pub type Sbu64 = Sbi<u64>;Expand description
A u64 secret-shared using a binary field.
Can be used similarly to normal/public u64 values, with the restriction that any public u64 must be upgraded to an Sbu64 before usage.
For example:
let x = Sbu64::from(1);
let y = Sbu64::from(9);
assert_eq!(x + y, Sbu64::from(10));§Information Flow Control
Variables in REAL must satisfy some information flow requirements, which states that it must not be possible to infer the value of a secret variable. This basic requirement then results in a bunch of type constraints:
Sbivalues cannot be downcasted to public integers.- While-statements on
Sbivalues is impossible. - If-statements on
Sbivalues has some additional limitations in the branches:- Can only assign secret-shared values.
- Cannot call functions.
- Cannot use while-statements.
- Cannot use public if-statements.
Here are some examples of disallowed data flows:
let x: Sbu64 = Sbu64::from(9);
let y: u64 = x; // Fails: Secrets cannot become public
let z: Sbu64 = x + 10; // Fails: Missing cast§Representation
The true value of instances of this type is secret-shared across several computation nodes, and certain operations require network communication, which may result in a significantly slower operation than on their public equivalents.
Sbu64
uses a binary-field secret-sharing, which allows operations on bits to be done
efficiently, but arithmetic operations needs to be implemented using the bit
operations, which can be slow.
Here is a rough overview of the theoretic performance. N is the type length in bits. Lower numbers are better:
| Operation | Rounds (#Networking Packets) | Multiplications (Size of Networking Packets) |
|---|---|---|
BitXor | 0 | 0 |
Shl / Shr | 0 | 0 |
BitAnd | 1 | N |
BitOr | 1 | N |
| If-expression return value | 1 | 2*N |
PartialEq / Eq | log2(N) | N-1 |
Add / Sub | N | 2*N |
Ord (lt, gt) | N | 2*N |
Mul | N squared | 2*N squared |
§Example
Consider the following program:
fn max(a: Sbi32, b: Sbi32) -> Sbi32 {
if a < b { b } else { a }
}One execution of max would involve 33 rounds (32 from < and 1 from if) and 128 multiplications (64 from < and 64 from if).
Aliased Type§
struct Sbu64 { /* private fields */ }