lschoe
commented
1 year ago Division with remainder for a negative divisor is always a bit tricky. For example in Python, one has 14 // 3 == 4 but 14 // (-3) == -5. For this kind of reasons it is often better to avoid negative divisors altogether.
MPyC currently only supports public divisors for division with remainder, and the divisor is assumed to be positive. However, for secure class groups we need secure (secret-shared) divisors, and therefore a raw but functional beta version is used in the secgroups module.
The random behavior is because the underlying protocol opens randomly masked values, and these values get out of range for negative divisors, and things will get messed up. If values are within range, the randomizations will be done and undone correctly, and the results will be correct (but anything opened during internal steps of the protocols will be meaningless due to the randomizations).
zhqll7577
Excuse me, I noticed that performing division by a negative secure integer in the current implementation results in a random number instead of a specified outcome. I'm curious about the reasons behind this lack of support for division by negative secure integers. It seems like a straightforward operation that could be achieved by dividing a positive value and negating the result. Is the determination of the sign of the variable computationally expensive, leading to the exclusion of a dedicated implementation for division by negative secure integers? Additionally, I'm interested in understanding why the result obtained is a random number rather than a fixed incorrect value.