Open
Conversation
kc1212
force-pushed
the
kc1212/feat/2980/prf-keygen-service
branch
from
97bc64b to
e3f3ec7
Compare
Consolidated Tests Results 2026-05-04 - 13:41:07Test Results
Details
test-reporter: Run #1867
🎉 All tests passed!TestsView All Tests
🍂 No flaky tests in this run. Github Test Reporter by CTRF 💚 🔄 This comment has been updated |
kc1212
force-pushed
the
kc1212/feat/2980/prf-keygen-service
branch
4 times, most recently
from
447d725 to
11a6018
Compare
kc1212
force-pushed
the
kc1212/feat/2980/prf-keygen-service
branch
3 times, most recently
from
5498923 to
aae070f
Compare
kc1212
force-pushed
the
kc1212/feat/2980/prf-keygen-service
branch
from
aae070f to
235a7a7
Compare
titouantanguy
previously approved these changes
May 4, 2026
| } | ||
|
|
||
| impl VerifiedPublicMaterial { | ||
| // TODO: is there no better way to find if a particular key exists? we want to avoid the cloning |
Contributor
There was a problem hiding this comment.
Probably would need to ask tfhe-rs.
(more genrally, could be nice to have something that gives a ref to the inner keys instead of having to take onwership)
Contributor
Author
There was a problem hiding this comment.
improved slightly in 37b620a also asked tfhe-rs
| /// negative check: a fresh OPRF server key built from a one-bit-flipped | ||
| /// version of the same LWE key must produce some mismatches against the | ||
| /// cleartext reference. | ||
| fn assert_oprf_correctness<const EXTENSION_DEGREE: usize>( |
Contributor
There was a problem hiding this comment.
part of this fn is duplicated with check_oprf_correctness from service/src/client/key_gen.rs I believe ?
Should we try and factor the duplicated part somewhere accessible to both here and there ?
| num_triples_needed += | ||
| // Raw triples necessary for the 2 BK | ||
| self.lwe_dimension().0 * (self.glwe_sk_num_bits() + self.glwe_sk_num_bits_sns()); | ||
| num_triples_needed += self.lwe_dimension().0 * self.glwe_sk_num_bits(); |
Contributor
There was a problem hiding this comment.
What about modifying the line above with
num_triples_needed +=
// Raw triples necessary for the regular BK, the OPRF BK and the SnS BK
self.lwe_dimension().0 * (2*self.glwe_sk_num_bits() + self.glwe_sk_num_bits_sns());
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description of changes
Integrate homomorphic prf keygen on the service level.
There is a subtle issue around resharing. Namely when we rehare a sk between two different sets, set2 does not know whether set1 has a hom. prf key or not, so it does not know whether to run the protocol. The workaround is to have set2 detect from the public keys whether resharing should be run on the hom. prf keys. This means set1 and set2 is setting the flag
oprf_key_presentfrom different sources, the former sets it using its own secret key share, the latter sets it using what it finds in the public key.Issue ticket number and link
Closes zama-ai/kms-internal#2980
PR Checklist
I attest that all checked items are satisfied. Any deviation is clearly justified above.
chore: ...).TODO(#issue).unwrap/expect/paniconly in tests or for invariant bugs (documented if present).devopslabel + infra notified + infra-team reviewer assigned.!and affected teams notified.Zeroize+ZeroizeOnDropimplemented.unsafe; if unavoidable: minimal, justified, documented, and test/fuzz covered.Dependency Update Questionnaire (only if deps changed or added)
Answer in the
Cargo.tomlnext to the dependency (or here if updating):More details and explanations for the checklist and dependency updates can be found in CONTRIBUTING.md