The changelog explains changes pulled through from the private development repository. Bug fixes and small enhancements are committed between releases and not documented here.
- Rep4: honest-majority four-party computation with malicious security
- SY/SPDZ-wise: honest-majority computation with malicious security based on replicated or Shamir secret sharing
- Training with a sequence of dense layers
- Training and inference for multi-class classification
- Local share conversion for semi-honest protocols based on additive secret sharing modulo a power of two
- edaBit generation based on local share conversion
- Optimize exponentation with local share conversion
- Optimize Shamir pseudo-random secret sharing using a hyper-invertible matrix
- Mathematical functions (exponentation, logarithm, square root, and trigonometric functions) with binary circuits
- Direct construction of fixed-point values from any type, breaking
sfix(x)wherexis the integer representation of a fixed-point number. Usesfix._new(x)instead. - Optimized dot product for
sfix - Matrix multiplication via operator overloading uses VM-optimized multiplication.
- Fake preprocessing for daBits and edaBits
- Fixed security bug: insufficient randomness in SemiBin random bit generation.
- Fixed security bug: insufficient randomization of FKOS15 inputs.
- Fixed security bug in binary computation with SPDZ(2k).
- Streamline inputs to binary circuits
- Improved private output
- Emulator for arithmetic circuits
- Efficient dot product with Shamir's secret sharing
- Lower memory usage for TensorFlow inference
- This version breaks bytecode compatibility.
- Half-gate garbling
- Native 2D convolution
- Inference with some TensorFlow graphs
- MASCOT with several MACs to increase security
- Possibility of using global keyword in loops instead of MemValue
- IEEE754 floating-point functionality using Bristol Fashion circuits
- Bristol Fashion circuits
- Semi-honest computation with somewhat homomorphic encryption
- Use SSL for client connections
- Client facilities for all arithmetic protocols
- Faster conversion between arithmetic and binary secret sharing using extended daBits
- Optimized daBits
- Optimized logistic regression
- Faster compilation of repetitive code (compiler option
-C) - ChaiGear: HighGear with covert key generation
- TopGear zero-knowledge proofs
- Binary computation based on Shamir secret sharing
- Fixed security bug: Prove correctness of ciphertexts in input tuple generation
- Fixed security bug: Missing check in MASCOT bit generation and various binary computations
- Mixed circuit computation with secret sharing
- Binary computation for dishonest majority using secret sharing as in FKOS15
- Fixed security bug: insufficient OT correlation check in SPDZ2k
- This version breaks bytecode compatibilty.
- Python 3
- Semi-honest computation based on semi-homomorphic encryption
- Access to player information in high-level language
- Machine learning capabilities used for MobileNets inference and the iDASH submission
- Binary computation for dishonest majority using secret sharing
- Mathematical functions from SCALE-MAMBA
- Fixed security bug: CowGear would reuse triples.
- ECDSA
- Loop unrolling with budget as in HyCC
- Malicious replicated secret sharing for binary circuits
- New variants of malicious replicated secret over rings in Use your Brain!
- MASCOT for any prime larger than 2^64
- Private fixed- and floating-point inputs
- CowGear protocol (LowGear with covert security)
- Protocols that sacrifice after than before
- More protocols for replicated secret sharing over rings
- Fixed security bug: Some protocols with supposed malicious security wouldn't check players' inputs when generating random bits.
- Complete BMR for all GF(2^n) protocols
- Use your Brain!
- Semi/Semi2k for semi-honest OT-based computation
- Branching on revealed values in garbled circuits
- Fixed security bug: Potentially revealing too much information when opening linear combinations of private inputs in MASCOT and SPDZ2k with more than two parties
- SPDZ2k
- Integration of MASCOT and SPDZ2k preprocessing
- Integer division
- Simplified installation on macOS
- Optimized matrix multiplication
- Data type for quantization
- Shamir secret sharing
- More three-party replicated secret sharing
- Encrypted communication for replicated secret sharing
- Added BMR, Yao's garbled circuits, and semi-honest 3-party replicated secret sharing for arithmetic and binary circuits.
- Use inline assembly instead of MPIR for arithmetic modulo primes up length upt to 128 bit.
- Added a secure multiplication instruction to the instruction set in order to accommodate protocols that don't use Beaver randomization.
- Added offline phases based on homomorphic encryption, used in the SPDZ-2 paper and the Overdrive paper.
- On macOS, the minimum requirement is now Sierra.
- Compilation with LLVM/clang is now possible (tested with 3.8).
See the ExternalIO directory for more details and examples.
Note that libsodium is now a dependency on the SPDZ build.
Added compiler instructions:
- LISTEN
- ACCEPTCLIENTCONNECTION
- CONNECTIPV4
- WRITESOCKETSHARE
- WRITESOCKETINT
Removed instructions:
- OPENSOCKET
- CLOSESOCKET
Modified instructions:
- READSOCKETC
- READSOCKETS
- READSOCKETINT
- WRITESOCKETC
- WRITESOCKETS
Support secure external client input and output with new instructions:
- READCLIENTPUBLICKEY
- INITSECURESOCKET
- RESPSECURESOCKET
Added compiler instructions:
- READFILESHARE
- WRITEFILESHARE
Added compiler instructions:
- DIGESTC - Clear truncated hash computation
- PRINTINT - Print register value
- See
README.mdandtutorial.md.