Home Explore Help
Sign In
iang
/
prac
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 8f0ea5629f
Branches Tags
prac
/
rdpf.hpp

rdpf.hpp 4.8 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162 
  1. #ifndef __RDPF_HPP__
    2. 

  2. #define __RDPF_HPP__
    3. 

  3. 

  4. #include <vector>
    5. 

  5. #include <iostream>
    6. 

  6. 

  7. #include "mpcio.hpp"
    8. 

  8. #include "coroutine.hpp"
    9. 

  9. #include "types.hpp"
    10. 

  10. 

  11. struct RDPF {
    12. 

  12.     // The 128-bit seed
    13. 

  13.     DPFnode seed;
    14. 

  14.     // correction words; the depth of the DPF is the length of this
    15. 

  15.     // vector
    16. 

  16.     std::vector<DPFnode> cw;
    17. 

  17.     // correction flag bits: the one for level i is bit i of this word
    18. 

  18.     value_t cfbits;
    19. 

  19.     // The amount we have to scale the low words of the leaf values by
    20. 

  20.     // to get additive shares of a unit vector
    21. 

  21.     value_t unit_sum_inverse;
    22. 

  22.     // Additive share of the scaling value M_as such that the high words
    23. 

  23.     // of the leaf values for P0 and P1 add to M_as * e_{target}
    24. 

  24.     RegAS scaled_sum;
    25. 

  25.     // XOR share of the scaling value M_xs such that the high words
    26. 

  26.     // of the leaf values for P0 and P1 XOR to M_xs * e_{target}
    27. 

  27.     RegXS scaled_xor;
    28. 

  28. 

  29.     RDPF() {}
    30. 

  30. 

  31.     // Construct a DPF with the given (XOR-shared) target location, and
    32. 

  32.     // of the given depth, to be used for random-access memory reads and
    33. 

  33.     // writes.  The DPF is constructed collaboratively by P0 and P1,
    34. 

  34.     // with the server P2 helping by providing correlated randomness,
    35. 

  35.     // such as SelectTriples.
    36. 

  36.     //
    37. 

  37.     // Cost:
    38. 

  38.     // (2 DPFnode + 2 bytes)*depth + 1 word communication in
    39. 

  39.     // 2*depth + 1 messages
    40. 

  40.     // (2 DPFnode + 1 byte)*depth communication from P2 to each party
    41. 

  41.     // 2^{depth+1}-2 local AES operations for P0,P1
    42. 

  42.     // 0 local AES operations for P2
    43. 

  43.     RDPF(MPCTIO &tio, yield_t &yield,
    44. 

  44.         RegXS target, nbits_t depth);
    45. 

  45. 

  46.     // The number of bytes it will take to store this RDPF
    47. 

  47.     size_t size() const;
    48. 

  48. 

  49.     // The number of bytes it will take to store a RDPF of the given
    50. 

  50.     // depth
    51. 

  51.     static size_t size(nbits_t depth);
    52. 

  52. 

  53.     // The depth
    54. 

  54.     inline nbits_t depth() const { return cw.size(); }
    55. 

  55. };
    56. 

  56. 

  57. // I/O for RDPFs
    58. 

  58. 

  59. template <typename T>
    60. 

  60. T& operator>>(T &is, RDPF &rdpf)
    61. 

  61. {
    62. 

  62.     is.read((char *)&rdpf.seed, sizeof(rdpf.seed));
    63. 

  63.     uint8_t depth;
    64. 

  64.     is.read((char *)&depth, sizeof(depth));
    65. 

  65.     assert(depth <= VALUE_BITS);
    66. 

  66.     rdpf.cw.clear();
    67. 

  67.     for (uint8_t i=0; i<depth; ++i) {
    68. 

  68.         DPFnode cw;
    69. 

  69.         is.read((char *)&cw, sizeof(cw));
    70. 

  70.         rdpf.cw.push_back(cw);
    71. 

  71.     }
    72. 

  72.     value_t cfbits = 0;
    73. 

  73.     is.read((char *)&cfbits, BITBYTES(depth));
    74. 

  74.     rdpf.cfbits = cfbits;
    75. 

  75.     is.read((char *)&rdpf.unit_sum_inverse, sizeof(rdpf.unit_sum_inverse));
    76. 

  76.     is.read((char *)&rdpf.scaled_sum, sizeof(rdpf.scaled_sum));
    77. 

  77.     is.read((char *)&rdpf.scaled_xor, sizeof(rdpf.scaled_xor));
    78. 

  78. 

  79.     return is;
    80. 

  80. }
    81. 

  81. 

  82. template <typename T>
    83. 

  83. T& operator<<(T &os, const RDPF &rdpf)
    84. 

  84. {
    85. 

  85.     os.write((const char *)&rdpf.seed, sizeof(rdpf.seed));
    86. 

  86.     uint8_t depth = rdpf.cw.size();
    87. 

  87.     assert(depth <= VALUE_BITS);
    88. 

  88.     os.write((const char *)&depth, sizeof(depth));
    89. 

  89.     for (uint8_t i=0; i<depth; ++i) {
    90. 

  90.         os.write((const char *)&rdpf.cw[i], sizeof(rdpf.cw[i]));
    91. 

  91.     }
    92. 

  92.     os.write((const char *)&rdpf.cfbits, BITBYTES(depth));
    93. 

  93.     os.write((const char *)&rdpf.unit_sum_inverse, sizeof(rdpf.unit_sum_inverse));
    94. 

  94.     os.write((const char *)&rdpf.scaled_sum, sizeof(rdpf.scaled_sum));
    95. 

  95.     os.write((const char *)&rdpf.scaled_xor, sizeof(rdpf.scaled_xor));
    96. 

  96. 

  97.     return os;
    98. 

  98. }
    99. 

  99. 

  100. // Computational peers will generate triples of RDPFs with the _same_
    101. 

  101. // random target for use in Duoram.  They will each hold a share of the
    102. 

  102. // target (neither knowing the complete target index).  They will each
    103. 

  103. // give one of the DPFs (not a matching pair) to the server, but not the
    104. 

  104. // shares of the target index.  So computational peers will hold a
    105. 

  105. // RDPFTriple (which includes both an additive and an XOR share of the
    106. 

  106. // target index), while the server will hold a RDPFPair (which does
    107. 

  107. // not).
    108. 

  108. 

  109. struct RDPFTriple {
    110. 

  110.     RegAS as_target;
    111. 

  111.     RegXS xs_target;
    112. 

  112.     RDPF dpf[3];
    113. 

  113. 

  114.     RDPFTriple() {}
    115. 

  115. 

  116.     // Construct three RDPFs of the given depth all with the same
    117. 

  117.     // randomly generated target index.
    118. 

  118.     RDPFTriple(MPCTIO &tio, yield_t &yield,
    119. 

  119.         nbits_t depth);
    120. 

  120. };
    121. 

  121. 

  122. // I/O for RDPF Triples
    123. 

  123. 

  124. template <typename T>
    125. 

  125. T& operator<<(T &os, const RDPFTriple &rdpftrip)
    126. 

  126. {
    127. 

  127.     os << rdpftrip.dpf[0] << rdpftrip.dpf[1] << rdpftrip.dpf[2];
    128. 

  128.     nbits_t depth = rdpftrip.dpf[0].depth();
    129. 

  129.     os.write(&rdpftrip.as_target.ashare, BITBYTES(depth));
    130. 

  130.     os.write(&rdpftrip.xs_target.xshare, BITBYTES(depth));
    131. 

  131. }
    132. 

  132. 

  133. template <typename T>
    134. 

  134. T& operator>>(T &is, RDPFTriple &rdpftrip)
    135. 

  135. {
    136. 

  136.     is >> rdpftrip.dpf[0] >> rdpftrip.dpf[1] >> rdpftrip.dpf[2];
    137. 

  137.     nbits_t depth = rdpftrip.dpf[0].depth();
    138. 

  138.     rdpftrip.as_target.ashare = 0;
    139. 

  139.     is.read(&rdpftrip.as_target.ashare, BITBYTES(depth));
    140. 

  140.     rdpftrip.xs_target.xshare = 0;
    141. 

  141.     is.read(&rdpftrip.xs_target.xshare, BITBYTES(depth));
    142. 

  142. }
    143. 

  143. 

  144. struct RDPFPair {
    145. 

  145.     RDPF dpf[2];
    146. 

  146. };
    147. 

  147. 

  148. // I/O for RDPF Pairs
    149. 

  149. 

  150. template <typename T>
    151. 

  151. T& operator<<(T &os, const RDPFPair &rdpfpair)
    152. 

  152. {
    153. 

  153.     os << rdpfpair.dpf[0] << rdpfpair.dpf[1];
    154. 

  154. }
    155. 

  155. 

  156. template <typename T>
    157. 

  157. T& operator>>(T &is, RDPFPair &rdpfpair)
    158. 

  158. {
    159. 

  159.     is >> rdpfpair.dpf[0] >> rdpfpair.dpf[1];
    160. 

  160. }
    161. 

  161. 

  162. #endif
    163.