def PRandM(r_dprime, r_prime, b, k, m, kappa, use_dabit=True): """ r_dprime = random secret integer in range [0, 2^(k + kappa - m) - 1] r_prime = random secret integer in range [0, 2^m - 1] b = array containing bits of r_prime """ program.curr_tape.require_bit_length(k + kappa) from .types import sint if program.use_edabit() and m > 1 and not const_rounds: movs(r_dprime, sint.get_edabit(k + kappa - m, True)[0]) tmp, b[:] = sint.get_edabit(m, True) movs(r_prime, tmp) return t = [[program.curr_block.new_reg('s') for j in range(2)] for i in range(m)] t[0][1] = b[-1] PRandInt(r_dprime, k + kappa - m) # r_dprime is always multiplied by 2^m if use_dabit and program.use_dabit and m > 1 and not const_rounds: r, b[:] = zip(*(sint.get_dabit() for i in range(m))) r = sint.bit_compose(r) movs(r_prime, r) return bit(b[-1]) for i in range(1, m): adds(t[i][0], t[i - 1][1], t[i - 1][1]) bit(b[-i - 1]) adds(t[i][1], t[i][0], b[-i - 1]) movs(r_prime, t[m - 1][1])
def __init__(self, elements=None, length=None, input_length=None): if length: assert isinstance(elements, sint) if Program.prog.use_split(): x = elements.split_to_two_summands(length) v = sbitint.carry_lookahead_adder(x[0], x[1], fewer_inv=True) else: prog = Program.prog if not prog.options.ring: # force the use of edaBits backup = prog.use_edabit() prog.use_edabit(True) from Compiler.floatingpoint import BitDecFieldRaw self.v = BitDecFieldRaw(elements, input_length or prog.bit_length, length, prog.security) prog.use_edabit(backup) return l = int(Program.prog.options.ring) r, r_bits = sint.get_edabit(length, size=elements.size) c = ((elements - r) << (l - length)).reveal() c >>= l - length cb = [(c >> i) for i in range(length)] x = sbitintvec.from_vec(r_bits) + sbitintvec.from_vec(cb) v = x.v self.v = v[:length] elif elements is not None and not (util.is_constant(elements) and \ elements == 0): self.v = sbits.trans(elements)
def MaskingBitsInRing(m, strict=False): from Compiler.types import sint if program.use_edabit(): return sint.get_edabit(m, strict) elif program.use_dabit: r, r_bin = zip(*(sint.get_dabit() for i in range(m))) else: r = [sint.get_random_bit() for i in range(m)] r_bin = r return sint.bit_compose(r), r_bin
def __init__(self, elements=None, length=None): if length: assert isinstance(elements, sint) if Program.prog.use_split(): x = elements.split_to_two_summands(length) v = sbitint.carry_lookahead_adder(x[0], x[1], fewer_inv=True) else: assert Program.prog.options.ring l = int(Program.prog.options.ring) r, r_bits = sint.get_edabit(length, size=elements.size) c = ((elements - r) << (l - length)).reveal() c >>= l - length cb = [(c >> i) for i in range(length)] x = sbitintvec.from_vec(r_bits) + sbitintvec.from_vec(cb) v = x.v self.v = v[:length] elif elements is not None: self.v = sbits.trans(elements)
def __init__(self, elements=None, length=None): if length: assert isinstance(elements, sint) if Program.prog.use_split(): n = Program.prog.use_split() columns = [[sbits.get_type(elements.size)() for i in range(n)] for i in range(length)] inst.split(n, elements, *sum(columns, [])) x = sbitint.wallace_tree_without_finish(columns, False) v = sbitint.carry_lookahead_adder(x[0], x[1], fewer_inv=True) else: assert Program.prog.options.ring l = int(Program.prog.options.ring) r, r_bits = sint.get_edabit(length, size=elements.size) c = ((elements - r) << (l - length)).reveal() c >>= l - length cb = [(c >> i) for i in range(length)] x = sbitintvec.from_vec(r_bits) + sbitintvec.from_vec(cb) v = x.v self.v = v[:length] elif elements is not None: self.v = sbits.trans(elements)