changeset 1262:f626a6dfef43

Merged with Janus.
author Marcel Keller <mkeller@cs.au.dk>
date Thu, 08 Oct 2009 14:28:12 +0200
parents ed2d02202af0 bba0fb85c976
children 2fd999c906ca 1deee6ab6af3
files viff/active.py
diffstat 10 files changed, 102 insertions(+), 55 deletions(-) [+]
line wrap: on
line diff
--- a/doc/active.txt	Thu Oct 08 14:27:37 2009 +0200
+++ b/doc/active.txt	Thu Oct 08 14:28:12 2009 +0200
@@ -1,6 +1,6 @@
 
-Actively Secure Protocols
-=========================
+A Thresholdbased Actively Secure Runtime
+========================================
 
 .. automodule:: viff.active
 
--- a/doc/authors.txt	Thu Oct 08 14:27:37 2009 +0200
+++ b/doc/authors.txt	Thu Oct 08 14:28:12 2009 +0200
@@ -15,6 +15,7 @@
 * Marcel Keller <mkeller@cs.au.dk>
 * Tord Reistad
 * Ivan Damgård
+* Janus Dam Nielsen <janus.nielsen@alexandra.dk>
 
 If you have been forgotten, then please checkout `the repository`_,
 add yourself to the list and `send us a patch`_!
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/doc/constants.txt	Thu Oct 08 14:28:12 2009 +0200
@@ -0,0 +1,24 @@
+Constants Module
+================
+
+.. automodule:: viff.constants
+
+   .. attribute:: SHARE
+                  ECHO
+                  READY
+                  SEND
+                  PAILLIER
+                  TEXT
+
+      Constants used by :class:`ShareExchanger` and others when sending 
+      shares and other messages. They serve to distinguish messages sent 
+      with the same program counter from one another.
+
+   .. attribute::INCONSISTENTHASH
+                  OK
+                  HASH
+                  SIGNAL
+
+      Constants used by :class:`HashBroadcastMixin` when sending shares
+      and other messages. They serve to distinguish messages sent with
+      the same program counter from one another.
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/doc/hashbroadcast.txt	Thu Oct 08 14:28:12 2009 +0200
@@ -0,0 +1,12 @@
+
+An Hash Based Broadcast Protocol
+================================
+
+.. automodule:: viff.hash_broadcast
+
+   .. autoclass:: InconsistentHashException
+      :members:
+
+   .. autoclass:: HashBroadcastMixin
+      :members:
+
--- a/doc/implementation.txt	Thu Oct 08 14:27:37 2009 +0200
+++ b/doc/implementation.txt	Thu Oct 08 14:28:12 2009 +0200
@@ -13,9 +13,13 @@
    matrix
    runtime
    passive
-   active
+   active_runtimes
    paillier
    comparison
    prss
    config
    aes
+   constants
+   orlandi
+   hashbroadcast
+
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/doc/orlandi.txt	Thu Oct 08 14:28:12 2009 +0200
@@ -0,0 +1,15 @@
+
+The Orlandi Runtime - An Actively Secure Protocol with Full Threshold
+=======================================================================
+
+.. automodule:: viff.orlandi
+
+   .. autoclass:: OrlandiException
+      :members:
+
+   .. autoclass:: OrlandiShare
+      :members:
+
+   .. autoclass:: OrlandiRuntime
+      :members:
+
--- a/doc/runtime.txt	Thu Oct 08 14:27:37 2009 +0200
+++ b/doc/runtime.txt	Thu Oct 08 14:28:12 2009 +0200
@@ -21,16 +21,6 @@
          or the data itself if data is received from the other player
          before we are ready to use it.
 
-   .. attribute:: SHARE
-                  ECHO
-                  READY
-                  SEND
-                  PAILLIER
-
-      Constants used by :class:`ShareExchanger` when sending shares
-      and other messages. They serve to distinguish messages sent with
-      the same program counter from one another.
-
    .. autofunction:: preprocess
 
       See also :ref:`preprocessing` for more background information.
--- a/doc/todo.txt	Thu Oct 08 14:27:37 2009 +0200
+++ b/doc/todo.txt	Thu Oct 08 14:28:12 2009 +0200
@@ -34,13 +34,6 @@
   make the other honest players crash too, thereby effectively halting
   the protocol.
 
-Self Trust
-----------
-
-Implement an (actively) secure protocol with threshold ``t = n-1``
-based on the "triples approach" of Claudio Orlandi and Jesper Buus
-Nielsen. There will soon be a paper describing the protocol.
-
 Covert Adversaries
 ------------------
 
--- a/viff/active.py	Thu Oct 08 14:27:37 2009 +0200
+++ b/viff/active.py	Thu Oct 08 14:28:12 2009 +0200
@@ -15,7 +15,7 @@
 # You should have received a copy of the GNU Lesser General Public
 # License along with VIFF. If not, see <http://www.gnu.org/licenses/>.
 
-"""Actively secure protocols."""
+"""A thresholdbased actively secure runtime."""
 
 __docformat__ = "restructuredtext"
 
--- a/viff/orlandi.py	Thu Oct 08 14:27:37 2009 +0200
+++ b/viff/orlandi.py	Thu Oct 08 14:28:12 2009 +0200
@@ -345,9 +345,10 @@
 
         Communication cost: none.
 
-        Each party ``P_i`` computes:
-        ``[z]_i = [x]_i + [y]_i
-                = (x_i + y_i mod p, rho_xi + rho_yi mod p, C_x * C_y)``.
+        Each party ``P_i`` computes::
+
+          [z]_i = [x]_i + [y]_i
+                = (x_i + y_i mod p, rho_xi + rho_yi mod p, C_x * C_y)
 
         """
         def is_share(s, field):
@@ -378,9 +379,10 @@
 
         Communication cost: none.
 
-        Each party ``P_i`` computes:
-        ``[z]_i = [x]_i - [y]_i
-                = (x_i - y_i mod p, rho_x,i - rho_y,i mod p, C_x * C_y)``.
+        Each party ``P_i`` computes::
+
+          [z]_i = [x]_i - [y]_i
+                = (x_i - y_i mod p, rho_x,i - rho_y,i mod p, C_x * C_y)
 
         """
         def is_share(s, field):
@@ -424,11 +426,11 @@
         Assume the parties are given a random share ``[r]`` by a trusted dealer. 
         Then we denote the following protocol but ``[x] = Shift(P_i, x, [r])``.
 
-        1) ``r = OpenTo(P_i, [r]``
+        1. ``r = OpenTo(P_i, [r]``
 
-        2) ``P_i broadcasts Delta = r - x``
+        2. ``P_i broadcasts Delta = r - x``
 
-        3) ``[x] = [r] - Delta``
+        3. ``[x] = [r] - Delta``
 
         """
         # TODO: Communitcation costs?
@@ -440,7 +442,7 @@
         def hack(_, peer_id):
             # Assume the parties are given a random share [r] by a trusted dealer.
             share_r = self.random_share(field)
-            # 1) r = OpenTo(P_i, [r])
+            # 1. r = OpenTo(P_i, [r])
             open_r = self.open(share_r, [peer_id])
             def subtract_delta(delta, share_r):
                 delta = field(long(delta))
@@ -676,20 +678,21 @@
         Assuming a set of multiplicative triples:
         ``M = ([a_i], [b_i], [c_i]) for 1 <= i <= 2d + 1``.
 
-        1) ``for i = 1, ..., d do [f_i] = rand(), [g_i] = rand()``
+        1. ``for i = 1, ..., d do [f_i] = rand(), [g_i] = rand()``
 
-        2) ``for j = 1, ..., 2d+1 do
+        2. Compute::
+
+             for j = 1, ..., 2d+1 do
              [F_j] = [x] + SUM_i=1^d [f_i]*j^i 
              and
-             [G_j] = [y] + SUM_i=1^d [g_i]*j^i`` 
+             [G_j] = [y] + SUM_i=1^d [g_i]*j^i
 
-        3) for j = 1, ..., 2d+1 do [H_j] = Mul([F_j], [G_j], [a_j], [b_j], [c_j])
+        3. ``for j = 1, ..., 2d+1 do [H_j] = Mul([F_j], [G_j], [a_j], [b_j], [c_j])``
 
-        4) compute [H_0] = SUM_j=1^2d+1 delta_j[H_j] 
+        4. compute ``[H_0] = SUM_j=1^2d+1 delta_j[H_j]`` where 
+           ``delta_j = PRODUCT_k=1, k!=j^2d+1 k/(k-j)``
 
-        5) output [z] = [H_0]
-
-        delta_j = PRODUCT_k=1, k!=j^2d+1 k/(k-j).
+        5. output ``[z] = [H_0]``
         """
         assert isinstance(share_x, Share) or isinstance(share_y, Share), \
             "At least one of share_x and share_y must be a Share."
@@ -703,7 +706,7 @@
         if cmul_result is not None:
             return cmul_result
 
-        # 1) for i = 1, ..., d do [f_i] = rand(), [g_i] = rand()
+        # 1. for i = 1, ..., d do [f_i] = rand(), [g_i] = rand()
         d = (len(M) - 1) // 2
         deltas = self.compute_delta(d)
         f = []
@@ -787,30 +790,35 @@
     def triple_gen(self, field):
         """Generate a triple ``a, b, c`` s.t. ``c = a * b``.
 
-        1) Every party ``P_i`` chooses random values ``a_i, r_i in Z_p X (Z_p)^2``,
-        compute ``alpha_i = Enc_eki(a_i)`` and ``Ai = Com_ck(a_i, r_i)``, and
-        broadcast them.
+        1. Every party ``P_i`` chooses random values ``a_i, r_i in Z_p X (Z_p)^2``,
+           compute ``alpha_i = Enc_eki(a_i)`` and ``Ai = Com_ck(a_i, r_i)``, and
+           broadcast them.
 
-        2) Every party ``P_j`` does:
-           (a) choose random ``b_j, s_j in Z_p X (Z_p)^2``.
+        2. Every party ``P_j`` does:
 
-           (b) compute ``B_j = ``Com_ck(b_j, s_j)`` and broadcast it.
+           a. choose random ``b_j, s_j in Z_p X (Z_p)^2``.
 
-           (c) ``P_j`` do towards every other party:
+           b. compute ``B_j = ``Com_ck(b_j, s_j)`` and broadcast it.
+
+           c. ``P_j`` do towards every other party:
+
                 i. choose random ``d_ij in Z_p^3``
-               ii. compute and send 
-                   ``gamma_ij = alpha_i^b_j Enc_ek_i(1;1)^d_ij`` to ``P_i``.
 
-        3) Every party ``P_i`` does:
-           (a) compute ``c_i = SUM_j Dec_sk_i(gamma_ij) - SUM_j d_ij mod p``
+                ii. compute and send 
+                    ``gamma_ij = alpha_i^b_j Enc_ek_i(1;1)^d_ij`` to ``P_i``.
 
-           (b) pick random ``t_i in (Z_p)^2``, compute and 
-               broadcast ``C_i = Com_ck(c_i, t_i)``
 
-        4) Everyone computes:
+        3. Every party ``P_i`` does:
+
+           a. compute ``c_i = SUM_j Dec_sk_i(gamma_ij) - SUM_j d_ij mod p``
+
+           b. pick random ``t_i in (Z_p)^2``, compute and 
+              broadcast ``C_i = Com_ck(c_i, t_i)``
+
+        4. Everyone computes:
            ``(A, B, C) = (PRODUCT_i A_i, PRODUCT_i B_i, PRODUCT_i C_i)``
         
-        5) Every party ``P_i`` outputs shares ``[a_i] = (a_i, r_i, A)``, 
+        5. Every party ``P_i`` outputs shares ``[a_i] = (a_i, r_i, A)``, 
            ``[b_i] = (b_i, s_i, B)``, and ``[c_i] = (c_i, t_i, C)``.
 
         """