forked from WeDPR-Team/MP-SPDZ
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Prover.cpp
178 lines (157 loc) · 4.83 KB
/
Prover.cpp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
#include "Prover.h"
#include "Verifier.h"
#include "FHE/P2Data.h"
#include "Tools/random.h"
#include "Math/Z2k.hpp"
#include "Math/modp.hpp"
#include "FHE/AddableVector.hpp"
template <class FD, class U>
Prover<FD,U>::Prover(Proof& proof, const FD& FieldD) :
volatile_memory(0)
{
s.resize(proof.V, proof.pk->get_params());
y.resize(proof.V, FieldD);
#ifdef LESS_ALLOC_MORE_MEM
t = s[0];
z = y[0];
// extra limb to prevent reallocation
t.allocate_slots(bigint(1) << (proof.B_rand_length + 64));
z.allocate_slots(bigint(1) << (proof.B_plain_length + 64));
s.allocate_slots(bigint(1) << proof.B_rand_length);
y.allocate_slots(bigint(1) << proof.B_plain_length);
#endif
}
template <class FD, class U>
void Prover<FD,U>::Stage_1(const Proof& P, octetStream& ciphertexts,
const AddableVector<Ciphertext>& c,
const FHE_PK& pk)
{
size_t allocate = 3 * c.size() * c[0].report_size(USED);
ciphertexts.resize_precise(allocate);
ciphertexts.reset_write_head();
c.pack(ciphertexts);
int V=P.V;
// AElement<T> AE;
// ZZX rd;
// ZZ pr=(*AE.A).prime();
// ZZ bd=B_plain/(pr+1);
PRNG G;
G.ReSeed();
Random_Coins rc(pk.get_params());
Ciphertext ciphertext(pk.get_params());
ciphertexts.store(V);
for (int i=0; i<V; i++)
{
// AE.randomize(Diag,binary);
// rd=RandPoly(phim,bd<<1);
// y[i]=AE.plaintext()+pr*rd;
y[i].randomize(G, P.B_plain_length, P.get_diagonal());
if (P.get_diagonal())
assert(y[i].is_diagonal());
s[i].resize(3, P.phim);
s[i].generateUniform(G, P.B_rand_length);
rc.assign(s[i][0], s[i][1], s[i][2]);
pk.encrypt(ciphertext,y[i],rc);
ciphertext.pack(ciphertexts);
}
}
template <class FD, class U>
bool Prover<FD,U>::Stage_2(Proof& P, octetStream& cleartexts,
const vector<U>& x,
const Proof::Randomness& r,
const FHE_PK& pk)
{
size_t allocate = P.V * P.phim
* (5 + numBytes(P.plain_check) + 3 * (5 + numBytes(P.rand_check)));
cleartexts.resize_precise(allocate);
cleartexts.reset_write_head();
unsigned int i;
#ifndef LESS_ALLOC_MORE_MEM
AddableVector<fixint<gfp::N_LIMBS>> z;
AddableMatrix<fixint<gfp::N_LIMBS>> t;
#endif
cleartexts.reset_write_head();
cleartexts.store(P.V);
if (P.get_diagonal())
for (auto& xx : x)
assert(xx.is_diagonal());
for (i=0; i<P.V; i++)
{ z=y[i];
t=s[i];
P.apply_challenge(i, z, x, pk);
Check_Decoding(z, P.get_diagonal(), x[0].get_field());
P.apply_challenge(i, t, r, pk);
if (not P.check_bounds(z, t, i))
return false;
z.pack(cleartexts);
t.pack(cleartexts);
}
#ifndef LESS_ALLOC_MORE_MEM
volatile_memory = t.report_size(CAPACITY) + z.report_size(CAPACITY);
#endif
#ifdef PRINT_MIN_DIST
cout << "Minimal distance (log) " << log2(P.dist) << ", compare to " <<
log2(P.plain_check.get_d() / pow(2, P.B_plain_length)) << endl;
#endif
return true;
}
/* This is the non-interactive version using the ROM
*/
template <class FD, class U>
size_t Prover<FD,U>::NIZKPoK(Proof& P, octetStream& ciphertexts, octetStream& cleartexts,
const FHE_PK& pk,
const AddableVector<Ciphertext>& c,
const vector<U>& x,
const Proof::Randomness& r)
{
// AElement<T> AE;
// for (i=0; i<P.sec; i++)
// { AE.assign(x.at(i));
// if (!AE.to_type(0))
// { cout << "Error in making x[i]" << endl;
// cout << i << endl;
// }
// }
bool ok=false;
int cnt=0;
while (!ok)
{ cnt++;
Stage_1(P,ciphertexts,c,pk);
P.set_challenge(ciphertexts);
// Check check whether we are OK, or whether we should abort
ok = Stage_2(P,cleartexts,x,r,pk);
}
#ifdef VERBOSE
if (cnt > 1)
cout << "\t\tNumber iterations of prover = " << cnt << endl;
#endif
return report_size(CAPACITY) + volatile_memory;
}
template<class FD, class U>
size_t Prover<FD,U>::report_size(ReportType type)
{
size_t res = 0;
for (unsigned int i = 0; i < s.size(); i++)
res += s[i].report_size(type);
for (unsigned int i = 0; i < y.size(); i++)
res += y[i].report_size(type);
#ifdef LESS_ALLOC_MORE_MEM
res += z.report_size(type) + t.report_size(type);
#endif
return res;
}
template<class FD, class U>
void Prover<FD, U>::report_size(ReportType type, MemoryUsage& res)
{
res.update("prover s", s.report_size(type));
res.update("prover y", y.report_size(type));
#ifdef LESS_ALLOC_MORE_MEM
res.update("prover z", z.report_size(type));
res.update("prover t", t.report_size(type));
#endif
res.update("prover volatile", volatile_memory);
}
template class Prover<FFT_Data, Plaintext_<FFT_Data> >;
//template class Prover<FFT_Data, AddableVector<bigint> >;
template class Prover<P2Data, Plaintext_<P2Data> >;
//template class Prover<P2Data, AddableVector<bigint> >;