Add task configuration schema and describe client behaviour

[wangshan]

First update, it's mostly a brain dump, please have a look. I'll fix the build failure early next week.

[wangshan]

@cjpatton

VdafType uint32_t; // Codepoint from I.D-draft-irtf-cfrg-vdaf-03

struct {
    VdafType type;
    select type (type) {
        Prio3Aes138Count: Empty;
        Prio3Aes128Sum: uint8_t bits;
        Prio3Aes128Histogram: uint64_t buckets<0..2^16-1>;
        Poplar1Aes128:  uint16 bits;
    }
} VdafConfig;

why do we need two definitions of VdafType uint32_t and VdafType type, is the former a type alias?

I'm thinking the VdafConfig struct is up to the VDAF, making it opaque will allow new VDAFs to be defined without changing this extension draft (like an extension on this extension), otherwise wouldn't this extension be tied to all the VDAFs above?

[wangshan]

That's a good point: We need to make sure that unspecified VDAFs can still be encoded. This seems like a reasonable way to do it. However, for this extension to be maximally useful, it will be necessary to spell out serialization of the configs of standardized VDAFs. Just something to keep in mind for the future.

I'll bring back the standardized VDAFs in a VdafConfig.

[wangshan]

@cjpatton why a prio3 histogram uses a list of buckets, is it for non-continuous buckets? does this mean the dimension of the one hot vector can only be (2^16-8)/8 = 8191

[cjpatton]

@cjpatton why a prio3 histogram uses a list of buckets, is it for non-continuous buckets? does this mean the dimension of the one hot vector can only be (2^16-8)/8 = 8191

For this type, buckets defines the boundaries between the buckets: See https://www.ietf.org/archive/id/draft-irtf-cfrg-vdaf-03.html#name-prio3aes128histogram.

Yes, this would constrain the dimension of the vector. We could bump the length prefix to 24 or 32 bits if needed.

[wangshan]

What should an Aggregator do if the task ID does not match the hash of the task config? We'll need to spell this out in both the "Leader Behavior" and "Helper Behavior" sections.

@cjpatton do we need to do anything? the current text doesn't specify any checks on aggregator side about task ID vs. hash(task_config). Any bad task ID will be grouped to it's own (bad) task.

[wangshan]

@cjpatton why a prio3 histogram uses a list of buckets, is it for non-continuous buckets? does this mean the dimension of the one hot vector can only be (2^16-8)/8 = 8191

For this type, buckets defines the boundaries between the buckets: See https://www.ietf.org/archive/id/draft-irtf-cfrg-vdaf-03.html#name-prio3aes128histogram.

Yes, this would constrain the dimension of the vector. We could bump the length prefix to 24 or 32 bits if needed.

So this is related to this issue in DAP: https://github.com/ietf-wg-ppm/draft-ietf-ppm-dap/issues/311? I'll create an issue in VDAF to bump this, 8192 is very limiting when used with differential privacy.

[cjpatton]

So this is related to this issue in DAP: ietf-wg-ppm/draft-ietf-ppm-dap#311? I'll create an issue in VDAF to bump this, 8192 is very limiting when used with differential privacy.

This not related to https://github.com/ietf-wg-ppm/draft-ietf-ppm-dap/issues/311. It's also not relevant to VDAF, which does not specify an encoding of VDAF config parameters. If you're expecting needing a large histogram, then all we need to do is increase the maximum length of the buckets list here. We're free to do whatever we want in this draft.