H(x: BigInt, y: BigInt, s: BigInt, p: BigInt) → BigInt |
SHA-256 $$(x | y | s) mod p.$$ |
sqrt_mod(a: BigInt, p: BigInt) → BigInt or null |
Compute $$(\sqrt{a} \bmod p)$$. Returns null if no root exists. |
T(point: (BigInt, BigInt), s: BigInt, a: BigInt, p: BigInt) → (BigInt, BigInt) |
One LAI transform step. |
pow_T(P: (BigInt, BigInt), startS: BigInt, exp: BigInt, a: BigInt, p: BigInt) → (BigInt, BigInt) |
Compute $$(T^{\exp}(P))$$ by exponentiation by squaring. |
keygen(p: BigInt, a: BigInt, P0: (BigInt, BigInt)) → (k: BigInt, Q: (BigInt, BigInt)) |
Generate a random private key k and public point Q = T^k(P0). |
encrypt(m: BigInt, Q: (BigInt, BigInt), k: BigInt, p: BigInt, a: BigInt, P0: (BigInt, BigInt)) → (C1, C2, r) |
Encrypt integer m (< p), yielding (C1, C2, r). |
decrypt(C1: (BigInt, BigInt), C2: (BigInt, BigInt), k: BigInt, r: BigInt, a: BigInt, p: BigInt) → BigInt |
Decrypt one block, returning the original integer m. |
decryptAll(jsonPayload) → byte[] |
Read an entire JSON ciphertext payload (array of blocks) and return concatenated plaintext bytes. |