Spdz2k develop

core/src/main/java/dk/alexandra/fresco/commitment/.gitignore

@@ -0,0 +1 @@
+/Commitment.java

core/src/main/java/dk/alexandra/fresco/framework/builder/numeric/AdvancedNumeric.java

@@ -3,7 +3,10 @@
 import dk.alexandra.fresco.framework.DRes;
 import dk.alexandra.fresco.framework.builder.ComputationDirectory;
 import dk.alexandra.fresco.framework.util.Pair;
+import dk.alexandra.fresco.framework.value.OInt;
 import dk.alexandra.fresco.framework.value.SInt;
+import dk.alexandra.fresco.lib.math.integer.binary.RandomBitMask;
+
 import java.math.BigInteger;
 import java.util.List;
 
@@ -16,16 +19,27 @@ public interface AdvancedNumeric extends ComputationDirectory {
    * Calculates the sum of all elements in the list.
    *
    * @param elements the elements to sum
-   * @return A deferred result computing the sum of the elements
+   * @return A deferred result computing the sum of the elements inputs should be wrapped in {@link
+   * DRes}, use {@link #sum(DRes)} instead
    */
+  @Deprecated
   DRes<SInt> sum(List<DRes<SInt>> elements);
 
+  /**
+   * Calculates the sum of all elements in the list.
+   *
+   * @param elements the elements to sum
+   * @return A deferred result computing the sum of the elements
+   */
+  DRes<SInt> sum(DRes<List<DRes<SInt>>> elements);
+
   /**
    * Calculates the product of all elements in the list.
    *
    * @param elements the elements to sum
    * @return A deferred result computing the product of the elements
    */
+  @Deprecated
   DRes<SInt> product(List<DRes<SInt>> elements);
 
   /**
@@ -67,7 +81,7 @@ public interface AdvancedNumeric extends ComputationDirectory {
   DRes<List<SInt>> toBits(DRes<SInt> in, int maxInputLength);
 
   /**
-   * Computes the exponentiation of x^e.
+   * Computes the exponentiation of x^e
    *
    * @param x The base
    * @param e The exponent
@@ -77,7 +91,7 @@ public interface AdvancedNumeric extends ComputationDirectory {
   DRes<SInt> exp(DRes<SInt> x, DRes<SInt> e, int maxExponentLength);
 
   /**
-   * Computes the exponentiation of x^e.
+   * Computes the exponentiation of x^e
    *
    * @param x The base
    * @param e The exponent
@@ -96,8 +110,6 @@ public interface AdvancedNumeric extends ComputationDirectory {
   DRes<SInt> exp(DRes<SInt> x, BigInteger e);
 
   /**
-   * Calculating the square root of a given input.
-   *
    * @param input The input.
    * @param maxInputLength An upper bound for <i>log<sub>2</sub>(input)</i>.
    * @return A deferred result computing an approximation of the square root of the input.
@@ -119,7 +131,9 @@ public interface AdvancedNumeric extends ComputationDirectory {
    * @param vectorA The first vector
    * @param vectorB The second vector
    * @return A deferred result computing the inner product of the two given vectors
+   * @deprecated inputs should be wrapped in {@link DRes}
    */
+  @Deprecated
   DRes<SInt> innerProduct(List<DRes<SInt>> vectorA, List<DRes<SInt>> vectorB);
 
   /**
@@ -128,55 +142,101 @@ public interface AdvancedNumeric extends ComputationDirectory {
    * @param vectorA The public vector
    * @param vectorB The secret vector
    * @return A deferred result computing the inner product of the two given vectors
+   * @deprecated inputs should be wrapped in {@link DRes}, use {@link #innerProductWithPublicPart(DRes,
+   * DRes)} instead
    */
+  @Deprecated()
   DRes<SInt> innerProductWithPublicPart(List<BigInteger> vectorA, List<DRes<SInt>> vectorB);
 
+  /**
+   * Computes the inner product between a public vector and a secret vector.
+   *
+   * @param vectorA The public vector
+   * @param vectorB The secret vector
+   * @return A deferred result computing the inner product of the two given vectors
+   */
+  DRes<SInt> innerProductWithPublicPart(DRes<List<OInt>> vectorA,
+      DRes<List<DRes<SInt>>> vectorB);
+
   /**
    * Creates a string of random bits.
    *
    * @param noOfBits The amount of bits to create - i.e. the bit string length.
    * @return A container holding the bit string once evaluated.
+   * @deprecated use {@link #randomBitMask(int)} instead
    */
+  @Deprecated
   DRes<RandomAdditiveMask> additiveMask(int noOfBits);
 
   /**
-   * Calculating the result of right shifting of the input by one.
+   * Creates a random bit mask [b0, ..., bn] along with an {@link SInt} representing the recombined
+   * bits, i.e., sum(2^{i} * bi).
+   *
+   * @param noOfBits The amount of bits
+   * @return A container holding the bit string once evaluated.
+   */
+  DRes<RandomBitMask> randomBitMask(int noOfBits);
+
+  /**
+   * Takes a list of random bits [b0, ..., bn] and generates a random bit mask along with a {@link
+   * SInt} representing the recombined bits, i.e., sum(2^{i} * bi).
    *
+   * @param randomBits The bits to use for the bit mask
+   * @return A container holding the bit mask
+   */
+  DRes<RandomBitMask> randomBitMask(DRes<List<DRes<SInt>>> randomBits);
+
+  /**
+   * Right-shifts input by {@code shifts}. <p>Note that this is a probabilistic method which may
+   * produce an error in the least-significant bit.</p>
+   *
+   * @param input secret value to right shift
+   * @param shifts number of shifts
+   * @param useTruncationPairs indicates whether truncation pairs are available as part of
+   * pre-processing material (this allows for a faster protocol)
+   * @return shifted result
+   */
+  DRes<SInt> truncate(DRes<SInt> input, int shifts, boolean useTruncationPairs);
+
+  default DRes<SInt> truncate(DRes<SInt> input, int shifts) {
+    return truncate(input, shifts, true);
+  }
+
+  /**
+   * Creates truncation pair ({@link TruncationPair}). <p>This method may rely on pre-processed
+   * material in which case it should be overridden by backend suits.</p>
+   *
+   * @param d number of shifts in truncation pair
+   */
+  DRes<TruncationPair> generateTruncationPair(int d);
+
+  /**
    * @param input input.
    * @return A deferred result computing input >> 1
    */
   DRes<SInt> rightShift(DRes<SInt> input);
 
   /**
-   * Calculating the result of right shifting of the input by a given amount.
-   *
    * @param input input.
    * @param shifts Number of shifts
    * @return A deferred result computing input >> shifts
    */
   DRes<SInt> rightShift(DRes<SInt> input, int shifts);
 
   /**
-   * Calculating the result of right shifting of the input by one, including the remainder.
-   *
    * @param input input
-   * @return A deferred result computing<br>
-   *         result: input >> 1<br>
-   *         remainder: The <code>shifts</code> least significant bits of the input with the least
-   *         significant having index 0.
+   * @return A deferred result computing<br> result: input >> 1<br> remainder: The
+   * <code>shifts</code> least significant bits of the input with the least significant having index
+   * 0.
    */
   DRes<RightShiftResult> rightShiftWithRemainder(DRes<SInt> input);
 
   /**
-   * Calculating the result of right shifting of the input by a given amount, including the
-   * remainder.
-   *
    * @param input input
    * @param shifts Number of shifts
-   * @return A deferred result computing <br>
-   *         result: input >> shifts<br>
-   *         remainder: The <code>shifts</code> least significant bits of the input with the least
-   *         significant having index 0.
+   * @return A deferred result computing <br> result: input >> shifts<br> remainder: The
+   * <code>shifts</code> least significant bits of the input with the least significant having index
+   * 0.
    */
   DRes<RightShiftResult> rightShiftWithRemainder(DRes<SInt> input, int shifts);
 
@@ -185,13 +245,13 @@ public interface AdvancedNumeric extends ComputationDirectory {
    *
    * @param input The number to know the bit length of
    * @param maxBitLength The maximum bit length this number can have (if unknown, set this to the
-   *        modulus bit size)
+   * modulus bit size)
    * @return A deferred result computing the bit length of the input number.
    */
   DRes<SInt> bitLength(DRes<SInt> input, int maxBitLength);
 
   /**
-   * Compute the inverse of x within the field of operation.
+   * Compute the inverse of x within the field of operation
    *
    * @param x The element to take the inverse of
    * @return A deferred result computing x^-1 mod p where p is the modulus of the field.
@@ -202,7 +262,7 @@ public interface AdvancedNumeric extends ComputationDirectory {
    * Selects left or right based on condition.
    *
    * @param condition the Computation holding the condition on which to select. Must be either 0 or
-   *        1.
+   * 1.
    * @param left the Computation holding the left argument.
    * @param right the Computation holding the right argument.
    * @return a computation holding either left or right depending on the condition.
@@ -217,7 +277,7 @@ public interface AdvancedNumeric extends ComputationDirectory {
    * @param left The left argument
    * @param right The right argument
    * @return A deferred result computing a pair containing [left, right] if the condition is 0 and
-   *         [right, left] if condition is 1.
+   * [right, left] if condition is 1.
    */
   DRes<Pair<DRes<SInt>, DRes<SInt>>> swapIf(DRes<SInt> condition, DRes<SInt> left,
       DRes<SInt> right);
@@ -246,7 +306,10 @@ public SInt getRemainder() {
 
   /**
    * Container holding a random bitvector and its SInt representation.
+   *
+   * @deprecated values should be wrapped in DRes, use {@link RandomBitMask} instead
    */
+  @Deprecated
   class RandomAdditiveMask {
 
     public final List<DRes<SInt>> bits;
@@ -257,4 +320,32 @@ public RandomAdditiveMask(List<DRes<SInt>> bits, SInt random) {
       this.random = random;
     }
   }
+
+  /**
+   * Generic representation of a truncation pair. <p> A truncation pair is pre-processing material
+   * used for probabilistic truncation. A truncation pair consists of a value r and r^{prime} such
+   * that r^{prime} is a random element and r = r^{prime} / 2^{d}, i.e., r right-shifted by d.</p>
+   */
+  class TruncationPair {
+
+    private final DRes<SInt> rPrime;
+    private final DRes<SInt> r;
+
+    public TruncationPair(
+        DRes<SInt> rPrime,
+        DRes<SInt> r) {
+      this.rPrime = rPrime;
+      this.r = r;
+    }
+
+    public DRes<SInt> getRPrime() {
+      return rPrime;
+    }
+
+    public DRes<SInt> getR() {
+      return r;
+    }
+
+  }
+
 }

core/src/main/java/dk/alexandra/fresco/framework/builder/numeric/BuilderFactoryNumeric.java

@@ -2,26 +2,24 @@
 
 import dk.alexandra.fresco.framework.BuilderFactory;
 import dk.alexandra.fresco.framework.builder.ComputationDirectory;
+import dk.alexandra.fresco.framework.value.OIntArithmetic;
+import dk.alexandra.fresco.framework.value.OIntFactory;
 import dk.alexandra.fresco.lib.compare.MiscBigIntegerGenerators;
 import dk.alexandra.fresco.lib.field.integer.BasicNumericContext;
 import dk.alexandra.fresco.lib.real.AdvancedRealNumeric;
 import dk.alexandra.fresco.lib.real.RealLinearAlgebra;
 import dk.alexandra.fresco.lib.real.RealNumeric;
 import dk.alexandra.fresco.lib.real.RealNumericContext;
 import dk.alexandra.fresco.lib.real.fixed.AdvancedFixedNumeric;
+import dk.alexandra.fresco.lib.real.fixed.DefaultFixedNumeric;
 import dk.alexandra.fresco.lib.real.fixed.FixedLinearAlgebra;
-import dk.alexandra.fresco.lib.real.fixed.FixedNumeric;
 
 /**
- * The core factory to implement when creating a numeric protocol. Every
- * {@link ComputationDirectory} found in this factory will
- * append the produced protocols to the supplied builder. Implementors must provide
- * a {@link Numeric} - being directory for
- * <ul>
- * <li>simple, numeric operations (+, -, *)</li>
- * <li>Open operations for opening a small subset of values used in the control flow (is a<b)<</li>
- * <li>Factories for producing secret shared values</li>
- * </ul>
+ * The core factory to implement when creating a numeric protocol. Every {@link
+ * ComputationDirectory} found in this factory will append the produced protocols to the supplied
+ * builder. Implementors must provide a {@link Numeric} - being directory for <ul> <li>simple,
+ * numeric operations (+, -, *)</li> <li>Open operations for opening a small subset of values used
+ * in the control flow (is a<b)<</li> <li>Factories for producing secret shared values</li> </ul>
  * The other directories have defaults, based on the raw methods, but can be overridden if the
  * particular protocol suite has a more efficient way of e.g. comparing two numbers than a generic
  * approach would have.
@@ -31,31 +29,44 @@ public interface BuilderFactoryNumeric extends BuilderFactory<ProtocolBuilderNum
   BasicNumericContext getBasicNumericContext();
 
   RealNumericContext getRealNumericContext();
-  
+
   Numeric createNumeric(ProtocolBuilderNumeric builder);
 
+  Conversion createConversion(ProtocolBuilderNumeric builder);
+
   MiscBigIntegerGenerators getBigIntegerHelper();
 
+  /**
+   * Returns the backend-specific implementation of {@link OIntFactory}, for converting between
+   * backend-suite representations of open values and native data types.
+   */
+  OIntFactory getOIntFactory();
+
+  /**
+   * Returns the backend-specific implementation of open value arithmetic helper.
+   */
+  OIntArithmetic getOIntArithmetic();
+
   default Comparison createComparison(ProtocolBuilderNumeric builder) {
     return new DefaultComparison(this, builder);
   }
 
   default AdvancedNumeric createAdvancedNumeric(ProtocolBuilderNumeric builder) {
     return new DefaultAdvancedNumeric(this, builder);
   }
-  
+
   default Collections createCollections(ProtocolBuilderNumeric builder) {
     return new DefaultCollections(builder);
   }
-  
+
   default PreprocessedValues createPreprocessedValues(ProtocolBuilderNumeric builder) {
     return new DefaultPreprocessedValues(builder);
   }
-  
+
   default RealNumeric createRealNumeric(ProtocolBuilderNumeric builder) {
-    return new FixedNumeric(builder);
+    return new DefaultFixedNumeric(builder);
   }
-  
+
   default AdvancedRealNumeric createAdvancedRealNumeric(ProtocolBuilderNumeric builder) {
     return new AdvancedFixedNumeric(builder);
   }
@@ -64,7 +75,17 @@ default RealLinearAlgebra createRealLinearAlgebra(ProtocolBuilderNumeric builder
     return new FixedLinearAlgebra(builder);
   }
 
-
+  default Logical createLogical(ProtocolBuilderNumeric builder) {
+    return new DefaultLogical(builder);
+  }
+
+  // TODO this is a hack to enable logical operations over arithmetic values in Spdz2k.
+  // we need a way of gracefully handling protocol suites that support both arithmetic and boolean
+  // operations
+  default Logical createLogicalArithmetic(ProtocolBuilderNumeric builder) {
+    return new DefaultLogical(builder);
+  }
+
   /**
    * Returns a builder which can be helpful while developing a new protocol. Be very careful though,
    * to include this in any production code since the debugging opens values to all parties.