Update to MP-SPDZ 0.0.8; focus in computation modulo a 128-bit prime.

MPC-SoK · Mar 29, 2019 · 7b7cf55 · 7b7cf55
1 parent 0e1e10d
commit 7b7cf55
Show file tree

Hide file tree

Showing 5 changed files with 54 additions and 185 deletions.
diff --git a/mp-spdz/Dockerfile b/mp-spdz/Dockerfile
@@ -1,26 +1,9 @@
 FROM ubuntu:16.04
 WORKDIR /root
 RUN apt-get update && apt-get install -y \
-  autoconf \
-  gcc \
-  g++ \
-  git \
-  libboost-dev \
-  libboost-thread-dev \
-  libgmp3-dev \
-  libntl-dev \
-  libsodium-dev \
-  libssl-dev \
-  libtool \
-  m4 \
-  make \
-  man \
+  curl \
   python \
-  sudo \
-  texinfo \
-  valgrind \
-  vim \
-  yasm
+  openssl
 
 ADD install.sh .
 RUN ["bash", "install.sh"]

diff --git a/mp-spdz/README.md b/mp-spdz/README.md
@@ -17,55 +17,13 @@ $ docker run -it --rm mp-spdz
 
 ## Architecture
 
-While MP-SPDZ allows benchmarking for a number of schemes, only two implementations provide a security guarantee throughout: semi-honest two-party Yao's garbled circuits, semi-honest three-party replicated sharing with binary circuits, and covertly secure full-threshold SPDZ-2.
+While MP-SPDZ implements a number of schemes, we focus on computation
+modulo a 128-bit prime here because MP-SPDZ the widest range of
+security models in this domain. See the the MP-SPDZ
+[readme](https://github.com/n1analytics/MP-SPDZ) for details on other
+domains such as computation modulo 2^k and binary circuits.
 
-## Binary circuits
-
-First, compile the example source. We provide three examples (mult3, innerprod,
-xtabs). The `-B` argument determines the bit length of integers.
-```
-$ cd MP-SPDZ
-$ ./compile.py -B 32 <ex>
-```
-
-Generate input for each party.
-You'll need to fill in `Player-Data/Input-P<x>-0` with ASCII data for each party
-`<x>`.
-For example, to run mult3 with inputs 14, 12, and 8, we'd do the following:
-```
-$ cd MP-SPDZ
-$ mkdir Player-Data
-$ echo 14 8 > Player-Data/Input-P0-0
-$ echo 12 > Player-Data/Input-P1-0
-```
-
-### Yao's garbled circuits
-
-Execute the two parties. The output transcript will include the
-computed solution.
-``` 
-$ ./yao-player.x -p 0 <ex> & ./yao-player.x -p 1 <ex>
-```
-
-For example, the output from the following will include `Mult3 prod = 1344`. 
-```
-$ ./yao-player.x -p 0 mult3 & ./yao-player.x -p 1 mult3
-```
-
-### Honest-majority three-party computation
-
-Execute the three parties. The output transcript will include the
-computed solution.
-``` 
-$ ./replicated-bin-party.x -p 0 <ex> & ./replicated-bin-party.x -p 1 <ex> & ./replicated-bin-party.x -p 2 <ex>
-```
-
-For example, the output from the following will include `Mult3 prod = 1344`. 
-```
-$ ./replicated-bin-party.x -p 0 mult3 & ./replicated-bin-party.x -p 1 mult3 & ./replicated-bin-party.x -p 2 mult3
-```
-
-## Arithmetic circuits
+## Running examples
 
 First, compile the example source. We provide three examples (mult3, innerprod,
 xtabs).
@@ -81,63 +39,45 @@ For example, to run mult3 with inputs 14, 12, and 8, we'd do the following:
 ```
 $ cd MP-SPDZ
 $ mkdir Player-Data
-$ echo 14 8 > Player-Data/Input-P0-0
+$ echo 14 > Player-Data/Input-P0-0
 $ echo 12 > Player-Data/Input-P1-0
+$ echo 8 > Player-Data/Input-P2-0
 ```
 
-### Malicious honest-majority three-party computation
-
 Execute the three parties. The output transcript will include the
 computed solution.
 ```
-$ ./malicious-rep-field-party.x 0 <ex> & ./malicious-rep-field-party.x 1 <ex> & ./malicious-rep-field-party.x 2 <ex>
+$ ./Player-Online.x -N 3 -p 0 <ex> & ./Player-Online.x -N 3 -p 1 <ex> & ./Player-Online.x -N 3 -p 2 <ex>
 ```
 
 For example, the output from the following will include `Mult3 prod = 1344`.
 ```
-$ ./malicious-rep-field-party.x 0 mult3 & ./malicious-rep-field-party.x 1 mult3 & ./malicious-rep-field-party.x 2 mult3
+$ ./Player-Online.x -N 3 -p 0 mult3 & ./Player-Online.x -N 3 -p 1 mult3 & ./Player-Online.x -N 3 -p 2 mult3
 ```
 
-### SPDZ-2
-
-#### Generating pre-processing data
-
-SPDZ has two parts:
-- A pre-processing phase which generates shared randomness between the different parties. 
-    This does not depend on the function to be computed and once pre-processing data is generated
-    it can be used by many different parties until it is used up. 
-    Pre-processing is VERY RESOURCE INTENSIVE. **It needs about 1GB RAM per party.**
-- An online phase which uses pre-processing data to evaluate any function. This is quite fast.
-
-Once in the docker, run the pre-processing phase for, say, 3 parties by executing the following:
+`./Player-Online.x` provides high security in that it tolerates two
+corrupted parties and it tolerates these two parties to deviate from
+the protocol, in which case the protocol aborts. Using Shamir's secret
+sharing, it is possible to create a faster protocol that tolerates
+only one corrupted party, either tolerating deviation as well or not
+even that for a faster execution. You can use
+`./malicious-shamir-party.x` instead of `./Player-Online.x` for the
+more security variant and `./shamir-party.x` for the less secure but
+faster variant. Note that Shamir's secret sharing requires encrypted
+channels, so you will have to run the following script in order to
+generate the required keys and certificates:
 ```
-$ cd MP-SPDZ
-$ ./spdz2-offline.x -p 0 -N 3 -m &
-$ ./spdz2-offline.x -p 1 -N 3 -m &
-$ ./spdz2-offline.x -p 2 -N 3 -m
+Scripts/setup-ssl.sh 3
 ```
 
-This will run for a while to generate the pre-processing data. The generated data is enough for our examples. If you need more, run the pre-processing without `-m`. This will run infinitely; you need to send SIGHUP (Ctrl-C) to stop the programs gracefully once they have generated sufficient data.
-
-You should be able to see the pre-processing data files in MP-SPDZ/Player-Data.
-
-See ./spdz2-offline.cpp for other cmd line options, such as how to specify IP addresses to run on the parties on different machines. The protocol is convertly secure; spdz2-offline.x also has a cmd line option for specifying the covert security parameter.
-
-#### Running examples
+This [blog
+post](https://sharemind.cyber.ee/the-many-flavours-of-multiparty-computation)
+contains more information on the various security models in MPC.
 
-Execute the server and each player. The output transcript will include the
-computed solution.
-``` 
-$ ./Server.x <# players> <port #> 
-$ ./Player-Online.x <player ID> <ex>
-```
-
-For example, the output from the following will include `Mult3 prod = 1344`. 
-```
-$ ./Server.x 3 5000 &
-$ ./Player-Online.x 0 mult3 & ./Player-Online.x 1 mult3 & ./Player-Online.x 2 mult3
-```
+All implementations above support any number of parties by changing
+the `-N` command-line argument. For the ones based on Shamir's secret
+sharing, make sure to run `Scripts/setup-ssl.sh` with the number of parties.
 
 ## Modifying examples
 
-Other examples exist in Programs/Source (some of these come with SPDZ, others we wrote). These can be compiled and run in the same way as shown above, though note that the number of parties is different in different examples. You can learn the SPDZ syntax by reading and modifying these examples, as well as by reading MP-SPDZ/tutorial.md.
+Other examples exist in Programs/Source (some of these come with MP-SPDZ, others we wrote). These can be compiled and run in the same way as shown above, though note that the number of parties is different in different examples. You can learn the SPDZ syntax by reading and modifying these examples, as well as by reading `MP-SPDZ/Programs/Source/tutorial.mpc`.
diff --git a/mp-spdz/install.sh b/mp-spdz/install.sh
@@ -1,19 +1,7 @@
 #!/bin/bash
 
-# Compile SPDZ with secure pre-processing
-git clone https://github.com/n1analytics/MP-SPDZ
-cd MP-SPDZ
-git checkout -b MPCSOK 4092d61
-echo USE_NTL = 1 >> CONFIG.mine
-echo USE_GF2N_LONG = 0 >> CONFIG.mine
-echo MOD = -DMAX_MOD_SZ=6 >> CONFIG.mine
-echo ARCH = -march=native >> CONFIG.mine
-
-make mpir || exit 1
-make || exit 1
-mkdir Player-Data
-Scripts/setup-ssl.sh
+curl -L https://github.com/n1analytics/MP-SPDZ/releases/download/v0.0.8/mp-spdz-0.0.8.tar.gz | tar xzv
+mv mp-spdz-0.0.8 MP-SPDZ
 
-# Linking
-LD_LIBRARY_PATH=${LD_LIBRARY_PATH}:/usr/local/lib
-ldconfig
+cd MP-SPDZ
+Scripts/tldr.sh
diff --git a/mp-spdz/source/mult3.mpc b/mp-spdz/source/mult3.mpc
@@ -1,6 +1,6 @@
 a = sint.get_input_from(0)
 b = sint.get_input_from(1)
-c = sint.get_input_from(0)
+c = sint.get_input_from(2)
 
 prod = a * b * c
 print_ln('Mult3 prod = %s', prod.reveal());
diff --git a/mp-spdz/test_readme.sh b/mp-spdz/test_readme.sh
@@ -3,78 +3,36 @@
 cd MP-SPDZ
 
 for i in mult3 innerprod xtabs; do
-    ./compile.py -B 32 $i || exit 1
+    ./compile.py -p 128 $i || exit 1
 done
 
+Scripts/setup-ssl.sh 3
+
 mkdir Player-Data
-echo 14 8 > Player-Data/Input-P0-0
+echo 14 > Player-Data/Input-P0-0
 echo 12 > Player-Data/Input-P1-0
+echo 8 > Player-Data/Input-P2-0
 
-./yao-player.x -p 0 mult3 &
-./yao-player.x -p 1 mult3 | grep 1344 || exit 1
-
-./replicated-bin-party.x -p 1 mult3 &
-./replicated-bin-party.x -p 2 mult3 &
-./replicated-bin-party.x -p 0 mult3 | grep 1344 || exit 1
-
-for i in 0 1; do
-    cp Programs/Source/xtabs.Input-P$i-0 Player-Data/Input-P$i-0
-done
+progs="./Player-Online.x ./malicious-shamir-party.x ./shamir-party.x"
 
-./yao-player.x -p 0 innerprod &
-./yao-player.x -p 1 innerprod
-
-./yao-player.x -p 0 xtabs &
-./yao-player.x -p 1 xtabs | grep 'expected 6, got 6' || exit 1
-
-./replicated-bin-party.x -p 0 innerprod &
-./replicated-bin-party.x -p 1 innerprod &
-./replicated-bin-party.x -p 2 innerprod
-
-./replicated-bin-party.x -p 1 xtabs &
-./replicated-bin-party.x -p 2 xtabs &
-./replicated-bin-party.x -p 0 xtabs | grep 'expected 6, got 6' || exit 1
-
-for i in mult3 innerprod xtabs; do
-    ./compile.py -p 128 $i || exit 1
+for prog in $progs; do
+    for i in 0 1 2; do
+	$prog -N 3 -p $i mult3 & true
+    done | grep 1344 || exit 1
 done
 
-echo 14 8 > Player-Data/Input-P0-0
-echo 12 > Player-Data/Input-P1-0
-
-./malicious-rep-field-party.x 1 mult3 & ./malicious-rep-field-party.x 2 mult3 &
-./malicious-rep-field-party.x 0 mult3 | grep 1344 || exit 1
-
 for i in 0 1; do
     cp Programs/Source/xtabs.Input-P$i-0 Player-Data/Input-P$i-0
 done
 
-./malicious-rep-field-party.x 1 innerprod & ./malicious-rep-field-party.x 2 innerprod &
-./malicious-rep-field-party.x 0 innerprod || exit 1
-
-./malicious-rep-field-party.x 1 xtabs & ./malicious-rep-field-party.x 2 xtabs &
-./malicious-rep-field-party.x 0 xtabs | grep 'expected 6, got 6' || exit 1
-
-for i in 0 1; do
-    ./spdz2-offline.x -p $i -N 3 -m &
+for prog in $progs; do
+    for i in 0 1 2; do
+	$prog -N 3 -p $i innerprod & true
+    done | grep 'InnerProd: 2248' || exit 1
 done
-./spdz2-offline.x -p 2 -N 3 -m || exit 1
 
-echo 14 8 > Player-Data/Input-P0-0
-echo 12 > Player-Data/Input-P1-0
-
-./Server.x 3 5000 &
-./Player-Online.x 1 mult3 & ./Player-Online.x 2 mult3 &
-./Player-Online.x 0 mult3 | grep 1344 || exit 1
-
-for i in 0 1; do
-    cp Programs/Source/xtabs.Input-P$i-0 Player-Data/Input-P$i-0
+for prog in $progs; do
+    for i in 0 1 2; do
+	$prog -N 3 -p $i xtabs & true
+    done | grep 'expected 6, got 6' || exit 1
 done
-
-./Server.x 3 5000 &
-./Player-Online.x 1 innerprod & ./Player-Online.x 2 innerprod &
-./Player-Online.x 0 innerprod || exit 1
-
-./Server.x 3 5000 &
-./Player-Online.x 1 xtabs & ./Player-Online.x 2 xtabs &
-./Player-Online.x 0 xtabs | grep 'expected 6, got 6' || exit 1