diff --git a/mpc-spec/src/lib.rs b/mpc-spec/src/lib.rs index c73895c..a6a12ed 100644 --- a/mpc-spec/src/lib.rs +++ b/mpc-spec/src/lib.rs @@ -3,4 +3,12 @@ //! This crate is an executable specification of an MPC engine based on the //! WRK17 protocol. +/// The computational security parameter, in bytes. +pub const COMPUTATIONAL_SECURITY: usize = 128 / 8; + +/// The statistical security parameter, in bytes. +pub const STATISTICAL_SECURITY: usize = 128 / 8; + pub mod circuit; +pub mod messages; +pub mod primitives; diff --git a/mpc-spec/src/messages.rs b/mpc-spec/src/messages.rs new file mode 100644 index 0000000..0c477e9 --- /dev/null +++ b/mpc-spec/src/messages.rs @@ -0,0 +1,87 @@ +//! This module defines message types for the MPC protocol and its sub-protocols. +use crate::{ + circuit::WireIndex, + primitives::{ + auth_share::AuthShare, + mac::{Mac, MacKey}, + }, + COMPUTATIONAL_SECURITY, +}; + +/// Messages that must be handled by the preprocessing subprotocol, or ideal functionality. +pub enum FPreRequest { + /// A party initialization request. from the indicated party. + Init { + /// The requesting party. + from: usize, + }, + /// A request for a random authenticated share. + Random { + /// The requesting party. + from: usize, + }, + /// A request for the AND of two shares. + And { + /// The requesting party. + from: usize, + /// The first AND input share. + lhs: AuthShare, + /// The second AND input share. + rhs: AuthShare, + }, +} + +/// Messages that are the outcome of the FPre subprotocol. +pub enum FPreResponse { + /// The response to an `Init` request. + Init { + /// The receiver of the message. + to: usize, + /// A fresh global MAC key. + global_mac_key: MacKey, + }, + /// The response to a `Random` request. + Random { + /// The receiver of the message. + to: usize, + /// A fresh random authenticated bit share. + share: AuthShare, + }, + /// The response to an `And` request. + And { + /// The receiver of the message. + to: usize, + /// A fresh random authenticated bit share of the AND of the requested shares. + and_share: AuthShare, + }, +} + +/// An overall message type for all messages between parties. +/// +/// It includes: +/// - top-level protocol messages +/// - suprotocol messages (incomplete) +/// - messages for the FPre subprotocol +/// - (not currently) messages for the remaining sub-protocols which implement +/// FPre +pub enum MPCMessage { + /// A garbled AND gate, to be sent to the evaluator + GarbledAnd(Vec, Vec, Vec, Vec), + /// A MAC on a wire mask share + WireMac(usize, bool, Mac), + /// Masked input wire value + MaskedInput(bool), + /// A wire label, to be sent to the evaluator + WireLabel { + /// The originator of the label + from: usize, + /// The wire the label belongs to + wire: WireIndex, + /// The wire label + label: [u8; COMPUTATIONAL_SECURITY], + }, + /// A message to the FPre subprotocol + FPreRequest(FPreRequest), + /// The FPre subprotocol response + FPreResponse(FPreResponse), +} diff --git a/mpc-spec/src/primitives/auth_share.rs b/mpc-spec/src/primitives/auth_share.rs new file mode 100644 index 0000000..aeade22 --- /dev/null +++ b/mpc-spec/src/primitives/auth_share.rs @@ -0,0 +1,13 @@ +//! This module defines the interface for share authentication. +use super::mac::{Mac, MacKey}; + +/// An authenticated share of a bit. +#[allow(dead_code)] // TODO: Remove this later. +pub struct AuthShare { + /// Party i's share of the bit + pub(crate) share: bool, + /// MACs on the shared bit provided by the other parties + pub(crate) macs: Vec<(usize, Mac)>, + /// Keys for authenticating the other parties' shares of the bit + pub(crate) keys: Vec<(usize, MacKey)>, +} diff --git a/mpc-spec/src/primitives/mac.rs b/mpc-spec/src/primitives/mac.rs new file mode 100644 index 0000000..d1b2481 --- /dev/null +++ b/mpc-spec/src/primitives/mac.rs @@ -0,0 +1,8 @@ +//! This module defines an information theoretic MAC for authenticating bits. + +use crate::COMPUTATIONAL_SECURITY; + +/// A MAC on a bit. +pub type Mac = [u8; COMPUTATIONAL_SECURITY]; +/// A MAC key for authenticating a bit to another party. +pub type MacKey = [u8; COMPUTATIONAL_SECURITY]; diff --git a/mpc-spec/src/primitives/mod.rs b/mpc-spec/src/primitives/mod.rs new file mode 100644 index 0000000..46a8713 --- /dev/null +++ b/mpc-spec/src/primitives/mod.rs @@ -0,0 +1,4 @@ +//! This module provides interfaces for the basic primitives used in WRK17. + +pub mod auth_share; +pub mod mac;