Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Lack of Randomness #4

Closed
ghost opened this issue Dec 20, 2016 · 1 comment
Closed

Lack of Randomness #4

ghost opened this issue Dec 20, 2016 · 1 comment

Comments

@ghost
Copy link

ghost commented Dec 20, 2016

During our work with ABY I noticed that the generated keys for the Yao sharing are deterministic. If the sharing algorithm is run two times the same keys are used.

This undermines the security of the entire protocol since Yao's garbled circuit must not be reused. An attacker can generate all server-keys and learn the secret server input.
@dd23
Copy link
Member

dd23 commented Dec 20, 2016

You are right, ABY currently uses a fixed seed to generate randomness and thus keys are deterministic. This is intentional and used for debugging.

If you want to change this and have actual random (and different) values in every run you should change
src/abycore/aby/abyparty.cpp:44
from
m_cCrypt = new crypto(seclvl.symbits, (uint8_t*) const_seed[pid]);
to
m_cCrypt = new crypto(seclvl.symbits);

@ghost ghost closed this as completed Dec 20, 2016
@ghost ghost mentioned this issue Dec 28, 2016
Closed
This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@dd23