From 6ca802fe0d44fce45d6fa599815f41f3efaea614 Mon Sep 17 00:00:00 2001
From: jfdreis <josevtnreis@gmail.com>
Date: Thu, 21 Nov 2024 11:34:14 +0000
Subject: [PATCH] feat: update no small factor protocol to match cggmp24
 version

---
 src/no_small_factor.rs | 13 ++++---------
 1 file changed, 4 insertions(+), 9 deletions(-)

diff --git a/src/no_small_factor.rs b/src/no_small_factor.rs
index ff32dc3..7b26b64 100644
--- a/src/no_small_factor.rs
+++ b/src/no_small_factor.rs
@@ -145,8 +145,6 @@ pub struct Commitment {
     pub b: Integer,
     #[udigest(as = crate::common::encoding::Integer)]
     pub t: Integer,
-    #[udigest(as = crate::common::encoding::Integer)]
-    pub sigma: Integer,
 }
 
 /// Verifier's challenge to prover. Can be obtained deterministically by
@@ -198,7 +196,6 @@ pub mod interactive {
         let beta = Integer::from_rng_pm(&n_root_modulo, &mut rng);
         let mu = Integer::from_rng_pm(&l_n_circ_modulo, &mut rng);
         let nu = Integer::from_rng_pm(&l_n_circ_modulo, &mut rng);
-        let sigma = Integer::from_rng_pm(&(&two_to_l * &n_n_circ).complete(), &mut rng);
         let r = Integer::from_rng_pm(&(&two_to_l_plus_e * &n_n_circ).complete(), &mut rng);
         let x = Integer::from_rng_pm(&l_e_n_circ_modulo, &mut rng);
         let y = Integer::from_rng_pm(&l_e_n_circ_modulo, &mut rng);
@@ -215,7 +212,6 @@ pub mod interactive {
             a,
             b,
             t,
-            sigma,
         };
         let private_commitment = PrivateCommitment {
             alpha,
@@ -239,18 +235,17 @@ pub mod interactive {
     /// Compute proof for given data and prior protocol values
     pub fn prove(
         pdata: PrivateData,
-        comm: &Commitment,
         pcomm: &PrivateCommitment,
         challenge: &Challenge,
     ) -> Result<Proof, Error> {
-        let sigma_circ = (&comm.sigma - &pcomm.nu * pdata.p).complete();
+        let nu_p = (&pcomm.nu * pdata.p).complete();
 
         Ok(Proof {
             z1: (&pcomm.alpha + challenge * pdata.p).complete(),
             z2: (&pcomm.beta + challenge * pdata.q).complete(),
             w1: (&pcomm.x + challenge * &pcomm.mu).complete(),
             w2: (&pcomm.y + challenge * &pcomm.nu).complete(),
-            v: &pcomm.r + challenge * sigma_circ,
+            v: &pcomm.r - challenge * nu_p,
         })
     }
 
@@ -279,7 +274,7 @@ pub mod interactive {
         }
         // check 3
         {
-            let r = aux.combine(data.n, &commitment.sigma)?;
+            let r = aux.pow_mod(&aux.s, &data.n)?;
             let q_to_z1 = aux.pow_mod(&commitment.q, &proof.z1)?;
             let t_to_v = aux.pow_mod(&aux.t, &proof.v)?;
             let lhs = (q_to_z1 * t_to_v).modulo(&aux.rsa_modulo);
@@ -328,7 +323,7 @@ pub mod non_interactive {
     ) -> Result<Proof, Error> {
         let (commitment, pcomm) = super::interactive::commit(aux, data, pdata, security, rng)?;
         let challenge = challenge::<D>(shared_state, aux, data, &commitment, security);
-        let proof = super::interactive::prove(pdata, &commitment, &pcomm, &challenge)?;
+        let proof = super::interactive::prove(pdata, &pcomm, &challenge)?;
         Ok(Proof { commitment, proof })
     }