async def is_zero_public(self, a) -> Future:
"""Secure public zero test of a."""
stype = type(a)
field = stype.field
m = len(self.parties)
t = self.threshold
if stype.__name__.startswith('SecFld'):
prfs = self.parties[self.pid].prfs(field.order)
while True:
r, s = self._randoms(field, 2)
z = thresha.pseudorandom_share_zero(field, m, self.pid, prfs,
self._prss_uci(), 1)
if await self.output(r * s + z[0], threshold=2 * t):
break
else:
r = self._random(field) #failure shared r is 0 with prob. 1/p
a = await gather_shares(a)
if stype.__name__.startswith('SecFld'):
z = thresha.pseudorandom_share_zero(field, m, self.pid, prfs,
self._prss_uci(), 1)
b = a * r + z[0]
else:
b = a * r
c = await self.output(b, threshold=2 * t)
return c == 0
def test_prss(self):
field = self.f256
key = int('0x00112233445566778899aabbccddeeff',
16).to_bytes(16, byteorder='little')
bound = 256 # field.modulus
F = thresha.PRF(key, bound)
m = 1
pid = 0
prfs = {(0, ): F}
uci = 'test uci'.encode()
n = 8
a = F(uci, n)
shares = thresha.pseudorandom_share(field, m, pid, prfs, uci, n)
b = thresha.recombine(field, [(1, shares)])
self.assertEqual(a, [s.value for s in b])
a = [0] * n
shares = thresha.pseudorandom_share_zero(field, m, pid, prfs, uci, n)
b = thresha.recombine(field, [(1, shares)])
self.assertEqual(a, b)
m = 3
pid = 0
prfs = {(0, 1): F, (0, 2): F} # reuse dummy PRF
shares0 = thresha.pseudorandom_share_zero(field, m, pid, prfs, uci, n)
pid = 1
prfs = {(0, 1): F, (1, 2): F} # reuse dummy PRF
shares1 = thresha.pseudorandom_share_zero(field, m, pid, prfs, uci, n)
pid = 2
prfs = {(0, 2): F, (1, 2): F} # reuse dummy PRF
shares2 = thresha.pseudorandom_share_zero(field, m, pid, prfs, uci, n)
b = thresha.recombine(field, [(1, shares0), (2, shares1),
(3, shares2)])
self.assertEqual(a, b)
async def is_zero_public(self, a) -> Future:
"""Secure public zero test of a."""
stype = type(a)
field = stype.field
m = len(self.parties)
t = self.threshold
if issubclass(stype, SecureFiniteField):
prfs = self.prfs(field.order)
while True:
r, s = self._randoms(field, 2)
z = thresha.pseudorandom_share_zero(field, m, self.pid, prfs, self._prss_uci(), 1)
if await self.output(r * s + z[0], threshold=2 * t):
break
else:
r = self._random(field) # NB: failure r=0 with probability 1/p
a = await gather_shares(a)
if issubclass(stype, SecureFiniteField):
z = thresha.pseudorandom_share_zero(field, m, self.pid, prfs, self._prss_uci(), 1)
b = a * r + z[0]
else:
b = a * r
c = await self.output(b, threshold=2 * t)
return c == 0
async def random_bits(self, sftype, n, signed=False):
"""n secure uniformly random bits of the given type."""
prss0 = False
f1 = 1
if issubclass(sftype, Share):
await returnType((sftype, True), n)
field = sftype.field
if sftype.__name__.startswith('SecFld'):
prss0 = True
f1 = field.lshift_factor
else:
await returnType(Future)
field = sftype
m = len(self.parties)
if not isinstance(field.modulus, int):
prfs = self.parties[self.pid].prfs(2)
bits = thresha.pseudorandom_share(field, m, self.pid, prfs,
self._prss_uci(), n)
return bits
bits = [None] * n
p = field.modulus
if not signed:
q = (p + 1) >> 1 # q = 1/2 mod p
prfs = self.parties[self.pid].prfs(p)
t = self.threshold
h = n
while h > 0:
rs = thresha.pseudorandom_share(field, m, self.pid, prfs,
self._prss_uci(), h)
# Compute and open the squares and compute square roots.
r2s = [r * r for r in rs]
if prss0:
z = thresha.pseudorandom_share_zero(field, m, self.pid, prfs,
self._prss_uci(), h)
for i in range(h):
r2s[i] += z[i]
r2s = await self.output(r2s, threshold=2 * t)
for r, r2 in zip(rs, r2s):
if r2.value != 0:
h -= 1
s = r.value * r2.sqrt(INV=True).value
if not signed:
s += 1
s %= p
s *= q
bits[h] = field(f1 * s)
return bits
def test_prss(self):
field = self.f19
key = b'00112233445566778899aabbccddeeff'
max = field.modulus
F = thresha.PRF(key, max)
n = 1
id = 0
prfs = {frozenset([0]): F}
uci = 'test uci'
m = 8
a = F(uci, m)
shares = thresha.pseudorandom_share(field, n, id, prfs, uci, m)
b = thresha.recombine(field, [(1, shares)])
self.assertEqual(a, b)
a = [0] * m
shares = thresha.pseudorandom_share_zero(field, n, id, prfs, uci, m)
b = thresha.recombine(field, [(1, shares)])
self.assertEqual(a, b)
async def random_bits(self, sftype, m):
"""m secure random bits of the given type."""
prss0 = False
f1 = 1
if issubclass(sftype, Share):
await returnType((sftype, True), m)
field = sftype.field
if sftype.__name__.startswith('SecFld'):
prss0 = True
f1 = 1 << sftype.field.frac_length
else:
await returnType(Share)
field = sftype
bits = [None] * m
p = field.modulus
q = (p + 1) >> 1 # q = 1/2 mod p
prfs = self.parties[self.id].prfs(p)
h = m
while h > 0:
rs = thresha.pseudorandom_share(field, len(self.parties), self.id,
prfs, self._prss_uci(), h)
# Compute and open the squares and compute square roots.
r2s = [r * r for r in rs]
if prss0:
z = thresha.pseudorandom_share_zero(field, len(self.parties),
self.id, prfs,
self._prss_uci(), h)
for i in range(h):
r2s[i] += z[i]
r2s = await self.output(r2s, threshold=2 * self.threshold)
for r, r2 in zip(rs, r2s):
if r2.value != 0:
h -= 1
bits[h] = field(
f1 * ((r.value * r2.sqrt(INV=True).value + 1) % p) * q)
return bits
