More honest-majority three-party computation (modulo prime and malici…

…ous binary).
data61 · Nov 30, 2018 · ea59419 · ea59419
1 parent 69ffa07
commit ea59419
Show file tree

Hide file tree

Showing 160 changed files with 3,763 additions and 1,657 deletions.
diff --git a/.gitignore b/.gitignore
@@ -30,6 +30,7 @@ tags
 .project
 .cproject
 .settings
+.pydevproject
 
 # VS Code IDE #
 ###############

diff --git a/.gitmodules b/.gitmodules
@@ -1,3 +1,6 @@
 [submodule "SimpleOT"]
 	path = SimpleOT
-	url = https://github.com/pascholl/SimpleOT
+	url = https://github.com/mkskeller/SimpleOT
+[submodule "mpir"]
+	path = mpir
+	url = git://github.com/wbhart/mpir.git
diff --git a/Auth/MAC_Check.cpp b/Auth/MAC_Check.cpp
@@ -10,6 +10,8 @@
 #include "Math/gfp.h"
 #include "Math/gf2n.h"
 #include "Math/BitVec.h"
+#include "Math/Rep3Share.h"
+#include "Math/MaliciousRep3Share.h"
 
 #include <algorithm>
 
@@ -73,12 +75,19 @@ void MAC_Check<T>::POpen_End(vector<T>& values,const vector<Share<T> >& S,const
 }
 
 template<class T>
-void MAC_Check<T>::POpen(vector<T>& values,const vector<Share<T> >& S,const Player& P)
+void MAC_Check_Base<T>::POpen(vector<typename T::clear>& values,const vector<T>& S,const Player& P)
 {
   POpen_Begin(values, S, P);
   POpen_End(values, S, P);
 }
 
+template<class T>
+typename T::clear MAC_Check_Base<T>::POpen(const T& secret, const Player& P)
+{
+  vector<typename T::clear> opened;
+  POpen(opened, {secret}, P);
+  return opened[0];
+}
 
 template<class T>
 void MAC_Check<T>::AddToMacs(const vector<Share<T> >& shares)
@@ -446,5 +455,7 @@ template class Parallel_MAC_Check<gf2n_short>;
 template class Passing_MAC_Check<gf2n_short>;
 #endif
 
-template class MAC_Check_Base<Integer>;
-template class MAC_Check_Base<BitVec>;
+template class MAC_Check_Base<Rep3Share<gfp>>;
+template class MAC_Check_Base<Rep3Share<gf2n>>;
+template class MAC_Check_Base<MaliciousRep3Share<gfp>>;
+template class MAC_Check_Base<MaliciousRep3Share<gf2n>>;
diff --git a/Auth/MAC_Check.h b/Auth/MAC_Check.h
@@ -60,7 +60,7 @@ class MAC_Check_Base
 {
 protected:
   /* MAC Share */
-  T alphai;
+  typename T::clear alphai;
 
 public:
   int values_opened;
@@ -72,12 +72,17 @@ class MAC_Check_Base
 
   int number() const { return values_opened; }
 
-  const T& get_alphai() const { return alphai; }
+  const typename T::clear& get_alphai() const { return alphai; }
+
+  virtual void POpen_Begin(vector<typename T::clear>& values,const vector<T>& S,const Player& P) = 0;
+  virtual void POpen_End(vector<typename T::clear>& values,const vector<T>& S,const Player& P) = 0;
+  void POpen(vector<typename T::clear>& values,const vector<T>& S,const Player& P);
+  typename T::clear POpen(const T& secret, const Player& P);
 };
 
 
 template<class T>
-class MAC_Check : public TreeSum<T>, public MAC_Check_Base<T>
+class MAC_Check : public TreeSum<T>, public MAC_Check_Base<Share<T>>
 {
   protected:
 
@@ -107,7 +112,6 @@ class MAC_Check : public TreeSum<T>, public MAC_Check_Base<T>
    */
   virtual void POpen_Begin(vector<T>& values,const vector<Share<T> >& S,const Player& P);
   virtual void POpen_End(vector<T>& values,const vector<Share<T> >& S,const Player& P);
-  void POpen(vector<T>& values,const vector<Share<T> >& S,const Player& P);
 
   void AddToCheck(const T& mac, const T& value, const Player& P);
   virtual void Check(const Player& P);

diff --git a/Auth/MaliciousRepMC.h b/Auth/MaliciousRepMC.h
@@ -0,0 +1,66 @@
+/*
+ * MaliciousRepMC.h
+ *
+ */
+
+#ifndef AUTH_MALICIOUSREPMC_H_
+#define AUTH_MALICIOUSREPMC_H_
+
+#include "ReplicatedMC.h"
+#include "GC/MaliciousRepSecret.h"
+#include "GC/Machine.h"
+
+template<class T>
+class MaliciousRepMC : public ReplicatedMC<T>
+{
+protected:
+    typedef ReplicatedMC<T> super;
+
+public:
+    virtual void POpen_Begin(vector<typename T::clear>& values,
+            const vector<T>& S, const Player& P);
+    virtual void POpen_End(vector<typename T::clear>& values,
+            const vector<T>& S, const Player& P);
+
+    virtual void Check(const Player& P);
+};
+
+template<class T>
+class HashMaliciousRepMC : public MaliciousRepMC<T>
+{
+    crypto_generichash_state* hash_state;
+
+    octetStream os;
+
+public:
+    // emulate MAC_Check
+    HashMaliciousRepMC(const typename T::value_type& _, int __ = 0, int ___ = 0) : HashMaliciousRepMC()
+    { (void)_; (void)__; (void)___; }
+
+    // emulate Direct_MAC_Check
+    HashMaliciousRepMC(const typename T::value_type& _, Names& ____, int __ = 0, int ___ = 0) : HashMaliciousRepMC()
+    { (void)_; (void)__; (void)___; (void)____; }
+
+    HashMaliciousRepMC();
+    ~HashMaliciousRepMC();
+
+    void POpen_End(vector<typename T::clear>& values,const vector<T>& S,const Player& P);
+
+    void Check(const Player& P);
+};
+
+template<class T>
+class CommMaliciousRepMC : public MaliciousRepMC<T>
+{
+    vector<octetStream> os;
+
+public:
+    void POpen_Begin(vector<typename T::clear>& values, const vector<T>& S,
+            const Player& P);
+    void POpen_End(vector<typename T::clear>& values, const vector<T>& S,
+            const Player& P);
+
+    void Check(const Player& P);
+};
+
+#endif /* AUTH_MALICIOUSREPMC_H_ */
diff --git a/Auth/MaliciousRepMC.hpp b/Auth/MaliciousRepMC.hpp
@@ -0,0 +1,107 @@
+/*
+ * MaliciousRepMC.cpp
+ *
+ */
+
+#include "MaliciousRepMC.h"
+#include "GC/Machine.h"
+
+#include "ReplicatedMC.hpp"
+
+#include <stdlib.h>
+
+template<class T>
+void MaliciousRepMC<T>::POpen_Begin(vector<typename T::clear>& values,
+        const vector<T>& S, const Player& P)
+{
+    super::POpen_Begin(values, S, P);
+}
+
+template<class T>
+void MaliciousRepMC<T>::POpen_End(vector<typename T::clear>& values,
+        const vector<T>& S, const Player& P)
+{
+    (void)values, (void)S, (void)P;
+    throw runtime_error("use subclass");
+}
+
+template<class T>
+void MaliciousRepMC<T>::Check(const Player& P)
+{
+    (void)P;
+    throw runtime_error("use subclass");
+}
+
+template<class T>
+HashMaliciousRepMC<T>::HashMaliciousRepMC()
+{
+    // deal with alignment issues
+    int error = posix_memalign((void**)&hash_state, 64, sizeof(crypto_generichash_state));
+    if (error)
+        throw runtime_error(string("failed to allocate hash state: ") + strerror(error));
+    crypto_generichash_init(hash_state, 0, 0, crypto_generichash_BYTES);
+}
+
+template<class T>
+HashMaliciousRepMC<T>::~HashMaliciousRepMC()
+{
+    free(hash_state);
+}
+
+template<class T>
+void HashMaliciousRepMC<T>::POpen_End(vector<typename T::clear>& values,
+        const vector<T>& S, const Player& P)
+{
+    ReplicatedMC<T>::POpen_End(values, S, P);
+    os.reset_write_head();
+    for (auto& value : values)
+        value.pack(os);
+    crypto_generichash_update(hash_state, os.get_data(), os.get_length());
+}
+
+template<class T>
+void HashMaliciousRepMC<T>::Check(const Player& P)
+{
+    unsigned char hash[crypto_generichash_BYTES];
+    crypto_generichash_final(hash_state, hash, sizeof hash);
+    crypto_generichash_init(hash_state, 0, 0, crypto_generichash_BYTES);
+    vector<octetStream> os(P.num_players());
+    os[P.my_num()].serialize(hash);
+    P.Broadcast_Receive(os);
+    for (int i = 0; i < P.num_players(); i++)
+        if (os[i] != os[P.my_num()])
+            throw mac_fail();
+}
+
+template<class T>
+void CommMaliciousRepMC<T>::POpen_Begin(vector<typename T::clear>& values,
+        const vector<T>& S, const Player& P)
+{
+    assert(T::length == 2);
+    (void)values;
+    os.resize(2);
+    for (auto& o : os)
+        o.reset_write_head();
+    for (auto& x : S)
+        for (int i = 0; i < 2; i++)
+            x[i].pack(os[1 - i]);
+    P.send_relative(os);
+}
+
+template<class T>
+void CommMaliciousRepMC<T>::POpen_End(vector<typename T::clear>& values,
+        const vector<T>& S, const Player& P)
+{
+    P.receive_relative(os);
+    if (os[0] != os[1])
+        throw mac_fail();
+    values.clear();
+    for (auto& x : S)
+        values.push_back(os[0].template get<BitVec>() + x.sum());
+}
+
+template<class T>
+void CommMaliciousRepMC<T>::Check(const Player& P)
+{
+    (void)P;
+}
diff --git a/Auth/ReplicatedMC.h b/Auth/ReplicatedMC.h
@@ -9,17 +9,17 @@
 #include "MAC_Check.h"
 
 template <class T>
-class ReplicatedMC : public MAC_Check_Base<typename T::value_type>
+class ReplicatedMC : public MAC_Check_Base<T>
 {
+    octetStream o;
+
 public:
     // emulate MAC_Check
-    ReplicatedMC(const gfp& _ = {}, int __ = 0, int ___ = 0) :
-        MAC_Check_Base<typename T::value_type>({})
+    ReplicatedMC(const typename T::value_type& _ = {}, int __ = 0, int ___ = 0)
     { (void)_; (void)__; (void)___; }
 
     // emulate Direct_MAC_Check
-    ReplicatedMC(const gfp& _, Names& ____, int __ = 0, int ___ = 0) :
-        MAC_Check_Base<typename T::value_type>({})
+    ReplicatedMC(const typename T::value_type& _, Names& ____, int __ = 0, int ___ = 0)
     { (void)_; (void)__; (void)___; (void)____; }
 
     void POpen_Begin(vector<typename T::clear>& values,const vector<T>& S,const Player& P);

diff --git a/Auth/ReplicatedMC.cpp → Auth/ReplicatedMC.hpp b/Auth/ReplicatedMC.cpp → Auth/ReplicatedMC.hpp
@@ -4,27 +4,24 @@
  */
 
 #include "ReplicatedMC.h"
-#include "GC/ReplicatedSecret.h"
-#include "Math/Rep3Share.h"
 
 template<class T>
 void ReplicatedMC<T>::POpen_Begin(vector<typename T::clear>& values,
         const vector<T>& S, const Player& P)
 {
     assert(T::length == 2);
     (void)values;
-    octetStream o;
+    o.reset_write_head();
     for (auto& x : S)
         x[0].pack(o);
-    P.send_relative(-1, o);
+    P.pass_around(o, -1);
 }
 
 template<class T>
 void ReplicatedMC<T>::POpen_End(vector<typename T::clear>& values,
         const vector<T>& S, const Player& P)
 {
-    octetStream o;
-    P.receive_relative(1, o);
+    (void)P;
     values.resize(S.size());
     for (size_t i = 0; i < S.size(); i++)
     {
@@ -33,6 +30,3 @@ void ReplicatedMC<T>::POpen_End(vector<typename T::clear>& values,
         values[i] = S[i].sum() + tmp;
     }
 }
-
-template class ReplicatedMC<Rep3Share>;
-template class ReplicatedMC<GC::ReplicatedSecret>;
diff --git a/Auth/Subroutines.h b/Auth/Subroutines.h
@@ -63,6 +63,14 @@ int Open_Challenge(vector<unsigned int>& e,vector<octetStream>& Open_e,
 template<class T>
 void Create_Random(T& ans,const Player& P);
 
+template<class T>
+T Create_Random(const Player& P)
+{
+  T res;
+  Create_Random(res, P);
+  return res;
+}
+
 /* Produce a random seed of length len */
 void Create_Random_Seed(octet* seed,const Player& P,int len);
 

diff --git a/Auth/fake-stuff.h b/Auth/fake-stuff.h
@@ -6,22 +6,19 @@
 #include "Math/gfp.h"
 #include "Math/Share.h"
 #include "Math/Rep3Share.h"
+#include "GC/MaliciousRepSecret.h"
 
 #include <fstream>
 using namespace std;
 
 template<class T>
 void make_share(vector<Share<T> >& Sa,const T& a,int N,const T& key,PRNG& G);
-void make_share(vector<Rep3Share>& Sa, const Integer& a, int N,
-    const Integer& key, PRNG& G);
 
 template<class T>
 void check_share(vector<Share<T> >& Sa,T& value,T& mac,int N,const T& key);
-void check_share(vector<Rep3Share>& Sa, Integer& value, Integer& mac, int N,
-    const Integer& key);
-
-void expand_byte(gf2n_short& a,int b);
-void collapse_byte(int& b,const gf2n_short& a);
+template<class T>
+void check_share(vector<T>& Sa, typename T::clear& value,
+    typename T::value_type& mac, int N, const typename T::value_type& key);
 
 // Generate MAC key shares
 void generate_keys(const string& directory, int nplayers);
@@ -38,9 +35,9 @@ class Files
 public:
   ofstream* outf;
   int N;
-  T key;
+  typename T::value_type key;
   PRNG G;
-  Files(int N, const T& key, const string& prefix) : N(N), key(key)
+  Files(int N, const typename T::value_type& key, const string& prefix) : N(N), key(key)
   {
     outf = new ofstream[N];
     for (int i=0; i<N; i++)
@@ -58,9 +55,9 @@ class Files
   {
     delete[] outf;
   }
-  void output_shares(const T& a)
+  void output_shares(const typename T::clear& a)
   {
-    vector<Share<T> > Sa(N);
+    vector<T> Sa(N);
     make_share(Sa,a,N,key,G);
     for (int j=0; j<N; j++)
       Sa[j].output(outf[j],false);