3 unstable releases
0.2.0 | Sep 16, 2021 |
---|---|
0.1.1 | Sep 25, 2020 |
0.1.0 | Sep 22, 2020 |
#1265 in Cryptography
Used in 5 crates
(via nash-mpc)
73KB
1.5K
SLoC
Note: Nash is not the original creator of this repository. Several organizations have forked it. Our fork provides abstractions that work over arbitrary BigInt representation.
Paillier
Efficient pure-Rust library for the Paillier partially homomorphic encryption scheme, offering also packed encoding for encrypting several values together as well as several zero-knowledge proofs related to typical use-cases. Supports several underlying arbitrary precision libraries, including RAMP and GMP.
Several companies have invested resources in the development of this library, including Snips who implemented the original version for use in their privacy-preserving analytics system, and KZen networks who contributed with implementations of many zero-knowledge proofs. See contributions below for more details.
Important: while we have followed recommendations regarding the scheme itself, some parts of this library have not yet been harden against non-cryptographic attacks such as side-channel attacks.
extern crate paillier;
use paillier::*;
fn main() {
// generate a fresh keypair and extract encryption and decryption keys
let (ek, dk) = Paillier::keypair().keys();
// encrypt four values
let c1 = Paillier::encrypt(&ek, 10);
let c2 = Paillier::encrypt(&ek, 20);
let c3 = Paillier::encrypt(&ek, 30);
let c4 = Paillier::encrypt(&ek, 40);
// add all of them together
let c = Paillier::add(&ek,
&Paillier::add(&ek, &c1, &c2),
&Paillier::add(&ek, &c3, &c4)
);
// multiply the sum by 2
let d = Paillier::mul(&ek, &c, 2);
// decrypt final result
let m: u64 = Paillier::decrypt(&dk, &d);
println!("decrypted total sum is {}", m);
}
Installation
Some features are optional yet currently included by default. See Features below for more details. Note that the nightly toolchain is currently needed to build the library.
Using cargo
[dependencies]
paillier = { version="0.2" }
From source
git clone https://github.com/mortendahl/rust-paillier
cd rust-paillier
cargo build --release
Features
The library supports the following features. The default compilation is equivalent to
cargo build --release --no-default-features --features "usegmp keygen proofs"
using GMP and including both key generation and zero-knowledge proofs.
Underlying arithmetic
The choice of underlying arithmetic library may be changed using features usegmp
(default) and useramp
. GMP generally offers slightly better performance but may be unavailable on some platforms or for some applications. Note that useramp
does currently not support proofs, i.e. features useramp
and proofs
cannot be used together.
Key generation
Key generation feature keygen
is included by default but if unneeded may safely be excluded to avoid extra dependencies.
extern crate paillier;
use paillier::*;
fn main() {
// generate a fresh keypair and extract encryption and decryption keys
let (ek, dk) = Paillier::keypair().keys();
...
}
Zero-knowledge proofs
Feature proofs
includes various zero-knowledge proofs related to the typical use of Paillier encryption. Turned on by default but may safely be excluded if unneeded.
Benchmarks
Several benches are included, testing both the underlying arithmetic libraries as well as the operations of the scheme. All may be run using
cargo bench
and including either several arithmetic libraries and key generation as discussed above.
License
Forked from snipsco/rust-paillier
with additional functionality. Licensed under either of
- Apache License, Version 2.0 (LICENSE-APACHE or http://www.apache.org/licenses/LICENSE-2.0)
- MIT license (LICENSE-MIT or http://opensource.org/licenses/MIT)
at your option.
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.
Contributions
Several people have had a significant impact in the development of this library (in alphabetical order):
- Gary Benattar (KZen networks)
- Mario Cornejo (while at Snips)
- Mathieu Poumeyrol (Snips)
- Omer Shlomovits (KZen networks)
and several companies have invested resources:
- Snips sponsored implementation of the original version
- KZen networks sponsored extension of many zero-knowledge proofs
Reported uses
- Snips: privacy-preserving analytics
- KZen networks: multi-party signatures
Dependencies
~1.8–2.9MB
~59K SLoC