Awesome
DUPLO
A C++ implementation of the DUPLO cryptographic protocol
Installation
The code has been tested to work on MacOS (10.12.1) and Ubuntu 16.04.
Requirements
- C++ compiler with C++14 support. The code has been successfully built with GCC 5.3.1, GCC 6.1 and CLANG 3.8. For building the main DUPLO runtime code the following tools are required
- make
- cmake
- wget
In addition, for the TableProducer executable GMP for arbitrary-precision arithmetic is required. Finally for the Frigate extension compiler, the following external libraries are required:
- Flex (tested with Flex 2.5.35, 2.5.37 and 2.6)
- Bison (version 2.7, seems to be issues on systems with bison 3.x)
NOTE: If these libraries are not detected by the build system, the TableProducer and/or Frigate executables will be skipped during compilation.
Installing GMP and Bison 2.7 on MacOS (10.12) and updating PATH
Using homebrew:
- brew install gmp
- brew install gmp@4
- brew install bison@2.7
- Add 'export PATH="/usr/local/opt/bison@2.7/bin:$PATH"' to end of ~/.bash_profile
Linux Notes
Links to the required packages for the Frigate compiler:
Please see Frigate Readme
or Local Frigate Readme
for more details on how to install the required libraries.
Building the Project
To clone, build and test the code:
- git clone --recursive https://github.com/AarhusCrypto/DUPLO
- cd DUPLO
- ./cmake-release.sh
- ./build/release/TestDUPLO
Frigate Extension Compiler
The Frigate
compiler transforms a C-style program into a bolean circuit. We here provide an extension of this work that in addition can output a set of boolean circuits along with an appropriate soldering description that can be fed to the DUPLO system for secure computation of the original source program.
NOTE: For programs specifying distinct output to the parties the compiler cannot handle all cases correctly.
- If only a single party receives the output it always works.
- If one party receives the entire output and another party receives only a subset it works as well.
- However for the case of the parties receiving individual output the output header and final output wires might be incorrect. In this case manually modifying the output .GC_duplo file can be done fairly straightforward.
Running the compiler
Flags:
-dp output circuit file in DUPLO format
-aes embed the [`S-Box`](http://www.cs.yale.edu/homes/peralta/CircuitStuff/CMT.html) circuit to generate AES circuits efficiently
-rand generate a random component subcircuit to finding "sweet spot" for DUPLO
Example:
./build/release/Frigate ./frigate/circuits/test.wir -dp
Generate AES
./build/release/Frigate ./frigate/circuits/aes/p1_aes.wir -dp -aes
NOTE: In order to build a program using the -aes flag, the $curr_working_dir must the the root of the project, i.e. (DUPLO), else our compiler cannot find the custom s-box circuit that we provide.
Generate random circuits
./build/release/Frigate ./frigate/circuits/randomcCircuits/p12_1_test.wir -dp -rand
DUPLO circuit format:
Each file .GC_Duplo consists of:
- A first line defining the number of functions and then the number of components in the circuit.
- A second line defining the length (in bits) of constructor's input, evaluator's input, the size of total output, the size of construtor's output, and the size of evaluator's output
- Each function starts at "FN" and ends at "--end FN #id--". The first line of the function shows the function index, the length of input, the length of output, the number of wires, the number of non-xor gate, and the number of gates.
- Gate operation: input_wire_1 input_wire_2 output_wire gate_operation
gate_operation legend:
- "0000" : constant 0 //Never generated explicitly, supported through other means (XOR).
- "0001" : NOR
- "0010" : (NOT left) AND right
- "0011" : NOT left-wire
- "0100" : left AND (NOT right)
- "0101" : NOT right-wire
- "0110" : XOR
- "0111" : NAND
- "1000" : AND
- "1001" : NXOR
- "1010" : right identity
- "1011" : (NOT left) OR right
- "1100" : left identity
- "1101" : left OR (NOT right)
- "1110" : OR
- "1111" : constant 1 //Never generated explicitly, supported through other means (XOR + NOT).