modified apsi

Author: xiansongq

CMakeLists.txt

@@ -5,9 +5,9 @@ CMAKE_MINIMUM_REQUIRED(VERSION 3.2)
 PROJECT(Kunlun)
 # On some machines, the path of OpenSSL is  /usr/local/lib64/openssl/libcrypto.a
 IF(CMAKE_SYSTEM_NAME STREQUAL "Linux")
-    SET(OPENSSL_LIBRARIES /usr/local/lib64/libcrypto.a /usr/local/lib64/libssl.a)
-    SET(OPENSSL_INCLUDE_DIR /usr/local/include)
-    SET(OPENSSL_DIR /usr/local/lib64)
+    SET(OPENSSL_LIBRARIES /usr/local/openssl/lib64/libcrypto.a /usr/local/openssl/lib64/libssl.a)
+    SET(OPENSSL_INCLUDE_DIR /usr/local/openssl/include)
+    SET(OPENSSL_DIR /usr/local/openssl/lib64)
 ELSEIF(CMAKE_SYSTEM_NAME STREQUAL "Darwin")
     SET(OPENSSL_LIBRARIES /usr/local/lib/libcrypto.a /usr/local/lib/libssl.a)
     SET(OPENSSL_INCLUDE_DIR /usr/local/include)
@@ -242,6 +242,27 @@ target_link_libraries(test_label_peqt ${OPENSSL_LIBRARIES} OpenMP::OpenMP_CXX ${
 add_executable(test_keyword_pir test/mytest/test_keywordpir.cpp)
 target_link_libraries(test_keyword_pir ${OPENSSL_LIBRARIES} OpenMP::OpenMP_CXX ${CMAKE_DL_LIBS})
 
-#test_poly
-add_executable(test_polynomial test/mytest/test_polynomial.cpp)
-target_link_libraries(test_polynomial ${OPENSSL_LIBRARIES} OpenMP::OpenMP_CXX ${CMAKE_DL_LIBS})
+##test_poly
+#add_executable(test_polynomial test/mytest/test_polynomial.cpp)
+#target_link_libraries(test_polynomial ${OPENSSL_LIBRARIES} OpenMP::OpenMP_CXX ${CMAKE_DL_LIBS})
+
+#test_cuckoo_filter
+add_executable(mytest_cuckoo_filter test/mytest/test_cuckoo_filter.cpp)
+target_link_libraries(mytest_cuckoo_filter ${OPENSSL_LIBRARIES} OpenMP::OpenMP_CXX ${CMAKE_DL_LIBS})
+
+#test_psi
+add_executable(test_psi test/mytest/test_psi.cpp)
+target_link_libraries(test_psi ${OPENSSL_LIBRARIES} OpenMP::OpenMP_CXX ${CMAKE_DL_LIBS})
+
+add_executable(splitdata test/mytest/splitdata.cpp)
+target_link_libraries(splitdata ${OPENSSL_LIBRARIES} OpenMP::OpenMP_CXX ${CMAKE_DL_LIBS})
+
+
+
+#labelpsi
+add_library(labelpsi  mpc/labelpsi/psi.h mpc/labelpsi/psi.cpp  mpc/labelpsi/windowing.cpp mpc/labelpsi/hashing.cpp mpc/labelpsi/random.cpp mpc/labelpsi/polynomials.cpp)
+
+target_link_libraries(labelpsi SEAL::seal)
+
+add_executable(label test/mytest/test_labelpsi.cpp)
+target_link_libraries(label  labelpsi ${OPENSSL_LIBRARIES} OpenMP::OpenMP_CXX ${CMAKE_DL_LIBS})

config/config.h

@@ -1,7 +1,7 @@
 #pragma once
 
-#define NUMBER_OF_LOGICAL_CORES      4
-#define NUMBER_OF_PHYSICAL_CORES     4
+#define NUMBER_OF_LOGICAL_CORES      64
+#define NUMBER_OF_PHYSICAL_CORES     32
 #define IS_64BIT                     1
 #define HAS_SSE2                     1
 

filter/cuckoo_filter.hpp

@@ -175,6 +175,7 @@ class CuckooFilter {
                 for(auto j=0;j<element[i].size();j++){
                     result=(result<<8)|element[i][j];
                 }
+                std::cout<<result<<std::endl;
                 //unsigned char buffer[element[i].size()];
                 //memcpy(buffer, element[i].data(), element[i].size());
                 //std::cout<<buffer<<std::endl;

mpc/labelpsi/client.cpp

@@ -0,0 +1,62 @@
+#include <cassert>
+#include <iostream>
+
+#include "boost/asio.hpp"
+
+#include "networking.h"
+
+using namespace std;
+using namespace boost::asio;
+
+int main()
+{
+    vector<uint64_t> inputs = {0x02, 0x07, 0x05, 0xfe};
+    size_t input_bits = 32;
+    size_t poly_modulus_degree = 8192;
+    unsigned short port = 9999;
+
+    io_context context;
+    ip::tcp::socket socket(context);
+    ip::tcp::resolver resolver(context);
+    connect(socket, resolver.resolve("localhost", "9999", resolver.numeric_service));
+    Networking net(socket);
+
+    cout << "connected, waiting for hello and set size" << endl;
+    net.read_hello();
+    size_t sender_size = net.read_uint32();
+
+    cout << "picking params" << endl;
+    PSIParams params(inputs.size(), sender_size, input_bits, poly_modulus_degree);
+    params.generate_seeds();
+    net.set_seal_context(params.context);
+    PSIReceiver receiver(params);
+
+    cout << "sending hello, set size, seeds, pk, relin keys" << endl;
+    net.write_hello();
+    net.write_uint32(inputs.size());
+    net.write_uint64s(params.seeds);
+    net.write_public_key(receiver.public_key());
+    net.write_relin_keys(receiver.relin_keys());
+
+    cout << "encrypting inputs" << endl;
+    vector<bucket_slot> buckets;
+    auto encrypted_inputs = receiver.encrypt_inputs(inputs, buckets);
+
+    cout << "sending inputs" << endl;
+    net.write_ciphertexts(encrypted_inputs);
+
+    cout << "waiting for encrypted matches" << endl;
+    vector<Ciphertext> encrypted_matches;
+    net.read_ciphertexts(encrypted_matches);
+
+    cout << "decrypting matches" << endl;
+    auto matches = receiver.decrypt_labeled_matches(encrypted_matches);
+
+    cout << matches.size() << " matches found: ";
+    for (auto i : matches) {
+        assert(i.first < buckets.size());
+        assert(buckets[i.first] != BUCKET_EMPTY);
+        cout << inputs[buckets[i.first].first] << "-" << i.second << " ";
+    }
+    cout << endl;
+}

mpc/labelpsi/hashing.cpp

@@ -0,0 +1,116 @@
+#include <cassert>
+
+//#include "aes.h"
+#include "../../crypto/aes.hpp"
+#include "hashing.h"
+
+using namespace std;
+
+uint64_t aes_hash(AES::Key &key, size_t bits, uint64_t value) {
+    block a=Block::MakeBlock('0LL',value);
+	assert(bits < 64);
+
+	 AES::Enc(key, a);
+	return (Block::BlockToUint64Low(a) ^ value) & ((1ull << bits) - 1);
+}
+
+size_t loc_aes_hash(AES::Key &key, size_t m, uint64_t value) {
+	return aes_hash(key, m, value >> m) ^ (value & ((1ull << m) - 1));
+}
+
+bool cuckoo_hash(shared_ptr<UniformRandomGenerator> random,
+	             vector<uint64_t> &inputs,
+	             size_t m,
+	             vector<bucket_slot> &buckets,
+	             vector<uint64_t> &seeds)
+{
+	buckets.resize(1 << m);
+	for (size_t i = 0; i < buckets.size(); i++) {
+		buckets[i] = BUCKET_EMPTY;
+	}
+
+	vector<AES::Key> aes(seeds.size());
+	for (size_t i = 0; i < seeds.size(); i++) {
+		aes[i]=AES::GenEncKey(Block::MakeBlock('0LL',seeds[i]));
+	}
+
+	for (size_t i = 0; i < inputs.size(); i++) {
+		bool resolved = false;
+		bucket_slot current_item = make_pair(
+			i,
+			random_integer(random, seeds.size())
+		);
+
+		// TODO: keep track of # of operations and abort if exceeding some limit
+		while (!resolved) {
+			size_t loc = loc_aes_hash(
+				aes[current_item.second],
+				m,
+				inputs[current_item.first]
+			);
+
+			buckets[loc].swap(current_item);
+
+			if (current_item == BUCKET_EMPTY) {
+				resolved = true;
+			} else {
+				size_t old_hash = current_item.second;
+				while (current_item.second == old_hash) {
+					current_item.second = random_integer(random, seeds.size());
+				}
+			}
+		}
+	}
+
+	return true;
+}
+
+bool complete_hash(shared_ptr<UniformRandomGenerator> random,
+	               vector<uint64_t> &inputs,
+                   size_t m,
+                   size_t capacity,
+                   vector<bucket_slot> &buckets,
+                   vector<uint64_t> &seeds)
+{
+	buckets.resize(capacity << m);
+	for (size_t i = 0; i < buckets.size(); i++) {
+		buckets[i] = BUCKET_EMPTY;
+	}
+
+	vector<AES::Key> aes(seeds.size());
+	for (size_t i = 0; i < seeds.size(); i++) {
+        aes[i]=AES::GenEncKey(Block::MakeBlock('0LL',seeds[i]));
+	}
+
+	vector<size_t> capacity_used(1 << m);
+
+	// insert all elements into the table in a deterministic order (filling each
+	// bucket sequentially)
+	for (size_t i = 0; i < inputs.size(); i++) {
+		for (size_t j = 0; j < seeds.size(); j++) {
+			size_t loc = loc_aes_hash(aes[j], m, inputs[i]);
+
+			if (capacity_used[loc] == capacity) {
+				// all slots in the bucket are used, so we cannot add this
+				// element
+				return false;
+			}
+
+			buckets[capacity * loc + capacity_used[loc]] = make_pair(i, j);
+			capacity_used[loc]++;
+		}
+	}
+
+	// now shuffle each bucket, to avoid leaking information about bucket load
+	// distribution through partitioning
+	for (size_t bucket = 0; bucket < (1 << m); bucket++) {
+		for (size_t slot = 1; slot < capacity; slot++) {
+			// uniformly pick a random slot before this one (possibly this
+			// very same one) and swap
+			size_t prev_slot = random_integer(random, slot + 1);
+			buckets[capacity * bucket + slot].swap(buckets[capacity * bucket + prev_slot]);
+		}
+	}
+
+	return true;
+}

mpc/labelpsi/hashing.h

@@ -0,0 +1,42 @@
+
+#pragma once
+#include <cstdint>
+#include <utility>
+#include <vector>
+
+#include "random.h"
+
+typedef pair<size_t, size_t> bucket_slot;
+
+const bucket_slot BUCKET_EMPTY = make_pair(0xFFFFFFFFul, 0xFFFFFFFFul);
+
+/* Given a set of inputs, a number of buckets, and seeds for a hash function,
+   performs permutation-based cuckoo hashing to put at most one element in each
+   bucket.
+   Permutation-based hashing means that, after hashing, it is safe to drop the
+   last m bits of all the inputs in the table.
+   The number of buckets is 2^m. Non-empty buckets will contain
+   (input_index, seed_index), empty ones will be equal to BUCKET_EMPTY.
+   Seeds should be random 64-bit values.
+*/
+bool cuckoo_hash(shared_ptr<UniformRandomGenerator> random,
+                 vector<uint64_t> &inputs,
+                 size_t m,
+                 vector<bucket_slot> &buckets,
+                 vector<uint64_t> &seeds);
+
+/* Given a set of inputs, a number of buckets, and seeds for a hash function,
+   places every input, hashed with *every* function, into the corresponding
+   bucket, using permutation-based hashing.
+   The number of buckets is 2^m. Non-empty buckets will contain
+   (input_index, seed_index), empty ones will be equal to BUCKET_EMPTY.
+   jth element of bucket number i is stored in buckets[i * capacity + j].
+   Seeds should be random 64-bit values.
+*/
+bool complete_hash(shared_ptr<UniformRandomGenerator> random,
+                   vector<uint64_t> &inputs,
+                   size_t m,
+                   size_t capacity,
+                   vector<bucket_slot> &buckets,
+                   vector<uint64_t> &seeds);
+

mpc/labelpsi/polynomials.cpp

@@ -0,0 +1,84 @@
+#include <cassert>
+#include <set>
+
+#include "polynomials.h"
+
+uint64_t modexp(uint64_t base, uint64_t exponent, uint64_t modulus) {
+    uint64_t result = 1;
+    while (exponent > 0) {
+        if (exponent & 1) {
+            result = MUL_MOD(result, base, modulus);
+        }
+        base = MUL_MOD(base, base, modulus);
+        exponent = (exponent >> 1);
+    }
+    return result;
+}
+
+uint64_t modinv(uint64_t x, uint64_t modulus) {
+    return modexp(x, modulus - 2, modulus);
+}
+
+void polynomial_from_roots(vector<uint64_t> &roots, vector<uint64_t> &coeffs, uint64_t modulus) {
+    coeffs.clear();
+    coeffs.resize(roots.size() + 1);
+    coeffs[0] = 1;
+
+    for (size_t i = 0; i < roots.size(); i++) {
+        // multiply coeffs by (x - root)
+        uint64_t neg_root = modulus - (roots[i] % modulus);
+
+        for (size_t j = i + 1; j > 0; j--) {
+            coeffs[j] = (coeffs[j - 1] + MUL_MOD(neg_root, coeffs[j], modulus)) % modulus;
+        }
+        coeffs[0] = MUL_MOD(coeffs[0], neg_root, modulus);
+    }
+}
+
+void polynomial_from_points(vector<uint64_t> &xs,
+                            vector<uint64_t> &ys,
+                            vector<uint64_t> &coeffs,
+                            uint64_t modulus)
+{
+    assert(xs.size() == ys.size());
+    coeffs.clear();
+    coeffs.resize(xs.size());
+
+    if (xs.size() == 0) {
+        return;
+    }
+
+    // at iteration i of the loop, basis contains the coefficients of the basis
+    // polynomial (x - xs[0]) * (x - xs[1]) * ... * (x - xs[i - 1])
+    vector<uint64_t> basis(xs.size());
+    basis[0] = 1;
+
+    // at iteration i of the loop, ddif[j] contains the divided difference
+    // [ys[j], ys[j + 1], ..., ys[j + i]]. thus initially, when i = 0,
+    // ddif[j] = [ys[j]] = ys[j]
+    vector<uint64_t> ddif = ys;
+
+    for (size_t i = 0; i < xs.size(); i++) {
+        for (size_t j = 0; j < i + 1; j++) {
+            coeffs[j] = (coeffs[j] + MUL_MOD(ddif[0], basis[j], modulus)) % modulus;
+        }
+
+        if (i < xs.size() - 1) {
+            // update basis: multiply it by (x - xs[i])
+            uint64_t neg_x = modulus - (xs[i] % modulus);
+
+            for (size_t j = i + 1; j > 0; j--) {
+                basis[j] = (basis[j - 1] + MUL_MOD(neg_x, basis[j], modulus)) % modulus;
+            }
+            basis[0] = MUL_MOD(basis[0], neg_x, modulus);
+
+            // update ddif: compute length-(i + 1) divided differences
+            for (size_t j = 0; j + i + 1 < xs.size() + 1; j++) {
+                // dd_{j,j+i+1} = (dd_{j+1, j+i+1} - dd_{j, j+i}) / (x_{j+i+1} - x_j)
+                uint64_t num = (ddif[j + 1] - ddif[j] + modulus) % modulus;
+                uint64_t den = (xs[j + i + 1] - xs[j] + modulus) % modulus;
+                ddif[j] = MUL_MOD(num, modinv(den, modulus), modulus);
+            }
+        }
+    }
+}