Rep4, SPDZ-wise, MNIST training

• Rep4: honest-majority four-party computation with malicious security
• SY/SPDZ-wise: honest-majority computation with malicious security based on replicated or Shamir secret sharing
• Training with a sequence of dense layers
• Training and inference for multi-class classification
• Local share conversion for semi-honest protocols based on additive secret sharing modulo a power of two
• edaBit generation based on local share conversion
• Optimize exponentiation with local share conversion
• Optimize Shamir pseudo-random secret sharing using a hyper-invertible matrix
• Mathematical functions (exponentiation, logarithm, square root, and trigonometric functions) with binary circuits
• Direct construction of fixed-point values from any type, breaking sfix(x) where x is the integer representation of a fixed-point number. Use sfix._new(x) instead.
• Optimized dot product for sfix
• Matrix multiplication via operator overloading uses VM-optimized multiplication.
• Fake preprocessing for daBits and edaBits
• Fixed security bug: insufficient randomness in SemiBin random bit generation.
• Fixed security bug: insufficient randomization of FKOS15 inputs.
• Fixed security bug in binary computation with SPDZ(2k).

Various improvements

• Streamline inputs to binary circuits
• Improved private output
• Emulator for arithmetic circuits
• Efficient dot product with Shamir's secret sharing
• Lower memory usage for TensorFlow inference
• This version breaks bytecode compatibilty.

Half-gate garbling, native 2D convolution, TensorFlow inference

• Half-gate garbling
• Native 2D convolution
• Inference with some TensorFlow graphs
• MASCOT with several MACs to increase security

Maintenance

• Possibility of using global keyword in loops instead of MemValue
• IEEE754 floating-point functionality using Bristol Fashion circuits

Bristol Fashion, Soho

• Bristol Fashion circuits
• Semi-honest computation with somewhat homomorphic encryption
• Use SSL for client connections
• Client facilities for all arithmetic protocols

edaBits, ChaiGear, TopGear, CCD

• Faster conversion between arithmetic and binary secret sharing using extended daBits
• Optimized daBits
• Optimized logistic regression
• Faster compilation of repetitive code (compiler option -C)
• ChaiGear: HighGear with covert key generation
• TopGear zero-knowledge proofs
• Binary computation based on Shamir secret sharing
• Fixed security bug: Prove correctness of ciphertexts in input tuple generation
• Fixed security bug: Missing check in MASCOT bit generation and various binary computations

Mixed computation, binary computation with XOR-based MACs

• Mixed circuit computation with secret sharing
• Binary computation for dishonest majority using secret sharing as in FKOS15
• Fixed security bug: insufficient OT correlation check in SPDZ2k
• This version breaks bytecode compatibility.

Python 3, semi-honest computation using semi-homomorphic encryption

• Python 3
• Semi-honest computation based on semi-homomorphic encryption
• Access to player information in high-level language

Machine learning functionality, dishonest-majority binary secret sharing

• Machine learning capabilities used for MobileNets inference and the iDASH submission
• Binary computation for dishonest majority using secret sharing
• Mathematical functions from SCALE-MAMBA
• Fixed security bug: CowGear would reuse triples.

ECDSA, more replicated secret sharing

• ECDSA
• Loop unrolling with budget as in HyCC
• Malicious replicated secret sharing for binary circuits
• New variants of malicious replicated secret over rings in Use your Brain!
• MASCOT for any prime larger than 2^64
• Private fixed- and floating-point inputs