changeset 1074:64052822e204

Repeat random sharing in byte_sub if masked byte is zero.
author Marcel Keller <mkeller@cs.au.dk>
date Sun, 11 Jan 2009 13:55:47 +0100
parents 936ce049980f
children 249bba0f9ad0
files viff/aes.py
diffstat 1 files changed, 14 insertions(+), 4 deletions(-) [+]
line wrap: on
line diff
--- a/viff/aes.py	Fri Jan 09 15:29:40 2009 +0100
+++ b/viff/aes.py	Sun Jan 11 13:55:47 2009 +0100
@@ -89,10 +89,20 @@
                 # b == 1 if byte is 0, b == 0 else
                 b = bits[0]
 
-                r = self.runtime.prss_share_random(GF256)
-                c = self.runtime.open((byte + b) * r)
-                
-                c.addCallback(lambda c: ~c)
+                r = Share(self.runtime, GF256)
+                c = Share(self.runtime, GF256)
+
+                def get_masked_byte(c_opened, r_related, c, r, byte):
+                    if (c_opened == 0):
+                        r_trial = self.runtime.prss_share_random(GF256)
+                        c_trial = self.runtime.open((byte + b) * r_trial)
+                        c_trial.addCallback(get_masked_byte, r_trial,
+                                            c, r, byte)
+                    else:
+                        r_related.addCallback(r.callback)
+                        c.callback(~c_opened)
+
+                get_masked_byte(0, None, c, r, byte)
                 inverted_byte = c * r - b
 
                 bits = bit_decompose(inverted_byte)