Ciphertext

elastic_elgamal

Struct Ciphertext

pub struct Ciphertext<G: Group> { /* private fields */ }

Expand description

Ciphertext for ElGamal encryption.

A ciphertext consists of 2 group elements: the random element R and a blinded encrypted value B. If the ciphertext encrypts integer value v, it holds that

R = [r]G;
B = [v]G + [r]K = [v]G + [k]R;

where:

G is the conventional group generator
r is a random scalar selected by the encrypting party
K and k are the recipient’s public and private keys, respectively.

Ciphertexts are partially homomorphic: they can be added together or multiplied by a scalar value.

§Examples

Basic usage and arithmetic for ciphertexts:

// Generate a keypair for the ciphertext receiver.
let mut rng = rand::rng();
let receiver = Keypair::<Ristretto>::generate(&mut rng);
// Create a couple of ciphertexts.
let mut enc = receiver.public().encrypt(2_u64, &mut rng);
enc += receiver.public().encrypt(3_u64, &mut rng) * 4;
// Check that the ciphertext decrypts to 2 + 3 * 4 = 14.
let lookup_table = DiscreteLogTable::new(0..20);
let decrypted = receiver.secret().decrypt(enc, &lookup_table);
assert_eq!(decrypted, Some(14));

Creating a ciphertext of a boolean value together with a proof:

// Generate a keypair for the ciphertext receiver.
let mut rng = rand::rng();
let receiver = Keypair::<Ristretto>::generate(&mut rng);
// Create and verify a boolean encryption.
let (enc, proof) =
    receiver.public().encrypt_bool(false, &mut rng);
receiver.public().verify_bool(enc, &proof)?;

Creating a ciphertext of an integer value together with a range proof:

// Generate the ciphertext receiver.
let mut rng = rand::rng();
let receiver = Keypair::<Ristretto>::generate(&mut rng);
// Find the optimal range decomposition for our range
// and specialize it for the Ristretto group.
let range = RangeDecomposition::optimal(100).into();

let (ciphertext, proof) = receiver
    .public()
    .encrypt_range(&range, 42, &mut rng);

// Check that the the proof verifies.
receiver.public().verify_range(&range, ciphertext, &proof)?;

Implementations§

impl<G: Group> Ciphertext<G>

pub fn from_elements( random_element: G::Element, blinded_element: G::Element, ) -> Self

Creates Ciphertext instance from random_element and blinded_element.

pub fn zero() -> Self

Represents encryption of zero value without the blinding factor.

pub fn non_blinded<T>(value: T) -> Self
where G::Scalar: From<T>,

Creates a non-blinded encryption of the specified scalar value, i.e., (O, [value]G) where O is identity and G is the conventional group generator.

pub fn random_element(&self) -> &G::Element

Returns a reference to the random element.

pub fn blinded_element(&self) -> &G::Element

Returns a reference to the blinded element.

pub fn to_bytes(self) -> Vec<u8> ⓘ

Serializes this ciphertext as two group elements (the random element, then the blinded value).

Trait Implementations§

impl<G: Group> Add for Ciphertext<G>

type Output = Ciphertext<G>

The resulting type after applying the + operator.

fn add(self, rhs: Self) -> Self

Performs the + operation. Read more

impl<G: Group> AddAssign for Ciphertext<G>

fn add_assign(&mut self, rhs: Self)

Performs the += operation. Read more

impl<G: Clone + Group> Clone for Ciphertext<G>
where G::Element: Clone,

fn clone(&self) -> Ciphertext<G>

Returns a duplicate of the value. Read more

1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more

impl<G: Group> Debug for Ciphertext<G>

fn fmt(&self, formatter: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

impl<'de, G: Group> Deserialize<'de> for Ciphertext<G>

fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer. Read more

impl<G: Group, V: Zeroize> From<CiphertextWithValue<G, V>> for Ciphertext<G>

fn from(ciphertext: CiphertextWithValue<G, V>) -> Self

Converts to this type from the input type.

impl<G: Group> Mul<&<G as ScalarOps>::Scalar> for Ciphertext<G>

type Output = Ciphertext<G>

The resulting type after applying the * operator.

fn mul(self, rhs: &G::Scalar) -> Self

Performs the * operation. Read more

impl<G: Group> Mul<u64> for Ciphertext<G>

type Output = Ciphertext<G>

The resulting type after applying the * operator.

fn mul(self, rhs: u64) -> Self

Performs the * operation. Read more

impl<G: Group> Neg for Ciphertext<G>

type Output = Ciphertext<G>

The resulting type after applying the - operator.

fn neg(self) -> Self::Output

Performs the unary - operation. Read more

impl<G: Group> Serialize for Ciphertext<G>

fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
where S: Serializer,

Serialize this value into the given Serde serializer. Read more

impl<G: Group> Sub for Ciphertext<G>

type Output = Ciphertext<G>

The resulting type after applying the - operator.

fn sub(self, rhs: Self) -> Self

Performs the - operation. Read more

impl<G: Group> SubAssign for Ciphertext<G>

fn sub_assign(&mut self, rhs: Self)

Performs the -= operation. Read more

impl<G: Copy + Group> Copy for Ciphertext<G>
where G::Element: Copy,

Auto Trait Implementations§

impl<G> Freeze for Ciphertext<G>
where <G as ElementOps>::Element: Freeze,

impl<G> RefUnwindSafe for Ciphertext<G>
where <G as ElementOps>::Element: RefUnwindSafe,

impl<G> Send for Ciphertext<G>
where <G as ElementOps>::Element: Send,

impl<G> Sync for Ciphertext<G>
where <G as ElementOps>::Element: Sync,

impl<G> Unpin for Ciphertext<G>
where <G as ElementOps>::Element: Unpin,

impl<G> UnwindSafe for Ciphertext<G>
where <G as ElementOps>::Element: UnwindSafe,

Blanket Implementations§

impl<T> Any for T
where T: 'static + ?Sized,

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more

impl<T> Borrow<T> for T
where T: ?Sized,

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more

impl<T> BorrowMut<T> for T
where T: ?Sized,

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more

impl<T> CloneToUninit for T
where T: Clone,

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)

Performs copy-assignment from self to dest. Read more

impl<T> From<T> for T

fn from(t: T) -> T

Returns the argument unchanged.

impl<T, U> Into<U> for T
where U: From<T>,

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

impl<T> Same for T

type Output = T

Should always be Self

impl<T> ToOwned for T
where T: Clone,

type Owned = T

The resulting type after obtaining ownership.

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more

impl<T, U> TryFrom<U> for T
where U: Into<T>,

type Error = Infallible

The type returned in the event of a conversion error.

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

fn vzip(self) -> V

impl<T> DeserializeOwned for T
where T: for<'de> Deserialize<'de>,

impl<T, Rhs, Output> GroupOps<Rhs, Output> for T
where T: Add<Rhs, Output = Output> + Sub<Rhs, Output = Output> + AddAssign<Rhs> + SubAssign<Rhs>,