async def is_zero_public(self, a) -> Future: """Secure public zero test of a.""" stype = type(a) field = stype.field m = len(self.parties) t = self.threshold if stype.__name__.startswith('SecFld'): prfs = self.parties[self.pid].prfs(field.order) while True: r, s = self._randoms(field, 2) z = thresha.pseudorandom_share_zero(field, m, self.pid, prfs, self._prss_uci(), 1) if await self.output(r * s + z[0], threshold=2 * t): break else: r = self._random(field) #failure shared r is 0 with prob. 1/p a = await gather_shares(a) if stype.__name__.startswith('SecFld'): z = thresha.pseudorandom_share_zero(field, m, self.pid, prfs, self._prss_uci(), 1) b = a * r + z[0] else: b = a * r c = await self.output(b, threshold=2 * t) return c == 0
def test_prss(self): field = self.f256 key = int('0x00112233445566778899aabbccddeeff', 16).to_bytes(16, byteorder='little') bound = 256 # field.modulus F = thresha.PRF(key, bound) m = 1 pid = 0 prfs = {(0, ): F} uci = 'test uci'.encode() n = 8 a = F(uci, n) shares = thresha.pseudorandom_share(field, m, pid, prfs, uci, n) b = thresha.recombine(field, [(1, shares)]) self.assertEqual(a, [s.value for s in b]) a = [0] * n shares = thresha.pseudorandom_share_zero(field, m, pid, prfs, uci, n) b = thresha.recombine(field, [(1, shares)]) self.assertEqual(a, b) m = 3 pid = 0 prfs = {(0, 1): F, (0, 2): F} # reuse dummy PRF shares0 = thresha.pseudorandom_share_zero(field, m, pid, prfs, uci, n) pid = 1 prfs = {(0, 1): F, (1, 2): F} # reuse dummy PRF shares1 = thresha.pseudorandom_share_zero(field, m, pid, prfs, uci, n) pid = 2 prfs = {(0, 2): F, (1, 2): F} # reuse dummy PRF shares2 = thresha.pseudorandom_share_zero(field, m, pid, prfs, uci, n) b = thresha.recombine(field, [(1, shares0), (2, shares1), (3, shares2)]) self.assertEqual(a, b)
async def is_zero_public(self, a) -> Future: """Secure public zero test of a.""" stype = type(a) field = stype.field m = len(self.parties) t = self.threshold if issubclass(stype, SecureFiniteField): prfs = self.prfs(field.order) while True: r, s = self._randoms(field, 2) z = thresha.pseudorandom_share_zero(field, m, self.pid, prfs, self._prss_uci(), 1) if await self.output(r * s + z[0], threshold=2 * t): break else: r = self._random(field) # NB: failure r=0 with probability 1/p a = await gather_shares(a) if issubclass(stype, SecureFiniteField): z = thresha.pseudorandom_share_zero(field, m, self.pid, prfs, self._prss_uci(), 1) b = a * r + z[0] else: b = a * r c = await self.output(b, threshold=2 * t) return c == 0
async def random_bits(self, sftype, n, signed=False): """n secure uniformly random bits of the given type.""" prss0 = False f1 = 1 if issubclass(sftype, Share): await returnType((sftype, True), n) field = sftype.field if sftype.__name__.startswith('SecFld'): prss0 = True f1 = field.lshift_factor else: await returnType(Future) field = sftype m = len(self.parties) if not isinstance(field.modulus, int): prfs = self.parties[self.pid].prfs(2) bits = thresha.pseudorandom_share(field, m, self.pid, prfs, self._prss_uci(), n) return bits bits = [None] * n p = field.modulus if not signed: q = (p + 1) >> 1 # q = 1/2 mod p prfs = self.parties[self.pid].prfs(p) t = self.threshold h = n while h > 0: rs = thresha.pseudorandom_share(field, m, self.pid, prfs, self._prss_uci(), h) # Compute and open the squares and compute square roots. r2s = [r * r for r in rs] if prss0: z = thresha.pseudorandom_share_zero(field, m, self.pid, prfs, self._prss_uci(), h) for i in range(h): r2s[i] += z[i] r2s = await self.output(r2s, threshold=2 * t) for r, r2 in zip(rs, r2s): if r2.value != 0: h -= 1 s = r.value * r2.sqrt(INV=True).value if not signed: s += 1 s %= p s *= q bits[h] = field(f1 * s) return bits
def test_prss(self): field = self.f19 key = b'00112233445566778899aabbccddeeff' max = field.modulus F = thresha.PRF(key, max) n = 1 id = 0 prfs = {frozenset([0]): F} uci = 'test uci' m = 8 a = F(uci, m) shares = thresha.pseudorandom_share(field, n, id, prfs, uci, m) b = thresha.recombine(field, [(1, shares)]) self.assertEqual(a, b) a = [0] * m shares = thresha.pseudorandom_share_zero(field, n, id, prfs, uci, m) b = thresha.recombine(field, [(1, shares)]) self.assertEqual(a, b)
async def random_bits(self, sftype, m): """m secure random bits of the given type.""" prss0 = False f1 = 1 if issubclass(sftype, Share): await returnType((sftype, True), m) field = sftype.field if sftype.__name__.startswith('SecFld'): prss0 = True f1 = 1 << sftype.field.frac_length else: await returnType(Share) field = sftype bits = [None] * m p = field.modulus q = (p + 1) >> 1 # q = 1/2 mod p prfs = self.parties[self.id].prfs(p) h = m while h > 0: rs = thresha.pseudorandom_share(field, len(self.parties), self.id, prfs, self._prss_uci(), h) # Compute and open the squares and compute square roots. r2s = [r * r for r in rs] if prss0: z = thresha.pseudorandom_share_zero(field, len(self.parties), self.id, prfs, self._prss_uci(), h) for i in range(h): r2s[i] += z[i] r2s = await self.output(r2s, threshold=2 * self.threshold) for r, r2 in zip(rs, r2s): if r2.value != 0: h -= 1 bits[h] = field( f1 * ((r.value * r2.sqrt(INV=True).value + 1) % p) * q) return bits