/** * Constructs a new batch of correlated OTs with errors. * * @param size Amount of OTs to construct */ public List<StrictBitVector> extend(int size) { if (size < 1) { throw new IllegalArgumentException("The amount of OTs must be a positive integer"); } if (size % Byte.SIZE != 0) { throw new IllegalArgumentException( "The amount of OTs must be a positive integer divisible by 8"); } int bytesNeeded = size / Byte.SIZE; final List<StrictBitVector> tlist = prgs.parallelStream() .limit(resources.getComputationalSecurityParameter()) .map(drbg -> { byte[] bytes = new byte[bytesNeeded]; drbg.nextBytes(bytes); return bytes; }) .map(StrictBitVector::new) .collect(Collectors.toList()); final List<StrictBitVector> ulist = receiveList(resources.getComputationalSecurityParameter()); IntStream.range(0, resources.getComputationalSecurityParameter()).parallel() .filter(i -> otChoices.getBit(i, false)) .forEach(i -> tlist.get(i).xor(ulist.get(i))); return Transpose.transpose(tlist); }
/** * Construct a sending party for an instance of the random OT extension protocol. * * @param snd * The correlated OT with error sender this protocol will use * @param resources * The common OT extension resources * @param network * The network to use */ public RotSenderImpl(CoteSender snd, OtExtensionResourcePool resources, Network network) { super(resources.getCoinTossing(), resources.getDigest(), resources .getComputationalSecurityParameter()); this.sender = snd; this.resources = resources; this.network = network; }
/** * Construct a receiving party for an instance of the random OT extension protocol. * * @param rec * The correlated OT with error receiver this protocol will use * @param resources * The common OT extension resources * @param network * The network to use */ public RotReceiverImpl(CoteReceiver rec, OtExtensionResourcePool resources, Network network) { super(resources.getCoinTossing(), resources.getDigest(), resources .getComputationalSecurityParameter()); this.receiver = rec; this.resources = resources; this.network = network; }
.limit(resources.getComputationalSecurityParameter()) .map(p -> p.getFirst()) .map(drbg -> { .collect(Collectors.toList()); final List<StrictBitVector> ulist = prgs.parallelStream() .limit(resources.getComputationalSecurityParameter()) .map(p -> p.getSecond()) .map(drbg -> { .collect(Collectors.toList()); ulist.parallelStream().forEach(u -> u.xor(choices)); IntStream.range(0, resources.getComputationalSecurityParameter()).parallel() .forEach(i -> ulist.get(i).xor(tlistZero.get(i))); sendList(ulist);
/** * Construct a sending party for an instance of the correlated OT protocol. * * @param resources The common resource pool needed for OT extension * @param network The network interface. Must not be null and must be initialized. */ public CoteSender(OtExtensionResourcePool resources, Network network) { super(resources.getInstanceId()); this.prgs = new ArrayList<>(resources.getComputationalSecurityParameter()); for (StrictBitVector message : resources.getSeedOts().getLearnedMessages()) { // Initialize the PRGs with the random messages prgs.add(initPrg(message)); } otChoices = resources.getSeedOts().getChoices(); this.resources = resources; this.network = network; }
/** * Constructs a correlated OT extension with errors receiver instance. * * @param resources * The common resource pool needed for OT extension * @param network * The network object used to communicate with the other party */ public CoteReceiver(OtExtensionResourcePool resources, Network network) { super(resources.getInstanceId()); this.prgs = new ArrayList<>(resources.getComputationalSecurityParameter()); for (Pair<StrictBitVector, StrictBitVector> pair : resources.getSeedOts() .getSentMessages()) { Drbg prgZero = initPrg(pair.getFirst()); Drbg prgOne = initPrg(pair.getSecond()); prgs.add(new Pair<>(prgZero, prgOne)); } this.resources = resources; this.network = network; }
int minOts = size + resources.getComputationalSecurityParameter() + resources .getLambdaSecurityParam();
@Override public List<StrictBitVector> extend(StrictBitVector choices) { // The underlying scheme requires computational security parameter plus lambda security // parameter extra OTs int minOts = choices.getSize() + resources.getComputationalSecurityParameter() + resources .getLambdaSecurityParam(); // Round up to nearest two-power, which is required by the underlying scheme int ellPrime = (int) Math.pow(2, Math.ceil(Math.log(minOts) / Math.log(2))); // Extend the choices with random choices for padding StrictBitVector paddingChoices = new StrictBitVector(ellPrime - choices.getSize(), resources .getRandomGenerator()); StrictBitVector extendedChoices = StrictBitVector.concat(choices, paddingChoices); // Use the choices along with the random padding uses for correlated OT with // errors List<StrictBitVector> tlist = receiver.extend(extendedChoices); // Agree on challenges for linear combination test List<StrictBitVector> chiList = getChallenges(ellPrime); StrictBitVector xvec = computeBitLinearCombination(extendedChoices, chiList); network.send(resources.getOtherId(), xvec.toByteArray()); StrictBitVector tvec = computeInnerProduct(chiList, tlist); network.send(resources.getOtherId(), tvec.toByteArray()); // Remove the correlation of the OTs by hashing List<StrictBitVector> vvec = hashBitVector(tlist, choices.getSize()); return vvec; }