-
Notifications
You must be signed in to change notification settings - Fork 55
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Mascot preprocessing #214
Mascot preprocessing #214
Changes from 250 commits
475d7e6
ef1ae3b
80fea70
6410b47
5a75335
0fb5f37
0b0ef78
f6d6130
d1ef72c
2628bad
cddf71b
77293d3
441faf1
a4b0f7f
fee5111
d29319b
c885ef0
ab27b7e
cde82cd
521683f
3017f70
2be3d88
eba224d
a33e9d0
0dc900b
39c9d0e
9f0aa75
bcc7f97
e5664d7
1e71e63
f49ce5a
a695da0
d6843a3
2bec9f7
7764a89
ba4cea6
53aa0d1
ad1f0dc
7a268ee
7e4bd14
2075162
9ad92d6
a766dc8
b9ac7c7
25cd81a
592c79d
8bbe016
6fee855
b10cd9a
b657cbb
9973510
7dccfbb
8a61bd5
4d570de
0411b01
3df34e7
3e787c7
a09619d
0c60216
70b1cc0
d768dd2
42ff6d3
72c079b
8720fb7
c14b09a
3393d4d
1767295
7207137
76a77ae
0597689
25c401b
78a9a18
8674811
d5a27be
4200ed7
d4a348f
a3a723c
8386976
66b3704
5abc572
7aad14d
a592856
818d7f3
71701c9
d3ed1de
1dbd682
8e33202
afc916a
b545f66
ecbe998
d76a04c
14cbe15
2926656
f7a1bf9
8eff04f
b51e7a3
72ce3c2
d7c65fb
3b006ea
90dd89e
6f51b29
3670904
f664779
77a1284
97a73e4
316877c
fd164bc
4a35d27
1f1a98f
d894e9f
a706b02
bc8d0e1
a5f81d8
ff34421
5304bca
302c1ee
582e4d0
7d2730f
df12821
474d959
2f8b599
4ddc7ee
57beda6
c6e7acd
26ee9fe
700f39f
8ef1bfc
767ccdf
8ded3d4
a565a36
dafa76b
9504f54
8a9fc0d
62b4cd8
0ef3293
822e277
6558b52
ed39ade
be95f5b
1004436
ed0deb3
36a12df
7cbc4e1
355d257
433a70b
d834519
e47def4
884bded
bf548fe
8714c68
3660d44
7a3ea70
4bc08be
00db1e6
ac09a69
ae27bec
08f1df9
013b563
962f22b
aa49d75
6cf5b41
cf5defc
7d902d6
72f0ce1
8edb13d
75a9af3
87e7df7
8a77b1a
a139279
4827507
251f992
c4f8d58
e480087
18e2e06
5409fd7
134c7d4
3ffb976
5225e32
4bbc40d
2c47876
c4e7bb8
d2d95b5
e24a032
4adac97
3721287
6fa0fa0
8959d7a
661ca23
8442274
fe39de3
4f9ddc7
60bc41b
d97bbbc
b690354
09a5e1c
777058e
eb0e283
207793e
1dacaf0
37f83f5
d67a139
6f5165c
437ba26
75d5f85
b553665
1c536b9
4a5bed9
292824a
880ca0f
01e9333
a77dd25
69dbf23
386af02
22a0dda
6ae5248
6b0b324
17bf5b8
3352ffd
c9ba991
cb5ed62
5f1d1d6
fb3f3a7
c407521
b976d0a
3a44eb5
32c4d6c
6000178
a57251a
21e9cb2
094104c
bf10664
1c181bf
2714818
2c242e1
c7636d4
aa33a06
dddb173
5451ba6
c13540a
5f83849
2a93dfd
d258a94
06f4731
c901c59
6bd02da
8ad218e
3e61953
0515efa
faa7e12
fcc0a55
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,116 @@ | ||
package dk.alexandra.fresco.commitment; | ||
|
||
import dk.alexandra.fresco.framework.MaliciousException; | ||
import dk.alexandra.fresco.framework.util.Drbg; | ||
import dk.alexandra.fresco.framework.util.ExceptionConverter; | ||
import java.security.MessageDigest; | ||
import java.util.Arrays; | ||
|
||
/** | ||
* Class representing a hash-based commitment. Secure assuming that SHA-256 is a | ||
* random oracle. An instantiated object represents a commitment by itself and | ||
* does <b>not</b> contain any secret information. An object gets instantiated | ||
* by calling the commit command. | ||
* <p> | ||
* The scheme itself is based on the ROM folklore scheme where the message to | ||
* commit to is concatenated with a random string and then hashed. The hash | ||
* digest serves as the commitment itself and the opening is the randomness and | ||
* the message committed to. | ||
* </p> | ||
* | ||
*/ | ||
public class HashBasedCommitment { | ||
|
||
private static final String HASH_ALGORITHM = "SHA-256"; | ||
/** | ||
* The length of the hash digest along with the randomness used. | ||
*/ | ||
public static final int DIGEST_LENGTH = 32; // 256 / 8 bytes | ||
/** | ||
* The actual value representing the commitment. | ||
*/ | ||
private byte[] commitmentVal = null; | ||
private final MessageDigest digest; | ||
|
||
/** | ||
* Constructs a new commitment, not yet committed to any value. | ||
*/ | ||
public HashBasedCommitment() { | ||
digest = ExceptionConverter.safe( | ||
() -> MessageDigest.getInstance(HASH_ALGORITHM), | ||
"Missing secure, hash function which is dependent in this library"); | ||
} | ||
|
||
/** | ||
* Initializes the commitment to commit to a specific value and returns the opening information. | ||
* | ||
* @param rand | ||
* A cryptographically secure randomness generator. | ||
* @param value | ||
* The element to commit to. | ||
* @return The opening information needed to open the commitment. | ||
*/ | ||
public byte[] commit(Drbg rand, byte[] value) { | ||
if (commitmentVal != null) { | ||
throw new IllegalStateException("Already committed"); | ||
} | ||
// Sample a sufficient amount of random bits | ||
byte[] randomness = new byte[DIGEST_LENGTH]; | ||
rand.nextBytes(randomness); | ||
// Construct an array to contain the bytes to hash | ||
byte[] openingInfo = new byte[value.length + randomness.length]; | ||
System.arraycopy(value, 0, openingInfo, 0, value.length); | ||
System.arraycopy(randomness, 0, openingInfo, value.length, | ||
randomness.length); | ||
commitmentVal = digest.digest(openingInfo); | ||
return openingInfo; | ||
} | ||
|
||
/** | ||
* Opens a committed object using information returned from the {@code commit} command. | ||
* | ||
* @param openingInfo | ||
* The data needed to open this given commitment. | ||
* @return The value that was committed to. | ||
*/ | ||
public byte[] open(byte[] openingInfo) { | ||
if (commitmentVal == null) { | ||
throw new IllegalStateException("No commitment to open"); | ||
} | ||
if (openingInfo.length < DIGEST_LENGTH) { | ||
throw new MaliciousException( | ||
"The opening info is too small to be a commitment."); | ||
} | ||
// Hash the opening info and verify that it matches the value stored in | ||
// "commitmentValue" | ||
byte[] digestValue = digest.digest(openingInfo); | ||
if (Arrays.equals(digestValue, commitmentVal)) { | ||
// Extract the randomness and the value committed to from the openingInfo | ||
// The value comes first | ||
byte[] value = new byte[openingInfo.length - DIGEST_LENGTH]; | ||
System.arraycopy(openingInfo, 0, value, 0, value.length); | ||
return value; | ||
} else { | ||
throw new MaliciousException("The opening info does not match the commitment."); | ||
} | ||
} | ||
|
||
/** | ||
* Returns the byte array value that is the actual commitment. | ||
* | ||
* @return the byte array commitment | ||
*/ | ||
byte[] getCommitmentValue() { | ||
return commitmentVal; | ||
} | ||
|
||
/** | ||
* Sets the commitment value. | ||
* | ||
* @param commitmentValue | ||
* the commitment value | ||
*/ | ||
void setCommitmentValue(byte[] commitmentValue) { | ||
this.commitmentVal = commitmentValue; | ||
} | ||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,63 @@ | ||
package dk.alexandra.fresco.commitment; | ||
|
||
import dk.alexandra.fresco.framework.network.serializers.ByteSerializer; | ||
|
||
import java.util.ArrayList; | ||
import java.util.List; | ||
|
||
public class HashBasedCommitmentSerializer implements ByteSerializer<HashBasedCommitment> { | ||
|
||
@Override | ||
public byte[] serialize(HashBasedCommitment comm) { | ||
return comm.getCommitmentValue(); | ||
} | ||
|
||
@Override | ||
public byte[] serialize(List<HashBasedCommitment> elements) { | ||
if (elements.isEmpty()) { | ||
return new byte[] {}; | ||
} | ||
// A serialized commitment only consists of its internal digest | ||
byte[] commList = new byte[elements.size() * HashBasedCommitment.DIGEST_LENGTH]; | ||
// Ensure all field elements are in the same field and have same bit length | ||
for (int i = 0; i < elements.size(); i++) { | ||
System.arraycopy(elements.get(i).getCommitmentValue(), 0, commList, | ||
i * HashBasedCommitment.DIGEST_LENGTH, HashBasedCommitment.DIGEST_LENGTH); | ||
} | ||
return commList; | ||
} | ||
|
||
@Override | ||
public HashBasedCommitment deserialize(byte[] data) { | ||
if (data.length != HashBasedCommitment.DIGEST_LENGTH) { | ||
throw new IllegalArgumentException( | ||
"The length of the byte array to deserialize is wrong."); | ||
} | ||
HashBasedCommitment comm = new HashBasedCommitment(); | ||
comm.setCommitmentValue(data.clone()); | ||
return comm; | ||
} | ||
|
||
@Override | ||
public List<HashBasedCommitment> deserializeList(byte[] data) { | ||
if (data.length % HashBasedCommitment.DIGEST_LENGTH != 0) { | ||
throw new IllegalArgumentException( | ||
"The length of the byte array to deserialize is wrong."); | ||
} | ||
if (data.length == 0) { | ||
return new ArrayList<>(); | ||
} | ||
// A serialized commitment only consists of its internal digest | ||
List<HashBasedCommitment> res = new ArrayList<>( | ||
data.length / HashBasedCommitment.DIGEST_LENGTH); | ||
for (int i = 0; i < data.length / HashBasedCommitment.DIGEST_LENGTH; i++) { | ||
HashBasedCommitment comm = new HashBasedCommitment(); | ||
byte[] commVal = new byte[HashBasedCommitment.DIGEST_LENGTH]; | ||
System.arraycopy(data, i * HashBasedCommitment.DIGEST_LENGTH, | ||
commVal, 0, HashBasedCommitment.DIGEST_LENGTH); | ||
comm.setCommitmentValue(commVal); | ||
res.add(comm); | ||
} | ||
return res; | ||
} | ||
} |
This file was deleted.
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
|
||
package dk.alexandra.fresco.framework; | ||
|
||
/** | ||
* Runtime exception to be thrown if and only if data received from another party does not follow | ||
* the protocol specification. By definition this is considered a malicious act. Data received is | ||
* not limited to raw data, but also any kind of local processing of raw data. | ||
*/ | ||
@SuppressWarnings("serial") | ||
public class MaliciousException extends RuntimeException { | ||
|
||
public MaliciousException(String message) { | ||
super(message); | ||
} | ||
|
||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,26 +1,64 @@ | ||
package dk.alexandra.fresco.framework; | ||
|
||
import dk.alexandra.fresco.framework.builder.ProtocolBuilder; | ||
import dk.alexandra.fresco.framework.network.Network; | ||
import dk.alexandra.fresco.framework.sce.resources.ResourcePool; | ||
|
||
/** | ||
* An evaluator is responsible for evaluating each native gate. Every protocol is reduced to a | ||
* number of native gates. These are then evaluated in batches (the amount of native protocols per | ||
* batch can be configured by the user). | ||
* An evaluator is responsible for evaluating each native protocol. Every computation is reduced to | ||
* a number of native protocols. These are then evaluated in batches (the amount of native | ||
* protocols per batch can be configured by the user). | ||
* | ||
* @param <ResourcePoolT> The type of resource pool | ||
* @param <Builder> The type of builder this evaluator supports | ||
*/ | ||
public interface ProtocolEvaluator<ResourcePoolT extends ResourcePool, Builder extends ProtocolBuilder> { | ||
public interface ProtocolEvaluator<ResourcePoolT extends ResourcePool> { | ||
|
||
/** | ||
* Evaluates all gates produced by a GateProducer. | ||
* Evaluates all gates produced by a ProtocolProducer. | ||
* | ||
* @param protocolProducer the protocol producer to evaluate | ||
* @param resourcePool the resource pool (for other resources than network) | ||
* @param network network to use for the evaluation | ||
* @return the overall statistics about the evaluation | ||
*/ | ||
void eval(ProtocolProducer protocolProducer, ResourcePoolT resourcePool, Network network); | ||
EvaluationStatistics eval( | ||
ProtocolProducer protocolProducer, ResourcePoolT resourcePool, Network network); | ||
|
||
/** | ||
* Overall statistics about protocol evaluation | ||
*/ | ||
class EvaluationStatistics { | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Do we even need this? This should be part of the performance logging system. |
||
|
||
private final int nativeProtocols; | ||
private final int batches; | ||
|
||
/** | ||
* Createes a new statistics object. | ||
* | ||
* @param nativeProtocols the total number of native protocols in evaluation | ||
* @param batches the total of batches in the evaluation | ||
*/ | ||
public EvaluationStatistics(int nativeProtocols, int batches) { | ||
|
||
this.nativeProtocols = nativeProtocols; | ||
this.batches = batches; | ||
} | ||
|
||
/** | ||
* Returns the total number of native protocols in evaluation. | ||
* | ||
* @return the total number of native protocols in evaluation | ||
*/ | ||
public int getNativeProtocols() { | ||
return nativeProtocols; | ||
} | ||
|
||
/** | ||
* Returns the total of batches in the evaluation. | ||
* | ||
* @return the total of batches in the evaluation | ||
*/ | ||
public int getBatches() { | ||
return batches; | ||
} | ||
} | ||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,45 @@ | ||
package dk.alexandra.fresco.framework.builder.numeric; | ||
|
||
import dk.alexandra.fresco.framework.network.serializers.ByteSerializer; | ||
import dk.alexandra.fresco.framework.sce.resources.ResourcePool; | ||
import dk.alexandra.fresco.suite.ProtocolSuiteNumeric; | ||
import java.math.BigInteger; | ||
|
||
/** | ||
* Every resource pool must have a set of properties available, primarily | ||
* the modulus and a BigInteger serialization. | ||
* <p> | ||
* This is paired with the {@link ProtocolSuiteNumeric}. | ||
*/ | ||
public interface NumericResourcePool extends ResourcePool { | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Interface missing javadoc. Which might help for me in understanding exactly what it is. In my world, resource pools are specific to protocol suites, and I don't think all numeric protocol suites needs access to e.g. a hash algorithm? |
||
|
||
/** | ||
* Gets the modulus. | ||
* | ||
* @return modulus | ||
*/ | ||
BigInteger getModulus(); | ||
|
||
/** | ||
* Gets a serializer for big integer that is aligned with the current system settings in this | ||
* invocation - hence byte length of big integer. | ||
* | ||
* @return the serializer | ||
*/ | ||
ByteSerializer<BigInteger> getSerializer(); | ||
|
||
/** | ||
* Takes a unsigned BigInteger and converts it (reasonable) to a signed version. | ||
* | ||
* @param bigInteger the unsigned BigInteger | ||
* @return the signed BigInteger | ||
*/ | ||
default BigInteger convertRepresentation(BigInteger bigInteger) { | ||
BigInteger modulus = getModulus(); | ||
BigInteger actual = bigInteger.mod(modulus); | ||
if (actual.compareTo(modulus.divide(BigInteger.valueOf(2))) > 0) { | ||
actual = actual.subtract(modulus); | ||
} | ||
return actual; | ||
} | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This ought to have some documentation of how to interpret this type exception.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It has been added in commit 7d2730f and df12821