maci icon indicating copy to clipboard operation
maci copied to clipboard

Published 20 hours ago verified publisher icon privacy-scaling-explorations

MiMC7 hash is giving different results via circomlib(1.0.3) and circomlibjs(0.1.2)

Open divyam96 opened this issue 3 years ago • 1 comments
trafficstars

I'm trying to encrypt via circomjs and decrypt using circom.

circomlibjs encrypt code:

/*
 * Encrypts a plaintext using a given key.
 * @return The ciphertext.
 */
const encrypt = async (
  plaintext: Plaintext,
  sharedKey: EcdhSharedKey,
): Promise<Ciphertext> => {
  const mimc7 = await buildMimc7();
  // [assignment] generate the IV, use Mimc7 to hash the shared key with the IV, then encrypt the plain text
  // const iv = mimc7.getIV(plaintext);
  // console.log("iv", iv);
  const iv = buf2Bigint(mimc7.multiHash(plaintext, BigInt(0)));
  // console.log("iv2", iv);

  // console.log("***********");
  // console.log(plaintext);
  const ciphertext: Ciphertext = {
        iv,
        data: plaintext.map((e: bigint, i: number): bigint => {
            return e + buf2Bigint(mimc7.hash(
                sharedKey,
                iv + BigInt(i),
            ))
        }),
    }

    // TODO: add asserts here
  return ciphertext


};

decrypt.circom from master branch

pragma circom 2.0.3;

include "../node_modules/circomlib/circuits/mimc.circom";
include "../node_modules/circomlib/circuits/escalarmulany.circom";


template Decrypt(N) {
  // Where N is the length of the
  // decrypted message
  signal input message[N+1];
  signal input private_key;
  signal output out[N];
  component hasher[N];

  // iv is message[0]
  for(var i=0; i<N; i++) {
    hasher[i] = MiMC7(91);
    hasher[i].x_in <== private_key;
    hasher[i].k <== message[0] + i;
    log(private_key);
    log(message[0]);
    log(i);
    log(hasher[i].out);
    out[i] <== message[i+1] - hasher[i].out;
    // log(out[i]);
  }
}

The same decryption works fine when I try it with circomlibjs. The decrypt function is as follows:

/*
 * Decrypts a ciphertext using a given key.
 * @return The plaintext.
 */
const decrypt = async (
  ciphertext: Ciphertext,
  sharedKey: EcdhSharedKey,
): Promise<Plaintext> => {
  // [assignment] use Mimc7 to hash the shared key with the IV, then descrypt the ciphertext
  const mimc7 = await buildMimc7();

  const plaintext: Plaintext = ciphertext.data.map(
        (e: bigint, i: number): bigint => {
            // console.log("sharedKey", sharedKey)
            // console.log("buf2Bigint sharedKey", buf2Bigint(sharedKey))
            console.log("sharedKey, iv, i", buf2Bigint(sharedKey), BigInt(ciphertext.iv), BigInt(i))
            console.log("mimc7 val", buf2Bigint(mimc7.hash(buf2Bigint(sharedKey), BigInt(ciphertext.iv) + BigInt(i))))
            return BigInt(e) - buf2Bigint((mimc7.hash(sharedKey, BigInt(ciphertext.iv) + BigInt(i))))
        }
    )

    return plaintext
};

I have tracked the root cause of this as the mismatch between the MiMC7 hashes between circomlibjs and circomlib.

Any idea how I can fix this?

divyam96 avatar Jun 18 '22 17:06 divyam96

Having the same issue. Here's the reproducible repo https://github.com/tomoima525/mimc-decrypt-encrypt-test

tomoima525 avatar Jun 20 '22 07:06 tomoima525

Thanks for opening this issue and I'm sorry if no one ever got back to you. It looks like mimc7 is not used anymore. Feel free to re-open if this is still an issue in MACI v1 or open a new issue and we will be taking a look

ctrlc03 avatar Dec 15 '23 13:12 ctrlc03