Missing checks on membership of r in multiplicative group

[xiangfeimco]

This issue refers to

rust-paillier/src/core.rs

Line 325 in 57fc04d

let r = BigInt::sample_below(&ek.n);

Ideally, the r chosen here should be coprime to N in general Paillier scheme. The sampling here does not check if this is true.

There are other places using sample_below without this check.

There are two ways to address this issue. One is to check if r is coprime to N every time. Or we need to ensure that when decrypting the ballots we reject 0 and restart the protocol.

cc @dingxiangfei2009

[omershlo]

Thank you @xiangfeimco for this issue.
I would argue that the missing co primality check is not a concern in this case :
if r is not co-prime to N it means that it is either a multiply of q or a multiply of p. either way , if found - it means we factored N which happens only with negligible probability. Therefore it is safe to assume that random r is co prime to N