基于GC的AES和SHA256 #491
基于GC的AES和SHA256 #491
Conversation
add utils
…nto example/gate merge
|
I have read the CLA Document and I hereby sign the CLA gitCoder1024 seems not to be a GitHub user. You need a GitHub account to be able to sign the CLA. If you have already a GitHub account, please add the email address used for this commit to your account. |
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Hello @gitCoder1024, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!
Summary of Changes
This pull request introduces features related to AES and SHA256 cryptographic algorithms within the YACL (Yet Another Cryptographic Library) framework. The changes primarily focus on implementing garbled circuit (GC) functionalities for AES-128 and SHA256, including garbling and evaluation components. The code includes header files defining the garbler and evaluator classes for both algorithms, along with modifications to build files and utility functions to support the new features. The pull request also includes test files to verify the correctness of the implemented garbled circuit functionalities.
Highlights
- AES-128 Garbled Circuit Implementation: Introduces
GarblerAESandEvaluatorAESclasses for performing garbled circuit computations on AES-128 encryption. These classes handle the setup, input processing, garbling, evaluation, and decoding stages of the GC protocol. - SHA256 Garbled Circuit Implementation: Adds
GarblerSHA256andEvaluatorSHA256classes to enable garbled circuit computations for SHA256 hashing. These classes manage the circuit, input processing, garbling, evaluation, and output decoding for SHA256. - Build Configuration Updates: Modifies
BUILD.bazelto include the new AES and SHA256 garbled circuit components, specifying dependencies and compiler options required for their compilation. - Code Modernization: Updates the bazel lock file and removes an unnecessary entry from
.bazelignore.
Changelog
Click here to see the changelog
- .bazelignore
- Removes the
examplesentry, potentially to include examples in the build process.
- Removes the
- examples/MODULE.bazel.lock
- Updates the lock file version from 11 to 13, indicating a change in dependencies or build configuration.
- examples/gc/BUILD.bazel
- Adds new
cc_librarydefinitions formitccrh,utils,garbler,evaluator,aes_128_garbler,sha256_garbler,sha256_evaluator, andaes_128_evaluator. - Introduces
cc_binarydefinitions fortest_splitandgc_test, which serve as test executables for the garbled circuit implementations. - Specifies compiler options (
copts) such as-mavx,-maes, and-mpclmulfor optimized instruction sets. - Defines dependencies for each library and binary, including YACL components and other libraries within the
examples/gcdirectory.
- Adds new
- examples/gc/aes_128_evaluator.h
- Defines the
EvaluatorAESclass, responsible for evaluating the garbled AES-128 circuit. - Includes methods for setup, input processing, receiving garbled tables, performing the evaluation, and sending the output.
- Uses
yacl::link::Contextfor communication andyacl::crypto::OtRecvStorefor OT operations.
- Defines the
- examples/gc/aes_128_garbler.h
- Defines the
GarblerAESclass, responsible for garbling the AES-128 circuit. - Includes methods for setup, input processing, garbling, sending garbled tables, and decoding the output.
- Uses
yacl::link::Contextfor communication andyacl::crypto::OtSendStorefor OT operations.
- Defines the
- examples/gc/evaluator.h
- Defines the
Evaluatorclass, responsible for evaluating the garbled circuit. - Includes methods for setup, input processing, receiving garbled tables, performing the evaluation, and sending the output.
- Uses
yacl::link::Contextfor communication andyacl::crypto::OtRecvStorefor OT operations.
- Defines the
- examples/gc/garbler.h
- Defines the
Garblerclass, responsible for garbling the circuit. - Includes methods for setup, input processing, garbling, sending garbled tables, and decoding the output.
- Uses
yacl::link::Contextfor communication andyacl::crypto::OtSendStorefor OT operations.
- Defines the
- examples/gc/gc_test.cc
- Creates a gtest to test the SHA256 garbled circuit implementation.
- Sets up the garbler and evaluator, reads the SHA256 circuit, processes inputs, performs garbling and evaluation, and verifies the output.
- examples/gc/mitccrh.h
- Defines the
MITCCRHclass, likely related to a cryptographic hash function used within the garbled circuit implementation. - Includes methods for setting the starting point, renewing keys, and performing hashing operations.
- Defines the
- examples/gc/sha256.cc
- Implements SHA256 hashing outside of the garbled circuit context, likely for comparison or setup purposes.
- Includes functions for preprocessing the input message and performing the SHA256 computation.
- examples/gc/sha256_evaluator.h
- Defines the
EvaluatorSHA256class, responsible for evaluating the garbled SHA256 circuit. - Includes methods for setup, input processing, receiving garbled tables, performing the evaluation, and sending the output.
- Uses
yacl::link::Contextfor communication andyacl::crypto::OtRecvStorefor OT operations.
- Defines the
- examples/gc/sha256_garbler.h
- Defines the
GarblerSHA256class, responsible for garbling the SHA256 circuit. - Includes methods for setup, input processing, garbling, sending garbled tables, and decoding the output.
- Uses
yacl::link::Contextfor communication andyacl::crypto::OtSendStorefor OT operations.
- Defines the
- examples/gc/test.cc
- Provides a test environment for various garbled circuit operations.
- Includes setup for garbler and evaluator roles, circuit loading, input processing, garbling, evaluation, and output verification.
- examples/gc/test_split.cc
- Similar to
test.cc, but potentially focuses on testing specific aspects or components of the garbled circuit implementation. - Includes setup for garbler and evaluator roles, circuit loading, input processing, garbling, evaluation, and output verification.
- Similar to
- examples/gc/utils.cc
- Implements utility functions, such as
random_uint128_t, for generating random 128-bit integers.
- Implements utility functions, such as
- examples/gc/utils.h
- Declares utility functions, such as
random_uint128_tandgetLSB, for generating random 128-bit integers and extracting the least significant bit.
- Declares utility functions, such as
- yacl/crypto/rand/rand.h
- Adds a blank line after the
FastRandBitsfunction template definition.
- Adds a blank line after the
- yacl/io/circuit/bristol_fashion.cc
- Removes an unused include statement (
#include "spdlog/spdlog.h").
- Removes an unused include statement (
- yacl/io/circuit/bristol_fashion.h
- Adds a blank line at the end of the file.
- yacl/utils/BUILD.bazel
- Adds a blank line at the end of the file.
- yacl/utils/circuit_executor.cc
- Adds a comment to clarify the purpose of the
iw0variable.
- Adds a comment to clarify the purpose of the
- yacl/utils/circuit_executor.h
- Adds comments to the beginning of the file, and removes the
PlainExecutorclass definition.
- Adds comments to the beginning of the file, and removes the
Using Gemini Code Assist
The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.
Invoking Gemini
You can request assistance from Gemini at any point in your pull request via creating an issue comment (i.e. comment on the pull request page) using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands.
| Feature | Command | Description |
|---|---|---|
| Code Review | /gemini review |
Performs a code review for the current pull request in its current state. |
| Pull Request Summary | /gemini summary |
Provides a summary of the current pull request in its current state. |
| Comment | @gemini-code-assist | Responds in comments when explicitly tagged, both in issue comments and review comments. |
| Help | /gemini help |
Displays a list of available commands. |
Customization
To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.
Limitations & Feedback
Gemini Code Assist is currently in preview and may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments to provide feedback.
You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.
In circuits garbled, secrets reside,
AES and SHA, where truths hide.
With gates and wires, a twisted game,
Protecting data, preserving fame.
Footnotes
-
Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩
There was a problem hiding this comment.
Code Review
The pull request introduces AES and SHA256 garbling capabilities, which is a significant addition. However, the code requires careful review to ensure correctness, efficiency, and security. There are several areas where improvements can be made, particularly in terms of resource management, error handling, and code clarity.
Summary of Findings
- Inconsistent use of uint128_t: The code uses
uint128_tin some places anduint64_tin others, even when dealing with similar data. This inconsistency can lead to type mismatches and unexpected behavior. It's important to standardize the data types used throughout the code. - Missing Error Handling: There is a lack of explicit error handling in several functions. Without proper error handling, the code may crash or produce incorrect results without any indication of what went wrong. Error handling is crucial for robust and reliable code.
- Resource Management: The code uses
newanddeletefor dynamic memory allocation, but there is no correspondingdeletecall, which can lead to memory leaks. It's recommended to use smart pointers or RAII to manage memory automatically. - Magic Numbers: The code contains several magic numbers (e.g., 10086, 36663, 768) without clear explanations. These numbers should be replaced with named constants to improve readability and maintainability.
- Lack of Comments: There are several functions and code blocks that lack comments, making it difficult to understand their purpose and functionality. Comments are essential for code maintainability and collaboration.
Merge Readiness
The pull request is not yet ready for merging. There are several critical and high severity issues that need to be addressed before merging, particularly related to memory management, error handling, and code clarity. I am unable to approve this pull request, and I recommend that it not be merged until these issues are resolved and the code has been thoroughly reviewed by other members of the team.
examples/gc/aes_128_garbler.h
Outdated
| /******** | ||
| * | ||
| * | ||
| * 可能有bug | ||
| * | ||
| * **********/ |
There was a problem hiding this comment.
This section is marked as "可能有bug" (may have bugs). It's essential to identify and fix these potential bugs before merging. What are the potential issues here?
| GarblerSHA256* garbler = new GarblerSHA256(); | ||
| EvaluatorSHA256* evaluator = new EvaluatorSHA256(); |
There was a problem hiding this comment.
Using new without a corresponding delete can lead to memory leaks. Consider using smart pointers (e.g., std::unique_ptr or std::shared_ptr) to manage the memory automatically. This applies to other instances of new as well.
| GarblerSHA256* garbler = new GarblerSHA256(); | |
| EvaluatorSHA256* evaluator = new EvaluatorSHA256(); | |
| std::unique_ptr<GarblerSHA256> garbler = std::make_unique<GarblerSHA256>(); | |
| std::unique_ptr<EvaluatorSHA256> evaluator = std::make_unique<EvaluatorSHA256>(); |
examples/gc/aes_128_evaluator.h
Outdated
| //未检查 | ||
| uint128_t EVAND(uint128_t A, uint128_t B, const uint128_t* table_item, | ||
| MITCCRH<8>* mitccrh_pointer) { |
There was a problem hiding this comment.
This function is marked as "未检查" (unchecked). It's crucial to thoroughly test and verify the correctness of this function before merging. What are the potential issues here?
examples/gc/garbler.h
Outdated
| batch_send[j][0] = ot_send.GetBlock(j, 0) ^ gb_value[idx]; | ||
| batch_send[j][1] = ot_send.GetBlock(j, 1) ^ gb_value[idx] ^ delta; | ||
| } else { | ||
| batch_send[j][0] = ot_send.GetBlock(j, 1) ^ gb_value[idx]; | ||
| batch_send[j][1] = ot_send.GetBlock(j, 0) ^ gb_value[idx] ^ delta; |
There was a problem hiding this comment.
This section is marked as "可能有bug" (may have bugs). It's essential to identify and fix these potential bugs before merging. What are the potential issues here?
examples/gc/aes_128_garbler.h
Outdated
| uint128_t GBAND(uint128_t LA0, uint128_t A1, uint128_t LB0, uint128_t B1, | ||
| uint128_t* table_item, MITCCRH<8>* mitccrh_pointer) { |
There was a problem hiding this comment.
Consider using more descriptive variable names than LA0, A1, LB0, B1 to improve code readability. What do these variables represent?
| std::shared_ptr<yacl::link::Context> lctx; | ||
|
|
||
| //根据电路改 | ||
| uint128_t table[135073][2]; |
There was a problem hiding this comment.
Consider defining this size as a constant to improve readability and maintainability. This also applies to other similar hardcoded sizes.
examples/gc/sha256_garbler.h
Outdated
| * | ||
| * 可能有bug | ||
| * | ||
| * **********/ |
There was a problem hiding this comment.
Consider adding a check to ensure that sha256_result.size() == out.size() before comparing the vectors. This will prevent potential errors if the sizes are different.
| * | |
| * 可能有bug | |
| * | |
| * **********/ | |
| if(sha256_result.size() == out.size()){ | |
| if(std::equal(out.begin(), out.end(), sha256_result.begin())) cout<<"YES!!!"<<endl; | |
| } else { | |
| std::cerr << "Error: sha256_result and out vectors have different sizes." << std::endl; | |
| } |
examples/gc/test.cc
Outdated
| std::string operate; | ||
| std::cin >> operate; |
There was a problem hiding this comment.
It's recommended to use absl::make_unique or std::make_shared for creating unique or shared pointers, respectively. This avoids potential memory leaks if the constructor throws an exception.
| std::string operate; | |
| std::cin >> operate; | |
| auto lctx = std::make_shared<yacl::link::Context>( | |
| ctx_desc, FLAGS_rank); // yacl::link::test |
examples/gc/test.cc
Outdated
| YACL_THROW("Unimplemented MAND gate"); | ||
| break; | ||
| } | ||
| default: | ||
| YACL_THROW("Unknown Gate Type: {}", (int)gate.op); | ||
| } | ||
| } | ||
| } |
There was a problem hiding this comment.
Consider adding error handling to the lctx->Send and lctx->Recv calls. This will help to identify and handle communication errors.
examples/gc/test.cc
Outdated
| if (FLAGS_rank == 1) { | ||
| std::cout << "明文计算结果:"; | ||
| if (operate == "adder64") { | ||
| std::cout << input1 + input << std::endl; | ||
| } else if (operate == "divide64") { | ||
| std::cout << static_cast<int64_t>(input1) / static_cast<int64_t>(input) | ||
| << std::endl; | ||
| } else if (operate == "udivide64") { | ||
| std::cout << input1 / input << std::endl; | ||
| } else if (operate == "mult64") { | ||
| std::cout << input1 * input << std::endl; | ||
| } else if (operate == "neg64") { | ||
| std::cout << -input1 << std::endl; | ||
| } else if (operate == "sub64") { | ||
| std::cout << input1 - input << std::endl; | ||
| } else if (operate == "aes_128") { | ||
| std::cout << Aes128(ReverseBytes(input1), ReverseBytes(input)) | ||
| << std::endl; | ||
| result[0] = ReverseBytes(result[0]); | ||
| } else { | ||
| std::cout << "else" << std::endl; | ||
| } |
There was a problem hiding this comment.
Consider adding a default case to the if statement to handle unexpected values of operate. This will prevent potential errors if the input is invalid.
|
I have read the CLA Document and I hereby sign the CLA |
|
recheck |
examples/gc/emp_benchmark/run.sh
Outdated
| exit 1 | ||
| fi | ||
|
|
||
| git clone https://github.com/emp-toolkit/emp-tool.git --branch master |
examples/gc/emp_benchmark/run.sh
Outdated
| cd .. | ||
|
|
||
| wget https://raw.githubusercontent.com/emp-toolkit/emp-readme/master/scripts/install.py | ||
| python install_test.py --ot --sh2pc |
|
|
||
| mkdir build | ||
| cd build | ||
| cmake .. |
There was a problem hiding this comment.
应该是 cmake -S .. -B . ; 否则build file会产生到src目录下
examples/gc/emp_benchmark/run.sh
Outdated
| mkdir build | ||
| cd build | ||
| cmake .. | ||
| make |
| make | ||
| cd .. | ||
|
|
||
| bash aes_run.sh |
|
|
||
| yacl::dynamic_bitset<uint128_t> bi_val; | ||
|
|
||
| input = yacl::crypto::FastRandU128(); |
| GarblerSHA256* garbler = new GarblerSHA256(); | ||
| EvaluatorSHA256* evaluator = new EvaluatorSHA256(); |
| thread1.get(); | ||
| thread2.get(); | ||
|
|
||
| std::string pth = |
There was a problem hiding this comment.
std::string pth = fmt::format("yacl/io/circuit/data/{0}.txt", "sha256"); 就行了,下同。
examples/gc/emp_benchmark/run.sh
Outdated
| cd .. | ||
|
|
||
| wget https://raw.githubusercontent.com/emp-toolkit/emp-readme/master/scripts/install.py | ||
| python install_test.py --ot --sh2pc |
gitCoder1024
force-pushed
the
feat/AES_SHA
branch
from
9edaf72 to
125d21d
Compare
gtest debug