-- Hoogle documentation, generated by Haddock -- See Hoogle, http://www.haskell.org/hoogle/ -- | Multiparty Computation in Haskell -- -- hMPC is a Haskell package for secure multiparty computation (MPC). -- -- hMPC provides a runtime for performing computations on secret-shared -- values, where parties interact by exchanging messages via peer-to-peer -- connections. The hMPC protocols are based on Shamir's threshold secret -- sharing scheme and withstand passive adversaries controlling less than -- half of the parties. -- -- Secure integer arithmetic is supported for parameterized number -- ranges, including support for comparison operations. Secure finite -- field arithmetic is supported. -- -- The above operations are all available via Haskell's operator -- overloading. -- -- Secure drop-in replacements for lots of Haskell built-in functions, -- such as all, sum, min, max are provided, -- mimicking the Haskell APIs as much as possible. Further operations for -- container datatypes holding secret-shared data items are provided as -- well (e.g., matrix-vector operations like secure dot products). @package hMPC @version 0.1.0.2 -- | This module collects all hGMP functions used by hMPC. module Hgmp -- | Return True if x is probably prime, else False if x is definitely -- composite isPrime :: Integer -> Bool -- | Return the greatest probable prime number < x, if any. prevPrime :: Integer -> Integer -- | Return y such that x*y == 1 modulo m. invert :: Integer -> Integer -> Integer -- | This module supports finite (Galois) fields. -- -- Function gf creates types implementing finite fields. module FinFields -- | Instantiate an object from a field and subsequently apply overloaded -- operators such as (+), (-), -- (*), (/) etc., to compute with field -- elements. data FiniteField FiniteField :: FiniteFieldMeta -> Integer -> FiniteField [meta] :: FiniteField -> FiniteFieldMeta [value] :: FiniteField -> Integer Literal :: Integer -> FiniteField [value] :: FiniteField -> Integer data FiniteFieldMeta FiniteFieldMeta :: Integer -> Int -> FiniteFieldMeta [modulus] :: FiniteFieldMeta -> Integer [byteLength] :: FiniteFieldMeta -> Int -- | Create a finite (Galois) field for given modulus (prime number). gf :: Integer -> FiniteField -- | Return byte string representing the given list/ndarray of integers x. toBytes :: Int -> [Integer] -> ByteString -- | Return the list of integers represented by the given byte string. fromBytes :: Int -> ByteString -> [Integer] instance GHC.Show.Show FinFields.FiniteFieldMeta instance GHC.Show.Show FinFields.FiniteField instance GHC.Real.Fractional FinFields.FiniteField instance GHC.Classes.Eq FinFields.FiniteField instance GHC.Num.Num FinFields.FiniteField module Parser -- | Return parser results for command line arguments passed to the hMPC -- runtime. getArgParser :: IO Options -- | Return parser for command line arguments passed to the hMPC runtime. getArgParserExtra :: Parser a -> IO (Options, a) data Options Options :: [String] -> Integer -> Integer -> Integer -> Integer -> Int -> Bool -> Maybe Int -> Options [parsParties] :: Options -> [String] [m] :: Options -> Integer [myPid] :: Options -> Integer [threshold] :: Options -> Integer [basePort] :: Options -> Integer [secParam] :: Options -> Int [noAsync] :: Options -> Bool [nrThreads] :: Options -> Maybe Int -- | Module for information-theoretic threshold secret sharing. -- -- Threshold secret sharing assumes secure channels for communication. module Shamir -- | Split each secret given in s into m random Shamir shares. -- -- The (maximum) degree for the Shamir polynomials is t, 0 <= t -- < m. Return matrix of shares, one row per party. randomSplit :: RandomGen g => FiniteField -> [FiniteField] -> Integer -> Integer -> g -> ([[Integer]], g) -- | Compute and store a recombination vector. -- -- A recombination vector depends on the field, the x-coordinates xs of -- the shares and the x-coordinate x_r of the recombination point. _recombinationVector :: FiniteField -> [Integer] -> Integer -> [Integer] -- | Recombine shares given by points into secrets. -- -- Recombination is done for x-coordinates x_rs. recombine :: FiniteField -> [IdSharesPair] -> [FiniteField] -- | Couples a ID pi to the share list si. type IdSharesPair = (Integer, [Integer]) module Types type Dict = Map Int (MVar ByteString) data Party Party :: Integer -> String -> Integer -> Chan ByteString -> Maybe Socket -> MVar Dict -> MVar Int -> Party [pid] :: Party -> Integer [host] :: Party -> String [port] :: Party -> Integer [outChan] :: Party -> Chan ByteString [sock] :: Party -> Maybe Socket [dict] :: Party -> MVar Dict [nbytesSent] :: Party -> MVar Int data Barrier Barrier :: MVar Int -> MVar () -> Barrier [count] :: Barrier -> MVar Int [signal] :: Barrier -> MVar () data Env Env :: [Party] -> Int -> Options -> Barrier -> StdGen -> UTCTime -> Env [parties] :: Env -> [Party] [pc] :: Env -> Int [options] :: Env -> Options [forkIOBarrier] :: Env -> Barrier [gen] :: Env -> StdGen [startTime] :: Env -> UTCTime type SIO a = StateT Env IO a runSIO :: SIO a -> Env -> IO a logging :: Priority -> String -> IO () -- | This module collects basic secure (secret-shared) types for hMPC. -- -- Secure number types all use common base classes, which ensures that -- operators such as +,* are defined by operator overloading. module SecTypes -- | A secret-shared object. -- -- An MPC protocol operates on secret-shared objects of type -- SecureObject. The basic Haskell operators are overloaded instances by -- SecureTypes classes. An expression like a * b will create a new -- SecureObject, which will eventually contain the product of a and b. -- The product is computed asynchronously, using an instance of a -- specific cryptographic protocol. data SecureTypes -- | Base class for secure (secret-shared) numbers. SecFld :: FiniteField -> MVar FiniteField -> Int -> SecureTypes [field] :: SecureTypes -> FiniteField [share] :: SecureTypes -> MVar FiniteField [bitLength] :: SecureTypes -> Int -- | Base class for secure (secret-shared) finite field elements. SecInt :: FiniteField -> MVar FiniteField -> Int -> SecureTypes [field] :: SecureTypes -> FiniteField [share] :: SecureTypes -> MVar FiniteField [bitLength] :: SecureTypes -> Int Literal :: MVar FiniteField -> SecureTypes [share] :: SecureTypes -> MVar FiniteField -- | Secure l-bit integers (SecInt). secIntGen :: Int -> SIO (Integer -> SIO SecureTypes) -- | Secure finite field (SecFld) of order q = p where p is a prime -- number secFldGen :: Integer -> Integer -> SIO SecureTypes setShare :: SecureTypes -> Integer -> SIO SecureTypes -- | This module provides basic support for asynchronous communication and -- computation of secret-shared values. module Asyncoro -- | Open connections with other parties, if any. createConnections :: Int -> [Party] -> IO [Party] -- | Send payload labeled with pc to the peer. -- -- Message format consists of three parts: -- --
    --
  1. pc (8 bytes signed int)
    2. --
  2. payload_size (4 bytes unsigned int)
    3. --
  3. payload (byte string of length payload_size).
    4. --
send :: Int -> ByteString -> Party -> SIO () -- | Receive payload labeled with given pc from the peer. receive :: Int -> Party -> SIO (MVar ByteString) -- | Transform SecureTypes into FiniteField by reading the -- future MVar share that contains a FiniteField -- (blocking). class Gather a where { type Result a :: *; } gather :: Gather a => a -> SIO (Result a) -- | forkIO the action monad asynchronously and return future -- MVar. Provide the given state monad with its own program -- counter space. async :: SIO a -> SIO (MVar a) asyncList :: Int -> SIO [a] -> SIO [MVar a] asyncListList :: Int -> Int -> SIO [[a]] -> SIO [[MVar a]] -- | Read the value from the future MVar (blocking). await :: MVar a -> SIO a -- | increment program counter in state. incPC :: SIO Int decreaseBarrier :: Barrier -> IO () instance Asyncoro.Gather SecTypes.SecureTypes instance Asyncoro.Gather a => Asyncoro.Gather [a] instance (Asyncoro.Gather a, Asyncoro.Gather b) => Asyncoro.Gather (a, b) instance (Asyncoro.Gather a, Asyncoro.Gather b, Asyncoro.Gather c) => Asyncoro.Gather (a, b, c) -- | The hMPC runtime module is used to execute secure multiparty -- computations. -- -- Parties perform computations on secret-shared values by exchanging -- messages. Shamir's threshold secret sharing scheme is used for finite -- fields of any order exceeding the number of parties. hMPC provides -- many secure data types, ranging from numeric types to more advanced -- types, for which the corresponding operations are made available -- through Haskell's mechanism for operator overloading. module Runtime -- | Secure l-bit integers (SecInt). secIntGen :: Int -> SIO (Integer -> SIO SecureTypes) -- | Secure finite field (SecFld) of order q = p where p is a prime -- number secFldGen :: Integer -> Integer -> SIO SecureTypes -- | Runs MPC computation runMpc :: SIO a -> IO a -- | Runs MPC computation with user arguments runMpcWithArgs :: Parser b -> (b -> SIO a) -> IO a -- | Start and Stop hMPC runtime runSession :: SIO a -> SIO a -- | Input x to the computation. -- -- Value x is a secure object, or a list of secure objects. class Input a b | a -> b input :: Input a b => a -> SIO b -- | Output the value of x to the receivers specified. Value x is a secure -- object, or a list of secure objects. -- -- A secure integer is output as a Haskell Integer class Output a b | a -> b output :: Output a b => a -> SIO (MVar b) -- | Transfer serializable Haskell objects transfer :: Serialize a => a -> SIO (MVar [a]) -- | Secure addition of a and b. (.+) :: SIO SecureTypes -> SIO SecureTypes -> SIO SecureTypes -- | Secure subtraction of a and b. (.-) :: SIO SecureTypes -> SIO SecureTypes -> SIO SecureTypes -- | Secure multiplication of a and b. (.*) :: SIO SecureTypes -> SIO SecureTypes -> SIO SecureTypes -- | Secure division of a by b, for nonzero b. (./) :: SIO SecureTypes -> SIO SecureTypes -> SIO SecureTypes -- | Secure reciprocal (multiplicative field inverse) of a, for nonzero a. srecip :: SIO SecureTypes -> SIO SecureTypes -- | Secure exponentiation a raised to the power of b, for public integer -- b. (.^) :: SIO SecureTypes -> Integer -> SIO SecureTypes -- | Secure comparison a < b. (.<) :: SIO SecureTypes -> SIO SecureTypes -> SIO SecureTypes -- | Secure comparison a <= b. (.<=) :: SIO SecureTypes -> SIO SecureTypes -> SIO SecureTypes -- | Secure comparison a > b. (.>) :: SIO SecureTypes -> SIO SecureTypes -> SIO SecureTypes -- | Secure comparison a == b. (.==) :: SIO SecureTypes -> SIO SecureTypes -> SIO SecureTypes -- | Secure zero test a == 0. isZero :: SIO SecureTypes -> SIO SecureTypes -- | Secure public zero test of a. isZeroPublic :: SIO SecureTypes -> SIO (MVar Bool) -- | Secure sign(um) of a, return -1 if a < 0 else 0 if a == 0 else 1. -- -- If Boolean flag LT is set, perform a secure less than zero test -- instead, and return 1 if a < 0 else 0, saving the work for a secure -- equality test. If Boolean flag EQ is set, perform a secure equal to -- zero test instead, and return 1 if a == 0 else 0, saving the work for -- a secure comparison. ssignum :: Bool -> Bool -> SIO SecureTypes -> SIO SecureTypes argmaxfunc :: [[SIO SecureTypes]] -> ([SIO SecureTypes] -> [SIO SecureTypes] -> SIO SecureTypes) -> SIO (SIO SecureTypes, [SIO SecureTypes]) -- | Secure argmax of all given elements in x. -- -- In case of multiple occurrences of the maximum values, the index of -- the first occurrence is returned. argmax :: [SIO SecureTypes] -> SIO (SIO SecureTypes, SIO SecureTypes) -- | Secure maximum of all given elements in x, similar to Haskell's -- built-in maximum. smaximum :: [SIO SecureTypes] -> SIO SecureTypes -- | Secure sum of all elements in x, similar to Haskell's built-in sum. ssum :: [SIO SecureTypes] -> SIO SecureTypes -- | Secure product of all elements in x, similar to Haskell's product. -- -- Runs in log_2 len(x) rounds). sproduct :: [SIO SecureTypes] -> SIO SecureTypes -- | Secure all of elements in x, similar to Haskell's built-in all. -- -- Elements of x are assumed to be either 0 or 1 (Boolean). Runs in log_2 -- len(x) rounds). sall :: [SIO SecureTypes] -> SIO SecureTypes -- | Return n secure uniformly random bits of the given type. randomBits :: SIO SecureTypes -> Int -> Bool -> SIO [SIO SecureTypes] -- | Secure dot product of x and y (one resharing). inProd :: [SIO SecureTypes] -> [SIO SecureTypes] -> SIO SecureTypes -- | Secure entrywise multiplication of vectors x and y. schurProd :: [SIO SecureTypes] -> [SIO SecureTypes] -> SIO [SIO SecureTypes] -- | Secure matrix product of A with (transposed) B. matrixProd :: [[SIO SecureTypes]] -> [[SIO SecureTypes]] -> Bool -> SIO [[SIO SecureTypes]] -- | Secure selection between x and y based on condition c. class IfElse a b | a -> b ifElse :: IfElse a b => SIO SecureTypes -> a -> a -> SIO b ifElseList :: SIO SecureTypes -> [SIO SecureTypes] -> [SIO SecureTypes] -> SIO [SIO SecureTypes] -- | forkIO the action monad asynchronously and return future -- MVar. Provide the given state monad with its own program -- counter space. async :: SIO a -> SIO (MVar a) -- | Read the value from the future MVar (blocking). await :: MVar a -> SIO a instance Runtime.IfElse (Types.SIO SecTypes.SecureTypes) SecTypes.SecureTypes instance Runtime.IfElse [Types.SIO SecTypes.SecureTypes] [Types.SIO SecTypes.SecureTypes] instance Runtime.Output (Types.SIO SecTypes.SecureTypes) GHC.Num.Integer.Integer instance Runtime.Output [Types.SIO SecTypes.SecureTypes] [GHC.Num.Integer.Integer] instance Runtime.Reshare FinFields.FiniteField FinFields.FiniteField instance Runtime.Reshare [FinFields.FiniteField] [FinFields.FiniteField] instance Runtime.Input (Types.SIO SecTypes.SecureTypes) [Types.SIO SecTypes.SecureTypes] instance Runtime.Input [Types.SIO SecTypes.SecureTypes] [[Types.SIO SecTypes.SecureTypes]] instance GHC.Num.Num (Types.SIO SecTypes.SecureTypes) instance GHC.Real.Fractional (Types.SIO SecTypes.SecureTypes)