UnauthenticatedCandidate toCandidate(List<FieldElement> masks, List<FieldElement> sacrificeMasks) { FieldElement left = fieldElementUtils.innerProduct(leftFactors, masks); FieldElement prod = fieldElementUtils.innerProduct(product, masks); FieldElement leftSac = fieldElementUtils.innerProduct(leftFactors, sacrificeMasks); FieldElement prodSac = fieldElementUtils.innerProduct(product, sacrificeMasks); return new UnauthenticatedCandidate(left, rightFactor, prod, leftSac, prodSac); } }
/** * Multiplies two lists of field elements, pair-wise. * * @param leftFactors left factors * @param rightFactors right factors * @return list of products */ public List<FieldElement> pairWiseMultiply(List<FieldElement> leftFactors, List<FieldElement> rightFactors) { if (leftFactors.size() != rightFactors.size()) { throw new IllegalArgumentException("Lists must be same size"); } return pairWiseMultiplyStream(leftFactors, rightFactors).collect(Collectors.toList()); }
/** * Creates new {@link FieldElementUtils}. * * @param definition field definition for underlying field element operations */ public FieldElementUtils(FieldDefinition definition) { this.definition = definition; this.generators = precomputeGenerators(); }
.stretch(rightFactors, resourcePool.getNumCandidatesPerTriple()); fieldElementUtils.pairWiseMultiply(leftFactorGroups, stretched); subFactors.add(localSubFactors);
/** * Creates new triple generation protocol. */ public TripleGeneration(MascotResourcePool resourcePool, Network network, ElementGeneration elementGeneration, FieldElementPrg jointSampler) { this.resourcePool = resourcePool; this.fieldElementUtils = new FieldElementUtils(resourcePool.getFieldDefinition()); this.leftMultipliers = new HashMap<>(); this.rightMultipliers = new HashMap<>(); initializeMultipliers(resourcePool, network); this.elementGeneration = elementGeneration; this.jointSampler = jointSampler; }
/** * Computes this party's shares of the final products. <br> For each seed pair (q0, q1) this party * holds, uses q0 to recombine into field elements representing the product shares. * * @param feZeroSeeds the zero choice seeds * @param numRightFactors number of total right factors * @return shares of products */ public List<FieldElement> computeProductShares(List<FieldElement> feZeroSeeds, int numRightFactors) { List<FieldElement> productShares = new ArrayList<>(numRightFactors); for (int rightFactIdx = 0; rightFactIdx < numRightFactors; rightFactIdx++) { int from = rightFactIdx * resourcePool.getModBitLength(); int to = (rightFactIdx + 1) * resourcePool.getModBitLength(); List<FieldElement> subFactors = feZeroSeeds.subList(from, to); FieldElement recombined = fieldElementUtils.recombine(subFactors); productShares.add(recombined.negate()); } return productShares; }
/** * Multiplies each unauthenticated value by this party's mac key share. */ private List<FieldElement> selfMac(List<FieldElement> values) { return fieldElementUtils.scalarMultiply(values, macKeyShare); }
/** * Implements batched version of Sacrifice sub-protocol of Protocol 4. */ private List<MultiplicationTriple> sacrifice(List<AuthenticatedCandidate> candidates) { // step 1 or protocol List<FieldElement> randomCoefficients = jointSampler.getNext(candidates.size()); // step 2 // compute masked values we will open and use in mac-check List<AuthenticatedElement> rhos = computeRhos(candidates, randomCoefficients); // step 3 // open masked values List<FieldElement> openRhos = elementGeneration.open(rhos); // step 4 // compute macs List<AuthenticatedElement> sigmas = computeSigmas(candidates, randomCoefficients, openRhos); // step 5 // put rhos and sigmas together rhos.addAll(sigmas); // pad open rhos with zeroes, one for each sigma List<FieldElement> paddedRhos = fieldElementUtils .padWith(openRhos, resourcePool.getFieldDefinition().createElement(0), sigmas.size()); // run mac-check elementGeneration.check(rhos, paddedRhos); // convert candidates to valid triples and return return toMultTriples(candidates); }
public MultiplyRightHelper(MascotResourcePool resourcePool, Network network, int otherId) { this.resourcePool = resourcePool; this.fieldElementUtils = new FieldElementUtils(resourcePool.getFieldDefinition()); this.rot = resourcePool.createRot(otherId, network); }
diffIdx++; FieldElement productShare = fieldElementUtils.recombine(summands); result.add(productShare);
/** * Computes inner product of elements and powers of twos.<br> e0 * 2**0 + e1 * 2**1 + ... + e(n - * 1) * 2**(n - 1) Elements must have same modulus, otherwise we get undefined behaviour. * * @param elements elements to recombine * @return recombined elements */ public FieldElement recombine(List<FieldElement> elements) { if (elements.size() > definition.getBitLength()) { throw new IllegalArgumentException("Number of elements cannot exceed bit-length"); } return innerProduct(elements, generators.subList(0, elements.size())); }
public MultiplyLeftHelper(MascotResourcePool resourcePool, Network network, int otherId) { this.resourcePool = resourcePool; this.fieldElementUtils = new FieldElementUtils(resourcePool.getFieldDefinition()); this.rot = resourcePool.createRot(otherId, network); }
/** * Computes inner product of two lists of field elements. * * @param left left factors * @param right right factors * @return inner product */ public FieldElement innerProduct(List<FieldElement> left, List<FieldElement> right) { if (left.size() != right.size()) { throw new IllegalArgumentException("Lists must have same size"); } return Addable.sum(pairWiseMultiplyStream(left, right)); }
/** * Performs mac check on opened value. The opened value is a linear combination of a batch of * opened values and random coefficients {@code randomCoefficients}. * * @param value a linear combination of a batch of opened values and random coefficients * @param randomCoefficients random coefficients * @param macs mac shares */ private void runMacCheck(FieldElement value, List<FieldElement> randomCoefficients, List<FieldElement> macs) { // mask and combine macs FieldElement maskedMac = fieldElementUtils.innerProduct(macs, randomCoefficients); // perform mac-check on open masked value macChecker.check(value, macKeyShare, maskedMac); }
/** * Creates new {@link ElementGeneration}. */ public ElementGeneration(MascotResourcePool resourcePool, Network network, FieldElement macKeyShare, FieldElementPrg jointSampler) { this.resourcePool = resourcePool; this.network = network; this.fieldElementUtils = new FieldElementUtils(resourcePool.getFieldDefinition()); this.macChecker = new MacCheck(resourcePool, network); this.macKeyShare = macKeyShare; this.localSampler = resourcePool.getLocalSampler(); this.jointSampler = jointSampler; this.sharer = new AdditiveSecretSharer(localSampler); this.copeSigners = new HashMap<>(); this.copeInputters = new HashMap<>(); initializeCope(resourcePool, network); }
/** * Runs mac-check on opened values. Implements Check sub-protocol of Protocol 3. * * @param sharesWithMacs authenticated shares holding mac shares * @param openValues batch of opened, unchecked values */ public void check(List<AuthenticatedElement> sharesWithMacs, List<FieldElement> openValues) { // will use this to mask macs List<FieldElement> masks = jointSampler.getNext(sharesWithMacs.size()); // only need macs List<FieldElement> macs = sharesWithMacs.stream().map(AuthenticatedElement::getMac).collect(Collectors.toList()); // apply masks to open element so that it matches the macs when we mask them FieldElement open = fieldElementUtils.innerProduct(openValues, masks); runMacCheck(open, masks, macs); }
FieldElement maskedValue = fieldElementUtils.innerProduct(values, coefficients);