mirror of
https://github.com/data61/MP-SPDZ.git
synced 2026-01-09 13:37:58 -05:00
108 lines
2.8 KiB
C++
108 lines
2.8 KiB
C++
// (C) 2016 University of Bristol. See License.txt
|
|
|
|
#include "Tools.h"
|
|
#include "Math/gf2nlong.h"
|
|
|
|
void random_seed_commit(octet* seed, const TwoPartyPlayer& player, int len)
|
|
{
|
|
PRNG G;
|
|
G.ReSeed();
|
|
vector<octetStream> seed_strm(2);
|
|
vector<octetStream> Comm_seed(2);
|
|
vector<octetStream> Open_seed(2);
|
|
G.get_octetStream(seed_strm[0], len);
|
|
|
|
Commit(Comm_seed[0], Open_seed[0], seed_strm[0], player.my_num());
|
|
player.send_receive_player(Comm_seed);
|
|
player.send_receive_player(Open_seed);
|
|
|
|
memset(seed, 0, len*sizeof(octet));
|
|
|
|
if (!Open(seed_strm[1], Comm_seed[1], Open_seed[1], player.other_player_num()))
|
|
{
|
|
throw invalid_commitment();
|
|
}
|
|
for (int i = 0; i < len; i++)
|
|
{
|
|
seed[i] = seed_strm[0].get_data()[i] ^ seed_strm[1].get_data()[i];
|
|
}
|
|
}
|
|
|
|
void shiftl128(word x1, word x2, word& res1, word& res2, size_t k)
|
|
{
|
|
if (k > 128)
|
|
throw invalid_length();
|
|
if (k >= 64) // shifting a 64-bit integer by more than 63 bits is "undefined"
|
|
{
|
|
x1 = x2;
|
|
x2 = 0;
|
|
shiftl128(x1, x2, res1, res2, k - 64);
|
|
}
|
|
else
|
|
{
|
|
res1 = (x1 << k) | (x2 >> (64-k));
|
|
res2 = (x2 << k);
|
|
}
|
|
}
|
|
|
|
// reduce modulo x^128 + x^7 + x^2 + x + 1
|
|
// NB this is incorrect as it bit-reflects the result as required for
|
|
// GCM mode
|
|
void gfred128(__m128i tmp3, __m128i tmp6, __m128i *res)
|
|
{
|
|
__m128i tmp2, tmp4, tmp5, tmp7, tmp8, tmp9;
|
|
tmp7 = _mm_srli_epi32(tmp3, 31);
|
|
tmp8 = _mm_srli_epi32(tmp6, 31);
|
|
|
|
tmp3 = _mm_slli_epi32(tmp3, 1);
|
|
tmp6 = _mm_slli_epi32(tmp6, 1);
|
|
|
|
tmp9 = _mm_srli_si128(tmp7, 12);
|
|
tmp8 = _mm_slli_si128(tmp8, 4);
|
|
tmp7 = _mm_slli_si128(tmp7, 4);
|
|
tmp3 = _mm_or_si128(tmp3, tmp7);
|
|
tmp6 = _mm_or_si128(tmp6, tmp8);
|
|
tmp6 = _mm_or_si128(tmp6, tmp9);
|
|
|
|
tmp7 = _mm_slli_epi32(tmp3, 31);
|
|
tmp8 = _mm_slli_epi32(tmp3, 30);
|
|
tmp9 = _mm_slli_epi32(tmp3, 25);
|
|
|
|
tmp7 = _mm_xor_si128(tmp7, tmp8);
|
|
tmp7 = _mm_xor_si128(tmp7, tmp9);
|
|
tmp8 = _mm_srli_si128(tmp7, 4);
|
|
tmp7 = _mm_slli_si128(tmp7, 12);
|
|
tmp3 = _mm_xor_si128(tmp3, tmp7);
|
|
|
|
tmp2 = _mm_srli_epi32(tmp3, 1);
|
|
tmp4 = _mm_srli_epi32(tmp3, 2);
|
|
tmp5 = _mm_srli_epi32(tmp3, 7);
|
|
tmp2 = _mm_xor_si128(tmp2, tmp4);
|
|
tmp2 = _mm_xor_si128(tmp2, tmp5);
|
|
tmp2 = _mm_xor_si128(tmp2, tmp8);
|
|
tmp3 = _mm_xor_si128(tmp3, tmp2);
|
|
|
|
tmp6 = _mm_xor_si128(tmp6, tmp3);
|
|
*res = tmp6;
|
|
}
|
|
|
|
// Based on Intel's code for GF(2^128) mul, with reduction
|
|
void gfmul128 (__m128i a, __m128i b, __m128i *res)
|
|
{
|
|
__m128i tmp3, tmp6;
|
|
mul128(a, b, &tmp3, &tmp6);
|
|
// Now do the reduction
|
|
gfred128(tmp3, tmp6, res);
|
|
}
|
|
|
|
string word_to_bytes(const word w)
|
|
{
|
|
stringstream ss;
|
|
octet* bytes = (octet*) &w;
|
|
ss << hex;
|
|
for (unsigned int i = 0; i < sizeof(word); i++)
|
|
ss << (int)bytes[i] << " ";
|
|
return ss.str();
|
|
}
|
|
|