def BitDecFullBig(a): from Compiler.types import sint, regint from Compiler.library import do_while p=program.P bit_length = p.bit_length() abits = [sint(0)]*bit_length bbits = [sint(0)]*bit_length pbits = list(bits(p,bit_length+1)) # Loop until we get some random integers less than p @do_while def get_bits_loop(): # How can we do this with a vectorized load of the bits? XXXX tbits = [sint(0)]*bit_length for i in range(bit_length): tbits[i] = sint.get_random_bit() tbits[i].store_in_mem(i) c = regint(BitLTFull(tbits, pbits, bit_length).reveal()) return (c!=1) for i in range(bit_length): bbits[i]=sint.load_mem(i) b = SumBits(bbits, bit_length) c = (a-b).reveal() czero = (c==0) d = BitAdd(list(bits(c,bit_length)), bbits) q = BitLTFull( pbits, d, bit_length+1) f = list(bits((1<<bit_length)-p,bit_length)) g = [sint(0)]*(bit_length+1) for i in range(bit_length): g[i]=f[i]*q; h = BitAdd(d, g) for i in range(bit_length): abits[i] = (1-czero)*h[i]+czero*bbits[i] return abits
def BitDecFull(a): from Compiler.types import sint, regint from Compiler.library import do_while p = program.P bit_length = p.bit_length() if bit_length > 63: return BitDecFullBig(a) abits = [sint(0)] * bit_length bbits = [sint(0)] * bit_length pbits = list(bits(p, bit_length)) # Loop until we get some random integers less than p @do_while def get_bits_loop(): # How can we do this with a vectorized load of the bits? XXXX tbits = [sint(0)] * bit_length for i in range(bit_length): tbits[i] = sint.get_random_bit() tbits[i].store_in_mem(i) c = regint(BitLTFull(tbits, pbits, bit_length).reveal()) return (c != 1) for i in range(bit_length): bbits[i] = sint.load_mem(i) b = SumBits(bbits, bit_length) # Reveal c in the correct range c = regint((a - b).reveal()) bit = c < 0 c = c + p * bit czero = (c == 0) t = (p - c).bit_decompose(bit_length) q = 1 - BitLTFull(bbits, t, bit_length) fbar = ((1 << bit_length) + c - p).bit_decompose(bit_length) fbard = regint(c).bit_decompose(bit_length) g = [sint(0)] * (bit_length) for i in range(bit_length): g[i] = (fbar[i] - fbard[i]) * q + fbard[i] h = BitAdd(bbits, g) for i in range(bit_length): abits[i] = (1 - czero) * h[i] + czero * bbits[i] return abits
def load_secret_mem(address): return sint.load_mem(address)