search

encryptogroup / MOTION

An efficient, user-friendly, modular, and extensible framework for mixed-protocol secure multi-party computation with two or more parties
MIT License
85 stars 40 forks source link

How to implement more protocols #18

Closed Cryptographer63 closed 2 years ago

Cryptographer63 commented 2 years ago

I want to implement some protocols based on replication secret sharing on top of Motion, such as aby3,falcon etc. I don't know if this idea is feasible, if so, can you briefly explain the idea.

Oleksandr-Tkachenko commented 2 years ago

The bare minimum you would need is creating Wire and Gate objects for your protocols. The communication is realized using flatbuffers (look for .fbs files as an example) and how the logic in some of the Gates works, e.g., GMW XOR gate. The messages are sent between parties via CommunicationLayer objects that you can use to communicate between parties pairwise. You would also need to create "communication channels" for moving the received information to the right place, which can be done using special future/promise pairs, which are waitable objects with support for fibers (i.e., they don't block the thread). You don't need to touch other protocols and primitives for adding new functionality or even mixing it with the existing protocols. The logic for executing Gates can be found here.

I will try to find some time to describe this in more detail.

Cryptographer63 commented 2 years ago

The bare minimum you would need is creating Wire and Gate objects for your protocols. The communication is realized using flatbuffers (look for .fbs files as an example) and how the logic in some of the Gates works, e.g., GMW XOR gate. The messages are sent between parties via CommunicationLayer objects that you can use to communicate between parties pairwise. You would also need to create "communication channels" for moving the received information to the right place, which can be done using special future/promise pairs, which are waitable objects with support for fibers (i.e., they don't block the thread). You don't need to touch other protocols and primitives for adding new functionality or even mixing it with the existing protocols. The logic for executing Gates can be found here.

I will try to find some time to describe this in more detail.

Thank you very much! I have read the source code carefully and already have a rough idea of the process. However, I was thinking of implementing a replication secret sharing based protocol like ABY3, Falcon, etc. on top of Motion, but I haven't figured out how to do it yet. For example, in which class should I define the secret share pair...

I don't know if this is correct: here vector& input can be vector<vector>, so that the share of ABY3 is constructed. Next, I went back inside the gate class to implement the logic functions for each class of gate.

Share<T>::Share(const std::vector<T>& input, Backend& backend) : Base(backend) {
  wires_ = {std::make_shared<arithmetic_gmw::Wire<T>>(input, backend)};
}
Oleksandr-Tkachenko commented 2 years ago

All the information about the secret-shared values is stored in Wire objects - take a look at arithmetic GMW Wire as an example. The Share class is used only as a higher-level interface to basically abstract away the protocol details, e.g., to have the same API for integer operations for both arithmetic and boolean circuits.

The "sharing" of non-constant input values should be performed via Gates. Here is an example.