def __share_recombine(self, a):
input_shares = shamir.share(a, self.threshold, len(self.players))
output_shares = self._exchange_shares(input_shares)
# Recombine the first 2t+1 output_shares.
result = gatherShares(output_shares[:2 * self.threshold + 1])
result.addCallback(shamir.recombine)
return result
def shamir_share(self, inputters, field, number=None, threshold=None):
"""Secret share *number* over *field* using Shamir's method.
The number is shared using polynomial of degree *threshold*
(defaults to :attr:`threshold`). Returns a list of shares
unless there is only one inputter in which case the
share is returned directly.
In code it is used like this::
a, b, c = runtime.shamir_share([1, 2, 3], Zp, x)
where ``Zp`` is a field and ``x`` is a Python integer holding
the input of each player (three inputs in total).
If only a subset of the players provide input it looks like
this::
if runtime.id == 1:
a = runtime.shamir_share([1], Zp, x)
else:
a = runtime.shamir_share([1], Zp)
Instead of branching when calling :meth:`shamir_share`, one
can give ``None`` as input::
if runtime.id == 1:
x = int(raw_input("Input x: "))
else:
x = None
a = runtime.shamir_share([1], Zp, x)
which might be practical in some cases.
Communication cost: n elements transmitted.
"""
assert number is None or self.id in inputters
if threshold is None:
threshold = self.threshold
results = []
for peer_id in inputters:
# Unique program counter per input.
self.increment_pc()
if peer_id == self.id:
shares = shamir.share(field(number), threshold,
len(self.players))
for other_id, share in shares:
if other_id.value == self.id:
results.append(Share(self, field, share))
else:
self._send_share(other_id.value, share)
else:
results.append(self._expect_share(peer_id, field))
# Unpack a singleton list.
if len(results) == 1:
return results[0]
else:
return results
def share_recombine(number):
shares = shamir.share(number, self.threshold, self.num_players)
exchanged_shares = []
for peer_id, share in shares:
d = self._exchange_shares(peer_id.value, share)
d.addCallback(lambda share, peer_id: (peer_id, share), peer_id)
exchanged_shares.append(d)
# Recombine the first 2t+1 shares.
result = gather_shares(exchanged_shares[:2*self.threshold+1])
result.addCallback(shamir.recombine)
return result
def share_recombine(number):
shares = shamir.share(number, self.threshold, self.num_players)
exchanged_shares = []
for peer_id, share in shares:
d = self._exchange_shares(peer_id.value, share)
d.addCallback(lambda share, peer_id: (peer_id, share), peer_id)
exchanged_shares.append(d)
# Recombine the first 2t+1 shares.
result = gather_shares(exchanged_shares[:2 * self.threshold + 1])
result.addCallback(shamir.recombine)
return result
def test_shamir_share(self):
secret = self.field(17)
shares = shamir.share(secret, 1, 3)
self.assertEquals(shares[0][1], secret)
self.assertEquals(shares[1][1], secret)
self.assertEquals(shares[2][1], secret)
# Shares of seller and buyer bids. Assume that each bidder and seller
# has secret shared the bids and encrypted them for each player. These
# have then been read, decrypted and summed up...
random.seed(0)
# Generate random bids -- we could generate numbers up to 2**l, but
# restricting them to only two digits use less space in the output.
B = [random.randint(1, 2**l) for _ in range(options.count)]
S = [random.randint(1, 2**l) for _ in range(options.count)]
# Make the bids monotone.
B.sort(reverse=True)
S.sort()
seller_bids = [shamir.share(Zp(x), t, n)[id - 1][1] for x in S]
buyer_bids = [shamir.share(Zp(x), t, n)[id - 1][1] for x in B]
def auction(rt):
def debug(low, mid, high):
string = [" " for _ in range(high + 1)]
string[low] = " |"
string[mid] = " ^"
string[high] = " |"
print "B: " + " ".join(["%2d" % b for b in B])
print "S: " + " ".join(["%2d" % s for s in S])
print " " + " ".join(["%2d" % x for x in range(len(B) + 1)])
print " " + " ".join(string)
def test_shamir_share(self):
secret = self.field(17)
shares = shamir.share(secret, 1, 3)
self.assertEquals(shares[0][1], secret)
self.assertEquals(shares[1][1], secret)
self.assertEquals(shares[2][1], secret)
# Shares of seller and buyer bids. Assume that each bidder and seller
# has secret shared the bids and encrypted them for each player. These
# have then been read, decrypted and summed up...
random.seed(0)
# Generate random bids -- we could generate numbers up to 2**l, but
# restricting them to only two digits use less space in the output.
B = [random.randint(1, 2**l) for _ in range(options.count)]
S = [random.randint(1, 2**l) for _ in range(options.count)]
# Make the bids monotone.
B.sort(reverse=True)
S.sort()
seller_bids = [shamir.share(Zp(x), t, n)[id-1][1] for x in S]
buyer_bids = [shamir.share(Zp(x), t, n)[id-1][1] for x in B]
def auction(rt):
def debug(low, mid, high):
string = [" " for _ in range(high+1)]
string[low] = " |"
string[mid] = " ^"
string[high] = " |"
print "B: " + " ".join(["%2d" % b for b in B])
print "S: " + " ".join(["%2d" % s for s in S])
print " " + " ".join(["%2d" % x for x in range(len(B)+1)])
print " " + " ".join(string)
def shamir_share(self, inputters, field, number=None, threshold=None):
"""Secret share *number* over *field* using Shamir's method.
The number is shared using polynomial of degree *threshold*
(defaults to :attr:`threshold`). Returns a list of shares
unless there is only one inputter in which case the
share is returned directly.
In code it is used like this::
a, b, c = runtime.shamir_share([1, 2, 3], Zp, x)
where ``Zp`` is a field and ``x`` is a Python integer holding
the input of each player (three inputs in total).
If only a subset of the players provide input it looks like
this::
if runtime.id == 1:
a = runtime.shamir_share([1], Zp, x)
else:
a = runtime.shamir_share([1], Zp)
Instead of branching when calling :meth:`shamir_share`, one
can give ``None`` as input::
if runtime.id == 1:
x = int(raw_input("Input x: "))
else:
x = None
a = runtime.shamir_share([1], Zp, x)
which might be practical in some cases.
Communication cost: n elements transmitted.
"""
assert number is None or self.id in inputters
if threshold is None:
threshold = self.threshold
results = []
for peer_id in inputters:
# Unique program counter per input.
self.increment_pc()
if peer_id == self.id:
pc = tuple(self.program_counter)
shares = shamir.share(field(number), threshold,
self.num_players)
for other_id, share in shares:
if other_id.value == self.id:
results.append(Share(self, share.field, share))
else:
self.protocols[other_id.value].sendShare(pc, share)
else:
results.append(self._expect_share(peer_id, field))
# do actual communication
self.activate_reactor()
# Unpack a singleton list.
if len(results) == 1:
return results[0]
else:
return results