corresponding to pubKey to prev. Initial implementations may return true unconditionally — the GSet membership check is the primary double-encode defence. A full ZK proof is a follow-up.

verifyStrip

open override fun verifyStrip(prev: ByteArray, next: ByteArray, proof: StripProof, pubKey: SchemeKey): Boolean