void PAlgebraModDerived<type>::decodePlaintext( vector<RX>& alphas, const RX& ptxt, const MappingData<type>& mappingData) const { long nSlots = zMStar.getNSlots(); if (isDryRun()) { alphas.assign(nSlots, RX::zero()); return; } // First decompose p into CRT components vector<RX> CRTcomps(nSlots); // allocate space for CRT component CRT_decompose(CRTcomps, ptxt); // CRTcomps[i] = p mod facors[i] if (mappingData.degG==1) { alphas = CRTcomps; return; } alphas.resize(nSlots); REBak bak; bak.save(); mappingData.contextForG.restore(); for (long i=0; i<nSlots; i++) { REX te; conv(te, CRTcomps[i]); // lift i'th CRT componnet to mod G(X) te %= mappingData.rmaps[i]; // reduce CRTcomps[i](Y) mod Qi(Y), over (Z_2[X]/G(X)) // the free term (no Y component) should be our answer (as a poly(X)) alphas[i] = rep(ConstTerm(te)); } }
void FSPRG_Seek(void *state, uint64_t epoch, const void *msk, const void *seed, size_t seedlen) { gcry_mpi_t p, q, n, x, xp, xq, kp, kq, xm; uint16_t secpar; initialize_libgcrypt(); secpar = read_secpar(msk + 0); p = mpi_import(msk + 2 + 0 * (secpar / 2) / 8, (secpar / 2) / 8); q = mpi_import(msk + 2 + 1 * (secpar / 2) / 8, (secpar / 2) / 8); n = gcry_mpi_new(0); gcry_mpi_mul(n, p, q); x = gensquare(n, seed, seedlen, RND_GEN_X, secpar); CRT_decompose(&xp, &xq, x, p, q); /* split (mod n) into (mod p) and (mod q) using CRT */ kp = twopowmodphi(epoch, p); /* compute 2^epoch (mod phi(p)) */ kq = twopowmodphi(epoch, q); /* compute 2^epoch (mod phi(q)) */ gcry_mpi_powm(xp, xp, kp, p); /* compute x^(2^epoch) (mod p) */ gcry_mpi_powm(xq, xq, kq, q); /* compute x^(2^epoch) (mod q) */ CRT_compose(&xm, xp, xq, p, q); /* combine (mod p) and (mod q) to (mod n) using CRT */ store_secpar(state + 0, secpar); mpi_export(state + 2 + 0 * secpar / 8, secpar / 8, n); mpi_export(state + 2 + 1 * secpar / 8, secpar / 8, xm); uint64_export(state + 2 + 2 * secpar / 8, 8, epoch); gcry_mpi_release(p); gcry_mpi_release(q); gcry_mpi_release(n); gcry_mpi_release(x); gcry_mpi_release(xp); gcry_mpi_release(xq); gcry_mpi_release(kp); gcry_mpi_release(kq); gcry_mpi_release(xm); }