bool aOTKeyOfZ(ProtocolDesc *pd, AOTKeyOfZ* key) { NnobProtocolDesc* npd = pd->extra; assert(npd!=NULL); int i,k,n = key->n, bucketSize = npd->bucketSize, numLaOTs = key->n*bucketSize, destparty = pd->thisParty==1?1:2; bool success = true; unsigned* permutation = malloc(numLaOTs*sizeof(unsigned)); NnobShareAndMac* LaOTx0 = malloc(numLaOTs*sizeof(NnobShareAndMac)); NnobShareAndMac* LaOTx1 = malloc(numLaOTs*sizeof(NnobShareAndMac)); NnobKey* LaOTc = malloc(numLaOTs*sizeof(NnobKey)); NnobKey* LaOTr = malloc(numLaOTs*sizeof(NnobKey)); NnobKey* LaOTz = malloc(numLaOTs*sizeof(NnobKey)); BCipherRandomGen* gen = newBCipherRandomGen(); BCipherRandomGen* padder = newBCipherRandomGen(); int nonce = 0; for(i=0;i<numLaOTs;i++) { randomOblivAuthenticationShareAndMac(npd, &LaOTx0[i]); randomOblivAuthenticationShareAndMac(npd, &LaOTx1[i]); randomOblivAuthenticationKey(npd, &LaOTc[i]); randomOblivAuthenticationKey(npd, &LaOTr[i]); } success &= LaOTKeyOfZ(pd, LaOTx0, LaOTx1, LaOTc, LaOTr, LaOTz, padder, gen, &nonce, numLaOTs); orecv(pd, destparty, permutation, numLaOTs*sizeof(unsigned)); for(i=0;i<n;i++) { key->x0[i]=LaOTx0[permutation[i]]; key->x1[i]=LaOTx1[permutation[i]]; key->c[i]=LaOTc[permutation[i]]; key->z[i]=LaOTz[permutation[i]]; } for(k=1;k<bucketSize;k++) { LaOTCombineKeyOfZ(pd, key->x0, LaOTx0, key->x1, LaOTx1, key->c, LaOTc, key->z, LaOTz, permutation, n, k); } free(permutation); releaseBCipherRandomGen(gen); releaseBCipherRandomGen(padder); free(LaOTx0); free(LaOTx1); free(LaOTc); free(LaOTr); free(LaOTz); return success; }
void nnobRevealOblivInputsRecv(ProtocolDesc* pd, widest_t* dest,const OblivBit* o,size_t n, bool* share ,int destparty) { NnobProtocolDesc* npd = pd->extra; int i; fprintf(stderr, "A\n"); orecv(pd, destparty, share, n); for(i=0;i<n;i++) { hashMacCheckKey(npd, &o[i].nnob.key, share[i]); dest[i] = share[i]^o[i].nnob.shareAndMac.share; fprintf(stderr, "%d\n", (int)dest[i]); } fprintf(stderr, "error? = %d\n", npd->error); npd->error |= !ocEqualityCheck(pd, npd->gen, npd->cumulativeHashCheckKey,NNOB_KEY_BYTES,destparty); fprintf(stderr, "error? = %d\n", npd->error); npd->nonce+=1; assert(!npd->error); fprintf(stderr, "in nnobRevealOblivInputs\n"); }
bool aANDKey(ProtocolDesc *pd, AANDKey* key) { NnobProtocolDesc* npd = pd->extra; assert(npd!=NULL); int i,k,n = key->n,bucketSize = npd->bucketSize, numLaANDs = n*bucketSize, nonce = 0, destparty = pd->thisParty==1?1:2; bool success = true; unsigned* permutation = malloc(numLaANDs*sizeof(unsigned)); NnobKey* LaANDx = malloc(numLaANDs*sizeof(NnobKey)); NnobKey* LaANDy = malloc(numLaANDs*sizeof(NnobKey)); NnobKey* LaANDr = malloc(numLaANDs*sizeof(NnobKey)); NnobKey* LaANDz = malloc(numLaANDs*sizeof(NnobKey)); char dummy[NNOB_HASH_ALGO_KEYBYTES]; BCipherRandomGen* gen = newBCipherRandomGen(); BCipherRandomGen* padder = newBCipherRandomGenByAlgoKey(NNOB_HASH_ALGO, dummy); for(i=0;i<numLaANDs;i++) { randomOblivAuthenticationKey(npd, &LaANDx[i]); randomOblivAuthenticationKey(npd, &LaANDy[i]); randomOblivAuthenticationKey(npd, &LaANDr[i]); } success &= LaANDKey(pd, LaANDx, LaANDy, LaANDr, LaANDz, padder, gen, &nonce, numLaANDs); assert(success); orecv(pd, destparty, permutation, numLaANDs*sizeof(unsigned)); for(i=0;i<n;i++) { key->x[i]=LaANDx[permutation[i]]; key->y[i]=LaANDy[permutation[i]]; key->z[i]=LaANDz[permutation[i]]; } for(k=1;k<bucketSize;k++) { for(i=0;i<n;i++) { LaANDCombineKey(pd, &key->x[i], &LaANDx[permutation[i+k*n]], &key->y[i], &LaANDy[permutation[i+k*n]], &key->z[i], &LaANDz[permutation[i+k*n]]); } } free(permutation); releaseBCipherRandomGen(gen); releaseBCipherRandomGen(padder); free(LaANDx); free(LaANDy); free(LaANDr); free(LaANDz); return success; }
bool LaANDKey(ProtocolDesc* pd, const NnobKey* x, const NnobKey* y, const NnobKey* r, NnobKey* z, BCipherRandomGen* padder, BCipherRandomGen* gen, int* nonce, int numLaANDs) { NnobProtocolDesc* npd = pd->extra; assert(npd!=NULL); int i, destparty = pd->thisParty==1?1:2; bool* d = malloc(numLaANDs); char (*U)[NNOB_KEY_BYTES] = malloc(numLaANDs*NNOB_KEY_BYTES); char (*V)[NNOB_KEY_BYTES] = malloc(numLaANDs*NNOB_KEY_BYTES); char temp[2*NNOB_KEY_BYTES]; char temp2[NNOB_KEY_BYTES]; char zeroes[NNOB_KEY_BYTES]; memset(zeroes, 0, NNOB_KEY_BYTES); const char* globalDelta = npd->globalDelta; bool success = true; orecv(pd, destparty, d, numLaANDs); for(i=0;i<numLaANDs;i++) { z[i]=r[i]; nnobKeyXORConst(&z[i], d[i], globalDelta); /*assert(z[i].ShareAndMac.value == (x[i].ShareAndMac.value && y[i].ShareAndMac.value));*/ memcpy(temp, x[i].key, NNOB_KEY_BYTES); memcpy(temp+NNOB_KEY_BYTES, z[i].key, NNOB_KEY_BYTES); nnobHash(padder, temp, 2*NNOB_KEY_BYTES, *nonce, temp2, zeroes); memcpy(temp, x[i].key, NNOB_KEY_BYTES); memxor(temp, globalDelta, NNOB_KEY_BYTES); memcpy(temp+NNOB_KEY_BYTES, y[i].key, NNOB_KEY_BYTES); memxor(temp+NNOB_KEY_BYTES, z[i].key, NNOB_KEY_BYTES); nnobHash(padder, temp, 2*NNOB_KEY_BYTES, *nonce, U[i], temp2); } osend(pd, destparty, U, NNOB_KEY_BYTES*numLaANDs); for(i=0;i<numLaANDs;i++) { memcpy(V[i], temp2, NNOB_KEY_BYTES); *nonce+=1; } success &= ocEqualityCheck(pd, gen, V, numLaANDs*NNOB_KEY_BYTES, destparty); free(d); free(U); free(V); return success; }
bool LaANDShareAndMac(ProtocolDesc* pd, const NnobShareAndMac* x, const NnobShareAndMac* y, const NnobShareAndMac* r, NnobShareAndMac* z, BCipherRandomGen* padder, BCipherRandomGen* gen, int* nonce, int numLaANDs) { int i, destparty = pd->thisParty==1?1:2; bool* d = malloc(numLaANDs); char (*U)[NNOB_KEY_BYTES] = malloc(numLaANDs*NNOB_KEY_BYTES); char (*V)[NNOB_KEY_BYTES] = malloc(numLaANDs*NNOB_KEY_BYTES); char temp[2*NNOB_KEY_BYTES]; char zeroes[NNOB_KEY_BYTES]; memset(zeroes, 0, NNOB_KEY_BYTES); bool success = true; for(i=0;i<numLaANDs;i++) { z[i].share = x[i].share && y[i].share; d[i] = z[i].share^r[i].share; } osend(pd, destparty, d, numLaANDs); for(i=0;i<numLaANDs;i++) { z[i]=r[i]; nnobShareAndMacXORConst(&z[i], d[i]); /*assert(z[i].ShareAndMac.value == (x[i].ShareAndMac.value && y[i].ShareAndMac.value));*/ } orecv(pd, destparty, U, NNOB_KEY_BYTES*numLaANDs); for(i=0;i<numLaANDs;i++) { memcpy(temp, x[i].mac, NNOB_KEY_BYTES); memcpy(temp+NNOB_KEY_BYTES, z[i].mac, NNOB_KEY_BYTES); if(x[i].share) { memxor(temp+NNOB_KEY_BYTES, y[i].mac, NNOB_KEY_BYTES); nnobHash(padder, temp, 2*NNOB_KEY_BYTES, *nonce, V[i], U[i]); } else { nnobHash(padder, temp, 2*NNOB_KEY_BYTES, *nonce, V[i], zeroes); } *nonce+=1; } success &= ocEqualityCheck(pd, gen, V, numLaANDs*NNOB_KEY_BYTES, destparty); free(d); free(U); free(V); return success; }
void LaOTCombineShareAndMacOfZ(ProtocolDesc* pd, NnobKey* x10, const NnobKey* x20, NnobKey* x11, const NnobKey* x21, NnobShareAndMac* c1, const NnobShareAndMac* c2, NnobShareAndMac* z1, const NnobShareAndMac* z2, const unsigned* permutation, int n, int k) { int i,pos, destparty = pd->thisParty==1?1:2; bool* d = malloc(n); orecv(pd, destparty, d, n); for(i=0;i<n;i++) { pos = permutation[i+k*n]; nnobShareAndMacXOR(&z1[i], &z2[pos]); if(d[i]) nnobShareAndMacXOR(&z1[i],&c1[i]); nnobShareAndMacXOR(&c1[i], &c2[pos]); x11[i]=x10[i]; nnobKeyXOR(&x11[i], &x21[pos]); nnobKeyXOR(&x10[i], &x20[pos]); } free(d); }
static int linux_recv(struct proc *p, struct linux_recv_args *args, int *retval) { struct linux_recv_args linux_args; struct orecv_args /* { int s; caddr_t buf; int len; int flags; } */ bsd_args; int error; if ((error=copyin((caddr_t)args, (caddr_t)&linux_args, sizeof(linux_args)))) return error; bsd_args.s = linux_args.s; bsd_args.buf = linux_args.msg; bsd_args.len = linux_args.len; bsd_args.flags = linux_args.flags; return orecv(p, &bsd_args, retval); }
bool LaOTKeyOfZ(ProtocolDesc* pd, const NnobShareAndMac* x0, const NnobShareAndMac* x1, const NnobKey* c, const NnobKey* r, NnobKey* z, BCipherRandomGen* padder, BCipherRandomGen* gen, int* nonce, int numLaOTs) { NnobProtocolDesc* npd = pd->extra; assert(npd!=NULL); int i, destparty = pd->thisParty==1?1:2; bool success = true; const int XOTBytes = 1+2*NNOB_KEY_BYTES; char (*X0)[XOTBytes] = malloc(numLaOTs*XOTBytes); char (*X1)[XOTBytes] = malloc(numLaOTs*XOTBytes); char (*I0)[NNOB_KEY_BYTES] = malloc(numLaOTs*NNOB_KEY_BYTES); char (*I1)[NNOB_KEY_BYTES] = malloc(numLaOTs*NNOB_KEY_BYTES); char (*T0)[NNOB_KEY_BYTES] = malloc(numLaOTs*NNOB_KEY_BYTES); char (*T1)[NNOB_KEY_BYTES] = malloc(numLaOTs*NNOB_KEY_BYTES); char temp[NNOB_KEY_BYTES]; char (*mc)[XOTBytes] = malloc(numLaOTs*XOTBytes); bool* d = malloc(numLaOTs); const char* globalDelta = npd->globalDelta; for(i=0;i<numLaOTs;i++) { char m0[XOTBytes], m1[XOTBytes]; randomizeBuffer(gen, T0[i], NNOB_KEY_BYTES); randomizeBuffer(gen, T1[i], NNOB_KEY_BYTES); m0[0] = x0[i].share; memcpy(m0+1, x0[i].mac, NNOB_KEY_BYTES); if(x0[i].share) memcpy(m0+1+NNOB_KEY_BYTES, T1[i], NNOB_KEY_BYTES); else memcpy(m0+1+NNOB_KEY_BYTES, T0[i], NNOB_KEY_BYTES); m1[0] = x1[i].share; memcpy(m1+1, x1[i].mac, NNOB_KEY_BYTES); if(x1[i].share) memcpy(m1+1+NNOB_KEY_BYTES, T1[i], NNOB_KEY_BYTES); else memcpy(m1+1+NNOB_KEY_BYTES, T0[i], NNOB_KEY_BYTES); nnobPRG(padder, c[i].key, NNOB_KEY_BYTES, *nonce, X0[i], m0, XOTBytes); memcpy(temp, c[i].key, NNOB_KEY_BYTES); memxor(temp, globalDelta, NNOB_KEY_BYTES); nnobPRG(padder, temp, NNOB_KEY_BYTES, *nonce, X1[i], m1, XOTBytes); *nonce+=1; } osend(pd, destparty, X0, numLaOTs*XOTBytes); osend(pd, destparty, X1, numLaOTs*XOTBytes); orecv(pd, destparty, d, numLaOTs); for(i=0;i<numLaOTs;i++) { z[i]=r[i]; nnobKeyXORConst(&z[i], d[i], globalDelta); nnobHash(padder, z[i].key, NNOB_KEY_BYTES, *nonce, I0[i], T1[i]); memcpy(temp, z[i].key, NNOB_KEY_BYTES); memxor(temp, globalDelta, NNOB_KEY_BYTES); nnobHash(padder, temp, NNOB_KEY_BYTES, *nonce, I1[i], T0[i]); *nonce+=1; } osend(pd, destparty, I0, numLaOTs*NNOB_KEY_BYTES); osend(pd, destparty, I1, numLaOTs*NNOB_KEY_BYTES); success &= ocEqualityCheck(pd, gen, T0, numLaOTs*NNOB_KEY_BYTES, destparty); success &= ocEqualityCheck(pd, gen, T1, numLaOTs*NNOB_KEY_BYTES, destparty); free(X0); free(X1); free(I0); free(I1); free(T0); free(T1); free(mc); free(d); return success; }
bool LaOTShareAndMacOfZ(ProtocolDesc* pd, const NnobKey* x0, const NnobKey* x1, const NnobShareAndMac* c, const NnobShareAndMac* r, NnobShareAndMac* z, BCipherRandomGen* padder, BCipherRandomGen* gen, int* nonce, int numLaOTs) { NnobProtocolDesc* npd = pd->extra; assert(npd!=NULL); int i, destparty = pd->thisParty==1?1:2; bool success = true; const int XOTBytes = 1+2*NNOB_KEY_BYTES; char (*X0)[XOTBytes] = malloc(numLaOTs*XOTBytes); char (*X1)[XOTBytes] = malloc(numLaOTs*XOTBytes); char (*I0)[NNOB_KEY_BYTES] = malloc(numLaOTs*NNOB_KEY_BYTES); char (*I1)[NNOB_KEY_BYTES] = malloc(numLaOTs*NNOB_KEY_BYTES); char (*T0)[NNOB_KEY_BYTES] = malloc(numLaOTs*NNOB_KEY_BYTES); char (*T1)[NNOB_KEY_BYTES] = malloc(numLaOTs*NNOB_KEY_BYTES); char temp[NNOB_KEY_BYTES]; char (*mc)[XOTBytes] = malloc(numLaOTs*XOTBytes); bool* d = malloc(numLaOTs); const char* globalDelta = npd->globalDelta; orecv(pd, destparty, X0, numLaOTs*XOTBytes); orecv(pd, destparty, X1, numLaOTs*XOTBytes); for(i=0;i<numLaOTs;i++) { if(c[i].share) nnobPRG(padder, c[i].mac, NNOB_KEY_BYTES, *nonce, mc[i], X1[i], XOTBytes); else nnobPRG(padder, c[i].mac, NNOB_KEY_BYTES, *nonce, mc[i], X0[i], XOTBytes); *nonce+=1; z[i].share = mc[i][0]; if(c[i].share) memcpy(temp, x1[i].key, NNOB_KEY_BYTES); else memcpy(temp, x0[i].key, NNOB_KEY_BYTES); if(z[i].share) memxor(temp, globalDelta, NNOB_KEY_BYTES); success &= memcmp(mc[i]+1, temp, NNOB_KEY_BYTES)==0?true:false; assert(success); d[i] = z[i].share^r[i].share; } osend(pd, destparty, d, numLaOTs); for(i=0;i<numLaOTs;i++) { z[i]=r[i]; nnobShareAndMacXORConst(&z[i], d[i]); } orecv(pd, destparty, I0, numLaOTs*NNOB_KEY_BYTES); orecv(pd, destparty, I1, numLaOTs*NNOB_KEY_BYTES); for(i=0;i<numLaOTs;i++) { if(z[i].share) { memcpy(T1[i], mc[i]+1+NNOB_KEY_BYTES, NNOB_KEY_BYTES); nnobHash(padder, z[i].mac, NNOB_KEY_BYTES, *nonce, T0[i], I1[i]); } else { memcpy(T0[i], mc[i]+1+NNOB_KEY_BYTES, NNOB_KEY_BYTES); nnobHash(padder, z[i].mac, NNOB_KEY_BYTES, *nonce, T1[i], I0[i]); } *nonce+=1; } success &= ocEqualityCheck(pd, gen, T0, numLaOTs*NNOB_KEY_BYTES, destparty); success &= ocEqualityCheck(pd, gen, T1, numLaOTs*NNOB_KEY_BYTES, destparty); free(X0); free(X1); free(I0); free(I1); free(T0); free(T1); free(mc); free(d); return success; }