def Garbled_Garbled_send(src, dst, bitlen, dim, signed, force_bitlen=None, force_signed=None):
state.log.debug("Garbled_Garbled_send: %r, %r, %r, %r, %r, %r, %r)", src, dst, bitlen, dim, signed, force_bitlen, force_signed)
if force_bitlen is not None:
src = src[:force_bitlen]
_sendcost(bitlen * (state.config.symmetric_security_parameter + 1))
_send(src, dst)
if isserver(): # server needs a shadow copy
_sender_copy(src, dst)
def Garbled_Signed_receive(src, dst, bitlen, dim, signed, force_bitlen=None, force_signed=None):
if isserver():
val, signed = _receive(src, dst)
val = value2bits(val, bitlen)
zv = Garbled.get_zero_value(src.gid)
val = bits2value(perm2plain(val, zv))
new = Unsigned(val=val, bitlen=bitlen)
_set_dst(src, dst, new)
else:
_just_receive(src, dst, bitlen, dim, signed)
def affects(methodname, input_types, role):
if __debug__:
state.log.debug("conversions.affects(%r, %r, %r)", methodname, input_types, role)
if methodname in ("GarbledVec_GarbledVec_send", "GarbledVec_GarbledVec_receive",
"Garbled_Garbled_receive", "Garbled_Garbled_send",
"Paillier_Garbled_send", "Paillier_Garbled_receive",
"PaillierVec_GarbledVec_send", "PaillierVec_GarbledVec_receive"):
return isserver() and (Value.S_SETUP | Value.S_ONLINE) or (Value.C_SETUP | Value.C_ONLINE)
elif methodname in (
"PlainVec_GarbledVec_receive", "PlainVec_GarbledVec_send",
"UnsignedVec_GarbledVec_receive", "UnsignedVec_GarbledVec_send",
"SignedVec_GarbledVec_receive", "SignedVec_GarbledVec_send",
"Plain_Garbled_receive", "Plain_Garbled_send",
"Unsigned_Garbled_receive", "Unsigned_Garbled_send",
"Signed_Garbled_receive", "Signed_Garbled_send",
"PaillierVec_GarbledVec_receive", "PaillierVec_GarbledVec_send",
"Paillier_Garbled_receive", "Paillier_Garbled_send"):
return Value.S_SETUP | Value.C_SETUP | Value.C_ONLINE | Value.S_ONLINE
else:
return isserver() and Value.S_ONLINE or Value.C_ONLINE
def Garbled_Garbled_receive(src, dst, bitlen, dim, signed, force_bitlen=None, force_signed=None):
new = _receive(src, dst)
if force_bitlen is not None:
bitlen = force_bitlen
#copy gid from servers shadow copy
if isserver():
if force_bitlen is not None:
src = src[:force_bitlen]
new.gid = src.gid
new._bit_length = bitlen
_set_dst(src, dst, new)
def Garbled_Unsigned_receive(src, dst, bitlen, dim, signed, force_bitlen=None, force_signed=None):
if isserver():
val, signed = _receive(src, dst)
val = value2bits(val, bitlen)
zv = permbits(Garbled.get_zero_value(src.gid))
if signed:
warnings.warn("Loosing Signedness", UserWarningRepeated)
val = abs(bits2value(perm2plain(val, zv)))
else:
val = bits2value(perm2plain(val, zv))
new = Unsigned(val=val, bitlen=bitlen)
_set_dst(src, dst, new)
else:
_just_receive(src, dst, bitlen, dim, signed)
def PaillierVec_GarbledVec_send(src, dst, source_bitlen, source_dim, signed, force_bitlen=None, force_signed=None):
if force_bitlen and (force_signed or (signed and not force_signed == False)):
raise NotImplementedError("forcing bitlen on signeds is not supported now")
if force_bitlen is not None:
diff = source_bitlen - force_bitlen
source_bitlen = force_bitlen
else:
diff = 0
p = partyAttribute
if not isserver():
raise TastySyntaxError("Conversion from Homomorphic to Garbled from Client to Server does not make sense")
# number of maximal bits in content
overallbitlen = _dimtimes(source_dim) * source_bitlen
# we have asymmetric_security_parameter bits to pack into, but need symmetric_security_parameter bits to blind
cpc = state.config.asymmetric_security_parameter - state.config.symmetric_security_parameter - 1
chunksize = cpc / source_bitlen
chunkpayloadbits = chunksize * source_bitlen
chunks = (overallbitlen - 1) / chunkpayloadbits + 1
lastchunksize = overallbitlen % chunkpayloadbits
Homomorphic = tasty.types.Homomorphic
HomomorphicVec = tasty.types.HomomorphicVec
if lastchunksize:
chunksizes = (chunks - 1) * (chunkpayloadbits, ) + (lastchunksize, )
else:
chunksizes = chunks * (chunkpayloadbits, )
if state.precompute:
if lastchunksize:
masks = nogen(get_randomm(0, 2**(chunkpayloadbits + state.config.symmetric_security_parameter) - 1, chunks - 1)) + (mpz(rand.randint(0, 2**(lastchunksize + state.config.symmetric_security_parameter) - 1)),)
else:
masks = nogen(get_randomm(0, 2**(chunkpayloadbits + state.config.symmetric_security_parameter)- 1, chunks))
if force_signed is not None:
signed = force_signed
# generate Mask values
umasks = nogen(Unsigned(val=v, bitlen=l + state.config.symmetric_security_parameter) for v, l in zip(masks, chunksizes))
# homomorphically encrypt masks
hmasks = tuple(tasty.types.Homomorphic(val=mask, signed=False) for mask in umasks)
state.active_party.push_tmpval(hmasks)
# garble first chunkpayloadbits of the masks (manual construction of garbled! Voodoo!)
mgms = []
for mask, chunksize in zip(masks, chunksizes):
state.passive_party._tmp_ = Garbled(bitlen=chunksize, signed=False, val=p)
zv = Garbled.get_zero_value(state.passive_party._tmp_.gid)
state.passive_party._tmp_[:] = plain2garbled(value2bits(mask & (1<<chunksize) - 1, chunksize), zv, state.R)
mgms.append(state.passive_party._tmp_)
state.passive_party.push_tmpval(mgms)
#raise NotImplementedError("COSTS")
# _sendcost(chunks * chunksize[0]
# send garbled masks to client
_send(mgms)
# precompute the first chunkpayloadbits for the garbled masked value
mgvs = []
for chunksize in chunksizes:
mgv = Garbled(bitlen=chunksize, passive=True, val=p, signed=False)
state.passive_party.push_tmpattr(mgv)
mgvs.append(mgv)
# precompute the unmasking and unpacking
rets = []
for mgv, mgm, chunksize in zip(mgvs, mgms, chunksizes):
ret = mgv.unpack(mgm, source_bitlen, chunksize, signed)
state.passive_party.push_tmpattr(ret)
rets.extend(ret)
rets.reverse() # packing works exactly in the oposite direction then unpacking, so reverse here to get original result back
vec = GarbledVec(bitlen=source_bitlen, dim=source_dim, val=rets)
# save shadow copy of resulting GarbledVec
_set_dst(src, dst, vec)
else: # online phase
assert signed == src.signed(), "the analyzer disagrees with the typesystems signedness"
if force_signed is not None:
signed = force_signed
if not isserver():
raise TastySyntaxError("Conversion from Homomorphic to Garbled from Client to Server does not make sense")
# Pack the values with respecting the force_signed and force_bitlen
hmasks = state.active_party.pop_tmpval()
if force_signed is not None: # we must change it to the forced sign
origsigned = src.signed()
src._signed = force_signed
for i in src:
i._signed = force_signed
packed, _, _ = src.pack(-(state.config.symmetric_security_parameter + 1), force_bitlen=force_bitlen)
if force_signed is not None: # no change in the source, so revert changes done before pack()
src._signed = origsigned
for i in src:
i._signed = origsigned
assert len(packed) == len(hmasks), "packing error (%d packed chunks, but %d expected (%r, %r))"%(len(packed), len(hmasks), hmasks, packed)
# mask the packed values
for i, j in zip(packed, hmasks):
i += j
# send packed values to client
_send(packed)
# retrive garbled masks from tmpval-stack
mgms = state.passive_party.pop_tmpval()
# passive part for generation of garbled masked values
mgvs = []
for chunksize in chunksizes:
state.passive_party._tmp_ = state.passive_party.pop_tmpattr()
state.passive_party._tmp_ = Garbled(val=p, bitlen=chunksize, passive=True, signed=False)
mgvs.append(state.passive_party._tmp_)
# passive part of unblinding and unpacking
# rets = []
for mgm, mgv, chunksize in zip(mgms, mgvs, chunksizes):
state.passive_party._tmp_ = state.passive_party.pop_tmpattr()
def Paillier_Garbled_send(src, dst, bitlen, dim, signed, force_bitlen=None, force_signed=None):
if force_bitlen is not None:
diff = bitlen - force_bitlen
bitlen = force_bitlen
else:
diff = 0
masklen = bitlen + state.config.symmetric_security_parameter #
p = partyAttribute
if not isserver():
raise TastySyntaxError("Conversion from Homomorphic to Garbled from Client to Server does not make sense")
if state.precompute:
if force_signed is not None:
signed = force_signed
if signed:
mask = Unsigned(val=rand.randint(2**bitlen - 1, 2**masklen - 1), bitlen=masklen)
# generate the Homomorphic blinding mask and store
else:
mask = Unsigned(val=rand.randint(0, 2**masklen - 1), bitlen=masklen)
hmask = tasty.types.Homomorphic(val=mask, signed=False)
state.active_party.push_tmpattr(hmask)
# Generate the Garbled Blinding Mask
mgm = Garbled(bitlen=bitlen, signed=False, val=p)
mgm.plainmask = mask # save the mask to be able to access it in online phase
state.passive_party.push_tmpattr(mgm) # save the new Garbled
zv = Garbled.get_zero_value(mgm.gid)
mgm[:] = plain2garbled(value2bits(mask.get_value() & ((1<<bitlen) - 1), bitlen), zv, state.R)
_sendcost(state.config.symmetric_security_parameter * bitlen)
_send(mgm)
# Precompute the garbled for the masked plain value
mgv = Garbled(bitlen=bitlen, passive=True, val=p, signed=False)
state.passive_party.push_tmpattr(mgv)
# prepare the addition circuit to remove the mask
ret = mgv.dropmsb_sub(mgm)
# save shadow copy of resulting Garbled
_set_dst(src, dst, ret)
ret.set_bit_length(bitlen)
ret._signed = False # avoid warning here
else:
assert signed == src.signed(), "the analyzer disagrees with the typesystems signedness"
if force_signed is not None:
signed = force_signed
hmask = state.active_party.pop_tmpattr()
mgm = state.passive_party.pop_tmpattr()
state.passive_party._tmp_ = state.passive_party.pop_tmpattr()
# blind the homomorphic and send to other party
hval = src + hmask
hval._bit_length -= diff # force_bitlen
_sendcost(state.config.asymmetric_security_parameter * 2)
_send(hval)
# help to encrypt the masked value into Garbled
state.passive_party._tmp_ = Garbled(bitlen=masklen + 1, passive=True, val=p, signed=signed)
# help removing the mask
ret = state.passive_party._tmp_.dropmsb_sub(mgm)
# tasty calculates theoretical worst case bitlengths. Since we know better,
# we can safely overwrite that
_set_dst(src, dst, ret)
ret.set_bit_length(bitlen)
ret._signed = hval.signed()
def Paillier_Signed_receive(src, dst, bitlen, dim, signed, force_bitlen=None, force_signed=None):
if isserver():
_just_receive(src, dst, bitlen, dim, signed)
else:
_receive_cast(src, dst, Signed, bitlen, dim, signed)