Add fix for ROLE protocol

[th4s]

Currently there is an issue in the ROLE protocol.

A malicious P_A can send e_k = e in every Extend_k call. Because f is fixed, and b_k = e_k + f, this will also fix b_k = b = e + f. Thus it is is no longer a random OLE. This is detectable by P_B since e_k is public. But this does not fix it, because in the end P_A can enforce an arbitrary distribution of e_k which might look random, but isn't. And the fact that f is fixed, means that the output b_k will only be the distribution of e_k shifted by f.

EDIT: I do not think that there is a fix for that, so this PR restores the ROLE construction to the original idea, without using PRGs.

[th4s]

After thinking more about this, I think that it is not possible to reuse an OT for a Random OLE. What you get is not a random OLE but a correlated OLE. I think it is safer for us to take a step back and not to have the Initialize, Extend calls and also not to use PRGs for the ROLE construction (for RVOLE and VOLE it works).

Note that this is not too bad for us, since we use an OT extension and basically start with a very large pre-distributed number of random OTs already. So it should not matter too much that we need random OTs for every ROLE.