From df4261f7cc15971bd151f83451929fa9d357903a Mon Sep 17 00:00:00 2001 From: armfazh Date: Mon, 16 Dec 2024 22:47:34 -0800 Subject: [PATCH] Adds Prio3 a set of verifiable distributed aggregation functions. Prio3 supports several variants for aggregating data measurements in a privacy preserving manner. This implementation is compliant with v13 of CRFG draft VDAF https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-vdaf-13#name-prio3 --- vdaf/prio3/arith/arith.go | 133 + vdaf/prio3/arith/field_test.go | 335 +++ vdaf/prio3/arith/fp128/fiatMont.go | 288 ++ vdaf/prio3/arith/fp128/fp.go | 277 ++ vdaf/prio3/arith/fp128/inverse.go | 27 + vdaf/prio3/arith/fp128/poly.go | 68 + vdaf/prio3/arith/fp128/vector.go | 222 ++ vdaf/prio3/arith/fp128_test.go | 21 + vdaf/prio3/arith/fp64/fiatMont.go | 171 ++ vdaf/prio3/arith/fp64/fp.go | 242 ++ vdaf/prio3/arith/fp64/inverse.go | 25 + vdaf/prio3/arith/fp64/poly.go | 68 + vdaf/prio3/arith/fp64/vector.go | 221 ++ vdaf/prio3/arith/fp64_test.go | 21 + vdaf/prio3/arith/gen.go | 182 ++ vdaf/prio3/arith/genFiatMont.go | 79 + vdaf/prio3/arith/poly_test.go | 153 ++ vdaf/prio3/arith/templates/fp.go.tmpl | 217 ++ vdaf/prio3/arith/templates/fp_test.go.tmpl | 25 + vdaf/prio3/arith/templates/poly.go.tmpl | 72 + vdaf/prio3/arith/templates/vector.go.tmpl | 233 ++ vdaf/prio3/arith/vector_test.go | 158 ++ vdaf/prio3/common_test.go | 110 + vdaf/prio3/count/count.go | 121 + vdaf/prio3/doc.go | 13 + vdaf/prio3/histogram/histogram.go | 137 + vdaf/prio3/internal/cursor/cursor.go | 15 + vdaf/prio3/internal/flp/flp.go | 144 + vdaf/prio3/internal/flp/gadgets.go | 140 + vdaf/prio3/internal/flp/valid.go | 97 + vdaf/prio3/internal/prio3/prio3.go | 537 ++++ vdaf/prio3/internal/prio3/types.go | 390 +++ vdaf/prio3/internal/prio3/xof.go | 216 ++ vdaf/prio3/mhcv/mhcv.go | 200 ++ vdaf/prio3/prio3_test.go | 234 ++ vdaf/prio3/sum/sum.go | 160 ++ vdaf/prio3/sumvec/sumvec.go | 152 ++ vdaf/prio3/testdata/Prio3Count_0.json | 40 + vdaf/prio3/testdata/Prio3Count_1.json | 46 + vdaf/prio3/testdata/Prio3Count_2.json | 148 ++ vdaf/prio3/testdata/Prio3Histogram_0.json | 53 + vdaf/prio3/testdata/Prio3Histogram_1.json | 90 + vdaf/prio3/testdata/Prio3Histogram_2.json | 2366 +++++++++++++++++ .../testdata/Prio3MultihotCountVec_0.json | 59 + .../testdata/Prio3MultihotCountVec_1.json | 113 + .../testdata/Prio3MultihotCountVec_2.json | 211 ++ vdaf/prio3/testdata/Prio3SumVec_0.json | 195 ++ vdaf/prio3/testdata/Prio3SumVec_1.json | 147 + vdaf/prio3/testdata/Prio3Sum_0.json | 41 + vdaf/prio3/testdata/Prio3Sum_1.json | 47 + vdaf/prio3/testdata/Prio3Sum_2.json | 230 ++ vdaf/prio3/testdata/XofTurboShake128.json | 8 + vdaf/prio3/vectors_test.go | 219 ++ vdaf/prio3/xof_test.go | 95 + 54 files changed, 10012 insertions(+) create mode 100644 vdaf/prio3/arith/arith.go create mode 100644 vdaf/prio3/arith/field_test.go create mode 100644 vdaf/prio3/arith/fp128/fiatMont.go create mode 100644 vdaf/prio3/arith/fp128/fp.go create mode 100644 vdaf/prio3/arith/fp128/inverse.go create mode 100644 vdaf/prio3/arith/fp128/poly.go create mode 100644 vdaf/prio3/arith/fp128/vector.go create mode 100644 vdaf/prio3/arith/fp128_test.go create mode 100644 vdaf/prio3/arith/fp64/fiatMont.go create mode 100644 vdaf/prio3/arith/fp64/fp.go create mode 100644 vdaf/prio3/arith/fp64/inverse.go create mode 100644 vdaf/prio3/arith/fp64/poly.go create mode 100644 vdaf/prio3/arith/fp64/vector.go create mode 100644 vdaf/prio3/arith/fp64_test.go create mode 100644 vdaf/prio3/arith/gen.go create mode 100644 vdaf/prio3/arith/genFiatMont.go create mode 100644 vdaf/prio3/arith/poly_test.go create mode 100644 vdaf/prio3/arith/templates/fp.go.tmpl create mode 100644 vdaf/prio3/arith/templates/fp_test.go.tmpl create mode 100644 vdaf/prio3/arith/templates/poly.go.tmpl create mode 100644 vdaf/prio3/arith/templates/vector.go.tmpl create mode 100644 vdaf/prio3/arith/vector_test.go create mode 100644 vdaf/prio3/common_test.go create mode 100644 vdaf/prio3/count/count.go create mode 100644 vdaf/prio3/doc.go create mode 100644 vdaf/prio3/histogram/histogram.go create mode 100644 vdaf/prio3/internal/cursor/cursor.go create mode 100644 vdaf/prio3/internal/flp/flp.go create mode 100644 vdaf/prio3/internal/flp/gadgets.go create mode 100644 vdaf/prio3/internal/flp/valid.go create mode 100644 vdaf/prio3/internal/prio3/prio3.go create mode 100644 vdaf/prio3/internal/prio3/types.go create mode 100644 vdaf/prio3/internal/prio3/xof.go create mode 100644 vdaf/prio3/mhcv/mhcv.go create mode 100644 vdaf/prio3/prio3_test.go create mode 100644 vdaf/prio3/sum/sum.go create mode 100644 vdaf/prio3/sumvec/sumvec.go create mode 100644 vdaf/prio3/testdata/Prio3Count_0.json create mode 100644 vdaf/prio3/testdata/Prio3Count_1.json create mode 100644 vdaf/prio3/testdata/Prio3Count_2.json create mode 100644 vdaf/prio3/testdata/Prio3Histogram_0.json create mode 100644 vdaf/prio3/testdata/Prio3Histogram_1.json create mode 100644 vdaf/prio3/testdata/Prio3Histogram_2.json create mode 100644 vdaf/prio3/testdata/Prio3MultihotCountVec_0.json create mode 100644 vdaf/prio3/testdata/Prio3MultihotCountVec_1.json create mode 100644 vdaf/prio3/testdata/Prio3MultihotCountVec_2.json create mode 100644 vdaf/prio3/testdata/Prio3SumVec_0.json create mode 100644 vdaf/prio3/testdata/Prio3SumVec_1.json create mode 100644 vdaf/prio3/testdata/Prio3Sum_0.json create mode 100644 vdaf/prio3/testdata/Prio3Sum_1.json create mode 100644 vdaf/prio3/testdata/Prio3Sum_2.json create mode 100644 vdaf/prio3/testdata/XofTurboShake128.json create mode 100644 vdaf/prio3/vectors_test.go create mode 100644 vdaf/prio3/xof_test.go diff --git a/vdaf/prio3/arith/arith.go b/vdaf/prio3/arith/arith.go new file mode 100644 index 00000000..d9f6feef --- /dev/null +++ b/vdaf/prio3/arith/arith.go @@ -0,0 +1,133 @@ +//go:generate go run gen.go + +// Package arith provides arithmetic operations over prime fields, vectors, +// and polynomials. +package arith + +import ( + "encoding" + "io" + + "github.com/cloudflare/circl/internal/conv" + "github.com/cloudflare/circl/internal/sha3" + "golang.org/x/crypto/cryptobyte" +) + +// Elt is any type that stores a prime field element. +type Elt any + +// Fp lists the functionality that a prime field element must have denoting +// methods with a pointer receiver. +type Fp[E Elt] interface { + *E + // Size returns the number of bytes to encode a field element. + Size() uint + // Returns true if the element is the neutral additive element. + IsZero() bool + // Returns true if the element is the neutral multiplicative element. + IsOne() bool + // Returns true if the element is equivalent to x. + IsEqual(x *E) bool + // Set the element to the neutral additive element. + SetOne() + // Set the element to x if x < Order(). + SetUint64(uint64) error + // Returns the integer representative of the element if x < 2^64. + GetUint64() (x uint64, err error) + // Set the element to the principal root of unity of order 2^n. + SetRootOfUnityTwoN(n uint) + // AddAssing calculates z = z + x. + AddAssign(x *E) + // SubAssign calculates z = z - x. + SubAssign(x *E) + // MulAssign calculates z = z * x. + MulAssign(x *E) + // Add calculates z = x + y. + Add(x, y *E) + // Sub calculates z = x - y. + Sub(x, y *E) + // Mul calculates z = x * y. + Mul(x, y *E) + // Sqr calculates z = x * x. + Sqr(x *E) + // Inv calculates z = 1 / x. + Inv(x *E) + // InvUint64 calculates z = 1 / x. + InvUint64(x uint64) + // InvTwoN calculates z = 1 / 2^n. + InvTwoN(x uint) + // Random samples an element from an io.Reader. + Random(io.Reader) error + // RandomSHA3 samples an element from a SHA3 state. + RandomSHA3(*sha3.State) error + // Encodes an element to bytes. + encoding.BinaryMarshaler + // Decodes an element from bytes. + encoding.BinaryUnmarshaler + // Encodes an element using a cryptobyte.Builder. + cryptobyte.MarshalingValue + // Decodes an element from a cryptobyte.String. + conv.UnmarshalingValue +} + +// NewVec returns a vector of length n. +func NewVec[V Vec[V, E], E Elt](n uint) V { return make(V, n) } + +// Vec list the funtionality of a vector of field elements. +type Vec[Vec ~[]E, E Elt] interface { + ~[]E + // Size returns the number of bytes to encode a vector. + Size() uint + // AddAssing calculates z = z + x. + AddAssign(x Vec) + // SubAssign calculates z = z - x. + SubAssign(x Vec) + // ScalarMul calculates z[i] = z[i] * x. + ScalarMul(x *E) + // DotProduct calculates z[i] = z[i] * x[i]. + DotProduct(x Vec) E + // NTT calculates the number theoretic transform on values. + NTT(Vec) + // InvNTT calculates the inverse number theoretic transform on values. + InvNTT(Vec) + // SplitBits sets the vector of elements corresponding to the bits of n. + SplitBits(n uint64) error + // JoinBits calculates the element sum( 2^i * z[i] ). + JoinBits() E + // Random samples a vector from an io.Reader. + Random(io.Reader) error + // RandomSHA3 samples a vector from a SHA3 state. + RandomSHA3(*sha3.State) error + // RandomSHA3Bytes reads a vector from a SHA3 state copying the bytes read. + RandomSHA3Bytes([]byte, *sha3.State) error + // Encodes a vector to bytes. + encoding.BinaryMarshaler + // Decodes a vector from bytes. + encoding.BinaryUnmarshaler + // Encodes a vector using a cryptobyte.Builder. + cryptobyte.MarshalingValue + // Decodes a vector from a cryptobyte.String. + conv.UnmarshalingValue +} + +// NewPoly returns a polynomial of the given degree. +func NewPoly[P Poly[P, E], E Elt](degree uint) P { return make(P, degree+1) } + +// Poly lists the funtionality of polynomials with coefficients in a field. +type Poly[Poly ~[]E, E Elt] interface { + ~[]E + // AddAssing calculates z = z + x. + AddAssign(Poly) + // SubAssign calculates z = z - x. + SubAssign(Poly) + // Mul calculates z = x * y. + Mul(x, y Poly) + // Sqr calculates z = x * x. + Sqr(Poly) + // Evaluate calculates the polynomial evaluation p(x). + Evaluate(x *E) E + // Strip removes the higher-degree zero terms. + Strip() Poly + // Interpolate a polynomial on given the values. + Interpolate([]E) +} diff --git a/vdaf/prio3/arith/field_test.go b/vdaf/prio3/arith/field_test.go new file mode 100644 index 00000000..635cff90 --- /dev/null +++ b/vdaf/prio3/arith/field_test.go @@ -0,0 +1,335 @@ +package arith + +import ( + "crypto/rand" + "fmt" + "io" + "math/big" + "slices" + "testing" + + "github.com/cloudflare/circl/internal/sha3" + "github.com/cloudflare/circl/internal/test" + "golang.org/x/crypto/cryptobyte" +) + +type EltTest interface { + comparable + fmt.Stringer + OrderRootUnity() uint + Order() []byte +} + +const testTimes = 1 << 10 + +func testFp[E EltTest, F Fp[E]](t *testing.T) { + t.Run("randomNum", randomNum[E, F]) + t.Run("noAlias", noAlias[E, F]) + t.Run("addSub", addSub[E, F]) + t.Run("mulInv", mulInv[E, F]) + t.Run("invTwoN", invTwoN[E, F]) + t.Run("expInv", expInv[E, F]) + t.Run("mulSqr", mulSqr[E, F]) + t.Run("marshal", marshal[E, F]) + t.Run("rootsUnity", rootsUnityTwoN[E, F]) + t.Run("stringer", stringer[E, F]) +} + +func mustRead[T interface{ Random(io.Reader) error }](t testing.TB, x T) { + err := x.Random(rand.Reader) + if err != nil { + t.Fatal(err) + } +} + +func randomNum[E Elt, F Fp[E]](t *testing.T) { + err := F(new(E)).Random(io.LimitReader(rand.Reader, 0)) + test.CheckIsErr(t, err, "random should fail") + + r := sha3.NewShake128() + r.Reset() + got := F(new(E)) + err = got.Random(&r) + test.CheckNoErr(t, err, "Random failed") + + r.Reset() + want := F(new(E)) + err = want.RandomSHA3(&r) + test.CheckNoErr(t, err, "RandomSHA3 failed") + + if !got.IsEqual(want) { + test.ReportError(t, got, want) + } +} + +func noAlias[E Elt, F Fp[E]](t *testing.T) { + x := F(new(E)) + mustRead(t, x) + y := *x + var got F = &y + got.Sqr(got) + z := *x + want := F(&z) + want.Mul(want, want) + + if !got.IsEqual(want) { + test.ReportError(t, got, want, x) + } +} + +func addSub[E Elt, F Fp[E]](t *testing.T) { + got := F(new(E)) + want := F(new(E)) + x := F(new(E)) + y := F(new(E)) + for i := 0; i < testTimes; i++ { + mustRead(t, x) + mustRead(t, y) + + // 2x = (x + y) + x - y + // = (x - y) + x + y + got.Add(x, y) + got.AddAssign(x) + got.SubAssign(y) + want.Sub(x, y) + want.AddAssign(x) + want.AddAssign(y) + + if !got.IsEqual(want) { + test.ReportError(t, got, want, x, y) + } + } +} + +func mulInv[E Elt, F Fp[E]](t *testing.T) { + x := F(new(E)) + y := F(new(E)) + z := F(new(E)) + for i := 0; i < testTimes; i++ { + mustRead(t, x) + mustRead(t, y) + + // x*y*x^1 = y + z.Inv(x) + z.Mul(z, y) + z.Mul(z, x) + got := z + want := y + if !got.IsEqual(want) { + test.ReportError(t, got, want, x, y) + } + } +} + +func invTwoN[E Elt, F Fp[E]](t *testing.T) { + got := F(new(E)) + want := F(new(E)) + for i := 0; i < 64; i++ { + pow2 := uint64(1) << i + + got.InvTwoN(uint(i)) + + err := want.SetUint64(pow2) + test.CheckNoErr(t, err, "setuint64 failed") + want.Inv(want) + + if !got.IsEqual(want) { + test.ReportError(t, got, want, i) + } + } +} + +func expInv[E Elt, F Fp[E]](t *testing.T) { + got := F(new(E)) + want := F(new(E)) + x := F(new(E)) + for i := 0; i < testTimes; i++ { + mustRead(t, x) + + // (1/x) * x = 1 + got.Inv(x) + got.MulAssign(x) + want.SetOne() + if !got.IsEqual(want) { + test.ReportError(t, got, want, x) + } + } + + for i := uint64(0); i < 8; i++ { + got.InvUint64(i) + _ = want.SetUint64(i) + want.Inv(want) + + if !got.IsEqual(want) { + test.ReportError(t, got, want, i) + } + } +} + +func mulSqr[E Elt, F Fp[E]](t *testing.T) { + x := F(new(E)) + y := F(new(E)) + l0 := F(new(E)) + l1 := F(new(E)) + r0 := F(new(E)) + r1 := F(new(E)) + for i := 0; i < testTimes; i++ { + mustRead(t, x) + mustRead(t, y) + + // (x+y)(x-y) = (x^2-y^2) + l0.Add(x, y) + l1.Sub(x, y) + l0.Mul(l0, l1) + r0.Sqr(x) + r1.Sqr(y) + r0.Sub(r0, r1) + got := l0 + want := r0 + if !got.IsEqual(want) { + test.ReportError(t, got, want, x, y) + } + } +} + +func rootsUnityTwoN[E EltTest, F Fp[E]](t *testing.T) { + w := F(new(E)) + x := F(new(E)) + + w.SetRootOfUnityTwoN(0) + test.CheckOk(w.IsOne(), "incorrect order of the root of unity", t) + + order := (*w).OrderRootUnity() + for i := uint(1); i <= order; i++ { + w.SetRootOfUnityTwoN(i) + + x.Sqr(w) + for range i - 1 { + test.CheckOk(!x.IsOne(), "incorrect order of the root of unity", t) + x.Sqr(x) + } + + test.CheckOk(x.IsOne(), "incorrect order of the root of unity", t) + } +} + +func marshal[E EltTest, F Fp[E]](t *testing.T) { + x := F(new(E)) + y := F(new(E)) + for i := 0; i < testTimes; i++ { + mustRead(t, x) + s, err := x.MarshalBinary() + test.CheckNoErr(t, err, "MarshalBinary failed") + test.CheckOk(uint(len(s)) == x.Size(), "wrong byte length", t) + + err = y.UnmarshalBinary(s) + test.CheckNoErr(t, err, "UnmarshalBinary failed") + if !x.IsEqual(y) { + test.ReportError(t, x, y) + } + // check for invalid size + err = y.UnmarshalBinary(s[1:]) + test.CheckIsErr(t, err, "UnmarshalBinary should failed") + + // check for invalid element + order := (*x).Order() + slices.Reverse(order) + err = y.UnmarshalBinary(order) + test.CheckIsErr(t, err, "UnmarshalBinary should failed") + } +} + +func stringer[E EltTest, F Fp[E]](t *testing.T) { + minusOne := F(new(E)) + minusOne.SetOne() + minusOne.Sub(new(E), minusOne) + got := (*minusOne).String() + + fpOrder := new(big.Int).SetBytes((*minusOne).Order()) + pMinusOne := new(big.Int).Sub(fpOrder, big.NewInt(1)) + want := "0x" + pMinusOne.Text(16) + + if got != want { + test.ReportError(t, got, want) + } +} + +func benchmarkFp[E EltTest, F Fp[E]](b *testing.B) { + x := F(new(E)) + y := F(new(E)) + z := F(new(E)) + mustRead(b, x) + mustRead(b, y) + mustRead(b, z) + + b.Run("Marshal", func(b *testing.B) { + for i := 0; i < b.N; i++ { + var builder cryptobyte.Builder + _ = z.Marshal(&builder) + } + }) + b.Run("MarshalBinary", func(b *testing.B) { + for i := 0; i < b.N; i++ { + _, _ = z.MarshalBinary() + } + }) + b.Run("Unmarshal", func(b *testing.B) { + buf := make([]byte, z.Size()) + for i := 0; i < b.N; i++ { + s := cryptobyte.String(buf) + _ = z.Unmarshal(&s) + } + }) + b.Run("UnmarshalBinary", func(b *testing.B) { + buf := make([]byte, z.Size()) + for i := 0; i < b.N; i++ { + _ = z.UnmarshalBinary(buf) + } + }) + b.Run("Random", func(b *testing.B) { + for i := 0; i < b.N; i++ { + _ = z.Random(rand.Reader) + } + }) + b.Run("RandomSHA3", func(b *testing.B) { + r := sha3.NewShake128() + for i := 0; i < b.N; i++ { + _ = z.RandomSHA3(&r) + } + }) + b.Run("Add", func(b *testing.B) { + for i := 0; i < b.N; i++ { + z.Add(x, y) + } + }) + b.Run("Sub", func(b *testing.B) { + for i := 0; i < b.N; i++ { + z.Sub(x, y) + } + }) + b.Run("Mul", func(b *testing.B) { + for i := 0; i < b.N; i++ { + z.Mul(x, y) + } + }) + b.Run("Sqr", func(b *testing.B) { + for i := 0; i < b.N; i++ { + z.Sqr(x) + } + }) + b.Run("InvUint64", func(b *testing.B) { + for i := 0; i < b.N; i++ { + z.InvUint64(5) + } + }) + b.Run("InvTwoN", func(b *testing.B) { + for i := 0; i < b.N; i++ { + z.InvTwoN(16) + } + }) + b.Run("Inv", func(b *testing.B) { + for i := 0; i < b.N; i++ { + z.Inv(x) + } + }) +} diff --git a/vdaf/prio3/arith/fp128/fiatMont.go b/vdaf/prio3/arith/fp128/fiatMont.go new file mode 100644 index 00000000..dbc75062 --- /dev/null +++ b/vdaf/prio3/arith/fp128/fiatMont.go @@ -0,0 +1,288 @@ +// Code generated by fiat.go using fiat-crypto v0.1.4. +// +// Autogenerated: './FiatCrypto_v.0.1.4-issue1672' word-by-word-montgomery --output 'fp128/fiatMont.go' --lang Go --package-name fp128 --doc-prepend-header 'Code generated by fiat.go using fiat-crypto v0.1.4.' --package-case lowerCamelCase --public-function-case lowerCamelCase --public-type-case lowerCamelCase --doc-newline-before-package-declaration --no-primitives --widen-carry --no-field-element-typedefs --relax-primitive-carry-to-bitwidth 64 Fp 64 0xffffffffffffffe40000000000000001 add sub mul square +// +// curve description: Fp +// +// machine_wordsize = 64 (from "64") +// +// requested operations: add, sub, mul, square +// +// m = 0xffffffffffffffe40000000000000001 (from "0xffffffffffffffe40000000000000001") +// +// +// +// NOTE: In addition to the bounds specified above each function, all +// +// functions synthesized for this Montgomery arithmetic require the +// +// input to be strictly less than the prime modulus (m), and also +// +// require the input to be in the unique saturated representation. +// +// All functions also ensure that these two properties are true of +// +// return values. +// +// +// +// Computed values: +// +// eval z = z[0] + (z[1] << 64) +// +// bytes_eval z = z[0] + (z[1] << 8) + (z[2] << 16) + (z[3] << 24) + (z[4] << 32) + (z[5] << 40) + (z[6] << 48) + (z[7] << 56) + (z[8] << 64) + (z[9] << 72) + (z[10] << 80) + (z[11] << 88) + (z[12] << 96) + (z[13] << 104) + (z[14] << 112) + (z[15] << 120) +// +// twos_complement_eval z = let x1 := z[0] + (z[1] << 64) in +// +// if x1 & (2^128-1) < 2^127 then x1 & (2^128-1) else (x1 & (2^128-1)) - 2^128 + +package fp128 + +import "math/bits" + +// The function fiatFpAdd adds two field elements in the Montgomery domain. +// +// Preconditions: +// 0 ≤ eval arg1 < m +// 0 ≤ eval arg2 < m +// Postconditions: +// eval (from_montgomery out1) mod m = (eval (from_montgomery arg1) + eval (from_montgomery arg2)) mod m +// 0 ≤ eval out1 < m +// +// Input Bounds: +// arg1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] +// arg2: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] +// Output Bounds: +// out1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] +func fiatFpAdd(out1 *Fp, arg1 *Fp, arg2 *Fp) { + var x1 uint64 + var x2 uint64 + x1, x2 = bits.Add64(arg1[0], arg2[0], uint64(0x0)) + var x3 uint64 + var x4 uint64 + x3, x4 = bits.Add64(arg1[1], arg2[1], uint64(x2)) + var x5 uint64 + var x6 uint64 + x5, x6 = bits.Sub64(x1, 0x1, uint64(uint64(0x0))) + var x7 uint64 + var x8 uint64 + x7, x8 = bits.Sub64(x3, 0xffffffffffffffe4, uint64(x6)) + var x10 uint64 + _, x10 = bits.Sub64(x4, uint64(0x0), uint64(x8)) + var x11 uint64 + fiatFpCmovznzU64(&x11, x10, x5, x1) + var x12 uint64 + fiatFpCmovznzU64(&x12, x10, x7, x3) + out1[0] = x11 + out1[1] = x12 +} + +// The function fiatFpSub subtracts two field elements in the Montgomery domain. +// +// Preconditions: +// 0 ≤ eval arg1 < m +// 0 ≤ eval arg2 < m +// Postconditions: +// eval (from_montgomery out1) mod m = (eval (from_montgomery arg1) - eval (from_montgomery arg2)) mod m +// 0 ≤ eval out1 < m +// +// Input Bounds: +// arg1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] +// arg2: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] +// Output Bounds: +// out1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] +func fiatFpSub(out1 *Fp, arg1 *Fp, arg2 *Fp) { + x1 := arg2[1] + x2 := arg2[0] + var x3 uint64 + var x4 uint64 + x3, x4 = bits.Sub64(arg1[0], x2, uint64(0x0)) + var x5 uint64 + var x6 uint64 + x5, x6 = bits.Sub64(arg1[1], x1, uint64(x4)) + var x7 uint64 + fiatFpCmovznzU64(&x7, x6, uint64(0x0), 0xffffffffffffffff) + var x8 uint64 + var x9 uint64 + x8, x9 = bits.Add64(x3, (x7 & 0x1), uint64(0x0)) + var x10 uint64 + x10, _ = bits.Add64(x5, (x7 & 0xffffffffffffffe4), uint64(x9)) + out1[0] = x8 + out1[1] = x10 +} + +// The function fiatFpMul multiplies two field elements in the Montgomery domain. +// +// Preconditions: +// 0 ≤ eval arg1 < m +// 0 ≤ eval arg2 < m +// Postconditions: +// eval (from_montgomery out1) mod m = (eval (from_montgomery arg1) * eval (from_montgomery arg2)) mod m +// 0 ≤ eval out1 < m +// +// Input Bounds: +// arg1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] +// arg2: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] +// Output Bounds: +// out1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] +func fiatFpMul(out1 *Fp, arg1 *Fp, arg2 *Fp) { + x1 := arg1[1] + x2 := arg1[0] + var x3 uint64 + var x4 uint64 + x4, x3 = bits.Mul64(x2, arg2[1]) + var x5 uint64 + var x6 uint64 + x6, x5 = bits.Mul64(x2, arg2[0]) + var x7 uint64 + var x8 uint64 + x7, x8 = bits.Add64(x6, x3, uint64(0x0)) + x9 := (x8 + x4) + var x10 uint64 + _, x10 = bits.Mul64(x5, 0xffffffffffffffff) + var x12 uint64 + var x13 uint64 + x13, x12 = bits.Mul64(x10, 0xffffffffffffffe4) + var x15 uint64 + _, x15 = bits.Add64(x5, x10, uint64(0x0)) + var x16 uint64 + var x17 uint64 + x16, x17 = bits.Add64(x7, x12, uint64(x15)) + var x18 uint64 + var x19 uint64 + x18, x19 = bits.Add64(x9, x13, uint64(x17)) + var x20 uint64 + var x21 uint64 + x21, x20 = bits.Mul64(x1, arg2[1]) + var x22 uint64 + var x23 uint64 + x23, x22 = bits.Mul64(x1, arg2[0]) + var x24 uint64 + var x25 uint64 + x24, x25 = bits.Add64(x23, x20, uint64(0x0)) + x26 := (x25 + x21) + var x27 uint64 + var x28 uint64 + x27, x28 = bits.Add64(x16, x22, uint64(0x0)) + var x29 uint64 + var x30 uint64 + x29, x30 = bits.Add64(x18, x24, uint64(x28)) + var x31 uint64 + var x32 uint64 + x31, x32 = bits.Add64(x19, x26, uint64(x30)) + var x33 uint64 + _, x33 = bits.Mul64(x27, 0xffffffffffffffff) + var x35 uint64 + var x36 uint64 + x36, x35 = bits.Mul64(x33, 0xffffffffffffffe4) + var x38 uint64 + _, x38 = bits.Add64(x27, x33, uint64(0x0)) + var x39 uint64 + var x40 uint64 + x39, x40 = bits.Add64(x29, x35, uint64(x38)) + var x41 uint64 + var x42 uint64 + x41, x42 = bits.Add64(x31, x36, uint64(x40)) + x43 := (x42 + x32) + var x44 uint64 + var x45 uint64 + x44, x45 = bits.Sub64(x39, 0x1, uint64(uint64(0x0))) + var x46 uint64 + var x47 uint64 + x46, x47 = bits.Sub64(x41, 0xffffffffffffffe4, uint64(x45)) + var x49 uint64 + _, x49 = bits.Sub64(x43, uint64(0x0), uint64(x47)) + var x50 uint64 + fiatFpCmovznzU64(&x50, x49, x44, x39) + var x51 uint64 + fiatFpCmovznzU64(&x51, x49, x46, x41) + out1[0] = x50 + out1[1] = x51 +} + +// The function fiatFpSquare squares a field element in the Montgomery domain. +// +// Preconditions: +// 0 ≤ eval arg1 < m +// Postconditions: +// eval (from_montgomery out1) mod m = (eval (from_montgomery arg1) * eval (from_montgomery arg1)) mod m +// 0 ≤ eval out1 < m +// +// Input Bounds: +// arg1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] +// Output Bounds: +// out1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] +func fiatFpSquare(out1 *Fp, arg1 *Fp) { + x1 := arg1[1] + x2 := arg1[0] + var x3 uint64 + var x4 uint64 + x4, x3 = bits.Mul64(x2, arg1[1]) + var x5 uint64 + var x6 uint64 + x6, x5 = bits.Mul64(x2, arg1[0]) + var x7 uint64 + var x8 uint64 + x7, x8 = bits.Add64(x6, x3, uint64(0x0)) + x9 := (x8 + x4) + var x10 uint64 + _, x10 = bits.Mul64(x5, 0xffffffffffffffff) + var x12 uint64 + var x13 uint64 + x13, x12 = bits.Mul64(x10, 0xffffffffffffffe4) + var x15 uint64 + _, x15 = bits.Add64(x5, x10, uint64(0x0)) + var x16 uint64 + var x17 uint64 + x16, x17 = bits.Add64(x7, x12, uint64(x15)) + var x18 uint64 + var x19 uint64 + x18, x19 = bits.Add64(x9, x13, uint64(x17)) + var x20 uint64 + var x21 uint64 + x21, x20 = bits.Mul64(x1, arg1[1]) + var x22 uint64 + var x23 uint64 + x23, x22 = bits.Mul64(x1, arg1[0]) + var x24 uint64 + var x25 uint64 + x24, x25 = bits.Add64(x23, x20, uint64(0x0)) + x26 := (x25 + x21) + var x27 uint64 + var x28 uint64 + x27, x28 = bits.Add64(x16, x22, uint64(0x0)) + var x29 uint64 + var x30 uint64 + x29, x30 = bits.Add64(x18, x24, uint64(x28)) + var x31 uint64 + var x32 uint64 + x31, x32 = bits.Add64(x19, x26, uint64(x30)) + var x33 uint64 + _, x33 = bits.Mul64(x27, 0xffffffffffffffff) + var x35 uint64 + var x36 uint64 + x36, x35 = bits.Mul64(x33, 0xffffffffffffffe4) + var x38 uint64 + _, x38 = bits.Add64(x27, x33, uint64(0x0)) + var x39 uint64 + var x40 uint64 + x39, x40 = bits.Add64(x29, x35, uint64(x38)) + var x41 uint64 + var x42 uint64 + x41, x42 = bits.Add64(x31, x36, uint64(x40)) + x43 := (x42 + x32) + var x44 uint64 + var x45 uint64 + x44, x45 = bits.Sub64(x39, 0x1, uint64(uint64(0x0))) + var x46 uint64 + var x47 uint64 + x46, x47 = bits.Sub64(x41, 0xffffffffffffffe4, uint64(x45)) + var x49 uint64 + _, x49 = bits.Sub64(x43, uint64(0x0), uint64(x47)) + var x50 uint64 + fiatFpCmovznzU64(&x50, x49, x44, x39) + var x51 uint64 + fiatFpCmovznzU64(&x51, x49, x46, x41) + out1[0] = x50 + out1[1] = x51 +} diff --git a/vdaf/prio3/arith/fp128/fp.go b/vdaf/prio3/arith/fp128/fp.go new file mode 100644 index 00000000..e8bb0e08 --- /dev/null +++ b/vdaf/prio3/arith/fp128/fp.go @@ -0,0 +1,277 @@ +// Code generated from ./templates/field.go.tmpl. DO NOT EDIT. + +package fp128 + +import ( + "bytes" + "crypto/subtle" + "encoding/binary" + "errors" + "io" + + "github.com/cloudflare/circl/internal/conv" + "github.com/cloudflare/circl/internal/sha3" + "golang.org/x/crypto/cryptobyte" +) + +// Size is the length in bytes of an Fp128 element. +const Size = 16 + +// Fp represents a prime field element as a positive integer less than Order. +type Fp [2]uint64 + +func (z Fp) String() string { x := z.fromMont(); return conv.Uint64Le2Hex(x[:]) } +func (z Fp) Size() uint { return Size } +func (z Fp) OrderRootUnity() uint { return numRootsUnity } +func (z *Fp) AddAssign(x *Fp) { fiatFpAdd(z, z, x) } +func (z *Fp) SubAssign(x *Fp) { fiatFpSub(z, z, x) } +func (z *Fp) MulAssign(x *Fp) { fiatFpMul(z, z, x) } +func (z *Fp) Add(x, y *Fp) { fiatFpAdd(z, x, y) } +func (z *Fp) Sub(x, y *Fp) { fiatFpSub(z, x, y) } +func (z *Fp) Mul(x, y *Fp) { fiatFpMul(z, x, y) } +func (z *Fp) Sqr(x *Fp) { fiatFpSquare(z, x) } +func (z *Fp) IsZero() bool { return ctEqual(z, &Fp{}) } +func (z *Fp) IsOne() bool { return ctEqual(z, &rootOfUnityTwoN[0]) } +func (z *Fp) IsEqual(x *Fp) bool { return ctEqual(z, x) } +func (z *Fp) SetOne() { *z = rootOfUnityTwoN[0] } +func (z *Fp) toMont() { fiatFpMul(z, z, &rSquare) } +func (z *Fp) fromMont() (out Fp) { fiatFpMul(&out, z, &Fp{1}); return } +func (z *Fp) MarshalBinary() ([]byte, error) { return conv.MarshalBinaryLen(z, Size) } +func (z *Fp) UnmarshalBinary(b []byte) error { return conv.UnmarshalBinary(z, b) } +func (z *Fp) Marshal(b *cryptobyte.Builder) error { + var x [Size]byte + for i, zi := range z.fromMont() { + binary.LittleEndian.PutUint64(x[8*i:], zi) + } + b.AddBytes(x[:]) + return nil +} + +func (z *Fp) Unmarshal(s *cryptobyte.String) bool { + var b [Size]byte + if s.CopyBytes(b[:]) { + n, ok := isInRange(&b) + if ok { + *z = n + z.toMont() + return true + } + } + return false +} + +func (z *Fp) Random(r io.Reader) error { + var b [Size]byte + var ok bool + for range maxNumTries { + _, err := r.Read(b[:]) + if err != nil { + return err + } + + *z, ok = isInRange(&b) + if ok { + z.toMont() + return nil + } + } + + return ErrMaxNumTries +} + +func (z *Fp) RandomSHA3(s *sha3.State) error { + var b [Size]byte + var ok bool + for range maxNumTries { + _, err := s.Read(b[:]) + if err != nil { + return err + } + + *z, ok = isInRange(&b) + if ok { + z.toMont() + return nil + } + } + + return ErrMaxNumTries +} + +func (z *Fp) InvUint64(x uint64) { + if 0 < x && x <= numInverseInt { + *z = inverseInt[x-1] + } else { + err := z.SetUint64(x) + if err != nil { + panic(ErrFieldEltDecode) + } + z.Inv(z) + } +} + +func (z *Fp) InvTwoN(n uint) { + z.SetOne() + for range n { + z.Mul(z, &half) + } +} + +func (z *Fp) SetUint64(n uint64) error { + *z = Fp{n} + z.toMont() + return nil +} + +func (z *Fp) GetUint64() (uint64, error) { + x := z.fromMont() + if x[1] != 0 { + return 0, ErrNumberTooLarge + } + return x[0], nil +} + +func (z *Fp) SetRootOfUnityTwoN(n uint) { + if n > numRootsUnity { + panic(ErrRootsOfUnity) + } + *z = rootOfUnityTwoN[n] +} + +func (z Fp) Order() []byte { + var x [Size]byte + binary.Write(bytes.NewBuffer(x[:0]), binary.BigEndian, []uint64{orderP1, orderP0}) + return x[:] +} + +func (z *Fp) sqri(x *Fp, n uint) { + z.Sqr(x) + for range n - 1 { + z.Sqr(z) + } +} + +func fiatFpCmovznzU64(z *uint64, b, x, y uint64) { *z = (x &^ (-b)) | (y & (-b)) } + +func ctEqual(x, y *Fp) bool { + var v uint64 + for i := 0; i < len(*x); i++ { + v |= (*x)[i] ^ (*y)[i] + } + v32 := uint32(v>>32) | uint32(v) + return subtle.ConstantTimeEq(int32(v32), 0) == 1 +} + +const ( + // order is the order of the Fp128 field. + orderP1 = uint64(0xffffffffffffffe4) + orderP0 = uint64(0x1) + // numRootsUnity is .. + numRootsUnity = 66 + // numInverseIntFp128 is the number of precomputed inverses. + numInverseInt = 8 + // maxNumTries is the maximum tries for rejection sampling. + maxNumTries = 10 +) + +var ( + // rSquare is R^2 mod Fp128Order, where R=2^128 (little-endian). + rSquare = Fp{0xfffffffffffffcf1, 0x0000000000005587} + // half is 1/2 mod Order. + half = Fp{0x0000000000000000, 0x8000000000000000} + // rootOfUnityTwoN are the (principal) roots of unity that generate + // a multiplicative group of order 2^n. + // i.e., rootOfUnityTwoN[i] generates a group of order 2^i. + // Thus, by definition, + // - rootOfUnityTwoN[0] = One + // - rootOfUnityTwoN[numRoots] = Generator + // Constants are encoded in Montgomery domain (little-endian). + rootOfUnityTwoN = [numRootsUnity + 1]Fp{ + {0xffffffffffffffff, 0x000000000000001b}, + {0x0000000000000002, 0xffffffffffffffc8}, + {0x8ff94ea745b7d9d6, 0x6171e408747992c7}, + {0x1323bb095fba9556, 0x7f2a4e6655e5a49c}, + {0xd1c455956aafabfc, 0x3d661493c5e89442}, + {0x416d53fbcdfcc65c, 0x5c159e1cffd5eca0}, + {0x1428d15e766f5f3e, 0x960d5c8696ec3aa3}, + {0x8f0cef59f8c23f3e, 0xcce83f596bb28730}, + {0x432d8d01ae187081, 0x12b496afe629224c}, + {0x0edc26fa686e3d3b, 0xc2026e57b1554ea9}, + {0x79663ccecfe8c86c, 0xf38c95d1e57405ea}, + {0xfecc377cf0f47a9f, 0x2b486d42d73283bd}, + {0x0ab1068497116540, 0x70866815dbf52bac}, + {0x2d9420dc5196c01a, 0x852c9b234b09c7df}, + {0x1a491a6cf3399115, 0xca4b831e2e621692}, + {0xb99152aabeebd757, 0xb7fbf514f82e2269}, + {0xb8da2f851dfd594a, 0x597c0e93a246d640}, + {0xf2888c210ef9f1c4, 0x97f929a5d52ab886}, + {0xe6a0ccbc956fc7fb, 0xfa4748aea960d0eb}, + {0xe53d6d96e1ec92a0, 0xc24ed95c3c013bcc}, + {0x6cc6e9129e1679c0, 0x6f825f88648b270c}, + {0x2c4d04cc40a2bd04, 0x17c2af4df9629e3d}, + {0x843747925bd7da8e, 0xdcd8c9979b888e8a}, + {0x4a1b1730d0aa77a0, 0x391696912d85b368}, + {0x68fb2b7e053e9500, 0x8ab5e54096ca012c}, + {0x1ccc0958442d4cd2, 0x819909091849c5c1}, + {0x25e9f8eeb3a11b26, 0x741eb9f6cfde0f02}, + {0x57b7921d9d4d0d66, 0x681f358ffad3a90d}, + {0x9bd3b6be3602bfe2, 0x294e31a63bbd8bb1}, + {0xe36811a2b6dd2f4d, 0x402946e8dcc86185}, + {0x468354d0ce6f4f42, 0xdc3971476a49c161}, + {0xd42c20d91e16ba3b, 0x16849c909ba2920d}, + {0x488a61cbe76f8796, 0xe0312b455090dc3d}, + {0x34d592b2d95461c7, 0x69ff23c4ae8a9ae2}, + {0xab1c9df91252cfb0, 0x3a71deec98434255}, + {0x1c5f61d837a9ff92, 0x4ec0bbb14b4943fc}, + {0x2550c6695de272ea, 0x4e7f5d927ad2bb46}, + {0x786b6c965e58be0d, 0xfbb47d3729647361}, + {0xbbfba318618fff40, 0x58938d40e16fc273}, + {0x0c8b4baee9a2907f, 0x2b0dddcff641c0c4}, + {0xf0d881f5c07b45fc, 0x33044b6b9af79104}, + {0x530f1c8d85c53b49, 0x7277db26e889f0c0}, + {0xefe24ff8e3caacf0, 0xd39b9320d2172567}, + {0xee7e1fbb71e9b04c, 0x105d0de0eba9ed48}, + {0x743424fea03af69b, 0xff50f6975f58d667}, + {0x1e55f4c8165fa615, 0x60d0d6428bc526f6}, + {0xf89e2f45fe30a628, 0xd35040e25d621120}, + {0x93a9b9bfa0ba47e5, 0xa14eda13d2c9f218}, + {0x7184aca1f5b7d796, 0x3067d899e53ae149}, + {0x48c135bbd45c9f78, 0x0231ec7261c6fe5e}, + {0xace311a714d11f45, 0x985458a22fc7b74f}, + {0xebd8c0f65c3941c7, 0x9253e8d60d138145}, + {0xa22ef3d3cf82d6ff, 0xf616691696239dad}, + {0xeb43ea48a880c558, 0x4c33bc414d65c622}, + {0xb02ca157db2f5773, 0x0ca75daa548fab25}, + {0x2e2d3b5d3d7fd880, 0xe709ce35344480a0}, + {0x04febe6d0fed06db, 0x82de81148eada3d0}, + {0xc549b2f670e7fe80, 0xef7c7c796a560813}, + {0x420d567cfa7dd71d, 0xd10bc78478e67eba}, + {0xd4e1bfae0eae0e5d, 0x69c02ae2b2189664}, + {0xee5aab9df23ad495, 0xe7fa9150bd2dd0bb}, + {0xdbe38168360cebac, 0x612d7349f49997ad}, + {0x9e4fc0f4006111e3, 0x54879fe858345e92}, + {0x3c5dd0cda73814c2, 0x1a29ef0cd721372e}, + {0x8b45f6e90b16542d, 0xd9b5db39af523ffb}, + {0x336824df50a3e9de, 0x1f70898af1701972}, + {0xf0111fb98c6b9875, 0x50f8f7f554db309c}, + } + // inverseInt has the inverse of the first `numInverseInt` integers. + inverseInt = [numInverseInt]Fp{ + {0xffffffffffffffff, 0x000000000000001b}, + {0x0000000000000000, 0x8000000000000000}, + {0x5555555555555555, 0x0000000000000009}, + {0x0000000000000000, 0x4000000000000000}, + {0xcccccccccccccccd, 0x6666666666666660}, + {0xaaaaaaaaaaaaaaab, 0x7ffffffffffffff6}, + {0xdb6db6db6db6db6e, 0x6db6db6db6db6dae}, + {0x0000000000000000, 0x2000000000000000}, + } +) + +var ( + ErrMatchLen = errors.New("inputs mismatched length") + ErrFieldEltDecode = errors.New("incorrect field element value") + ErrNumberTooLarge = errors.New("number of bits is not enough to represent the number") + ErrMaxNumTries = errors.New("random rejection sampling reached maximum number of tries") + ErrRootsOfUnity = errors.New("Fp has no roots of unity of order larger than 2^66") +) diff --git a/vdaf/prio3/arith/fp128/inverse.go b/vdaf/prio3/arith/fp128/inverse.go new file mode 100644 index 00000000..748ed960 --- /dev/null +++ b/vdaf/prio3/arith/fp128/inverse.go @@ -0,0 +1,27 @@ +package fp128 + +func (z *Fp) Inv(x *Fp) { + // Addition chain found using mmcloughlin/addchain: v0.4.0 + // (McLoughlin, 2021). https://doi.org/10.5281/zenodo.4758226 + var t, t0, t1, t2 Fp + t.Sqr(x) + t.Mul(x, &t) + t.Sqr(&t) + t0.Mul(x, &t) + t.Sqr(&t0) + t1.sqri(&t, 3) + t.Mul(&t, &t1) + t.Mul(x, &t) + t1.sqri(&t, 3) + t2.sqri(&t1, 7) + t1.Mul(&t1, &t2) + t2.sqri(&t1, 14) + t1.Mul(&t1, &t2) + t2.sqri(&t1, 28) + t1.Mul(&t1, &t2) + t0.Mul(&t0, &t1) + t1.sqri(&t0, 62) + t0.Mul(&t0, &t1) + t0.sqri(&t0, 7) + z.Mul(&t, &t0) +} diff --git a/vdaf/prio3/arith/fp128/poly.go b/vdaf/prio3/arith/fp128/poly.go new file mode 100644 index 00000000..f9a3ac57 --- /dev/null +++ b/vdaf/prio3/arith/fp128/poly.go @@ -0,0 +1,68 @@ +// Code generated from ./templates/poly.go.tmpl. DO NOT EDIT. + +package fp128 + +import "github.com/cloudflare/circl/math" + +type Poly []Fp + +func (p Poly) AddAssign(x Poly) { Vec(p).AddAssign(Vec(x)) } +func (p Poly) SubAssign(x Poly) { Vec(p).SubAssign(Vec(x)) } +func (p Poly) Mul(x, y Poly) { + mustSumLen(p, x, y) + clear(p) + var xiyj Fp + for i := range x { + for j := range y { + xiyj.Mul(&x[i], &y[j]) + p[i+j].AddAssign(&xiyj) + } + } +} + +func (p Poly) Sqr(x Poly) { + mustSumLen(p, x, x) + clear(p) + for i := range x { + p[2*i].Sqr(&x[i]) + } + + var xixj Fp + for i := 0; i < len(x); i++ { + for j := i + 1; j < len(x); j++ { + xixj.Mul(&x[i], &x[j]) + xixj.AddAssign(&xixj) + p[i+j].AddAssign(&xixj) + } + } +} + +func (p Poly) Evaluate(x *Fp) (px Fp) { + if l := len(p); l != 0 { + px = p[l-1] + for i := l - 2; i >= 0; i-- { + px.MulAssign(x) + px.AddAssign(&p[i]) + } + } + + return +} + +func (p Poly) Strip() Poly { + for i := len(p) - 1; i >= 0; i-- { + if !p[i].IsZero() { + return p[:i+1] + } + } + + return p[:0] +} + +func (p Poly) Interpolate(values []Fp) { + _, logN := math.NextPow2(uint(len(values))) + Vec(p).InvNTT(values) + var invN Fp + invN.InvTwoN(logN) + Vec(p).ScalarMul(&invN) +} diff --git a/vdaf/prio3/arith/fp128/vector.go b/vdaf/prio3/arith/fp128/vector.go new file mode 100644 index 00000000..76f55ed4 --- /dev/null +++ b/vdaf/prio3/arith/fp128/vector.go @@ -0,0 +1,222 @@ +// Code generated from ./templates/vector.go.tmpl. DO NOT EDIT. + +package fp128 + +import ( + "encoding/binary" + "io" + "math/bits" + + "github.com/cloudflare/circl/internal/conv" + "github.com/cloudflare/circl/internal/sha3" + "github.com/cloudflare/circl/math" + "golang.org/x/crypto/cryptobyte" +) + +type Vec []Fp + +func (v Vec) Size() uint { return Size * uint(len(v)) } + +func (v Vec) AddAssign(x Vec) { + mustSameLen(v, x) + for i := range v { + v[i].AddAssign(&x[i]) + } +} + +func (v Vec) SubAssign(x Vec) { + mustSameLen(v, x) + for i := range v { + v[i].SubAssign(&x[i]) + } +} + +func (v Vec) ScalarMul(x *Fp) { + for i := range v { + v[i].MulAssign(x) + } +} + +func (v Vec) DotProduct(x Vec) (out Fp) { + mustSameLen(v, x) + var t Fp + for i := range v { + t.Mul(&v[i], &x[i]) + out.AddAssign(&t) + } + return +} + +func bitRev(x uint, numBits uint) uint { + return bits.Reverse(x) >> (bits.UintSize - numBits) +} + +func (v Vec) NTT(values Vec) { v.doNTT(values, false) } +func (v Vec) InvNTT(values Vec) { v.doNTT(values, true) } +func (v Vec) doNTT(values Vec, isInvNTT bool) { + valuesLen := uint(len(values)) + _, logN := math.NextPow2(valuesLen) + + for i := range v { + j := bitRev(uint(i), logN) + if j < valuesLen { + v[i] = values[j] + } + } + + var t, w, wn, iwn Fp + r := &wn + if isInvNTT { + r = &iwn + iwn.SetOne() + } + + for l := uint(1); l <= logN; l++ { + y := uint(1) << (l - 1) + chunk := uint(1) << (logN - l) + + for j := range chunk { + x := j << l + u := v[x] + v[x+0].Add(&u, &v[x+y]) + v[x+y].Sub(&u, &v[x+y]) + } + + w.SetOne() + wn.SetRootOfUnityTwoN(l) + iwn.MulAssign(&wn) + for i := uint(1); i < y; i++ { + w.MulAssign(r) + for j := range chunk { + x := (j << l) + i + u := v[x] + t.Mul(&w, &v[x+y]) + v[x+0].Add(&u, &t) + v[x+y].Sub(&u, &t) + } + } + } +} + +func (v Vec) SplitBits(n uint64) error { + if bits.Len64(n) > len(v) { + return ErrNumberTooLarge + } + + clear(v) + for i := range v { + if (n>>i)&0x1 == 1 { + v[i].SetOne() + } + } + + return nil +} + +func (v Vec) JoinBits() Fp { + var two Fp + _ = two.SetUint64(2) + return Poly(v).Evaluate(&two) +} + +func (v Vec) Random(rnd io.Reader) error { + var b [Size]byte + var ok bool +forVec: + for i := range v { + for range maxNumTries { + _, err := rnd.Read(b[:]) + if err != nil { + return err + } + + v[i], ok = isInRange(&b) + if ok { + v[i].toMont() + continue forVec + } + } + return ErrMaxNumTries + } + + return nil +} + +func (v Vec) RandomSHA3(s *sha3.State) error { + for i := range v { + err := v[i].RandomSHA3(s) + if err != nil { + return err + } + } + + return nil +} + +func (v Vec) RandomSHA3Bytes(out []byte, s *sha3.State) error { + var b [Size]byte + var ok bool + +forVec: + for i := range v { + for range maxNumTries { + _, err := s.Read(b[:]) + if err != nil { + return err + } + + v[i], ok = isInRange(&b) + if ok { + out = append(out, b[:]...) + v[i].toMont() + continue forVec + } + } + + return ErrMaxNumTries + } + return nil +} + +func (v Vec) MarshalBinary() ([]byte, error) { + return conv.MarshalBinaryLen(v, v.Size()) +} + +func (v Vec) UnmarshalBinary(b []byte) error { + return conv.UnmarshalBinary(v, b) +} + +func (v Vec) Marshal(b *cryptobyte.Builder) error { + for i := range v { + v[i].Marshal(b) + } + return nil +} + +func (v Vec) Unmarshal(s *cryptobyte.String) bool { + for i := range v { + if !v[i].Unmarshal(s) { + return false + } + } + return true +} + +func isInRange(b *[Size]byte) (out [2]uint64, ok bool) { + out[0] = binary.LittleEndian.Uint64(b[:8]) + out[1] = binary.LittleEndian.Uint64(b[8:]) + ok = out[1] < orderP1 || (out[1] == orderP1 && out[0] < orderP0) + return +} + +func mustSameLen[T ~[]E, E any](x, y T) { + if len(x) != len(y) { + panic(ErrMatchLen) + } +} + +func mustSumLen[T ~[]E, E any](z, x, y T) { + if len(z) != len(x)+len(y)-1 { + panic(ErrMatchLen) + } +} diff --git a/vdaf/prio3/arith/fp128_test.go b/vdaf/prio3/arith/fp128_test.go new file mode 100644 index 00000000..d1633b5a --- /dev/null +++ b/vdaf/prio3/arith/fp128_test.go @@ -0,0 +1,21 @@ +// Code generated from ./templates/field_test.go.tmpl. DO NOT EDIT. + +package arith + +import ( + "testing" + + "github.com/cloudflare/circl/vdaf/prio3/arith/fp128" +) + +func TestFp128(t *testing.T) { + t.Run("Fp", testFp[fp128.Fp]) + t.Run("Vec", testVec[fp128.Vec]) + t.Run("Poly", testPoly[fp128.Poly, fp128.Vec]) +} + +func BenchmarkFp128(b *testing.B) { + b.Run("Fp", benchmarkFp[fp128.Fp]) + b.Run("Vec", benchmarkVec[fp128.Vec]) + b.Run("Poly", benchmarkPoly[fp128.Poly, fp128.Vec]) +} diff --git a/vdaf/prio3/arith/fp64/fiatMont.go b/vdaf/prio3/arith/fp64/fiatMont.go new file mode 100644 index 00000000..f4977153 --- /dev/null +++ b/vdaf/prio3/arith/fp64/fiatMont.go @@ -0,0 +1,171 @@ +// Code generated by fiat.go using fiat-crypto v0.1.4. +// +// Autogenerated: './FiatCrypto_v.0.1.4-issue1672' word-by-word-montgomery --output 'fp64/fiatMont.go' --lang Go --package-name fp64 --doc-prepend-header 'Code generated by fiat.go using fiat-crypto v0.1.4.' --package-case lowerCamelCase --public-function-case lowerCamelCase --public-type-case lowerCamelCase --doc-newline-before-package-declaration --no-primitives --widen-carry --no-field-element-typedefs --relax-primitive-carry-to-bitwidth 64 Fp 64 0xffffffff00000001 add sub mul square +// +// curve description: Fp +// +// machine_wordsize = 64 (from "64") +// +// requested operations: add, sub, mul, square +// +// m = 0xffffffff00000001 (from "0xffffffff00000001") +// +// +// +// NOTE: In addition to the bounds specified above each function, all +// +// functions synthesized for this Montgomery arithmetic require the +// +// input to be strictly less than the prime modulus (m), and also +// +// require the input to be in the unique saturated representation. +// +// All functions also ensure that these two properties are true of +// +// return values. +// +// +// +// Computed values: +// +// eval z = z[0] +// +// bytes_eval z = z[0] + (z[1] << 8) + (z[2] << 16) + (z[3] << 24) + (z[4] << 32) + (z[5] << 40) + (z[6] << 48) + (z[7] << 56) +// +// twos_complement_eval z = let x1 := z[0] in +// +// if x1 & (2^64-1) < 2^63 then x1 & (2^64-1) else (x1 & (2^64-1)) - 2^64 + +package fp64 + +import "math/bits" + +// The function fiatFpAdd adds two field elements in the Montgomery domain. +// +// Preconditions: +// 0 ≤ eval arg1 < m +// 0 ≤ eval arg2 < m +// Postconditions: +// eval (from_montgomery out1) mod m = (eval (from_montgomery arg1) + eval (from_montgomery arg2)) mod m +// 0 ≤ eval out1 < m +// +// Input Bounds: +// arg1: [[0x0 ~> 0xffffffffffffffff]] +// arg2: [[0x0 ~> 0xffffffffffffffff]] +// Output Bounds: +// out1: [[0x0 ~> 0xffffffffffffffff]] +func fiatFpAdd(out1 *Fp, arg1 *Fp, arg2 *Fp) { + var x1 uint64 + var x2 uint64 + x1, x2 = bits.Add64(arg1[0], arg2[0], uint64(0x0)) + var x3 uint64 + var x4 uint64 + x3, x4 = bits.Sub64(x1, 0xffffffff00000001, uint64(uint64(0x0))) + var x6 uint64 + _, x6 = bits.Sub64(x2, uint64(0x0), uint64(x4)) + var x7 uint64 + fiatFpCmovznzU64(&x7, x6, x3, x1) + out1[0] = x7 +} + +// The function fiatFpSub subtracts two field elements in the Montgomery domain. +// +// Preconditions: +// 0 ≤ eval arg1 < m +// 0 ≤ eval arg2 < m +// Postconditions: +// eval (from_montgomery out1) mod m = (eval (from_montgomery arg1) - eval (from_montgomery arg2)) mod m +// 0 ≤ eval out1 < m +// +// Input Bounds: +// arg1: [[0x0 ~> 0xffffffffffffffff]] +// arg2: [[0x0 ~> 0xffffffffffffffff]] +// Output Bounds: +// out1: [[0x0 ~> 0xffffffffffffffff]] +func fiatFpSub(out1 *Fp, arg1 *Fp, arg2 *Fp) { + x1 := arg2[0] + var x2 uint64 + var x3 uint64 + x2, x3 = bits.Sub64(arg1[0], x1, uint64(0x0)) + var x4 uint64 + fiatFpCmovznzU64(&x4, x3, uint64(0x0), 0xffffffffffffffff) + var x5 uint64 + x5, _ = bits.Add64(x2, (x4 & 0xffffffff00000001), uint64(0x0)) + out1[0] = x5 +} + +// The function fiatFpMul multiplies two field elements in the Montgomery domain. +// +// Preconditions: +// 0 ≤ eval arg1 < m +// 0 ≤ eval arg2 < m +// Postconditions: +// eval (from_montgomery out1) mod m = (eval (from_montgomery arg1) * eval (from_montgomery arg2)) mod m +// 0 ≤ eval out1 < m +// +// Input Bounds: +// arg1: [[0x0 ~> 0xffffffffffffffff]] +// arg2: [[0x0 ~> 0xffffffffffffffff]] +// Output Bounds: +// out1: [[0x0 ~> 0xffffffffffffffff]] +func fiatFpMul(out1 *Fp, arg1 *Fp, arg2 *Fp) { + x1 := arg1[0] + var x2 uint64 + var x3 uint64 + x3, x2 = bits.Mul64(x1, arg2[0]) + var x4 uint64 + _, x4 = bits.Mul64(x2, 0xfffffffeffffffff) + var x6 uint64 + var x7 uint64 + x7, x6 = bits.Mul64(x4, 0xffffffff00000001) + var x9 uint64 + _, x9 = bits.Add64(x2, x6, uint64(0x0)) + var x10 uint64 + var x11 uint64 + x10, x11 = bits.Add64(x3, x7, uint64(x9)) + var x12 uint64 + var x13 uint64 + x12, x13 = bits.Sub64(x10, 0xffffffff00000001, uint64(uint64(0x0))) + var x15 uint64 + _, x15 = bits.Sub64(x11, uint64(0x0), uint64(x13)) + var x16 uint64 + fiatFpCmovznzU64(&x16, x15, x12, x10) + out1[0] = x16 +} + +// The function fiatFpSquare squares a field element in the Montgomery domain. +// +// Preconditions: +// 0 ≤ eval arg1 < m +// Postconditions: +// eval (from_montgomery out1) mod m = (eval (from_montgomery arg1) * eval (from_montgomery arg1)) mod m +// 0 ≤ eval out1 < m +// +// Input Bounds: +// arg1: [[0x0 ~> 0xffffffffffffffff]] +// Output Bounds: +// out1: [[0x0 ~> 0xffffffffffffffff]] +func fiatFpSquare(out1 *Fp, arg1 *Fp) { + x1 := arg1[0] + var x2 uint64 + var x3 uint64 + x3, x2 = bits.Mul64(x1, arg1[0]) + var x4 uint64 + _, x4 = bits.Mul64(x2, 0xfffffffeffffffff) + var x6 uint64 + var x7 uint64 + x7, x6 = bits.Mul64(x4, 0xffffffff00000001) + var x9 uint64 + _, x9 = bits.Add64(x2, x6, uint64(0x0)) + var x10 uint64 + var x11 uint64 + x10, x11 = bits.Add64(x3, x7, uint64(x9)) + var x12 uint64 + var x13 uint64 + x12, x13 = bits.Sub64(x10, 0xffffffff00000001, uint64(uint64(0x0))) + var x15 uint64 + _, x15 = bits.Sub64(x11, uint64(0x0), uint64(x13)) + var x16 uint64 + fiatFpCmovznzU64(&x16, x15, x12, x10) + out1[0] = x16 +} diff --git a/vdaf/prio3/arith/fp64/fp.go b/vdaf/prio3/arith/fp64/fp.go new file mode 100644 index 00000000..881c4b99 --- /dev/null +++ b/vdaf/prio3/arith/fp64/fp.go @@ -0,0 +1,242 @@ +// Code generated from ./templates/field.go.tmpl. DO NOT EDIT. + +package fp64 + +import ( + "bytes" + "crypto/subtle" + "encoding/binary" + "errors" + "io" + + "github.com/cloudflare/circl/internal/conv" + "github.com/cloudflare/circl/internal/sha3" + "golang.org/x/crypto/cryptobyte" +) + +// Size is the length in bytes of an Fp64 element. +const Size = 8 + +// Fp represents a prime field element as a positive integer less than Order. +type Fp [1]uint64 + +func (z Fp) String() string { x := z.fromMont(); return conv.Uint64Le2Hex(x[:]) } +func (z Fp) Size() uint { return Size } +func (z Fp) OrderRootUnity() uint { return numRootsUnity } +func (z *Fp) AddAssign(x *Fp) { fiatFpAdd(z, z, x) } +func (z *Fp) SubAssign(x *Fp) { fiatFpSub(z, z, x) } +func (z *Fp) MulAssign(x *Fp) { fiatFpMul(z, z, x) } +func (z *Fp) Add(x, y *Fp) { fiatFpAdd(z, x, y) } +func (z *Fp) Sub(x, y *Fp) { fiatFpSub(z, x, y) } +func (z *Fp) Mul(x, y *Fp) { fiatFpMul(z, x, y) } +func (z *Fp) Sqr(x *Fp) { fiatFpSquare(z, x) } +func (z *Fp) IsZero() bool { return ctEqual(z, &Fp{}) } +func (z *Fp) IsOne() bool { return ctEqual(z, &rootOfUnityTwoN[0]) } +func (z *Fp) IsEqual(x *Fp) bool { return ctEqual(z, x) } +func (z *Fp) SetOne() { *z = rootOfUnityTwoN[0] } +func (z *Fp) toMont() { fiatFpMul(z, z, &rSquare) } +func (z *Fp) fromMont() (out Fp) { fiatFpMul(&out, z, &Fp{1}); return } +func (z *Fp) MarshalBinary() ([]byte, error) { return conv.MarshalBinaryLen(z, Size) } +func (z *Fp) UnmarshalBinary(b []byte) error { return conv.UnmarshalBinary(z, b) } +func (z *Fp) Marshal(b *cryptobyte.Builder) error { + var x [Size]byte + for i, zi := range z.fromMont() { + binary.LittleEndian.PutUint64(x[8*i:], zi) + } + b.AddBytes(x[:]) + return nil +} + +func (z *Fp) Unmarshal(s *cryptobyte.String) bool { + var b [Size]byte + if s.CopyBytes(b[:]) { + n, ok := isInRange(&b) + if ok { + *z = n + z.toMont() + return true + } + } + return false +} + +func (z *Fp) Random(r io.Reader) error { + var b [Size]byte + var ok bool + for range maxNumTries { + _, err := r.Read(b[:]) + if err != nil { + return err + } + + *z, ok = isInRange(&b) + if ok { + z.toMont() + return nil + } + } + + return ErrMaxNumTries +} + +func (z *Fp) RandomSHA3(s *sha3.State) error { + var b [Size]byte + var ok bool + for range maxNumTries { + _, err := s.Read(b[:]) + if err != nil { + return err + } + + *z, ok = isInRange(&b) + if ok { + z.toMont() + return nil + } + } + + return ErrMaxNumTries +} + +func (z *Fp) InvUint64(x uint64) { + if 0 < x && x <= numInverseInt { + *z = inverseInt[x-1] + } else { + err := z.SetUint64(x) + if err != nil { + panic(ErrFieldEltDecode) + } + z.Inv(z) + } +} + +func (z *Fp) InvTwoN(n uint) { + z.SetOne() + for range n { + z.Mul(z, &half) + } +} + +func (z *Fp) SetUint64(n uint64) error { + if n >= orderP0 { + return ErrFieldEltDecode + } + *z = Fp{n} + z.toMont() + return nil +} + +func (z *Fp) GetUint64() (uint64, error) { + x := z.fromMont() + return x[0], nil +} + +func (z *Fp) SetRootOfUnityTwoN(n uint) { + if n > numRootsUnity { + panic(ErrRootsOfUnity) + } + *z = rootOfUnityTwoN[n] +} + +func (z Fp) Order() []byte { + var x [Size]byte + binary.Write(bytes.NewBuffer(x[:0]), binary.BigEndian, []uint64{orderP0}) + return x[:] +} + +func (z *Fp) sqri(x *Fp, n uint) { + z.Sqr(x) + for range n - 1 { + z.Sqr(z) + } +} + +func fiatFpCmovznzU64(z *uint64, b, x, y uint64) { *z = (x &^ (-b)) | (y & (-b)) } + +func ctEqual(x, y *Fp) bool { + var v uint64 + for i := 0; i < len(*x); i++ { + v |= (*x)[i] ^ (*y)[i] + } + v32 := uint32(v>>32) | uint32(v) + return subtle.ConstantTimeEq(int32(v32), 0) == 1 +} + +const ( + // order is the order of the Fp64 field. + orderP0 = uint64(0xffffffff00000001) + // numRootsUnity is .. + numRootsUnity = 32 + // numInverseIntFp64 is the number of precomputed inverses. + numInverseInt = 8 + // maxNumTries is the maximum tries for rejection sampling. + maxNumTries = 10 +) + +var ( + // rSquare is R^2 mod Fp64Order, where R=2^64 (little-endian). + rSquare = Fp{0xfffffffe00000001} + // half is 1/2 mod Order. + half = Fp{0x8000000000000000} + // rootOfUnityTwoN are the (principal) roots of unity that generate + // a multiplicative group of order 2^n. + // i.e., rootOfUnityTwoN[i] generates a group of order 2^i. + // Thus, by definition, + // - rootOfUnityTwoN[0] = One + // - rootOfUnityTwoN[numRoots] = Generator + // Constants are encoded in Montgomery domain (little-endian). + rootOfUnityTwoN = [numRootsUnity + 1]Fp{ + {0x00000000ffffffff}, + {0xfffffffe00000002}, + {0xfffffffeffff0001}, + {0xfeffffff01000001}, + {0x0000000010000000}, + {0xffffbfff00000001}, + {0xfffffffeffffff81}, + {0x07fffffffffff800}, + {0xe60ca9645a7a425e}, + {0x5c411f4d8ab91088}, + {0x8bfed970d671fbb7}, + {0x1da1c8cedc0a82b1}, + {0x959dfcb4779eb1b1}, + {0x35d17996b4e99746}, + {0x10bba1e10e56548b}, + {0x2306baaae6467556}, + {0xbf79450ceba724c2}, + {0xaa3d8a0ca9f1cf0a}, + {0x05f9beab78de26d9}, + {0x8caa33007781b093}, + {0x5e93e76c70b1e9c6}, + {0x32322652d8cb2ab7}, + {0xe67246b3ce63a09e}, + {0x36fbc989de66dc62}, + {0xc307e16fb62a525e}, + {0x6ecfefd745751a91}, + {0x78d6e28499e74d1f}, + {0x915a171c5dce5b0b}, + {0x004a4484a6b1267b}, + {0xa46d26647bea105f}, + {0xb86a0843c8fa27b2}, + {0x5588e6586a6c9a32}, + {0xda58878b0d514e98}, + } + // inverseInt has the inverse of the first `numInverseInt` integers. + inverseInt = [numInverseInt]Fp{ + {0x00000000ffffffff}, + {0x8000000000000000}, + {0x0000000055555555}, + {0x4000000000000000}, + {0x0000000033333333}, + {0x7fffffffaaaaaaab}, + {0x6db6db6d6db6db6e}, + {0x2000000000000000}, + } +) + +var ( + ErrMatchLen = errors.New("inputs mismatched length") + ErrFieldEltDecode = errors.New("incorrect field element value") + ErrNumberTooLarge = errors.New("number of bits is not enough to represent the number") + ErrMaxNumTries = errors.New("random rejection sampling reached maximum number of tries") + ErrRootsOfUnity = errors.New("Fp has no roots of unity of order larger than 2^32") +) diff --git a/vdaf/prio3/arith/fp64/inverse.go b/vdaf/prio3/arith/fp64/inverse.go new file mode 100644 index 00000000..be1e467c --- /dev/null +++ b/vdaf/prio3/arith/fp64/inverse.go @@ -0,0 +1,25 @@ +package fp64 + +func (z *Fp) Inv(x *Fp) { + // Addition chain found using mmcloughlin/addchain: v0.4.0 + // (McLoughlin, 2021). https://doi.org/10.5281/zenodo.4758226 + var t, t0, t1 Fp + t.Sqr(x) + t.Mul(x, &t) + t.Sqr(&t) + t.Mul(x, &t) + t0.sqri(&t, 3) + t0.Mul(&t, &t0) + t1.Sqr(&t0) + t.Mul(x, &t1) + t1.sqri(&t1, 5) + t0.Mul(&t0, &t1) + t1.sqri(&t0, 12) + t0.Mul(&t0, &t1) + t0.sqri(&t0, 7) + t.Mul(&t, &t0) + t0.sqri(&t, 32) + t.Mul(&t, &t0) + t.Sqr(&t) + z.Mul(x, &t) +} diff --git a/vdaf/prio3/arith/fp64/poly.go b/vdaf/prio3/arith/fp64/poly.go new file mode 100644 index 00000000..ab9d3ec9 --- /dev/null +++ b/vdaf/prio3/arith/fp64/poly.go @@ -0,0 +1,68 @@ +// Code generated from ./templates/poly.go.tmpl. DO NOT EDIT. + +package fp64 + +import "github.com/cloudflare/circl/math" + +type Poly []Fp + +func (p Poly) AddAssign(x Poly) { Vec(p).AddAssign(Vec(x)) } +func (p Poly) SubAssign(x Poly) { Vec(p).SubAssign(Vec(x)) } +func (p Poly) Mul(x, y Poly) { + mustSumLen(p, x, y) + clear(p) + var xiyj Fp + for i := range x { + for j := range y { + xiyj.Mul(&x[i], &y[j]) + p[i+j].AddAssign(&xiyj) + } + } +} + +func (p Poly) Sqr(x Poly) { + mustSumLen(p, x, x) + clear(p) + for i := range x { + p[2*i].Sqr(&x[i]) + } + + var xixj Fp + for i := 0; i < len(x); i++ { + for j := i + 1; j < len(x); j++ { + xixj.Mul(&x[i], &x[j]) + xixj.AddAssign(&xixj) + p[i+j].AddAssign(&xixj) + } + } +} + +func (p Poly) Evaluate(x *Fp) (px Fp) { + if l := len(p); l != 0 { + px = p[l-1] + for i := l - 2; i >= 0; i-- { + px.MulAssign(x) + px.AddAssign(&p[i]) + } + } + + return +} + +func (p Poly) Strip() Poly { + for i := len(p) - 1; i >= 0; i-- { + if !p[i].IsZero() { + return p[:i+1] + } + } + + return p[:0] +} + +func (p Poly) Interpolate(values []Fp) { + _, logN := math.NextPow2(uint(len(values))) + Vec(p).InvNTT(values) + var invN Fp + invN.InvTwoN(logN) + Vec(p).ScalarMul(&invN) +} diff --git a/vdaf/prio3/arith/fp64/vector.go b/vdaf/prio3/arith/fp64/vector.go new file mode 100644 index 00000000..3ec7ef68 --- /dev/null +++ b/vdaf/prio3/arith/fp64/vector.go @@ -0,0 +1,221 @@ +// Code generated from ./templates/vector.go.tmpl. DO NOT EDIT. + +package fp64 + +import ( + "encoding/binary" + "io" + "math/bits" + + "github.com/cloudflare/circl/internal/conv" + "github.com/cloudflare/circl/internal/sha3" + "github.com/cloudflare/circl/math" + "golang.org/x/crypto/cryptobyte" +) + +type Vec []Fp + +func (v Vec) Size() uint { return Size * uint(len(v)) } + +func (v Vec) AddAssign(x Vec) { + mustSameLen(v, x) + for i := range v { + v[i].AddAssign(&x[i]) + } +} + +func (v Vec) SubAssign(x Vec) { + mustSameLen(v, x) + for i := range v { + v[i].SubAssign(&x[i]) + } +} + +func (v Vec) ScalarMul(x *Fp) { + for i := range v { + v[i].MulAssign(x) + } +} + +func (v Vec) DotProduct(x Vec) (out Fp) { + mustSameLen(v, x) + var t Fp + for i := range v { + t.Mul(&v[i], &x[i]) + out.AddAssign(&t) + } + return +} + +func bitRev(x uint, numBits uint) uint { + return bits.Reverse(x) >> (bits.UintSize - numBits) +} + +func (v Vec) NTT(values Vec) { v.doNTT(values, false) } +func (v Vec) InvNTT(values Vec) { v.doNTT(values, true) } +func (v Vec) doNTT(values Vec, isInvNTT bool) { + valuesLen := uint(len(values)) + _, logN := math.NextPow2(valuesLen) + + for i := range v { + j := bitRev(uint(i), logN) + if j < valuesLen { + v[i] = values[j] + } + } + + var t, w, wn, iwn Fp + r := &wn + if isInvNTT { + r = &iwn + iwn.SetOne() + } + + for l := uint(1); l <= logN; l++ { + y := uint(1) << (l - 1) + chunk := uint(1) << (logN - l) + + for j := range chunk { + x := j << l + u := v[x] + v[x+0].Add(&u, &v[x+y]) + v[x+y].Sub(&u, &v[x+y]) + } + + w.SetOne() + wn.SetRootOfUnityTwoN(l) + iwn.MulAssign(&wn) + for i := uint(1); i < y; i++ { + w.MulAssign(r) + for j := range chunk { + x := (j << l) + i + u := v[x] + t.Mul(&w, &v[x+y]) + v[x+0].Add(&u, &t) + v[x+y].Sub(&u, &t) + } + } + } +} + +func (v Vec) SplitBits(n uint64) error { + if bits.Len64(n) > len(v) { + return ErrNumberTooLarge + } + + clear(v) + for i := range v { + if (n>>i)&0x1 == 1 { + v[i].SetOne() + } + } + + return nil +} + +func (v Vec) JoinBits() Fp { + var two Fp + _ = two.SetUint64(2) + return Poly(v).Evaluate(&two) +} + +func (v Vec) Random(rnd io.Reader) error { + var b [Size]byte + var ok bool +forVec: + for i := range v { + for range maxNumTries { + _, err := rnd.Read(b[:]) + if err != nil { + return err + } + + v[i], ok = isInRange(&b) + if ok { + v[i].toMont() + continue forVec + } + } + return ErrMaxNumTries + } + + return nil +} + +func (v Vec) RandomSHA3(s *sha3.State) error { + for i := range v { + err := v[i].RandomSHA3(s) + if err != nil { + return err + } + } + + return nil +} + +func (v Vec) RandomSHA3Bytes(out []byte, s *sha3.State) error { + var b [Size]byte + var ok bool + +forVec: + for i := range v { + for range maxNumTries { + _, err := s.Read(b[:]) + if err != nil { + return err + } + + v[i], ok = isInRange(&b) + if ok { + out = append(out, b[:]...) + v[i].toMont() + continue forVec + } + } + + return ErrMaxNumTries + } + return nil +} + +func (v Vec) MarshalBinary() ([]byte, error) { + return conv.MarshalBinaryLen(v, v.Size()) +} + +func (v Vec) UnmarshalBinary(b []byte) error { + return conv.UnmarshalBinary(v, b) +} + +func (v Vec) Marshal(b *cryptobyte.Builder) error { + for i := range v { + v[i].Marshal(b) + } + return nil +} + +func (v Vec) Unmarshal(s *cryptobyte.String) bool { + for i := range v { + if !v[i].Unmarshal(s) { + return false + } + } + return true +} + +func isInRange(b *[Size]byte) (out [1]uint64, ok bool) { + out[0] = binary.LittleEndian.Uint64(b[:8]) + ok = out[0] < orderP0 + return +} + +func mustSameLen[T ~[]E, E any](x, y T) { + if len(x) != len(y) { + panic(ErrMatchLen) + } +} + +func mustSumLen[T ~[]E, E any](z, x, y T) { + if len(z) != len(x)+len(y)-1 { + panic(ErrMatchLen) + } +} diff --git a/vdaf/prio3/arith/fp64_test.go b/vdaf/prio3/arith/fp64_test.go new file mode 100644 index 00000000..3ff6df39 --- /dev/null +++ b/vdaf/prio3/arith/fp64_test.go @@ -0,0 +1,21 @@ +// Code generated from ./templates/field_test.go.tmpl. DO NOT EDIT. + +package arith + +import ( + "testing" + + "github.com/cloudflare/circl/vdaf/prio3/arith/fp64" +) + +func TestFp64(t *testing.T) { + t.Run("Fp", testFp[fp64.Fp]) + t.Run("Vec", testVec[fp64.Vec]) + t.Run("Poly", testPoly[fp64.Poly, fp64.Vec]) +} + +func BenchmarkFp64(b *testing.B) { + b.Run("Fp", benchmarkFp[fp64.Fp]) + b.Run("Vec", benchmarkVec[fp64.Vec]) + b.Run("Poly", benchmarkPoly[fp64.Poly, fp64.Vec]) +} diff --git a/vdaf/prio3/arith/gen.go b/vdaf/prio3/arith/gen.go new file mode 100644 index 00000000..3c105601 --- /dev/null +++ b/vdaf/prio3/arith/gen.go @@ -0,0 +1,182 @@ +//go:build ignore + +package main + +import ( + "bytes" + "fmt" + "go/format" + "math/big" + "os" + "path" + "strings" + "text/template" +) + +type Fp struct { + Name string + Bits uint + NumRootsUnity uint + NumInverseInt uint + Modulus string + Generator string +} + +func (f Fp) NumUint64() int { return int(f.Bits) / 64 } + +func (f Fp) NumUint8() int { return int(f.Bits) / 8 } + +func (f Fp) OrderConst() (s string) { + d := baseTwo64(f.Prime()) + for i := f.NumUint64() - 1; i >= 0; i-- { + s += fmt.Sprintf("orderP%v = uint64(0x%v)\n", i, d[i].Text(16)) + } + return +} + +func (f Fp) OrderVar() string { + var s []string + for i := f.NumUint64() - 1; i >= 0; i-- { + s = append(s, fmt.Sprintf("orderP%v", i)) + } + return strings.Join(s, ",") +} + +func (f Fp) Prime() *big.Int { + p, _ := new(big.Int).SetString(f.Modulus, 16) + return p +} + +func (f Fp) Half() string { + p := f.Prime() + half := big.NewInt(2) + half.ModInverse(half, p) + f.toMont(half, p) + return printDigits(half) +} + +func (f Fp) RSquare() string { + p := f.Prime() + R2 := big.NewInt(1) + R2.Lsh(R2, f.Bits) + R2.Mul(R2, R2).Mod(R2, p) + return printDigits(R2) +} + +func (f Fp) RootsOfUnity() (s string) { + p := f.Prime() + g, _ := new(big.Int).SetString(f.Generator, 16) + for i := range f.NumRootsUnity + 1 { + twoI := big.NewInt(1) + twoI.Lsh(twoI, f.NumRootsUnity-i) + gi := new(big.Int).Exp(g, twoI, p) + f.toMont(gi, p) + s += "{" + printDigits(gi) + "},\n" + } + return +} + +func (f Fp) InverseInt() (s string) { + p := f.Prime() + for i := range f.NumInverseInt { + invI := new(big.Int).ModInverse(big.NewInt(int64(i+1)), p) + f.toMont(invI, p) + s += "{" + printDigits(invI) + "},\n" + } + return +} + +func (f Fp) toMont(x, p *big.Int) { + R := big.NewInt(1) + R.Lsh(R, f.Bits) + x.Mul(x, R).Mod(x, p) +} + +func baseTwo64(v *big.Int) (d []*big.Int) { + n := new(big.Int).Set(v) + two64 := new(big.Int).Lsh(big.NewInt(1), 64) + for n.Sign() > 0 { + x := new(big.Int).Mod(n, two64) + n.Rsh(n, 64) + d = append(d, x) + } + return +} + +func printDigits(n *big.Int) (s string) { + for _, d := range baseTwo64(n) { + s += fmt.Sprintf("0x%016x,", d) + } + return +} + +func main() { + const TemplateWarning = "// Code generated from" + + fields := []Fp{ + { + Name: "Fp64", + Bits: 64, + NumRootsUnity: 32, + NumInverseInt: 8, + // Modulus: 2^32 * 4294967295 + 1 + Modulus: "ffffffff00000001", + // Generator: 7^4294967295 + Generator: "185629dcda58878c", + }, + { + Name: "Fp128", + Bits: 128, + NumRootsUnity: 66, + NumInverseInt: 8, + // Modulus: 2^66 * 4611686018427387897 + 1 + Modulus: "ffffffffffffffe40000000000000001", + // Generator: 7^4611686018427387897 + Generator: "6d278fbf4f60228b1f9b2759c5109f06", + }, + } + + for _, file := range []string{"fp_test", "fp", "vector", "poly"} { + tName := "templates/" + file + ".go.tmpl" + tl, err := template. + New(path.Base(tName)). + Funcs(template.FuncMap{"ToLower": strings.ToLower}). + ParseFiles(tName) + if err != nil { + panic(err) + } + + for _, f := range fields { + buf := new(bytes.Buffer) + err := tl.Execute(buf, f) + if err != nil { + panic(err) + } + + code := buf.Bytes() + code, err = format.Source(code) + if err != nil { + panic("error formating code") + } + + res := string(code) + offset := strings.Index(res, TemplateWarning) + if offset == -1 { + panic("Missing template warning") + } + + folder := strings.ToLower(f.Name) + fileName := file + if file == "fp_test" { + folder = "." + fileName = strings.ToLower(f.Name) + "_test" + } + + path := fmt.Sprintf("%v/%v.go", folder, fileName) + err = os.WriteFile(path, []byte(res[offset:]), 0o600) + if err != nil { + panic(err) + } + } + } +} diff --git a/vdaf/prio3/arith/genFiatMont.go b/vdaf/prio3/arith/genFiatMont.go new file mode 100644 index 00000000..1b2f3def --- /dev/null +++ b/vdaf/prio3/arith/genFiatMont.go @@ -0,0 +1,79 @@ +//go:build ignore +// +build ignore + +// Code Generation using fiat-crypto +// +// Download and unpack Fiat Cryptography v0.1.4 from +// https://github.com/mit-plv/fiat-crypto/releases/tag/v0.1.4 +// +// Then run this program specifying the path to the Fiat Cryptography v0.1.4 binary. +// $ FIAT_BINARY= go run genFiatMont.go +// +// References: +// [1] Erbsen et al. "Simple High-Level Code For Cryptographic Arithmetic – With +// Proofs, Without Compromises" https://github.com/mit-plv/fiat-crypto + +package main + +import ( + "log" + "os" + "os/exec" + "strings" + "text/template" +) + +const headerCIRCL = "Code generated by fiat.go using fiat-crypto v0.1.4." + +var FIAT_PARAMS = []string{ + "word-by-word-montgomery", + "--output", "{{.Pkg}}/fiatMont.go", + "--lang", "Go", + "--package-name", "{{.Pkg}}", + "--doc-prepend-header", headerCIRCL, + "--package-case", "lowerCamelCase", + "--public-function-case", "lowerCamelCase", + "--public-type-case", "lowerCamelCase", + "--doc-newline-before-package-declaration", + "--no-primitives", + "--widen-carry", + "--no-field-element-typedefs", + "--relax-primitive-carry-to-bitwidth", "64", + "Fp", "64", "{{.Prime}}", "add", "sub", "mul", "square", +} + +var fields = []struct{ Pkg, Prime string }{ + { + Pkg: "fp64", + Prime: "0xffffffff00000001", // 2^32 * 4294967295 + 1 + }, + { + Pkg: "fp128", + Prime: "0xffffffffffffffe40000000000000001", // 2^66 * 4611686018427387897 + 1 + }, +} + +func main() { + FIAT_BINARY := os.Getenv("FIAT_BINARY") + if FIAT_BINARY == "" { + log.Fatal("error: must specify the path to the Fiat Cryptography binary.") + } + + paramsTmpl := strings.Join(FIAT_PARAMS, ",") + + for _, f := range fields { + var buf strings.Builder + t := template.Must(new(template.Template).Parse(paramsTmpl)) + err := t.Execute(&buf, f) + if err != nil { + log.Fatalf("error: executing template: %v", err) + } + + cmdParams := strings.Split(buf.String(), ",") + cmd := exec.Command(FIAT_BINARY, cmdParams...) + out, err := cmd.CombinedOutput() + if len(out) != 0 || err != nil { + log.Fatalf("command output: %s\n command error: %v\n", out, err) + } + } +} diff --git a/vdaf/prio3/arith/poly_test.go b/vdaf/prio3/arith/poly_test.go new file mode 100644 index 00000000..5d7b9016 --- /dev/null +++ b/vdaf/prio3/arith/poly_test.go @@ -0,0 +1,153 @@ +package arith + +import ( + "slices" + "testing" + + "github.com/cloudflare/circl/internal/test" + "github.com/cloudflare/circl/math" +) + +const Degree = 1024 + +func testPoly[P Poly[P, E], V Vec[V, E], E EltTest, F Fp[E]](t *testing.T) { + t.Run("interpolate", interpolate[P, V, E, F]) + t.Run("strip", strip[P, E, F]) + t.Run("mulSqr", mulSqrPoly[P, V, E, F]) +} + +func mulSqrPoly[P Poly[P, E], V Vec[V, E], E EltTest, F Fp[E]](t *testing.T) { + const Deg = 4 + x := NewPoly[P](Deg) + y := NewPoly[P](Deg) + l0 := NewPoly[P](Deg) + l1 := NewPoly[P](Deg) + l2 := NewPoly[P](2 * Deg) + r0 := NewPoly[P](2 * Deg) + r1 := NewPoly[P](2 * Deg) + + for i := 0; i < testTimes; i++ { + mustRead(t, V(x)) + mustRead(t, V(y)) + + // (x+y)(x-y) = (x^2-y^2) + copy(l0, x) + copy(l1, x) + l0.AddAssign(y) + l1.SubAssign(y) + l2.Mul(l0, l1) + + r0.Sqr(x) + r1.Sqr(y) + r0.SubAssign(r1) + got := l2 + want := r0 + if !slices.Equal(got, want) { + test.ReportError(t, got, want, x, y) + } + } +} + +func evalRootsUnity[P Poly[P, E], V Vec[V, E], E Elt, F Fp[E]](p P) V { + // evaluate p on the powers of the root of unity. + // p(w^0), p(w^1), p(w^2), ... + N, logN := math.NextPow2(uint(len(p))) + var wi, wn F = new(E), new(E) + wi.SetOne() + wn.SetRootOfUnityTwoN(logN) + values := NewVec[V](N) + + for i := range values { + values[i] = p.Evaluate(wi) + wi.MulAssign(wn) + } + + return values +} + +func interpolate[P Poly[P, E], V Vec[V, E], E EltTest, F Fp[E]](t *testing.T) { + const Max = 10 + for logN := range Max { + N := uint(1) << logN + p := NewPoly[P](N - 1) + mustRead(t, V(p)) + values := evalRootsUnity[P, V, E, F](p) + + y := NewVec[V](N) + y.NTT(V(p)) + if !slices.Equal(y, values) { + test.ReportError(t, y, values) + } + + p2 := NewPoly[P](N - 1) + p2.Interpolate(values) + if !slices.Equal(p, p2) { + test.ReportError(t, p, p2) + } + } +} + +func strip[P Poly[P, E], E Elt, F Fp[E]](t *testing.T) { + N := 4 + p := NewPoly[P](uint(N)) + p = p.Strip() + test.CheckOk(len(p) == 0, "strip failed", t) + + for i := range N + 1 { + p := NewPoly[P](uint(N)) + F(&p[i]).SetOne() + p = p.Strip() + test.CheckOk(len(p) == i+1, "strip failed", t) + } +} + +func benchmarkPoly[P Poly[P, E], V Vec[V, E], E Elt, F Fp[E]](b *testing.B) { + x := F(new(E)) + p := NewPoly[P](Degree) + q := NewPoly[P](Degree) + pq := NewPoly[P](2 * Degree) + mustRead(b, x) + mustRead(b, V(p)) + mustRead(b, V(q)) + + N, _ := math.NextPow2(Degree) + pol := NewPoly[P](N - 1) + mustRead(b, V(pol)) + values := evalRootsUnity[P, V, E, F](pol) + + b.Run("AddAssign", func(b *testing.B) { + for i := 0; i < b.N; i++ { + q.AddAssign(p) + } + }) + b.Run("Sqr", func(b *testing.B) { + for i := 0; i < b.N; i++ { + pq.Sqr(p) + } + }) + b.Run("Mul", func(b *testing.B) { + for i := 0; i < b.N; i++ { + pq.Mul(p, q) + } + }) + b.Run("Evaluate", func(b *testing.B) { + for i := 0; i < b.N; i++ { + _ = p.Evaluate(x) + } + }) + b.Run("NTT", func(b *testing.B) { + for i := 0; i < b.N; i++ { + V(p).NTT(values) + } + }) + b.Run("InvNTT", func(b *testing.B) { + for i := 0; i < b.N; i++ { + V(p).InvNTT(values) + } + }) + b.Run("Interpolate", func(b *testing.B) { + for i := 0; i < b.N; i++ { + pol.Interpolate(values) + } + }) +} diff --git a/vdaf/prio3/arith/templates/fp.go.tmpl b/vdaf/prio3/arith/templates/fp.go.tmpl new file mode 100644 index 00000000..aaac41e3 --- /dev/null +++ b/vdaf/prio3/arith/templates/fp.go.tmpl @@ -0,0 +1,217 @@ +// +build ignore +// The previous line (and this one up to the warning below) is removed by the +// template generator. + +// Code generated from ./templates/field.go.tmpl. DO NOT EDIT. + +package {{.Name | ToLower}} + +import ( + "bytes" + "crypto/subtle" + "encoding/binary" + "errors" + "io" + + "github.com/cloudflare/circl/internal/conv" + "github.com/cloudflare/circl/internal/sha3" + "golang.org/x/crypto/cryptobyte" +) + +// Size is the length in bytes of an {{.Name}} element. +const Size = {{.NumUint8}} + +// Fp represents a prime field element as a positive integer less than Order. +type Fp [{{.NumUint64}}]uint64 + +func (z Fp) String() string { x := z.fromMont(); return conv.Uint64Le2Hex(x[:]) } +func (z Fp) Size() uint { return Size } +func (z Fp) OrderRootUnity() uint { return numRootsUnity } +func (z *Fp) AddAssign(x *Fp) { fiatFpAdd(z, z, x) } +func (z *Fp) SubAssign(x *Fp) { fiatFpSub(z, z, x) } +func (z *Fp) MulAssign(x *Fp) { fiatFpMul(z, z, x) } +func (z *Fp) Add(x, y *Fp) { fiatFpAdd(z, x, y) } +func (z *Fp) Sub(x, y *Fp) { fiatFpSub(z, x, y) } +func (z *Fp) Mul(x, y *Fp) { fiatFpMul(z, x, y) } +func (z *Fp) Sqr(x *Fp) { fiatFpSquare(z, x) } +func (z *Fp) IsZero() bool { return ctEqual(z, &Fp{}) } +func (z *Fp) IsOne() bool { return ctEqual(z, &rootOfUnityTwoN[0]) } +func (z *Fp) IsEqual(x *Fp) bool { return ctEqual(z, x) } +func (z *Fp) SetOne() { *z = rootOfUnityTwoN[0] } +func (z *Fp) toMont() { fiatFpMul(z, z, &rSquare) } +func (z *Fp) fromMont() (out Fp) { fiatFpMul(&out, z, &Fp{1}); return } +func (z *Fp) MarshalBinary() ([]byte, error) { return conv.MarshalBinaryLen(z, Size) } +func (z *Fp) UnmarshalBinary(b []byte) error { return conv.UnmarshalBinary(z, b) } +func (z *Fp) Marshal(b *cryptobyte.Builder) error { + var x [Size]byte + for i, zi := range z.fromMont() { + binary.LittleEndian.PutUint64(x[8*i:], zi) + } + b.AddBytes(x[:]) + return nil +} + +func (z* Fp) Unmarshal(s *cryptobyte.String) bool{ + var b [Size]byte + if s.CopyBytes(b[:]) { + n, ok := isInRange(&b) + if ok { + *z = n + z.toMont() + return true + } + } + return false +} + +func (z* Fp) Random(r io.Reader) error { + var b [Size]byte + var ok bool + for range maxNumTries { + _, err := r.Read(b[:]) + if err != nil { + return err + } + + *z, ok = isInRange(&b) + if ok { + z.toMont() + return nil + } + } + + return ErrMaxNumTries +} + +func (z* Fp) RandomSHA3(s *sha3.State) error { + var b [Size]byte + var ok bool + for range maxNumTries { + _, err := s.Read(b[:]) + if err != nil { + return err + } + + *z, ok = isInRange(&b) + if ok { + z.toMont() + return nil + } + } + + return ErrMaxNumTries +} + +func (z* Fp) InvUint64(x uint64) { + if 0 < x && x <= numInverseInt { + *z = inverseInt[x-1] + } else { + err := z.SetUint64(x) + if err != nil { + panic(ErrFieldEltDecode) + } + z.Inv(z) + } +} + +func (z* Fp) InvTwoN(n uint) { + z.SetOne() + for range n { + z.Mul(z, &half) + } +} + +func (z* Fp) SetUint64(n uint64) error { + {{- if eq .Bits 64 }} + if n >= {{.OrderVar}} { + return ErrFieldEltDecode + } + {{- end }} + *z = Fp{n} + z.toMont() + return nil +} + +func (z* Fp) GetUint64() (uint64, error) { + x := z.fromMont(); + {{- if eq .Bits 128 }} + if x[1] != 0 { + return 0, ErrNumberTooLarge + } + {{- end }} + return x[0], nil +} + +func (z* Fp) SetRootOfUnityTwoN(n uint) { + if n > numRootsUnity { + panic(ErrRootsOfUnity) + } + *z = rootOfUnityTwoN[n] +} + + +func (z Fp) Order() []byte { + var x [Size]byte + binary.Write(bytes.NewBuffer(x[:0]), binary.BigEndian, []uint64{ {{.OrderVar}} }) + return x[:] +} + +func (z* Fp) sqri(x *Fp, n uint) { + z.Sqr(x) + for range n - 1 { + z.Sqr(z) + } +} + +func fiatFpCmovznzU64(z *uint64, b, x, y uint64) { *z = (x &^ (-b)) | (y & (-b)) } + +func ctEqual(x, y *Fp) bool { + var v uint64 + for i := 0; i < len(*x); i++ { + v |= (*x)[i] ^ (*y)[i] + } + v32 := uint32(v>>32) | uint32(v) + return subtle.ConstantTimeEq(int32(v32), 0) == 1 +} + + +const ( + // order is the order of the {{.Name}} field. + {{.OrderConst -}} + // numRootsUnity is .. + numRootsUnity = {{.NumRootsUnity}} + // numInverseInt{{.Name}} is the number of precomputed inverses. + numInverseInt = {{.NumInverseInt}} + // maxNumTries is the maximum tries for rejection sampling. + maxNumTries = 10 +) + +var ( + // rSquare is R^2 mod {{.Name}}Order, where R=2^{{.Bits}} (little-endian). + rSquare = Fp{ {{.RSquare}} } + // half is 1/2 mod Order. + half = Fp{ {{.Half}} } + // rootOfUnityTwoN are the (principal) roots of unity that generate + // a multiplicative group of order 2^n. + // i.e., rootOfUnityTwoN[i] generates a group of order 2^i. + // Thus, by definition, + // - rootOfUnityTwoN[0] = One + // - rootOfUnityTwoN[numRoots] = Generator + // Constants are encoded in Montgomery domain (little-endian). + rootOfUnityTwoN = [numRootsUnity + 1]Fp{ + {{.RootsOfUnity}} + } + // inverseInt has the inverse of the first `numInverseInt` integers. + inverseInt = [numInverseInt]Fp{ + {{.InverseInt}} + } +) + + +var ( + ErrMatchLen = errors.New("inputs mismatched length") + ErrFieldEltDecode = errors.New("incorrect field element value") + ErrNumberTooLarge = errors.New("number of bits is not enough to represent the number") + ErrMaxNumTries = errors.New("random rejection sampling reached maximum number of tries") + ErrRootsOfUnity = errors.New("Fp has no roots of unity of order larger than 2^{{.NumRootsUnity}}") +) diff --git a/vdaf/prio3/arith/templates/fp_test.go.tmpl b/vdaf/prio3/arith/templates/fp_test.go.tmpl new file mode 100644 index 00000000..827cabbe --- /dev/null +++ b/vdaf/prio3/arith/templates/fp_test.go.tmpl @@ -0,0 +1,25 @@ +// +build ignore +// The previous line (and this one up to the warning below) is removed by the +// template generator. + +// Code generated from ./templates/field_test.go.tmpl. DO NOT EDIT. + +package arith + +import ( + "testing" + + "github.com/cloudflare/circl/vdaf/prio3/arith/{{.Name | ToLower}}" +) + +func Test{{.Name}}(t *testing.T) { + t.Run("Fp", testFp[{{.Name | ToLower}}.Fp]) + t.Run("Vec", testVec[{{.Name | ToLower}}.Vec]) + t.Run("Poly",testPoly[{{.Name | ToLower}}.Poly, {{.Name | ToLower}}.Vec]) +} + +func Benchmark{{.Name}}(b *testing.B) { + b.Run("Fp", benchmarkFp[{{.Name | ToLower}}.Fp]) + b.Run("Vec", benchmarkVec[{{.Name | ToLower}}.Vec]) + b.Run("Poly", benchmarkPoly[{{.Name | ToLower}}.Poly, {{.Name | ToLower}}.Vec]) +} diff --git a/vdaf/prio3/arith/templates/poly.go.tmpl b/vdaf/prio3/arith/templates/poly.go.tmpl new file mode 100644 index 00000000..6e145be2 --- /dev/null +++ b/vdaf/prio3/arith/templates/poly.go.tmpl @@ -0,0 +1,72 @@ +// +build ignore +// The previous line (and this one up to the warning below) is removed by the +// template generator. + +// Code generated from ./templates/poly.go.tmpl. DO NOT EDIT. + +package {{.Name | ToLower}} + +import "github.com/cloudflare/circl/math" + +type Poly []Fp + +func (p Poly) AddAssign(x Poly) { Vec(p).AddAssign(Vec(x)) } +func (p Poly) SubAssign(x Poly) { Vec(p).SubAssign(Vec(x)) } +func (p Poly) Mul(x, y Poly) { + mustSumLen(p, x, y) + clear(p) + var xiyj Fp + for i := range x { + for j := range y { + xiyj.Mul(&x[i], &y[j]) + p[i+j].AddAssign(&xiyj) + } + } +} + +func (p Poly) Sqr(x Poly) { + mustSumLen(p, x, x) + clear(p) + for i := range x { + p[2*i].Sqr(&x[i]) + } + + var xixj Fp + for i := 0; i < len(x); i++ { + for j := i + 1; j < len(x); j++ { + xixj.Mul(&x[i], &x[j]) + xixj.AddAssign(&xixj) + p[i+j].AddAssign(&xixj) + } + } +} + +func (p Poly) Evaluate(x *Fp) (px Fp) { + if l := len(p); l != 0 { + px = p[l-1] + for i := l - 2; i >= 0; i-- { + px.MulAssign(x) + px.AddAssign(&p[i]) + } + } + + return +} + +func (p Poly) Strip() Poly { + for i := len(p) - 1; i >= 0; i-- { + if !p[i].IsZero() { + return p[:i+1] + } + } + + return p[:0] +} + +func (p Poly) Interpolate(values []Fp) { + _, logN := math.NextPow2(uint(len(values))) + Vec(p).InvNTT(values) + var invN Fp + invN.InvTwoN(logN) + Vec(p).ScalarMul(&invN) +} diff --git a/vdaf/prio3/arith/templates/vector.go.tmpl b/vdaf/prio3/arith/templates/vector.go.tmpl new file mode 100644 index 00000000..c1d0aa5c --- /dev/null +++ b/vdaf/prio3/arith/templates/vector.go.tmpl @@ -0,0 +1,233 @@ +// +build ignore +// The previous line (and this one up to the warning below) is removed by the +// template generator. + +// Code generated from ./templates/vector.go.tmpl. DO NOT EDIT. + +package {{.Name | ToLower}} + +import ( + "io" + "encoding/binary" + "math/bits" + + "github.com/cloudflare/circl/internal/conv" + "github.com/cloudflare/circl/internal/sha3" + "github.com/cloudflare/circl/math" + "golang.org/x/crypto/cryptobyte" +) + +type Vec []Fp + +func (v Vec) Size() uint { return Size*uint(len(v)) } + +func (v Vec) AddAssign(x Vec) { + mustSameLen(v, x) + for i := range v { + v[i].AddAssign(&x[i]) + } +} + +func (v Vec) SubAssign(x Vec) { + mustSameLen(v, x) + for i := range v { + v[i].SubAssign(&x[i]) + } +} + +func (v Vec) ScalarMul(x *Fp) { + for i := range v { + v[i].MulAssign(x) + } +} + +func (v Vec) DotProduct(x Vec) (out Fp) { + mustSameLen(v, x) + var t Fp + for i := range v { + t.Mul(&v[i], &x[i]) + out.AddAssign(&t) + } + return +} + +func bitRev(x uint, numBits uint) uint { + return bits.Reverse(x) >> (bits.UintSize - numBits) +} + +func (v Vec) NTT(values Vec) { v.doNTT(values, false) } +func (v Vec) InvNTT(values Vec) { v.doNTT(values, true) } +func (v Vec) doNTT(values Vec, isInvNTT bool) { + valuesLen := uint(len(values)) + _, logN := math.NextPow2(valuesLen) + + for i := range v { + j := bitRev(uint(i), logN) + if j < valuesLen { + v[i] = values[j] + } + } + + var t, w, wn, iwn Fp + r := &wn + if isInvNTT { + r = &iwn + iwn.SetOne() + } + + for l := uint(1); l <= logN; l++ { + y := uint(1) << (l - 1) + chunk := uint(1) << (logN - l) + + for j := range chunk { + x := j << l + u := v[x] + v[x+0].Add(&u, &v[x+y]) + v[x+y].Sub(&u, &v[x+y]) + } + + w.SetOne() + wn.SetRootOfUnityTwoN(l) + iwn.MulAssign(&wn) + for i := uint(1); i < y; i++ { + w.MulAssign(r) + for j := range chunk { + x := (j << l) + i + u := v[x] + t.Mul(&w, &v[x+y]) + v[x+0].Add(&u, &t) + v[x+y].Sub(&u, &t) + } + } + } +} + +func (v Vec) SplitBits(n uint64) error { + if bits.Len64(n) > len(v) { + return ErrNumberTooLarge + } + + clear(v) + for i := range v { + if (n>>i)&0x1 == 1 { + v[i].SetOne() + } + } + + return nil +} + +func (v Vec) JoinBits() Fp { + var two Fp + _ = two.SetUint64(2) + return Poly(v).Evaluate(&two) +} + + +func (v Vec) Random(rnd io.Reader) error { + var b [Size]byte + var ok bool +forVec: + for i := range v { + for range maxNumTries { + _, err := rnd.Read(b[:]) + if err != nil { + return err + } + + v[i], ok = isInRange(&b) + if ok { + v[i].toMont() + continue forVec + } + } + return ErrMaxNumTries + } + + return nil +} + +func (v Vec) RandomSHA3(s *sha3.State) error { + for i := range v { + err := v[i].RandomSHA3(s) + if err != nil { + return err + } + } + + return nil +} + +func (v Vec) RandomSHA3Bytes(out []byte, s *sha3.State) error { + var b [Size]byte + var ok bool + +forVec: + for i := range v { + for range maxNumTries { + _, err := s.Read(b[:]) + if err != nil { + return err + } + + v[i], ok = isInRange(&b) + if ok { + out = append(out, b[:]...) + v[i].toMont() + continue forVec + } + } + + return ErrMaxNumTries + } + return nil +} + +func (v Vec) MarshalBinary() ([]byte, error) { + return conv.MarshalBinaryLen(v, v.Size()) +} + +func (v Vec) UnmarshalBinary(b []byte) error { + return conv.UnmarshalBinary(v, b) +} + +func (v Vec) Marshal(b *cryptobyte.Builder) error { + for i := range v { + v[i].Marshal(b) + } + return nil +} + +func (v Vec) Unmarshal(s *cryptobyte.String) bool{ + for i := range v { + if !v[i].Unmarshal(s) { + return false + } + } + return true +} + + +func isInRange(b *[Size]byte) (out [{{.NumUint64}}]uint64, ok bool) { + {{- if eq .Bits 64}} + out[0] = binary.LittleEndian.Uint64(b[:8]) + ok = out[0] < orderP0 + {{- else if eq .Bits 128}} + out[0] = binary.LittleEndian.Uint64(b[:8]) + out[1] = binary.LittleEndian.Uint64(b[8:]) + ok = out[1] < orderP1 || (out[1] == orderP1 && out[0] < orderP0) + {{- end }} + return +} + +func mustSameLen[T ~[]E, E any](x, y T) { + if len(x) != len(y) { + panic(ErrMatchLen) + } +} + +func mustSumLen[T ~[]E, E any](z, x, y T) { + if len(z) != len(x)+len(y)-1 { + panic(ErrMatchLen) + } +} diff --git a/vdaf/prio3/arith/vector_test.go b/vdaf/prio3/arith/vector_test.go new file mode 100644 index 00000000..93cc3a36 --- /dev/null +++ b/vdaf/prio3/arith/vector_test.go @@ -0,0 +1,158 @@ +package arith + +import ( + "crypto/rand" + "io" + "slices" + "testing" + + "github.com/cloudflare/circl/internal/sha3" + "github.com/cloudflare/circl/internal/test" +) + +func testVec[V Vec[V, E], E EltTest, F Fp[E]](t *testing.T) { + t.Run("marshal", marshalVec[V, E, F]) + t.Run("bitRepresentation", bitRepresentation[V, E, F]) + t.Run("random", random[V, E, F]) +} + +func marshalVec[V Vec[V, E], E EltTest, F Fp[E]](t *testing.T) { + const N = 4 + x := NewVec[V](N) + y := NewVec[V](N) + for i := 0; i < testTimes; i++ { + mustRead(t, x) + s, err := x.MarshalBinary() + test.CheckNoErr(t, err, "MarshalBinary failed") + test.CheckOk(uint(len(s)) == x.Size(), "wrong byte length", t) + + err = y.UnmarshalBinary(s) + test.CheckNoErr(t, err, "UnmarshalBinary failed") + if !slices.Equal(x, y) { + test.ReportError(t, x, y) + } + + // check for invalid size + err = y.UnmarshalBinary(s[1:]) + test.CheckIsErr(t, err, "UnmarshalBinary should failed") + } +} + +func bitRepresentation[V Vec[V, E], E Elt, F Fp[E]](t *testing.T) { + N := uint64(0x0F) + eightBits := NewVec[V](8) + err := eightBits.SplitBits(N) + test.CheckNoErr(t, err, "failed to split number in bits") + + for i := range eightBits { + if i < 4 { + test.CheckOk(F(&eightBits[i]).IsOne(), "vector element should be one", t) + } else { + test.CheckOk(F(&eightBits[i]).IsZero(), "vector element should be zero", t) + } + } + + num := eightBits.JoinBits() + test.CheckNoErr(t, err, "JoinBits failed") + + got, err := F(&num).GetUint64() + test.CheckNoErr(t, err, "failed to recover uint64") + + want := N + if got != want { + test.ReportError(t, got, want, eightBits, num) + } + + fourBits := NewVec[V](4) + err = fourBits.SplitBits(0xFF) + test.CheckIsErr(t, err, "SplitBits should return an error") +} + +func random[V Vec[V, E], E EltTest, F Fp[E]](t *testing.T) { + r := sha3.NewShake128() + v := NewVec[V](4) + err := v.Random(io.LimitReader(&r, 0)) + test.CheckIsErr(t, err, "generating random vector should failed") + + r.Reset() + got := NewVec[V](4) + err = got.Random(&r) + test.CheckNoErr(t, err, "Random failed") + + r.Reset() + want := NewVec[V](4) + err = want.RandomSHA3(&r) + test.CheckNoErr(t, err, "RandomSHA3 failed") + + if !slices.Equal(got, want) { + test.ReportError(t, got, want) + } +} + +func benchmarkVec[V Vec[V, E], E Elt, F Fp[E]](b *testing.B) { + const N = 1024 + k := F(new(E)) + x := NewVec[V](N) + z := NewVec[V](N) + + mustRead(b, k) + mustRead(b, x) + mustRead(b, z) + + const Bits = uint64(0x0F) + eightBits := NewVec[V](8) + _ = eightBits.SplitBits(Bits) + buf, _ := x.MarshalBinary() + + b.Run("MarshalBinary", func(b *testing.B) { + for i := 0; i < b.N; i++ { + _, _ = z.MarshalBinary() + } + }) + b.Run("UnmarshalBinary", func(b *testing.B) { + for i := 0; i < b.N; i++ { + _ = z.UnmarshalBinary(buf) + } + }) + b.Run("Random", func(b *testing.B) { + for i := 0; i < b.N; i++ { + _ = z.Random(rand.Reader) + } + }) + b.Run("RandomSHA3", func(b *testing.B) { + r := sha3.NewShake128() + for i := 0; i < b.N; i++ { + _ = z.RandomSHA3(&r) + } + }) + b.Run("AddAssign", func(b *testing.B) { + for i := 0; i < b.N; i++ { + z.AddAssign(x) + } + }) + b.Run("SubAssign", func(b *testing.B) { + for i := 0; i < b.N; i++ { + z.SubAssign(x) + } + }) + b.Run("ScalarMul", func(b *testing.B) { + for i := 0; i < b.N; i++ { + z.ScalarMul(k) + } + }) + b.Run("DotProduct", func(b *testing.B) { + for i := 0; i < b.N; i++ { + z.DotProduct(x) + } + }) + b.Run("SplitBits", func(b *testing.B) { + for i := 0; i < b.N; i++ { + _ = eightBits.SplitBits(Bits) + } + }) + b.Run("JoinBits", func(b *testing.B) { + for i := 0; i < b.N; i++ { + _ = eightBits.JoinBits() + } + }) +} diff --git a/vdaf/prio3/common_test.go b/vdaf/prio3/common_test.go new file mode 100644 index 00000000..910aac08 --- /dev/null +++ b/vdaf/prio3/common_test.go @@ -0,0 +1,110 @@ +package prio3 + +import ( + "bytes" + "encoding" + "encoding/hex" + "encoding/json" + "io" + "os" + "slices" + "testing" + + "github.com/cloudflare/circl/internal/conv" + "github.com/cloudflare/circl/internal/test" + "github.com/cloudflare/circl/vdaf/prio3/internal/prio3" + "golang.org/x/crypto/cryptobyte" +) + +type marshaler interface { + encoding.BinaryMarshaler + encoding.BinaryUnmarshaler +} + +func testMarshal[T any](t testing.TB, x *T, p *prio3.Params, extra ...uint) { + t.Helper() + bm := any(x).(marshaler) + b0, err := bm.MarshalBinary() + test.CheckNoErr(t, err, "first MarshalBinary failed") + + y := new(T) + yy, ok := any(y).(interface{ New(*prio3.Params) *T }) + if ok { + yy.New(p) + } else { + yy, ok := any(y).(interface{ New(*prio3.Params, uint) *T }) + if ok { + yy.New(p, extra[0]) + } + } + + bm = any(y).(marshaler) + err = bm.UnmarshalBinary(b0) + test.CheckNoErr(t, err, "UnmarshalBinary failed") + + b1, err := bm.MarshalBinary() + test.CheckNoErr(t, err, "second MarshalBinary failed") + + if !bytes.Equal(b0, b1) { + test.ReportError(t, b0, b1) + } + + // check for invalid size + err = bm.UnmarshalBinary(nil) + test.CheckIsErr(t, err, "UnmarshalBinary should failed") +} + +type Hex []byte + +func (b *Hex) UnmarshalJSON(data []byte) (err error) { + var s string + if err = json.Unmarshal(data, &s); err != nil { + return err + } + *b, err = hex.DecodeString(s) + return err +} + +func readFile[V any](t *testing.T, fileName string) (v V) { + t.Helper() + jsonFile, err := os.Open(fileName) + if err != nil { + t.Fatalf("File %v can not be opened. Error: %v", fileName, err) + } + defer jsonFile.Close() + input, err := io.ReadAll(jsonFile) + if err != nil { + t.Fatalf("File %v can not be read. Error: %v", fileName, err) + } + + err = json.Unmarshal(input, &v) + if err != nil { + t.Fatalf("File %v can not be loaded. Error: %v", fileName, err) + } + + return +} + +func checkEqual[T any](t *testing.T, a T, b []byte) { + t.Helper() + aa, err := conv.MarshalBinary(any(a).(cryptobyte.MarshalingValue)) + if err != nil { + t.Fatal(err) + } + + if !bytes.Equal(aa, b) { + test.ReportError(t, hex.EncodeToString(aa), hex.EncodeToString(b)) + } +} + +func isEqual[T any](t *testing.T, a, b T) bool { + switch aa := any(a).(type) { + case uint64: + return aa == any(b).(uint64) + case []uint64: + return slices.Equal(aa, any(b).([]uint64)) + default: + t.Fatalf("unrecognized aggregate type: %T\n", a) + return false + } +} diff --git a/vdaf/prio3/count/count.go b/vdaf/prio3/count/count.go new file mode 100644 index 00000000..846390a0 --- /dev/null +++ b/vdaf/prio3/count/count.go @@ -0,0 +1,121 @@ +// Package count is a VDAF for counting boolean measurements. +package count + +import ( + "github.com/cloudflare/circl/vdaf/prio3/arith" + "github.com/cloudflare/circl/vdaf/prio3/arith/fp64" + "github.com/cloudflare/circl/vdaf/prio3/internal/flp" + "github.com/cloudflare/circl/vdaf/prio3/internal/prio3" +) + +type ( + poly = fp64.Poly + Vec = fp64.Vec + Fp = fp64.Fp + AggShare = prio3.AggShare[Vec, Fp] + InputShare = prio3.InputShare[Vec, Fp] + OutShare = prio3.OutShare[Vec, Fp] + PrepShare = prio3.PrepShare[Vec, Fp] + PrepState = prio3.PrepState[Vec, Fp] +) + +// Count is a verifiable distributed aggregation function in which each +// measurement is either one or zero and the aggregate result is the sum of +// the measurements. +type Count struct { + p prio3.Prio3[bool, uint64, *flpCount, Vec, Fp, *Fp] +} + +func New(numShares uint8, context []byte) (c *Count, err error) { + const countID uint8 = 1 + c = new(Count) + c.p, err = prio3.New(newFlpCount(), countID, numShares, context) + if err != nil { + return nil, err + } + + return c, nil +} + +func (c *Count) Params() prio3.Params { return c.p.Params() } + +func (c *Count) Shard(measurement bool, nonce *prio3.Nonce, rand []byte, +) (prio3.PublicShare, []InputShare, error) { + return c.p.Shard(measurement, nonce, rand) +} + +func (c *Count) PrepInit( + verifyKey *prio3.VerifyKey, + nonce *prio3.Nonce, + aggID uint8, + publicShare prio3.PublicShare, + inputShare InputShare, +) (*PrepState, *PrepShare, error) { + return c.p.PrepInit(verifyKey, nonce, aggID, publicShare, inputShare) +} + +func (c *Count) PrepSharesToPrep(prepShares []PrepShare) (*prio3.PrepMessage, error) { + return c.p.PrepSharesToPrep(prepShares) +} + +func (c *Count) PrepNext(state *PrepState, msg *prio3.PrepMessage) (*OutShare, error) { + return c.p.PrepNext(state, msg) +} + +func (c *Count) AggregationInit() AggShare { return c.p.AggregationInit() } + +func (c *Count) AggregationUpdate(aggShare *AggShare, outShare *OutShare) { + c.p.AggregationUpdate(aggShare, outShare) +} + +func (c *Count) Unshard(aggShares []AggShare, numMeas uint) (aggregate *uint64, err error) { + return c.p.Unshard(aggShares, numMeas) +} + +type flpCount struct { + flp.FLP[flp.GadgetMulFp64, poly, Vec, Fp, *Fp] +} + +func newFlpCount() *flpCount { + c := new(flpCount) + c.Valid.MeasurementLen = 1 + c.Valid.JointRandLen = 0 + c.Valid.OutputLen = 1 + c.Valid.EvalOutputLen = 1 + c.Gadget = flp.GadgetMulFp64{} + c.NumCalls = 1 + c.FLP.Eval = c.Eval + return c +} + +func (c *flpCount) Eval( + out Vec, g flp.Gadget[poly, Vec, Fp, *Fp], _numCalls uint, + meas, _jointRand Vec, _shares uint8, +) { + g.Eval(&out[0], Vec{meas[0], meas[0]}) + out[0].SubAssign(&meas[0]) +} + +func (c *flpCount) Encode(measurement bool) (Vec, error) { + out := arith.NewVec[Vec](1) + if measurement { + out[0].SetOne() + } + + return out, nil +} + +func (c *flpCount) Truncate(meas Vec) Vec { return meas } + +func (c *flpCount) Decode(output Vec, numMeas uint) (*uint64, error) { + if len(output) < int(c.Valid.OutputLen) { + return nil, flp.ErrOutputLen + } + + n, err := output[0].GetUint64() + if err != nil { + return nil, err + } + + return &n, nil +} diff --git a/vdaf/prio3/doc.go b/vdaf/prio3/doc.go new file mode 100644 index 00000000..cd82a039 --- /dev/null +++ b/vdaf/prio3/doc.go @@ -0,0 +1,13 @@ +// Package prio3 implements Prio3 a set of Verifiable Distributed +// Aggregation Functions. +// +// Prio3 provides several variants of Verifiable Distributed Aggregation +// Functions (VDAF) as described in draft-irtf-cfrg-vdaf [v13] +// - Count [github.com/cloudflare/circl/vdaf/prio3/count] +// - Sum [github.com/cloudflare/circl/vdaf/prio3/sum] +// - SumVec [github.com/cloudflare/circl/vdaf/prio3/sumvec] +// - Histogram [github.com/cloudflare/circl/vdaf/prio3/mhcv] +// - MultiHotCountVec [github.com/cloudflare/circl/vdaf/prio3/histogram] +// +// [v13]: https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-vdaf-13 +package prio3 diff --git a/vdaf/prio3/histogram/histogram.go b/vdaf/prio3/histogram/histogram.go new file mode 100644 index 00000000..4f6fab03 --- /dev/null +++ b/vdaf/prio3/histogram/histogram.go @@ -0,0 +1,137 @@ +// Package histogram is a VDAF for aggregating integer measurements into buckets. +package histogram + +import ( + "github.com/cloudflare/circl/vdaf/prio3/arith" + "github.com/cloudflare/circl/vdaf/prio3/arith/fp128" + "github.com/cloudflare/circl/vdaf/prio3/internal/flp" + "github.com/cloudflare/circl/vdaf/prio3/internal/prio3" +) + +type ( + poly = fp128.Poly + Vec = fp128.Vec + Fp = fp128.Fp + AggShare = prio3.AggShare[Vec, Fp] + InputShare = prio3.InputShare[Vec, Fp] + OutShare = prio3.OutShare[Vec, Fp] + PrepShare = prio3.PrepShare[Vec, Fp] + PrepState = prio3.PrepState[Vec, Fp] +) + +// Histogram is a verifiable distributed aggregation function in which each +// measurement increments by one the histogram bucket, out of a set of fixed +// buckets, and the aggregate result counts the number of measurements in each +// bucket. +type Histogram struct { + p prio3.Prio3[uint64, []uint64, *flpHistogram, Vec, Fp, *Fp] +} + +func New(numShares uint8, length, chunkLen uint, context []byte) (h *Histogram, err error) { + const histogramID uint8 = 4 + h = new(Histogram) + h.p, err = prio3.New(newFlpHistogram(length, chunkLen), histogramID, numShares, context) + if err != nil { + return nil, err + } + + return h, nil +} + +func (h *Histogram) Params() prio3.Params { return h.p.Params() } + +func (h *Histogram) Shard(measurement uint64, nonce *prio3.Nonce, rand []byte, +) (prio3.PublicShare, []InputShare, error) { + return h.p.Shard(measurement, nonce, rand) +} + +func (h *Histogram) PrepInit( + verifyKey *prio3.VerifyKey, + nonce *prio3.Nonce, + aggID uint8, + publicShare prio3.PublicShare, + inputShare InputShare, +) (*PrepState, *PrepShare, error) { + return h.p.PrepInit(verifyKey, nonce, aggID, publicShare, inputShare) +} + +func (h *Histogram) PrepSharesToPrep(prepShares []PrepShare) (*prio3.PrepMessage, error) { + return h.p.PrepSharesToPrep(prepShares) +} + +func (h *Histogram) PrepNext(state *PrepState, msg *prio3.PrepMessage) (*OutShare, error) { + return h.p.PrepNext(state, msg) +} + +func (h *Histogram) AggregationInit() AggShare { return h.p.AggregationInit() } + +func (h *Histogram) AggregationUpdate(aggShare *AggShare, outShare *OutShare) { + h.p.AggregationUpdate(aggShare, outShare) +} + +func (h *Histogram) Unshard(aggShares []AggShare, numMeas uint) (aggregate *[]uint64, err error) { + return h.p.Unshard(aggShares, numMeas) +} + +type flpHistogram struct { + flp.FLP[flp.GadgetParallelSum, poly, Vec, Fp, *Fp] + length uint + chunkLen uint +} + +func newFlpHistogram(length, chunkLen uint) *flpHistogram { + h := new(flpHistogram) + numCalls := (length + chunkLen - 1) / chunkLen + h.length = length + h.chunkLen = chunkLen + h.Valid.MeasurementLen = length + h.Valid.JointRandLen = numCalls + h.Valid.OutputLen = length + h.Valid.EvalOutputLen = 2 + h.Gadget = flp.GadgetParallelSum{Count: chunkLen} + h.NumCalls = numCalls + h.FLP.Eval = h.Eval + return h +} + +func (h *flpHistogram) Eval(out Vec, g flp.Gadget[poly, Vec, Fp, *Fp], numCalls uint, meas, jointRand Vec, shares uint8) { + var invShares Fp + invShares.InvUint64(uint64(shares)) + out[0] = flp.RangeCheck(g, numCalls, h.chunkLen, &invShares, meas, jointRand) + + sumCheck := &out[1] + sumCheck.SubAssign(&invShares) + for i := range meas { + sumCheck.AddAssign(&meas[i]) + } +} + +func (h *flpHistogram) Encode(measurement uint64) (out Vec, err error) { + if measurement > uint64(h.length) { + return nil, flp.ErrMeasurementValue + } + + out = arith.NewVec[Vec](h.Valid.MeasurementLen) + out[measurement].SetOne() + + return +} + +func (h *flpHistogram) Truncate(meas Vec) Vec { return meas } + +func (h *flpHistogram) Decode(output Vec, numMeas uint) (*[]uint64, error) { + if len(output) < int(h.Valid.OutputLen) { + return nil, flp.ErrOutputLen + } + + var err error + out := make([]uint64, len(output)) + for i := range output { + out[i], err = output[i].GetUint64() + if err != nil { + return nil, err + } + } + + return &out, nil +} diff --git a/vdaf/prio3/internal/cursor/cursor.go b/vdaf/prio3/internal/cursor/cursor.go new file mode 100644 index 00000000..fb3fa45f --- /dev/null +++ b/vdaf/prio3/internal/cursor/cursor.go @@ -0,0 +1,15 @@ +// Package cursor aids with iteration of slices. +package cursor + +type Cursor[V ~[]E, E any] []E + +func New[V ~[]E, E any](x V) Cursor[V, E] { return Cursor[V, E](x) } + +// Next return an slice of size n and advances the pointer. +func (s *Cursor[V, E]) Next(n uint) (out V) { + if uint(len(*s)) >= n { + out = V(*s)[:n] + *s = (*s)[n:] + } + return +} diff --git a/vdaf/prio3/internal/flp/flp.go b/vdaf/prio3/internal/flp/flp.go new file mode 100644 index 00000000..d497df66 --- /dev/null +++ b/vdaf/prio3/internal/flp/flp.go @@ -0,0 +1,144 @@ +// Package flp provides a Fully-Linear Proof (FLP) system. +package flp + +import ( + "errors" + + "github.com/cloudflare/circl/vdaf/prio3/arith" + "github.com/cloudflare/circl/vdaf/prio3/internal/cursor" +) + +// FLP is an instance of a FLP by Boneh et al. Crypto, 2019 paper +// "Zero-Knowledge Proofs on Secret-Shared Data via Fully Linear PCPs", +// https://ia.cr/2019/188 +// plus some changes described in VDAFs CFRG draft. +// https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-vdaf-13#section-7.1 +type FLP[ + G Gadget[P, V, E, F], + P arith.Poly[P, E], V arith.Vec[V, E], E arith.Elt, F arith.Fp[E], +] struct { + // Eval evaluates the arithmetic circuit on a measurement and joint randomness. + Eval func(out V, g Gadget[P, V, E, F], numCalls uint, meas, jointRand V, shares uint8) + Valid[G, P, V, E, F] +} + +// Prove returns a proof attesting validity to the given measurement. +// Prove randomness must be provided. +// Some statements may require joint randomness too. +// +// https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-vdaf-13#section-7.3.3 +func (f *FLP[G, P, V, E, F]) Prove(meas, proveRand, jointRand V) V { + proof := arith.NewVec[V](f.ProofLength()) + proofCur := cursor.New(proof) + + g := f.Valid.wrapProve(proveRand) + out := arith.NewVec[V](f.EvalOutputLength()) + f.Eval(out, g, f.Valid.NumCalls, meas, jointRand, 1) + + invN := F(new(E)) + invN.InvTwoN(g.log2p) // since p is always a power of 2. + + arity := g.Arity() + wirePoly := make([]P, arity) + wirePolyN := arith.NewVec[V](arity * g.p) + wirePolyNCur := cursor.New(wirePolyN) + wiresCur := cursor.New(g.wires) + for i := range wirePoly { + wire := wiresCur.Next(g.p) + wirePolyI := wirePolyNCur.Next(g.p) + wirePolyI.InvNTT(wire) + // Extracts the constant factor (1/N) to be multiplied after + // polynomial interpolation. + wirePolyI.ScalarMul(invN) + wirePoly[i] = P(wirePolyI) + proofCur.Next(1)[0] = wire[0] + } + + gadgetPoly := P(proofCur.Next(f.gadgetPolyLen())) + g.EvalPoly(gadgetPoly, wirePoly) + return proof +} + +// Query is the linear Query algorithm run by the verifier on a share of the +// measurement and proof. +// Query randomness must be provided. +// Some statements may require joint randomness too. +// +// https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-vdaf-13#section-7.3.4 +func (f *FLP[G, P, V, E, F]) Query( + measShare, proofShare, queryRand, jointRand V, numShares uint8, +) (verifierMsg V, err error) { + verifierMsg = arith.NewVec[V](f.VerifierLength()) + verifierCur := cursor.New(verifierMsg) + queryRandCur := cursor.New(queryRand) + + g := f.Valid.wrapQuery(proofShare) + outLen := f.EvalOutputLength() + out := arith.NewVec[V](outLen) + f.Eval(out, g, f.Valid.NumCalls, measShare, jointRand, numShares) + + v := verifierCur.Next(1) + if outLen > 1 { + v[0] = out.DotProduct(queryRandCur.Next(outLen)) + } else { + v[0] = out[0] + } + + // Check that t^p != 1. Since p=2^log2p, this requires log2P squares. + t := &queryRandCur.Next(1)[0] + tp := F(new(E)) + *tp = *t + for range g.log2p { + tp.Sqr(tp) + } + + if tp.IsOne() { + return nil, ErrInvalidEval + } + + invN := F(new(E)) + invN.InvTwoN(g.log2p) + + wireChecks := verifierCur.Next(g.Arity()) + wirePoly := arith.NewPoly[P](g.p - 1) + wirei := cursor.New(g.wires) + for i := range wireChecks { + V(wirePoly).InvNTT(wirei.Next(g.p)) + wireChecks[i] = wirePoly.Evaluate(t) + // Extracts the constant factor (1/N) to be multiplied after + // polynomial interpolation and evaluation. + F(&wireChecks[i]).MulAssign(invN) + } + + gadgetCheck := &verifierCur.Next(1)[0] + *gadgetCheck = g.poly.Evaluate(t) + return verifierMsg, nil +} + +// Decide returns true if the measurement from which it was generated is valid. +// +// https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-vdaf-13#section-7.3.5 +func (f *FLP[G, P, V, E, F]) Decide(verifierMsg V) bool { + if len(verifierMsg) != int(f.VerifierLength()) { + return false + } + + verifierMsgCur := cursor.New(verifierMsg) + v := F(&verifierMsgCur.Next(1)[0]) + if !v.IsZero() { + return false + } + + wireChecks := verifierMsgCur.Next(f.Valid.Gadget.Arity()) + gadgetCheck := &verifierMsgCur.Next(1)[0] + check := F(new(E)) + f.Valid.Gadget.Eval(check, wireChecks) + return check.IsEqual(gadgetCheck) +} + +var ( + ErrOutputLen = errors.New("wrong output length") + ErrMeasurementLen = errors.New("invalid measurement length") + ErrMeasurementValue = errors.New("invalid measurement value") + ErrInvalidEval = errors.New("invalid evaluation point") +) diff --git a/vdaf/prio3/internal/flp/gadgets.go b/vdaf/prio3/internal/flp/gadgets.go new file mode 100644 index 00000000..64e20138 --- /dev/null +++ b/vdaf/prio3/internal/flp/gadgets.go @@ -0,0 +1,140 @@ +package flp + +import ( + "github.com/cloudflare/circl/vdaf/prio3/arith" + "github.com/cloudflare/circl/vdaf/prio3/arith/fp128" + "github.com/cloudflare/circl/vdaf/prio3/arith/fp64" + "github.com/cloudflare/circl/vdaf/prio3/internal/cursor" +) + +type Gadget[ + P arith.Poly[P, E], V arith.Vec[V, E], E arith.Elt, F arith.Fp[E], +] interface { + // Arity is the number of input wires. + Arity() uint + // Degree is the arithmetic degree of the gadget circuit. + Degree() uint + // Eval is evaluates the gadget over the given inputs. + Eval(out *E, in V) + // EvalPoly is evaluates the circuit over the polynomial ring of the field. + EvalPoly(out P, in []P) +} + +type gadgetMul struct{} + +func (gadgetMul) Arity() uint { return 2 } +func (gadgetMul) Degree() uint { return 2 } + +type GadgetMulFp64 struct{ gadgetMul } + +func (GadgetMulFp64) Eval(out *fp64.Fp, in fp64.Vec) { + out.Mul(&in[0], &in[1]) +} + +func (GadgetMulFp64) EvalPoly(out fp64.Poly, in []fp64.Poly) { + out.Mul(in[0], in[1]) +} + +type gadgetMulFp128 struct{ gadgetMul } + +func (gadgetMulFp128) Eval(out *fp128.Fp, in fp128.Vec) { + out.Mul(&in[0], &in[1]) +} + +func (gadgetMulFp128) EvalPoly(out fp128.Poly, in []fp128.Poly) { + out.Mul(in[0], in[1]) +} + +// PolyEval gadget for p(x) = x^2-x. +type GadgetPolyEvalx2x struct{} + +func (GadgetPolyEvalx2x) Arity() uint { return 1 } +func (GadgetPolyEvalx2x) Degree() uint { return 2 } +func (GadgetPolyEvalx2x) Eval(out *fp64.Fp, in fp64.Vec) { + out.Sqr(&in[0]) + out.SubAssign(&in[0]) +} + +func (GadgetPolyEvalx2x) EvalPoly(out fp64.Poly, in []fp64.Poly) { + out.Sqr(in[0]) + outShort := out[:len(in[0])] + outShort.SubAssign(in[0]) + out.Strip() +} + +type GadgetParallelSum struct { + inner gadgetMulFp128 + Count uint +} + +func (g GadgetParallelSum) Arity() uint { return g.inner.Arity() * g.Count } +func (g GadgetParallelSum) Degree() uint { return g.inner.Degree() } +func (g GadgetParallelSum) Eval(out *fp128.Fp, in fp128.Vec) { + inCur := cursor.New(in) + arity := g.inner.Arity() + var e fp128.Fp + for range g.Count { + g.inner.Eval(&e, inCur.Next(arity)) + out.AddAssign(&e) + } +} + +func (g GadgetParallelSum) EvalPoly(out fp128.Poly, in []fp128.Poly) { + inCur := cursor.New(in) + arity := g.inner.Arity() + e := arith.NewPoly[fp128.Poly](uint(len(out) - 1)) + for range g.Count { + g.inner.EvalPoly(e, inCur.Next(arity)) + out.AddAssign(e) + } + + out.Strip() +} + +type wrapperGadget[ + G Gadget[P, V, E, F], + P arith.Poly[P, E], V arith.Vec[V, E], E arith.Elt, F arith.Fp[E], +] struct { + inner G + wires V + p, log2p uint + k uint +} + +func (g *wrapperGadget[G, P, V, E, F]) Arity() uint { return g.inner.Arity() } +func (g *wrapperGadget[G, P, V, E, F]) Degree() uint { return g.inner.Degree() } +func (g *wrapperGadget[G, P, V, E, F]) EvalPoly(out P, in []P) { g.inner.EvalPoly(out, in) } +func (g *wrapperGadget[G, P, V, E, F]) eval(input V) { + g.k++ + wiresCur := cursor.New(g.wires) + for i := range input { + wiresCur.Next(g.p)[g.k] = input[i] + } +} + +type ProveGadget[ + G Gadget[P, V, E, F], + P arith.Poly[P, E], V arith.Vec[V, E], E arith.Elt, F arith.Fp[E], +] struct { + wrapperGadget[G, P, V, E, F] +} + +func (g *ProveGadget[G, P, V, E, F]) Eval(out *E, input V) { + g.wrapperGadget.eval(input) + g.inner.Eval(out, input) +} + +type QueryGadget[ + G Gadget[P, V, E, F], + P arith.Poly[P, E], V arith.Vec[V, E], E arith.Elt, F arith.Fp[E], +] struct { + poly P + alpha, alphaK E + wrapperGadget[G, P, V, E, F] +} + +func (g *QueryGadget[G, P, V, E, F]) Eval(out *E, input V) { + g.wrapperGadget.eval(input) + F(&g.alphaK).MulAssign(&g.alpha) + *out = g.poly.Evaluate(&g.alphaK) +} diff --git a/vdaf/prio3/internal/flp/valid.go b/vdaf/prio3/internal/flp/valid.go new file mode 100644 index 00000000..ab11cea3 --- /dev/null +++ b/vdaf/prio3/internal/flp/valid.go @@ -0,0 +1,97 @@ +package flp + +import ( + "github.com/cloudflare/circl/math" + "github.com/cloudflare/circl/vdaf/prio3/arith" + "github.com/cloudflare/circl/vdaf/prio3/arith/fp128" + "github.com/cloudflare/circl/vdaf/prio3/internal/cursor" +) + +type Params struct { + MeasurementLen uint + JointRandLen uint + EvalOutputLen uint + OutputLen uint +} + +func (p Params) MeasurementLength() uint { return p.MeasurementLen } +func (p Params) JointRandLength() uint { return p.JointRandLen } +func (p Params) OutputLength() uint { return p.OutputLen } +func (p Params) EvalOutputLength() uint { return p.EvalOutputLen } +func (p Params) QueryRandLength() uint { return 1 + p.EvalOutputLen } + +type Valid[ + G Gadget[P, V, E, F], + P arith.Poly[P, E], V arith.Vec[V, E], E arith.Elt, F arith.Fp[E], +] struct { + Gadget G // Gadget to be evaluated + NumCalls uint // Number of times each gadget is called. + Params +} + +func (v *Valid[G, P, V, E, F]) ProveRandLength() uint { return v.Gadget.Arity() } +func (v *Valid[G, P, V, E, F]) ProofLength() uint { return v.Gadget.Arity() + v.gadgetPolyLen() } +func (v *Valid[G, P, V, E, F]) VerifierLength() uint { return 1 + 1 + v.Gadget.Arity() } +func (v *Valid[G, P, V, E, F]) gadgetPolyLen() uint { + p, _ := math.NextPow2(1 + v.NumCalls) + return 1 + v.Gadget.Degree()*(p-1) +} + +func (v *Valid[G, P, V, E, F]) wrapProve(proveRand V) *ProveGadget[G, P, V, E, F] { + g := new(ProveGadget[G, P, V, E, F]) + proveRandCur := cursor.New(proveRand) + wireSeeds := proveRandCur.Next(v.Gadget.Arity()) + g.wrapperGadget = v.wrap(wireSeeds) + return g +} + +func (v *Valid[G, P, V, E, F]) wrapQuery(proof V) *QueryGadget[G, P, V, E, F] { + g := new(QueryGadget[G, P, V, E, F]) + proofCur := cursor.New(proof) + wireSeeds := proofCur.Next(v.Gadget.Arity()) + g.wrapperGadget = v.wrap(wireSeeds) + g.poly = P(proofCur.Next(v.gadgetPolyLen())) + F(&g.alpha).SetRootOfUnityTwoN(g.log2p) + F(&g.alphaK).SetOne() + return g +} + +func (v *Valid[G, P, V, E, F]) wrap(wireSeeds V) (g wrapperGadget[G, P, V, E, F]) { + g.inner = v.Gadget + g.p, g.log2p = math.NextPow2(1 + v.NumCalls) + g.wires = arith.NewVec[V](uint(len(wireSeeds)) * g.p) + wiresCur := cursor.New(g.wires) + for i := range wireSeeds { + wiresCur.Next(g.p)[0] = wireSeeds[i] + } + return +} + +func RangeCheck( + g Gadget[fp128.Poly, fp128.Vec, fp128.Fp, *fp128.Fp], + numCalls uint, + chunkLen uint, sharesInv *fp128.Fp, + meas, jointRand fp128.Vec, +) (out fp128.Fp) { + inputs := arith.NewVec[fp128.Vec](2 * chunkLen) + var evalOut, rPower fp128.Fp + for i := range numCalls { + rPower.SetOne() + for j := range chunkLen { + index := i*chunkLen + j + var measElem fp128.Fp + if index < uint(len(meas)) { + measElem = meas[index] + } + + rPower.MulAssign(&jointRand[i]) + inputs[2*j+0].Mul(&rPower, &measElem) + inputs[2*j+1].Sub(&measElem, sharesInv) + } + + g.Eval(&evalOut, inputs) + out.AddAssign(&evalOut) + } + + return out +} diff --git a/vdaf/prio3/internal/prio3/prio3.go b/vdaf/prio3/internal/prio3/prio3.go new file mode 100644 index 00000000..7600d447 --- /dev/null +++ b/vdaf/prio3/internal/prio3/prio3.go @@ -0,0 +1,537 @@ +// Package prio3 supports a variety of verifiable distributed aggregation functions. +// +// Clients protect the privacy of their measurements by secret sharing them +// and distributing the shares among the Aggregators. +// To ensure each measurement is valid, the Aggregators run a multi-party +// computation on their shares, the result of which is the output of the +// arithmetic circuit. +// This involves verification of a Fully Linear Proof (FLP) which specify +// the types of measurements. +// +// https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-vdaf-13#section-7 +package prio3 + +import ( + "crypto/subtle" + "errors" + + "github.com/cloudflare/circl/vdaf/prio3/arith" + "github.com/cloudflare/circl/vdaf/prio3/internal/cursor" +) + +// Number of proofs to generate. +const numProofs = 1 + +// Prio3 supports a variety of verifiable distributed aggregation functions. +// An instance is parametrized by the type of measurement and aggregated data, +// as well as the field to perform arithmetic operations. +type Prio3[ + Measurement, Aggregate any, + T flp[Measurement, Aggregate, V, E, F], + V arith.Vec[V, E], E arith.Elt, F arith.Fp[E], +] struct { + flp T + xof xofTS[V, E] + randSize uint + shares uint8 +} + +func New[ + T flp[Measurement, Aggregate, V, E, F], + Measurement, Aggregate any, + V arith.Vec[V, E], E arith.Elt, F arith.Fp[E], +](f T, id uint8, numShares uint8, context []byte, +) (v Prio3[Measurement, Aggregate, T, V, E, F], err error) { + if numShares < 2 { + return v, ErrNumShares + } + + v.flp = f + v.xof, err = NewXof[V, E](uint32(id), context) + if err != nil { + return v, err + } + + v.shares = numShares + v.randSize = SeedSize * uint(numShares) + if f.JointRandLength() > 0 { + v.randSize *= 2 + } + + return v, nil +} + +// Shard takes a measurement and return a set of shares and a public share +// used for verification. +// +// https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-vdaf-13#section-7.2.1 +func (v *Prio3[M, A, T, V, E, F]) Shard( + measurement M, nonce *Nonce, rand []byte, +) (PublicShare, []InputShare[V, E], error) { + if len(rand) != int(v.randSize) { + return nil, nil, ErrRandSize + } + + meas, err := v.flp.Encode(measurement) + if err != nil { + return nil, nil, err + } + + if v.flp.JointRandLength() == 0 { + inputShare, err := v.shardNoJointRand(meas, rand) + return nil, inputShare, err + } else { + return v.shardWithJointRand(meas, nonce, rand) + } +} + +// FLPs Without Joint Randomness. +// +// https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-vdaf-13#section-7.2.1.1 +func (v *Prio3[M, A, T, V, E, F]) shardNoJointRand( + meas V, seeds []byte, +) ([]InputShare[V, E], error) { + // Each Aggregator's input share contains its measurement share + // and its share of the proof(s). + params := v.Params() + inputShares := make([]InputShare[V, E], v.shares) + inputShares[0].leader = new(InputShareLeader[V, E]).New(¶ms) + + seedsCur := cursor.New(seeds) + for i := 1; i < len(inputShares); i++ { + inputShares[i].helper = &InputShareHelper{ + share: Seed(seedsCur.Next(SeedSize)), + blind: nil, + } + } + + // Generate proof of valid measurement. + proveSeed := Seed(seedsCur.Next(SeedSize)) + proveRands := arith.NewVec[V](params.ProveRandLength() * numProofs) + err := v.xof.proveRands(proveRands, &proveSeed) + if err != nil { + return nil, err + } + + proveRand := proveRands[:params.ProveRandLength()] + proof := v.flp.Prove(meas, proveRand, nil) + + // Shard the encoded measurement and proof into shares. + copy(inputShares[0].leader.measShare, meas) + copy(inputShares[0].leader.proofShare, proof) + m := arith.NewVec[V](params.MeasurementLength()) + p := arith.NewVec[V](params.ProofLength() * numProofs) + for i := 1; i < len(inputShares); i++ { + share := &inputShares[i].helper.share + err = v.xof.helperMeasShare(m, uint8(i), share) + if err != nil { + return nil, err + } + + inputShares[0].leader.measShare.SubAssign(m) + + err = v.xof.helperProofsShare(p, uint8(i), share) + if err != nil { + return nil, err + } + + inputShares[0].leader.proofShare.SubAssign(p) + } + + return inputShares, nil +} + +// FLPs With Joint Randomness. +// +// https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-vdaf-13#section-7.2.1.2 +func (v *Prio3[M, A, T, V, E, F]) shardWithJointRand( + meas V, nonce *Nonce, seeds []byte, +) (PublicShare, []InputShare[V, E], error) { + // Each Aggregator's input share contains its measurement share, + // share of proof(s), and blind. The public share contains the + // Aggregators' joint randomness parts. + params := v.Params() + inputShares := make([]InputShare[V, E], v.shares) + inputShares[0].leader = new(InputShareLeader[V, E]).New(¶ms) + + seedsCur := cursor.New(seeds) + for i := 1; i < len(inputShares); i++ { + inputShares[i].helper = &InputShareHelper{ + share: Seed(seedsCur.Next(SeedSize)), + blind: (*Seed)(seedsCur.Next(SeedSize)), + } + } + inputShares[0].leader.blind = (*Seed)(seedsCur.Next(SeedSize)) + + // Shard the encoded measurement into shares and compute the + // joint randomness parts. + copy(inputShares[0].leader.measShare, meas) + + var jointRandParts PublicShare + jointRandParts.New(¶ms) + jointRandPartsCur := cursor.New(jointRandParts) + jrpLeader := jointRandPartsCur.Next(SeedSize) + + m := arith.NewVec[V](params.MeasurementLength()) + encM := make([]byte, m.Size()) + for i := 1; i < len(inputShares); i++ { + err := v.xof.helperMeasShareEnc( + encM[:0], m, uint8(i), &inputShares[i].helper.share) + if err != nil { + return nil, nil, err + } + + err = v.xof.jointRandPart(jointRandPartsCur.Next(SeedSize), + inputShares[i].helper.blind, uint8(i), nonce, encM) + if err != nil { + return nil, nil, err + } + + inputShares[0].leader.measShare.SubAssign(m) + } + + // Calculate leader's jointRandPart after leader's measurementShare + // has been calculated. + measShareEnc, err := inputShares[0].leader.measShare.MarshalBinary() + if err != nil { + return nil, nil, err + } + + err = v.xof.jointRandPart( + jrpLeader, inputShares[0].leader.blind, 0, nonce, measShareEnc) + if err != nil { + return nil, nil, err + } + + // Generate proof of valid measurement. + proveSeed := Seed(seedsCur.Next(SeedSize)) + proveRands := arith.NewVec[V](params.ProveRandLength() * numProofs) + err = v.xof.proveRands(proveRands, &proveSeed) + if err != nil { + return nil, nil, err + } + + proveRand := proveRands[:params.ProveRandLength()] + + jrSeed, err := v.xof.jointRandSeed(jointRandParts) + if err != nil { + return nil, nil, err + } + + jointRands := arith.NewVec[V](params.JointRandLength() * numProofs) + err = v.xof.jointRands(jointRands, &jrSeed) + if err != nil { + return nil, nil, err + } + + jointRand := jointRands[:params.JointRandLength()] + proof := v.flp.Prove(meas, proveRand, jointRand) + + // Shard the proof into shares. + copy(inputShares[0].leader.proofShare, proof) + p := arith.NewVec[V](params.ProofLength() * numProofs) + for i := 1; i < len(inputShares); i++ { + err = v.xof.helperProofsShare(p, uint8(i), &inputShares[i].helper.share) + if err != nil { + return nil, nil, err + } + + inputShares[0].leader.proofShare.SubAssign(p) + } + + return jointRandParts, inputShares, nil +} + +// PrepInit used by aggregator for preparation phase. +// +// https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-vdaf-13#section-7.2.2 +func (v *Prio3[M, A, T, V, E, F]) PrepInit( + verifyKey *VerifyKey, nonce *Nonce, aggID uint8, + ps PublicShare, inputShare InputShare[V, E], +) (*PrepState[V, E], *PrepShare[V, E], error) { + params := v.Params() + if aggID > v.shares { + return nil, nil, ErrAggID + } + + share, err := v.getInputShareContent(aggID, inputShare, ¶ms) + if err != nil { + return nil, nil, err + } + + prepShare := new(PrepShare[V, E]) + prepState := new(PrepState[V, E]) + prepState.outShare = v.flp.Truncate(share.measShare) + + // Compute the joint randomness. + var jointRand V + jointRandLen := params.JointRandLength() + if jointRandLen > 0 { + if share.blind == nil || len(ps) == 0 { + return nil, nil, ErrJointRand + } + + var measShareEnc []byte + measShareEnc, err = share.measShare.MarshalBinary() + if err != nil { + return nil, nil, err + } + + prepShare.jointRandPart = &Seed{} + err = v.xof.jointRandPart(prepShare.jointRandPart[:], + share.blind, aggID, nonce, measShareEnc) + if err != nil { + return nil, nil, err + } + + prepState.correctedJointRandSeed = &Seed{} + *prepState.correctedJointRandSeed, err = v.xof.jointRandSeed(ps) + if err != nil { + return nil, nil, err + } + + jointRands := arith.NewVec[V](params.JointRandLength() * numProofs) + err = v.xof.jointRands(jointRands, prepState.correctedJointRandSeed) + if err != nil { + return nil, nil, err + } + + jointRand = jointRands[:jointRandLen] + } + + // Query the measurement and proof(s) share(s). + queryRands := arith.NewVec[V](params.QueryRandLength() * numProofs) + err = v.xof.queryRands(queryRands, verifyKey, nonce) + if err != nil { + return nil, nil, err + } + + proofShare := share.proofShare[:params.ProofLength()] + queryRand := queryRands[:params.QueryRandLength()] + + prepShare.verifiersShare, err = v.flp.Query( + share.measShare, proofShare, queryRand, jointRand, v.shares) + if err != nil { + return nil, nil, err + } + + return prepState, prepShare, nil +} + +// PrepSharesToPrep used by aggregator for aggregate shares. +// +// https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-vdaf-13#section-7.2.2 +func (v *Prio3[M, A, T, V, E, F]) PrepSharesToPrep( + prepShares []PrepShare[V, E], +) (*PrepMessage, error) { + params := v.Params() + msg := new(PrepMessage) + // Unshard each set of verifier shares into each verifier message. + verifierLen := params.VerifierLength() + verifiers := arith.NewVec[V](verifierLen * numProofs) + for i := range prepShares { + verifiers.AddAssign(prepShares[i].verifiersShare) + } + + // Verify that each proof is well-formed and input is valid. + verifier := verifiers[:verifierLen] + if !v.flp.Decide(verifier) { + return nil, ErrProofVerify + } + + // Combine the joint randomness parts computed by the + // Aggregators into the true joint randomness seed. This is + // used in the last step. + if params.JointRandLength() > 0 { + jointRandParts := make([]byte, 0, SeedSize*uint(v.shares)) + for i := range prepShares { + if prepShares[i].jointRandPart == nil { + return nil, ErrJointRand + } + + jointRandParts = append( + jointRandParts, prepShares[i].jointRandPart[:]...) + } + + jointRandSeed, err := v.xof.jointRandSeed(jointRandParts) + if err != nil { + return nil, err + } + + msg.joinRand = &jointRandSeed + } + + return msg, nil +} + +// PrepNext used by aggregator to produce an output share. +// +// https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-vdaf-13#section-7.2.2 +func (v *Prio3[M, A, T, V, E, F]) PrepNext( + state *PrepState[V, E], msg *PrepMessage, +) (*OutShare[V, E], error) { + if msg != nil && state != nil && msg.joinRand != nil && + state.correctedJointRandSeed != nil { + if subtle.ConstantTimeCompare( + msg.joinRand[:], state.correctedJointRandSeed[:]) != 1 { + return nil, ErrJointRand + } + } + + return &OutShare[V, E]{state.outShare}, nil +} + +// AggregationInit is used to start aggregation. +// +// https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-vdaf-13#section-7.2.4 +func (v *Prio3[M, A, T, V, E, F]) AggregationInit() (s AggShare[V, E]) { + s.share = arith.NewVec[V](v.flp.OutputLength()) + return +} + +// AggregationUpdate aggregates an output share into an aggregation share. +// +// https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-vdaf-13#section-7.2.4 +func (v *Prio3[M, A, T, V, E, F]) AggregationUpdate( + aggShare *AggShare[V, E], outShare *OutShare[V, E], +) { + aggShare.share.AddAssign(outShare.share) +} + +// AggregationMerge merges several aggregation shares. +// +// https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-vdaf-13#section-7.2.4 +func (v *Prio3[M, A, T, V, E, F]) aggregationMerge( + aggShares []AggShare[V, E], +) (s AggShare[V, E]) { + s = v.AggregationInit() + for i := range aggShares { + s.share.AddAssign(aggShares[i].share) + } + + return +} + +// Unshard is used by the Collector to recover the aggregate result from a set +// of aggregation shares. +// +// https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-vdaf-13#section-7.2.5 +func (v *Prio3[M, A, T, V, E, F]) Unshard( + aggShares []AggShare[V, E], numMeas uint, +) (*A, error) { + if len(aggShares) != int(v.shares) { + return nil, ErrAggShareSize + } + + s := v.aggregationMerge(aggShares) + return v.flp.Decode(s.share, numMeas) +} + +func (v *Prio3[M, A, T, V, E, F]) getInputShareContent( + aggID uint8, inShare InputShare[V, E], params *Params, +) (s inputShareContent[V, E], err error) { + switch true { + case aggID == 0 && inShare.leader != nil: + return inShare.leader.inputShareContent, nil + case aggID != 0 && inShare.helper != nil: + s.New(params) + share := &inShare.helper.share + err = v.xof.helperMeasShare(s.measShare, aggID, share) + if err != nil { + return s, err + } + + err = v.xof.helperProofsShare(s.proofShare, aggID, share) + if err != nil { + return s, err + } + + s.blind = inShare.helper.blind + return s, nil + default: + return s, ErrShare + } +} + +type Params struct { + jointRandLen uint + measurementLen uint + outputLen uint + evalOutputLen uint + queryRandLen uint + proveRandLen uint + proofLen uint + verifierLen uint + randSize uint + shares uint8 +} + +func (p *Params) JointRandLength() uint { return p.jointRandLen } +func (p *Params) MeasurementLength() uint { return p.measurementLen } +func (p *Params) OutputLength() uint { return p.outputLen } +func (p *Params) EvalOutputLength() uint { return p.evalOutputLen } +func (p *Params) QueryRandLength() uint { return p.queryRandLen } +func (p *Params) ProveRandLength() uint { return p.proveRandLen } +func (p *Params) ProofLength() uint { return p.proofLen } +func (p *Params) VerifierLength() uint { return p.verifierLen } +func (p *Params) RandSize() uint { return p.randSize } +func (p *Params) Shares() uint8 { return p.shares } + +func (v *Prio3[M, A, T, V, E, F]) Params() Params { + return Params{ + jointRandLen: v.flp.JointRandLength(), + measurementLen: v.flp.MeasurementLength(), + outputLen: v.flp.OutputLength(), + evalOutputLen: v.flp.EvalOutputLength(), + queryRandLen: v.flp.QueryRandLength(), + proveRandLen: v.flp.ProveRandLength(), + proofLen: v.flp.ProofLength(), + verifierLen: v.flp.VerifierLength(), + randSize: v.randSize, + shares: v.shares, + } +} + +type flp[ + Measurement, AggResult any, + V arith.Vec[V, E], E arith.Elt, F arith.Fp[E], +] interface { + MeasurementLength() uint + JointRandLength() uint + OutputLength() uint + EvalOutputLength() uint + ProveRandLength() uint + ProofLength() uint + VerifierLength() uint + QueryRandLength() uint + // Prove returns a proof attesting validity to the given measurement. + Prove(meas, proveRand, jointRand V) V + // Query is the linear Query algorithm run by the verifier on a share of + // the measurement and proof. + Query(measShare, proofShare, queryRnd, jointRnd V, shares uint8) (V, error) + // Decide returns true if the measurement from which it was generated is + // valid. + Decide(V) bool + // Encode returns a vector of MeasurementLength() elements representing + // a measurement of type [Measurement]. + Encode(Measurement) (V, error) + // Truncate returns a vector of OutputLength() elements representing + // (a share of) an aggregatable output. + Truncate(V) V + // Decode returns an aggregate result of type [AggResult]. + // This computation may depend on the number of outputs aggregated. + Decode(V, uint) (*AggResult, error) +} + +var ( + ErrNumShares = errors.New("invalid numshares, must be greater than 1") + ErrContextSize = errors.New("invalid context length, (0, MaxContextSize)") + ErrNonceSize = errors.New("invalid nonce length, (NonceSize)") + ErrVerifyKeySize = errors.New("invalid verify key length, (VerifyKeySize)") + ErrRandSize = errors.New("invalid randomness length") + ErrAggShareSize = errors.New("invalid aggregate shares length") + ErrAggID = errors.New("invalid aggregation ID") + ErrJointRand = errors.New("invalid joint randomness") + ErrShare = errors.New("share was not provided") + ErrProofVerify = errors.New("proof verifier check failed") +) diff --git a/vdaf/prio3/internal/prio3/types.go b/vdaf/prio3/internal/prio3/types.go new file mode 100644 index 00000000..f58d9257 --- /dev/null +++ b/vdaf/prio3/internal/prio3/types.go @@ -0,0 +1,390 @@ +package prio3 + +import ( + "github.com/cloudflare/circl/internal/conv" + "github.com/cloudflare/circl/vdaf/prio3/arith" + "golang.org/x/crypto/cryptobyte" +) + +const ( + SeedSize uint = 32 // Size of Seed in bytes. + NonceSize uint = 16 // Size of Nonce in bytes. + VerifyKeySize uint = 32 // Size of VerifyKey in bytes. +) + +type ( + // Nonce is a public random value associated with the report. + Nonce [NonceSize]byte + // VerifyKey is a secret verification key held by each of the Aggregators. + // This key is used to verify validity of the output shares they compute. + VerifyKey [VerifyKeySize]byte + // Seed is used to feed an extnedable output function. + Seed [SeedSize]byte +) + +func (s *Seed) Marshal(b *cryptobyte.Builder) error { + b.AddBytes(s[:]) + return nil +} + +func (s *Seed) Unmarshal(str *cryptobyte.String) bool { + return str.CopyBytes((*s)[:]) +} + +// PublicShare must be distributed to each of the Aggregators. +// Its content depends on whether joint randomness is required for the +// underlying FLP. +// If joint randomness is not used, then the public share is an empty slice. +// +// struct { +// Prio3Seed joint_rand_parts[SEED_SIZE * prio3.SHARES]; +// } Prio3PublicShareWithJointRand; +type PublicShare []byte + +func (s *PublicShare) New(p *Params) *PublicShare { + var n uint + if p.JointRandLength() > 0 { + n = SeedSize * uint(p.shares) + } + *s = make([]byte, n) + return s +} + +func (s *PublicShare) Marshal(b *cryptobyte.Builder) error { + b.AddBytes(*s) + return nil +} + +func (s *PublicShare) MarshalBinary() ([]byte, error) { + return conv.MarshalBinaryLen(s, uint(len(*s))) +} + +func (s *PublicShare) Unmarshal(str *cryptobyte.String) bool { + return str.CopyBytes(*s) +} + +func (s *PublicShare) UnmarshalBinary(b []byte) error { + return conv.UnmarshalBinary(s, b) +} + +type inputShareContent[V arith.Vec[V, E], E arith.Elt] struct { + blind *Seed + proofShare V + measShare V +} + +func (s *inputShareContent[V, E]) New(p *Params) *inputShareContent[V, E] { + s.measShare = arith.NewVec[V](p.MeasurementLength()) + s.proofShare = arith.NewVec[V](p.ProofLength() * numProofs) + if p.JointRandLength() > 0 { + s.blind = &Seed{} + } else { + s.blind = nil + } + return s +} + +func (s *inputShareContent[V, E]) Marshal(b *cryptobyte.Builder) error { + b.AddValue(s.measShare) + b.AddValue(s.proofShare) + if s.blind != nil { + b.AddValue(s.blind) + } + return nil +} + +func (s *inputShareContent[V, E]) Unmarshal(str *cryptobyte.String) bool { + ok := s.measShare.Unmarshal(str) && s.proofShare.Unmarshal(str) + if s.blind != nil { + ok = ok && s.blind.Unmarshal(str) + } + return ok +} + +// InputShareLeader represents one of these two structures. +// +// struct { +// Prio3Field meas_share[F * prio3.flp.MEAS_LEN]; +// Prio3Field proofs_share[F * prio3.flp.PROOF_LEN * prio3.PROOFS]; +// } Prio3LeaderShare; +// +// struct { +// Prio3LeaderShare inner; +// Prio3Seed blind; +// } Prio3LeaderShareWithJointRand; +type InputShareLeader[V arith.Vec[V, E], E arith.Elt] struct { + inputShareContent[V, E] +} + +func (s *InputShareLeader[V, E]) New(p *Params) *InputShareLeader[V, E] { + s.inputShareContent.New(p) + return s +} + +// InputShareHelper represents one of these two structures. +// +// struct { +// Prio3Seed share; +// } Prio3HelperShare; +// +// struct { +// Prio3HelperShare inner; +// Prio3Seed blind; +// } Prio3HelperShareWithJointRand; +type InputShareHelper struct { + blind *Seed + share Seed +} + +func (s *InputShareHelper) New(p *Params) *InputShareHelper { + s.share = Seed{} + if p.JointRandLength() > 0 { + s.blind = &Seed{} + } else { + s.blind = nil + } + return s +} + +func (s *InputShareHelper) Marshal(b *cryptobyte.Builder) error { + b.AddValue(&s.share) + if s.blind != nil { + b.AddValue(s.blind) + } + return nil +} + +func (s *InputShareHelper) Unmarshal(str *cryptobyte.String) bool { + ok := s.share.Unmarshal(str) + if s.blind != nil { + ok = ok && s.blind.Unmarshal(str) + } + return ok +} + +// InputShare is a generic struct that stores shares for the leader or helper. +type InputShare[V arith.Vec[V, E], E arith.Elt] struct { + leader *InputShareLeader[V, E] + helper *InputShareHelper +} + +func (s *InputShare[V, E]) New(p *Params, aggID uint) *InputShare[V, E] { + if aggID == 0 { + s.leader = new(InputShareLeader[V, E]).New(p) + s.helper = nil + } else { + s.helper = new(InputShareHelper).New(p) + s.leader = nil + } + return s +} + +func (s *InputShare[V, E]) MarshalBinary() ([]byte, error) { + return conv.MarshalBinary(s) +} + +func (s *InputShare[V, E]) UnmarshalBinary(b []byte) error { + return conv.UnmarshalBinary(s, b) +} + +func (s *InputShare[V, E]) Marshal(b *cryptobyte.Builder) error { + switch true { + case s.leader != nil && s.helper == nil: + b.AddValue(s.leader) + case s.leader == nil && s.helper != nil: + b.AddValue(s.helper) + default: + return ErrShare + } + return nil +} + +func (s *InputShare[V, E]) Unmarshal(str *cryptobyte.String) bool { + switch true { + case s.leader != nil && s.helper == nil: + return s.leader.Unmarshal(str) + case s.leader == nil && s.helper != nil: + return s.helper.Unmarshal(str) + default: + return false + } +} + +// InputShareHelper represents one of these two structures. +// +// struct { +// Prio3Field verifiers_share[F * V]; +// } Prio3PrepShare; +// +// struct { +// Prio3Field verifiers_share[F * V]; +// Prio3Seed joint_rand_part; +// } Prio3PrepShareWithJointRand; +type PrepShare[V arith.Vec[V, E], E arith.Elt] struct { + jointRandPart *Seed + verifiersShare V +} + +func (s *PrepShare[V, E]) New(p *Params) *PrepShare[V, E] { + s.verifiersShare = arith.NewVec[V](p.VerifierLength() * numProofs) + if p.JointRandLength() > 0 { + s.jointRandPart = &Seed{} + } else { + s.jointRandPart = nil + } + return s +} + +func (s *PrepShare[V, E]) MarshalBinary() ([]byte, error) { + return conv.MarshalBinary(s) +} + +func (s *PrepShare[V, E]) UnmarshalBinary(b []byte) error { + return conv.UnmarshalBinary(s, b) +} + +func (s *PrepShare[V, E]) Marshal(b *cryptobyte.Builder) error { + b.AddValue(s.verifiersShare) + if s.jointRandPart != nil { + b.AddValue(s.jointRandPart) + } + return nil +} + +func (s *PrepShare[V, E]) Unmarshal(str *cryptobyte.String) bool { + ok := s.verifiersShare.Unmarshal(str) + if s.jointRandPart != nil { + ok = ok && s.jointRandPart.Unmarshal(str) + } + return ok +} + +type PrepState[V arith.Vec[V, E], E arith.Elt] struct { + correctedJointRandSeed *Seed + outShare V +} + +func (s *PrepState[V, E]) New(p *Params) *PrepState[V, E] { + s.outShare = arith.NewVec[V](p.OutputLength()) + if p.JointRandLength() > 0 { + s.correctedJointRandSeed = &Seed{} + } else { + s.correctedJointRandSeed = nil + } + return s +} + +func (s *PrepState[V, E]) MarshalBinary() ([]byte, error) { + return conv.MarshalBinary(s) +} + +func (s *PrepState[V, E]) UnmarshalBinary(b []byte) error { + return conv.UnmarshalBinary(s, b) +} + +func (s *PrepState[V, E]) Marshal(b *cryptobyte.Builder) error { + b.AddValue(s.outShare) + if s.correctedJointRandSeed != nil { + b.AddValue(s.correctedJointRandSeed) + } + return nil +} + +func (s *PrepState[V, E]) Unmarshal(str *cryptobyte.String) bool { + ok := s.outShare.Unmarshal(str) + if s.correctedJointRandSeed != nil { + ok = ok && s.correctedJointRandSeed.Unmarshal(str) + } + return ok +} + +// PrepMessage represents the following structure. +// +// struct { +// Prio3Seed joint_rand; +// } Prio3PrepMessageWithJointRand; +type PrepMessage struct{ joinRand *Seed } + +func (s *PrepMessage) New(p *Params) *PrepMessage { + if p.JointRandLength() > 0 { + s.joinRand = &Seed{} + } else { + s.joinRand = nil + } + return s +} + +func (s *PrepMessage) MarshalBinary() ([]byte, error) { + return conv.MarshalBinary(s) +} + +func (s *PrepMessage) UnmarshalBinary(b []byte) error { + return conv.UnmarshalBinary(s, b) +} + +func (s *PrepMessage) Marshal(b *cryptobyte.Builder) error { + if s.joinRand != nil { + b.AddValue(s.joinRand) + } + return nil +} + +func (s *PrepMessage) Unmarshal(str *cryptobyte.String) bool { + if s.joinRand != nil { + return s.joinRand.Unmarshal(str) + } + return true +} + +type OutShare[V arith.Vec[V, E], E arith.Elt] struct{ share V } + +func (s *OutShare[V, E]) New(p *Params) *OutShare[V, E] { + s.share = arith.NewVec[V](p.OutputLength()) + return s +} + +func (s *OutShare[V, E]) MarshalBinary() ([]byte, error) { + return conv.MarshalBinaryLen(s, s.share.Size()) +} + +func (s *OutShare[V, E]) UnmarshalBinary(b []byte) error { + return conv.UnmarshalBinary(s, b) +} + +func (s *OutShare[V, E]) Marshal(b *cryptobyte.Builder) error { + b.AddValue(s.share) + return nil +} + +func (s *OutShare[V, E]) Unmarshal(str *cryptobyte.String) bool { + return s.share.Unmarshal(str) +} + +// AggShare represents the following structure. +// +// struct { +// Prio3Field agg_share[F * prio3.flp.OUTPUT_LEN]; +// } Prio3AggShare; +type AggShare[V arith.Vec[V, E], E arith.Elt] struct{ share V } + +func (s *AggShare[V, E]) New(p *Params) *AggShare[V, E] { + s.share = arith.NewVec[V](p.OutputLength()) + return s +} + +func (s *AggShare[V, E]) MarshalBinary() ([]byte, error) { + return conv.MarshalBinaryLen(s, s.share.Size()) +} + +func (s *AggShare[V, E]) UnmarshalBinary(b []byte) error { + return conv.UnmarshalBinary(s, b) +} + +func (s *AggShare[V, E]) Marshal(b *cryptobyte.Builder) error { + b.AddValue(s.share) + return nil +} + +func (s *AggShare[V, E]) Unmarshal(str *cryptobyte.String) bool { + return s.share.Unmarshal(str) +} diff --git a/vdaf/prio3/internal/prio3/xof.go b/vdaf/prio3/internal/prio3/xof.go new file mode 100644 index 00000000..6465bb9b --- /dev/null +++ b/vdaf/prio3/internal/prio3/xof.go @@ -0,0 +1,216 @@ +package prio3 + +import ( + "encoding/binary" + "math" + + "github.com/cloudflare/circl/internal/sha3" + "github.com/cloudflare/circl/vdaf/prio3/arith" +) + +// xofTS allows to derive seeds and vector of elements from TurboSHAKE. +type xofTS[V arith.Vec[V, E], E arith.Elt] struct { + usage *[2]byte + Header []byte + sha3.State +} + +// NewXof returns an xofTS from an ID and context. +func NewXof[V arith.Vec[V, E], E arith.Elt]( + id uint32, context []byte, +) (x xofTS[V, E], err error) { + const ( + Version = 12 + AlgoClass = 0 + TurboShake128DS = 1 + dstPrefixLen uint = 8 + maxContextSize uint = math.MaxUint16 - dstPrefixLen + ) + + if len(context) > int(maxContextSize) { + return x, ErrContextSize + } + + lenDST := dstPrefixLen + uint(len(context)) + usagePos := dstPrefixLen + headerLen := 2 + lenDST + 1 + x.Header = make([]byte, 0, headerLen) + // | 2 | uint16(len(dst)) | little-endian | + // | 1 | Version | + // | 1 | AlgoClass | + // | 4 | ID | big-endian | + // | 2 | Usage | big-endian | + // | * | context | + // | 1 | SeedSize | + x.Header = binary.LittleEndian.AppendUint16(x.Header, uint16(lenDST)) + x.Header = append(x.Header, Version) + x.Header = append(x.Header, AlgoClass) + x.Header = binary.BigEndian.AppendUint32(x.Header, id) + x.Header = binary.BigEndian.AppendUint16(x.Header, 0) + x.Header = append(x.Header, context...) + x.Header = append(x.Header, uint8(SeedSize)) + x.usage = (*[2]byte)(x.Header[usagePos : usagePos+2]) + x.State = sha3.NewTurboShake128(TurboShake128DS) + return x, nil +} + +func (x *xofTS[V, E]) Init(usage uint16, s *Seed) error { + binary.BigEndian.PutUint16(x.usage[:], usage) + x.Reset() + _, err := x.Write(x.Header) + if err != nil { + return err + } + + _, err = x.Write(s[:]) + if err != nil { + return err + } + + return nil +} + +func (x *xofTS[V, E]) SetBinderByte(binder ...byte) error { + _, err := x.Write(binder) + return err +} + +func (x *xofTS[V, E]) SetBinderBytes(binder ...[]byte) error { + for i := range binder { + _, err := x.Write(binder[i]) + if err != nil { + return err + } + } + + return nil +} + +func (x *xofTS[V, E]) helperMeasShareEnc( + encOut []byte, out V, aggID uint8, s *Seed, +) error { + err := x.Init(usageMeasuShare, s) + if err != nil { + return err + } + + err = x.SetBinderByte(aggID) + if err != nil { + return err + } + + return out.RandomSHA3Bytes(encOut, &x.State) +} + +func (x *xofTS[V, E]) helperMeasShare(out V, aggID uint8, s *Seed) error { + err := x.Init(usageMeasuShare, s) + if err != nil { + return err + } + + err = x.SetBinderByte(aggID) + if err != nil { + return err + } + + return out.RandomSHA3(&x.State) +} + +func (x *xofTS[V, E]) helperProofsShare(out V, aggID uint8, s *Seed) error { + err := x.Init(usageProofShare, s) + if err != nil { + return err + } + + err = x.SetBinderByte(numProofs, aggID) + if err != nil { + return err + } + + return out.RandomSHA3(&x.State) +} + +func (x *xofTS[V, E]) proveRands(out V, proveSeed *Seed) error { + err := x.Init(usageProveRandomness, proveSeed) + if err != nil { + return err + } + + err = x.SetBinderByte(numProofs) + if err != nil { + return err + } + + return out.RandomSHA3(&x.State) +} + +func (x *xofTS[V, E]) queryRands(out V, k *VerifyKey, nonce *Nonce) error { + err := x.Init(usageQueryRandomness, (*Seed)(k)) + if err != nil { + return err + } + + err = x.SetBinderBytes([]byte{numProofs}, nonce[:]) + if err != nil { + return err + } + + return out.RandomSHA3(&x.State) +} + +func (x *xofTS[V, E]) jointRandPart( + out []byte, blind *Seed, aggID uint8, nonce *Nonce, measShareEnc []byte, +) error { + err := x.Init(usageJointRandPart, blind) + if err != nil { + return err + } + + err = x.SetBinderBytes([]byte{aggID}, nonce[:], measShareEnc) + if err != nil { + return err + } + + _, err = x.Read(out) + return err +} + +func (x *xofTS[V, E]) jointRandSeed(jointRandParts []byte) (s Seed, err error) { + var zeros Seed + err = x.Init(usageJointRandSeed, &zeros) + if err != nil { + return s, err + } + + err = x.SetBinderBytes(jointRandParts) + if err != nil { + return s, err + } + + _, err = x.Read(s[:]) + return +} + +func (x *xofTS[V, E]) jointRands(out V, jointRandSeed *Seed) error { + err := x.Init(usageJointRandomness, jointRandSeed) + if err != nil { + return err + } + + err = x.SetBinderByte(numProofs) + if err != nil { + return err + } + + return out.RandomSHA3(&x.State) +} + +const ( + usageMeasuShare uint16 = iota + 1 + usageProofShare + usageJointRandomness + usageProveRandomness + usageQueryRandomness + usageJointRandSeed + usageJointRandPart +) diff --git a/vdaf/prio3/mhcv/mhcv.go b/vdaf/prio3/mhcv/mhcv.go new file mode 100644 index 00000000..3f3a5a52 --- /dev/null +++ b/vdaf/prio3/mhcv/mhcv.go @@ -0,0 +1,200 @@ +// Package mhcv is a VDAF for aggregating bounded vectors of Booleans into buckets. +package mhcv + +import ( + "math/big" + "math/bits" + + "github.com/cloudflare/circl/vdaf/prio3/arith" + "github.com/cloudflare/circl/vdaf/prio3/arith/fp128" + "github.com/cloudflare/circl/vdaf/prio3/internal/cursor" + "github.com/cloudflare/circl/vdaf/prio3/internal/flp" + "github.com/cloudflare/circl/vdaf/prio3/internal/prio3" +) + +type ( + poly = fp128.Poly + Vec = fp128.Vec + Fp = fp128.Fp + AggShare = prio3.AggShare[Vec, Fp] + InputShare = prio3.InputShare[Vec, Fp] + OutShare = prio3.OutShare[Vec, Fp] + PrepShare = prio3.PrepShare[Vec, Fp] + PrepState = prio3.PrepState[Vec, Fp] +) + +// MultiHotCountVec is a verifiable distributed aggregation function in which +// each measurement is a vector of Boolean values, where the number of True +// values is bounded. +// This provides a functionality similar to Histogram except that more than +// one entry (or none at all) may be non-zero. +type MultiHotCountVec struct { + p prio3.Prio3[[]bool, []uint64, *flpMultiHotCountVec, Vec, Fp, *Fp] +} + +func New(numShares uint8, length, maxWeight, chunkLen uint, context []byte) (m *MultiHotCountVec, err error) { + const multihotCountVecID uint8 = 5 + m = new(MultiHotCountVec) + m.p, err = prio3.New( + newFlpMultiCountHotVec(length, maxWeight, chunkLen), + multihotCountVecID, numShares, context) + if err != nil { + return nil, err + } + + return m, nil +} + +func (m *MultiHotCountVec) Params() prio3.Params { return m.p.Params() } + +func (m *MultiHotCountVec) Shard(measurement []bool, nonce *prio3.Nonce, rand []byte, +) (prio3.PublicShare, []InputShare, error) { + return m.p.Shard(measurement, nonce, rand) +} + +func (m *MultiHotCountVec) PrepInit( + verifyKey *prio3.VerifyKey, + nonce *prio3.Nonce, + aggID uint8, + publicShare prio3.PublicShare, + inputShare InputShare, +) (*PrepState, *PrepShare, error) { + return m.p.PrepInit(verifyKey, nonce, aggID, publicShare, inputShare) +} + +func (m *MultiHotCountVec) PrepSharesToPrep(prepShares []PrepShare) (*prio3.PrepMessage, error) { + return m.p.PrepSharesToPrep(prepShares) +} + +func (m *MultiHotCountVec) PrepNext(state *PrepState, msg *prio3.PrepMessage) (*OutShare, error) { + return m.p.PrepNext(state, msg) +} + +func (m *MultiHotCountVec) AggregationInit() AggShare { return m.p.AggregationInit() } + +func (m *MultiHotCountVec) AggregationUpdate(aggShare *AggShare, outShare *OutShare) { + m.p.AggregationUpdate(aggShare, outShare) +} + +func (m *MultiHotCountVec) Unshard(aggShares []AggShare, numMeas uint) (aggregate *[]uint64, err error) { + return m.p.Unshard(aggShares, numMeas) +} + +type flpMultiHotCountVec struct { + flp.FLP[flp.GadgetParallelSum, poly, Vec, Fp, *Fp] + bits uint + chunkLen uint + length uint + offset Fp +} + +func newFlpMultiCountHotVec(length, maxWeight, chunkLen uint) *flpMultiHotCountVec { + m := new(flpMultiHotCountVec) + if length == 0 { + panic("length cannot be zero") + } + if maxWeight > length { + panic("maxWeight cannot be greater than length") + } + if chunkLen == 0 { + panic("chunkLen cannot be zero") + } + + bits := uint(bits.Len64(uint64(maxWeight))) + offset := (uint64(1) << uint64(bits)) - 1 - uint64(maxWeight) + + b := new(big.Int).SetBytes(new(Fp).Order()) + b.Sub(b, big.NewInt(int64(offset))) + if b.Cmp(big.NewInt(int64(length))) <= 0 { + panic("length and maxWeight are too large for the current field size") + } + + numCalls := (length + bits + chunkLen - 1) / chunkLen + + m.bits = bits + m.length = length + m.chunkLen = chunkLen + err := m.offset.SetUint64(offset) + if err != nil { + panic(err) + } + + m.Valid.MeasurementLen = length + bits + m.Valid.JointRandLen = numCalls + m.Valid.OutputLen = length + m.Valid.EvalOutputLen = 2 + m.Gadget = flp.GadgetParallelSum{Count: chunkLen} + m.NumCalls = numCalls + m.FLP.Eval = m.Eval + return m +} + +func (m *flpMultiHotCountVec) Eval(out Vec, g flp.Gadget[poly, Vec, Fp, *Fp], numCalls uint, meas, jointRand Vec, shares uint8) { + var invShares Fp + invShares.InvUint64(uint64(shares)) + out[0] = flp.RangeCheck(g, numCalls, m.chunkLen, &invShares, meas, jointRand) + + measCur := cursor.New(meas) + countVec := measCur.Next(m.length) + var weight Fp + for i := range countVec { + weight.AddAssign(&countVec[i]) + } + + weightReported := measCur.Next(m.bits).JoinBits() + weightCheck := &out[1] + weightCheck.Mul(&m.offset, &invShares) + weightCheck.AddAssign(&weight) + weightCheck.SubAssign(&weightReported) +} + +func (m *flpMultiHotCountVec) Encode(measurement []bool) (out Vec, err error) { + n := m.length + if n != uint(len(measurement)) { + return nil, flp.ErrMeasurementLen + } + + out = arith.NewVec[Vec](m.Valid.MeasurementLen) + outCur := cursor.New(out) + first := outCur.Next(n) + weight := uint64(0) + for i := range measurement { + if measurement[i] { + first[i].SetOne() + weight++ + } + } + + offset, err := m.offset.GetUint64() + if err != nil { + return nil, err + } + + err = outCur.Next(m.bits).SplitBits(offset + weight) + if err != nil { + return nil, err + } + + return out, nil +} + +func (m *flpMultiHotCountVec) Truncate(meas Vec) Vec { + return meas[:m.length] +} + +func (m *flpMultiHotCountVec) Decode(output Vec, numMeas uint) (*[]uint64, error) { + if len(output) < int(m.Valid.OutputLen) { + return nil, flp.ErrOutputLen + } + + var err error + out := make([]uint64, len(output)) + for i := range output { + out[i], err = output[i].GetUint64() + if err != nil { + return nil, err + } + } + + return &out, nil +} diff --git a/vdaf/prio3/prio3_test.go b/vdaf/prio3/prio3_test.go new file mode 100644 index 00000000..f2bb331f --- /dev/null +++ b/vdaf/prio3/prio3_test.go @@ -0,0 +1,234 @@ +package prio3 + +import ( + "crypto/rand" + "io" + "slices" + "testing" + + "github.com/cloudflare/circl/internal/test" + "github.com/cloudflare/circl/vdaf/prio3/count" + "github.com/cloudflare/circl/vdaf/prio3/histogram" + "github.com/cloudflare/circl/vdaf/prio3/internal/prio3" + "github.com/cloudflare/circl/vdaf/prio3/mhcv" + "github.com/cloudflare/circl/vdaf/prio3/sum" + "github.com/cloudflare/circl/vdaf/prio3/sumvec" +) + +type Prio3[ + Measurement, Aggregate any, + AggShare, InputShare, OutShare, PrepShare, PrepState any, +] interface { + Params() prio3.Params + Shard( + Measurement, *prio3.Nonce, []byte, + ) (prio3.PublicShare, []InputShare, error) + PrepInit( + *prio3.VerifyKey, *prio3.Nonce, uint8, prio3.PublicShare, InputShare, + ) (*PrepState, *PrepShare, error) + PrepSharesToPrep([]PrepShare) (*prio3.PrepMessage, error) + PrepNext(*PrepState, *prio3.PrepMessage) (*OutShare, error) + AggregationInit() AggShare + AggregationUpdate(*AggShare, *OutShare) + Unshard([]AggShare, uint) (*Aggregate, error) +} + +const NumShares = 2 + +var Context = []byte("TestingPrio3") + +func TestCount(t *testing.T) { + input := []bool{true, true, false} + want := uint64(2) // Hamming weight of binary inputs. + c, err := count.New(NumShares, Context) + test.CheckNoErr(t, err, "new count failed") + got := testPrio3(t, c, input) + test.CheckOk(got != nil, "prio3 count failed", t) + if *got != want { + test.ReportError(t, *got, want) + } +} + +func TestSum(t *testing.T) { + const MaxMeas = 4 + input := []uint64{1, 2, 3} + want := uint64(6) // Sum of each input. + s, err := sum.New(NumShares, MaxMeas, Context) + test.CheckNoErr(t, err, "new sum failed") + got := testPrio3(t, s, input) + test.CheckOk(got != nil, "prio3 sum failed", t) + if *got != want { + test.ReportError(t, *got, want) + } +} + +func TestSumVec(t *testing.T) { + input := [][]uint64{ + {1, 2, 3, 0}, + {1, 4, 6, 1}, + {1, 6, 9, 2}, + } + want := []uint64{3, 12, 18, 3} // Element-wise sum of input vectors. + s, err := sumvec.New(NumShares, 4, 4, 3, Context) + test.CheckNoErr(t, err, "new sumvec failed") + got := testPrio3(t, s, input) + test.CheckOk(got != nil, "prio3 sumvec failed", t) + if !slices.Equal(*got, want) { + test.ReportError(t, *got, want) + } +} + +func TestHistogram(t *testing.T) { + input := []uint64{2, 1, 1, 2, 0, 3, 3, 3, 3, 3} + want := []uint64{ + 1, // how many zeros + 2, // how many ones + 2, // how many twos + 5, // how many threes + } + h, err := histogram.New(NumShares, 4, 3, Context) + test.CheckNoErr(t, err, "new histogram failed") + got := testPrio3(t, h, input) + test.CheckOk(got != nil, "prio3 histogram failed", t) + if !slices.Equal(*got, want) { + test.ReportError(t, *got, want) + } +} + +func TestMultiHotCountVec(t *testing.T) { + const MaxWeight = 2 + input := [][]bool{ + {false, false, false, false, false}, // Hamming weight = 0 <= MaxWeight + {false, false, false, false, true}, // Hamming weight = 1 <= MaxWeight + {true, false, false, false, true}, // Hamming weight = 2 <= MaxWeight + } + // Element-wise count of binary vectors of weight at most MaxWeight. + want := []uint64{1, 0, 0, 0, 2} + m, err := mhcv.New(NumShares, 5, MaxWeight, 3, Context) + test.CheckNoErr(t, err, "new MultiHotCountVec failed") + got := testPrio3(t, m, input) + test.CheckOk(got != nil, "prio3 multiHotCountVec failed", t) + if !slices.Equal(*got, want) { + test.ReportError(t, *got, want) + } +} + +func testPrio3[ + P Prio3[ + Measurement, Aggregate, + AggShare, InputShare, OutShare, PrepShare, PrepState, + ], + Measurement, Aggregate any, + AggShare, InputShare, OutShare, PrepShare, PrepState any, +](t testing.TB, p P, measurements []Measurement) *Aggregate { + params := p.Params() + shares := params.Shares() + var verifyKey prio3.VerifyKey + _, err := io.ReadFull(rand.Reader, verifyKey[:]) + test.CheckNoErr(t, err, "read verifyKey failed") + + aggShares := make([]AggShare, shares) + for i := range aggShares { + aggShares[i] = p.AggregationInit() + } + + for _, mi := range measurements { + var nonce prio3.Nonce + _, err = io.ReadFull(rand.Reader, nonce[:]) + test.CheckNoErr(t, err, "read nonce failed") + + randb := make([]byte, params.RandSize()) + _, err = io.ReadFull(rand.Reader, randb) + test.CheckNoErr(t, err, "read rand bytes failed") + + var pubShare prio3.PublicShare + var inputShares []InputShare + pubShare, inputShares, err = p.Shard(mi, &nonce, randb) + test.CheckNoErr(t, err, "shard failed") + testMarshal(t, &pubShare, ¶ms) + for i := range inputShares { + testMarshal(t, &inputShares[i], ¶ms, uint(i)) + } + + var prepStates []*PrepState + var outboundPrepShares []PrepShare + for i := range shares { + state, share, errx := p.PrepInit( + &verifyKey, &nonce, i, pubShare, inputShares[i]) + test.CheckNoErr(t, errx, "prepare init failed") + + prepStates = append(prepStates, state) + outboundPrepShares = append(outboundPrepShares, *share) + } + + testMarshal(t, prepStates[0], ¶ms) + testMarshal(t, &outboundPrepShares[0], ¶ms) + + var prepMsg *prio3.PrepMessage + prepMsg, err = p.PrepSharesToPrep(outboundPrepShares) + test.CheckNoErr(t, err, "PrepSharesToPrep failed") + testMarshal(t, prepMsg, ¶ms) + + var outShare *OutShare + for i := range shares { + outShare, err = p.PrepNext(prepStates[i], prepMsg) + test.CheckNoErr(t, err, "PrepNext failed") + testMarshal(t, outShare, ¶ms) + p.AggregationUpdate(&aggShares[i], outShare) + } + } + + testMarshal(t, &aggShares[0], ¶ms) + numMeas := uint(len(measurements)) + aggResult, err := p.Unshard(aggShares, numMeas) + test.CheckNoErr(t, err, "unshard failed") + + return aggResult +} + +func BenchmarkCount(b *testing.B) { + c, err := count.New(NumShares, Context) + test.CheckNoErr(b, err, "new Count failed") + benchmarkPrio3(b, c, []bool{true, true, false}) +} + +func BenchmarkSum(b *testing.B) { + s, err := sum.New(NumShares, 4, Context) + test.CheckNoErr(b, err, "new Sum failed") + benchmarkPrio3(b, s, []uint64{1, 2, 3}) +} + +func BenchmarkSumVec(b *testing.B) { + s, err := sumvec.New(NumShares, 2, 3, 2, Context) + test.CheckNoErr(b, err, "new SumVec failed") + benchmarkPrio3(b, s, [][]uint64{{1, 2}, {2, 0}}) +} + +func BenchmarkHistogram(b *testing.B) { + h, err := histogram.New(NumShares, 4, 2, Context) + test.CheckNoErr(b, err, "new Histogram failed") + benchmarkPrio3(b, h, []uint64{1, 2, 2, 0}) +} + +func BenchmarkMultiHotCountVec(b *testing.B) { + m, err := mhcv.New(NumShares, 3, 2, 3, Context) + test.CheckNoErr(b, err, "new MultiHotCountVec failed") + benchmarkPrio3(b, m, [][]bool{ + {false, false, true}, + {false, true, false}, + {false, false, true}, + }) +} + +func benchmarkPrio3[ + T Prio3[ + Measurement, Aggregate, + AggShare, InputShare, OutShare, PrepShare, PrepState, + ], + Measurement, Aggregate any, + AggShare, InputShare, OutShare, PrepShare, PrepState any, +](b *testing.B, v T, meas []Measurement) { + for i := 0; i < b.N; i++ { + _ = testPrio3(b, v, meas) + } +} diff --git a/vdaf/prio3/sum/sum.go b/vdaf/prio3/sum/sum.go new file mode 100644 index 00000000..aad2897b --- /dev/null +++ b/vdaf/prio3/sum/sum.go @@ -0,0 +1,160 @@ +// Package sum is a VDAF for aggregating integers in a pre-determined range. +package sum + +import ( + "math/bits" + + "github.com/cloudflare/circl/vdaf/prio3/arith/fp64" + "github.com/cloudflare/circl/vdaf/prio3/internal/cursor" + "github.com/cloudflare/circl/vdaf/prio3/internal/flp" + "github.com/cloudflare/circl/vdaf/prio3/internal/prio3" +) + +type ( + poly = fp64.Poly + Vec = fp64.Vec + Fp = fp64.Fp + AggShare = prio3.AggShare[Vec, Fp] + InputShare = prio3.InputShare[Vec, Fp] + OutShare = prio3.OutShare[Vec, Fp] + PrepShare = prio3.PrepShare[Vec, Fp] + PrepState = prio3.PrepState[Vec, Fp] +) + +// Sum is a verifiable distributed aggregation function in which each +// measurement is an integer in the range [0, maxMeasurement], where +// maxMeasurement defines the largest valid measurement, the aggregated result +// is the sum of all the measurements. +type Sum struct { + p prio3.Prio3[uint64, uint64, *flpSum, Vec, Fp, *Fp] +} + +func New(numShares uint8, maxMeasurement uint64, context []byte) (s *Sum, err error) { + const sumID uint8 = 2 + s = new(Sum) + s.p, err = prio3.New(newFlpSum(maxMeasurement), sumID, numShares, context) + if err != nil { + return nil, err + } + + return s, nil +} + +func (s *Sum) Params() prio3.Params { return s.p.Params() } + +func (s *Sum) Shard(measurement uint64, nonce *prio3.Nonce, rand []byte, +) (prio3.PublicShare, []InputShare, error) { + return s.p.Shard(measurement, nonce, rand) +} + +func (s *Sum) PrepInit( + verifyKey *prio3.VerifyKey, + nonce *prio3.Nonce, + aggID uint8, + publicShare prio3.PublicShare, + inputShare InputShare, +) (*PrepState, *PrepShare, error) { + return s.p.PrepInit(verifyKey, nonce, aggID, publicShare, inputShare) +} + +func (s *Sum) PrepSharesToPrep(prepShares []PrepShare) (*prio3.PrepMessage, error) { + return s.p.PrepSharesToPrep(prepShares) +} + +func (s *Sum) PrepNext(state *PrepState, msg *prio3.PrepMessage) (*OutShare, error) { + return s.p.PrepNext(state, msg) +} + +func (s *Sum) AggregationInit() AggShare { return s.p.AggregationInit() } + +func (s *Sum) AggregationUpdate(aggShare *AggShare, outShare *OutShare) { + s.p.AggregationUpdate(aggShare, outShare) +} + +func (s *Sum) Unshard(aggShares []AggShare, numMeas uint) (aggregate *uint64, err error) { + return s.p.Unshard(aggShares, numMeas) +} + +type flpSum struct { + flp.FLP[flp.GadgetPolyEvalx2x, poly, Vec, Fp, *Fp] + bits uint + offset Fp +} + +func newFlpSum(maxMeasurement uint64) *flpSum { + s := new(flpSum) + bits := uint(bits.Len64(maxMeasurement)) + offset := (uint64(1) << uint64(bits)) - 1 - maxMeasurement + + s.bits = bits + err := s.offset.SetUint64(offset) + if err != nil { + panic(err) + } + + s.Valid.MeasurementLen = 2 * bits + s.Valid.JointRandLen = 0 + s.Valid.OutputLen = 1 + s.Valid.EvalOutputLen = 2*bits + 1 + s.Gadget = flp.GadgetPolyEvalx2x{} + s.NumCalls = 2 * bits + s.FLP.Eval = s.Eval + return s +} + +func (s *flpSum) Eval(out Vec, g flp.Gadget[poly, Vec, Fp, *Fp], numCalls uint, meas, jointRand Vec, shares uint8) { + var input [1]Fp + for i := range meas { + input[0] = meas[i] + g.Eval(&out[i], input[:]) + } + + measCur := cursor.New(meas) + a := measCur.Next(s.bits).JoinBits() + b := measCur.Next(s.bits).JoinBits() + + var invShares Fp + invShares.InvUint64(uint64(shares)) + rangeCheck := &out[len(meas)] + rangeCheck.Mul(&s.offset, &invShares) + rangeCheck.AddAssign(&a) + rangeCheck.SubAssign(&b) +} + +func (s *flpSum) Encode(measurement uint64) (Vec, error) { + offset, err := s.offset.GetUint64() + if err != nil { + return nil, err + } + + out := make(Vec, s.Valid.MeasurementLen) + outCur := cursor.New(out) + err = outCur.Next(s.bits).SplitBits(measurement) + if err != nil { + return nil, err + } + + err = outCur.Next(s.bits).SplitBits(measurement + offset) + if err != nil { + return nil, err + } + + return out, nil +} + +func (s *flpSum) Truncate(meas Vec) Vec { + return Vec{meas[:s.bits].JoinBits()} +} + +func (s *flpSum) Decode(output Vec, numMeas uint) (*uint64, error) { + if len(output) < int(s.Valid.OutputLen) { + return nil, flp.ErrOutputLen + } + + n, err := output[0].GetUint64() + if err != nil { + return nil, err + } + + return &n, nil +} diff --git a/vdaf/prio3/sumvec/sumvec.go b/vdaf/prio3/sumvec/sumvec.go new file mode 100644 index 00000000..8c27007e --- /dev/null +++ b/vdaf/prio3/sumvec/sumvec.go @@ -0,0 +1,152 @@ +// Package sumvec is a VDAF for aggregating vectors of integers in a pre-determined range. +package sumvec + +import ( + "github.com/cloudflare/circl/vdaf/prio3/arith" + "github.com/cloudflare/circl/vdaf/prio3/arith/fp128" + "github.com/cloudflare/circl/vdaf/prio3/internal/cursor" + "github.com/cloudflare/circl/vdaf/prio3/internal/flp" + "github.com/cloudflare/circl/vdaf/prio3/internal/prio3" +) + +type ( + poly = fp128.Poly + Vec = fp128.Vec + Fp = fp128.Fp + AggShare = prio3.AggShare[Vec, Fp] + InputShare = prio3.InputShare[Vec, Fp] + OutShare = prio3.OutShare[Vec, Fp] + PrepShare = prio3.PrepShare[Vec, Fp] + PrepState = prio3.PrepState[Vec, Fp] +) + +// SumVec is a verifiable distributed aggregation function in which each +// measurement is a fixed-length vector of integers in the range [0, 2^bits). +// the aggregated result is the sum of all the vectors. +type SumVec struct { + p prio3.Prio3[[]uint64, []uint64, *flpSumVec, Vec, Fp, *Fp] +} + +func New(numShares uint8, length, bits, chunkLen uint, context []byte) (s *SumVec, err error) { + const sumVecID uint8 = 3 + s = new(SumVec) + s.p, err = prio3.New(newFlpSumVec(length, bits, chunkLen), sumVecID, numShares, context) + if err != nil { + return nil, err + } + + return s, nil +} + +func (s *SumVec) Params() prio3.Params { return s.p.Params() } + +func (s *SumVec) Shard(measurement []uint64, nonce *prio3.Nonce, rand []byte, +) (prio3.PublicShare, []InputShare, error) { + return s.p.Shard(measurement, nonce, rand) +} + +func (s *SumVec) PrepInit( + verifyKey *prio3.VerifyKey, + nonce *prio3.Nonce, + aggID uint8, + publicShare prio3.PublicShare, + inputShare InputShare, +) (*PrepState, *PrepShare, error) { + return s.p.PrepInit(verifyKey, nonce, aggID, publicShare, inputShare) +} + +func (s *SumVec) PrepSharesToPrep(prepShares []PrepShare) (*prio3.PrepMessage, error) { + return s.p.PrepSharesToPrep(prepShares) +} + +func (s *SumVec) PrepNext(state *PrepState, msg *prio3.PrepMessage) (*OutShare, error) { + return s.p.PrepNext(state, msg) +} + +func (s *SumVec) AggregationInit() AggShare { return s.p.AggregationInit() } + +func (s *SumVec) AggregationUpdate(aggShare *AggShare, outShare *OutShare) { + s.p.AggregationUpdate(aggShare, outShare) +} + +func (s *SumVec) Unshard(aggShares []AggShare, numMeas uint) (aggregate *[]uint64, err error) { + return s.p.Unshard(aggShares, numMeas) +} + +type flpSumVec struct { + flp.FLP[flp.GadgetParallelSum, poly, Vec, Fp, *Fp] + length uint + bits uint + chunkLen uint +} + +func newFlpSumVec(length, bits, chunkLen uint) *flpSumVec { + if bits > 64 { + panic("bits larger than 64 is not supported") + } + + s := new(flpSumVec) + numCalls := (length*bits + chunkLen - 1) / chunkLen + + s.length = length + s.bits = bits + s.chunkLen = chunkLen + s.Valid.MeasurementLen = length * bits + s.Valid.JointRandLen = numCalls + s.Valid.OutputLen = length + s.Valid.EvalOutputLen = 1 + s.Gadget = flp.GadgetParallelSum{Count: chunkLen} + s.NumCalls = numCalls + s.FLP.Eval = s.Eval + return s +} + +func (s *flpSumVec) Eval(out Vec, g flp.Gadget[poly, Vec, Fp, *Fp], numCalls uint, meas, jointRand Vec, shares uint8) { + var invShares Fp + invShares.InvUint64(uint64(shares)) + out[0] = flp.RangeCheck(g, numCalls, s.chunkLen, &invShares, meas, jointRand) +} + +func (s *flpSumVec) Encode(measurement []uint64) (out Vec, err error) { + if len(measurement) != int(s.length) { + return nil, flp.ErrMeasurementLen + } + + out = make(Vec, s.Valid.MeasurementLen) + outCur := cursor.New(out) + for i := range measurement { + err = outCur.Next(s.bits).SplitBits(measurement[i]) + if err != nil { + return nil, err + } + } + + return +} + +func (s *flpSumVec) Truncate(meas Vec) (out Vec) { + out = arith.NewVec[Vec](s.length) + measCur := cursor.New(meas) + for i := range out { + out[i] = measCur.Next(s.bits).JoinBits() + } + + return +} + +func (s *flpSumVec) Decode(output Vec, numMeas uint) (*[]uint64, error) { + if len(output) < int(s.Valid.OutputLen) { + return nil, flp.ErrOutputLen + } + + var err error + out := make([]uint64, len(output)) + for i := range output { + out[i], err = output[i].GetUint64() + if err != nil { + return nil, err + } + } + + return &out, nil +} diff --git a/vdaf/prio3/testdata/Prio3Count_0.json b/vdaf/prio3/testdata/Prio3Count_0.json new file mode 100644 index 00000000..81249048 --- /dev/null +++ b/vdaf/prio3/testdata/Prio3Count_0.json @@ -0,0 +1,40 @@ +{ + "agg_param": "", + "agg_result": 1, + "agg_shares": [ + "e369056891a9fd95", + "1f96fa976d56026a" + ], + "ctx": "736f6d65206170706c69636174696f6e", + "prep": [ + { + "input_shares": [ + "e369056891a9fd95d44e6fadb3b75e6774b666d312bcc59b57694d189321ffe06f46b37d26db61d056b17152e3726a2e", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" + ], + "measurement": 1, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "e369056891a9fd95" + ], + [ + "1f96fa976d56026a" + ] + ], + "prep_messages": [ + "" + ], + "prep_shares": [ + [ + "5c6a0685bd0f0aa9b19b8c1c4431ec49eca02338e5e05da8fc91575311627200", + "a595f97a41f0f5565abc07086ef01d5b3cb2629a3c534bd4dbd8f5187ad75aad" + ] + ], + "public_share": "", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + } + ], + "shares": 2, + "verify_key": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" +} diff --git a/vdaf/prio3/testdata/Prio3Count_1.json b/vdaf/prio3/testdata/Prio3Count_1.json new file mode 100644 index 00000000..18f53370 --- /dev/null +++ b/vdaf/prio3/testdata/Prio3Count_1.json @@ -0,0 +1,46 @@ +{ + "agg_param": "", + "agg_result": 1, + "agg_shares": [ + "afccf0c22c8901be", + "1f96fa976d56026a", + "359d14a56320fcd7" + ], + "ctx": "736f6d65206170706c69636174696f6e", + "prep": [ + { + "input_shares": [ + "afccf0c22c8901be040bc9d44987fd40085bf595185a34267ec8e975e8fdfa331abaaecc9d7104785e186102448192ad", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f", + "202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + ], + "measurement": 1, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "afccf0c22c8901be" + ], + [ + "1f96fa976d56026a" + ], + [ + "359d14a56320fcd7" + ] + ], + "prep_messages": [ + "" + ], + "prep_shares": [ + [ + "145aabe8608487ab66ff1e11a196662b0d268a8dbd2b01481daf7d190bf1b0b6", + "a595f97a41f0f5565abc07086ef01d5b3cb2629a3c534bd4dbd8f5187ad75aad", + "49105b9c5b8b82fd30916e72506a0c5679b07c05a3255a85103f30cfd5ab310e" + ] + ], + "public_share": "", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f" + } + ], + "shares": 3, + "verify_key": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" +} diff --git a/vdaf/prio3/testdata/Prio3Count_2.json b/vdaf/prio3/testdata/Prio3Count_2.json new file mode 100644 index 00000000..ced47bc6 --- /dev/null +++ b/vdaf/prio3/testdata/Prio3Count_2.json @@ -0,0 +1,148 @@ +{ + "agg_param": "", + "agg_result": 3, + "agg_shares": [ + "6b111b08d94ff4ed", + "99eee4f725b00b12" + ], + "ctx": "736f6d65206170706c69636174696f6e", + "prep": [ + { + "input_shares": [ + "e269056891a9fd95d44e6fadb3b75e6774b666d312bcc59b04b52413d9e5e26d6f46b3fd26db6150a8659ad79dae8621", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" + ], + "measurement": 0, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "e269056891a9fd95" + ], + [ + "1f96fa976d56026a" + ] + ], + "prep_messages": [ + "" + ], + "prep_shares": [ + [ + "5c6a0685bd0f0aa98bb9c0942022d854c6be57b0c1d149b3d5a14867e2750b29", + "a595f97a41f0f5565abc07086ef01d5b3cb2629a3c534bd4dbd8f5187ad75aad" + ] + ], + "public_share": "", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + }, + { + "input_shares": [ + "e369056891a9fd95d44e6fadb3b75e6774b666d312bcc59b57694d189321ffe06f46b37d26db61d056b17152e3726a2e", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" + ], + "measurement": 1, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "e369056891a9fd95" + ], + [ + "1f96fa976d56026a" + ] + ], + "prep_messages": [ + "" + ], + "prep_shares": [ + [ + "5c6a0685bd0f0aa9b19b8c1c4431ec49eca02338e5e05da8fc91575311627200", + "a595f97a41f0f5565abc07086ef01d5b3cb2629a3c534bd4dbd8f5187ad75aad" + ] + ], + "public_share": "", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + }, + { + "input_shares": [ + "e369056891a9fd95d44e6fadb3b75e6774b666d312bcc59b57694d189321ffe06f46b37d26db61d056b17152e3726a2e", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" + ], + "measurement": 1, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "e369056891a9fd95" + ], + [ + "1f96fa976d56026a" + ] + ], + "prep_messages": [ + "" + ], + "prep_shares": [ + [ + "5c6a0685bd0f0aa9b19b8c1c4431ec49eca02338e5e05da8fc91575311627200", + "a595f97a41f0f5565abc07086ef01d5b3cb2629a3c534bd4dbd8f5187ad75aad" + ] + ], + "public_share": "", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + }, + { + "input_shares": [ + "e269056891a9fd95d44e6fadb3b75e6774b666d312bcc59b04b52413d9e5e26d6f46b3fd26db6150a8659ad79dae8621", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" + ], + "measurement": 0, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "e269056891a9fd95" + ], + [ + "1f96fa976d56026a" + ] + ], + "prep_messages": [ + "" + ], + "prep_shares": [ + [ + "5c6a0685bd0f0aa98bb9c0942022d854c6be57b0c1d149b3d5a14867e2750b29", + "a595f97a41f0f5565abc07086ef01d5b3cb2629a3c534bd4dbd8f5187ad75aad" + ] + ], + "public_share": "", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + }, + { + "input_shares": [ + "e369056891a9fd95d44e6fadb3b75e6774b666d312bcc59b57694d189321ffe06f46b37d26db61d056b17152e3726a2e", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" + ], + "measurement": 1, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "e369056891a9fd95" + ], + [ + "1f96fa976d56026a" + ] + ], + "prep_messages": [ + "" + ], + "prep_shares": [ + [ + "5c6a0685bd0f0aa9b19b8c1c4431ec49eca02338e5e05da8fc91575311627200", + "a595f97a41f0f5565abc07086ef01d5b3cb2629a3c534bd4dbd8f5187ad75aad" + ] + ], + "public_share": "", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + } + ], + "shares": 2, + "verify_key": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" +} diff --git a/vdaf/prio3/testdata/Prio3Histogram_0.json b/vdaf/prio3/testdata/Prio3Histogram_0.json new file mode 100644 index 00000000..64a2cb78 --- /dev/null +++ b/vdaf/prio3/testdata/Prio3Histogram_0.json @@ -0,0 +1,53 @@ +{ + "agg_param": "", + "agg_result": [ + 0, + 0, + 1, + 0 + ], + "agg_shares": [ + "e720f2d625ee3cabce61d583c8c4054e82e8487025764348020264792b3d100f0d8c76f65caf04ee0e22373be0d61ac5fa6e2f2866078b31b90537e24416fad1", + "1adf0d29da11c354159e2a7c373bfab17f17b78fda89bcb7e1fd9b86d4c2eff0f5738909a350fb11d5ddc8c41f29e53a0791d0d799f874ce2afac81dbbe9052e" + ], + "chunk_length": 2, + "ctx": "736f6d65206170706c69636174696f6e", + "length": 4, + "prep": [ + { + "input_shares": [ + "e720f2d625ee3cabce61d583c8c4054e82e8487025764348020264792b3d100f0d8c76f65caf04ee0e22373be0d61ac5fa6e2f2866078b31b90537e24416fad1d878d8b7b93954e80a0a008ae08698e74409c646c5089bf508d7b32589a4442c84c94b77dd83e10d4cbdcb0a8e9084ba58812ef6c40e078587f3c82140facd7e6a4d6942338c87ab5336de984fca87d6315bd0cd55be021a5e8c95cb2f58d403209e06a16b0e535a34828e56812b7a3f995ffd32815553c38fc0ce8a7963e9758fc2a45b02b69ec05eb19de856357e3a3fd3063b2501f1c7e5791e3350f60a5e870c1d8d239707d61f61f6f3f8413185404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + ], + "measurement": 2, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "e720f2d625ee3cabce61d583c8c4054e", + "82e8487025764348020264792b3d100f", + "0d8c76f65caf04ee0e22373be0d61ac5", + "fa6e2f2866078b31b90537e24416fad1" + ], + [ + "1adf0d29da11c354159e2a7c373bfab1", + "7f17b78fda89bcb7e1fd9b86d4c2eff0", + "f5738909a350fb11d5ddc8c41f29e53a", + "0791d0d799f874ce2afac81dbbe9052e" + ] + ], + "prep_messages": [ + "915cca74703d352a8e12e7441aa3896efbd633bf8eacd9a101ab922f6481404b" + ], + "prep_shares": [ + [ + "d94d1f36d8d2f9867208928069335f0957497c6df0fe6568d4304b27f51456acf8093e765dfe404541c27935c03bf8677569234022700212e1112ad5b4a474126b01b5b1be78d897a9e616bcb21c5644fad4b87f09bc65f0c46ec41e29b19ffd064ddc2301a2ff2176338dd52a09fdadd442cddcbe5d10dafe0d92551d81eac7", + "28b2e0c9272d067971f76d7f96cca0f6bef7d43878716b3fcee1d230515956acdd7ced66a61a897483b4b233e4fe32b48babf43d070fc14b1c7fc4e1a386fd223f58eec1544973c9f39e871c48543e979da23642e48ae655de8c7e6b008ab43bc27dda399f3c8341c7476370573e51b6ebe601061807bb886fc55c2161ce436e" + ] + ], + "public_share": "064ddc2301a2ff2176338dd52a09fdadd442cddcbe5d10dafe0d92551d81eac7c27dda399f3c8341c7476370573e51b6ebe601061807bb886fc55c2161ce436e", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + } + ], + "shares": 2, + "verify_key": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" +} diff --git a/vdaf/prio3/testdata/Prio3Histogram_1.json b/vdaf/prio3/testdata/Prio3Histogram_1.json new file mode 100644 index 00000000..8568c4f8 --- /dev/null +++ b/vdaf/prio3/testdata/Prio3Histogram_1.json @@ -0,0 +1,90 @@ +{ + "agg_param": "", + "agg_result": [ + 0, + 0, + 1, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0 + ], + "agg_shares": [ + "7c81185c4933c0c53be9489a06fe6f271c677e2d2f3469491cd4a5df164da7898ab986810546eb5f44d266bab7912eec02afbee3faa2fc691c60e08cb5b4fc441550907d4b1c16f374bda4acec4f4285934b3867956e39a671054936d1d35a7f4e834925c9aab4102a4d4869bdd3adf4c87230df479eadc9d8fd5113f230d1535754c64ae50e7acf66d0d49d6668f99d862a872d07d7c5e5bba254be6eaa867af95b6a6fe60b4cc1011e0fc2acd1c239", + "1adf0d29da11c354159e2a7c373bfab17f17b78fda89bcb7e1fd9b86d4c2eff0f5738909a350fb11d5ddc8c41f29e53a0791d0d799f874ce2afac81dbbe9052ed75bb48b448e3dab58ea08704f275cf79253d1b055657dfd4862c648d1385a5b7b61459c9aeb8d5c9565370551c67bdea48ce598f7e3c93be4d48ecf19ee20a146a80033c3bbc8feb23771e908b528c13b5d8363939cd7df29d312b4ff9e453e7e3bce6b34722b6d70a389c1ab4724ef", + "6b9fd97adcba7ce592788ce9c1c695266781ca42f641dafec92dbe9914f0688584d2ef745769198eae4fd0802845ecd8f8bf70446b648ec79ca556558f61fd8c1654bbf66f55ac61fa5752e3c3886183dc60f6e7142c495c2998f0805df34a25391b713e9c69bd92084d8091f165d62c9500ea87c07d88fa262d1f1df4e00d0b650339825735bd31aef7b97890e2dda04078f56e658c623afe89988d91b633478b68c724e58188d1553e677ca7e618d7" + ], + "chunk_length": 3, + "ctx": "736f6d65206170706c69636174696f6e", + "length": 11, + "prep": [ + { + "input_shares": [ + "7c81185c4933c0c53be9489a06fe6f271c677e2d2f3469491cd4a5df164da7898ab986810546eb5f44d266bab7912eec02afbee3faa2fc691c60e08cb5b4fc441550907d4b1c16f374bda4acec4f4285934b3867956e39a671054936d1d35a7f4e834925c9aab4102a4d4869bdd3adf4c87230df479eadc9d8fd5113f230d1535754c64ae50e7acf66d0d49d6668f99d862a872d07d7c5e5bba254be6eaa867af95b6a6fe60b4cc1011e0fc2acd1c239bbc08eaa2f65a321aab41077ee2ee67cf916f12d74bd3e0db0b7f053c6000e42e127a7a9d766608fcfefe7741ad8098f7e4180cc5a7af54b4e1a2f6385bc3205c60cd615037620637b96a87b6277db02df81cfa9389ae42515dc02f26bd54d4f6d22ce1c37ba89287248bdde8c71cba5e08cf30d48fab7a600fb27d441ec60788419a3c2fe4f162404a45cbc6a759d71bb3537e109dd50d2810cd3bee8e3ed828646009b0d11310b6dbf5d768d4da864950b09ec34d39e9bde8d9a4496031a33a6452188885035ee869560aee14cd02c484588f5399d364dacfc2e63dbfa2844418722107a38f8af774f4b334ddafd699d3ff3aeb1653f19c0cba384337b114a290ea69463793a5f9986c22bea8ef77b51358adb52e8a61c9f8046504a6156ff82fe86b3868cb262b8db8fdfc07444132c7c42f3dce18d99f6b221319e54a908e7d458925900d23c120489a930b802aa808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f", + "404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + ], + "measurement": 2, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "7c81185c4933c0c53be9489a06fe6f27", + "1c677e2d2f3469491cd4a5df164da789", + "8ab986810546eb5f44d266bab7912eec", + "02afbee3faa2fc691c60e08cb5b4fc44", + "1550907d4b1c16f374bda4acec4f4285", + "934b3867956e39a671054936d1d35a7f", + "4e834925c9aab4102a4d4869bdd3adf4", + "c87230df479eadc9d8fd5113f230d153", + "5754c64ae50e7acf66d0d49d6668f99d", + "862a872d07d7c5e5bba254be6eaa867a", + "f95b6a6fe60b4cc1011e0fc2acd1c239" + ], + [ + "1adf0d29da11c354159e2a7c373bfab1", + "7f17b78fda89bcb7e1fd9b86d4c2eff0", + "f5738909a350fb11d5ddc8c41f29e53a", + "0791d0d799f874ce2afac81dbbe9052e", + "d75bb48b448e3dab58ea08704f275cf7", + "9253d1b055657dfd4862c648d1385a5b", + "7b61459c9aeb8d5c9565370551c67bde", + "a48ce598f7e3c93be4d48ecf19ee20a1", + "46a80033c3bbc8feb23771e908b528c1", + "3b5d8363939cd7df29d312b4ff9e453e", + "7e3bce6b34722b6d70a389c1ab4724ef" + ], + [ + "6b9fd97adcba7ce592788ce9c1c69526", + "6781ca42f641dafec92dbe9914f06885", + "84d2ef745769198eae4fd0802845ecd8", + "f8bf70446b648ec79ca556558f61fd8c", + "1654bbf66f55ac61fa5752e3c3886183", + "dc60f6e7142c495c2998f0805df34a25", + "391b713e9c69bd92084d8091f165d62c", + "9500ea87c07d88fa262d1f1df4e00d0b", + "650339825735bd31aef7b97890e2dda0", + "4078f56e658c623afe89988d91b63347", + "8b68c724e58188d1553e677ca7e618d7" + ] + ], + "prep_messages": [ + "8794e3c89b479fd38914037c778563366e9c90f61a47f52e02e51003048af9e1" + ], + "prep_shares": [ + [ + "9c992f824ce7e69496d40dfa1da358109a3472a03ed58dc33d5426b0115bc7834b72373b9e78170ed075be80bd7842796b25594ce5825c4166bffa9165a98e40a56d6d17e0ca74af36cb5dbdb3a2f3c7d246b8f5bd78acc9f6c26ffde64d4817cdd9b28b742924c79516ca016098492df7580a49dd091f4f6e81fcf9d9fc148365b3e30205531b610d546de28a6b7c7cc058087324206afad931cea724e2285c", + "5db683a2145d865bdcf7b710ffb7e5ebb0bd9384c53299aae2cfe91888654d713fb6f1f7c85c5cfeaad11f1231a6ad8af800be32effc0abc03e33cd8160323e080e98fdc84db0024002bf3aec21c8a9ba3d69a20bbf18d9ff7234d6b03e993f5ef0c2dad87518e4f16634da8f1d947a518540775525c97a3d8d4323fa0f488b782c591e1ce996072e1f096b5991133f1d6ab883b98ec6a028b1de85eefed6989", + "08b04cdb9ebb920f71333af5e2a4c1037e6f5e776923d04de57b5c3ae70c15ad22f5380db9898c43134eb63198f64d67b47df6087bf19d0f85c2f729bb3235bc92bf9dc3a0f5ded0191ae397b5a2553a7ce4a518a7928893a51dc7dbfbdcb3b0d59aaa9ee4849b9d94faab5b691dc86fca19867ae82f97927ff5eece600cd002ed585479d34bf381eb8c5a1655338d24d04951ef27510d46ac2d45d22b5fc6c2" + ] + ], + "public_share": "65b3e30205531b610d546de28a6b7c7cc058087324206afad931cea724e2285c82c591e1ce996072e1f096b5991133f1d6ab883b98ec6a028b1de85eefed6989ed585479d34bf381eb8c5a1655338d24d04951ef27510d46ac2d45d22b5fc6c2", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebf" + } + ], + "shares": 3, + "verify_key": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" +} diff --git a/vdaf/prio3/testdata/Prio3Histogram_2.json b/vdaf/prio3/testdata/Prio3Histogram_2.json new file mode 100644 index 00000000..b6317d20 --- /dev/null +++ b/vdaf/prio3/testdata/Prio3Histogram_2.json @@ -0,0 +1,2366 @@ +{ + "agg_param": "", + "agg_result": [ + 3, + 1, + 2, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 1, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 1, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 2 + ], + "agg_shares": [ + "064975657a4d61b066d25526d5af390c1515d962769da2d21614e8bdb263a2967378a1a0a1d92e4c59552750c2640cb3bc55da91fd496eef1b3a26d6b0dec433a469f48a5271984f71d7a69fe576665650bcd217a70a1a19b6284028d3c7796e3b314ae5f5cb74622e07d6cbd5402a4f9f81080754181daa51ae6be4fdb2b6b44c6df90160aa280c22d293e1a6ed6874b55bde1c3ee2934109c043f702ca47911eadf1c9f3894dbc839c9f704a3395a8c36292db0c8bd9bb77fb172f8c6d68db9635d15f16feb6478098f9fd89b0fb1ebb6b41d0f9a423dab914dc455051d7dafe151be7921237bf8541a34c3a64155a554d489370cf8bfe2b0894480382360b05c1d0f02dbbd7bab9ad9d39936a1bca5db320fc9e9f153ac9d4c2de65e6fdb78d75cbc8c97893ca0a55f98b9abf8127f3b827e86baee8d73c1b60e996e036e599d249a0efd766bf834c0f7412f82a7f6fa95139bf136762ad219910d9df127f5018711487c9811297abc354a76a4f2cf428e90176b5024aca6d22f86cb05c5eac715e398d7d374fb1999ea7fb64f1533289ebec40337ef35a1ba1f078ad45500fd52df11fb888952211d3e81839c6a2ac6879588d0c48f5bed22a3b2eed0d8132c1e8206e933058419ed596a1275a235127ac04561d7f14ab9ed9db40aedd0eb9c1ec994cf1a66dcc05437d34cfb8ff0c129ae4e04d4321aeea613d1ff68f8eb809fce39f697b9cf5b309e4a034340f9b6993ef83604714ef257f21341a1511bb2a25f805136e4425355c23f636f7f54f3ccfbf357c633c687e6a5008c7a26a76c4f6cd640526cb87b17fdf186a0f9d71f377ea0738c820235ac540ea2949ca4d738dcd651e9950fb5ceb32a18ff4c9601c28c91d962df915616aa64dcc80c440fe3fafaf3778ed85e25d2101f6f7cf84f82d65aaaa7b1df384aced53d386724be89e0071795c946b84fe8dcfab2e32f7e36cfcb24912f24b016c8c303228bc01281d4577765ddea7c8666678d9f3d7d04a64c4760b885d7e64314fb1fef8c496b63c3a6547ff64d6509b947c9386ae366c589f8e2ed9f25729aff3cb58cc496598e496c7e2a39d4be2462231b0f86b29eb9263ef4f9ed695037d4a2ceed4a574956a49a66164cafc553cebecad474dbea137470478b630e4c948925fdd903934afbe75bd0cd58906d3a727dcb7ad0f88825883607796c8310ca1a5dc74d154996841060dd54e1c24c0e9e98ef14fc588a1f44ab55d4fb4de70e7936aff49387a27549c626dba13810ae616b366549473b0d51ab89065e62a37b69993b3f03391ce7bbf9e4cd1ccb3c744b8fa9bfea3193223753acd06579d9a27b9671b05421780b1a6e20a57142389e5757419d95b02b52c713e9e0fbe6171e5c65fcbf99459eff9f5d5f318e5a15dfae05faafd027480062ad28e27b5f89641c0de4f4613d541a6d3ae51ee51c3d410445d7b3a1bd303c04177b90b03f519badadb73803e13aa052fa03680d63f17d94337809d96e8938f09fb9495c7ba02ae5fd5e38f1472d30acfe65e804c3478b2884987c765c47969d45647adc5331f9dcc61b8f5c8bc5f923efcd4702b4ed12acaec677bf908c88eac20437e8da1b31eff280fe601fbecf7e59d156b165e4b3d29a5b8e85ccc4f0b16f7cc351ae5e5ab06ceec96231eb3b0fb99a1f73ab7c9e7b985c59635e4b86f39c0c1d9a715529c9f3158c02bb7e80401104a8bd31230be6c7b8ae744cd383e1df09d6be5ad1c3341d780ae09a575a717e96bf805ae53ab6b56aa0616c684982929e00e7a4fcf66ca43654372ad8e670214fb6e25a94e4326ff67c8d0b0e74d7a9e1effb2823a467e9a0aa7d2304f0276136e8ac9de327688a4a9237e235630ae0d0fe4b6a109c3a52c959c6687ebf9d70228ab0af8f727915971575bcc020e6b8b4c68273ee5d609694bbe65e61cf5bc4534d31b0f9f9e0ac2e2a4c9d5222319dde59b95ff9c8fc945ba4d0c055cc3482e015436992410641ac093d912e604cff721700646eef5bbf483cdd57034a6099fc2cc7fe97f54193f3818b9bb263e69fcbe224410998cb927e067ab8713353863ec188118e97dd8ccd008aceb13f68e6ee98400da21966bd831b15078b5c773aada17512b2265c5d1ea6078e5b541184c080a211dd135d59d0da5a578a924aa096759f0c942a67038ec6d2cd085f4b8d2c87aae5e3b6493c4b2016b6e08c31f8c5f277953576532f845fcebb88047be2633475989413bb5d280e88a", + "feb68a9a85b29e4f7d2daad92a50c6f3edea269d89625d2dcdeb17424d9c5d6990875e5f5e26d1b38aaad8af3d9bf34c45aa256e02b69110c8c5d9294f213bcc5d960b75ad8e67b0722859601a8999a9b1432de858f5e5e62dd7bfd72c388691c6ceb51a0a348b9db5f829342abfd5b0627ef7f8abe7e2559251941b024d494bb59206fe9f55d7f3c12d6c1e5912978b4ca421e3c11d6cbeda3fbc08fd35b86ee3520e360c76b2436063608fb5cc6a573e9d6d24f37426446c04e8d0739297246bca2ea0e90149b863670602764f04e14694be2f065bdc252aeb23baafae282503eae4186dedc8405ebe5cb3c59beaa5acb2b76c8f307401b8f76bb7fc7dc9f4fc3e2f0fd24428452a5262c66c95e435a54cdf036160eac51a2b3d219a190248748a343736876c35d9aa067465407ed80e47d81794511728a7e49f16691fc91a682db65f1028994060b3f08bed07d5809256aec640ec989d36de66ef2620ed80b1e78eeb78367eed4c543cab5895b0d30dd716fe894afdb51992dd07934fa3a1558ea1c67282c8b032666158049b0eaccf761413bfcc810c89e45e0f8752baaff22ad20ee047776ac1ee2c17e7c6395d559786a772f3b70a252dd5c4d112f27ecf3e17df916ccfa7a2612a695ed8a5dcb0d853fba9e280eb38612624bf5122f1483e1366b30e599217fabc82cb304700f5ed651b1fb2bcde35159ec2e009707149f6031c60968463ee4bf61b5fcbcbf066966c107c9fb8ebf4d980decbe5eaee46d5da07faec91bbbecaa3dc09c9080ab2c33040ca839cc37b8195aff7385d958b3b09329bfad9345c4e8020e795f062900c8815f8c737dfc0a53abf15d6b635b48c72329ae166afe8a214cd5e700b36a1e3d736e269d206ce9e9559b2337f3bc101c05050c887125e1da2defe0908307d07d29a555584e2f07a5312ac2c798db71761ff8e86a36b787b01723054d1cd0a1c93034db6ed0d98fe9373cfcdd74300d8e2ba8889a2213c37999987260c2831b59b3b89f477a2659bceb04e01073b6b49c3c59ab8009b0daf646b836c7951cb93a76071d1260d8cd6500c34a733b69c671b69381d5c62981db9ddce4f0794d8146d9c10b061294efc82b5d3112b5a8d6a95b6599e9b35e7a9c3141352b8b2435ec8b8fb8749cfff35b76da0226fc6cd50418a42f32a76dd2c58d8234852f0797da77c9f886937b2f35e5a238b2eab6897bef9f22ab1e3bf3f1616710eb03a795e0bb54aa2b04b058f186c9500b6c787d8ab639d9245ec62f519e94c99ab6b8e4f2ae5476f9a19b9c849666c4c0fcc7031844061b32e333038bb470564015ce8cddc8ac532f9a84665d84698e4fabdea7f4e591df5a8ebc0761a8a8be626a4ff4ad38ec161f041828e1a39a034066ba810060a2a0ce71a42a2051fa05502fd8d7ff9d52d71d84aeb68be3f21b0b9ec2cbe592c51ae11ae202befbba284c5e42efc3fbe8846f4fceee54525248c7fc1ee55fad05fc97f29a4e826bcc87f6269196c70f6046b6a3829fd51a02a1c70eb8f2cf53019a17fb3af874d77b678389a3d86962ba9b8523ab0e062339e470a3745a06dc1032b8fd4952ed53513988406f9377153dfbc8172424ce100d7f019fe0613081a62ea94e985b4c2d65a4717a335b0f4e90833cae5fe1954f9311369dce34c4f04665e08c52c3618467a3a69ca1d4790c63f3e2658cead6360cea73fd44a17fbfeefb5742cd1cf4193847518bb34c7c1e20f62941a36e3ccbe287f51f65c8a58e8169407fa35ac5494a955f9e93b7b67d6d61ff18594309935bc9abc8d547198fdeb0491da3ab1bcd90098372f5118b28561e1004d61c5b98165f5582dd1b0fd89ec91753605cd89775b56dc81dea9cf51f2f01b4942f63c5ad36a63997a140628fdd754f5eb07d86ea68ea8a435fdf19474b397d8a51a29f696b4419a1be30a43bacb2ce4d46061f53d1d5b362cdddce6221a646ae4627036ba45b2f3fca33cb7d1feabc94adbef9be53f6c26ef19fb3008de8ff99d110a440b7c322a91cb59f6603d3380fa7fabe6c0c7e74646d9c1960341ddbbd3667346d81f98547aeccac79c13e77ecb168227332ff75316ec097191167bff09de699427ce4eaf894a388c5525e8aeb8dd9a3a2e159f871c4abee7b3f7f5dec62eca2a62f25a5a8956db55f698a60f1abd598fc71392d3317a0b472d37855185c49b6c3b4dfe9493f73ce073a0d88690a89acd07ba03144b7fb841d9ccb8a65abec44a2d7f1775" + ], + "chunk_length": 10, + "ctx": "736f6d65206170706c69636174696f6e", + "length": 100, + "prep": [ + { + "input_shares": [ + "e720f2d625ee3cabce61d583c8c4054e82e8487025764348020264792b3d100f0d8c76f65caf04ee0e22373be0d61ac5fa6e2f2866078b31b90537e24416fad12aa44b74bb71c2548b15f78fb0d8a3086fac2e4faa9a82029b9d39b72ec7a5a4869eba63651472a34e9ac8faae3984215d731a67081c36c4ff2a7130e611df5ebb57ffcc3c44370131c88e16f74ad73ec6a27c9c6c632820ba2ced4b0061bac183c43194cb8dd492735c763e54b8db10143d28498127fcc54acce837c1d7f0955c852ea368195f3a075cff32745e4c36c68a06c8e5f6692f7668fc0688ee7b2fcd1be9e341e8eb5fb5b976d4058a686f56a1ed418b617499bd004287334052b4b479ae311ef97b5fbdf7c285dbbd0261234503e68f2902b94115adfcd6639945c28b47c7ad2575473a55ff0d299326b7e6f80364a4449715a002f0b0a84952fda92ed45cfe7bbd2cd7ba34a5ce1851268c2a8852c64e0abd11500fe8c87c1bf3d5e8a41b2794a64e56c44655aa8aa1371984ca99584500a1b6d769b2d74409a3c5718952c1bfb854e7a85c2a198afea15227b1172005f3b1b682767ef22a3a3b1c6251cb9c4527426a4e48171c6cadf645573fefda9aed7e3548849f846481a6ecac7d36be0e38ef28f6ae28909d229d556a44cdbb4fa61bdb8f627c062b161bc679640feee4c3d7584d20a6eb475f6635680f4a6321ed9c0031f0523632dba72c349963f6f0a58f982b347d76388501f6f0c16440230782fbb68c3605e94e1be01d6a321a353eeda86bbc36b2b898983cb994f99ebfd6d28a0c716e1a4710f13fad98148a00b7faf3c48c49cfbdb40fbffe0b3167d2e01c8f227a0631843a94eff15a613db675eeff55e451c37498faa4cf50c7cf5b51ff9e09715da14773e03a66869191058c64353056836665327b74321e0a1191bf4f400d5e315548da7108e40f80bea56f282d0d338e61449e9e66b0d7b25e0735987966a4a7d1d1d09234b74fed0bbf6fc996ad703dbf95cbc848d4d646f2cdc06fd956eb87de7fb213431206b92387190aff870f4259a840de9fd788a97451affebb1d2b65143c6107d7a8e35b7a63905c9e16071d38ab652451e4c156fe074362bfe672079ee42e2a264224d4c3090ae182088617fe2a87d493f6ebd36672456b3014d4c1bcafc105ec77f9bedf1a62a7a82ef70396c5f767dbd98873567275fac01a901016f214a2768a06e71ae20736fb5f974a8efe8760f4dc7e87f8223b451658ca0ef1ffa0052637d542f00af9813a344a82ab7008423f2be235dff4d6e37b055f8f5b78fe51a994bfacdcbae1faabe006ac32a9ccf69d1e1d721fae8055c3f58392bd8200edd08cde43b01a6fe803f496d8beb595ef1a121ed89f5cce5fb7f116c7bcfa1842bd64fffe2ee5e89610d6e5fc6ff7b2e60c409a6a7bc15045a728a079c9d453682fa0907b916e3188ddae01baefa5521cc966c6b9585fb4e68402792fc93e73b969f7e63743d20c2fd91bfcb938f342c2985b8e1a19c25b7a2f002b236230dbcebfae1a7b7d0940a193a5dec0edf39370fa58d7ae88ed2afa51b60f2e709218149309753919e224d11b4804e1caf0254ccee0a777b606f35aeb118319840197661afecb632982d79bd6ed52b743dfb0ef62eecd1b7f94381c1acaaa007be45bd0b7dec4325cc318b948c7302c5aad28d2e4f8579ff92cfcc3c3a18f29386fc66ae0b0b3990121c1aee83746f1a55a4aed489fec02985c24cad582ebec7ba6c44d2bf2c3e83071329ade2191d73b449ae87b408fead07c01593eae70c786f039d8abf4a366e8e5571d0ebb06b7cc707a2ec5306e3f76e97fab3a6c6dd975e74348b8d4995868712714e3d10b74902a9d0cd13b6b91b4347dc5af4d60ddea0e76bdf4fd9815cd504434c9981d28bcf1bb22ae66815774d4f003537d951a24a12c0ae48218c6d31e954fe20f4334e0495d474950504fc9635cf5715c8efa06f93a8167bc4607ebcc6e850c6aced635935b2f354a4d2eff9c71cdd39798dffe596115d89e901a43e0fabffd3f554f066c8212add01fa47f79033aa175f4f8033057c4f481381f3db1b5d9b2fd72e27aaecd2a6568e5a724e4a699e89c287162eb44bbf35efa71772f4fbb2650bd93ae4aa3a53192069c0734b4e9742e52955c819090f3106af780bdd564036ddda405fe0a9e9540e5787b7a3fde839f2375e091e63da54d6036c1bc50bf16efd6d198a0ff7ddf8c6d791d85ed885a53ecdee10ce40dd878d8b7b93954e80a0a008ae08698e74409c646c5089bf508d7b32589a4442c84c94b77dd83e10d4cbdcb0a8e9084ba58812ef6c40e078587f3c82140facd7e4a942a967e09580a4969fe4ff18a3c0156538253cf7271ee1be187ac03023eeb037d6b09093308cd5d6ebfccf11f43f9a9963431d1745088180bcd4d59e2bcb9241f4e73c5d72d390b47511a90b3e07f49dae42a11096070f11692f20f77c53b6067dba2171d959b5a2275debdd1a9c7a010efeb75b84ba5a7660b401376022d56817e423ccc9db1bc6b1d2b956782349d7c500986d7f0654e8fe3643715b99ec7334da180d4c011dcf727b2e0bacab1df94afd33a4b8f7bb66cda5811ea1500a00b158d660483287bc26bc04d01ae548ec804478df047de419cbfec2bde1051e1b50b8df92be4909a300094555983dcacf615ca79f394923721f1d9c3bf001a9f4d10c3a0130028e99c355bc4da57b4fa22195bda8151b0ae8901ceb458c28964b2d2d19d109d8c1c2a03dd251e4a2c48312ae66e609e3a8f4cc40d84d7f928a3f0ace6fc07e05ab17c01b9fa7906249d3c0d59e05cd71d020c7263100c4d3ece5cd1d7deb7255413ce7a2e20eb514ef6ee6a3af1bd50aece20562b0a1bf5f9f6d0801166978bbd9d6d17b9925cf7bf53a7385370f960daad1dafd4931eaa5b43ff628a3ae52b4e38067b0d1317954381a9fd9cd1581296425be048e507f51bc1febf332f32d8d3d0d77802b9de5e77963081199c99952dc46ca4e7f92c3986f64902d7dfd243dd388dfc44c95ce461d23684d519da66012bc1d0ce4e3c0072437ea43ce2ff34c688206fc5918c90b236c74664ca28fd0e50daefb7e025a934ab88e6dca644649fb870305df8ab2311461368f2fd837c9d8deedaa811e511ea2f417a2841e3c1796f5c3db316abd070bf049b98e27d023ee0351bc747622556e706968efac792a7792d37cc89ad154e464cd7a6e1fbe278b14d5509a5ed0046e6f1af095a53d238f0427efa87b64ad5ca7a0cc7f649f7be83731b85608946ef03ac01588a2af6533647e24c07b8d8654aeecffb6a2ba11603e101cc708ee80ecb4695457826ae70ce830a5622d3551d7e37eabac8ec2e735dbee213a5b26050e1bdc52d21f7be9578668d3044484180404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + ], + "measurement": 2, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "e720f2d625ee3cabce61d583c8c4054e", + "82e8487025764348020264792b3d100f", + "0d8c76f65caf04ee0e22373be0d61ac5", + "fa6e2f2866078b31b90537e24416fad1", + "2aa44b74bb71c2548b15f78fb0d8a308", + "6fac2e4faa9a82029b9d39b72ec7a5a4", + "869eba63651472a34e9ac8faae398421", + "5d731a67081c36c4ff2a7130e611df5e", + "bb57ffcc3c44370131c88e16f74ad73e", + "c6a27c9c6c632820ba2ced4b0061bac1", + "83c43194cb8dd492735c763e54b8db10", + "143d28498127fcc54acce837c1d7f095", + "5c852ea368195f3a075cff32745e4c36", + "c68a06c8e5f6692f7668fc0688ee7b2f", + "cd1be9e341e8eb5fb5b976d4058a686f", + "56a1ed418b617499bd004287334052b4", + "b479ae311ef97b5fbdf7c285dbbd0261", + "234503e68f2902b94115adfcd6639945", + "c28b47c7ad2575473a55ff0d299326b7", + "e6f80364a4449715a002f0b0a84952fd", + "a92ed45cfe7bbd2cd7ba34a5ce185126", + "8c2a8852c64e0abd11500fe8c87c1bf3", + "d5e8a41b2794a64e56c44655aa8aa137", + "1984ca99584500a1b6d769b2d74409a3", + "c5718952c1bfb854e7a85c2a198afea1", + "5227b1172005f3b1b682767ef22a3a3b", + "1c6251cb9c4527426a4e48171c6cadf6", + "45573fefda9aed7e3548849f846481a6", + "ecac7d36be0e38ef28f6ae28909d229d", + "556a44cdbb4fa61bdb8f627c062b161b", + "c679640feee4c3d7584d20a6eb475f66", + "35680f4a6321ed9c0031f0523632dba7", + "2c349963f6f0a58f982b347d76388501", + "f6f0c16440230782fbb68c3605e94e1b", + "e01d6a321a353eeda86bbc36b2b89898", + "3cb994f99ebfd6d28a0c716e1a4710f1", + "3fad98148a00b7faf3c48c49cfbdb40f", + "bffe0b3167d2e01c8f227a0631843a94", + "eff15a613db675eeff55e451c37498fa", + "a4cf50c7cf5b51ff9e09715da14773e0", + "3a66869191058c64353056836665327b", + "74321e0a1191bf4f400d5e315548da71", + "08e40f80bea56f282d0d338e61449e9e", + "66b0d7b25e0735987966a4a7d1d1d092", + "34b74fed0bbf6fc996ad703dbf95cbc8", + "48d4d646f2cdc06fd956eb87de7fb213", + "431206b92387190aff870f4259a840de", + "9fd788a97451affebb1d2b65143c6107", + "d7a8e35b7a63905c9e16071d38ab6524", + "51e4c156fe074362bfe672079ee42e2a", + "264224d4c3090ae182088617fe2a87d4", + "93f6ebd36672456b3014d4c1bcafc105", + "ec77f9bedf1a62a7a82ef70396c5f767", + "dbd98873567275fac01a901016f214a2", + "768a06e71ae20736fb5f974a8efe8760", + "f4dc7e87f8223b451658ca0ef1ffa005", + "2637d542f00af9813a344a82ab700842", + "3f2be235dff4d6e37b055f8f5b78fe51", + "a994bfacdcbae1faabe006ac32a9ccf6", + "9d1e1d721fae8055c3f58392bd8200ed", + "d08cde43b01a6fe803f496d8beb595ef", + "1a121ed89f5cce5fb7f116c7bcfa1842", + "bd64fffe2ee5e89610d6e5fc6ff7b2e6", + "0c409a6a7bc15045a728a079c9d45368", + "2fa0907b916e3188ddae01baefa5521c", + "c966c6b9585fb4e68402792fc93e73b9", + "69f7e63743d20c2fd91bfcb938f342c2", + "985b8e1a19c25b7a2f002b236230dbce", + "bfae1a7b7d0940a193a5dec0edf39370", + "fa58d7ae88ed2afa51b60f2e70921814", + "9309753919e224d11b4804e1caf0254c", + "cee0a777b606f35aeb11831984019766", + "1afecb632982d79bd6ed52b743dfb0ef", + "62eecd1b7f94381c1acaaa007be45bd0", + "b7dec4325cc318b948c7302c5aad28d2", + "e4f8579ff92cfcc3c3a18f29386fc66a", + "e0b0b3990121c1aee83746f1a55a4aed", + "489fec02985c24cad582ebec7ba6c44d", + "2bf2c3e83071329ade2191d73b449ae8", + "7b408fead07c01593eae70c786f039d8", + "abf4a366e8e5571d0ebb06b7cc707a2e", + "c5306e3f76e97fab3a6c6dd975e74348", + "b8d4995868712714e3d10b74902a9d0c", + "d13b6b91b4347dc5af4d60ddea0e76bd", + "f4fd9815cd504434c9981d28bcf1bb22", + "ae66815774d4f003537d951a24a12c0a", + "e48218c6d31e954fe20f4334e0495d47", + "4950504fc9635cf5715c8efa06f93a81", + "67bc4607ebcc6e850c6aced635935b2f", + "354a4d2eff9c71cdd39798dffe596115", + "d89e901a43e0fabffd3f554f066c8212", + "add01fa47f79033aa175f4f8033057c4", + "f481381f3db1b5d9b2fd72e27aaecd2a", + "6568e5a724e4a699e89c287162eb44bb", + "f35efa71772f4fbb2650bd93ae4aa3a5", + "3192069c0734b4e9742e52955c819090", + "f3106af780bdd564036ddda405fe0a9e", + "9540e5787b7a3fde839f2375e091e63d", + "a54d6036c1bc50bf16efd6d198a0ff7d", + "df8c6d791d85ed885a53ecdee10ce40d" + ], + [ + "1adf0d29da11c354159e2a7c373bfab1", + "7f17b78fda89bcb7e1fd9b86d4c2eff0", + "f5738909a350fb11d5ddc8c41f29e53a", + "0791d0d799f874ce2afac81dbbe9052e", + "d75bb48b448e3dab58ea08704f275cf7", + "9253d1b055657dfd4862c648d1385a5b", + "7b61459c9aeb8d5c9565370551c67bde", + "a48ce598f7e3c93be4d48ecf19ee20a1", + "46a80033c3bbc8feb23771e908b528c1", + "3b5d8363939cd7df29d312b4ff9e453e", + "7e3bce6b34722b6d70a389c1ab4724ef", + "edc2d7b67ed8033a993317c83e280f6a", + "a57ad15c97e6a0c5dca300cd8ba1b3c9", + "3b75f9371a0996d06d9703f9771184d0", + "34e4161cbe1714a02e46892bfa759790", + "ab5e12be749e8b6626ffbd78ccbfad4b", + "4d8651cee10684a026083d7a2442fd9e", + "debafc1970d6fd46a2ea5203299c66ba", + "3f74b83852da8ab8a9aa00f2d66cd948", + "1b07fc9b5bbb68ea43fd0f4f57b6ad02", + "58d12ba3018442d30c45cb5a31e7aed9", + "75d577ad39b1f542d2aff0173783e40c", + "2c175be4d86b59b18d3bb9aa55755ec8", + "e87b3566a7baff5e2d28964d28bbf65c", + "3c8e76ad3e4047abfc56a3d5e675015e", + "afd84ee8dffa0c4e2d7d89810dd5c5c4", + "e59dae3463bad8bd79b1b7e8e3935209", + "bca8c01025651281aeb77b607b9b7e59", + "155382c941f1c710bb0951d76f62dd62", + "ac95bb3244b059e408709d83f9d4e9e4", + "3b869bf0111b3c288bb2df5914b8a099", + "cc97f0b59cde1263e3ce0fadc9cd2458", + "d5cb669c090f5a704bd4cb8289c77afe", + "0b0f3e9bbfdcf87de84873c9fa16b1e4", + "21e295cde5cac1123b9443c94d476767", + "c5466b066140292d59f38e91e5b8ef0e", + "c25267eb75ff4805f03a73b630424bf0", + "4201f4ce982d1fe354dd85f9ce7bc56b", + "120ea59ec2498a11e4a91bae3c8b6705", + "5d30af3830a4ae0045f68ea25eb88c1f", + "c799796e6efa739baecfa97c999acd84", + "8dcde1f5ee6e40b0a3f2a1ceaab7258e", + "f91bf07f415a90d7b6f2cc719ebb6161", + "9b4f284da1f8ca676a995b582e2e2f6d", + "cd48b012f44090364d528fc2406a3437", + "b92b29b90d323f900aa9147821804dec", + "beedf946dc78e6f5e477f0bda657bf21", + "622877568bae500128e2d49aebc39ef8", + "2a571ca4859c6fa345e9f8e2c7549adb", + "b01b3ea901f8bc9d24198df8611bd1d5", + "dbbddb2b3cf6f51e61f779e801d5782b", + "6e09142c998dba94b3eb2b3e43503efa", + "1588064120e59d583bd108fc693a0898", + "2626778ca98d8a0523e56fefe90deb5d", + "8b75f918e51df8c9e89f68b57101789f", + "0d23817807ddc4bacda735f10e005ffa", + "dbc82abd0ff5067ea9cbb57d548ff7bd", + "c2d41dca200b291c68faa070a48701ae", + "586b405323451e05381ff953cd563309", + "64e1e28de0517faa200a7c6d427dff12", + "317321bc4fe59017e00b6927414a6a10", + "e7ede12760a331a02c0ee9384305e7bd", + "449b0001d11a1769d3291a0390084d19", + "f5bf6595843eafba3cd75f86362bac97", + "d25f6f846e91ce770651fe45105aade3", + "38993946a7a04b195ffd86d036c18c46", + "980819c8bc2df3d00ae40346c70cbd3d", + "69a471e5e63da485b4ffd4dc9dcf2431", + "4251e58482f6bf5e505a213f120c6c8f", + "07a728517712d5059249f0d18f6de7eb", + "6ef68ac6e61ddb2ec8b7fb1e350fdab3", + "331f588849f90ca5f8ed7ce67bfe6899", + "e701349cd67d28640d12ad48bc204f10", + "9f1132e4806bc7e3c93555ff841ba42f", + "4a213bcda33ce7469b38cfd3a552d72d", + "1d07a86006d3033c205e70d6c7903995", + "214f4c66fede3e51fbc7b90e5aa5b512", + "b96013fd67a3db350e7d141384593bb2", + "d60d3c17cf8ecd6505de6e28c4bb6517", + "86bf70152f83fea6a5518f38790fc627", + "560b5c99171aa8e2d544f948338f85d1", + "3ccf91c089168054a99392268a18bcb7", + "492b66a7978ed8eb002ef48b6fd562f3", + "30c4946e4bcb823a34b29f2215f18942", + "0d0267ea32afbbcb1a67e2d7430e44dd", + "53997ea88b2b0ffc90826ae5db5ed3f5", + "1d7de7392ce16ab001f0bccb1fb6a2b8", + "b8afafb0369ca30a72a37105f906c57e", + "9a43b9f81433917ad7953129ca6ca4d0", + "ccb5b2d100638e321068672001a69eea", + "29616fe5bc1f0540e6bfaab0f9937ded", + "542fe05b8086fcc5428a0b07fccfa83b", + "0d7ec7e0c24e4a2631028d1d855132d5", + "9c971a58db1b5966fb62d78e9d14bb44", + "0ea1058e88d0b044bdaf426c51b55c5a", + "d06df963f8cb4b166fd1ad6aa37e6f6f", + "0eef95087f422a9be092225bfa01f561", + "6cbf1a878485c0216060dc8a1f6e19c2", + "5cb29fc93e43af40cd10292e675f0082", + "22739286e27a127789ac13211ef31bf2" + ] + ], + "prep_messages": [ + "baa2841ddb7c9165f4a782633dd7e92b49dd1b3442de0069c780f74a63cb53e6" + ], + "prep_shares": [ + [ + "66e14d38c90694ecaed6e1e6e54ff37f27eba1c272bf7ca7ab0768e3d1f75404ae6456b732d066ab74d4f2da6dcaa2494b444ff6c14e6773609eabc32282d9d456cc565ec94950085319139daef29568e2fa6699702a0d3aa4018d71a3c28b9cdf73ee692130d39de44328e3e4d49af0a5bd4b6f62bb3357eacc129f8e358c99388813e1976784d821d2babaedcd760d02a6fce712900190c3b95ccee4938267eca51216da0b13cd6c9c7978189efda79f847e987c4b6a31778cd1466a2967e22b6143d62e4e1229aa7f5ea7853901c6d542b0d5ab0fd6de397ae38bf935dd3b3521e9a9f0eb93b2a26dbdf9654d6c68562725cf6aeea09fed87fe61ed35d8d570a03cdeee9719af30cf68bd18cf728ad989db144725a3b8b81f6c7f12c1af0bdb7b5dead163e4ce99128251a44a6476b4a46cee9fd105411657e6dd313dc90a8bc37948a39bc02ee7a80168be082b4667085e83d49c770521af5a4baff811b9fa66d5dbb62e46d22ecd373679b0025334b8c93cb5aca96774a571d0601ab77d", + "9b1eb2c736f96b1335291e191ab00c80c464d3dc55c52b9f6d0a6c5d7ed0f01ccac1655435b03aec8c6f8aa8c6798e053ee915cb8a8b70d1582b242961f39b401db842439560a70ce333a273d4da9b37dc5fc812448a68f27bf39ef221b32b8c1d51e55b553ea3a4056d627a2e5b2ced712688d79553a0321c32cb1fb474da3b12ba32779614365afdfd645a8b3fa5178c2702c30745ab64a048340a733022bc5e4d60fbae27377187a09ee9d933ce06bb5851772b2f9c71d9e37a28078db2bd1f97bf8466cbf7dda8442d7f7af37c32b79c7d70e993ac0f2f44ece039290c13345318abde99a7db7b9fee2a33d5938d4b71eda2201dce4b4626e2f47757834fe9761e56d960409a891124141f1ff5a194b2245749a34f12514f0cf75774a86a4c3d78cad0829883f6c1f520ec2808c7279e2949fdb4d2ed8c2c519332588fc00d61f8fc19a8f4829a1853b60eba481c3177450712ccb1da331bd9ad3fd98d3e40ae4be243e624b1ffde96162c2fa48392128bd79d2861098ffc5ab20af7ec18" + ] + ], + "public_share": "fa66d5dbb62e46d22ecd373679b0025334b8c93cb5aca96774a571d0601ab77d40ae4be243e624b1ffde96162c2fa48392128bd79d2861098ffc5ab20af7ec18", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + }, + { + "input_shares": [ + "e720f2d625ee3cabce61d583c8c4054e82e8487025764348020264792b3d100f0c8c76f65caf04ee0e22373be0d61ac5fa6e2f2866078b31b90537e24416fad12aa44b74bb71c2548b15f78fb0d8a3086fac2e4faa9a82029b9d39b72ec7a5a4869eba63651472a34e9ac8faae3984215d731a67081c36c4ff2a7130e611df5ebb57ffcc3c44370131c88e16f74ad73ec6a27c9c6c632820ba2ced4b0061bac183c43194cb8dd492735c763e54b8db10143d28498127fcc54acce837c1d7f0955c852ea368195f3a075cff32745e4c36c68a06c8e5f6692f7668fc0688ee7b2fcd1be9e341e8eb5fb5b976d4058a686f56a1ed418b617499bd004287334052b4b479ae311ef97b5fbdf7c285dbbd0261234503e68f2902b94115adfcd6639945c28b47c7ad2575473a55ff0d299326b7e6f80364a4449715a002f0b0a84952fda92ed45cfe7bbd2cd7ba34a5ce1851268c2a8852c64e0abd11500fe8c87c1bf3d5e8a41b2794a64e56c44655aa8aa1371984ca99584500a1b6d769b2d74409a3c5718952c1bfb854e7a85c2a198afea15227b1172005f3b1b682767ef22a3a3b1c6251cb9c4527426a4e48171c6cadf645573fefda9aed7e3548849f846481a6ecac7d36be0e38ef28f6ae28909d229d556a44cdbb4fa61bdb8f627c062b161bc679640feee4c3d7584d20a6eb475f6635680f4a6321ed9c0031f0523632dba72c349963f6f0a58f982b347d76388501f6f0c16440230782fbb68c3605e94e1be01d6a321a353eeda86bbc36b2b898983cb994f99ebfd6d28a0c716e1a4710f13fad98148a00b7faf3c48c49cfbdb40fbffe0b3167d2e01c8f227a0631843a94eff15a613db675eeff55e451c37498faa4cf50c7cf5b51ff9e09715da14773e03a66869191058c64353056836665327b74321e0a1191bf4f400d5e315548da7108e40f80bea56f282d0d338e61449e9e66b0d7b25e0735987966a4a7d1d1d09234b74fed0bbf6fc996ad703dbf95cbc848d4d646f2cdc06fd956eb87de7fb213431206b92387190aff870f4259a840de9fd788a97451affebb1d2b65143c6107d7a8e35b7a63905c9e16071d38ab652451e4c156fe074362bfe672079ee42e2a264224d4c3090ae182088617fe2a87d493f6ebd36672456b3014d4c1bcafc105ec77f9bedf1a62a7a82ef70396c5f767dbd98873567275fac01a901016f214a2768a06e71ae20736fb5f974a8efe8760f4dc7e87f8223b451658ca0ef1ffa0052637d542f00af9813a344a82ab7008423f2be235dff4d6e37b055f8f5b78fe51a994bfacdcbae1faabe006ac32a9ccf69d1e1d721fae8055c3f58392bd8200edd08cde43b01a6fe803f496d8beb595ef1a121ed89f5cce5fb7f116c7bcfa1842bd64fffe2ee5e89610d6e5fc6ff7b2e60c409a6a7bc15045a728a079c9d453682fa0907b916e3188ddae01baefa5521cc966c6b9585fb4e68402792fc93e73b969f7e63743d20c2fd91bfcb938f342c2985b8e1a19c25b7a2f002b236230dbcebfae1a7b7d0940a193a5dec0edf39370fa58d7ae88ed2afa51b60f2e709218149309753919e224d11b4804e1caf0254ccee0a777b606f35aeb118319840197661afecb632982d79bd6ed52b743dfb0ef62eecd1b7f94381c1acaaa007be45bd0b7dec4325cc318b948c7302c5aad28d2e4f8579ff92cfcc3c3a18f29386fc66ae0b0b3990121c1aee83746f1a55a4aed489fec02985c24cad582ebec7ba6c44d2bf2c3e83071329ade2191d73b449ae87b408fead07c01593eae70c786f039d8abf4a366e8e5571d0ebb06b7cc707a2ec5306e3f76e97fab3a6c6dd975e74348b8d4995868712714e3d10b74902a9d0cd13b6b91b4347dc5af4d60ddea0e76bdf4fd9815cd504434c9981d28bcf1bb22ae66815774d4f003537d951a24a12c0ae48218c6d31e954fe20f4334e0495d474950504fc9635cf5715c8efa06f93a8167bc4607ebcc6e850c6aced635935b2f354a4d2eff9c71cdd39798dffe596115d89e901a43e0fabffd3f554f066c8212add01fa47f79033aa175f4f8033057c4f481381f3db1b5d9b2fd72e27aaecd2a6568e5a724e4a699e89c287162eb44bbf35efa71772f4fbb2650bd93ae4aa3a53192069c0734b4e9742e52955c819090f3106af780bdd564036ddda405fe0a9e9540e5787b7a3fde839f2375e091e63da54d6036c1bc50bf16efd6d198a0ff7de08c6d791d85ed885a53ecdee10ce40dd878d8b7b93954e80a0a008ae08698e74409c646c5089bf508d7b32589a4442c84c94b77dd83e10d4cbdcb0a8e9084ba58812ef6c40e078587f3c82140facd7e4a942a967e09580a4969fe4ff18a3c0156538253cf7271ee1be187ac03023eeb037d6b09093308cd5d6ebfccf11f43f9a9963431d1745088180bcd4d59e2bcb9241f4e73c5d72d390b47511a90b3e07f49dae42a11096070f11692f20f77c53b6067dba2171d959b5a2275debdd1a9c7a010efeb75b84ba5a7660b401376022d56817e423ccc9db1bc6b1d2b956782349d7c500986d7f0654e8fe3643715b99ec7334da180d4c011dcf727b2e0bacab1df94afd33a4b8f7bb66cda5811ea1500a00b158d660483287bc26bc04d01ae548ec804478df047de419cbfec2bde1051e1b50b8df92be4909a300094555983dcacf615ca79f394923721f1d9c3bf001adca7981fce37c38b216b2674cdf08e34a305dd18a5027553155ed527d6789e1b25a7b45e058ef22d4e3e352f008437c677e133839a824b3bf853bbf3a0a00f129037ff071aa7f85d8a68b8f2fb9f9b0cd9865270d4d64dce6f95d8206f8154bb3f7900f6fc5163edf7541f0421c5cec6752a580f2f4405aaef5d0a53324a8c5b7231d06018ed66ac4302eb0418001761c438288ca5606fee8d061c9c08c9874f6bc7f96802eae1af0b4b962cdb936179f589efdfb9293f0d90a559184d311562d8cee42e499e432705ef48f7a7f607fbcb02db1627dc54902e2db34de1ced1d27558386e1e0cf29a9062dae33e3ac72ad23684d519da66012bc1d0ce4e3c007205241ce0b4db71626c527eac887659328de482a6ffa7d96be9051c5ebf05cda2eb9304503fc70efe6a5cfe0a1e46367716635e55d261cf9c40e7e3c2f41bfc0042fa27072444a9769670867915853b8884ba5581ee038c8d56acb409e9ec1dd977ea6670dc2d550e79a692f688d398d5c710ead1a3752e7d9010a1e17cbe69e4699160baa7fdf64966aeaaae02132b3459e91c8ec1e2e8aaa38aaebdebde68fbdbe36a79c22540f26202c72d3f3b0c30d70ddeb8825a749f999688fc0865c8c8b576704a5eba421d7e6c3a6133bbac99496590bd3daa6f10f3fdd3adbd10c80362af8f96e2bd10d82091af91ce6a5eb7404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + ], + "measurement": 99, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "e720f2d625ee3cabce61d583c8c4054e", + "82e8487025764348020264792b3d100f", + "0c8c76f65caf04ee0e22373be0d61ac5", + "fa6e2f2866078b31b90537e24416fad1", + "2aa44b74bb71c2548b15f78fb0d8a308", + "6fac2e4faa9a82029b9d39b72ec7a5a4", + "869eba63651472a34e9ac8faae398421", + "5d731a67081c36c4ff2a7130e611df5e", + "bb57ffcc3c44370131c88e16f74ad73e", + "c6a27c9c6c632820ba2ced4b0061bac1", + "83c43194cb8dd492735c763e54b8db10", + "143d28498127fcc54acce837c1d7f095", + "5c852ea368195f3a075cff32745e4c36", + "c68a06c8e5f6692f7668fc0688ee7b2f", + "cd1be9e341e8eb5fb5b976d4058a686f", + "56a1ed418b617499bd004287334052b4", + "b479ae311ef97b5fbdf7c285dbbd0261", + "234503e68f2902b94115adfcd6639945", + "c28b47c7ad2575473a55ff0d299326b7", + "e6f80364a4449715a002f0b0a84952fd", + "a92ed45cfe7bbd2cd7ba34a5ce185126", + "8c2a8852c64e0abd11500fe8c87c1bf3", + "d5e8a41b2794a64e56c44655aa8aa137", + "1984ca99584500a1b6d769b2d74409a3", + "c5718952c1bfb854e7a85c2a198afea1", + "5227b1172005f3b1b682767ef22a3a3b", + "1c6251cb9c4527426a4e48171c6cadf6", + "45573fefda9aed7e3548849f846481a6", + "ecac7d36be0e38ef28f6ae28909d229d", + "556a44cdbb4fa61bdb8f627c062b161b", + "c679640feee4c3d7584d20a6eb475f66", + "35680f4a6321ed9c0031f0523632dba7", + "2c349963f6f0a58f982b347d76388501", + "f6f0c16440230782fbb68c3605e94e1b", + "e01d6a321a353eeda86bbc36b2b89898", + "3cb994f99ebfd6d28a0c716e1a4710f1", + "3fad98148a00b7faf3c48c49cfbdb40f", + "bffe0b3167d2e01c8f227a0631843a94", + "eff15a613db675eeff55e451c37498fa", + "a4cf50c7cf5b51ff9e09715da14773e0", + "3a66869191058c64353056836665327b", + "74321e0a1191bf4f400d5e315548da71", + "08e40f80bea56f282d0d338e61449e9e", + "66b0d7b25e0735987966a4a7d1d1d092", + "34b74fed0bbf6fc996ad703dbf95cbc8", + "48d4d646f2cdc06fd956eb87de7fb213", + "431206b92387190aff870f4259a840de", + "9fd788a97451affebb1d2b65143c6107", + "d7a8e35b7a63905c9e16071d38ab6524", + "51e4c156fe074362bfe672079ee42e2a", + "264224d4c3090ae182088617fe2a87d4", + "93f6ebd36672456b3014d4c1bcafc105", + "ec77f9bedf1a62a7a82ef70396c5f767", + "dbd98873567275fac01a901016f214a2", + "768a06e71ae20736fb5f974a8efe8760", + "f4dc7e87f8223b451658ca0ef1ffa005", + "2637d542f00af9813a344a82ab700842", + "3f2be235dff4d6e37b055f8f5b78fe51", + "a994bfacdcbae1faabe006ac32a9ccf6", + "9d1e1d721fae8055c3f58392bd8200ed", + "d08cde43b01a6fe803f496d8beb595ef", + "1a121ed89f5cce5fb7f116c7bcfa1842", + "bd64fffe2ee5e89610d6e5fc6ff7b2e6", + "0c409a6a7bc15045a728a079c9d45368", + "2fa0907b916e3188ddae01baefa5521c", + "c966c6b9585fb4e68402792fc93e73b9", + "69f7e63743d20c2fd91bfcb938f342c2", + "985b8e1a19c25b7a2f002b236230dbce", + "bfae1a7b7d0940a193a5dec0edf39370", + "fa58d7ae88ed2afa51b60f2e70921814", + "9309753919e224d11b4804e1caf0254c", + "cee0a777b606f35aeb11831984019766", + "1afecb632982d79bd6ed52b743dfb0ef", + "62eecd1b7f94381c1acaaa007be45bd0", + "b7dec4325cc318b948c7302c5aad28d2", + "e4f8579ff92cfcc3c3a18f29386fc66a", + "e0b0b3990121c1aee83746f1a55a4aed", + "489fec02985c24cad582ebec7ba6c44d", + "2bf2c3e83071329ade2191d73b449ae8", + "7b408fead07c01593eae70c786f039d8", + "abf4a366e8e5571d0ebb06b7cc707a2e", + "c5306e3f76e97fab3a6c6dd975e74348", + "b8d4995868712714e3d10b74902a9d0c", + "d13b6b91b4347dc5af4d60ddea0e76bd", + "f4fd9815cd504434c9981d28bcf1bb22", + "ae66815774d4f003537d951a24a12c0a", + "e48218c6d31e954fe20f4334e0495d47", + "4950504fc9635cf5715c8efa06f93a81", + "67bc4607ebcc6e850c6aced635935b2f", + "354a4d2eff9c71cdd39798dffe596115", + "d89e901a43e0fabffd3f554f066c8212", + "add01fa47f79033aa175f4f8033057c4", + "f481381f3db1b5d9b2fd72e27aaecd2a", + "6568e5a724e4a699e89c287162eb44bb", + "f35efa71772f4fbb2650bd93ae4aa3a5", + "3192069c0734b4e9742e52955c819090", + "f3106af780bdd564036ddda405fe0a9e", + "9540e5787b7a3fde839f2375e091e63d", + "a54d6036c1bc50bf16efd6d198a0ff7d", + "e08c6d791d85ed885a53ecdee10ce40d" + ], + [ + "1adf0d29da11c354159e2a7c373bfab1", + "7f17b78fda89bcb7e1fd9b86d4c2eff0", + "f5738909a350fb11d5ddc8c41f29e53a", + "0791d0d799f874ce2afac81dbbe9052e", + "d75bb48b448e3dab58ea08704f275cf7", + "9253d1b055657dfd4862c648d1385a5b", + "7b61459c9aeb8d5c9565370551c67bde", + "a48ce598f7e3c93be4d48ecf19ee20a1", + "46a80033c3bbc8feb23771e908b528c1", + "3b5d8363939cd7df29d312b4ff9e453e", + "7e3bce6b34722b6d70a389c1ab4724ef", + "edc2d7b67ed8033a993317c83e280f6a", + "a57ad15c97e6a0c5dca300cd8ba1b3c9", + "3b75f9371a0996d06d9703f9771184d0", + "34e4161cbe1714a02e46892bfa759790", + "ab5e12be749e8b6626ffbd78ccbfad4b", + "4d8651cee10684a026083d7a2442fd9e", + "debafc1970d6fd46a2ea5203299c66ba", + "3f74b83852da8ab8a9aa00f2d66cd948", + "1b07fc9b5bbb68ea43fd0f4f57b6ad02", + "58d12ba3018442d30c45cb5a31e7aed9", + "75d577ad39b1f542d2aff0173783e40c", + "2c175be4d86b59b18d3bb9aa55755ec8", + "e87b3566a7baff5e2d28964d28bbf65c", + "3c8e76ad3e4047abfc56a3d5e675015e", + "afd84ee8dffa0c4e2d7d89810dd5c5c4", + "e59dae3463bad8bd79b1b7e8e3935209", + "bca8c01025651281aeb77b607b9b7e59", + "155382c941f1c710bb0951d76f62dd62", + "ac95bb3244b059e408709d83f9d4e9e4", + "3b869bf0111b3c288bb2df5914b8a099", + "cc97f0b59cde1263e3ce0fadc9cd2458", + "d5cb669c090f5a704bd4cb8289c77afe", + "0b0f3e9bbfdcf87de84873c9fa16b1e4", + "21e295cde5cac1123b9443c94d476767", + "c5466b066140292d59f38e91e5b8ef0e", + "c25267eb75ff4805f03a73b630424bf0", + "4201f4ce982d1fe354dd85f9ce7bc56b", + "120ea59ec2498a11e4a91bae3c8b6705", + "5d30af3830a4ae0045f68ea25eb88c1f", + "c799796e6efa739baecfa97c999acd84", + "8dcde1f5ee6e40b0a3f2a1ceaab7258e", + "f91bf07f415a90d7b6f2cc719ebb6161", + "9b4f284da1f8ca676a995b582e2e2f6d", + "cd48b012f44090364d528fc2406a3437", + "b92b29b90d323f900aa9147821804dec", + "beedf946dc78e6f5e477f0bda657bf21", + "622877568bae500128e2d49aebc39ef8", + "2a571ca4859c6fa345e9f8e2c7549adb", + "b01b3ea901f8bc9d24198df8611bd1d5", + "dbbddb2b3cf6f51e61f779e801d5782b", + "6e09142c998dba94b3eb2b3e43503efa", + "1588064120e59d583bd108fc693a0898", + "2626778ca98d8a0523e56fefe90deb5d", + "8b75f918e51df8c9e89f68b57101789f", + "0d23817807ddc4bacda735f10e005ffa", + "dbc82abd0ff5067ea9cbb57d548ff7bd", + "c2d41dca200b291c68faa070a48701ae", + "586b405323451e05381ff953cd563309", + "64e1e28de0517faa200a7c6d427dff12", + "317321bc4fe59017e00b6927414a6a10", + "e7ede12760a331a02c0ee9384305e7bd", + "449b0001d11a1769d3291a0390084d19", + "f5bf6595843eafba3cd75f86362bac97", + "d25f6f846e91ce770651fe45105aade3", + "38993946a7a04b195ffd86d036c18c46", + "980819c8bc2df3d00ae40346c70cbd3d", + "69a471e5e63da485b4ffd4dc9dcf2431", + "4251e58482f6bf5e505a213f120c6c8f", + "07a728517712d5059249f0d18f6de7eb", + "6ef68ac6e61ddb2ec8b7fb1e350fdab3", + "331f588849f90ca5f8ed7ce67bfe6899", + "e701349cd67d28640d12ad48bc204f10", + "9f1132e4806bc7e3c93555ff841ba42f", + "4a213bcda33ce7469b38cfd3a552d72d", + "1d07a86006d3033c205e70d6c7903995", + "214f4c66fede3e51fbc7b90e5aa5b512", + "b96013fd67a3db350e7d141384593bb2", + "d60d3c17cf8ecd6505de6e28c4bb6517", + "86bf70152f83fea6a5518f38790fc627", + "560b5c99171aa8e2d544f948338f85d1", + "3ccf91c089168054a99392268a18bcb7", + "492b66a7978ed8eb002ef48b6fd562f3", + "30c4946e4bcb823a34b29f2215f18942", + "0d0267ea32afbbcb1a67e2d7430e44dd", + "53997ea88b2b0ffc90826ae5db5ed3f5", + "1d7de7392ce16ab001f0bccb1fb6a2b8", + "b8afafb0369ca30a72a37105f906c57e", + "9a43b9f81433917ad7953129ca6ca4d0", + "ccb5b2d100638e321068672001a69eea", + "29616fe5bc1f0540e6bfaab0f9937ded", + "542fe05b8086fcc5428a0b07fccfa83b", + "0d7ec7e0c24e4a2631028d1d855132d5", + "9c971a58db1b5966fb62d78e9d14bb44", + "0ea1058e88d0b044bdaf426c51b55c5a", + "d06df963f8cb4b166fd1ad6aa37e6f6f", + "0eef95087f422a9be092225bfa01f561", + "6cbf1a878485c0216060dc8a1f6e19c2", + "5cb29fc93e43af40cd10292e675f0082", + "22739286e27a127789ac13211ef31bf2" + ] + ], + "prep_messages": [ + "0900d619e75cda06ed8b38db0a1d1ada2c3570643374d4d0223b63bd9f4ed7b6" + ], + "prep_shares": [ + [ + "66e14d38c90694ecaed6e1e6e54ff37fce4abb3d00eb8a7dd7c26bc25d0fffaeae6456b732d066ab74d4f2da6dcaa249f8525a13e33a3bd9950fde34fd1f1d3256cc565ec94950085319139daef29568048c2943883dfda634b6ff5c49709e1f1771b890a81981bd862ff9eb352d2c7a39f5100e20caac624a0e0279a449195f388813e1976784d821d2babaedcd760db60e161a0259afafd537e1db1485813ceca51216da0b13cd6c9c7978189efda752c1051f95d025b237f3884902f3e8842b6143d62e4e1229aa7f5ea7853901c63f6afb66440558221790880305179b633521e9a9f0eb93b2a26dbdf9654d6c688698126d4789f557989863634d3ca19f70a03cdeee9719af30cf68bd18cf728afda6370e8e6197bd6c7390d0aefb3f3adb7b5dead163e4ce99128251a44a64763141fa7df5e74394166bc1636804bef37b44255378dc49c5a4cae709ea3485165a149b4a733d2c76efca5b9af9ea34342fecd68b2f22c7d563da5c4e5206638d88f2b13480cc62d18a56960eae5848ce", + "9b1eb2c736f96b1335291e191ab00c801e05ba61c8991dc9254f687ef2b84672cac1655435b03aec8c6f8aa8c6798e0591da0aae699f9c6b23baf1b7865558e31db842439560a70ce333a273d4da9b37dbcf3289b790c1c043355fec8cc50a591d51e55b553ea3a4056d627a2e5b2cedddeec238d8442727bcf0db459e604d7612ba32779614365afdfd645a8b3fa517d8bee890187cfd448ecaaffc423f23e75e4d60fbae27377187a09ee9d933ce06071ccaf012aae0f0347dc3256fc3301b1f97bf8466cbf7dda8442d7f7af37c324e7532df509e2acc352e47692e484eeb345318abde99a7db7b9fee2a33d5938d1b000005448279939b157df31751ba85e9761e56d960409a891124141f1ff5a17095c85d02675b0d9dfbe7a5bb39183c4c3d78cad0829883f6c1f520ec2808c73aa5446dd7c86fa6e62df1e1a69033d40d61f8fc19a8f4829a1853b60eba481c3177450712ccb1da331bd9ad3fd98d3e40ae4be243e624b1ffde96162c2fa48392128bd79d2861098ffc5ab20af7ec18" + ] + ], + "public_share": "2fecd68b2f22c7d563da5c4e5206638d88f2b13480cc62d18a56960eae5848ce40ae4be243e624b1ffde96162c2fa48392128bd79d2861098ffc5ab20af7ec18", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + }, + { + "input_shares": [ + "e720f2d625ee3cabce61d583c8c4054e82e8487025764348020264792b3d100f0c8c76f65caf04ee0e22373be0d61ac5fa6e2f2866078b31b90537e24416fad12aa44b74bb71c2548b15f78fb0d8a3086fac2e4faa9a82029b9d39b72ec7a5a4869eba63651472a34e9ac8faae3984215d731a67081c36c4ff2a7130e611df5ebb57ffcc3c44370131c88e16f74ad73ec6a27c9c6c632820ba2ced4b0061bac183c43194cb8dd492735c763e54b8db10143d28498127fcc54acce837c1d7f0955c852ea368195f3a075cff32745e4c36c68a06c8e5f6692f7668fc0688ee7b2fcd1be9e341e8eb5fb5b976d4058a686f56a1ed418b617499bd004287334052b4b479ae311ef97b5fbdf7c285dbbd0261234503e68f2902b94115adfcd6639945c28b47c7ad2575473a55ff0d299326b7e6f80364a4449715a002f0b0a84952fda92ed45cfe7bbd2cd7ba34a5ce1851268c2a8852c64e0abd11500fe8c87c1bf3d5e8a41b2794a64e56c44655aa8aa1371984ca99584500a1b6d769b2d74409a3c5718952c1bfb854e7a85c2a198afea15227b1172005f3b1b682767ef22a3a3b1c6251cb9c4527426a4e48171c6cadf645573fefda9aed7e3548849f846481a6ecac7d36be0e38ef28f6ae28909d229d556a44cdbb4fa61bdb8f627c062b161bc679640feee4c3d7584d20a6eb475f6635680f4a6321ed9c0031f0523632dba72c349963f6f0a58f982b347d76388501f6f0c16440230782fbb68c3605e94e1be01d6a321a353eeda86bbc36b2b898983cb994f99ebfd6d28a0c716e1a4710f13fad98148a00b7faf3c48c49cfbdb40fbffe0b3167d2e01c8f227a0631843a94eff15a613db675eeff55e451c37498faa4cf50c7cf5b51ff9e09715da14773e03a66869191058c64353056836665327b74321e0a1191bf4f400d5e315548da7108e40f80bea56f282d0d338e61449e9e66b0d7b25e0735987966a4a7d1d1d09234b74fed0bbf6fc996ad703dbf95cbc848d4d646f2cdc06fd956eb87de7fb213431206b92387190aff870f4259a840de9fd788a97451affebb1d2b65143c6107d7a8e35b7a63905c9e16071d38ab652451e4c156fe074362bfe672079ee42e2a264224d4c3090ae182088617fe2a87d493f6ebd36672456b3014d4c1bcafc105ec77f9bedf1a62a7a82ef70396c5f767dbd98873567275fac01a901016f214a2768a06e71ae20736fb5f974a8efe8760f4dc7e87f8223b451658ca0ef1ffa0052637d542f00af9813a344a82ab7008423f2be235dff4d6e37b055f8f5b78fe51a994bfacdcbae1faabe006ac32a9ccf69d1e1d721fae8055c3f58392bd8200edd08cde43b01a6fe803f496d8beb595ef1a121ed89f5cce5fb7f116c7bcfa1842bd64fffe2ee5e89610d6e5fc6ff7b2e60c409a6a7bc15045a728a079c9d453682fa0907b916e3188ddae01baefa5521cc966c6b9585fb4e68402792fc93e73b969f7e63743d20c2fd91bfcb938f342c2985b8e1a19c25b7a2f002b236230dbcebfae1a7b7d0940a193a5dec0edf39370fa58d7ae88ed2afa51b60f2e709218149309753919e224d11b4804e1caf0254ccee0a777b606f35aeb118319840197661afecb632982d79bd6ed52b743dfb0ef62eecd1b7f94381c1acaaa007be45bd0b7dec4325cc318b948c7302c5aad28d2e4f8579ff92cfcc3c3a18f29386fc66ae0b0b3990121c1aee83746f1a55a4aed489fec02985c24cad582ebec7ba6c44d2bf2c3e83071329ade2191d73b449ae87b408fead07c01593eae70c786f039d8abf4a366e8e5571d0ebb06b7cc707a2ec5306e3f76e97fab3a6c6dd975e74348b8d4995868712714e3d10b74902a9d0cd13b6b91b4347dc5af4d60ddea0e76bdf4fd9815cd504434c9981d28bcf1bb22ae66815774d4f003537d951a24a12c0ae48218c6d31e954fe20f4334e0495d474950504fc9635cf5715c8efa06f93a8167bc4607ebcc6e850c6aced635935b2f354a4d2eff9c71cdd39798dffe596115d89e901a43e0fabffd3f554f066c8212add01fa47f79033aa175f4f8033057c4f481381f3db1b5d9b2fd72e27aaecd2a6568e5a724e4a699e89c287162eb44bbf35efa71772f4fbb2650bd93ae4aa3a53192069c0734b4e9742e52955c819090f3106af780bdd564036ddda405fe0a9e9540e5787b7a3fde839f2375e091e63da54d6036c1bc50bf16efd6d198a0ff7de08c6d791d85ed885a53ecdee10ce40dd878d8b7b93954e80a0a008ae08698e74409c646c5089bf508d7b32589a4442c84c94b77dd83e10d4cbdcb0a8e9084ba58812ef6c40e078587f3c82140facd7e4a942a967e09580a4969fe4ff18a3c0156538253cf7271ee1be187ac03023eeb037d6b09093308cd5d6ebfccf11f43f9a9963431d1745088180bcd4d59e2bcb9241f4e73c5d72d390b47511a90b3e07f49dae42a11096070f11692f20f77c53b6067dba2171d959b5a2275debdd1a9c7a010efeb75b84ba5a7660b401376022d56817e423ccc9db1bc6b1d2b956782349d7c500986d7f0654e8fe3643715b99ec7334da180d4c011dcf727b2e0bacab1df94afd33a4b8f7bb66cda5811ea1500a00b158d660483287bc26bc04d01ae548ec804478df047de419cbfec2bde1051e1b50b8df92be4909a300094555983dcacf615ca79f394923721f1d9c3bf001adca7981fce37c38b216b2674cdf08e34a305dd18a5027553155ed527d6789e1b25a7b45e058ef22d4e3e352f008437c677e133839a824b3bf853bbf3a0a00f129037ff071aa7f85d8a68b8f2fb9f9b0cd9865270d4d64dce6f95d8206f8154bb3f7900f6fc5163edf7541f0421c5cec6752a580f2f4405aaef5d0a53324a8c5b7231d06018ed66ac4302eb0418001761c438288ca5606fee8d061c9c08c9874f6bc7f96802eae1af0b4b962cdb936179f589efdfb9293f0d90a559184d311562d8cee42e499e432705ef48f7a7f607fbcb02db1627dc54902e2db34de1ced1d27558386e1e0cf29a9062dae33e3ac72ad23684d519da66012bc1d0ce4e3c007205241ce0b4db71626c527eac887659328de482a6ffa7d96be9051c5ebf05cda2eb9304503fc70efe6a5cfe0a1e46367716635e55d261cf9c40e7e3c2f41bfc0042fa27072444a9769670867915853b8884ba5581ee038c8d56acb409e9ec1dd977ea6670dc2d550e79a692f688d398d5c710ead1a3752e7d9010a1e17cbe69e4699160baa7fdf64966aeaaae02132b3459e91c8ec1e2e8aaa38aaebdebde68fbdbe36a79c22540f26202c72d3f3b0c30d70ddeb8825a749f999688fc0865c8c8b576704a5eba421d7e6c3a6133bbac99496590bd3daa6f10f3fdd3adbd10c80362af8f96e2bd10d82091af91ce6a5eb7404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + ], + "measurement": 99, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "e720f2d625ee3cabce61d583c8c4054e", + "82e8487025764348020264792b3d100f", + "0c8c76f65caf04ee0e22373be0d61ac5", + "fa6e2f2866078b31b90537e24416fad1", + "2aa44b74bb71c2548b15f78fb0d8a308", + "6fac2e4faa9a82029b9d39b72ec7a5a4", + "869eba63651472a34e9ac8faae398421", + "5d731a67081c36c4ff2a7130e611df5e", + "bb57ffcc3c44370131c88e16f74ad73e", + "c6a27c9c6c632820ba2ced4b0061bac1", + "83c43194cb8dd492735c763e54b8db10", + "143d28498127fcc54acce837c1d7f095", + "5c852ea368195f3a075cff32745e4c36", + "c68a06c8e5f6692f7668fc0688ee7b2f", + "cd1be9e341e8eb5fb5b976d4058a686f", + "56a1ed418b617499bd004287334052b4", + "b479ae311ef97b5fbdf7c285dbbd0261", + "234503e68f2902b94115adfcd6639945", + "c28b47c7ad2575473a55ff0d299326b7", + "e6f80364a4449715a002f0b0a84952fd", + "a92ed45cfe7bbd2cd7ba34a5ce185126", + "8c2a8852c64e0abd11500fe8c87c1bf3", + "d5e8a41b2794a64e56c44655aa8aa137", + "1984ca99584500a1b6d769b2d74409a3", + "c5718952c1bfb854e7a85c2a198afea1", + "5227b1172005f3b1b682767ef22a3a3b", + "1c6251cb9c4527426a4e48171c6cadf6", + "45573fefda9aed7e3548849f846481a6", + "ecac7d36be0e38ef28f6ae28909d229d", + "556a44cdbb4fa61bdb8f627c062b161b", + "c679640feee4c3d7584d20a6eb475f66", + "35680f4a6321ed9c0031f0523632dba7", + "2c349963f6f0a58f982b347d76388501", + "f6f0c16440230782fbb68c3605e94e1b", + "e01d6a321a353eeda86bbc36b2b89898", + "3cb994f99ebfd6d28a0c716e1a4710f1", + "3fad98148a00b7faf3c48c49cfbdb40f", + "bffe0b3167d2e01c8f227a0631843a94", + "eff15a613db675eeff55e451c37498fa", + "a4cf50c7cf5b51ff9e09715da14773e0", + "3a66869191058c64353056836665327b", + "74321e0a1191bf4f400d5e315548da71", + "08e40f80bea56f282d0d338e61449e9e", + "66b0d7b25e0735987966a4a7d1d1d092", + "34b74fed0bbf6fc996ad703dbf95cbc8", + "48d4d646f2cdc06fd956eb87de7fb213", + "431206b92387190aff870f4259a840de", + "9fd788a97451affebb1d2b65143c6107", + "d7a8e35b7a63905c9e16071d38ab6524", + "51e4c156fe074362bfe672079ee42e2a", + "264224d4c3090ae182088617fe2a87d4", + "93f6ebd36672456b3014d4c1bcafc105", + "ec77f9bedf1a62a7a82ef70396c5f767", + "dbd98873567275fac01a901016f214a2", + "768a06e71ae20736fb5f974a8efe8760", + "f4dc7e87f8223b451658ca0ef1ffa005", + "2637d542f00af9813a344a82ab700842", + "3f2be235dff4d6e37b055f8f5b78fe51", + "a994bfacdcbae1faabe006ac32a9ccf6", + "9d1e1d721fae8055c3f58392bd8200ed", + "d08cde43b01a6fe803f496d8beb595ef", + "1a121ed89f5cce5fb7f116c7bcfa1842", + "bd64fffe2ee5e89610d6e5fc6ff7b2e6", + "0c409a6a7bc15045a728a079c9d45368", + "2fa0907b916e3188ddae01baefa5521c", + "c966c6b9585fb4e68402792fc93e73b9", + "69f7e63743d20c2fd91bfcb938f342c2", + "985b8e1a19c25b7a2f002b236230dbce", + "bfae1a7b7d0940a193a5dec0edf39370", + "fa58d7ae88ed2afa51b60f2e70921814", + "9309753919e224d11b4804e1caf0254c", + "cee0a777b606f35aeb11831984019766", + "1afecb632982d79bd6ed52b743dfb0ef", + "62eecd1b7f94381c1acaaa007be45bd0", + "b7dec4325cc318b948c7302c5aad28d2", + "e4f8579ff92cfcc3c3a18f29386fc66a", + "e0b0b3990121c1aee83746f1a55a4aed", + "489fec02985c24cad582ebec7ba6c44d", + "2bf2c3e83071329ade2191d73b449ae8", + "7b408fead07c01593eae70c786f039d8", + "abf4a366e8e5571d0ebb06b7cc707a2e", + "c5306e3f76e97fab3a6c6dd975e74348", + "b8d4995868712714e3d10b74902a9d0c", + "d13b6b91b4347dc5af4d60ddea0e76bd", + "f4fd9815cd504434c9981d28bcf1bb22", + "ae66815774d4f003537d951a24a12c0a", + "e48218c6d31e954fe20f4334e0495d47", + "4950504fc9635cf5715c8efa06f93a81", + "67bc4607ebcc6e850c6aced635935b2f", + "354a4d2eff9c71cdd39798dffe596115", + "d89e901a43e0fabffd3f554f066c8212", + "add01fa47f79033aa175f4f8033057c4", + "f481381f3db1b5d9b2fd72e27aaecd2a", + "6568e5a724e4a699e89c287162eb44bb", + "f35efa71772f4fbb2650bd93ae4aa3a5", + "3192069c0734b4e9742e52955c819090", + "f3106af780bdd564036ddda405fe0a9e", + "9540e5787b7a3fde839f2375e091e63d", + "a54d6036c1bc50bf16efd6d198a0ff7d", + "e08c6d791d85ed885a53ecdee10ce40d" + ], + [ + "1adf0d29da11c354159e2a7c373bfab1", + "7f17b78fda89bcb7e1fd9b86d4c2eff0", + "f5738909a350fb11d5ddc8c41f29e53a", + "0791d0d799f874ce2afac81dbbe9052e", + "d75bb48b448e3dab58ea08704f275cf7", + "9253d1b055657dfd4862c648d1385a5b", + "7b61459c9aeb8d5c9565370551c67bde", + "a48ce598f7e3c93be4d48ecf19ee20a1", + "46a80033c3bbc8feb23771e908b528c1", + "3b5d8363939cd7df29d312b4ff9e453e", + "7e3bce6b34722b6d70a389c1ab4724ef", + "edc2d7b67ed8033a993317c83e280f6a", + "a57ad15c97e6a0c5dca300cd8ba1b3c9", + "3b75f9371a0996d06d9703f9771184d0", + "34e4161cbe1714a02e46892bfa759790", + "ab5e12be749e8b6626ffbd78ccbfad4b", + "4d8651cee10684a026083d7a2442fd9e", + "debafc1970d6fd46a2ea5203299c66ba", + "3f74b83852da8ab8a9aa00f2d66cd948", + "1b07fc9b5bbb68ea43fd0f4f57b6ad02", + "58d12ba3018442d30c45cb5a31e7aed9", + "75d577ad39b1f542d2aff0173783e40c", + "2c175be4d86b59b18d3bb9aa55755ec8", + "e87b3566a7baff5e2d28964d28bbf65c", + "3c8e76ad3e4047abfc56a3d5e675015e", + "afd84ee8dffa0c4e2d7d89810dd5c5c4", + "e59dae3463bad8bd79b1b7e8e3935209", + "bca8c01025651281aeb77b607b9b7e59", + "155382c941f1c710bb0951d76f62dd62", + "ac95bb3244b059e408709d83f9d4e9e4", + "3b869bf0111b3c288bb2df5914b8a099", + "cc97f0b59cde1263e3ce0fadc9cd2458", + "d5cb669c090f5a704bd4cb8289c77afe", + "0b0f3e9bbfdcf87de84873c9fa16b1e4", + "21e295cde5cac1123b9443c94d476767", + "c5466b066140292d59f38e91e5b8ef0e", + "c25267eb75ff4805f03a73b630424bf0", + "4201f4ce982d1fe354dd85f9ce7bc56b", + "120ea59ec2498a11e4a91bae3c8b6705", + "5d30af3830a4ae0045f68ea25eb88c1f", + "c799796e6efa739baecfa97c999acd84", + "8dcde1f5ee6e40b0a3f2a1ceaab7258e", + "f91bf07f415a90d7b6f2cc719ebb6161", + "9b4f284da1f8ca676a995b582e2e2f6d", + "cd48b012f44090364d528fc2406a3437", + "b92b29b90d323f900aa9147821804dec", + "beedf946dc78e6f5e477f0bda657bf21", + "622877568bae500128e2d49aebc39ef8", + "2a571ca4859c6fa345e9f8e2c7549adb", + "b01b3ea901f8bc9d24198df8611bd1d5", + "dbbddb2b3cf6f51e61f779e801d5782b", + "6e09142c998dba94b3eb2b3e43503efa", + "1588064120e59d583bd108fc693a0898", + "2626778ca98d8a0523e56fefe90deb5d", + "8b75f918e51df8c9e89f68b57101789f", + "0d23817807ddc4bacda735f10e005ffa", + "dbc82abd0ff5067ea9cbb57d548ff7bd", + "c2d41dca200b291c68faa070a48701ae", + "586b405323451e05381ff953cd563309", + "64e1e28de0517faa200a7c6d427dff12", + "317321bc4fe59017e00b6927414a6a10", + "e7ede12760a331a02c0ee9384305e7bd", + "449b0001d11a1769d3291a0390084d19", + "f5bf6595843eafba3cd75f86362bac97", + "d25f6f846e91ce770651fe45105aade3", + "38993946a7a04b195ffd86d036c18c46", + "980819c8bc2df3d00ae40346c70cbd3d", + "69a471e5e63da485b4ffd4dc9dcf2431", + "4251e58482f6bf5e505a213f120c6c8f", + "07a728517712d5059249f0d18f6de7eb", + "6ef68ac6e61ddb2ec8b7fb1e350fdab3", + "331f588849f90ca5f8ed7ce67bfe6899", + "e701349cd67d28640d12ad48bc204f10", + "9f1132e4806bc7e3c93555ff841ba42f", + "4a213bcda33ce7469b38cfd3a552d72d", + "1d07a86006d3033c205e70d6c7903995", + "214f4c66fede3e51fbc7b90e5aa5b512", + "b96013fd67a3db350e7d141384593bb2", + "d60d3c17cf8ecd6505de6e28c4bb6517", + "86bf70152f83fea6a5518f38790fc627", + "560b5c99171aa8e2d544f948338f85d1", + "3ccf91c089168054a99392268a18bcb7", + "492b66a7978ed8eb002ef48b6fd562f3", + "30c4946e4bcb823a34b29f2215f18942", + "0d0267ea32afbbcb1a67e2d7430e44dd", + "53997ea88b2b0ffc90826ae5db5ed3f5", + "1d7de7392ce16ab001f0bccb1fb6a2b8", + "b8afafb0369ca30a72a37105f906c57e", + "9a43b9f81433917ad7953129ca6ca4d0", + "ccb5b2d100638e321068672001a69eea", + "29616fe5bc1f0540e6bfaab0f9937ded", + "542fe05b8086fcc5428a0b07fccfa83b", + "0d7ec7e0c24e4a2631028d1d855132d5", + "9c971a58db1b5966fb62d78e9d14bb44", + "0ea1058e88d0b044bdaf426c51b55c5a", + "d06df963f8cb4b166fd1ad6aa37e6f6f", + "0eef95087f422a9be092225bfa01f561", + "6cbf1a878485c0216060dc8a1f6e19c2", + "5cb29fc93e43af40cd10292e675f0082", + "22739286e27a127789ac13211ef31bf2" + ] + ], + "prep_messages": [ + "0900d619e75cda06ed8b38db0a1d1ada2c3570643374d4d0223b63bd9f4ed7b6" + ], + "prep_shares": [ + [ + "66e14d38c90694ecaed6e1e6e54ff37fce4abb3d00eb8a7dd7c26bc25d0fffaeae6456b732d066ab74d4f2da6dcaa249f8525a13e33a3bd9950fde34fd1f1d3256cc565ec94950085319139daef29568048c2943883dfda634b6ff5c49709e1f1771b890a81981bd862ff9eb352d2c7a39f5100e20caac624a0e0279a449195f388813e1976784d821d2babaedcd760db60e161a0259afafd537e1db1485813ceca51216da0b13cd6c9c7978189efda752c1051f95d025b237f3884902f3e8842b6143d62e4e1229aa7f5ea7853901c63f6afb66440558221790880305179b633521e9a9f0eb93b2a26dbdf9654d6c688698126d4789f557989863634d3ca19f70a03cdeee9719af30cf68bd18cf728afda6370e8e6197bd6c7390d0aefb3f3adb7b5dead163e4ce99128251a44a64763141fa7df5e74394166bc1636804bef37b44255378dc49c5a4cae709ea3485165a149b4a733d2c76efca5b9af9ea34342fecd68b2f22c7d563da5c4e5206638d88f2b13480cc62d18a56960eae5848ce", + "9b1eb2c736f96b1335291e191ab00c801e05ba61c8991dc9254f687ef2b84672cac1655435b03aec8c6f8aa8c6798e0591da0aae699f9c6b23baf1b7865558e31db842439560a70ce333a273d4da9b37dbcf3289b790c1c043355fec8cc50a591d51e55b553ea3a4056d627a2e5b2cedddeec238d8442727bcf0db459e604d7612ba32779614365afdfd645a8b3fa517d8bee890187cfd448ecaaffc423f23e75e4d60fbae27377187a09ee9d933ce06071ccaf012aae0f0347dc3256fc3301b1f97bf8466cbf7dda8442d7f7af37c324e7532df509e2acc352e47692e484eeb345318abde99a7db7b9fee2a33d5938d1b000005448279939b157df31751ba85e9761e56d960409a891124141f1ff5a17095c85d02675b0d9dfbe7a5bb39183c4c3d78cad0829883f6c1f520ec2808c73aa5446dd7c86fa6e62df1e1a69033d40d61f8fc19a8f4829a1853b60eba481c3177450712ccb1da331bd9ad3fd98d3e40ae4be243e624b1ffde96162c2fa48392128bd79d2861098ffc5ab20af7ec18" + ] + ], + "public_share": "2fecd68b2f22c7d563da5c4e5206638d88f2b13480cc62d18a56960eae5848ce40ae4be243e624b1ffde96162c2fa48392128bd79d2861098ffc5ab20af7ec18", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + }, + { + "input_shares": [ + "e720f2d625ee3cabce61d583c8c4054e82e8487025764348020264792b3d100f0c8c76f65caf04ee0e22373be0d61ac5fa6e2f2866078b31b90537e24416fad12aa44b74bb71c2548b15f78fb0d8a3086fac2e4faa9a82029b9d39b72ec7a5a4869eba63651472a34e9ac8faae3984215d731a67081c36c4ff2a7130e611df5ebb57ffcc3c44370131c88e16f74ad73ec6a27c9c6c632820ba2ced4b0061bac183c43194cb8dd492735c763e54b8db10143d28498127fcc54acce837c1d7f0955c852ea368195f3a075cff32745e4c36c68a06c8e5f6692f7668fc0688ee7b2fcd1be9e341e8eb5fb5b976d4058a686f56a1ed418b617499bd004287334052b4b479ae311ef97b5fbdf7c285dbbd0261244503e68f2902b94115adfcd6639945c28b47c7ad2575473a55ff0d299326b7e6f80364a4449715a002f0b0a84952fda92ed45cfe7bbd2cd7ba34a5ce1851268c2a8852c64e0abd11500fe8c87c1bf3d5e8a41b2794a64e56c44655aa8aa1371984ca99584500a1b6d769b2d74409a3c5718952c1bfb854e7a85c2a198afea15227b1172005f3b1b682767ef22a3a3b1c6251cb9c4527426a4e48171c6cadf645573fefda9aed7e3548849f846481a6ecac7d36be0e38ef28f6ae28909d229d556a44cdbb4fa61bdb8f627c062b161bc679640feee4c3d7584d20a6eb475f6635680f4a6321ed9c0031f0523632dba72c349963f6f0a58f982b347d76388501f6f0c16440230782fbb68c3605e94e1be01d6a321a353eeda86bbc36b2b898983cb994f99ebfd6d28a0c716e1a4710f13fad98148a00b7faf3c48c49cfbdb40fbffe0b3167d2e01c8f227a0631843a94eff15a613db675eeff55e451c37498faa4cf50c7cf5b51ff9e09715da14773e03a66869191058c64353056836665327b74321e0a1191bf4f400d5e315548da7108e40f80bea56f282d0d338e61449e9e66b0d7b25e0735987966a4a7d1d1d09234b74fed0bbf6fc996ad703dbf95cbc848d4d646f2cdc06fd956eb87de7fb213431206b92387190aff870f4259a840de9fd788a97451affebb1d2b65143c6107d7a8e35b7a63905c9e16071d38ab652451e4c156fe074362bfe672079ee42e2a264224d4c3090ae182088617fe2a87d493f6ebd36672456b3014d4c1bcafc105ec77f9bedf1a62a7a82ef70396c5f767dbd98873567275fac01a901016f214a2768a06e71ae20736fb5f974a8efe8760f4dc7e87f8223b451658ca0ef1ffa0052637d542f00af9813a344a82ab7008423f2be235dff4d6e37b055f8f5b78fe51a994bfacdcbae1faabe006ac32a9ccf69d1e1d721fae8055c3f58392bd8200edd08cde43b01a6fe803f496d8beb595ef1a121ed89f5cce5fb7f116c7bcfa1842bd64fffe2ee5e89610d6e5fc6ff7b2e60c409a6a7bc15045a728a079c9d453682fa0907b916e3188ddae01baefa5521cc966c6b9585fb4e68402792fc93e73b969f7e63743d20c2fd91bfcb938f342c2985b8e1a19c25b7a2f002b236230dbcebfae1a7b7d0940a193a5dec0edf39370fa58d7ae88ed2afa51b60f2e709218149309753919e224d11b4804e1caf0254ccee0a777b606f35aeb118319840197661afecb632982d79bd6ed52b743dfb0ef62eecd1b7f94381c1acaaa007be45bd0b7dec4325cc318b948c7302c5aad28d2e4f8579ff92cfcc3c3a18f29386fc66ae0b0b3990121c1aee83746f1a55a4aed489fec02985c24cad582ebec7ba6c44d2bf2c3e83071329ade2191d73b449ae87b408fead07c01593eae70c786f039d8abf4a366e8e5571d0ebb06b7cc707a2ec5306e3f76e97fab3a6c6dd975e74348b8d4995868712714e3d10b74902a9d0cd13b6b91b4347dc5af4d60ddea0e76bdf4fd9815cd504434c9981d28bcf1bb22ae66815774d4f003537d951a24a12c0ae48218c6d31e954fe20f4334e0495d474950504fc9635cf5715c8efa06f93a8167bc4607ebcc6e850c6aced635935b2f354a4d2eff9c71cdd39798dffe596115d89e901a43e0fabffd3f554f066c8212add01fa47f79033aa175f4f8033057c4f481381f3db1b5d9b2fd72e27aaecd2a6568e5a724e4a699e89c287162eb44bbf35efa71772f4fbb2650bd93ae4aa3a53192069c0734b4e9742e52955c819090f3106af780bdd564036ddda405fe0a9e9540e5787b7a3fde839f2375e091e63da54d6036c1bc50bf16efd6d198a0ff7ddf8c6d791d85ed885a53ecdee10ce40dd878d8b7b93954e80a0a008ae08698e74409c646c5089bf508d7b32589a4442c84c94b77dd83e10d4cbdcb0a8e9084ba58812ef6c40e078587f3c82140facd7e4a942a967e09580a4969fe4ff18a3c0156538253cf7271ee1be187ac03023eeb037d6b09093308cd5d6ebfccf11f43f9a9963431d1745088180bcd4d59e2bcb9241f4e73c5d72d390b47511a90b3e07f49dae42a11096070f11692f20f77c53b6067dba2171d959b5a2275debdd1a9c7a010efeb75b84ba5a7660b401376022d56817e423ccc9db1bc6b1d2b956782349d7c500986d7f0654e8fe3643715b99ec7334da180d4c011dcf727b2e0bacab1df94afd33a4b8f7bb66cda5811ea1500a00b158d660483287bc26bc04d01ae548ec804478df047de419cbfec2bde1051e1b50b8df92be4909a300094555983dcacf615ca79f394923721f1d9c3bf001a785a976259a56ae8545d25e052340eb42df29fc6dd5f7a7c2b73b4dab6529ad6474e50e7f2da3b37b4d73776a9ff5ad21dc3e54cd105e84f6ac65d9a756a62eb74c7f8f07913500787e86362eaafe41991d7bf6e0d9e2238f4ad039be13d7b81d9b2f7286791ef0e2489534b4c3c45768133a889ea2d927558d693aed7579981be372640ec8de6ad058e146a94d8209943db7fb7cc744f74656c6a875654f22e7a92feb75933a9881f570d5cb2e8e55cf8bc0f1a77719131969ed8806bdac47ad04543e5b7c67ec0011b1a3e85a3744be567d6de453af3b7ec5adf294ab21b49368738a3c8fd89820eaafbe94cbfb75ad23684d519da66012bc1d0ce4e3c00726a711d9d296eca051d607f400333dab204f8bff8c64ad442b7f03cabde2bd1e7c9ec68c7517ac5f404c3fbc374ca126b7181ac8b9bde3288b274411c2052a9275e6a2e1ec4d751cd99f0da092775f27acb69e882b53cb723ee93898f7630f712dcb06f3d72eec8ec68725eaf5d5c2226bb079a57e88ba1b127981786d7b05cbe1e8b0adbd35c774888228149863a21fcd946c5629ace0825e82460d29d53fe1bcc18662a6bdc78194ff64ffe67e6874cd4dabd7ec512227b939d0994eabb18b0bcff1194ef9107849d40691a560e40492f0095f51e4cd1e834d0a7d1542d7e8da1808f6138cc78f0a2498e8bc0e56d87404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + ], + "measurement": 17, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "e720f2d625ee3cabce61d583c8c4054e", + "82e8487025764348020264792b3d100f", + "0c8c76f65caf04ee0e22373be0d61ac5", + "fa6e2f2866078b31b90537e24416fad1", + "2aa44b74bb71c2548b15f78fb0d8a308", + "6fac2e4faa9a82029b9d39b72ec7a5a4", + "869eba63651472a34e9ac8faae398421", + "5d731a67081c36c4ff2a7130e611df5e", + "bb57ffcc3c44370131c88e16f74ad73e", + "c6a27c9c6c632820ba2ced4b0061bac1", + "83c43194cb8dd492735c763e54b8db10", + "143d28498127fcc54acce837c1d7f095", + "5c852ea368195f3a075cff32745e4c36", + "c68a06c8e5f6692f7668fc0688ee7b2f", + "cd1be9e341e8eb5fb5b976d4058a686f", + "56a1ed418b617499bd004287334052b4", + "b479ae311ef97b5fbdf7c285dbbd0261", + "244503e68f2902b94115adfcd6639945", + "c28b47c7ad2575473a55ff0d299326b7", + "e6f80364a4449715a002f0b0a84952fd", + "a92ed45cfe7bbd2cd7ba34a5ce185126", + "8c2a8852c64e0abd11500fe8c87c1bf3", + "d5e8a41b2794a64e56c44655aa8aa137", + "1984ca99584500a1b6d769b2d74409a3", + "c5718952c1bfb854e7a85c2a198afea1", + "5227b1172005f3b1b682767ef22a3a3b", + "1c6251cb9c4527426a4e48171c6cadf6", + "45573fefda9aed7e3548849f846481a6", + "ecac7d36be0e38ef28f6ae28909d229d", + "556a44cdbb4fa61bdb8f627c062b161b", + "c679640feee4c3d7584d20a6eb475f66", + "35680f4a6321ed9c0031f0523632dba7", + "2c349963f6f0a58f982b347d76388501", + "f6f0c16440230782fbb68c3605e94e1b", + "e01d6a321a353eeda86bbc36b2b89898", + "3cb994f99ebfd6d28a0c716e1a4710f1", + "3fad98148a00b7faf3c48c49cfbdb40f", + "bffe0b3167d2e01c8f227a0631843a94", + "eff15a613db675eeff55e451c37498fa", + "a4cf50c7cf5b51ff9e09715da14773e0", + "3a66869191058c64353056836665327b", + "74321e0a1191bf4f400d5e315548da71", + "08e40f80bea56f282d0d338e61449e9e", + "66b0d7b25e0735987966a4a7d1d1d092", + "34b74fed0bbf6fc996ad703dbf95cbc8", + "48d4d646f2cdc06fd956eb87de7fb213", + "431206b92387190aff870f4259a840de", + "9fd788a97451affebb1d2b65143c6107", + "d7a8e35b7a63905c9e16071d38ab6524", + "51e4c156fe074362bfe672079ee42e2a", + "264224d4c3090ae182088617fe2a87d4", + "93f6ebd36672456b3014d4c1bcafc105", + "ec77f9bedf1a62a7a82ef70396c5f767", + "dbd98873567275fac01a901016f214a2", + "768a06e71ae20736fb5f974a8efe8760", + "f4dc7e87f8223b451658ca0ef1ffa005", + "2637d542f00af9813a344a82ab700842", + "3f2be235dff4d6e37b055f8f5b78fe51", + "a994bfacdcbae1faabe006ac32a9ccf6", + "9d1e1d721fae8055c3f58392bd8200ed", + "d08cde43b01a6fe803f496d8beb595ef", + "1a121ed89f5cce5fb7f116c7bcfa1842", + "bd64fffe2ee5e89610d6e5fc6ff7b2e6", + "0c409a6a7bc15045a728a079c9d45368", + "2fa0907b916e3188ddae01baefa5521c", + "c966c6b9585fb4e68402792fc93e73b9", + "69f7e63743d20c2fd91bfcb938f342c2", + "985b8e1a19c25b7a2f002b236230dbce", + "bfae1a7b7d0940a193a5dec0edf39370", + "fa58d7ae88ed2afa51b60f2e70921814", + "9309753919e224d11b4804e1caf0254c", + "cee0a777b606f35aeb11831984019766", + "1afecb632982d79bd6ed52b743dfb0ef", + "62eecd1b7f94381c1acaaa007be45bd0", + "b7dec4325cc318b948c7302c5aad28d2", + "e4f8579ff92cfcc3c3a18f29386fc66a", + "e0b0b3990121c1aee83746f1a55a4aed", + "489fec02985c24cad582ebec7ba6c44d", + "2bf2c3e83071329ade2191d73b449ae8", + "7b408fead07c01593eae70c786f039d8", + "abf4a366e8e5571d0ebb06b7cc707a2e", + "c5306e3f76e97fab3a6c6dd975e74348", + "b8d4995868712714e3d10b74902a9d0c", + "d13b6b91b4347dc5af4d60ddea0e76bd", + "f4fd9815cd504434c9981d28bcf1bb22", + "ae66815774d4f003537d951a24a12c0a", + "e48218c6d31e954fe20f4334e0495d47", + "4950504fc9635cf5715c8efa06f93a81", + "67bc4607ebcc6e850c6aced635935b2f", + "354a4d2eff9c71cdd39798dffe596115", + "d89e901a43e0fabffd3f554f066c8212", + "add01fa47f79033aa175f4f8033057c4", + "f481381f3db1b5d9b2fd72e27aaecd2a", + "6568e5a724e4a699e89c287162eb44bb", + "f35efa71772f4fbb2650bd93ae4aa3a5", + "3192069c0734b4e9742e52955c819090", + "f3106af780bdd564036ddda405fe0a9e", + "9540e5787b7a3fde839f2375e091e63d", + "a54d6036c1bc50bf16efd6d198a0ff7d", + "df8c6d791d85ed885a53ecdee10ce40d" + ], + [ + "1adf0d29da11c354159e2a7c373bfab1", + "7f17b78fda89bcb7e1fd9b86d4c2eff0", + "f5738909a350fb11d5ddc8c41f29e53a", + "0791d0d799f874ce2afac81dbbe9052e", + "d75bb48b448e3dab58ea08704f275cf7", + "9253d1b055657dfd4862c648d1385a5b", + "7b61459c9aeb8d5c9565370551c67bde", + "a48ce598f7e3c93be4d48ecf19ee20a1", + "46a80033c3bbc8feb23771e908b528c1", + "3b5d8363939cd7df29d312b4ff9e453e", + "7e3bce6b34722b6d70a389c1ab4724ef", + "edc2d7b67ed8033a993317c83e280f6a", + "a57ad15c97e6a0c5dca300cd8ba1b3c9", + "3b75f9371a0996d06d9703f9771184d0", + "34e4161cbe1714a02e46892bfa759790", + "ab5e12be749e8b6626ffbd78ccbfad4b", + "4d8651cee10684a026083d7a2442fd9e", + "debafc1970d6fd46a2ea5203299c66ba", + "3f74b83852da8ab8a9aa00f2d66cd948", + "1b07fc9b5bbb68ea43fd0f4f57b6ad02", + "58d12ba3018442d30c45cb5a31e7aed9", + "75d577ad39b1f542d2aff0173783e40c", + "2c175be4d86b59b18d3bb9aa55755ec8", + "e87b3566a7baff5e2d28964d28bbf65c", + "3c8e76ad3e4047abfc56a3d5e675015e", + "afd84ee8dffa0c4e2d7d89810dd5c5c4", + "e59dae3463bad8bd79b1b7e8e3935209", + "bca8c01025651281aeb77b607b9b7e59", + "155382c941f1c710bb0951d76f62dd62", + "ac95bb3244b059e408709d83f9d4e9e4", + "3b869bf0111b3c288bb2df5914b8a099", + "cc97f0b59cde1263e3ce0fadc9cd2458", + "d5cb669c090f5a704bd4cb8289c77afe", + "0b0f3e9bbfdcf87de84873c9fa16b1e4", + "21e295cde5cac1123b9443c94d476767", + "c5466b066140292d59f38e91e5b8ef0e", + "c25267eb75ff4805f03a73b630424bf0", + "4201f4ce982d1fe354dd85f9ce7bc56b", + "120ea59ec2498a11e4a91bae3c8b6705", + "5d30af3830a4ae0045f68ea25eb88c1f", + "c799796e6efa739baecfa97c999acd84", + "8dcde1f5ee6e40b0a3f2a1ceaab7258e", + "f91bf07f415a90d7b6f2cc719ebb6161", + "9b4f284da1f8ca676a995b582e2e2f6d", + "cd48b012f44090364d528fc2406a3437", + "b92b29b90d323f900aa9147821804dec", + "beedf946dc78e6f5e477f0bda657bf21", + "622877568bae500128e2d49aebc39ef8", + "2a571ca4859c6fa345e9f8e2c7549adb", + "b01b3ea901f8bc9d24198df8611bd1d5", + "dbbddb2b3cf6f51e61f779e801d5782b", + "6e09142c998dba94b3eb2b3e43503efa", + "1588064120e59d583bd108fc693a0898", + "2626778ca98d8a0523e56fefe90deb5d", + "8b75f918e51df8c9e89f68b57101789f", + "0d23817807ddc4bacda735f10e005ffa", + "dbc82abd0ff5067ea9cbb57d548ff7bd", + "c2d41dca200b291c68faa070a48701ae", + "586b405323451e05381ff953cd563309", + "64e1e28de0517faa200a7c6d427dff12", + "317321bc4fe59017e00b6927414a6a10", + "e7ede12760a331a02c0ee9384305e7bd", + "449b0001d11a1769d3291a0390084d19", + "f5bf6595843eafba3cd75f86362bac97", + "d25f6f846e91ce770651fe45105aade3", + "38993946a7a04b195ffd86d036c18c46", + "980819c8bc2df3d00ae40346c70cbd3d", + "69a471e5e63da485b4ffd4dc9dcf2431", + "4251e58482f6bf5e505a213f120c6c8f", + "07a728517712d5059249f0d18f6de7eb", + "6ef68ac6e61ddb2ec8b7fb1e350fdab3", + "331f588849f90ca5f8ed7ce67bfe6899", + "e701349cd67d28640d12ad48bc204f10", + "9f1132e4806bc7e3c93555ff841ba42f", + "4a213bcda33ce7469b38cfd3a552d72d", + "1d07a86006d3033c205e70d6c7903995", + "214f4c66fede3e51fbc7b90e5aa5b512", + "b96013fd67a3db350e7d141384593bb2", + "d60d3c17cf8ecd6505de6e28c4bb6517", + "86bf70152f83fea6a5518f38790fc627", + "560b5c99171aa8e2d544f948338f85d1", + "3ccf91c089168054a99392268a18bcb7", + "492b66a7978ed8eb002ef48b6fd562f3", + "30c4946e4bcb823a34b29f2215f18942", + "0d0267ea32afbbcb1a67e2d7430e44dd", + "53997ea88b2b0ffc90826ae5db5ed3f5", + "1d7de7392ce16ab001f0bccb1fb6a2b8", + "b8afafb0369ca30a72a37105f906c57e", + "9a43b9f81433917ad7953129ca6ca4d0", + "ccb5b2d100638e321068672001a69eea", + "29616fe5bc1f0540e6bfaab0f9937ded", + "542fe05b8086fcc5428a0b07fccfa83b", + "0d7ec7e0c24e4a2631028d1d855132d5", + "9c971a58db1b5966fb62d78e9d14bb44", + "0ea1058e88d0b044bdaf426c51b55c5a", + "d06df963f8cb4b166fd1ad6aa37e6f6f", + "0eef95087f422a9be092225bfa01f561", + "6cbf1a878485c0216060dc8a1f6e19c2", + "5cb29fc93e43af40cd10292e675f0082", + "22739286e27a127789ac13211ef31bf2" + ] + ], + "prep_messages": [ + "baef7355f66644fe751d36705981dfacf26c987691c76409c848808bdff226f2" + ], + "prep_shares": [ + [ + "66e14d38c90694ecaed6e1e6e54ff37fa2196c3106d421c1951bae3b75e1e0c1ae6456b732d066ab74d4f2da6dcaa249b8a39312c2b26c426fc71b6d8a27b0a956cc565ec94950085319139daef295688de0e8fef0420811156670019b67583b1771b890a81981bd862ff9eb352d2c7a16b7131e254fad27c3aa073ba1a21190388813e1976784d821d2babaedcd760d9e251bc0442029a5e82cf338cfd31cbbeca51216da0b13cd6c9c7978189efda72e734f48def48e3afbe610f55d131a972b6143d62e4e1229aa7f5ea7853901c671bc334e444ad084b6f3b54b0d18b4e63521e9a9f0eb93b2a26dbdf9654d6c68bb7f9f61b6d16cef2972ae3421f6c47470707f9adc16da4a980e632f64377a5e5fcc4d8ec24afe5a4fb34fddbd79fd82db7b5dead163e4ce99128251a44a64762312440d0f878486adf5a925baf613fa8bc37948a39bc02ee7a80168be082b462498ad784d9a7a6c9ab8ef92028d1b3ad6b284d1755b860b5ec7195f6ec52c9e940fa71e761c80b2060cf9aeb681f373", + "9b1eb2c736f96b1335291e191ab00c804a36096ec2b0868567f62505dbe6645fcac1655435b03aec8c6f8aa8c6798e05d189d1ae8a276b024a02b47ff94dc56b1db842439560a70ce333a273d4da9b37527b73cd4e8bb6566385ee473bce503d1d51e55b553ea3a4056d627a2e5b2ced002dc028d3bf26624354d683a107554512ba32779614365afdfd645a8b3fa517f0a7e3ead5b4834f7bd59d9f88f087685e4d60fbae27377187a09ee9d933ce062b6a80c7c985776871893b7a13a3ff081f97bf8466cbf7dda8442d7f7af37c321c23faf75059b26996ca192126473568345318abde99a7db7b9fee2a33d5938d601b30f3d41d8b55c7f087fa5ba5a10fe9761e56d960409a891124141f1ff5a10f70b2ddcd7df46f9ebb2899acbb5af34c3d78cad0829883f6c1f520ec2808c7b930522a8eff53a8d98d8d4baa9e44d10d61f8fc19a8f4829a1853b60eba481c3177450712ccb1da331bd9ad3fd98d3e40ae4be243e624b1ffde96162c2fa48392128bd79d2861098ffc5ab20af7ec18" + ] + ], + "public_share": "d6b284d1755b860b5ec7195f6ec52c9e940fa71e761c80b2060cf9aeb681f37340ae4be243e624b1ffde96162c2fa48392128bd79d2861098ffc5ab20af7ec18", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + }, + { + "input_shares": [ + "e720f2d625ee3cabce61d583c8c4054e82e8487025764348020264792b3d100f0c8c76f65caf04ee0e22373be0d61ac5fa6e2f2866078b31b90537e24416fad12aa44b74bb71c2548b15f78fb0d8a3086fac2e4faa9a82029b9d39b72ec7a5a4869eba63651472a34e9ac8faae3984215d731a67081c36c4ff2a7130e611df5ebb57ffcc3c44370131c88e16f74ad73ec6a27c9c6c632820ba2ced4b0061bac183c43194cb8dd492735c763e54b8db10143d28498127fcc54acce837c1d7f0955c852ea368195f3a075cff32745e4c36c68a06c8e5f6692f7668fc0688ee7b2fcd1be9e341e8eb5fb5b976d4058a686f56a1ed418b617499bd004287334052b4b479ae311ef97b5fbdf7c285dbbd0261234503e68f2902b94115adfcd6639945c28b47c7ad2575473a55ff0d299326b7e6f80364a4449715a002f0b0a84952fda92ed45cfe7bbd2cd7ba34a5ce1851268c2a8852c64e0abd11500fe8c87c1bf3d5e8a41b2794a64e56c44655aa8aa1371984ca99584500a1b6d769b2d74409a3c5718952c1bfb854e7a85c2a198afea15227b1172005f3b1b682767ef22a3a3b1c6251cb9c4527426a4e48171c6cadf645573fefda9aed7e3548849f846481a6ecac7d36be0e38ef28f6ae28909d229d556a44cdbb4fa61bdb8f627c062b161bc679640feee4c3d7584d20a6eb475f6635680f4a6321ed9c0031f0523632dba72c349963f6f0a58f982b347d76388501f6f0c16440230782fbb68c3605e94e1be01d6a321a353eeda86bbc36b2b898983cb994f99ebfd6d28a0c716e1a4710f13fad98148a00b7faf3c48c49cfbdb40fbffe0b3167d2e01c8f227a0631843a94eff15a613db675eeff55e451c37498faa4cf50c7cf5b51ff9e09715da14773e03a66869191058c64353056836665327b74321e0a1191bf4f400d5e315548da7109e40f80bea56f282d0d338e61449e9e66b0d7b25e0735987966a4a7d1d1d09234b74fed0bbf6fc996ad703dbf95cbc848d4d646f2cdc06fd956eb87de7fb213431206b92387190aff870f4259a840de9fd788a97451affebb1d2b65143c6107d7a8e35b7a63905c9e16071d38ab652451e4c156fe074362bfe672079ee42e2a264224d4c3090ae182088617fe2a87d493f6ebd36672456b3014d4c1bcafc105ec77f9bedf1a62a7a82ef70396c5f767dbd98873567275fac01a901016f214a2768a06e71ae20736fb5f974a8efe8760f4dc7e87f8223b451658ca0ef1ffa0052637d542f00af9813a344a82ab7008423f2be235dff4d6e37b055f8f5b78fe51a994bfacdcbae1faabe006ac32a9ccf69d1e1d721fae8055c3f58392bd8200edd08cde43b01a6fe803f496d8beb595ef1a121ed89f5cce5fb7f116c7bcfa1842bd64fffe2ee5e89610d6e5fc6ff7b2e60c409a6a7bc15045a728a079c9d453682fa0907b916e3188ddae01baefa5521cc966c6b9585fb4e68402792fc93e73b969f7e63743d20c2fd91bfcb938f342c2985b8e1a19c25b7a2f002b236230dbcebfae1a7b7d0940a193a5dec0edf39370fa58d7ae88ed2afa51b60f2e709218149309753919e224d11b4804e1caf0254ccee0a777b606f35aeb118319840197661afecb632982d79bd6ed52b743dfb0ef62eecd1b7f94381c1acaaa007be45bd0b7dec4325cc318b948c7302c5aad28d2e4f8579ff92cfcc3c3a18f29386fc66ae0b0b3990121c1aee83746f1a55a4aed489fec02985c24cad582ebec7ba6c44d2bf2c3e83071329ade2191d73b449ae87b408fead07c01593eae70c786f039d8abf4a366e8e5571d0ebb06b7cc707a2ec5306e3f76e97fab3a6c6dd975e74348b8d4995868712714e3d10b74902a9d0cd13b6b91b4347dc5af4d60ddea0e76bdf4fd9815cd504434c9981d28bcf1bb22ae66815774d4f003537d951a24a12c0ae48218c6d31e954fe20f4334e0495d474950504fc9635cf5715c8efa06f93a8167bc4607ebcc6e850c6aced635935b2f354a4d2eff9c71cdd39798dffe596115d89e901a43e0fabffd3f554f066c8212add01fa47f79033aa175f4f8033057c4f481381f3db1b5d9b2fd72e27aaecd2a6568e5a724e4a699e89c287162eb44bbf35efa71772f4fbb2650bd93ae4aa3a53192069c0734b4e9742e52955c819090f3106af780bdd564036ddda405fe0a9e9540e5787b7a3fde839f2375e091e63da54d6036c1bc50bf16efd6d198a0ff7ddf8c6d791d85ed885a53ecdee10ce40dd878d8b7b93954e80a0a008ae08698e74409c646c5089bf508d7b32589a4442c84c94b77dd83e10d4cbdcb0a8e9084ba58812ef6c40e078587f3c82140facd7e4a942a967e09580a4969fe4ff18a3c0156538253cf7271ee1be187ac03023eeb037d6b09093308cd5d6ebfccf11f43f9a9963431d1745088180bcd4d59e2bcb9241f4e73c5d72d390b47511a90b3e07f49dae42a11096070f11692f20f77c53b6067dba2171d959b5a2275debdd1a9c7a010efeb75b84ba5a7660b401376022d56817e423ccc9db1bc6b1d2b956782349d7c500986d7f0654e8fe3643715b99ec7334da180d4c011dcf727b2e0bacab1df94afd33a4b8f7bb66cda5811ea1500a00b158d660483287bc26bc04d01ae548ec804478df047de419cbfec2bde1051e1b50b8df92be4909a300094555983dcacf615ca79f394923721f1d9c3bf001a06bf37862adea5bddcb77042b1735aaf2f6c899b7fd125ac3573513e3c7460b729bc674b9bafd3e8f9ef9a7db45a3c246462a6d7b4add7047df653b7a5a2ca02859c83a4c28695d82f12b4f7fe7f286a824a027b516857688ddf7f615e40817471f3c37abded4f51d58fab456ee0e0a72ae10f9316f2599ae0e2e7b221db4bbfd2f32a6eb860729a125dc504a640f9396767511aad9f91bcd3c36b8765d25e6fafcbdf34c1416882cd79d9464ac2850d2bb27f8e5f64902dbbdeb7b3f0d8afb95132020792359690002ac258773cc87fa47ae8441aecf28413a66505b00d3a4e7905259803966520fcf0cf940742ace4d23684d519da66012bc1d0ce4e3c0072dc0c7d7958358f30950534dea4f38db7017ed62325d92813c9f09f47590a0b07e67e5163a9a52d43dbaa98bc696f311929e2eb00b83643d3bb444bffef1941104d95a36a7b640cfcf0c68a7412a5ae2adaf6a576717282f354620dc9f92df11f4570a3eb1b9268aa9b6b06b53bb886f4125a324ebcc7d98c9f8bc3818d2daa8009cf05ad078aeb5b9753d0ae74d2485bb6baf3ffb9a3c6dc5dcd5ed28ed591db97df84ad03ceb91fa1d38313d00ce89ba1e54d0add1f237f6e5d2a6165bd2d713b1353721523f0b39e31c1ff6375ec1470ed828f4a9ad11b0e8521f6eed15f885f02a36cfd339d529902bae0056379fd404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + ], + "measurement": 42, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "e720f2d625ee3cabce61d583c8c4054e", + "82e8487025764348020264792b3d100f", + "0c8c76f65caf04ee0e22373be0d61ac5", + "fa6e2f2866078b31b90537e24416fad1", + "2aa44b74bb71c2548b15f78fb0d8a308", + "6fac2e4faa9a82029b9d39b72ec7a5a4", + "869eba63651472a34e9ac8faae398421", + "5d731a67081c36c4ff2a7130e611df5e", + "bb57ffcc3c44370131c88e16f74ad73e", + "c6a27c9c6c632820ba2ced4b0061bac1", + "83c43194cb8dd492735c763e54b8db10", + "143d28498127fcc54acce837c1d7f095", + "5c852ea368195f3a075cff32745e4c36", + "c68a06c8e5f6692f7668fc0688ee7b2f", + "cd1be9e341e8eb5fb5b976d4058a686f", + "56a1ed418b617499bd004287334052b4", + "b479ae311ef97b5fbdf7c285dbbd0261", + "234503e68f2902b94115adfcd6639945", + "c28b47c7ad2575473a55ff0d299326b7", + "e6f80364a4449715a002f0b0a84952fd", + "a92ed45cfe7bbd2cd7ba34a5ce185126", + "8c2a8852c64e0abd11500fe8c87c1bf3", + "d5e8a41b2794a64e56c44655aa8aa137", + "1984ca99584500a1b6d769b2d74409a3", + "c5718952c1bfb854e7a85c2a198afea1", + "5227b1172005f3b1b682767ef22a3a3b", + "1c6251cb9c4527426a4e48171c6cadf6", + "45573fefda9aed7e3548849f846481a6", + "ecac7d36be0e38ef28f6ae28909d229d", + "556a44cdbb4fa61bdb8f627c062b161b", + "c679640feee4c3d7584d20a6eb475f66", + "35680f4a6321ed9c0031f0523632dba7", + "2c349963f6f0a58f982b347d76388501", + "f6f0c16440230782fbb68c3605e94e1b", + "e01d6a321a353eeda86bbc36b2b89898", + "3cb994f99ebfd6d28a0c716e1a4710f1", + "3fad98148a00b7faf3c48c49cfbdb40f", + "bffe0b3167d2e01c8f227a0631843a94", + "eff15a613db675eeff55e451c37498fa", + "a4cf50c7cf5b51ff9e09715da14773e0", + "3a66869191058c64353056836665327b", + "74321e0a1191bf4f400d5e315548da71", + "09e40f80bea56f282d0d338e61449e9e", + "66b0d7b25e0735987966a4a7d1d1d092", + "34b74fed0bbf6fc996ad703dbf95cbc8", + "48d4d646f2cdc06fd956eb87de7fb213", + "431206b92387190aff870f4259a840de", + "9fd788a97451affebb1d2b65143c6107", + "d7a8e35b7a63905c9e16071d38ab6524", + "51e4c156fe074362bfe672079ee42e2a", + "264224d4c3090ae182088617fe2a87d4", + "93f6ebd36672456b3014d4c1bcafc105", + "ec77f9bedf1a62a7a82ef70396c5f767", + "dbd98873567275fac01a901016f214a2", + "768a06e71ae20736fb5f974a8efe8760", + "f4dc7e87f8223b451658ca0ef1ffa005", + "2637d542f00af9813a344a82ab700842", + "3f2be235dff4d6e37b055f8f5b78fe51", + "a994bfacdcbae1faabe006ac32a9ccf6", + "9d1e1d721fae8055c3f58392bd8200ed", + "d08cde43b01a6fe803f496d8beb595ef", + "1a121ed89f5cce5fb7f116c7bcfa1842", + "bd64fffe2ee5e89610d6e5fc6ff7b2e6", + "0c409a6a7bc15045a728a079c9d45368", + "2fa0907b916e3188ddae01baefa5521c", + "c966c6b9585fb4e68402792fc93e73b9", + "69f7e63743d20c2fd91bfcb938f342c2", + "985b8e1a19c25b7a2f002b236230dbce", + "bfae1a7b7d0940a193a5dec0edf39370", + "fa58d7ae88ed2afa51b60f2e70921814", + "9309753919e224d11b4804e1caf0254c", + "cee0a777b606f35aeb11831984019766", + "1afecb632982d79bd6ed52b743dfb0ef", + "62eecd1b7f94381c1acaaa007be45bd0", + "b7dec4325cc318b948c7302c5aad28d2", + "e4f8579ff92cfcc3c3a18f29386fc66a", + "e0b0b3990121c1aee83746f1a55a4aed", + "489fec02985c24cad582ebec7ba6c44d", + "2bf2c3e83071329ade2191d73b449ae8", + "7b408fead07c01593eae70c786f039d8", + "abf4a366e8e5571d0ebb06b7cc707a2e", + "c5306e3f76e97fab3a6c6dd975e74348", + "b8d4995868712714e3d10b74902a9d0c", + "d13b6b91b4347dc5af4d60ddea0e76bd", + "f4fd9815cd504434c9981d28bcf1bb22", + "ae66815774d4f003537d951a24a12c0a", + "e48218c6d31e954fe20f4334e0495d47", + "4950504fc9635cf5715c8efa06f93a81", + "67bc4607ebcc6e850c6aced635935b2f", + "354a4d2eff9c71cdd39798dffe596115", + "d89e901a43e0fabffd3f554f066c8212", + "add01fa47f79033aa175f4f8033057c4", + "f481381f3db1b5d9b2fd72e27aaecd2a", + "6568e5a724e4a699e89c287162eb44bb", + "f35efa71772f4fbb2650bd93ae4aa3a5", + "3192069c0734b4e9742e52955c819090", + "f3106af780bdd564036ddda405fe0a9e", + "9540e5787b7a3fde839f2375e091e63d", + "a54d6036c1bc50bf16efd6d198a0ff7d", + "df8c6d791d85ed885a53ecdee10ce40d" + ], + [ + "1adf0d29da11c354159e2a7c373bfab1", + "7f17b78fda89bcb7e1fd9b86d4c2eff0", + "f5738909a350fb11d5ddc8c41f29e53a", + "0791d0d799f874ce2afac81dbbe9052e", + "d75bb48b448e3dab58ea08704f275cf7", + "9253d1b055657dfd4862c648d1385a5b", + "7b61459c9aeb8d5c9565370551c67bde", + "a48ce598f7e3c93be4d48ecf19ee20a1", + "46a80033c3bbc8feb23771e908b528c1", + "3b5d8363939cd7df29d312b4ff9e453e", + "7e3bce6b34722b6d70a389c1ab4724ef", + "edc2d7b67ed8033a993317c83e280f6a", + "a57ad15c97e6a0c5dca300cd8ba1b3c9", + "3b75f9371a0996d06d9703f9771184d0", + "34e4161cbe1714a02e46892bfa759790", + "ab5e12be749e8b6626ffbd78ccbfad4b", + "4d8651cee10684a026083d7a2442fd9e", + "debafc1970d6fd46a2ea5203299c66ba", + "3f74b83852da8ab8a9aa00f2d66cd948", + "1b07fc9b5bbb68ea43fd0f4f57b6ad02", + "58d12ba3018442d30c45cb5a31e7aed9", + "75d577ad39b1f542d2aff0173783e40c", + "2c175be4d86b59b18d3bb9aa55755ec8", + "e87b3566a7baff5e2d28964d28bbf65c", + "3c8e76ad3e4047abfc56a3d5e675015e", + "afd84ee8dffa0c4e2d7d89810dd5c5c4", + "e59dae3463bad8bd79b1b7e8e3935209", + "bca8c01025651281aeb77b607b9b7e59", + "155382c941f1c710bb0951d76f62dd62", + "ac95bb3244b059e408709d83f9d4e9e4", + "3b869bf0111b3c288bb2df5914b8a099", + "cc97f0b59cde1263e3ce0fadc9cd2458", + "d5cb669c090f5a704bd4cb8289c77afe", + "0b0f3e9bbfdcf87de84873c9fa16b1e4", + "21e295cde5cac1123b9443c94d476767", + "c5466b066140292d59f38e91e5b8ef0e", + "c25267eb75ff4805f03a73b630424bf0", + "4201f4ce982d1fe354dd85f9ce7bc56b", + "120ea59ec2498a11e4a91bae3c8b6705", + "5d30af3830a4ae0045f68ea25eb88c1f", + "c799796e6efa739baecfa97c999acd84", + "8dcde1f5ee6e40b0a3f2a1ceaab7258e", + "f91bf07f415a90d7b6f2cc719ebb6161", + "9b4f284da1f8ca676a995b582e2e2f6d", + "cd48b012f44090364d528fc2406a3437", + "b92b29b90d323f900aa9147821804dec", + "beedf946dc78e6f5e477f0bda657bf21", + "622877568bae500128e2d49aebc39ef8", + "2a571ca4859c6fa345e9f8e2c7549adb", + "b01b3ea901f8bc9d24198df8611bd1d5", + "dbbddb2b3cf6f51e61f779e801d5782b", + "6e09142c998dba94b3eb2b3e43503efa", + "1588064120e59d583bd108fc693a0898", + "2626778ca98d8a0523e56fefe90deb5d", + "8b75f918e51df8c9e89f68b57101789f", + "0d23817807ddc4bacda735f10e005ffa", + "dbc82abd0ff5067ea9cbb57d548ff7bd", + "c2d41dca200b291c68faa070a48701ae", + "586b405323451e05381ff953cd563309", + "64e1e28de0517faa200a7c6d427dff12", + "317321bc4fe59017e00b6927414a6a10", + "e7ede12760a331a02c0ee9384305e7bd", + "449b0001d11a1769d3291a0390084d19", + "f5bf6595843eafba3cd75f86362bac97", + "d25f6f846e91ce770651fe45105aade3", + "38993946a7a04b195ffd86d036c18c46", + "980819c8bc2df3d00ae40346c70cbd3d", + "69a471e5e63da485b4ffd4dc9dcf2431", + "4251e58482f6bf5e505a213f120c6c8f", + "07a728517712d5059249f0d18f6de7eb", + "6ef68ac6e61ddb2ec8b7fb1e350fdab3", + "331f588849f90ca5f8ed7ce67bfe6899", + "e701349cd67d28640d12ad48bc204f10", + "9f1132e4806bc7e3c93555ff841ba42f", + "4a213bcda33ce7469b38cfd3a552d72d", + "1d07a86006d3033c205e70d6c7903995", + "214f4c66fede3e51fbc7b90e5aa5b512", + "b96013fd67a3db350e7d141384593bb2", + "d60d3c17cf8ecd6505de6e28c4bb6517", + "86bf70152f83fea6a5518f38790fc627", + "560b5c99171aa8e2d544f948338f85d1", + "3ccf91c089168054a99392268a18bcb7", + "492b66a7978ed8eb002ef48b6fd562f3", + "30c4946e4bcb823a34b29f2215f18942", + "0d0267ea32afbbcb1a67e2d7430e44dd", + "53997ea88b2b0ffc90826ae5db5ed3f5", + "1d7de7392ce16ab001f0bccb1fb6a2b8", + "b8afafb0369ca30a72a37105f906c57e", + "9a43b9f81433917ad7953129ca6ca4d0", + "ccb5b2d100638e321068672001a69eea", + "29616fe5bc1f0540e6bfaab0f9937ded", + "542fe05b8086fcc5428a0b07fccfa83b", + "0d7ec7e0c24e4a2631028d1d855132d5", + "9c971a58db1b5966fb62d78e9d14bb44", + "0ea1058e88d0b044bdaf426c51b55c5a", + "d06df963f8cb4b166fd1ad6aa37e6f6f", + "0eef95087f422a9be092225bfa01f561", + "6cbf1a878485c0216060dc8a1f6e19c2", + "5cb29fc93e43af40cd10292e675f0082", + "22739286e27a127789ac13211ef31bf2" + ] + ], + "prep_messages": [ + "f1bd870009988050f4ef94cdeeb766a2311f7e59f1f3ca0efd4ec7334d439314" + ], + "prep_shares": [ + [ + "66e14d38c90694ecaed6e1e6e54ff37f144c5c68db22629297bcd826fb529288ae6456b732d066ab74d4f2da6dcaa249a6da44a507c53b943e0f77e8e4b4b15956cc565ec94950085319139daef2956849da90a79b6e54d488aae905f16d67501123dd856722e6b3ffdb9d0fc0fa3cc824d506ce843469f16c35d57de5d01b75388813e1976784d821d2babaedcd760db4935cd97da241e35e720387dd8721feeca51216da0b13cd6c9c7978189efda71d20eff4cd3c0e1f4c9ed2d3ac0c49c62b6143d62e4e1229aa7f5ea7853901c641b7558cda57f9d4b5cb36b5d0b9af1e3521e9a9f0eb93b2a26dbdf9654d6c682ab96dc5cb93b5b007e36d08f0f1f51e70a03cdeee9719af30cf68bd18cf728a10302f2ad0eb70b76df1703e692f854bdb7b5dead163e4ce99128251a44a6476ba4367b0e3c675c70bfdeaaea65123958bc37948a39bc02ee7a80168be082b46ef1f787cc439e143cb4442f818ea6fcf67199ce6418d9555c9cfe6e4ba826631ea5379d4235d8113e9a364960d6c742e", + "9b1eb2c736f96b1335291e191ab00c80d8031937ed6146b46555fb195575b398cac1655435b03aec8c6f8aa8c6798e05e352201c45159cb07aba58049fc0c3bb1db842439560a70ce333a273d4da9b37508e897f49f6c4a906b355a6810564bc1d51e55b553ea3a4056d627a2e5b2cedf20ecd7873da6a9899c908415dd94a6012ba32779614365afdfd645a8b3fa517da39a2d19c326b1105908d517a3c83255e4d60fbae27377187a09ee9d933ce063dbde01ada3df88304d2799bc4a9d0d91f97bf8466cbf7dda8442d7f7af37c324b28d8b9ba4b8919b3f298b762a53930345318abde99a7db7b9fee2a33d5938d76dfa4acbf77b93a48cb724e759b6506e9761e56d960409a891124141f1ff5a15d0cd141c0dc81139c7d07380106d32a4c3d78cad0829883f6c1f520ec2808c721ff2e87b9bf626797864cc2bd4335360d61f8fc19a8f4829a1853b60eba481c3177450712ccb1da331bd9ad3fd98d3e40ae4be243e624b1ffde96162c2fa48392128bd79d2861098ffc5ab20af7ec18" + ] + ], + "public_share": "67199ce6418d9555c9cfe6e4ba826631ea5379d4235d8113e9a364960d6c742e40ae4be243e624b1ffde96162c2fa48392128bd79d2861098ffc5ab20af7ec18", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + }, + { + "input_shares": [ + "e820f2d625ee3cabce61d583c8c4054e82e8487025764348020264792b3d100f0c8c76f65caf04ee0e22373be0d61ac5fa6e2f2866078b31b90537e24416fad12aa44b74bb71c2548b15f78fb0d8a3086fac2e4faa9a82029b9d39b72ec7a5a4869eba63651472a34e9ac8faae3984215d731a67081c36c4ff2a7130e611df5ebb57ffcc3c44370131c88e16f74ad73ec6a27c9c6c632820ba2ced4b0061bac183c43194cb8dd492735c763e54b8db10143d28498127fcc54acce837c1d7f0955c852ea368195f3a075cff32745e4c36c68a06c8e5f6692f7668fc0688ee7b2fcd1be9e341e8eb5fb5b976d4058a686f56a1ed418b617499bd004287334052b4b479ae311ef97b5fbdf7c285dbbd0261234503e68f2902b94115adfcd6639945c28b47c7ad2575473a55ff0d299326b7e6f80364a4449715a002f0b0a84952fda92ed45cfe7bbd2cd7ba34a5ce1851268c2a8852c64e0abd11500fe8c87c1bf3d5e8a41b2794a64e56c44655aa8aa1371984ca99584500a1b6d769b2d74409a3c5718952c1bfb854e7a85c2a198afea15227b1172005f3b1b682767ef22a3a3b1c6251cb9c4527426a4e48171c6cadf645573fefda9aed7e3548849f846481a6ecac7d36be0e38ef28f6ae28909d229d556a44cdbb4fa61bdb8f627c062b161bc679640feee4c3d7584d20a6eb475f6635680f4a6321ed9c0031f0523632dba72c349963f6f0a58f982b347d76388501f6f0c16440230782fbb68c3605e94e1be01d6a321a353eeda86bbc36b2b898983cb994f99ebfd6d28a0c716e1a4710f13fad98148a00b7faf3c48c49cfbdb40fbffe0b3167d2e01c8f227a0631843a94eff15a613db675eeff55e451c37498faa4cf50c7cf5b51ff9e09715da14773e03a66869191058c64353056836665327b74321e0a1191bf4f400d5e315548da7108e40f80bea56f282d0d338e61449e9e66b0d7b25e0735987966a4a7d1d1d09234b74fed0bbf6fc996ad703dbf95cbc848d4d646f2cdc06fd956eb87de7fb213431206b92387190aff870f4259a840de9fd788a97451affebb1d2b65143c6107d7a8e35b7a63905c9e16071d38ab652451e4c156fe074362bfe672079ee42e2a264224d4c3090ae182088617fe2a87d493f6ebd36672456b3014d4c1bcafc105ec77f9bedf1a62a7a82ef70396c5f767dbd98873567275fac01a901016f214a2768a06e71ae20736fb5f974a8efe8760f4dc7e87f8223b451658ca0ef1ffa0052637d542f00af9813a344a82ab7008423f2be235dff4d6e37b055f8f5b78fe51a994bfacdcbae1faabe006ac32a9ccf69d1e1d721fae8055c3f58392bd8200edd08cde43b01a6fe803f496d8beb595ef1a121ed89f5cce5fb7f116c7bcfa1842bd64fffe2ee5e89610d6e5fc6ff7b2e60c409a6a7bc15045a728a079c9d453682fa0907b916e3188ddae01baefa5521cc966c6b9585fb4e68402792fc93e73b969f7e63743d20c2fd91bfcb938f342c2985b8e1a19c25b7a2f002b236230dbcebfae1a7b7d0940a193a5dec0edf39370fa58d7ae88ed2afa51b60f2e709218149309753919e224d11b4804e1caf0254ccee0a777b606f35aeb118319840197661afecb632982d79bd6ed52b743dfb0ef62eecd1b7f94381c1acaaa007be45bd0b7dec4325cc318b948c7302c5aad28d2e4f8579ff92cfcc3c3a18f29386fc66ae0b0b3990121c1aee83746f1a55a4aed489fec02985c24cad582ebec7ba6c44d2bf2c3e83071329ade2191d73b449ae87b408fead07c01593eae70c786f039d8abf4a366e8e5571d0ebb06b7cc707a2ec5306e3f76e97fab3a6c6dd975e74348b8d4995868712714e3d10b74902a9d0cd13b6b91b4347dc5af4d60ddea0e76bdf4fd9815cd504434c9981d28bcf1bb22ae66815774d4f003537d951a24a12c0ae48218c6d31e954fe20f4334e0495d474950504fc9635cf5715c8efa06f93a8167bc4607ebcc6e850c6aced635935b2f354a4d2eff9c71cdd39798dffe596115d89e901a43e0fabffd3f554f066c8212add01fa47f79033aa175f4f8033057c4f481381f3db1b5d9b2fd72e27aaecd2a6568e5a724e4a699e89c287162eb44bbf35efa71772f4fbb2650bd93ae4aa3a53192069c0734b4e9742e52955c819090f3106af780bdd564036ddda405fe0a9e9540e5787b7a3fde839f2375e091e63da54d6036c1bc50bf16efd6d198a0ff7ddf8c6d791d85ed885a53ecdee10ce40dd878d8b7b93954e80a0a008ae08698e74409c646c5089bf508d7b32589a4442c84c94b77dd83e10d4cbdcb0a8e9084ba58812ef6c40e078587f3c82140facd7e4a942a967e09580a4969fe4ff18a3c0156538253cf7271ee1be187ac03023eeb037d6b09093308cd5d6ebfccf11f43f9a9963431d1745088180bcd4d59e2bcb9241f4e73c5d72d390b47511a90b3e07f49dae42a11096070f11692f20f77c53b6067dba2171d959b5a2275debdd1a9c7a010efeb75b84ba5a7660b401376022d56817e423ccc9db1bc6b1d2b956782349d7c500986d7f0654e8fe3643715b99ec7334da180d4c011dcf727b2e0bacab1df94afd33a4b8f7bb66cda5811ea1500a00b158d660483287bc26bc04d01ae548ec804478df047de419cbfec2bde1051e1b50b8df92be4909a300094555983dcacf615ca79f394923721f1d9c3bf001ad93e89cf70b750049d40bf4f5f5703784a5d5a60d7918cafb4415a98d9dc69dee763053753e06b715ebdd2bf303fd0791c77038ca967c886722fd5c76f65091139160af6525d206b6c8aea3f08d866ba4b0254d20b231f4f3eae6358fdfc94dbb43cf964e343f06614dc433770765b3bd75395f8d8759c1e79535686ee0aa06ef60f3735629bfdd883c4461496439d5aea53039970021213373e401bd16705c50e97b76c6532d8bf0fc04489d7ae2090b084cee663c1fd87cf57d40f9da1dd035236a8f76dc9c52aa5a2de290316b81f8bcb800861619f6dd87afb591b0c4748cada2ac5e756842f416cdfa2f3007807d23684d519da66012bc1d0ce4e3c0072098d2b30125ce4e9d47ce5d0f60fe5eee78c055fcd18c20f2e2297edbba101e029d7b377f17495ba5add607aed8a9dc371cd8e4cc37c5251c60bcaee255702029a1b1d19eb8d8169984e542c094d70da123f541fb7b7ba0c889329d25a71ddb801276e01f63bc894781f6ec339220c6165e7ace8f9439708071b55aec0fd55d1e5b2f9e55d4f601d26ec4e9f84cfa43a33ce4181f6404686fa528a3e2340eb853814ad755fdd49e25e8d18d142204d191b13ffb1d8c2b52476e40d05b9f4ff263a0fad81398fc019fab8a42ed89bfc74899ceacb0325253349b08ba183d3528e0d2d9d3f19737e437087aad219a4adda404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + ], + "measurement": 0, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "e820f2d625ee3cabce61d583c8c4054e", + "82e8487025764348020264792b3d100f", + "0c8c76f65caf04ee0e22373be0d61ac5", + "fa6e2f2866078b31b90537e24416fad1", + "2aa44b74bb71c2548b15f78fb0d8a308", + "6fac2e4faa9a82029b9d39b72ec7a5a4", + "869eba63651472a34e9ac8faae398421", + "5d731a67081c36c4ff2a7130e611df5e", + "bb57ffcc3c44370131c88e16f74ad73e", + "c6a27c9c6c632820ba2ced4b0061bac1", + "83c43194cb8dd492735c763e54b8db10", + "143d28498127fcc54acce837c1d7f095", + "5c852ea368195f3a075cff32745e4c36", + "c68a06c8e5f6692f7668fc0688ee7b2f", + "cd1be9e341e8eb5fb5b976d4058a686f", + "56a1ed418b617499bd004287334052b4", + "b479ae311ef97b5fbdf7c285dbbd0261", + "234503e68f2902b94115adfcd6639945", + "c28b47c7ad2575473a55ff0d299326b7", + "e6f80364a4449715a002f0b0a84952fd", + "a92ed45cfe7bbd2cd7ba34a5ce185126", + "8c2a8852c64e0abd11500fe8c87c1bf3", + "d5e8a41b2794a64e56c44655aa8aa137", + "1984ca99584500a1b6d769b2d74409a3", + "c5718952c1bfb854e7a85c2a198afea1", + "5227b1172005f3b1b682767ef22a3a3b", + "1c6251cb9c4527426a4e48171c6cadf6", + "45573fefda9aed7e3548849f846481a6", + "ecac7d36be0e38ef28f6ae28909d229d", + "556a44cdbb4fa61bdb8f627c062b161b", + "c679640feee4c3d7584d20a6eb475f66", + "35680f4a6321ed9c0031f0523632dba7", + "2c349963f6f0a58f982b347d76388501", + "f6f0c16440230782fbb68c3605e94e1b", + "e01d6a321a353eeda86bbc36b2b89898", + "3cb994f99ebfd6d28a0c716e1a4710f1", + "3fad98148a00b7faf3c48c49cfbdb40f", + "bffe0b3167d2e01c8f227a0631843a94", + "eff15a613db675eeff55e451c37498fa", + "a4cf50c7cf5b51ff9e09715da14773e0", + "3a66869191058c64353056836665327b", + "74321e0a1191bf4f400d5e315548da71", + "08e40f80bea56f282d0d338e61449e9e", + "66b0d7b25e0735987966a4a7d1d1d092", + "34b74fed0bbf6fc996ad703dbf95cbc8", + "48d4d646f2cdc06fd956eb87de7fb213", + "431206b92387190aff870f4259a840de", + "9fd788a97451affebb1d2b65143c6107", + "d7a8e35b7a63905c9e16071d38ab6524", + "51e4c156fe074362bfe672079ee42e2a", + "264224d4c3090ae182088617fe2a87d4", + "93f6ebd36672456b3014d4c1bcafc105", + "ec77f9bedf1a62a7a82ef70396c5f767", + "dbd98873567275fac01a901016f214a2", + "768a06e71ae20736fb5f974a8efe8760", + "f4dc7e87f8223b451658ca0ef1ffa005", + "2637d542f00af9813a344a82ab700842", + "3f2be235dff4d6e37b055f8f5b78fe51", + "a994bfacdcbae1faabe006ac32a9ccf6", + "9d1e1d721fae8055c3f58392bd8200ed", + "d08cde43b01a6fe803f496d8beb595ef", + "1a121ed89f5cce5fb7f116c7bcfa1842", + "bd64fffe2ee5e89610d6e5fc6ff7b2e6", + "0c409a6a7bc15045a728a079c9d45368", + "2fa0907b916e3188ddae01baefa5521c", + "c966c6b9585fb4e68402792fc93e73b9", + "69f7e63743d20c2fd91bfcb938f342c2", + "985b8e1a19c25b7a2f002b236230dbce", + "bfae1a7b7d0940a193a5dec0edf39370", + "fa58d7ae88ed2afa51b60f2e70921814", + "9309753919e224d11b4804e1caf0254c", + "cee0a777b606f35aeb11831984019766", + "1afecb632982d79bd6ed52b743dfb0ef", + "62eecd1b7f94381c1acaaa007be45bd0", + "b7dec4325cc318b948c7302c5aad28d2", + "e4f8579ff92cfcc3c3a18f29386fc66a", + "e0b0b3990121c1aee83746f1a55a4aed", + "489fec02985c24cad582ebec7ba6c44d", + "2bf2c3e83071329ade2191d73b449ae8", + "7b408fead07c01593eae70c786f039d8", + "abf4a366e8e5571d0ebb06b7cc707a2e", + "c5306e3f76e97fab3a6c6dd975e74348", + "b8d4995868712714e3d10b74902a9d0c", + "d13b6b91b4347dc5af4d60ddea0e76bd", + "f4fd9815cd504434c9981d28bcf1bb22", + "ae66815774d4f003537d951a24a12c0a", + "e48218c6d31e954fe20f4334e0495d47", + "4950504fc9635cf5715c8efa06f93a81", + "67bc4607ebcc6e850c6aced635935b2f", + "354a4d2eff9c71cdd39798dffe596115", + "d89e901a43e0fabffd3f554f066c8212", + "add01fa47f79033aa175f4f8033057c4", + "f481381f3db1b5d9b2fd72e27aaecd2a", + "6568e5a724e4a699e89c287162eb44bb", + "f35efa71772f4fbb2650bd93ae4aa3a5", + "3192069c0734b4e9742e52955c819090", + "f3106af780bdd564036ddda405fe0a9e", + "9540e5787b7a3fde839f2375e091e63d", + "a54d6036c1bc50bf16efd6d198a0ff7d", + "df8c6d791d85ed885a53ecdee10ce40d" + ], + [ + "1adf0d29da11c354159e2a7c373bfab1", + "7f17b78fda89bcb7e1fd9b86d4c2eff0", + "f5738909a350fb11d5ddc8c41f29e53a", + "0791d0d799f874ce2afac81dbbe9052e", + "d75bb48b448e3dab58ea08704f275cf7", + "9253d1b055657dfd4862c648d1385a5b", + "7b61459c9aeb8d5c9565370551c67bde", + "a48ce598f7e3c93be4d48ecf19ee20a1", + "46a80033c3bbc8feb23771e908b528c1", + "3b5d8363939cd7df29d312b4ff9e453e", + "7e3bce6b34722b6d70a389c1ab4724ef", + "edc2d7b67ed8033a993317c83e280f6a", + "a57ad15c97e6a0c5dca300cd8ba1b3c9", + "3b75f9371a0996d06d9703f9771184d0", + "34e4161cbe1714a02e46892bfa759790", + "ab5e12be749e8b6626ffbd78ccbfad4b", + "4d8651cee10684a026083d7a2442fd9e", + "debafc1970d6fd46a2ea5203299c66ba", + "3f74b83852da8ab8a9aa00f2d66cd948", + "1b07fc9b5bbb68ea43fd0f4f57b6ad02", + "58d12ba3018442d30c45cb5a31e7aed9", + "75d577ad39b1f542d2aff0173783e40c", + "2c175be4d86b59b18d3bb9aa55755ec8", + "e87b3566a7baff5e2d28964d28bbf65c", + "3c8e76ad3e4047abfc56a3d5e675015e", + "afd84ee8dffa0c4e2d7d89810dd5c5c4", + "e59dae3463bad8bd79b1b7e8e3935209", + "bca8c01025651281aeb77b607b9b7e59", + "155382c941f1c710bb0951d76f62dd62", + "ac95bb3244b059e408709d83f9d4e9e4", + "3b869bf0111b3c288bb2df5914b8a099", + "cc97f0b59cde1263e3ce0fadc9cd2458", + "d5cb669c090f5a704bd4cb8289c77afe", + "0b0f3e9bbfdcf87de84873c9fa16b1e4", + "21e295cde5cac1123b9443c94d476767", + "c5466b066140292d59f38e91e5b8ef0e", + "c25267eb75ff4805f03a73b630424bf0", + "4201f4ce982d1fe354dd85f9ce7bc56b", + "120ea59ec2498a11e4a91bae3c8b6705", + "5d30af3830a4ae0045f68ea25eb88c1f", + "c799796e6efa739baecfa97c999acd84", + "8dcde1f5ee6e40b0a3f2a1ceaab7258e", + "f91bf07f415a90d7b6f2cc719ebb6161", + "9b4f284da1f8ca676a995b582e2e2f6d", + "cd48b012f44090364d528fc2406a3437", + "b92b29b90d323f900aa9147821804dec", + "beedf946dc78e6f5e477f0bda657bf21", + "622877568bae500128e2d49aebc39ef8", + "2a571ca4859c6fa345e9f8e2c7549adb", + "b01b3ea901f8bc9d24198df8611bd1d5", + "dbbddb2b3cf6f51e61f779e801d5782b", + "6e09142c998dba94b3eb2b3e43503efa", + "1588064120e59d583bd108fc693a0898", + "2626778ca98d8a0523e56fefe90deb5d", + "8b75f918e51df8c9e89f68b57101789f", + "0d23817807ddc4bacda735f10e005ffa", + "dbc82abd0ff5067ea9cbb57d548ff7bd", + "c2d41dca200b291c68faa070a48701ae", + "586b405323451e05381ff953cd563309", + "64e1e28de0517faa200a7c6d427dff12", + "317321bc4fe59017e00b6927414a6a10", + "e7ede12760a331a02c0ee9384305e7bd", + "449b0001d11a1769d3291a0390084d19", + "f5bf6595843eafba3cd75f86362bac97", + "d25f6f846e91ce770651fe45105aade3", + "38993946a7a04b195ffd86d036c18c46", + "980819c8bc2df3d00ae40346c70cbd3d", + "69a471e5e63da485b4ffd4dc9dcf2431", + "4251e58482f6bf5e505a213f120c6c8f", + "07a728517712d5059249f0d18f6de7eb", + "6ef68ac6e61ddb2ec8b7fb1e350fdab3", + "331f588849f90ca5f8ed7ce67bfe6899", + "e701349cd67d28640d12ad48bc204f10", + "9f1132e4806bc7e3c93555ff841ba42f", + "4a213bcda33ce7469b38cfd3a552d72d", + "1d07a86006d3033c205e70d6c7903995", + "214f4c66fede3e51fbc7b90e5aa5b512", + "b96013fd67a3db350e7d141384593bb2", + "d60d3c17cf8ecd6505de6e28c4bb6517", + "86bf70152f83fea6a5518f38790fc627", + "560b5c99171aa8e2d544f948338f85d1", + "3ccf91c089168054a99392268a18bcb7", + "492b66a7978ed8eb002ef48b6fd562f3", + "30c4946e4bcb823a34b29f2215f18942", + "0d0267ea32afbbcb1a67e2d7430e44dd", + "53997ea88b2b0ffc90826ae5db5ed3f5", + "1d7de7392ce16ab001f0bccb1fb6a2b8", + "b8afafb0369ca30a72a37105f906c57e", + "9a43b9f81433917ad7953129ca6ca4d0", + "ccb5b2d100638e321068672001a69eea", + "29616fe5bc1f0540e6bfaab0f9937ded", + "542fe05b8086fcc5428a0b07fccfa83b", + "0d7ec7e0c24e4a2631028d1d855132d5", + "9c971a58db1b5966fb62d78e9d14bb44", + "0ea1058e88d0b044bdaf426c51b55c5a", + "d06df963f8cb4b166fd1ad6aa37e6f6f", + "0eef95087f422a9be092225bfa01f561", + "6cbf1a878485c0216060dc8a1f6e19c2", + "5cb29fc93e43af40cd10292e675f0082", + "22739286e27a127789ac13211ef31bf2" + ] + ], + "prep_messages": [ + "774e1ebb45b1c0e11bf01b23d0a2f1822a68e27345e3f5ff256e9253dad417ad" + ], + "prep_shares": [ + [ + "66e14d38c90694ecaed6e1e6e54ff37f626cd891b3b1ffe20bacaa5741a9b19676678c90abe6b88bd2e821d21c7211c061da7b45ff16d851eb4ef88cc3f89ecd56cc565ec94950085319139daef295682a34ee3b89f4b71ca6e8bf5930ff033b1771b890a81981bd862ff9eb352d2c7a7f98b8e30631d46d75eda32a07f681fa388813e1976784d821d2babaedcd760dba72a20438b47e581667aed24ff37a22eca51216da0b13cd6c9c7978189efda7293867a3a10cde89e65ac695e94983832b6143d62e4e1229aa7f5ea7853901c6046e04bf993f1b75c67623131ff658f43521e9a9f0eb93b2a26dbdf9654d6c6859ebb4f2ba4cece36f8bd4d93ad9fb5970a03cdeee9719af30cf68bd18cf728ad26a549be48bd7203945fb904d6aed93db7b5dead163e4ce99128251a44a6476921b916493511ee254c5c44bd0793bcd8bc37948a39bc02ee7a80168be082b46ccbeeadfaa954a31a899367aed48f364225526ab0a748466845abda64883baf691a577e092b36c8178a3e3c4f7fecc79", + "9b1eb2c736f96b1335291e191ab00c80e550c1b959b141150218275087013144cac1655435b03aec8c6f8aa8c6798e052853e97b4dc3fff2cd7ad75fc07cd6471db842439560a70ce333a273d4da9b37b5276e90b6d9064bd2029fefa536a53d1d51e55b553ea3a4056d627a2e5b2ced984b1b63f1ddff1b75113a943bb4e4da12ba32779614365afdfd645a8b3fa517d35a5ca6e2202e9c699be20508d129015e4d60fbae27377187a09ee9d933ce0630a5686c066e2819861586d9876c961c1f97bf8466cbf7dda8442d7f7af37c3289712987fb6367798647ac591469905a345318abde99a7db7b9fee2a33d5938d48ad5d7fd0be8207c4220c7d2ab45fcbe9761e56d960409a891124141f1ff5a19cd1abd0ab3c1baab4297de51ccb6ae24c3d78cad0829883f6c1f520ec2808c74a2705d30935ba4c32be7225941b1dfe0d61f8fc19a8f4829a1853b60eba481c3177450712ccb1da331bd9ad3fd98d3e40ae4be243e624b1ffde96162c2fa48392128bd79d2861098ffc5ab20af7ec18" + ] + ], + "public_share": "225526ab0a748466845abda64883baf691a577e092b36c8178a3e3c4f7fecc7940ae4be243e624b1ffde96162c2fa48392128bd79d2861098ffc5ab20af7ec18", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + }, + { + "input_shares": [ + "e820f2d625ee3cabce61d583c8c4054e82e8487025764348020264792b3d100f0c8c76f65caf04ee0e22373be0d61ac5fa6e2f2866078b31b90537e24416fad12aa44b74bb71c2548b15f78fb0d8a3086fac2e4faa9a82029b9d39b72ec7a5a4869eba63651472a34e9ac8faae3984215d731a67081c36c4ff2a7130e611df5ebb57ffcc3c44370131c88e16f74ad73ec6a27c9c6c632820ba2ced4b0061bac183c43194cb8dd492735c763e54b8db10143d28498127fcc54acce837c1d7f0955c852ea368195f3a075cff32745e4c36c68a06c8e5f6692f7668fc0688ee7b2fcd1be9e341e8eb5fb5b976d4058a686f56a1ed418b617499bd004287334052b4b479ae311ef97b5fbdf7c285dbbd0261234503e68f2902b94115adfcd6639945c28b47c7ad2575473a55ff0d299326b7e6f80364a4449715a002f0b0a84952fda92ed45cfe7bbd2cd7ba34a5ce1851268c2a8852c64e0abd11500fe8c87c1bf3d5e8a41b2794a64e56c44655aa8aa1371984ca99584500a1b6d769b2d74409a3c5718952c1bfb854e7a85c2a198afea15227b1172005f3b1b682767ef22a3a3b1c6251cb9c4527426a4e48171c6cadf645573fefda9aed7e3548849f846481a6ecac7d36be0e38ef28f6ae28909d229d556a44cdbb4fa61bdb8f627c062b161bc679640feee4c3d7584d20a6eb475f6635680f4a6321ed9c0031f0523632dba72c349963f6f0a58f982b347d76388501f6f0c16440230782fbb68c3605e94e1be01d6a321a353eeda86bbc36b2b898983cb994f99ebfd6d28a0c716e1a4710f13fad98148a00b7faf3c48c49cfbdb40fbffe0b3167d2e01c8f227a0631843a94eff15a613db675eeff55e451c37498faa4cf50c7cf5b51ff9e09715da14773e03a66869191058c64353056836665327b74321e0a1191bf4f400d5e315548da7108e40f80bea56f282d0d338e61449e9e66b0d7b25e0735987966a4a7d1d1d09234b74fed0bbf6fc996ad703dbf95cbc848d4d646f2cdc06fd956eb87de7fb213431206b92387190aff870f4259a840de9fd788a97451affebb1d2b65143c6107d7a8e35b7a63905c9e16071d38ab652451e4c156fe074362bfe672079ee42e2a264224d4c3090ae182088617fe2a87d493f6ebd36672456b3014d4c1bcafc105ec77f9bedf1a62a7a82ef70396c5f767dbd98873567275fac01a901016f214a2768a06e71ae20736fb5f974a8efe8760f4dc7e87f8223b451658ca0ef1ffa0052637d542f00af9813a344a82ab7008423f2be235dff4d6e37b055f8f5b78fe51a994bfacdcbae1faabe006ac32a9ccf69d1e1d721fae8055c3f58392bd8200edd08cde43b01a6fe803f496d8beb595ef1a121ed89f5cce5fb7f116c7bcfa1842bd64fffe2ee5e89610d6e5fc6ff7b2e60c409a6a7bc15045a728a079c9d453682fa0907b916e3188ddae01baefa5521cc966c6b9585fb4e68402792fc93e73b969f7e63743d20c2fd91bfcb938f342c2985b8e1a19c25b7a2f002b236230dbcebfae1a7b7d0940a193a5dec0edf39370fa58d7ae88ed2afa51b60f2e709218149309753919e224d11b4804e1caf0254ccee0a777b606f35aeb118319840197661afecb632982d79bd6ed52b743dfb0ef62eecd1b7f94381c1acaaa007be45bd0b7dec4325cc318b948c7302c5aad28d2e4f8579ff92cfcc3c3a18f29386fc66ae0b0b3990121c1aee83746f1a55a4aed489fec02985c24cad582ebec7ba6c44d2bf2c3e83071329ade2191d73b449ae87b408fead07c01593eae70c786f039d8abf4a366e8e5571d0ebb06b7cc707a2ec5306e3f76e97fab3a6c6dd975e74348b8d4995868712714e3d10b74902a9d0cd13b6b91b4347dc5af4d60ddea0e76bdf4fd9815cd504434c9981d28bcf1bb22ae66815774d4f003537d951a24a12c0ae48218c6d31e954fe20f4334e0495d474950504fc9635cf5715c8efa06f93a8167bc4607ebcc6e850c6aced635935b2f354a4d2eff9c71cdd39798dffe596115d89e901a43e0fabffd3f554f066c8212add01fa47f79033aa175f4f8033057c4f481381f3db1b5d9b2fd72e27aaecd2a6568e5a724e4a699e89c287162eb44bbf35efa71772f4fbb2650bd93ae4aa3a53192069c0734b4e9742e52955c819090f3106af780bdd564036ddda405fe0a9e9540e5787b7a3fde839f2375e091e63da54d6036c1bc50bf16efd6d198a0ff7ddf8c6d791d85ed885a53ecdee10ce40dd878d8b7b93954e80a0a008ae08698e74409c646c5089bf508d7b32589a4442c84c94b77dd83e10d4cbdcb0a8e9084ba58812ef6c40e078587f3c82140facd7e4a942a967e09580a4969fe4ff18a3c0156538253cf7271ee1be187ac03023eeb037d6b09093308cd5d6ebfccf11f43f9a9963431d1745088180bcd4d59e2bcb9241f4e73c5d72d390b47511a90b3e07f49dae42a11096070f11692f20f77c53b6067dba2171d959b5a2275debdd1a9c7a010efeb75b84ba5a7660b401376022d56817e423ccc9db1bc6b1d2b956782349d7c500986d7f0654e8fe3643715b99ec7334da180d4c011dcf727b2e0bacab1df94afd33a4b8f7bb66cda5811ea1500a00b158d660483287bc26bc04d01ae548ec804478df047de419cbfec2bde1051e1b50b8df92be4909a300094555983dcacf615ca79f394923721f1d9c3bf001ad93e89cf70b750049d40bf4f5f5703784a5d5a60d7918cafb4415a98d9dc69dee763053753e06b715ebdd2bf303fd0791c77038ca967c886722fd5c76f65091139160af6525d206b6c8aea3f08d866ba4b0254d20b231f4f3eae6358fdfc94dbb43cf964e343f06614dc433770765b3bd75395f8d8759c1e79535686ee0aa06ef60f3735629bfdd883c4461496439d5aea53039970021213373e401bd16705c50e97b76c6532d8bf0fc04489d7ae2090b084cee663c1fd87cf57d40f9da1dd035236a8f76dc9c52aa5a2de290316b81f8bcb800861619f6dd87afb591b0c4748cada2ac5e756842f416cdfa2f3007807d23684d519da66012bc1d0ce4e3c0072098d2b30125ce4e9d47ce5d0f60fe5eee78c055fcd18c20f2e2297edbba101e029d7b377f17495ba5add607aed8a9dc371cd8e4cc37c5251c60bcaee255702029a1b1d19eb8d8169984e542c094d70da123f541fb7b7ba0c889329d25a71ddb801276e01f63bc894781f6ec339220c6165e7ace8f9439708071b55aec0fd55d1e5b2f9e55d4f601d26ec4e9f84cfa43a33ce4181f6404686fa528a3e2340eb853814ad755fdd49e25e8d18d142204d191b13ffb1d8c2b52476e40d05b9f4ff263a0fad81398fc019fab8a42ed89bfc74899ceacb0325253349b08ba183d3528e0d2d9d3f19737e437087aad219a4adda404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + ], + "measurement": 0, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "e820f2d625ee3cabce61d583c8c4054e", + "82e8487025764348020264792b3d100f", + "0c8c76f65caf04ee0e22373be0d61ac5", + "fa6e2f2866078b31b90537e24416fad1", + "2aa44b74bb71c2548b15f78fb0d8a308", + "6fac2e4faa9a82029b9d39b72ec7a5a4", + "869eba63651472a34e9ac8faae398421", + "5d731a67081c36c4ff2a7130e611df5e", + "bb57ffcc3c44370131c88e16f74ad73e", + "c6a27c9c6c632820ba2ced4b0061bac1", + "83c43194cb8dd492735c763e54b8db10", + "143d28498127fcc54acce837c1d7f095", + "5c852ea368195f3a075cff32745e4c36", + "c68a06c8e5f6692f7668fc0688ee7b2f", + "cd1be9e341e8eb5fb5b976d4058a686f", + "56a1ed418b617499bd004287334052b4", + "b479ae311ef97b5fbdf7c285dbbd0261", + "234503e68f2902b94115adfcd6639945", + "c28b47c7ad2575473a55ff0d299326b7", + "e6f80364a4449715a002f0b0a84952fd", + "a92ed45cfe7bbd2cd7ba34a5ce185126", + "8c2a8852c64e0abd11500fe8c87c1bf3", + "d5e8a41b2794a64e56c44655aa8aa137", + "1984ca99584500a1b6d769b2d74409a3", + "c5718952c1bfb854e7a85c2a198afea1", + "5227b1172005f3b1b682767ef22a3a3b", + "1c6251cb9c4527426a4e48171c6cadf6", + "45573fefda9aed7e3548849f846481a6", + "ecac7d36be0e38ef28f6ae28909d229d", + "556a44cdbb4fa61bdb8f627c062b161b", + "c679640feee4c3d7584d20a6eb475f66", + "35680f4a6321ed9c0031f0523632dba7", + "2c349963f6f0a58f982b347d76388501", + "f6f0c16440230782fbb68c3605e94e1b", + "e01d6a321a353eeda86bbc36b2b89898", + "3cb994f99ebfd6d28a0c716e1a4710f1", + "3fad98148a00b7faf3c48c49cfbdb40f", + "bffe0b3167d2e01c8f227a0631843a94", + "eff15a613db675eeff55e451c37498fa", + "a4cf50c7cf5b51ff9e09715da14773e0", + "3a66869191058c64353056836665327b", + "74321e0a1191bf4f400d5e315548da71", + "08e40f80bea56f282d0d338e61449e9e", + "66b0d7b25e0735987966a4a7d1d1d092", + "34b74fed0bbf6fc996ad703dbf95cbc8", + "48d4d646f2cdc06fd956eb87de7fb213", + "431206b92387190aff870f4259a840de", + "9fd788a97451affebb1d2b65143c6107", + "d7a8e35b7a63905c9e16071d38ab6524", + "51e4c156fe074362bfe672079ee42e2a", + "264224d4c3090ae182088617fe2a87d4", + "93f6ebd36672456b3014d4c1bcafc105", + "ec77f9bedf1a62a7a82ef70396c5f767", + "dbd98873567275fac01a901016f214a2", + "768a06e71ae20736fb5f974a8efe8760", + "f4dc7e87f8223b451658ca0ef1ffa005", + "2637d542f00af9813a344a82ab700842", + "3f2be235dff4d6e37b055f8f5b78fe51", + "a994bfacdcbae1faabe006ac32a9ccf6", + "9d1e1d721fae8055c3f58392bd8200ed", + "d08cde43b01a6fe803f496d8beb595ef", + "1a121ed89f5cce5fb7f116c7bcfa1842", + "bd64fffe2ee5e89610d6e5fc6ff7b2e6", + "0c409a6a7bc15045a728a079c9d45368", + "2fa0907b916e3188ddae01baefa5521c", + "c966c6b9585fb4e68402792fc93e73b9", + "69f7e63743d20c2fd91bfcb938f342c2", + "985b8e1a19c25b7a2f002b236230dbce", + "bfae1a7b7d0940a193a5dec0edf39370", + "fa58d7ae88ed2afa51b60f2e70921814", + "9309753919e224d11b4804e1caf0254c", + "cee0a777b606f35aeb11831984019766", + "1afecb632982d79bd6ed52b743dfb0ef", + "62eecd1b7f94381c1acaaa007be45bd0", + "b7dec4325cc318b948c7302c5aad28d2", + "e4f8579ff92cfcc3c3a18f29386fc66a", + "e0b0b3990121c1aee83746f1a55a4aed", + "489fec02985c24cad582ebec7ba6c44d", + "2bf2c3e83071329ade2191d73b449ae8", + "7b408fead07c01593eae70c786f039d8", + "abf4a366e8e5571d0ebb06b7cc707a2e", + "c5306e3f76e97fab3a6c6dd975e74348", + "b8d4995868712714e3d10b74902a9d0c", + "d13b6b91b4347dc5af4d60ddea0e76bd", + "f4fd9815cd504434c9981d28bcf1bb22", + "ae66815774d4f003537d951a24a12c0a", + "e48218c6d31e954fe20f4334e0495d47", + "4950504fc9635cf5715c8efa06f93a81", + "67bc4607ebcc6e850c6aced635935b2f", + "354a4d2eff9c71cdd39798dffe596115", + "d89e901a43e0fabffd3f554f066c8212", + "add01fa47f79033aa175f4f8033057c4", + "f481381f3db1b5d9b2fd72e27aaecd2a", + "6568e5a724e4a699e89c287162eb44bb", + "f35efa71772f4fbb2650bd93ae4aa3a5", + "3192069c0734b4e9742e52955c819090", + "f3106af780bdd564036ddda405fe0a9e", + "9540e5787b7a3fde839f2375e091e63d", + "a54d6036c1bc50bf16efd6d198a0ff7d", + "df8c6d791d85ed885a53ecdee10ce40d" + ], + [ + "1adf0d29da11c354159e2a7c373bfab1", + "7f17b78fda89bcb7e1fd9b86d4c2eff0", + "f5738909a350fb11d5ddc8c41f29e53a", + "0791d0d799f874ce2afac81dbbe9052e", + "d75bb48b448e3dab58ea08704f275cf7", + "9253d1b055657dfd4862c648d1385a5b", + "7b61459c9aeb8d5c9565370551c67bde", + "a48ce598f7e3c93be4d48ecf19ee20a1", + "46a80033c3bbc8feb23771e908b528c1", + "3b5d8363939cd7df29d312b4ff9e453e", + "7e3bce6b34722b6d70a389c1ab4724ef", + "edc2d7b67ed8033a993317c83e280f6a", + "a57ad15c97e6a0c5dca300cd8ba1b3c9", + "3b75f9371a0996d06d9703f9771184d0", + "34e4161cbe1714a02e46892bfa759790", + "ab5e12be749e8b6626ffbd78ccbfad4b", + "4d8651cee10684a026083d7a2442fd9e", + "debafc1970d6fd46a2ea5203299c66ba", + "3f74b83852da8ab8a9aa00f2d66cd948", + "1b07fc9b5bbb68ea43fd0f4f57b6ad02", + "58d12ba3018442d30c45cb5a31e7aed9", + "75d577ad39b1f542d2aff0173783e40c", + "2c175be4d86b59b18d3bb9aa55755ec8", + "e87b3566a7baff5e2d28964d28bbf65c", + "3c8e76ad3e4047abfc56a3d5e675015e", + "afd84ee8dffa0c4e2d7d89810dd5c5c4", + "e59dae3463bad8bd79b1b7e8e3935209", + "bca8c01025651281aeb77b607b9b7e59", + "155382c941f1c710bb0951d76f62dd62", + "ac95bb3244b059e408709d83f9d4e9e4", + "3b869bf0111b3c288bb2df5914b8a099", + "cc97f0b59cde1263e3ce0fadc9cd2458", + "d5cb669c090f5a704bd4cb8289c77afe", + "0b0f3e9bbfdcf87de84873c9fa16b1e4", + "21e295cde5cac1123b9443c94d476767", + "c5466b066140292d59f38e91e5b8ef0e", + "c25267eb75ff4805f03a73b630424bf0", + "4201f4ce982d1fe354dd85f9ce7bc56b", + "120ea59ec2498a11e4a91bae3c8b6705", + "5d30af3830a4ae0045f68ea25eb88c1f", + "c799796e6efa739baecfa97c999acd84", + "8dcde1f5ee6e40b0a3f2a1ceaab7258e", + "f91bf07f415a90d7b6f2cc719ebb6161", + "9b4f284da1f8ca676a995b582e2e2f6d", + "cd48b012f44090364d528fc2406a3437", + "b92b29b90d323f900aa9147821804dec", + "beedf946dc78e6f5e477f0bda657bf21", + "622877568bae500128e2d49aebc39ef8", + "2a571ca4859c6fa345e9f8e2c7549adb", + "b01b3ea901f8bc9d24198df8611bd1d5", + "dbbddb2b3cf6f51e61f779e801d5782b", + "6e09142c998dba94b3eb2b3e43503efa", + "1588064120e59d583bd108fc693a0898", + "2626778ca98d8a0523e56fefe90deb5d", + "8b75f918e51df8c9e89f68b57101789f", + "0d23817807ddc4bacda735f10e005ffa", + "dbc82abd0ff5067ea9cbb57d548ff7bd", + "c2d41dca200b291c68faa070a48701ae", + "586b405323451e05381ff953cd563309", + "64e1e28de0517faa200a7c6d427dff12", + "317321bc4fe59017e00b6927414a6a10", + "e7ede12760a331a02c0ee9384305e7bd", + "449b0001d11a1769d3291a0390084d19", + "f5bf6595843eafba3cd75f86362bac97", + "d25f6f846e91ce770651fe45105aade3", + "38993946a7a04b195ffd86d036c18c46", + "980819c8bc2df3d00ae40346c70cbd3d", + "69a471e5e63da485b4ffd4dc9dcf2431", + "4251e58482f6bf5e505a213f120c6c8f", + "07a728517712d5059249f0d18f6de7eb", + "6ef68ac6e61ddb2ec8b7fb1e350fdab3", + "331f588849f90ca5f8ed7ce67bfe6899", + "e701349cd67d28640d12ad48bc204f10", + "9f1132e4806bc7e3c93555ff841ba42f", + "4a213bcda33ce7469b38cfd3a552d72d", + "1d07a86006d3033c205e70d6c7903995", + "214f4c66fede3e51fbc7b90e5aa5b512", + "b96013fd67a3db350e7d141384593bb2", + "d60d3c17cf8ecd6505de6e28c4bb6517", + "86bf70152f83fea6a5518f38790fc627", + "560b5c99171aa8e2d544f948338f85d1", + "3ccf91c089168054a99392268a18bcb7", + "492b66a7978ed8eb002ef48b6fd562f3", + "30c4946e4bcb823a34b29f2215f18942", + "0d0267ea32afbbcb1a67e2d7430e44dd", + "53997ea88b2b0ffc90826ae5db5ed3f5", + "1d7de7392ce16ab001f0bccb1fb6a2b8", + "b8afafb0369ca30a72a37105f906c57e", + "9a43b9f81433917ad7953129ca6ca4d0", + "ccb5b2d100638e321068672001a69eea", + "29616fe5bc1f0540e6bfaab0f9937ded", + "542fe05b8086fcc5428a0b07fccfa83b", + "0d7ec7e0c24e4a2631028d1d855132d5", + "9c971a58db1b5966fb62d78e9d14bb44", + "0ea1058e88d0b044bdaf426c51b55c5a", + "d06df963f8cb4b166fd1ad6aa37e6f6f", + "0eef95087f422a9be092225bfa01f561", + "6cbf1a878485c0216060dc8a1f6e19c2", + "5cb29fc93e43af40cd10292e675f0082", + "22739286e27a127789ac13211ef31bf2" + ] + ], + "prep_messages": [ + "774e1ebb45b1c0e11bf01b23d0a2f1822a68e27345e3f5ff256e9253dad417ad" + ], + "prep_shares": [ + [ + "66e14d38c90694ecaed6e1e6e54ff37f626cd891b3b1ffe20bacaa5741a9b19676678c90abe6b88bd2e821d21c7211c061da7b45ff16d851eb4ef88cc3f89ecd56cc565ec94950085319139daef295682a34ee3b89f4b71ca6e8bf5930ff033b1771b890a81981bd862ff9eb352d2c7a7f98b8e30631d46d75eda32a07f681fa388813e1976784d821d2babaedcd760dba72a20438b47e581667aed24ff37a22eca51216da0b13cd6c9c7978189efda7293867a3a10cde89e65ac695e94983832b6143d62e4e1229aa7f5ea7853901c6046e04bf993f1b75c67623131ff658f43521e9a9f0eb93b2a26dbdf9654d6c6859ebb4f2ba4cece36f8bd4d93ad9fb5970a03cdeee9719af30cf68bd18cf728ad26a549be48bd7203945fb904d6aed93db7b5dead163e4ce99128251a44a6476921b916493511ee254c5c44bd0793bcd8bc37948a39bc02ee7a80168be082b46ccbeeadfaa954a31a899367aed48f364225526ab0a748466845abda64883baf691a577e092b36c8178a3e3c4f7fecc79", + "9b1eb2c736f96b1335291e191ab00c80e550c1b959b141150218275087013144cac1655435b03aec8c6f8aa8c6798e052853e97b4dc3fff2cd7ad75fc07cd6471db842439560a70ce333a273d4da9b37b5276e90b6d9064bd2029fefa536a53d1d51e55b553ea3a4056d627a2e5b2ced984b1b63f1ddff1b75113a943bb4e4da12ba32779614365afdfd645a8b3fa517d35a5ca6e2202e9c699be20508d129015e4d60fbae27377187a09ee9d933ce0630a5686c066e2819861586d9876c961c1f97bf8466cbf7dda8442d7f7af37c3289712987fb6367798647ac591469905a345318abde99a7db7b9fee2a33d5938d48ad5d7fd0be8207c4220c7d2ab45fcbe9761e56d960409a891124141f1ff5a19cd1abd0ab3c1baab4297de51ccb6ae24c3d78cad0829883f6c1f520ec2808c74a2705d30935ba4c32be7225941b1dfe0d61f8fc19a8f4829a1853b60eba481c3177450712ccb1da331bd9ad3fd98d3e40ae4be243e624b1ffde96162c2fa48392128bd79d2861098ffc5ab20af7ec18" + ] + ], + "public_share": "225526ab0a748466845abda64883baf691a577e092b36c8178a3e3c4f7fecc7940ae4be243e624b1ffde96162c2fa48392128bd79d2861098ffc5ab20af7ec18", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + }, + { + "input_shares": [ + "e720f2d625ee3cabce61d583c8c4054e83e8487025764348020264792b3d100f0c8c76f65caf04ee0e22373be0d61ac5fa6e2f2866078b31b90537e24416fad12aa44b74bb71c2548b15f78fb0d8a3086fac2e4faa9a82029b9d39b72ec7a5a4869eba63651472a34e9ac8faae3984215d731a67081c36c4ff2a7130e611df5ebb57ffcc3c44370131c88e16f74ad73ec6a27c9c6c632820ba2ced4b0061bac183c43194cb8dd492735c763e54b8db10143d28498127fcc54acce837c1d7f0955c852ea368195f3a075cff32745e4c36c68a06c8e5f6692f7668fc0688ee7b2fcd1be9e341e8eb5fb5b976d4058a686f56a1ed418b617499bd004287334052b4b479ae311ef97b5fbdf7c285dbbd0261234503e68f2902b94115adfcd6639945c28b47c7ad2575473a55ff0d299326b7e6f80364a4449715a002f0b0a84952fda92ed45cfe7bbd2cd7ba34a5ce1851268c2a8852c64e0abd11500fe8c87c1bf3d5e8a41b2794a64e56c44655aa8aa1371984ca99584500a1b6d769b2d74409a3c5718952c1bfb854e7a85c2a198afea15227b1172005f3b1b682767ef22a3a3b1c6251cb9c4527426a4e48171c6cadf645573fefda9aed7e3548849f846481a6ecac7d36be0e38ef28f6ae28909d229d556a44cdbb4fa61bdb8f627c062b161bc679640feee4c3d7584d20a6eb475f6635680f4a6321ed9c0031f0523632dba72c349963f6f0a58f982b347d76388501f6f0c16440230782fbb68c3605e94e1be01d6a321a353eeda86bbc36b2b898983cb994f99ebfd6d28a0c716e1a4710f13fad98148a00b7faf3c48c49cfbdb40fbffe0b3167d2e01c8f227a0631843a94eff15a613db675eeff55e451c37498faa4cf50c7cf5b51ff9e09715da14773e03a66869191058c64353056836665327b74321e0a1191bf4f400d5e315548da7108e40f80bea56f282d0d338e61449e9e66b0d7b25e0735987966a4a7d1d1d09234b74fed0bbf6fc996ad703dbf95cbc848d4d646f2cdc06fd956eb87de7fb213431206b92387190aff870f4259a840de9fd788a97451affebb1d2b65143c6107d7a8e35b7a63905c9e16071d38ab652451e4c156fe074362bfe672079ee42e2a264224d4c3090ae182088617fe2a87d493f6ebd36672456b3014d4c1bcafc105ec77f9bedf1a62a7a82ef70396c5f767dbd98873567275fac01a901016f214a2768a06e71ae20736fb5f974a8efe8760f4dc7e87f8223b451658ca0ef1ffa0052637d542f00af9813a344a82ab7008423f2be235dff4d6e37b055f8f5b78fe51a994bfacdcbae1faabe006ac32a9ccf69d1e1d721fae8055c3f58392bd8200edd08cde43b01a6fe803f496d8beb595ef1a121ed89f5cce5fb7f116c7bcfa1842bd64fffe2ee5e89610d6e5fc6ff7b2e60c409a6a7bc15045a728a079c9d453682fa0907b916e3188ddae01baefa5521cc966c6b9585fb4e68402792fc93e73b969f7e63743d20c2fd91bfcb938f342c2985b8e1a19c25b7a2f002b236230dbcebfae1a7b7d0940a193a5dec0edf39370fa58d7ae88ed2afa51b60f2e709218149309753919e224d11b4804e1caf0254ccee0a777b606f35aeb118319840197661afecb632982d79bd6ed52b743dfb0ef62eecd1b7f94381c1acaaa007be45bd0b7dec4325cc318b948c7302c5aad28d2e4f8579ff92cfcc3c3a18f29386fc66ae0b0b3990121c1aee83746f1a55a4aed489fec02985c24cad582ebec7ba6c44d2bf2c3e83071329ade2191d73b449ae87b408fead07c01593eae70c786f039d8abf4a366e8e5571d0ebb06b7cc707a2ec5306e3f76e97fab3a6c6dd975e74348b8d4995868712714e3d10b74902a9d0cd13b6b91b4347dc5af4d60ddea0e76bdf4fd9815cd504434c9981d28bcf1bb22ae66815774d4f003537d951a24a12c0ae48218c6d31e954fe20f4334e0495d474950504fc9635cf5715c8efa06f93a8167bc4607ebcc6e850c6aced635935b2f354a4d2eff9c71cdd39798dffe596115d89e901a43e0fabffd3f554f066c8212add01fa47f79033aa175f4f8033057c4f481381f3db1b5d9b2fd72e27aaecd2a6568e5a724e4a699e89c287162eb44bbf35efa71772f4fbb2650bd93ae4aa3a53192069c0734b4e9742e52955c819090f3106af780bdd564036ddda405fe0a9e9540e5787b7a3fde839f2375e091e63da54d6036c1bc50bf16efd6d198a0ff7ddf8c6d791d85ed885a53ecdee10ce40dd878d8b7b93954e80a0a008ae08698e74409c646c5089bf508d7b32589a4442c84c94b77dd83e10d4cbdcb0a8e9084ba58812ef6c40e078587f3c82140facd7e4a942a967e09580a4969fe4ff18a3c0156538253cf7271ee1be187ac03023eeb037d6b09093308cd5d6ebfccf11f43f9a9963431d1745088180bcd4d59e2bcb9241f4e73c5d72d390b47511a90b3e07f49dae42a11096070f11692f20f77c53b6067dba2171d959b5a2275debdd1a9c7a010efeb75b84ba5a7660b401376022d56817e423ccc9db1bc6b1d2b956782349d7c500986d7f0654e8fe3643715b99ec7334da180d4c011dcf727b2e0bacab1df94afd33a4b8f7bb66cda5811ea1500a00b158d660483287bc26bc04d01ae548ec804478df047de419cbfec2bde1051e1b50b8df92be4909a300094555983dcacf615ca79f394923721f1d9c3bf001a92228f3ccf7a882871c5980e660230bac0d8dea0fc22f19353fb54c7e29323ed695a9287c7f97fa5d28f831c0644eee64859883b45bcb72cde0f94bf15e4f1a0ca010d171f73ac7729747974c545d7e8424eae6e64080a799fcf6cf3887a52c66fe9ef132718818e5db2daf9e68d2ec01bdffc16380204204b42692a36fed01cfa2fbcf7ec15347c1181ad8928e8cd7e8d8ab83b31f0c7462a13e62fa3f57e89ded227e903176d2d86969a88ac3e0a0a86506a1ad970838c0190ca339e71bdc639a7507812dcc08b75df9c660d872476272e22a5484f52c4118fbcf097916d4f84d013b22419c79894a19f858ce82b8ad23684d519da66012bc1d0ce4e3c007250a925c3b398acc500f80b12f064b8ac7111811ea8875d2b8f689cbeb2ea47d1a7e026277d5b8186e60ab01d18867f5646eb099d272863ab3e2b0bf77fd8197209301af81e78f55cdb64c5f74bdfffab1bf3f9825ed2cfe226722037cff31fce477a7752b267376d1349d700c30a39dc205c45ca9ab72f07512c420a790a2523e1927423d3d4297a982fe829f22a741690978cde35539052077ee42951b271c168d83cf9c0f8b474e8b6c2d16d90639f4647637e6313302028ac17e1b7242064539e0401957cc5b8297ce6f1cd2a901eed39492f1c3772dc0f9cca0a074e2c875337b452dcb03bda1c52eaef80bcf957404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + ], + "measurement": 1, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "e720f2d625ee3cabce61d583c8c4054e", + "83e8487025764348020264792b3d100f", + "0c8c76f65caf04ee0e22373be0d61ac5", + "fa6e2f2866078b31b90537e24416fad1", + "2aa44b74bb71c2548b15f78fb0d8a308", + "6fac2e4faa9a82029b9d39b72ec7a5a4", + "869eba63651472a34e9ac8faae398421", + "5d731a67081c36c4ff2a7130e611df5e", + "bb57ffcc3c44370131c88e16f74ad73e", + "c6a27c9c6c632820ba2ced4b0061bac1", + "83c43194cb8dd492735c763e54b8db10", + "143d28498127fcc54acce837c1d7f095", + "5c852ea368195f3a075cff32745e4c36", + "c68a06c8e5f6692f7668fc0688ee7b2f", + "cd1be9e341e8eb5fb5b976d4058a686f", + "56a1ed418b617499bd004287334052b4", + "b479ae311ef97b5fbdf7c285dbbd0261", + "234503e68f2902b94115adfcd6639945", + "c28b47c7ad2575473a55ff0d299326b7", + "e6f80364a4449715a002f0b0a84952fd", + "a92ed45cfe7bbd2cd7ba34a5ce185126", + "8c2a8852c64e0abd11500fe8c87c1bf3", + "d5e8a41b2794a64e56c44655aa8aa137", + "1984ca99584500a1b6d769b2d74409a3", + "c5718952c1bfb854e7a85c2a198afea1", + "5227b1172005f3b1b682767ef22a3a3b", + "1c6251cb9c4527426a4e48171c6cadf6", + "45573fefda9aed7e3548849f846481a6", + "ecac7d36be0e38ef28f6ae28909d229d", + "556a44cdbb4fa61bdb8f627c062b161b", + "c679640feee4c3d7584d20a6eb475f66", + "35680f4a6321ed9c0031f0523632dba7", + "2c349963f6f0a58f982b347d76388501", + "f6f0c16440230782fbb68c3605e94e1b", + "e01d6a321a353eeda86bbc36b2b89898", + "3cb994f99ebfd6d28a0c716e1a4710f1", + "3fad98148a00b7faf3c48c49cfbdb40f", + "bffe0b3167d2e01c8f227a0631843a94", + "eff15a613db675eeff55e451c37498fa", + "a4cf50c7cf5b51ff9e09715da14773e0", + "3a66869191058c64353056836665327b", + "74321e0a1191bf4f400d5e315548da71", + "08e40f80bea56f282d0d338e61449e9e", + "66b0d7b25e0735987966a4a7d1d1d092", + "34b74fed0bbf6fc996ad703dbf95cbc8", + "48d4d646f2cdc06fd956eb87de7fb213", + "431206b92387190aff870f4259a840de", + "9fd788a97451affebb1d2b65143c6107", + "d7a8e35b7a63905c9e16071d38ab6524", + "51e4c156fe074362bfe672079ee42e2a", + "264224d4c3090ae182088617fe2a87d4", + "93f6ebd36672456b3014d4c1bcafc105", + "ec77f9bedf1a62a7a82ef70396c5f767", + "dbd98873567275fac01a901016f214a2", + "768a06e71ae20736fb5f974a8efe8760", + "f4dc7e87f8223b451658ca0ef1ffa005", + "2637d542f00af9813a344a82ab700842", + "3f2be235dff4d6e37b055f8f5b78fe51", + "a994bfacdcbae1faabe006ac32a9ccf6", + "9d1e1d721fae8055c3f58392bd8200ed", + "d08cde43b01a6fe803f496d8beb595ef", + "1a121ed89f5cce5fb7f116c7bcfa1842", + "bd64fffe2ee5e89610d6e5fc6ff7b2e6", + "0c409a6a7bc15045a728a079c9d45368", + "2fa0907b916e3188ddae01baefa5521c", + "c966c6b9585fb4e68402792fc93e73b9", + "69f7e63743d20c2fd91bfcb938f342c2", + "985b8e1a19c25b7a2f002b236230dbce", + "bfae1a7b7d0940a193a5dec0edf39370", + "fa58d7ae88ed2afa51b60f2e70921814", + "9309753919e224d11b4804e1caf0254c", + "cee0a777b606f35aeb11831984019766", + "1afecb632982d79bd6ed52b743dfb0ef", + "62eecd1b7f94381c1acaaa007be45bd0", + "b7dec4325cc318b948c7302c5aad28d2", + "e4f8579ff92cfcc3c3a18f29386fc66a", + "e0b0b3990121c1aee83746f1a55a4aed", + "489fec02985c24cad582ebec7ba6c44d", + "2bf2c3e83071329ade2191d73b449ae8", + "7b408fead07c01593eae70c786f039d8", + "abf4a366e8e5571d0ebb06b7cc707a2e", + "c5306e3f76e97fab3a6c6dd975e74348", + "b8d4995868712714e3d10b74902a9d0c", + "d13b6b91b4347dc5af4d60ddea0e76bd", + "f4fd9815cd504434c9981d28bcf1bb22", + "ae66815774d4f003537d951a24a12c0a", + "e48218c6d31e954fe20f4334e0495d47", + "4950504fc9635cf5715c8efa06f93a81", + "67bc4607ebcc6e850c6aced635935b2f", + "354a4d2eff9c71cdd39798dffe596115", + "d89e901a43e0fabffd3f554f066c8212", + "add01fa47f79033aa175f4f8033057c4", + "f481381f3db1b5d9b2fd72e27aaecd2a", + "6568e5a724e4a699e89c287162eb44bb", + "f35efa71772f4fbb2650bd93ae4aa3a5", + "3192069c0734b4e9742e52955c819090", + "f3106af780bdd564036ddda405fe0a9e", + "9540e5787b7a3fde839f2375e091e63d", + "a54d6036c1bc50bf16efd6d198a0ff7d", + "df8c6d791d85ed885a53ecdee10ce40d" + ], + [ + "1adf0d29da11c354159e2a7c373bfab1", + "7f17b78fda89bcb7e1fd9b86d4c2eff0", + "f5738909a350fb11d5ddc8c41f29e53a", + "0791d0d799f874ce2afac81dbbe9052e", + "d75bb48b448e3dab58ea08704f275cf7", + "9253d1b055657dfd4862c648d1385a5b", + "7b61459c9aeb8d5c9565370551c67bde", + "a48ce598f7e3c93be4d48ecf19ee20a1", + "46a80033c3bbc8feb23771e908b528c1", + "3b5d8363939cd7df29d312b4ff9e453e", + "7e3bce6b34722b6d70a389c1ab4724ef", + "edc2d7b67ed8033a993317c83e280f6a", + "a57ad15c97e6a0c5dca300cd8ba1b3c9", + "3b75f9371a0996d06d9703f9771184d0", + "34e4161cbe1714a02e46892bfa759790", + "ab5e12be749e8b6626ffbd78ccbfad4b", + "4d8651cee10684a026083d7a2442fd9e", + "debafc1970d6fd46a2ea5203299c66ba", + "3f74b83852da8ab8a9aa00f2d66cd948", + "1b07fc9b5bbb68ea43fd0f4f57b6ad02", + "58d12ba3018442d30c45cb5a31e7aed9", + "75d577ad39b1f542d2aff0173783e40c", + "2c175be4d86b59b18d3bb9aa55755ec8", + "e87b3566a7baff5e2d28964d28bbf65c", + "3c8e76ad3e4047abfc56a3d5e675015e", + "afd84ee8dffa0c4e2d7d89810dd5c5c4", + "e59dae3463bad8bd79b1b7e8e3935209", + "bca8c01025651281aeb77b607b9b7e59", + "155382c941f1c710bb0951d76f62dd62", + "ac95bb3244b059e408709d83f9d4e9e4", + "3b869bf0111b3c288bb2df5914b8a099", + "cc97f0b59cde1263e3ce0fadc9cd2458", + "d5cb669c090f5a704bd4cb8289c77afe", + "0b0f3e9bbfdcf87de84873c9fa16b1e4", + "21e295cde5cac1123b9443c94d476767", + "c5466b066140292d59f38e91e5b8ef0e", + "c25267eb75ff4805f03a73b630424bf0", + "4201f4ce982d1fe354dd85f9ce7bc56b", + "120ea59ec2498a11e4a91bae3c8b6705", + "5d30af3830a4ae0045f68ea25eb88c1f", + "c799796e6efa739baecfa97c999acd84", + "8dcde1f5ee6e40b0a3f2a1ceaab7258e", + "f91bf07f415a90d7b6f2cc719ebb6161", + "9b4f284da1f8ca676a995b582e2e2f6d", + "cd48b012f44090364d528fc2406a3437", + "b92b29b90d323f900aa9147821804dec", + "beedf946dc78e6f5e477f0bda657bf21", + "622877568bae500128e2d49aebc39ef8", + "2a571ca4859c6fa345e9f8e2c7549adb", + "b01b3ea901f8bc9d24198df8611bd1d5", + "dbbddb2b3cf6f51e61f779e801d5782b", + "6e09142c998dba94b3eb2b3e43503efa", + "1588064120e59d583bd108fc693a0898", + "2626778ca98d8a0523e56fefe90deb5d", + "8b75f918e51df8c9e89f68b57101789f", + "0d23817807ddc4bacda735f10e005ffa", + "dbc82abd0ff5067ea9cbb57d548ff7bd", + "c2d41dca200b291c68faa070a48701ae", + "586b405323451e05381ff953cd563309", + "64e1e28de0517faa200a7c6d427dff12", + "317321bc4fe59017e00b6927414a6a10", + "e7ede12760a331a02c0ee9384305e7bd", + "449b0001d11a1769d3291a0390084d19", + "f5bf6595843eafba3cd75f86362bac97", + "d25f6f846e91ce770651fe45105aade3", + "38993946a7a04b195ffd86d036c18c46", + "980819c8bc2df3d00ae40346c70cbd3d", + "69a471e5e63da485b4ffd4dc9dcf2431", + "4251e58482f6bf5e505a213f120c6c8f", + "07a728517712d5059249f0d18f6de7eb", + "6ef68ac6e61ddb2ec8b7fb1e350fdab3", + "331f588849f90ca5f8ed7ce67bfe6899", + "e701349cd67d28640d12ad48bc204f10", + "9f1132e4806bc7e3c93555ff841ba42f", + "4a213bcda33ce7469b38cfd3a552d72d", + "1d07a86006d3033c205e70d6c7903995", + "214f4c66fede3e51fbc7b90e5aa5b512", + "b96013fd67a3db350e7d141384593bb2", + "d60d3c17cf8ecd6505de6e28c4bb6517", + "86bf70152f83fea6a5518f38790fc627", + "560b5c99171aa8e2d544f948338f85d1", + "3ccf91c089168054a99392268a18bcb7", + "492b66a7978ed8eb002ef48b6fd562f3", + "30c4946e4bcb823a34b29f2215f18942", + "0d0267ea32afbbcb1a67e2d7430e44dd", + "53997ea88b2b0ffc90826ae5db5ed3f5", + "1d7de7392ce16ab001f0bccb1fb6a2b8", + "b8afafb0369ca30a72a37105f906c57e", + "9a43b9f81433917ad7953129ca6ca4d0", + "ccb5b2d100638e321068672001a69eea", + "29616fe5bc1f0540e6bfaab0f9937ded", + "542fe05b8086fcc5428a0b07fccfa83b", + "0d7ec7e0c24e4a2631028d1d855132d5", + "9c971a58db1b5966fb62d78e9d14bb44", + "0ea1058e88d0b044bdaf426c51b55c5a", + "d06df963f8cb4b166fd1ad6aa37e6f6f", + "0eef95087f422a9be092225bfa01f561", + "6cbf1a878485c0216060dc8a1f6e19c2", + "5cb29fc93e43af40cd10292e675f0082", + "22739286e27a127789ac13211ef31bf2" + ] + ], + "prep_messages": [ + "53fdf4849decb971572e581c89b1ddf6dedbb87edb4e6b5d9370a01cf699f6cc" + ], + "prep_shares": [ + [ + "66e14d38c90694ecaed6e1e6e54ff37f27956e1c8eb8563e3aa9b40b4cb8a9ecae6456b732d066ab74d4f2da6dcaa2490bd8efabe604227964f93c7fda2018491ecf8c374260a2e8b02d42945d9a04dfb687ce23c5997481d638953ded113f6f1771b890a81981bd862ff9eb352d2c7a18671782ba5244a37a2d39459a4d569a388813e1976784d821d2babaedcd760dd5204e80577d20d34168d5c01313bceaeca51216da0b13cd6c9c7978189efda703eec10fa13a87a27255b92840afa37f2b6143d62e4e1229aa7f5ea7853901c661f14c6b32c050fefec7b32f27a2ceaa3521e9a9f0eb93b2a26dbdf9654d6c68e1293ae4a208fe272e7336755020396670a03cdeee9719af30cf68bd18cf728a9df3e85a22c27adf964ed51d038dc106db7b5dead163e4ce99128251a44a647610d1d4b9eb8091d09bc6fe90de2083138bc37948a39bc02ee7a80168be082b46868174607af7260d5656f7ff5993fa45a4861a1383ebd01daf71ae010ddf00beba2bdbdb6cd3ebb6f6204d65ce9ea173", + "9b1eb2c736f96b1335291e191ab00c80c5ba06833acc5108c3681f3504109c34cac1655435b03aec8c6f8aa8c6798e052bf97a5a52e23df7718591b64d320aa41db842439560a70ce333a273d4da9b3729d48da87a344ae6a1b2c90be9236a091d51e55b553ea3a4056d627a2e5b2cedfe7cbcc43dbc8fe68bd1a479a85c103b12ba32779614365afdfd645a8b3fa517b9acb02ac3578c21229abb1744b1e8385e4d60fbae27377187a09ee9d933ce0656ef0d0007407f00fa1a9346310776201f97bf8466cbf7dda8442d7f7af37c322ceee0da62e331f04df61b3d0cbd1aa4345318abde99a7db7b9fee2a33d5938dc06ed88de80271c3053baae1146d22bfe9761e56d960409a891124141f1ff5a1d04817116e0678eb7220a35867a8966f4c3d78cad0829883f6c1f520ec2808c7cb71c17db105475e07bd38e08574d5b70d61f8fc19a8f4829a1853b60eba481c3177450712ccb1da331bd9ad3fd98d3e40ae4be243e624b1ffde96162c2fa48392128bd79d2861098ffc5ab20af7ec18" + ] + ], + "public_share": "a4861a1383ebd01daf71ae010ddf00beba2bdbdb6cd3ebb6f6204d65ce9ea17340ae4be243e624b1ffde96162c2fa48392128bd79d2861098ffc5ab20af7ec18", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + }, + { + "input_shares": [ + "e720f2d625ee3cabce61d583c8c4054e82e8487025764348020264792b3d100f0d8c76f65caf04ee0e22373be0d61ac5fa6e2f2866078b31b90537e24416fad12aa44b74bb71c2548b15f78fb0d8a3086fac2e4faa9a82029b9d39b72ec7a5a4869eba63651472a34e9ac8faae3984215d731a67081c36c4ff2a7130e611df5ebb57ffcc3c44370131c88e16f74ad73ec6a27c9c6c632820ba2ced4b0061bac183c43194cb8dd492735c763e54b8db10143d28498127fcc54acce837c1d7f0955c852ea368195f3a075cff32745e4c36c68a06c8e5f6692f7668fc0688ee7b2fcd1be9e341e8eb5fb5b976d4058a686f56a1ed418b617499bd004287334052b4b479ae311ef97b5fbdf7c285dbbd0261234503e68f2902b94115adfcd6639945c28b47c7ad2575473a55ff0d299326b7e6f80364a4449715a002f0b0a84952fda92ed45cfe7bbd2cd7ba34a5ce1851268c2a8852c64e0abd11500fe8c87c1bf3d5e8a41b2794a64e56c44655aa8aa1371984ca99584500a1b6d769b2d74409a3c5718952c1bfb854e7a85c2a198afea15227b1172005f3b1b682767ef22a3a3b1c6251cb9c4527426a4e48171c6cadf645573fefda9aed7e3548849f846481a6ecac7d36be0e38ef28f6ae28909d229d556a44cdbb4fa61bdb8f627c062b161bc679640feee4c3d7584d20a6eb475f6635680f4a6321ed9c0031f0523632dba72c349963f6f0a58f982b347d76388501f6f0c16440230782fbb68c3605e94e1be01d6a321a353eeda86bbc36b2b898983cb994f99ebfd6d28a0c716e1a4710f13fad98148a00b7faf3c48c49cfbdb40fbffe0b3167d2e01c8f227a0631843a94eff15a613db675eeff55e451c37498faa4cf50c7cf5b51ff9e09715da14773e03a66869191058c64353056836665327b74321e0a1191bf4f400d5e315548da7108e40f80bea56f282d0d338e61449e9e66b0d7b25e0735987966a4a7d1d1d09234b74fed0bbf6fc996ad703dbf95cbc848d4d646f2cdc06fd956eb87de7fb213431206b92387190aff870f4259a840de9fd788a97451affebb1d2b65143c6107d7a8e35b7a63905c9e16071d38ab652451e4c156fe074362bfe672079ee42e2a264224d4c3090ae182088617fe2a87d493f6ebd36672456b3014d4c1bcafc105ec77f9bedf1a62a7a82ef70396c5f767dbd98873567275fac01a901016f214a2768a06e71ae20736fb5f974a8efe8760f4dc7e87f8223b451658ca0ef1ffa0052637d542f00af9813a344a82ab7008423f2be235dff4d6e37b055f8f5b78fe51a994bfacdcbae1faabe006ac32a9ccf69d1e1d721fae8055c3f58392bd8200edd08cde43b01a6fe803f496d8beb595ef1a121ed89f5cce5fb7f116c7bcfa1842bd64fffe2ee5e89610d6e5fc6ff7b2e60c409a6a7bc15045a728a079c9d453682fa0907b916e3188ddae01baefa5521cc966c6b9585fb4e68402792fc93e73b969f7e63743d20c2fd91bfcb938f342c2985b8e1a19c25b7a2f002b236230dbcebfae1a7b7d0940a193a5dec0edf39370fa58d7ae88ed2afa51b60f2e709218149309753919e224d11b4804e1caf0254ccee0a777b606f35aeb118319840197661afecb632982d79bd6ed52b743dfb0ef62eecd1b7f94381c1acaaa007be45bd0b7dec4325cc318b948c7302c5aad28d2e4f8579ff92cfcc3c3a18f29386fc66ae0b0b3990121c1aee83746f1a55a4aed489fec02985c24cad582ebec7ba6c44d2bf2c3e83071329ade2191d73b449ae87b408fead07c01593eae70c786f039d8abf4a366e8e5571d0ebb06b7cc707a2ec5306e3f76e97fab3a6c6dd975e74348b8d4995868712714e3d10b74902a9d0cd13b6b91b4347dc5af4d60ddea0e76bdf4fd9815cd504434c9981d28bcf1bb22ae66815774d4f003537d951a24a12c0ae48218c6d31e954fe20f4334e0495d474950504fc9635cf5715c8efa06f93a8167bc4607ebcc6e850c6aced635935b2f354a4d2eff9c71cdd39798dffe596115d89e901a43e0fabffd3f554f066c8212add01fa47f79033aa175f4f8033057c4f481381f3db1b5d9b2fd72e27aaecd2a6568e5a724e4a699e89c287162eb44bbf35efa71772f4fbb2650bd93ae4aa3a53192069c0734b4e9742e52955c819090f3106af780bdd564036ddda405fe0a9e9540e5787b7a3fde839f2375e091e63da54d6036c1bc50bf16efd6d198a0ff7ddf8c6d791d85ed885a53ecdee10ce40dd878d8b7b93954e80a0a008ae08698e74409c646c5089bf508d7b32589a4442c84c94b77dd83e10d4cbdcb0a8e9084ba58812ef6c40e078587f3c82140facd7e4a942a967e09580a4969fe4ff18a3c0156538253cf7271ee1be187ac03023eeb037d6b09093308cd5d6ebfccf11f43f9a9963431d1745088180bcd4d59e2bcb9241f4e73c5d72d390b47511a90b3e07f49dae42a11096070f11692f20f77c53b6067dba2171d959b5a2275debdd1a9c7a010efeb75b84ba5a7660b401376022d56817e423ccc9db1bc6b1d2b956782349d7c500986d7f0654e8fe3643715b99ec7334da180d4c011dcf727b2e0bacab1df94afd33a4b8f7bb66cda5811ea1500a00b158d660483287bc26bc04d01ae548ec804478df047de419cbfec2bde1051e1b50b8df92be4909a300094555983dcacf615ca79f394923721f1d9c3bf001a9f4d10c3a0130028e99c355bc4da57b4fa22195bda8151b0ae8901ceb458c28964b2d2d19d109d8c1c2a03dd251e4a2c48312ae66e609e3a8f4cc40d84d7f928a3f0ace6fc07e05ab17c01b9fa7906249d3c0d59e05cd71d020c7263100c4d3ece5cd1d7deb7255413ce7a2e20eb514ef6ee6a3af1bd50aece20562b0a1bf5f9f6d0801166978bbd9d6d17b9925cf7bf53a7385370f960daad1dafd4931eaa5b43ff628a3ae52b4e38067b0d1317954381a9fd9cd1581296425be048e507f51bc1febf332f32d8d3d0d77802b9de5e77963081199c99952dc46ca4e7f92c3986f64902d7dfd243dd388dfc44c95ce461d23684d519da66012bc1d0ce4e3c0072437ea43ce2ff34c688206fc5918c90b236c74664ca28fd0e50daefb7e025a934ab88e6dca644649fb870305df8ab2311461368f2fd837c9d8deedaa811e511ea2f417a2841e3c1796f5c3db316abd070bf049b98e27d023ee0351bc747622556e706968efac792a7792d37cc89ad154e464cd7a6e1fbe278b14d5509a5ed0046e6f1af095a53d238f0427efa87b64ad5ca7a0cc7f649f7be83731b85608946ef03ac01588a2af6533647e24c07b8d8654aeecffb6a2ba11603e101cc708ee80ecb4695457826ae70ce830a5622d3551d7e37eabac8ec2e735dbee213a5b26050e1bdc52d21f7be9578668d3044484180404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + ], + "measurement": 2, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "e720f2d625ee3cabce61d583c8c4054e", + "82e8487025764348020264792b3d100f", + "0d8c76f65caf04ee0e22373be0d61ac5", + "fa6e2f2866078b31b90537e24416fad1", + "2aa44b74bb71c2548b15f78fb0d8a308", + "6fac2e4faa9a82029b9d39b72ec7a5a4", + "869eba63651472a34e9ac8faae398421", + "5d731a67081c36c4ff2a7130e611df5e", + "bb57ffcc3c44370131c88e16f74ad73e", + "c6a27c9c6c632820ba2ced4b0061bac1", + "83c43194cb8dd492735c763e54b8db10", + "143d28498127fcc54acce837c1d7f095", + "5c852ea368195f3a075cff32745e4c36", + "c68a06c8e5f6692f7668fc0688ee7b2f", + "cd1be9e341e8eb5fb5b976d4058a686f", + "56a1ed418b617499bd004287334052b4", + "b479ae311ef97b5fbdf7c285dbbd0261", + "234503e68f2902b94115adfcd6639945", + "c28b47c7ad2575473a55ff0d299326b7", + "e6f80364a4449715a002f0b0a84952fd", + "a92ed45cfe7bbd2cd7ba34a5ce185126", + "8c2a8852c64e0abd11500fe8c87c1bf3", + "d5e8a41b2794a64e56c44655aa8aa137", + "1984ca99584500a1b6d769b2d74409a3", + "c5718952c1bfb854e7a85c2a198afea1", + "5227b1172005f3b1b682767ef22a3a3b", + "1c6251cb9c4527426a4e48171c6cadf6", + "45573fefda9aed7e3548849f846481a6", + "ecac7d36be0e38ef28f6ae28909d229d", + "556a44cdbb4fa61bdb8f627c062b161b", + "c679640feee4c3d7584d20a6eb475f66", + "35680f4a6321ed9c0031f0523632dba7", + "2c349963f6f0a58f982b347d76388501", + "f6f0c16440230782fbb68c3605e94e1b", + "e01d6a321a353eeda86bbc36b2b89898", + "3cb994f99ebfd6d28a0c716e1a4710f1", + "3fad98148a00b7faf3c48c49cfbdb40f", + "bffe0b3167d2e01c8f227a0631843a94", + "eff15a613db675eeff55e451c37498fa", + "a4cf50c7cf5b51ff9e09715da14773e0", + "3a66869191058c64353056836665327b", + "74321e0a1191bf4f400d5e315548da71", + "08e40f80bea56f282d0d338e61449e9e", + "66b0d7b25e0735987966a4a7d1d1d092", + "34b74fed0bbf6fc996ad703dbf95cbc8", + "48d4d646f2cdc06fd956eb87de7fb213", + "431206b92387190aff870f4259a840de", + "9fd788a97451affebb1d2b65143c6107", + "d7a8e35b7a63905c9e16071d38ab6524", + "51e4c156fe074362bfe672079ee42e2a", + "264224d4c3090ae182088617fe2a87d4", + "93f6ebd36672456b3014d4c1bcafc105", + "ec77f9bedf1a62a7a82ef70396c5f767", + "dbd98873567275fac01a901016f214a2", + "768a06e71ae20736fb5f974a8efe8760", + "f4dc7e87f8223b451658ca0ef1ffa005", + "2637d542f00af9813a344a82ab700842", + "3f2be235dff4d6e37b055f8f5b78fe51", + "a994bfacdcbae1faabe006ac32a9ccf6", + "9d1e1d721fae8055c3f58392bd8200ed", + "d08cde43b01a6fe803f496d8beb595ef", + "1a121ed89f5cce5fb7f116c7bcfa1842", + "bd64fffe2ee5e89610d6e5fc6ff7b2e6", + "0c409a6a7bc15045a728a079c9d45368", + "2fa0907b916e3188ddae01baefa5521c", + "c966c6b9585fb4e68402792fc93e73b9", + "69f7e63743d20c2fd91bfcb938f342c2", + "985b8e1a19c25b7a2f002b236230dbce", + "bfae1a7b7d0940a193a5dec0edf39370", + "fa58d7ae88ed2afa51b60f2e70921814", + "9309753919e224d11b4804e1caf0254c", + "cee0a777b606f35aeb11831984019766", + "1afecb632982d79bd6ed52b743dfb0ef", + "62eecd1b7f94381c1acaaa007be45bd0", + "b7dec4325cc318b948c7302c5aad28d2", + "e4f8579ff92cfcc3c3a18f29386fc66a", + "e0b0b3990121c1aee83746f1a55a4aed", + "489fec02985c24cad582ebec7ba6c44d", + "2bf2c3e83071329ade2191d73b449ae8", + "7b408fead07c01593eae70c786f039d8", + "abf4a366e8e5571d0ebb06b7cc707a2e", + "c5306e3f76e97fab3a6c6dd975e74348", + "b8d4995868712714e3d10b74902a9d0c", + "d13b6b91b4347dc5af4d60ddea0e76bd", + "f4fd9815cd504434c9981d28bcf1bb22", + "ae66815774d4f003537d951a24a12c0a", + "e48218c6d31e954fe20f4334e0495d47", + "4950504fc9635cf5715c8efa06f93a81", + "67bc4607ebcc6e850c6aced635935b2f", + "354a4d2eff9c71cdd39798dffe596115", + "d89e901a43e0fabffd3f554f066c8212", + "add01fa47f79033aa175f4f8033057c4", + "f481381f3db1b5d9b2fd72e27aaecd2a", + "6568e5a724e4a699e89c287162eb44bb", + "f35efa71772f4fbb2650bd93ae4aa3a5", + "3192069c0734b4e9742e52955c819090", + "f3106af780bdd564036ddda405fe0a9e", + "9540e5787b7a3fde839f2375e091e63d", + "a54d6036c1bc50bf16efd6d198a0ff7d", + "df8c6d791d85ed885a53ecdee10ce40d" + ], + [ + "1adf0d29da11c354159e2a7c373bfab1", + "7f17b78fda89bcb7e1fd9b86d4c2eff0", + "f5738909a350fb11d5ddc8c41f29e53a", + "0791d0d799f874ce2afac81dbbe9052e", + "d75bb48b448e3dab58ea08704f275cf7", + "9253d1b055657dfd4862c648d1385a5b", + "7b61459c9aeb8d5c9565370551c67bde", + "a48ce598f7e3c93be4d48ecf19ee20a1", + "46a80033c3bbc8feb23771e908b528c1", + "3b5d8363939cd7df29d312b4ff9e453e", + "7e3bce6b34722b6d70a389c1ab4724ef", + "edc2d7b67ed8033a993317c83e280f6a", + "a57ad15c97e6a0c5dca300cd8ba1b3c9", + "3b75f9371a0996d06d9703f9771184d0", + "34e4161cbe1714a02e46892bfa759790", + "ab5e12be749e8b6626ffbd78ccbfad4b", + "4d8651cee10684a026083d7a2442fd9e", + "debafc1970d6fd46a2ea5203299c66ba", + "3f74b83852da8ab8a9aa00f2d66cd948", + "1b07fc9b5bbb68ea43fd0f4f57b6ad02", + "58d12ba3018442d30c45cb5a31e7aed9", + "75d577ad39b1f542d2aff0173783e40c", + "2c175be4d86b59b18d3bb9aa55755ec8", + "e87b3566a7baff5e2d28964d28bbf65c", + "3c8e76ad3e4047abfc56a3d5e675015e", + "afd84ee8dffa0c4e2d7d89810dd5c5c4", + "e59dae3463bad8bd79b1b7e8e3935209", + "bca8c01025651281aeb77b607b9b7e59", + "155382c941f1c710bb0951d76f62dd62", + "ac95bb3244b059e408709d83f9d4e9e4", + "3b869bf0111b3c288bb2df5914b8a099", + "cc97f0b59cde1263e3ce0fadc9cd2458", + "d5cb669c090f5a704bd4cb8289c77afe", + "0b0f3e9bbfdcf87de84873c9fa16b1e4", + "21e295cde5cac1123b9443c94d476767", + "c5466b066140292d59f38e91e5b8ef0e", + "c25267eb75ff4805f03a73b630424bf0", + "4201f4ce982d1fe354dd85f9ce7bc56b", + "120ea59ec2498a11e4a91bae3c8b6705", + "5d30af3830a4ae0045f68ea25eb88c1f", + "c799796e6efa739baecfa97c999acd84", + "8dcde1f5ee6e40b0a3f2a1ceaab7258e", + "f91bf07f415a90d7b6f2cc719ebb6161", + "9b4f284da1f8ca676a995b582e2e2f6d", + "cd48b012f44090364d528fc2406a3437", + "b92b29b90d323f900aa9147821804dec", + "beedf946dc78e6f5e477f0bda657bf21", + "622877568bae500128e2d49aebc39ef8", + "2a571ca4859c6fa345e9f8e2c7549adb", + "b01b3ea901f8bc9d24198df8611bd1d5", + "dbbddb2b3cf6f51e61f779e801d5782b", + "6e09142c998dba94b3eb2b3e43503efa", + "1588064120e59d583bd108fc693a0898", + "2626778ca98d8a0523e56fefe90deb5d", + "8b75f918e51df8c9e89f68b57101789f", + "0d23817807ddc4bacda735f10e005ffa", + "dbc82abd0ff5067ea9cbb57d548ff7bd", + "c2d41dca200b291c68faa070a48701ae", + "586b405323451e05381ff953cd563309", + "64e1e28de0517faa200a7c6d427dff12", + "317321bc4fe59017e00b6927414a6a10", + "e7ede12760a331a02c0ee9384305e7bd", + "449b0001d11a1769d3291a0390084d19", + "f5bf6595843eafba3cd75f86362bac97", + "d25f6f846e91ce770651fe45105aade3", + "38993946a7a04b195ffd86d036c18c46", + "980819c8bc2df3d00ae40346c70cbd3d", + "69a471e5e63da485b4ffd4dc9dcf2431", + "4251e58482f6bf5e505a213f120c6c8f", + "07a728517712d5059249f0d18f6de7eb", + "6ef68ac6e61ddb2ec8b7fb1e350fdab3", + "331f588849f90ca5f8ed7ce67bfe6899", + "e701349cd67d28640d12ad48bc204f10", + "9f1132e4806bc7e3c93555ff841ba42f", + "4a213bcda33ce7469b38cfd3a552d72d", + "1d07a86006d3033c205e70d6c7903995", + "214f4c66fede3e51fbc7b90e5aa5b512", + "b96013fd67a3db350e7d141384593bb2", + "d60d3c17cf8ecd6505de6e28c4bb6517", + "86bf70152f83fea6a5518f38790fc627", + "560b5c99171aa8e2d544f948338f85d1", + "3ccf91c089168054a99392268a18bcb7", + "492b66a7978ed8eb002ef48b6fd562f3", + "30c4946e4bcb823a34b29f2215f18942", + "0d0267ea32afbbcb1a67e2d7430e44dd", + "53997ea88b2b0ffc90826ae5db5ed3f5", + "1d7de7392ce16ab001f0bccb1fb6a2b8", + "b8afafb0369ca30a72a37105f906c57e", + "9a43b9f81433917ad7953129ca6ca4d0", + "ccb5b2d100638e321068672001a69eea", + "29616fe5bc1f0540e6bfaab0f9937ded", + "542fe05b8086fcc5428a0b07fccfa83b", + "0d7ec7e0c24e4a2631028d1d855132d5", + "9c971a58db1b5966fb62d78e9d14bb44", + "0ea1058e88d0b044bdaf426c51b55c5a", + "d06df963f8cb4b166fd1ad6aa37e6f6f", + "0eef95087f422a9be092225bfa01f561", + "6cbf1a878485c0216060dc8a1f6e19c2", + "5cb29fc93e43af40cd10292e675f0082", + "22739286e27a127789ac13211ef31bf2" + ] + ], + "prep_messages": [ + "baa2841ddb7c9165f4a782633dd7e92b49dd1b3442de0069c780f74a63cb53e6" + ], + "prep_shares": [ + [ + "66e14d38c90694ecaed6e1e6e54ff37f27eba1c272bf7ca7ab0768e3d1f75404ae6456b732d066ab74d4f2da6dcaa2494b444ff6c14e6773609eabc32282d9d456cc565ec94950085319139daef29568e2fa6699702a0d3aa4018d71a3c28b9cdf73ee692130d39de44328e3e4d49af0a5bd4b6f62bb3357eacc129f8e358c99388813e1976784d821d2babaedcd760d02a6fce712900190c3b95ccee4938267eca51216da0b13cd6c9c7978189efda79f847e987c4b6a31778cd1466a2967e22b6143d62e4e1229aa7f5ea7853901c6d542b0d5ab0fd6de397ae38bf935dd3b3521e9a9f0eb93b2a26dbdf9654d6c68562725cf6aeea09fed87fe61ed35d8d570a03cdeee9719af30cf68bd18cf728ad989db144725a3b8b81f6c7f12c1af0bdb7b5dead163e4ce99128251a44a6476b4a46cee9fd105411657e6dd313dc90a8bc37948a39bc02ee7a80168be082b4667085e83d49c770521af5a4baff811b9fa66d5dbb62e46d22ecd373679b0025334b8c93cb5aca96774a571d0601ab77d", + "9b1eb2c736f96b1335291e191ab00c80c464d3dc55c52b9f6d0a6c5d7ed0f01ccac1655435b03aec8c6f8aa8c6798e053ee915cb8a8b70d1582b242961f39b401db842439560a70ce333a273d4da9b37dc5fc812448a68f27bf39ef221b32b8c1d51e55b553ea3a4056d627a2e5b2ced712688d79553a0321c32cb1fb474da3b12ba32779614365afdfd645a8b3fa5178c2702c30745ab64a048340a733022bc5e4d60fbae27377187a09ee9d933ce06bb5851772b2f9c71d9e37a28078db2bd1f97bf8466cbf7dda8442d7f7af37c32b79c7d70e993ac0f2f44ece039290c13345318abde99a7db7b9fee2a33d5938d4b71eda2201dce4b4626e2f47757834fe9761e56d960409a891124141f1ff5a194b2245749a34f12514f0cf75774a86a4c3d78cad0829883f6c1f520ec2808c7279e2949fdb4d2ed8c2c519332588fc00d61f8fc19a8f4829a1853b60eba481c3177450712ccb1da331bd9ad3fd98d3e40ae4be243e624b1ffde96162c2fa48392128bd79d2861098ffc5ab20af7ec18" + ] + ], + "public_share": "fa66d5dbb62e46d22ecd373679b0025334b8c93cb5aca96774a571d0601ab77d40ae4be243e624b1ffde96162c2fa48392128bd79d2861098ffc5ab20af7ec18", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + }, + { + "input_shares": [ + "e820f2d625ee3cabce61d583c8c4054e82e8487025764348020264792b3d100f0c8c76f65caf04ee0e22373be0d61ac5fa6e2f2866078b31b90537e24416fad12aa44b74bb71c2548b15f78fb0d8a3086fac2e4faa9a82029b9d39b72ec7a5a4869eba63651472a34e9ac8faae3984215d731a67081c36c4ff2a7130e611df5ebb57ffcc3c44370131c88e16f74ad73ec6a27c9c6c632820ba2ced4b0061bac183c43194cb8dd492735c763e54b8db10143d28498127fcc54acce837c1d7f0955c852ea368195f3a075cff32745e4c36c68a06c8e5f6692f7668fc0688ee7b2fcd1be9e341e8eb5fb5b976d4058a686f56a1ed418b617499bd004287334052b4b479ae311ef97b5fbdf7c285dbbd0261234503e68f2902b94115adfcd6639945c28b47c7ad2575473a55ff0d299326b7e6f80364a4449715a002f0b0a84952fda92ed45cfe7bbd2cd7ba34a5ce1851268c2a8852c64e0abd11500fe8c87c1bf3d5e8a41b2794a64e56c44655aa8aa1371984ca99584500a1b6d769b2d74409a3c5718952c1bfb854e7a85c2a198afea15227b1172005f3b1b682767ef22a3a3b1c6251cb9c4527426a4e48171c6cadf645573fefda9aed7e3548849f846481a6ecac7d36be0e38ef28f6ae28909d229d556a44cdbb4fa61bdb8f627c062b161bc679640feee4c3d7584d20a6eb475f6635680f4a6321ed9c0031f0523632dba72c349963f6f0a58f982b347d76388501f6f0c16440230782fbb68c3605e94e1be01d6a321a353eeda86bbc36b2b898983cb994f99ebfd6d28a0c716e1a4710f13fad98148a00b7faf3c48c49cfbdb40fbffe0b3167d2e01c8f227a0631843a94eff15a613db675eeff55e451c37498faa4cf50c7cf5b51ff9e09715da14773e03a66869191058c64353056836665327b74321e0a1191bf4f400d5e315548da7108e40f80bea56f282d0d338e61449e9e66b0d7b25e0735987966a4a7d1d1d09234b74fed0bbf6fc996ad703dbf95cbc848d4d646f2cdc06fd956eb87de7fb213431206b92387190aff870f4259a840de9fd788a97451affebb1d2b65143c6107d7a8e35b7a63905c9e16071d38ab652451e4c156fe074362bfe672079ee42e2a264224d4c3090ae182088617fe2a87d493f6ebd36672456b3014d4c1bcafc105ec77f9bedf1a62a7a82ef70396c5f767dbd98873567275fac01a901016f214a2768a06e71ae20736fb5f974a8efe8760f4dc7e87f8223b451658ca0ef1ffa0052637d542f00af9813a344a82ab7008423f2be235dff4d6e37b055f8f5b78fe51a994bfacdcbae1faabe006ac32a9ccf69d1e1d721fae8055c3f58392bd8200edd08cde43b01a6fe803f496d8beb595ef1a121ed89f5cce5fb7f116c7bcfa1842bd64fffe2ee5e89610d6e5fc6ff7b2e60c409a6a7bc15045a728a079c9d453682fa0907b916e3188ddae01baefa5521cc966c6b9585fb4e68402792fc93e73b969f7e63743d20c2fd91bfcb938f342c2985b8e1a19c25b7a2f002b236230dbcebfae1a7b7d0940a193a5dec0edf39370fa58d7ae88ed2afa51b60f2e709218149309753919e224d11b4804e1caf0254ccee0a777b606f35aeb118319840197661afecb632982d79bd6ed52b743dfb0ef62eecd1b7f94381c1acaaa007be45bd0b7dec4325cc318b948c7302c5aad28d2e4f8579ff92cfcc3c3a18f29386fc66ae0b0b3990121c1aee83746f1a55a4aed489fec02985c24cad582ebec7ba6c44d2bf2c3e83071329ade2191d73b449ae87b408fead07c01593eae70c786f039d8abf4a366e8e5571d0ebb06b7cc707a2ec5306e3f76e97fab3a6c6dd975e74348b8d4995868712714e3d10b74902a9d0cd13b6b91b4347dc5af4d60ddea0e76bdf4fd9815cd504434c9981d28bcf1bb22ae66815774d4f003537d951a24a12c0ae48218c6d31e954fe20f4334e0495d474950504fc9635cf5715c8efa06f93a8167bc4607ebcc6e850c6aced635935b2f354a4d2eff9c71cdd39798dffe596115d89e901a43e0fabffd3f554f066c8212add01fa47f79033aa175f4f8033057c4f481381f3db1b5d9b2fd72e27aaecd2a6568e5a724e4a699e89c287162eb44bbf35efa71772f4fbb2650bd93ae4aa3a53192069c0734b4e9742e52955c819090f3106af780bdd564036ddda405fe0a9e9540e5787b7a3fde839f2375e091e63da54d6036c1bc50bf16efd6d198a0ff7ddf8c6d791d85ed885a53ecdee10ce40dd878d8b7b93954e80a0a008ae08698e74409c646c5089bf508d7b32589a4442c84c94b77dd83e10d4cbdcb0a8e9084ba58812ef6c40e078587f3c82140facd7e4a942a967e09580a4969fe4ff18a3c0156538253cf7271ee1be187ac03023eeb037d6b09093308cd5d6ebfccf11f43f9a9963431d1745088180bcd4d59e2bcb9241f4e73c5d72d390b47511a90b3e07f49dae42a11096070f11692f20f77c53b6067dba2171d959b5a2275debdd1a9c7a010efeb75b84ba5a7660b401376022d56817e423ccc9db1bc6b1d2b956782349d7c500986d7f0654e8fe3643715b99ec7334da180d4c011dcf727b2e0bacab1df94afd33a4b8f7bb66cda5811ea1500a00b158d660483287bc26bc04d01ae548ec804478df047de419cbfec2bde1051e1b50b8df92be4909a300094555983dcacf615ca79f394923721f1d9c3bf001ad93e89cf70b750049d40bf4f5f5703784a5d5a60d7918cafb4415a98d9dc69dee763053753e06b715ebdd2bf303fd0791c77038ca967c886722fd5c76f65091139160af6525d206b6c8aea3f08d866ba4b0254d20b231f4f3eae6358fdfc94dbb43cf964e343f06614dc433770765b3bd75395f8d8759c1e79535686ee0aa06ef60f3735629bfdd883c4461496439d5aea53039970021213373e401bd16705c50e97b76c6532d8bf0fc04489d7ae2090b084cee663c1fd87cf57d40f9da1dd035236a8f76dc9c52aa5a2de290316b81f8bcb800861619f6dd87afb591b0c4748cada2ac5e756842f416cdfa2f3007807d23684d519da66012bc1d0ce4e3c0072098d2b30125ce4e9d47ce5d0f60fe5eee78c055fcd18c20f2e2297edbba101e029d7b377f17495ba5add607aed8a9dc371cd8e4cc37c5251c60bcaee255702029a1b1d19eb8d8169984e542c094d70da123f541fb7b7ba0c889329d25a71ddb801276e01f63bc894781f6ec339220c6165e7ace8f9439708071b55aec0fd55d1e5b2f9e55d4f601d26ec4e9f84cfa43a33ce4181f6404686fa528a3e2340eb853814ad755fdd49e25e8d18d142204d191b13ffb1d8c2b52476e40d05b9f4ff263a0fad81398fc019fab8a42ed89bfc74899ceacb0325253349b08ba183d3528e0d2d9d3f19737e437087aad219a4adda404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + ], + "measurement": 0, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "e820f2d625ee3cabce61d583c8c4054e", + "82e8487025764348020264792b3d100f", + "0c8c76f65caf04ee0e22373be0d61ac5", + "fa6e2f2866078b31b90537e24416fad1", + "2aa44b74bb71c2548b15f78fb0d8a308", + "6fac2e4faa9a82029b9d39b72ec7a5a4", + "869eba63651472a34e9ac8faae398421", + "5d731a67081c36c4ff2a7130e611df5e", + "bb57ffcc3c44370131c88e16f74ad73e", + "c6a27c9c6c632820ba2ced4b0061bac1", + "83c43194cb8dd492735c763e54b8db10", + "143d28498127fcc54acce837c1d7f095", + "5c852ea368195f3a075cff32745e4c36", + "c68a06c8e5f6692f7668fc0688ee7b2f", + "cd1be9e341e8eb5fb5b976d4058a686f", + "56a1ed418b617499bd004287334052b4", + "b479ae311ef97b5fbdf7c285dbbd0261", + "234503e68f2902b94115adfcd6639945", + "c28b47c7ad2575473a55ff0d299326b7", + "e6f80364a4449715a002f0b0a84952fd", + "a92ed45cfe7bbd2cd7ba34a5ce185126", + "8c2a8852c64e0abd11500fe8c87c1bf3", + "d5e8a41b2794a64e56c44655aa8aa137", + "1984ca99584500a1b6d769b2d74409a3", + "c5718952c1bfb854e7a85c2a198afea1", + "5227b1172005f3b1b682767ef22a3a3b", + "1c6251cb9c4527426a4e48171c6cadf6", + "45573fefda9aed7e3548849f846481a6", + "ecac7d36be0e38ef28f6ae28909d229d", + "556a44cdbb4fa61bdb8f627c062b161b", + "c679640feee4c3d7584d20a6eb475f66", + "35680f4a6321ed9c0031f0523632dba7", + "2c349963f6f0a58f982b347d76388501", + "f6f0c16440230782fbb68c3605e94e1b", + "e01d6a321a353eeda86bbc36b2b89898", + "3cb994f99ebfd6d28a0c716e1a4710f1", + "3fad98148a00b7faf3c48c49cfbdb40f", + "bffe0b3167d2e01c8f227a0631843a94", + "eff15a613db675eeff55e451c37498fa", + "a4cf50c7cf5b51ff9e09715da14773e0", + "3a66869191058c64353056836665327b", + "74321e0a1191bf4f400d5e315548da71", + "08e40f80bea56f282d0d338e61449e9e", + "66b0d7b25e0735987966a4a7d1d1d092", + "34b74fed0bbf6fc996ad703dbf95cbc8", + "48d4d646f2cdc06fd956eb87de7fb213", + "431206b92387190aff870f4259a840de", + "9fd788a97451affebb1d2b65143c6107", + "d7a8e35b7a63905c9e16071d38ab6524", + "51e4c156fe074362bfe672079ee42e2a", + "264224d4c3090ae182088617fe2a87d4", + "93f6ebd36672456b3014d4c1bcafc105", + "ec77f9bedf1a62a7a82ef70396c5f767", + "dbd98873567275fac01a901016f214a2", + "768a06e71ae20736fb5f974a8efe8760", + "f4dc7e87f8223b451658ca0ef1ffa005", + "2637d542f00af9813a344a82ab700842", + "3f2be235dff4d6e37b055f8f5b78fe51", + "a994bfacdcbae1faabe006ac32a9ccf6", + "9d1e1d721fae8055c3f58392bd8200ed", + "d08cde43b01a6fe803f496d8beb595ef", + "1a121ed89f5cce5fb7f116c7bcfa1842", + "bd64fffe2ee5e89610d6e5fc6ff7b2e6", + "0c409a6a7bc15045a728a079c9d45368", + "2fa0907b916e3188ddae01baefa5521c", + "c966c6b9585fb4e68402792fc93e73b9", + "69f7e63743d20c2fd91bfcb938f342c2", + "985b8e1a19c25b7a2f002b236230dbce", + "bfae1a7b7d0940a193a5dec0edf39370", + "fa58d7ae88ed2afa51b60f2e70921814", + "9309753919e224d11b4804e1caf0254c", + "cee0a777b606f35aeb11831984019766", + "1afecb632982d79bd6ed52b743dfb0ef", + "62eecd1b7f94381c1acaaa007be45bd0", + "b7dec4325cc318b948c7302c5aad28d2", + "e4f8579ff92cfcc3c3a18f29386fc66a", + "e0b0b3990121c1aee83746f1a55a4aed", + "489fec02985c24cad582ebec7ba6c44d", + "2bf2c3e83071329ade2191d73b449ae8", + "7b408fead07c01593eae70c786f039d8", + "abf4a366e8e5571d0ebb06b7cc707a2e", + "c5306e3f76e97fab3a6c6dd975e74348", + "b8d4995868712714e3d10b74902a9d0c", + "d13b6b91b4347dc5af4d60ddea0e76bd", + "f4fd9815cd504434c9981d28bcf1bb22", + "ae66815774d4f003537d951a24a12c0a", + "e48218c6d31e954fe20f4334e0495d47", + "4950504fc9635cf5715c8efa06f93a81", + "67bc4607ebcc6e850c6aced635935b2f", + "354a4d2eff9c71cdd39798dffe596115", + "d89e901a43e0fabffd3f554f066c8212", + "add01fa47f79033aa175f4f8033057c4", + "f481381f3db1b5d9b2fd72e27aaecd2a", + "6568e5a724e4a699e89c287162eb44bb", + "f35efa71772f4fbb2650bd93ae4aa3a5", + "3192069c0734b4e9742e52955c819090", + "f3106af780bdd564036ddda405fe0a9e", + "9540e5787b7a3fde839f2375e091e63d", + "a54d6036c1bc50bf16efd6d198a0ff7d", + "df8c6d791d85ed885a53ecdee10ce40d" + ], + [ + "1adf0d29da11c354159e2a7c373bfab1", + "7f17b78fda89bcb7e1fd9b86d4c2eff0", + "f5738909a350fb11d5ddc8c41f29e53a", + "0791d0d799f874ce2afac81dbbe9052e", + "d75bb48b448e3dab58ea08704f275cf7", + "9253d1b055657dfd4862c648d1385a5b", + "7b61459c9aeb8d5c9565370551c67bde", + "a48ce598f7e3c93be4d48ecf19ee20a1", + "46a80033c3bbc8feb23771e908b528c1", + "3b5d8363939cd7df29d312b4ff9e453e", + "7e3bce6b34722b6d70a389c1ab4724ef", + "edc2d7b67ed8033a993317c83e280f6a", + "a57ad15c97e6a0c5dca300cd8ba1b3c9", + "3b75f9371a0996d06d9703f9771184d0", + "34e4161cbe1714a02e46892bfa759790", + "ab5e12be749e8b6626ffbd78ccbfad4b", + "4d8651cee10684a026083d7a2442fd9e", + "debafc1970d6fd46a2ea5203299c66ba", + "3f74b83852da8ab8a9aa00f2d66cd948", + "1b07fc9b5bbb68ea43fd0f4f57b6ad02", + "58d12ba3018442d30c45cb5a31e7aed9", + "75d577ad39b1f542d2aff0173783e40c", + "2c175be4d86b59b18d3bb9aa55755ec8", + "e87b3566a7baff5e2d28964d28bbf65c", + "3c8e76ad3e4047abfc56a3d5e675015e", + "afd84ee8dffa0c4e2d7d89810dd5c5c4", + "e59dae3463bad8bd79b1b7e8e3935209", + "bca8c01025651281aeb77b607b9b7e59", + "155382c941f1c710bb0951d76f62dd62", + "ac95bb3244b059e408709d83f9d4e9e4", + "3b869bf0111b3c288bb2df5914b8a099", + "cc97f0b59cde1263e3ce0fadc9cd2458", + "d5cb669c090f5a704bd4cb8289c77afe", + "0b0f3e9bbfdcf87de84873c9fa16b1e4", + "21e295cde5cac1123b9443c94d476767", + "c5466b066140292d59f38e91e5b8ef0e", + "c25267eb75ff4805f03a73b630424bf0", + "4201f4ce982d1fe354dd85f9ce7bc56b", + "120ea59ec2498a11e4a91bae3c8b6705", + "5d30af3830a4ae0045f68ea25eb88c1f", + "c799796e6efa739baecfa97c999acd84", + "8dcde1f5ee6e40b0a3f2a1ceaab7258e", + "f91bf07f415a90d7b6f2cc719ebb6161", + "9b4f284da1f8ca676a995b582e2e2f6d", + "cd48b012f44090364d528fc2406a3437", + "b92b29b90d323f900aa9147821804dec", + "beedf946dc78e6f5e477f0bda657bf21", + "622877568bae500128e2d49aebc39ef8", + "2a571ca4859c6fa345e9f8e2c7549adb", + "b01b3ea901f8bc9d24198df8611bd1d5", + "dbbddb2b3cf6f51e61f779e801d5782b", + "6e09142c998dba94b3eb2b3e43503efa", + "1588064120e59d583bd108fc693a0898", + "2626778ca98d8a0523e56fefe90deb5d", + "8b75f918e51df8c9e89f68b57101789f", + "0d23817807ddc4bacda735f10e005ffa", + "dbc82abd0ff5067ea9cbb57d548ff7bd", + "c2d41dca200b291c68faa070a48701ae", + "586b405323451e05381ff953cd563309", + "64e1e28de0517faa200a7c6d427dff12", + "317321bc4fe59017e00b6927414a6a10", + "e7ede12760a331a02c0ee9384305e7bd", + "449b0001d11a1769d3291a0390084d19", + "f5bf6595843eafba3cd75f86362bac97", + "d25f6f846e91ce770651fe45105aade3", + "38993946a7a04b195ffd86d036c18c46", + "980819c8bc2df3d00ae40346c70cbd3d", + "69a471e5e63da485b4ffd4dc9dcf2431", + "4251e58482f6bf5e505a213f120c6c8f", + "07a728517712d5059249f0d18f6de7eb", + "6ef68ac6e61ddb2ec8b7fb1e350fdab3", + "331f588849f90ca5f8ed7ce67bfe6899", + "e701349cd67d28640d12ad48bc204f10", + "9f1132e4806bc7e3c93555ff841ba42f", + "4a213bcda33ce7469b38cfd3a552d72d", + "1d07a86006d3033c205e70d6c7903995", + "214f4c66fede3e51fbc7b90e5aa5b512", + "b96013fd67a3db350e7d141384593bb2", + "d60d3c17cf8ecd6505de6e28c4bb6517", + "86bf70152f83fea6a5518f38790fc627", + "560b5c99171aa8e2d544f948338f85d1", + "3ccf91c089168054a99392268a18bcb7", + "492b66a7978ed8eb002ef48b6fd562f3", + "30c4946e4bcb823a34b29f2215f18942", + "0d0267ea32afbbcb1a67e2d7430e44dd", + "53997ea88b2b0ffc90826ae5db5ed3f5", + "1d7de7392ce16ab001f0bccb1fb6a2b8", + "b8afafb0369ca30a72a37105f906c57e", + "9a43b9f81433917ad7953129ca6ca4d0", + "ccb5b2d100638e321068672001a69eea", + "29616fe5bc1f0540e6bfaab0f9937ded", + "542fe05b8086fcc5428a0b07fccfa83b", + "0d7ec7e0c24e4a2631028d1d855132d5", + "9c971a58db1b5966fb62d78e9d14bb44", + "0ea1058e88d0b044bdaf426c51b55c5a", + "d06df963f8cb4b166fd1ad6aa37e6f6f", + "0eef95087f422a9be092225bfa01f561", + "6cbf1a878485c0216060dc8a1f6e19c2", + "5cb29fc93e43af40cd10292e675f0082", + "22739286e27a127789ac13211ef31bf2" + ] + ], + "prep_messages": [ + "774e1ebb45b1c0e11bf01b23d0a2f1822a68e27345e3f5ff256e9253dad417ad" + ], + "prep_shares": [ + [ + "66e14d38c90694ecaed6e1e6e54ff37f626cd891b3b1ffe20bacaa5741a9b19676678c90abe6b88bd2e821d21c7211c061da7b45ff16d851eb4ef88cc3f89ecd56cc565ec94950085319139daef295682a34ee3b89f4b71ca6e8bf5930ff033b1771b890a81981bd862ff9eb352d2c7a7f98b8e30631d46d75eda32a07f681fa388813e1976784d821d2babaedcd760dba72a20438b47e581667aed24ff37a22eca51216da0b13cd6c9c7978189efda7293867a3a10cde89e65ac695e94983832b6143d62e4e1229aa7f5ea7853901c6046e04bf993f1b75c67623131ff658f43521e9a9f0eb93b2a26dbdf9654d6c6859ebb4f2ba4cece36f8bd4d93ad9fb5970a03cdeee9719af30cf68bd18cf728ad26a549be48bd7203945fb904d6aed93db7b5dead163e4ce99128251a44a6476921b916493511ee254c5c44bd0793bcd8bc37948a39bc02ee7a80168be082b46ccbeeadfaa954a31a899367aed48f364225526ab0a748466845abda64883baf691a577e092b36c8178a3e3c4f7fecc79", + "9b1eb2c736f96b1335291e191ab00c80e550c1b959b141150218275087013144cac1655435b03aec8c6f8aa8c6798e052853e97b4dc3fff2cd7ad75fc07cd6471db842439560a70ce333a273d4da9b37b5276e90b6d9064bd2029fefa536a53d1d51e55b553ea3a4056d627a2e5b2ced984b1b63f1ddff1b75113a943bb4e4da12ba32779614365afdfd645a8b3fa517d35a5ca6e2202e9c699be20508d129015e4d60fbae27377187a09ee9d933ce0630a5686c066e2819861586d9876c961c1f97bf8466cbf7dda8442d7f7af37c3289712987fb6367798647ac591469905a345318abde99a7db7b9fee2a33d5938d48ad5d7fd0be8207c4220c7d2ab45fcbe9761e56d960409a891124141f1ff5a19cd1abd0ab3c1baab4297de51ccb6ae24c3d78cad0829883f6c1f520ec2808c74a2705d30935ba4c32be7225941b1dfe0d61f8fc19a8f4829a1853b60eba481c3177450712ccb1da331bd9ad3fd98d3e40ae4be243e624b1ffde96162c2fa48392128bd79d2861098ffc5ab20af7ec18" + ] + ], + "public_share": "225526ab0a748466845abda64883baf691a577e092b36c8178a3e3c4f7fecc7940ae4be243e624b1ffde96162c2fa48392128bd79d2861098ffc5ab20af7ec18", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + } + ], + "shares": 2, + "verify_key": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" +} diff --git a/vdaf/prio3/testdata/Prio3MultihotCountVec_0.json b/vdaf/prio3/testdata/Prio3MultihotCountVec_0.json new file mode 100644 index 00000000..8fdb1baa --- /dev/null +++ b/vdaf/prio3/testdata/Prio3MultihotCountVec_0.json @@ -0,0 +1,59 @@ +{ + "agg_param": "", + "agg_result": [ + 0, + 1, + 1, + 0 + ], + "agg_shares": [ + "e2bb7419a8ac96a1c6def1bed78dcb074557af87236442363aa49be4fd351b11b64bede210be55b253caa20a0f75703e295aa329cd650b825d3d4492d46d2fb3", + "1f448be65753695e1d210e41287234f8bda85078dc9bbdc9a95b641b02cae4ee4cb4121def41aa4d90355df5f08a8fc1d8a55cd6329af47d86c2bb6d2b92d04c" + ], + "chunk_length": 2, + "ctx": "736f6d65206170706c69636174696f6e", + "length": 4, + "max_weight": 2, + "prep": [ + { + "input_shares": [ + "e2bb7419a8ac96a1c6def1bed78dcb074557af87236442363aa49be4fd351b11b64bede210be55b253caa20a0f75703e295aa329cd650b825d3d4492d46d2fb362d5c7a84cb3dc77420ae9fb319a83b91a5ed94b3fee03d209e78f1b2561041a66cf7dff4a43e15165bcaed22955b547461b80bb28663b502ad8b1536aa6d3cffdd56552a27dab37d3921be5ad85e990d6182143dd4b359053d6b41b58a260a36444c50596526e58032cf8d75335a776d8e856f751d5b9972dcb6d5e9df41e1a13612efca2bf4dc3a35d88e64bde741e93d680d9a3e0261d17a21ccdee91bde85440901071218a3ab71661cef25d4275b17fdfedfdd8a9e6e48a0ebcb73f8fec09f6945689cb0a789221792d689e2ab2404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + ], + "measurement": [ + false, + true, + true, + false + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "e2bb7419a8ac96a1c6def1bed78dcb07", + "4557af87236442363aa49be4fd351b11", + "b64bede210be55b253caa20a0f75703e", + "295aa329cd650b825d3d4492d46d2fb3" + ], + [ + "1f448be65753695e1d210e41287234f8", + "bda85078dc9bbdc9a95b641b02cae4ee", + "4cb4121def41aa4d90355df5f08a8fc1", + "d8a55cd6329af47d86c2bb6d2b92d04c" + ] + ], + "prep_messages": [ + "407dd84e19e24c5dd58e2a735bade1c3feaa768f055f553e0767e8f8066ddc8b" + ], + "prep_shares": [ + [ + "0c82e0cc5f690b9caafa428dd6d85ec0cb91386cb2e980e5475e84dc83a874724d0ec28fc8583fcd3d2049ed82fe4cb49b774302bf9e3f22840fdcae9eda08edf34af1e39cf607549e72d9603c9064bd1ce6bcc5c3cff0cd2404afaa25d39fbef626f32389f3abd8f1007f22683246938f85d46fdcf067e79c9b6b088a0c70ba", + "f57d1f33a096f4633905bd722927a13f27c3d26278454e1a5238c31d07b79cfb65698f64c871fc3ae4f3ec5c948d0436d2d857e9751199e9364d6f9097174bf6f551d066f30ae33ed61f9b4bed3609d6fd20479675bf4583e46fa4df4e93182f5728b4e324470bb29993bf18e20714421c8e06f4c0622e3641eb50f24fed1117" + ] + ], + "public_share": "f626f32389f3abd8f1007f22683246938f85d46fdcf067e79c9b6b088a0c70ba5728b4e324470bb29993bf18e20714421c8e06f4c0622e3641eb50f24fed1117", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + } + ], + "shares": 2, + "verify_key": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" +} diff --git a/vdaf/prio3/testdata/Prio3MultihotCountVec_1.json b/vdaf/prio3/testdata/Prio3MultihotCountVec_1.json new file mode 100644 index 00000000..127c7637 --- /dev/null +++ b/vdaf/prio3/testdata/Prio3MultihotCountVec_1.json @@ -0,0 +1,113 @@ +{ + "agg_param": "", + "agg_result": [ + 0, + 1, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 1 + ], + "agg_shares": [ + "781bcdf49ab6cc3905ddc9468ba3770da93b52b6850a6d98fda820b899e3b66db99c81ef1b1c865cb5efd83a31c2f04aece94430b7ca762c1d136c4b324ccb133c414a50f7c6842f5ace7c4e063a40a143d8d7d2a451a3a38efe662c928909bb51615b73d0634675c28073fe8bbc903ed3aafb155bc2662a9f3a62e83641da00da4853618f6664e1553c949cc5b836685f02f3396816e79747e3be5fbc28e193", + "1f448be65753695e1d210e41287234f8bda85078dc9bbdc9a95b641b02cae4ee4cb4121def41aa4d90355df5f08a8fc1d8a55cd6329af47d86c2bb6d2b92d04ca02a3857b34c2388a1f51604ce657c46e8a126b4c011fc2dda1870e4da9efbe54ecaad63670383735c9147d029a5ce03f744adcd817d8b8193701eb0e5205a85c5dfa58103daa2c7b771ceea8337b2214082f4c93b0bc641415917797dbc38e2", + "ff2f6b009697e49299e90da15ae5290a2942cae56bd275a2d8f03559a786b6f201695f5dc2ffc6494de65a25135f6dad9a94d87862672aa862450f061067d3abda47a8cbb895558b4ffc871bb1abe7f6d68d52c7927b3f5462d4c91b100a4acbb29c41730607fea082660c46ca6921ca52dc64d21f01a65da0e10e20647d07d56487f50aac1a09052234e204a03d30561d8abcc6d4e4b3d6c801b5b1a584553c", + "6c703c24775ee5d40b181ad7f1042af075d992eb31875ffb2b0a45d3bccbadb0fc450c9632a2080c35f46eaaca531246a4db8580b3336aadc1e4c84092ba90f34c4cd58c9c5602bd7c3fe4917ab45b2102f8aeb1072121dae0135fd382cdb093b137b5b5c1913876268738eb7f347ff3e633f24903bf67f6f47270477f20c4a4fe4f1112c1a4ef51b41dbb7316d2e61f47f15b3587f99e4f76c174752096904d" + ], + "chunk_length": 3, + "ctx": "736f6d65206170706c69636174696f6e", + "length": 10, + "max_weight": 2, + "prep": [ + { + "input_shares": [ + "781bcdf49ab6cc3905ddc9468ba3770da93b52b6850a6d98fda820b899e3b66db99c81ef1b1c865cb5efd83a31c2f04aece94430b7ca762c1d136c4b324ccb133c414a50f7c6842f5ace7c4e063a40a143d8d7d2a451a3a38efe662c928909bb51615b73d0634675c28073fe8bbc903ed3aafb155bc2662a9f3a62e83641da00da4853618f6664e1553c949cc5b836685f02f3396816e79747e3be5fbc28e193d6ef25e6111cbe64d8aa9bb7d1e45d4018d4e09983efb42009e731d7876edd0fb51db5d367cba65352cd4e8a467599c00ffffc9ce9bd8fc86b6cd630c0acf18e79dca744bc07b49fb78affea16190c112049cc4bbc5ccaf14c4a2f96c38b60f3f8fe14301095168d635be5bf3265507825c030369182e08d747fc6b9d0353f89e4ac4b881c81cf8d0721196a71068b3c28c753ec8fcb7b0446ad514a92136515c16f287f616ba0f83d1c6f06774886e2b21e0fe7e34f6b7d076bcda1e515f6a5d9912f0526f0ed0751f25648ba2b3b2119bf68d6746da1030416f32cefe8259cb0fc365b409eb8dc0640ef36a2aeef3124b3dbf37e6eaddde55b4d9dff1d13a65e8874c77d8ba000a934a6c2220d9b22106db138a2024fb830146e74c385964dcde91517e010303ad4c575ded39da50f25f36b2756145ebffb50f591935cd81274705ab2a21ab3b52b72689817c2eeb50ddb567e4947035aeafbdca5707a27ef0189eefa973d7c70bf542004e4eedcb5c0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedf", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f", + "404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f", + "808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebf" + ], + "measurement": [ + false, + true, + false, + false, + false, + false, + false, + false, + false, + true + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "781bcdf49ab6cc3905ddc9468ba3770d", + "a93b52b6850a6d98fda820b899e3b66d", + "b99c81ef1b1c865cb5efd83a31c2f04a", + "ece94430b7ca762c1d136c4b324ccb13", + "3c414a50f7c6842f5ace7c4e063a40a1", + "43d8d7d2a451a3a38efe662c928909bb", + "51615b73d0634675c28073fe8bbc903e", + "d3aafb155bc2662a9f3a62e83641da00", + "da4853618f6664e1553c949cc5b83668", + "5f02f3396816e79747e3be5fbc28e193" + ], + [ + "1f448be65753695e1d210e41287234f8", + "bda85078dc9bbdc9a95b641b02cae4ee", + "4cb4121def41aa4d90355df5f08a8fc1", + "d8a55cd6329af47d86c2bb6d2b92d04c", + "a02a3857b34c2388a1f51604ce657c46", + "e8a126b4c011fc2dda1870e4da9efbe5", + "4ecaad63670383735c9147d029a5ce03", + "f744adcd817d8b8193701eb0e5205a85", + "c5dfa58103daa2c7b771ceea8337b221", + "4082f4c93b0bc641415917797dbc38e2" + ], + [ + "ff2f6b009697e49299e90da15ae5290a", + "2942cae56bd275a2d8f03559a786b6f2", + "01695f5dc2ffc6494de65a25135f6dad", + "9a94d87862672aa862450f061067d3ab", + "da47a8cbb895558b4ffc871bb1abe7f6", + "d68d52c7927b3f5462d4c91b100a4acb", + "b29c41730607fea082660c46ca6921ca", + "52dc64d21f01a65da0e10e20647d07d5", + "6487f50aac1a09052234e204a03d3056", + "1d8abcc6d4e4b3d6c801b5b1a584553c" + ], + [ + "6c703c24775ee5d40b181ad7f1042af0", + "75d992eb31875ffb2b0a45d3bccbadb0", + "fc450c9632a2080c35f46eaaca531246", + "a4db8580b3336aadc1e4c84092ba90f3", + "4c4cd58c9c5602bd7c3fe4917ab45b21", + "02f8aeb1072121dae0135fd382cdb093", + "b137b5b5c1913876268738eb7f347ff3", + "e633f24903bf67f6f47270477f20c4a4", + "fe4f1112c1a4ef51b41dbb7316d2e61f", + "47f15b3587f99e4f76c174752096904d" + ] + ], + "prep_messages": [ + "aa3d8e6257c466bc3173d454e46493c662d2e2377c60b1eb53808cdc231e8292" + ], + "prep_shares": [ + [ + "3d641c737846ac6347415a39f0460706161b78f45441c4f571c675ad977c1e569acfdbefed88b73e37d374da9b35abf7001afb1320dc90678b166811f357c7ec30a0a8be486b56d79d35d4a84f5e51864b829f9c74d386e114fd8592d083b93313a2198ec71058793b0405c971d3f9bca7c044481ad26366abdf9a305efe9eeefe81d25365b05a7d6f2cfd118c387e52584e3fc90e73acc0c17673b63bf98656", + "ff861e22d4bedb6cb50fd8d45398283fc31e12b09efa9b1d25f9c9b1ae98d2df263eebbea09201393c0c4f56e4797c22bf656006ee88b2a3873340c5821753d0bab172e5a332467bc77ff5bb585c4209900f1790247cd23eb1c3d4a0e314466cf96c4358c10e3d54bcdb9cf9fe3421d302c84b82f9b7aacbce9c9411539265961c03081b9e0b8b0a5dfdec6485969578f8704a628d19d074992f4a7374e9d534", + "0f67a601dcedd6767d4d28a6ccf47249444fb33d24d5949ed3691d49e1b87f4f3c3d080f87ea23f04d73dd2d65a2c058b221d50bbe74a3fb8ce8b7dc8c4fcb9cff59b081e848f598fd8256091b56b30cc9ad83d14e35b4aa58390d0deecbc452ca662416b4648fa177154ea775bf07e09f45276e775cb1105c81ef86c26e3b00d462ef6d88b6578c2b1ffb6471ab9d20379901919c448fb43c4463b26de3422d", + "b6ad1e69d70ca1b86961a54bef2b5d71e42954395b808a34b8747594131bf6212199d7d40829fdff5745dffd4fdf781fd9cad9d28c45e8053b25a5955b941fb6ae0172cfc2bd07f81108815a8772bf0ecf24fa93147007bdae65fb6384544be21e13d421a9685db56769a24a029d4791a8207cddd30e695e44c1fd9c9eac1ab10ff631cd5510a3b15c117d3914e8943dee24437b6abc6c04bd58b4d6239185aa" + ] + ], + "public_share": "fe81d25365b05a7d6f2cfd118c387e52584e3fc90e73acc0c17673b63bf986561c03081b9e0b8b0a5dfdec6485969578f8704a628d19d074992f4a7374e9d534d462ef6d88b6578c2b1ffb6471ab9d20379901919c448fb43c4463b26de3422d0ff631cd5510a3b15c117d3914e8943dee24437b6abc6c04bd58b4d6239185aa", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff" + } + ], + "shares": 4, + "verify_key": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" +} diff --git a/vdaf/prio3/testdata/Prio3MultihotCountVec_2.json b/vdaf/prio3/testdata/Prio3MultihotCountVec_2.json new file mode 100644 index 00000000..d7ccb03e --- /dev/null +++ b/vdaf/prio3/testdata/Prio3MultihotCountVec_2.json @@ -0,0 +1,211 @@ +{ + "agg_param": "", + "agg_result": [ + 2, + 3, + 4, + 1 + ], + "agg_shares": [ + "6cab477f485ff127e159b9ba36c5f92657b46ca6b1f44b0f23350a77f50d88558c7aa26e54b6ac7bbef32d354b493238cbc230d001fd388a273355db2625ed7f", + "9754b880b7a00ed802a64645c93a06d9ad4b93594e0bb4f0c0caf5880af277aa79855d91ab495384250cd2cab4b6cdc7373dcf2ffe02c775bcccaa24d9da1280" + ], + "chunk_length": 1, + "ctx": "736f6d65206170706c69636174696f6e", + "length": 4, + "max_weight": 4, + "prep": [ + { + "input_shares": [ + "e2bb7419a8ac96a1c6def1bed78dcb074557af87236442363aa49be4fd351b11b64bede210be55b253caa20a0f75703e295aa329cd650b825d3d4492d46d2fb362d5c7a84cb3dc77420ae9fb319a83b9195ed94b3fee03d209e78f1b2561041ab435529c98fc7c8c876eb82fd65a31fc66cf7dff4a43e15165bcaed22955b547461b80bb28663b502ad8b1536aa6d3cf8e705bd868a6285c8f72784c197180fdcb1b50029d910e62f6d3bebbd091725f687ed53430cb0818cdada631d9bd1e370ab5a6c2a2b6d543e0e918131c67aedd5b77cb75ce71d8c8dd5ec9028440226d124bc44458e5c4e329096c1ab250ff75b66121e927d624d471d2e7e648928016920efc2d378dc0e8ee13a36d87fbdd35d4a88e6c937da0cc54fd49e9e3f4f4e971bda86ce701e9ab267195ca19bd9b318358d9d6de83a3f8be79f370a3aba801a3d79af7d7df1fb0d61dffd8d00627f7c75fc765e1ec4579c1fb4c907feff49b99198983ece8440b5d6ea9fde97a2020094a42dac99c8f0c1a6267d25128b21b404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + ], + "measurement": [ + false, + true, + true, + false + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "e2bb7419a8ac96a1c6def1bed78dcb07", + "4557af87236442363aa49be4fd351b11", + "b64bede210be55b253caa20a0f75703e", + "295aa329cd650b825d3d4492d46d2fb3" + ], + [ + "1f448be65753695e1d210e41287234f8", + "bda85078dc9bbdc9a95b641b02cae4ee", + "4cb4121def41aa4d90355df5f08a8fc1", + "d8a55cd6329af47d86c2bb6d2b92d04c" + ] + ], + "prep_messages": [ + "1cb5c0b55decfe04be8c9c84c9e29614449ed43534727e7f6189a7206287bf59" + ], + "prep_shares": [ + [ + "e54359db132ef59eec785c12afbcd0c41095ec67b32f42ca286f3dba81d2f4d52a403e1b48dfa7f4a5a6d23ae37d1051dce6452e9ae476eb0764deecce8a40db7b547c43a9891dd84dbbbfe39840e7baabd2e24b618d91e6404723c5cd8ae26c", + "1cbca624ecd10a61f786a3ed50432f3bda4bbbc57edf2cddf1ff2a876ff1b8a00822fcd3fd0c9087a94588084d124e91105ac0f6e69e7f327f9c989a03c990fa59339032814730865c9eb4e827d6c696e3e6b53a2039714fa507e920708af091" + ] + ], + "public_share": "7b547c43a9891dd84dbbbfe39840e7baabd2e24b618d91e6404723c5cd8ae26c59339032814730865c9eb4e827d6c696e3e6b53a2039714fa507e920708af091", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + }, + { + "input_shares": [ + "e2bb7419a8ac96a1c6def1bed78dcb074457af87236442363aa49be4fd351b11b64bede210be55b253caa20a0f75703e295aa329cd650b825d3d4492d46d2fb361d5c7a84cb3dc77420ae9fb319a83b9195ed94b3fee03d209e78f1b2561041ab435529c98fc7c8c876eb82fd65a31fc66cf7dff4a43e15165bcaed22955b547461b80bb28663b502ad8b1536aa6d3cf4dd9d294fe4b5dfe6a035bf7c093bc3739e06b1224caa5b68b0a3240016a62d1e13cd4750741b83bf16614e687fb4ad6d08a9104fc57825d867cb6e43082cc5356dc187c4e7ff7bc9f68ccdcd074f42b37f5b9cb574739ec6152bf68e5ef8f1c1e4a446d5dbcb1233c30c7db5ce97888920efc2d378dc0e8ee13a36d87fbdd35144017b0fdd76b2a956c673e3cd2b8af04f98c5c60c95157753a2246e9e4abbf0b9ada95070ef4d47ec085bcf46d7c62dc01b0b57e3e73964c8b6107bceb0881ccfa795f61df2685fff149b632bb22dd746f93fcec86d002252556afb6db8f79a2611f5694b602bd330488dd3dd1b9a9404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + ], + "measurement": [ + false, + false, + true, + false + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "e2bb7419a8ac96a1c6def1bed78dcb07", + "4457af87236442363aa49be4fd351b11", + "b64bede210be55b253caa20a0f75703e", + "295aa329cd650b825d3d4492d46d2fb3" + ], + [ + "1f448be65753695e1d210e41287234f8", + "bda85078dc9bbdc9a95b641b02cae4ee", + "4cb4121def41aa4d90355df5f08a8fc1", + "d8a55cd6329af47d86c2bb6d2b92d04c" + ] + ], + "prep_messages": [ + "c24bc83b6d97bf557b590fea3e93b567b122a1cd957bcaa9aec448aca7726899" + ], + "prep_shares": [ + [ + "e54359db132ef59eec785c12afbcd0c4bc8093f51d55c746fd0ddc2e937ec2f330b04b8b772f62ab1ec1adc762c94ff9608a58476c33ec43cbd673643576dd2e42ab6d3c84a37c14bfadd7d17006387b1398149b4d736d6727f455ddeb0e8d62", + "1cbca624ecd10a61f786a3ed50432f3b96ae6b20fffa93bcf425c53e822b4ff50822fcd3fd0c9087a94588084d124e91105ac0f6e69e7f327f9c989a03c990fa59339032814730865c9eb4e827d6c696e3e6b53a2039714fa507e920708af091" + ] + ], + "public_share": "42ab6d3c84a37c14bfadd7d17006387b1398149b4d736d6727f455ddeb0e8d6259339032814730865c9eb4e827d6c696e3e6b53a2039714fa507e920708af091", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + }, + { + "input_shares": [ + "e2bb7419a8ac96a1c6def1bed78dcb074457af87236442363aa49be4fd351b11b54bede210be55b253caa20a0f75703e295aa329cd650b825d3d4492d46d2fb362d5c7a84cb3dc77420ae9fb319a83b91a5ed94b3fee03d209e78f1b2561041ab335529c98fc7c8c876eb82fd65a31fc66cf7dff4a43e15165bcaed22955b547461b80bb28663b502ad8b1536aa6d3cf4025a91e2e42deba4c317240c77fb80fde5dcd86b144bb2df213d72a8bf2baea3a4dd9ae180d83470a22d9d4eaa1b0c4dbddfc151145b025cc0ce900a1bd0c9baadd792e2991654a51e51ead894211fc50964f986c2042f74a1fda80c3ecf0f412cf7551c6f265123271a4353820ee94920efc2d378dc0e8ee13a36d87fbdd3521f44026cee1ea6db33e50f535e6bcd75f7b2be8d24e3ce00e317d5b5f5c53a6b289d55cf64129c96505c1cd91c71674d1ae44a4695145ce06fb2eeb4bb0c83978f918ad86cdb8f74d75f7e579ed050d5ccefd2fd8adc7f71f583b97d8de2ea1aedced712b804ece3dc3aa83629a449d404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + ], + "measurement": [ + false, + false, + false, + false + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "e2bb7419a8ac96a1c6def1bed78dcb07", + "4457af87236442363aa49be4fd351b11", + "b54bede210be55b253caa20a0f75703e", + "295aa329cd650b825d3d4492d46d2fb3" + ], + [ + "1f448be65753695e1d210e41287234f8", + "bda85078dc9bbdc9a95b641b02cae4ee", + "4cb4121def41aa4d90355df5f08a8fc1", + "d8a55cd6329af47d86c2bb6d2b92d04c" + ] + ], + "prep_messages": [ + "c3b3331981af8ffa017c3fc4acdf8275c2dd31484200de3098f3e9560d00a943" + ], + "prep_shares": [ + [ + "e54359db132ef59eec785c12afbcd0c424c727ac2cdaafc3813020484c7bc9b6c45ada8371c5d4dbd4f9d77e2064e8061992d56621092be95a40e591a2615d8ba8b2abd7d94ff6a85516e59a79b71c229c13b132bd251e1302a6fe5d02817927", + "1cbca624ecd10a61f786a3ed50432f3b2efb430cd6b5d98874bfc62d858c1b060822fcd3fd0c9087a94588084d124e91105ac0f6e69e7f327f9c989a03c990fa59339032814730865c9eb4e827d6c696e3e6b53a2039714fa507e920708af091" + ] + ], + "public_share": "a8b2abd7d94ff6a85516e59a79b71c229c13b132bd251e1302a6fe5d0281792759339032814730865c9eb4e827d6c696e3e6b53a2039714fa507e920708af091", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + }, + { + "input_shares": [ + "e3bb7419a8ac96a1c6def1bed78dcb074557af87236442363aa49be4fd351b11b64bede210be55b253caa20a0f75703e295aa329cd650b825d3d4492d46d2fb361d5c7a84cb3dc77420ae9fb319a83b91a5ed94b3fee03d209e78f1b2561041ab435529c98fc7c8c876eb82fd65a31fc66cf7dff4a43e15165bcaed22955b547461b80bb28663b502ad8b1536aa6d3cf1d40bde9925d4b17c846dd3594fed83dc892ca94d3c04183fa3e3e9c30b20a8c4747be8800152c9d08ddb4916ad19cfb3bfbf22858f63ff68dbf8f300abcd3c1523cea0e97d0e81f3e130785696b0fd20edd6849bb3aa68707bf11e59d1733ada4ae070d7c35a4aa785b4359d92c94e9920efc2d378dc0e8ee13a36d87fbdd3544d92c5b69c67d113829e5ff68679ca974462edab0d2b58a220616eab99c0305a58ff0820e3a8073674ae51012982a3d71914e9122a0b5fd444888bbe2b10113d09aa8cc188e352261470f0e9ac407379e87e47e8993636763b80333feb3ece81cfd5bb6753d1036f7d80b60c18d9e48404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + ], + "measurement": [ + true, + true, + true, + false + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "e3bb7419a8ac96a1c6def1bed78dcb07", + "4557af87236442363aa49be4fd351b11", + "b64bede210be55b253caa20a0f75703e", + "295aa329cd650b825d3d4492d46d2fb3" + ], + [ + "1f448be65753695e1d210e41287234f8", + "bda85078dc9bbdc9a95b641b02cae4ee", + "4cb4121def41aa4d90355df5f08a8fc1", + "d8a55cd6329af47d86c2bb6d2b92d04c" + ] + ], + "prep_messages": [ + "ffa6aa6631a9caed44243158a9b823cd6d03ccd9c0061e32905f64878a71657b" + ], + "prep_shares": [ + [ + "e54359db132ef59eec785c12afbcd0c46afdfeebb2cfb53fe66ec386a655dbc7998879597006242af323ee8edbdc70e9aa8f8db407bca86ae285576865be82a58e7a554c0e2fa5553f86ee96de11b6fa1f973b14695dfffdd21490e09765686d", + "1cbca624ecd10a61f786a3ed50432f3b6dddb72e222cee22981333990002d1cc0822fcd3fd0c9087a94588084d124e91105ac0f6e69e7f327f9c989a03c990fa59339032814730865c9eb4e827d6c696e3e6b53a2039714fa507e920708af091" + ] + ], + "public_share": "8e7a554c0e2fa5553f86ee96de11b6fa1f973b14695dfffdd21490e09765686d59339032814730865c9eb4e827d6c696e3e6b53a2039714fa507e920708af091", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + }, + { + "input_shares": [ + "e3bb7419a8ac96a1c6def1bed78dcb074557af87236442363aa49be4fd351b11b64bede210be55b253caa20a0f75703e2a5aa329cd650b825d3d4492d46d2fb362d5c7a84cb3dc77420ae9fb319a83b91a5ed94b3fee03d209e78f1b2561041ab435529c98fc7c8c876eb82fd65a31fc66cf7dff4a43e15165bcaed22955b547461b80bb28663b502ad8b1536aa6d3cfb8918ed5588ae5657f52706150b90f3b7563a4e1847a3252288d55ed722f9efc30fb18f33cf498ed14cd6ed91437e035bbc19908859c3b9169ad78dc32fa1cd00225523ffa19a72ceea504b22886fe4a5f4a4af495e251e6266d18ea3a62c6194d30914ad76eaca4cc68911472efa372920efc2d378dc0e8ee13a36d87fbdd35a9875b6fa399e3c2801d52d4acac65acc875548dff18c5bbd8b7fe98771f7094bbdb9518d25a1323775a2bc96732e702f1caa7b1f5f9b962695a9f0fba73b80420b2409cb5447715b1b411e1daa918be4c1a03d4aeebb708600afd2d6169597c737bd2781a04083ca3cbbda428cb8ebf404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + ], + "measurement": [ + true, + true, + true, + true + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "e3bb7419a8ac96a1c6def1bed78dcb07", + "4557af87236442363aa49be4fd351b11", + "b64bede210be55b253caa20a0f75703e", + "2a5aa329cd650b825d3d4492d46d2fb3" + ], + [ + "1f448be65753695e1d210e41287234f8", + "bda85078dc9bbdc9a95b641b02cae4ee", + "4cb4121def41aa4d90355df5f08a8fc1", + "d8a55cd6329af47d86c2bb6d2b92d04c" + ] + ], + "prep_messages": [ + "8168d1e866a10ff4cc68c5a974e74b30d03faf32df83d833bf44fc7069430654" + ], + "prep_shares": [ + [ + "e54359db132ef59eec785c12afbcd0c4631e1fa996b00e4ef539d7b7e668113d9b63c65b32e40c5f03b4f8f527ad35bc595cdf351c8fb3f0f6ac9d6701a1bac7718dc7f5c50b4119fb6c3c767cae0c30a69a3166f4c6ecb28c535766c93dbb2e", + "1cbca624ecd10a61f786a3ed50432f3b7f34b51d5bf17a64064e62b7470b71e00822fcd3fd0c9087a94588084d124e91105ac0f6e69e7f327f9c989a03c990fa59339032814730865c9eb4e827d6c696e3e6b53a2039714fa507e920708af091" + ] + ], + "public_share": "718dc7f5c50b4119fb6c3c767cae0c30a69a3166f4c6ecb28c535766c93dbb2e59339032814730865c9eb4e827d6c696e3e6b53a2039714fa507e920708af091", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + } + ], + "shares": 2, + "verify_key": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" +} diff --git a/vdaf/prio3/testdata/Prio3SumVec_0.json b/vdaf/prio3/testdata/Prio3SumVec_0.json new file mode 100644 index 00000000..b847122d --- /dev/null +++ b/vdaf/prio3/testdata/Prio3SumVec_0.json @@ -0,0 +1,195 @@ +{ + "agg_param": "", + "agg_result": [ + 256, + 257, + 258, + 259, + 260, + 261, + 262, + 263, + 264, + 265 + ], + "agg_shares": [ + "de30a92af16bc2ab4da894e09426019d0d3cd9897a4e0ed38a1e7cde38fed1fd78b6df5176e37263f7cecb715966820a07045939da773b834c226dfa7c324916427edcf2eebf55d4a4fd9b3897e35851827dd8ebd784d3099d17d54de4c0a71a77842e8666086c4daac340201a50386b8435787649d598d01d2b4e0dae72c58eb2096da354a19135170a7adb3dcf2ba4312a75565a4e3a2e39bfdad5f9f9099f", + "23d056d50e943d5496576b1f6bd9fe62f5c4267685b1f12c59e18321c7012e028b4a20ae891c8d9cec30348ea6997df5fdfca6c62588c47c97dd920583cdb6e9c382230d1140aa2b3f0264c7681ca7ae84832714287b2cf646e82ab21b3f58e5907cd17999f793b2393cbfdfe5afc79484cb8789b62a672fc6d4b1f2518d3a7157f7925cab5e6ecaccf58524c230d45bd9d68aa9a5b1c5d1aa40252a0606f660" + ], + "bits": 8, + "chunk_length": 9, + "ctx": "736f6d65206170706c69636174696f6e", + "length": 10, + "prep": [ + { + "input_shares": [ + "25592c04bc72803500f284c48149d3ae04827becc1530c74619388f1bb3c344f752b1e4ed693306c0a1d1f90001355d3c8727fc06c49304726df59bba46a0b4be4f4582f29855bc8df63723589d3c218ef20bad7c095a97d43abf967f81bf1fa100c59dd138c132d8be8aadb1521aa11a91463adbed40dd4051fe39bac22d9d56374166a0d709d638ab7afe476ab9a0067f3eb19b9a0c5f4313370bb94fb302020f12fbf60e297d00d5c7831258b53d6669dfb8b9a62de9228a2812abb345910c32548120b3429ea2a7294a7dd40942ee3de3ad8a918d701a656573ec43f523c9ea8a6451d190a3686c45223dc902819fd69e67daf19d544e139228844adf3aeece03b4a6ce137bf87e921e282b1200d963687bee8150815450de7a6365ed10330a17ac17dbc32ca4c3dda00c1eda43c1b3a46cc6b48389511be8996f8f275a281a83cc701ff2581db833e467e543cec113074f9ce8815b80460c5e7a0169dbccbdf37e7044ebf18c87f756de3360803398c4c68512e966132fc5d1021b348e8b04a76bcce82b55271b076c76421bb524789a5cf6a9cc17e82539a7aa9ab417e47b241db44cb7dcefbbae6227cd1ad204a53f1c3863856db4dc682fb0827b755195db4bf44991563ef4c28e15fa4432a0b1075e2b091b05cf8f6a77fa93f292d9744d3fa5f2c1bf2a4056923d4519a673b79ade7db4bf1fa35b09a5ad33a5ab3c2854dede1ad8d7b26cfd1a03c0b0a70b036ad24dcaf6ebdb5d225ab14e6270836730ad27c36a009b66c08d8f768f86197f79b6f4659d18fda078e3fa4f34e9c2aa2833c9a4e9cd890b356d9da9eabf0feed22dd69703132f2e72d60ed1ea9b073e92a47cdec7eaceee61be29796a2ee333691651d9acc121ac5e4f12ececff86a0d567741f62d23d6c8bc59c510de1660e5ce64138e8b7a66760ff100d28f1689d01fa394df1056a8ee5e308b29b1775cefaded40616270c6fcad2487f57243bc51f532b26ea1548329b4b8b6e86cbcf8e14ff20657a03fabe78dc1ac4933163c7ed1724f2e112dc097d5718bdf84ba0114ccf90d7b1a4d9c89897d2a878da614bbccd6561e6e1fee8274a4215490f6d517f516cf9f57521d7f0154d0ff00124223dc7c8e30f68cc696f048c1b473c0f3b771e4da9ab08d11fafa5c6eed3a445e2faaa5825e1273036ffc23ceb2f9422fef32d0ab3fef2a010f10d03e7b105d0eaa74b0ccfe482012fc1ef3281bd50180087becf5b6d006cea2a7aafd263d0dbe915d11c68b9d49720706264ecf948b309ad241982e5f61aced1e9d7f9709cc43fc940836202004a067c24610dacc5b99ed77366f07e75aafd69ad67e3ced52c65897eee947d9b13347043764322ff2bb866efa8fc4e8ae9c192a20196a7da1ab90fdd1c9ba2caf31a969b0ec56bcc2bfce602568dac1c35bb288426e370724e402fcbdfc3bb9867ab5af81852b4d2df064ff3321fb98f57d0abbd0938cf82ebd916a0ccbad2eef8bb16f8ef5e0f715e9df13d4d71c2f4d9f9e1475bde2751d2cd47296be913250860771e28f9ef50c9554d751dc26dd408c5f8b155df7734c2f645cfa7d4471982c36d93f617bee89c95e5f559d3a7d22a7ff3e141e94c761d7908b0789780eb505d59d87e69beca4722a940a5e37dfb8963ed4109e02199abc3775db924cf005ade382bd6da1133bb2a4ce0ffd1aeec4c61bbeac5253a97c67d00f50e2d12b87b07f84ca0702ea13dd68fb5d112193dabbf5b35b4997ce413e53ebcc7c9afb2a6e98e99f3aea33c0ba293142926ef548505dfcd29d66b43e2aaa7fe93c27c1fe909f3851571a485ebbad9e8c158bb2b64f56ae1b48bb0cab150d407a1e769c08324904718ba20b174f65e8e285624612451b7de187a464bf693603e9280d0ae64e91212e94350e046b8fa4155ee8880e0352db01fac55b4e7cdbc2fb87f5bf938b03a9d44e51e4457ea6c50d244da2a0f2d5b1ca8e532813873cc4156598f104df7da1dcdc5e25e290145a0a022c91e88eaba277bcae82a44c8678bfefe760dd3c44d9dfa81666393d70d59eb243727b38f6592614008c679eba7e20a2bfb0eba90a5982f60fc45873bbf44828731ab80494af99d59badba8344948ffbc4f2cfdd4e79248415793748e126f3ffe0de1bb4d0c87aa3d0ec9bc9f85bddb69f6924dd362589a576ce1b53e37d8de7d64396594c3a5ba927cce1d7e6530d1d941683a4f0a55513439f68841bcc23b568a017ee1aa4dada33df061d8dca19df2e3047cfa13f7a9b9a9ea1e500b533e8362765af09de80b565e7cfa259cac403afc3c87ca9aa588f9b2abd9f97c936ecc18a995b111486f679249669e462b5f142808d2d8702ba43578c5fcc7777fcf58f1aa11cd36e7356448ea2392de9c3c3cac6d2f7b6ce6b3b449844f8001be366b30743e405f840e51803656f1a8f355fb28de8142b1ac65e429a22f981495dba52804768275f50a39453a69422304831853cf2c41b87048acc6c96d09ef6493296f68149756fbffcc0d2142ba12d106fc21073786a9afe0351361063882038c176e0d78099b3ba035b6b978c299279db0298ca1e1ef992d9fd28ca31631c8fc75791ad5d4439997f59c139e06eb8459295887603836a4db2fe75360a746fcc84375e5c773adae0f7f339c73689de9e9e12eaa294a55ef638881990d90e8803c1b58c77774753e269eb99c08484a2a7ec0a84eb7a37713c9ee50e45e4ee88bd076a49d206b9cb920361887ab0e904e1f7a05d5f08efcb0ab249cef54d6fdc7498882cb5cfcbd342903913a422b86daf7522a8138497993d52bdf14ef51972c494739b749288100f5534b46675b9f1836f962765ad1163220bbf88964bc225931899a6345fae8cf56a870227fc635a48f03b93ab4d00c07d11b3f3b9404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + ], + "measurement": [ + 0, + 1, + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9 + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "4a65380efb23968ec4e286f586b75534", + "05694883d3c404f1d8b47e9fbd549b54", + "7f3cf5c57cf6d0cbf34499d01d22d658", + "5a56c8bd487dbe2b10b67953d410c35c", + "6ed49efba4ea71f136ff336832a11d1b", + "da7e9d4e9d81460377b2f1194c408db3", + "81d664d7cc02246fe3eb6ab50870bd23", + "861128d26d9cdd9ab4636f043a26972f", + "415824e1c635db11a958d3f3699a0e8c", + "6cb8d11c1e1abe64b43f9e9ca8a8588a" + ], + [ + "b79ac7f104dc69711f1d790a7948aacb", + "fd96b77c2c3bfb0e0b4b816042ab64ab", + "84c30a3a83092f34f0ba662fe2dd29a7", + "aaa93742b78241d4d34986ac2bef3ca3", + "972b61045b158e0ead00cc97cd5ee2e4", + "2c8162b1627eb9fc6c4d0ee6b3bf724c", + "86299b2833fddb900014954af78f42dc", + "82eed72d926322652f9c90fbc5d968d0", + "c8a7db1e39ca24ee3aa72c0c9665f173", + "9e472ee3e1e5419b2fc061635757a775" + ] + ], + "prep_messages": [ + "51b574601d2f7035e0c8a968e34e81cf949327f932a8fde13451f29aa7f9a2ac" + ], + "prep_shares": [ + [ + "30851472f3bdc07a4959bdfad085ddda3281c00d82d49622b634b22d1eef6d60f1ad80968db3f79ad81b0118fc88244fdebcb8c5155c84c275b9198d451faed352503eab54be0e1edc54ef2bb64e9a14076c4d7b8c45b64b08f2aef8bf0d0f14fe2b765a5af438ad81287fa54dc69a6f9090d54ef8b8326c7bb1de86da0a136ce01be313a26b3bf6f806ae40d5b8a42fa7c37fbaa057b0be8dbfaf8deb60dfe8462e47f72e56307e875305f445761211a216f0254108c6a2cf9026513be0552b8b3c93295aba7032a4e586e03a9e3032612cc0a5253c96ea0f141eed61a7955867f8d0e793e8db4418a504d33aa7f0e73705ace21ea56a0ad9ec9441f9e2b349d13349f0a6fe33ef5dbbb2e6fedf3d4697233f6c10eb723fe20565fe5f8ff759aeeb86681f49ad0ffcdee9e3a9ec2a90b365eab313a08a9e9867b26ff583e7a33dc7f458d6780bfb6e59801b3098aa5a51d4d87a0a3526a965bb01215988ac57", + "d17aeb8d0c423f859aa642052f7a2225996887bbb8c5e974168e8d32e89774afcf60c3ce65047c215a8ecd78cad6516556cdbdf20bea9d316a1662c8a2374c0f766297cf9f7c1df20768eef0302af42e566a04c54032235e7aa81cf952829e1336a7bada320159a2e224bacef11ba00aee542fe815df02579733deb63f8d321203e4190b73e2738340da8b81d7b229f999c841a5d07cd16fe4d30824dd3ead1906a4aeb88f360ec3388d7bf7835c9b4a01e087c01140e705a48902ec50684b2a5c8c3d07dcff55afc8a2a278e0993b9399e63b3729a507b636d2b777b4d09a1e381331cffcf0259930e14973f1d4795b4222b39302830134199c166cd3d020a7486c4be8d29b37fabcf73229c95d3ee7ae211b08e5e02e1c34316d92e6fafdc5698629f9db0d7ef317efcfcc20bc1c61a25ac48e8b2090ad4b965d239f3fdd4352636c2e157a7bb1671ac81f34de5805a84147336c6c2c783ad3b2bdee3d3c75" + ] + ], + "public_share": "3dc7f458d6780bfb6e59801b3098aa5a51d4d87a0a3526a965bb01215988ac5752636c2e157a7bb1671ac81f34de5805a84147336c6c2c783ad3b2bdee3d3c75", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + }, + { + "input_shares": [ + "26592c04bc72803500f284c48149d3ae04827becc1530c74619388f1bb3c344f752b1e4ed693306c0a1d1f90001355d3c8727fc06c49304726df59bba46a0b4be4f4582f29855bc8df63723589d3c218ef20bad7c095a97d43abf967f81bf1fa100c59dd138c132d8be8aadb1521aa11a91463adbed40dd4051fe39bac22d9d56374166a0d709d638ab7afe476ab9a0067f3eb19b9a0c5f4313370bb94fb302020f12fbf60e297d00d5c7831258b53d6669dfb8b9a62de9228a2812abb345910c32548120b3429ea2a7294a7dd40942ee3de3ad8a918d701a656573ec43f523c9ea8a6451d190a3686c45223dc902819fd69e67daf19d544e139228844adf3aeede03b4a6ce137bf87e921e282b1200d953687bee8150815450de7a6365ed10330a17ac17dbc32ca4c3dda00c1eda43c1b3a46cc6b48389511be8996f8f275a281a83cc701ff2581db833e467e543cec113074f9ce8815b80460c5e7a0169dbccbdf37e7044ebf18c87f756de3360803398c4c68512e966132fc5d1021b348e8b04a76bcce82b55271b076c76421bb524689a5cf6a9cc17e82539a7aa9ab417e47b241db44cb7dcefbbae6227cd1ad204a53f1c3863856db4dc682fb0827b755195db4bf44991563ef4c28e15fa4432a0b1075e2b091b05cf8f6a77fa93f292d9744d3fa5f2c1bf2a4056923d4519a673b79ade7db4bf1fa35b09a5ad33a5ab3c3854dede1ad8d7b26cfd1a03c0b0a70b036ad24dcaf6ebdb5d225ab14e6270835730ad27c36a009b66c08d8f768f86197f79b6f4659d18fda078e3fa4f34e9c2aa2833c9a4e9cd890b356d9da9eabf0feed22dd69703132f2e72d60ed1ea9b073e92a47cdec7eaceee61be29796a2ee333691651d9acc121ac5e4f12ececff86a0d567741f62d23d6c8bc59c510de1660e5ce64138e8b7a66760ff100d28f1688d01fa394df1056a8ee5e308b29b1775cefaded40616270c6fcad2487f57243bc51f532b26ea1548329b4b8b6e86cbcf8e14ff20657a03fabe78dc1ac4933163c7ed1724f2e112dc097d5718bdf84ba0114ccf90d7b1a4d9c89897d2a878da615bbccd6561e6e1fee8274a4215490f6d417f516cf9f57521d7f0154d0ff00124123dc7c8e30f68cc696f048c1b473c0f3b771e4da9ab08d11fafa5c6eed3a445e2faaa5825e1273036ffc23ceb2f9422fef32d0ab3fef2a010f10d03e7b105d0eaa74b0ccfe482012fc1ef3281bd50180087becf5b6d006cea2a7aafd263d0dbe915d11c68b9d49720706264ecf948b2f9ad241982e5f61aced1e9d7f9709cc42fc940836202004a067c24610dacc5b99ed77366f07e75aafd69ad67e3ced52c65897eee947d9b13347043764322ff2bb866efa8fc4e8ae9c192a20196a7da1ab90fdd1c9ba2caf31a969b0ec56bcc2bfce602568dac1c35bb288426e370724e502fcbdfc3bb9867ab5af81852b4d2df064ff3321fb98f57d0abbd0938cf82ebd916a0ccbad2eef8bb16f8ef5e0f715e8df13d4d71c2f4d9f9e1475bde2751d2cd47296be913250860771e28f9ef50c9554d751dc26dd408c5f8b155df7734c2f645cfa7d4471982c36d93f617bee89c95e5f559d3a7d22a7ff3e141e94c761d7908b0789780eb505d59d87e69beca4722a940a5e37dfb8963ed4109e02199abc3775db924cf005ade382bd6da1133bb1a4ce0ffd1aeec4c61bbeac5253a97c67d00f50e2d12b87b07f84ca0702ea13dd68fb5d112193dabbf5b35b4997ce413e53ebcc7c9afb2a6e98e99f3aea33c0ba293142926ef548505dfcd29d66b43e2aaa7fe93c27c1fe909f3851571a485ebbad9e8c158bb2b64f56ae1b48bb0cab150d407a1e769c08324904718ba20b174f65e8e285624612451b7de187a464bf693603e9280d0ae64e91212e94350e046b8fa4155ee8880e0352db01fac55b4e7cdbc2fb87f5bf938b03a9d44e51e4457ea6c50d244da2a0f2d5b1ca8e532813873cc4156598f104df7da1dcdc5e25e290145a0a022c91e88eaba277bcae82a44c8678bfefe760dd3c44d9dfa81666393d70d59eb243727b38f6592614008c679eba7e20a2bfb0eba90a5982f60fc45873bbf44828731ab80494af99d59badba8344948ffbc4f2cfdd4e79248415793748e126f3ffe0de1bb4d0c87aa3d0ec9bc9f85bddb69f6924dd362589a576ce1b53e37d8de7d64396594c3a5ba927cce13265f695cfd229a96012061cdcc64f574e81b3a8f5ddd47e0a9a058683f30df0aa8e7157e53d2077c499b8b02b3720dce6ede68bbb5f5341f21df5e723bc855ab19fe500ab7bc1a6c7b80cba425a63f261eed6fbc959417e3c75ba835ee07ac93c11b6d677fe7a4d48f5380b31a9203484f36ed44deca03bc94255feb435398623b6d2be2eee3982d383780dd0f82376cac99cb53a48a5b4de0618f07a8aeffb552511020de0ec9c53e1214a44a655e01d24b0db83fe4384194c651184a1ebb8a36bd5b1b5a1c9c8b9890b018752c2b8a10cb0942b350fcec86de9247d5bfbb61566449886e9cedaad77f43ab9bffca363882038c176e0d78099b3ba035b6b9731abeff028c484a462fc98cc107a78db68fd340a87e25c4625c5d7edd6999250546d11088c869846f28af1162262f4fb08873d74b10e32805026c379899d9b3c2743c362f745ecc44996fc9485c9e05a17b87a3ee31dd69296e3ace40185438db1574f86664f892b60c93aebb0937a702c7391e5af0dc3375a49e507a56fdd96c6601be68c7deaaf2c2222691d9542c47ba65aa2c4f38e43d5cab393fac7260d3dadebe2c7f4485f29e191b96c593691d1770b46cbc7d737e1630a4e74271c5466704c1aeb799a8eb8a3de250e3933747b546c481ffa8de8c3b51290eaecd984129f43c0d814d54318f365415c442d26404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + ], + "measurement": [ + 1, + 1, + 1, + 1, + 1, + 1, + 1, + 1, + 1, + 1 + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "4b65380efb23968ec4e286f586b75534", + "05694883d3c404f1d8b47e9fbd549b54", + "7e3cf5c57cf6d0cbf34499d01d22d658", + "5856c8bd487dbe2b10b67953d410c35c", + "6bd49efba4ea71f136ff336832a11d1b", + "d67e9d4e9d81460377b2f1194c408db3", + "7cd664d7cc02246fe3eb6ab50870bd23", + "801128d26d9cdd9ab4636f043a26972f", + "3a5824e1c635db11a958d3f3699a0e8c", + "64b8d11c1e1abe64b43f9e9ca8a8588a" + ], + [ + "b79ac7f104dc69711f1d790a7948aacb", + "fd96b77c2c3bfb0e0b4b816042ab64ab", + "84c30a3a83092f34f0ba662fe2dd29a7", + "aaa93742b78241d4d34986ac2bef3ca3", + "972b61045b158e0ead00cc97cd5ee2e4", + "2c8162b1627eb9fc6c4d0ee6b3bf724c", + "86299b2833fddb900014954af78f42dc", + "82eed72d926322652f9c90fbc5d968d0", + "c8a7db1e39ca24ee3aa72c0c9665f173", + "9e472ee3e1e5419b2fc061635757a775" + ] + ], + "prep_messages": [ + "742127e29a1b5e1189d4cdfda9ac8009d685c5a8c7e47c69876c5e79b22b5da8" + ], + "prep_shares": [ + [ + "30851472f3bdc07a4959bdfad085dddaabaa1bd83533d5731c3c1950389bb43e4469a50551796869287af7eca4a9c95499634bbd72fec4b858b7a272d7330838fa40ea557ef27460d92849406d429bd9bf139934d4f4eb941558b8ca631551bdfe2b765a5af438ad81287fa54dc69a6f74facac550b1882eaa28db2fd30a4ad16f05c1e6391ac3dbd009688250a28c34b4e3be87d3e293d46255d30598d73f222052b3c7b74177996498a8e52797815076c8eddd5b9111f0702f376d5cfbe852bbc1f5ef4e2318e589b808b106be3db0f1f89c7ed14a03be33bea9d592fc30c7f9530ee022aaa402651919cbc369f50e9c310b7e884c60d8f44dd4eaecbc81144661a8416f0672dbfe851e902590381cadb8227d92bc01e7e62b4e1c2a8577432c7159d74f1bf520bdf934b0bf23dadbacbc8254d5a255c0818c3e1e7190137a20e05d4f8235480af044b72b301d44e65378b4ba410d36aa85f4fcfb9deb7c39", + "d17aeb8d0c423f859aa642052f7a2225b210c9a6fdc9936ae13a7ab41bc21732cf60c3ce65047c215a8ecd78cad65165834d2bcf9ae252af25e03314f993dc77766297cf9f7c1df20768eef0302af42ee2bcda8f9b88a97bb8793101a38b149c36a7bada320159a2e224bacef11ba00a6de383887d13260c5b1600de3fd6e6a603e4190b73e2738340da8b81d7b229f98a572393e4c02dbacfca54406ec565e906a4aeb88f360ec3388d7bf7835c9b4abcdf43643287a03d41d34ad6941173155c8c3d07dcff55afc8a2a278e0993b93e2eb193b501db62fc13ce2fe4e686c50381331cffcf0259930e14973f1d4795b93548b77b345e1e5e0e6ccd85c18be86486c4be8d29b37fabcf73229c95d3ee76258b7cb151e9e50638881b31539c2f5698629f9db0d7ef317efcfcc20bc1c61a25ac48e8b2090ad4b965d239f3fdd4352636c2e157a7bb1671ac81f34de5805a84147336c6c2c783ad3b2bdee3d3c75" + ] + ], + "public_share": "20e05d4f8235480af044b72b301d44e65378b4ba410d36aa85f4fcfb9deb7c3952636c2e157a7bb1671ac81f34de5805a84147336c6c2c783ad3b2bdee3d3c75", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + }, + { + "input_shares": [ + "26592c04bc72803500f284c48149d3ae05827becc1530c74619388f1bb3c344f762b1e4ed693306c0a1d1f90001355d3c9727fc06c49304726df59bba46a0b4be5f4582f29855bc8df63723589d3c218f020bad7c095a97d43abf967f81bf1fa110c59dd138c132d8be8aadb1521aa11aa1463adbed40dd4051fe39bac22d9d56374166a0d709d638ab7afe476ab9a0068f3eb19b9a0c5f4313370bb94fb302021f12fbf60e297d00d5c7831258b53d6679dfb8b9a62de9228a2812abb345910c42548120b3429ea2a7294a7dd40942ee4de3ad8a918d701a656573ec43f523c9fa8a6451d190a3686c45223dc902819fe69e67daf19d544e139228844adf3aeede03b4a6ce137bf87e921e282b1200d963687bee8150815450de7a6365ed10331a17ac17dbc32ca4c3dda00c1eda43c1c3a46cc6b48389511be8996f8f275a282a83cc701ff2581db833e467e543cec123074f9ce8815b80460c5e7a0169dbcccdf37e7044ebf18c87f756de33608033a8c4c68512e966132fc5d1021b348e8b04a76bcce82b55271b076c76421bb524789a5cf6a9cc17e82539a7aa9ab417e48b241db44cb7dcefbbae6227cd1ad204b53f1c3863856db4dc682fb0827b7551a5db4bf44991563ef4c28e15fa4432a0c1075e2b091b05cf8f6a77fa93f292d9844d3fa5f2c1bf2a4056923d4519a673c79ade7db4bf1fa35b09a5ad33a5ab3c3854dede1ad8d7b26cfd1a03c0b0a70b136ad24dcaf6ebdb5d225ab14e6270836730ad27c36a009b66c08d8f768f86198f79b6f4659d18fda078e3fa4f34e9c2ba2833c9a4e9cd890b356d9da9eabf0ffed22dd69703132f2e72d60ed1ea9b074e92a47cdec7eaceee61be29796a2ee343691651d9acc121ac5e4f12ececff86a0d567741f62d23d6c8bc59c510de1661e5ce64138e8b7a66760ff100d28f1689d01fa394df1056a8ee5e308b29b1775defaded40616270c6fcad2487f57243bd51f532b26ea1548329b4b8b6e86cbcf9e14ff20657a03fabe78dc1ac4933163d7ed1724f2e112dc097d5718bdf84ba0214ccf90d7b1a4d9c89897d2a878da615bbccd6561e6e1fee8274a4215490f6d517f516cf9f57521d7f0154d0ff00124223dc7c8e30f68cc696f048c1b473c0f4b771e4da9ab08d11fafa5c6eed3a445f2faaa5825e1273036ffc23ceb2f94230ef32d0ab3fef2a010f10d03e7b105d0faa74b0ccfe482012fc1ef3281bd50181087becf5b6d006cea2a7aafd263d0dbe915d11c68b9d49720706264ecf948b309ad241982e5f61aced1e9d7f9709cc43fc940836202004a067c24610dacc5b9aed77366f07e75aafd69ad67e3ced52c75897eee947d9b13347043764322ff2bc866efa8fc4e8ae9c192a20196a7da1ac90fdd1c9ba2caf31a969b0ec56bcc2c0ce602568dac1c35bb288426e370724e502fcbdfc3bb9867ab5af81852b4d2df164ff3321fb98f57d0abbd0938cf82ebe916a0ccbad2eef8bb16f8ef5e0f715e9df13d4d71c2f4d9f9e1475bde2751d2dd47296be913250860771e28f9ef50c9654d751dc26dd408c5f8b155df7734c30645cfa7d4471982c36d93f617bee89ca5e5f559d3a7d22a7ff3e141e94c761d7908b0789780eb505d59d87e69beca4732a940a5e37dfb8963ed4109e02199abd3775db924cf005ade382bd6da1133bb2a4ce0ffd1aeec4c61bbeac5253a97c68d00f50e2d12b87b07f84ca0702ea13de68fb5d112193dabbf5b35b4997ce413f53ebcc7c9afb2a6e98e99f3aea33c0bb293142926ef548505dfcd29d66b43e2aaa7fe93c27c1fe909f3851571a485ebbad9e8c158bb2b64f56ae1b48bb0cab150d407a1e769c08324904718ba20b174f65e8e285624612451b7de187a464bf693603e9280d0ae64e91212e94350e046b8fa4155ee8880e0352db01fac55b4e7cdbc2fb87f5bf938b03a9d44e51e4457ea6c50d244da2a0f2d5b1ca8e532813873cc4156598f104df7da1dcdc5e25e290145a0a022c91e88eaba277bcae82a44c8678bfefe760dd3c44d9dfa81666393d70d59eb243727b38f6592614008c679eba7e20a2bfb0eba90a5982f60fc45873bbf44828731ab80494af99d59badba8344948ffbc4f2cfdd4e79248415793748e126f3ffe0de1bb4d0c87aa3d0ec9bc9f85bddb69f6924dd362589a576ce1b53e37d8de7d64396594c3a5ba927cce11a00c3eccbdb49f940fdc81b40cecc32285f00a3875226d335ee52bfc0f970d48bb36863e6c44819b3df4e50c35867d9aa1e1dcb9f5ad91374adaa984b12c65b8e769d358d5cf3a5017414a185b5dbca117ff597dfb823f65f348d69bb532c82b25714d2a62616c14b6551689e80aa73e413c0f635c9e6828a4c8910b790ad5deb477e71de50ccb035e812430cb830e3e55eba2a16af62683394c15614a6f4d50f6dc319b0bd50bc25a59a96819fab494c35753b1b4bc7c23bb083102e4c802f27bdeddcc1c58275d0d6f105c2270f738fd8b4d95336f381f93e8908ba68bb532041d1e44f126859fe72ba496e0e4d0d63882038c176e0d78099b3ba035b6b974910239a2cbb64548211d6ccac72fbff8e1fe80ff56d0bf2f9708ab499932f6c73481afc8aff6fa403455b778a40adfe44560735cd13acadce960dc961475b3b4a6c0b2e1565bac50fdbf4ad426e688267275ca2cdbef31a7324dafea41192d43b11f18a3727eeb75c59228e43bcf030cc5240c3c7307df0983fb1f5a21469bffece6f33dd1a5881cabd8733e1d5355760113d2de98cd18f803d0a2d61ac2133826539cb2417e53f731d196d2f60e027a26646e6337b54f9beffeb4eca7c87dde21e34efde55e1e1a156f820d363e6b98d886703f7f8a93493e472acaddf19e807c4b6730fec3bc5c7f79f32a7f5dcbc404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + ], + "measurement": [ + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255 + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "4966380efb23968ec4e286f586b75534", + "036a4883d3c404f1d8b47e9fbd549b54", + "7c3df5c57cf6d0cbf34499d01d22d658", + "5657c8bd487dbe2b10b67953d410c35c", + "69d59efba4ea71f136ff336832a11d1b", + "d47f9d4e9d81460377b2f1194c408db3", + "7ad764d7cc02246fe3eb6ab50870bd23", + "7e1228d26d9cdd9ab4636f043a26972f", + "385924e1c635db11a958d3f3699a0e8c", + "62b9d11c1e1abe64b43f9e9ca8a8588a" + ], + [ + "b79ac7f104dc69711f1d790a7948aacb", + "fd96b77c2c3bfb0e0b4b816042ab64ab", + "84c30a3a83092f34f0ba662fe2dd29a7", + "aaa93742b78241d4d34986ac2bef3ca3", + "972b61045b158e0ead00cc97cd5ee2e4", + "2c8162b1627eb9fc6c4d0ee6b3bf724c", + "86299b2833fddb900014954af78f42dc", + "82eed72d926322652f9c90fbc5d968d0", + "c8a7db1e39ca24ee3aa72c0c9665f173", + "9e472ee3e1e5419b2fc061635757a775" + ] + ], + "prep_messages": [ + "b872bdbca9e832071e6ab0a90939e9210fc7d681bbc3346469b97e161022217c" + ], + "prep_shares": [ + [ + "30851472f3bdc07a4959bdfad085ddda9a06b806845b7af3bb01a3f0f24f7f6567b1f70d10208b81dbc03dc1e7a7fc80e127e9791b34e34069a02b62fdcf87e025478289e580d3375ce797bb49682c39588a3fd355bae1a0f46b434218ddba63879b1b9317c93082b53f394c3fdc35122c2bd265657a91b82246f8b57b277dbe0d98bbe550ea01989330fc001fd485df81100910daf35dfa6ba05a2d4b69e0c486a4349ed7c50471159f656d4473189cc15d444072002bd1bb07aa6ccb730ae729cf8d28718aafee660c1b5f09d029dda581d449b11aacb84c107811b30f929024e72f241ba21c2aeacf0eb22472d74cd7a8299552ebeaa02fad6623117d389097ddbe8e309b7e06403312eccee0798cffe073cbab5a9ee5f4f03acac562147f4eb9abdf0ec217398c407b8402220d08a0480f806f55ffb452ffd3ae495e41f41fcda512f21c14d0d6f7ee6f3411c34a788f8d9cbd8a7b3d6b44b4ff7b1ca0ef", + "d17aeb8d0c423f859aa642052f7a2225ca5b009cd7de275c61ecee672a873134cf60c3ce65047c215a8ecd78cad6516527941d2e7706ff22a0b5b6d4e319f969766297cf9f7c1df20768eef0302af42e8256f7782ac0d2abac96e11bc359a63236a7bada320159a2e224bacef11ba00aec1d4c7d8888d1018be9b0e043105ac403e4190b73e2738340da8b81d7b229f9b78d088b9e29d2b0267727444ba7377506a4aeb88f360ec3388d7bf7835c9b4afd18c571cf85d75d10333bc86fdb830e5c8c3d07dcff55afc8a2a278e0993b93357bbac1ce5c784e5f6f92ed22fd55e8381331cffcf0259930e14973f1d4795bb2bc7c75a022a242bdba746734a2ebb9486c4be8d29b37fabcf73229c95d3ee7b7b485f702b007e23fe6ecbe295ffd86698629f9db0d7ef317efcfcc20bc1c61a25ac48e8b2090ad4b965d239f3fdd4352636c2e157a7bb1671ac81f34de5805a84147336c6c2c783ad3b2bdee3d3c75" + ] + ], + "public_share": "1fcda512f21c14d0d6f7ee6f3411c34a788f8d9cbd8a7b3d6b44b4ff7b1ca0ef52636c2e157a7bb1671ac81f34de5805a84147336c6c2c783ad3b2bdee3d3c75", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + } + ], + "shares": 2, + "verify_key": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" +} diff --git a/vdaf/prio3/testdata/Prio3SumVec_1.json b/vdaf/prio3/testdata/Prio3SumVec_1.json new file mode 100644 index 00000000..865c2658 --- /dev/null +++ b/vdaf/prio3/testdata/Prio3SumVec_1.json @@ -0,0 +1,147 @@ +{ + "agg_param": "", + "agg_result": [ + 45328, + 76286, + 26980 + ], + "agg_shares": [ + "1804634db47edf168657b3954adfe41316ac15c1a9746b5e78002e5e9c25b59c790ca00130c66787bd77eb5cfff9cc42", + "21c51bfc8419ef45fbb04ca38ca00091a1461d555042156101e21121ac1c4bacdd05a734256825585d624cf21a38e606", + "d8e781b6c66731a362f7ffc628801a5b4937cee905497f404e1dc080b7bdffb60f57b9c9aad17220c925c8b0e5cd4cb6" + ], + "bits": 16, + "chunk_length": 7, + "ctx": "736f6d65206170706c69636174696f6e", + "length": 3, + "prep": [ + { + "input_shares": [ + "85d237df3416b710eaf3a8de047980d218fc28c39f5fbdc7aee7b838034e2ea98dba20fb535040a21d805c78b8322906c8466acbbcd3a641dd4fec7fab05a795dacdef8c4cb6e6d1bf77b2a2559ad3e926540dfd13e8879173995a3b17c6a6622ee49768084ab70a6e423614bee0b6780036300b36517532168778de9ba321669ca5f321fcf73afbdc9c6255ef66d37d1ce1c390dff9607aabca6a32253aa447de9cfe68ca30827938402d0394cd892bef1e4dce1bdc57534069593d91430c2c85936d12debb90b07f1d32bcc28d8567b53ea47fd94ec9b90cfde39cada3ebba6f0d309e8aee29b9634b596880de0a02e8f44feab8f1144bfb3ce4e9002d1e2611e1ca567c63786f2c062f3540a0050a17f3459e79ab568caf1a5b1c52d29220352eeecc342967ef412a96894c8dd0ea8819c00bedcc2219b5b95e21e67e5aa0edf98064dab57378adeec40ebe5982234825b2f5908a4a7efc07ef57f1187f5e64ae268bfa646ecd80b6df6fac333cc00f42d8348600bb607321323d7124b7a2fa0bacbf03f6cc690f4cf3be68868e97076828c70b0a9ab0d5e3599aa879957d3cbd7e6a59e677b3a4da26762aeeeb4c153f9241696613516f5d482f2d4246dd3944219e92bb6ba6d949af52205d6c7d9b567cf84d1fe21b3f19ebc1914904134e69146421b186095e05d395b64bbecf9bf21fee1a693853cccc0470e54001fd61fa4a5ad4be1b4f19b64e21111480b44538cbe6c5bce974ec414b8df52c839034f2fbff2ed7d67718d30778989eaf5b1c8fb01416cec455ed2c6416177e584ee49dd204f3778d1ef9ab9470c30e647eecbf80ab482bbf1ca41f6c4b00d62768ece36f6fb8a8ce3aa5e8f9207bec4e86db5cb574a5ad703c679969032234468443414ffe96ca893f500eedda1fb53ad4716099b995e120e7dc403f80ff4d814d90dcd1303a74b17aba4cc44c095d8c6b456b0a2ac415109f50290159a9a921816e85d9247a41f37f4afdaa4228312229285108a505a3981051f69430896bc9c760345d6602926413d003ad380e568f3fd365382c314b3076d34a9458cce0183ed096ab0f8259502653ba7eb6be635cf02306340bb5c0d658db16ebac3afad4d415f0fd316a153fcce9b964ac4d870a7160989de29100e87fafba45028201fe8fb1290b3de20651f31ed9dcb835d1089489f3369181a57c34c979a40d13c46c4969bd4b798e004453664618d913a7c34894ba39657863680ea27a3538cae4403847043556c67a98eadfbadc8baab039f00d7b760f8a884faee09fdd838680892ab9760212182dc94aa845c4283a3216d7b8faea7a3457ca7d25d5d9040ac222bc99731d3c8060a2d375e308d66669ac94ae5dea63d994b2a1066a22b8ed121f1d2826506cd8021805e0b8d9b0fd336f736c95f3c09ca69acf80cbc3902c82deb1aad46069966473963266d6bd940b111f6e32519adaf794df9b12ad363ce1e6fc3ff5adf4fafaa3ff9ede2fe8ef168fb4da702baf8ebddaf3fee4bc268256fca2dada5cb790e2b90c9149ebf1cdb799d83c2b7f36bd78e5604a4357f94d613ecade628f07d234d01c5fc1d6a2f92a97a90221012a0c778ddfba30030d577ab6a3cc314b60c8f1dae1010f7e1bf5c8733dffcadb3e3188dc67527433da7638d0151a9e55a7d33f676ebda360cc9910beee90adae1cd3a3f473e696a95b8dfa41a1af4dbbdbc36e3830ec21a81451030e35808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f", + "404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + ], + "measurement": [ + 10000, + 32000, + 9 + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "1398cb193c2af55c231d91dc18f5f65b", + "b3fdb195387cce74c9aa641f34b79189", + "bb8b8a001042cdd7357d4e74aaa8996b" + ], + [ + "0b975ea98108a56cfe3ac48bd98a5530", + "e16cb471c5c0b17598a0b0b58e0919e4", + "4a57e2660c780cc8157619a6b312a257" + ], + [ + "f3f7d53c42cd6536c2a7aa970d80b373", + "6e129af801c37f1566b4ea2a3d3f5592", + "051d9398e3452660980c98e5a144c43c" + ] + ], + "prep_messages": [ + "5f149db2819d9d191f3cd67607cd4caef93159eccca7b4d6e361c7600788f808" + ], + "prep_shares": [ + [ + "51ffd96b532bbf0a52b2f58afc18ea46b1bcc466517198a06a5bb42070cf1d65b68dc64cd0b7bdff12d1453c0054ec535bbd88534d772a2adf54b1591a86bef0e111287229a4312f5cab84dbc74d9eb98226ef05a212f9e1ea5e51000f58ce01ff9441e04969bfe462477158c315340247f6ab86ec35cbca52ae725052a638f93a92bffa1fb71b5df9e430cae0faaaf98a2680a08468768a63abd64a833cd957663b0692b883cf48b4842d80726ad72071fd0bb8ed32ee320abaabed6a432cb6e8844ccf827cc82d67ceaba64c90747004682cb73f9257471f56eb7cd3ad350c3d4644f2575d9b9990869c8bc6d2d4b5afcdedcb1020ce9c886fb1c9db93294cb242c3cfaa7fc6323782d2222eed6660ef11346f78130b02403982d787950aea", + "aab8956a8796a121e384dd5b9dc2e196871d3ab10076502513f46fd7a72f373d141a07a44f86f00b2cda02dd817a2f85a87766501ac368bc9f29a862143b7c1c5a3e85c1d31a279ed84cdc4d85c2d8f59005187b9df36e720282b51a0460def5198aa0dfed40b6a0773b3ce324359ebf7ae08d19b50ed5a58c41503e6a3443c20e2c33641f01626049d3db97f76f821391f766c07cbd2c46ce5c81024ce0f77aae872b1c5d6d756b9c775ac1323c62b123c770aca3a88e68953eed6d4fd76e70c2ee08eefab0858accb535da8cf86797537149a9c2e3e896542a47b359450b59e4c0a111242a58794b041e62036641582ad14b4e015b35082a9189535becf26364431e50f84337393bc357c54663ecd37a782e41bc39fc532d5e10c817752c33", + "06489029253e9fd3aec82c1966243422e4f448da422e967346db1ad2b1e3f68330ba45d7f57de164b3aa9ece4b77a8902e0f799d8d206f26f5f6e7dddfd20394f7a49102dd52135c07ef99e633b2848fb893bbaaaf0fe6a07608847875034e20795b72dfef7b53cb39a6208babe70df25ceb088e02abebc02c3a22a62e0f3e540831d61e841d524e544f908c340bd58e3ee4dd62b4d09aaf04df00ab5bd68ac2e644b746b9f82276c8f72826491ab372e7adce3e529bdccae0b827d13e4b6caac61a73afaf94c56913006bc1df239fd541b66337484cd54ede29ecb2d95bd253afc72b98fe4b97278f0eae2ba038a2d60064cd25924c14665cc237834039da18c5d05045a2b15b194640d6871bb714f4693ee2ee8d0e5861ec969310aa2bcc77" + ] + ], + "public_share": "b242c3cfaa7fc6323782d2222eed6660ef11346f78130b02403982d787950aea64431e50f84337393bc357c54663ecd37a782e41bc39fc532d5e10c817752c33c5d05045a2b15b194640d6871bb714f4693ee2ee8d0e5861ec969310aa2bcc77", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebf" + }, + { + "input_shares": [ + "85d237df3416b710eaf3a8de047980d219fc28c39f5fbdc7aee7b838034e2ea98eba20fb535040a21d805c78b8322906c9466acbbcd3a641dd4fec7fab05a795d9cdef8c4cb6e6d1bf77b2a2559ad3e926540dfd13e8879173995a3b17c6a6622ee49768084ab70a6e423614bee0b6780136300b36517532168778de9ba321669ca5f321fcf73afbdc9c6255ef66d37d1ce1c390dff9607aabca6a32253aa447dd9cfe68ca30827938402d0394cd892bf01e4dce1bdc57534069593d91430c2c85936d12debb90b07f1d32bcc28d8567b43ea47fd94ec9b90cfde39cada3ebba700d309e8aee29b9634b596880de0a02e8f44feab8f1144bfb3ce4e9002d1e2612e1ca567c63786f2c062f3540a0050a18f3459e79ab568caf1a5b1c52d29220362eeecc342967ef412a96894c8dd0ea8919c00bedcc2219b5b95e21e67e5aa0eef98064dab57378adeec40ebe5982234825b2f5908a4a7efc07ef57f1187f5e64ae268bfa646ecd80b6df6fac333cc01042d8348600bb607321323d7124b7a2f90bacbf03f6cc690f4cf3be68868e97076828c70b0a9ab0d5e3599aa879957d3cbd7e6a59e677b3a4da26762aeeeb4c153f9241696613516f5d482f2d4246dd3844219e92bb6ba6d949af52205d6c7d9a567cf84d1fe21b3f19ebc1914904134e69146421b186095e05d395b64bbecf9bf21fee1a693853cccc0470e54001fd61fa4a5ad4be1b4f19b64e21111480b44538cbe6c5bce974ec414b8df52c839035f2fbff2ed7d67718d30778989eaf5b1b8fb01416cec455ed2c6416177e584ee59dd204f3778d1ef9ab9470c30e647eedbf80ab482bbf1ca41f6c4b00d62768ede36f6fb8a8ce3aa5e8f9207bec4e86dc5cb574a5ad703c679969032234468444414ffe96ca893f500eedda1fb53ad4726099b995e120e7dc403f80ff4d814d90dcd1303a74b17aba4cc44c095d8c6b466b0a2ac415109f50290159a9a921816e85d9247a41f37f4afdaa4228312229285108a505a3981051f69430896bc9c760345d6602926413d003ad380e568f3fd365382c314b3076d34a9458cce0183ed096ab0f8259502653ba7eb6be635cf02306340bb5c0d658db16ebac3afad4d415f0fd316a153fcce9b964ac4d870a7160989de29100e87fafba45028201fe8fb1290b3de20651f31ed9dcb835d1089489f3369181a57c34c979a40d13c46c4969bd4b798e004453664618d913a7c34894ba39657863680ea27a3538cae4403847043556c67a98eadfbadc8baab039f00d7b760f8a884faee09fdd838680892ab9760212182dc94aa845c4283a3216d7b8faea7a3457ca7d25d5d9040ac222bc99731d3c8060a2d375e308d66669ac94ae5dea63d994b2a1066a22b8ed121f1dd3ae400cae0e1383886d41136d0e6071a071c5be582ad8dfc9d9102e3e1e53341bf0ca7e57c66ba20b621ff971210cee0f1349f273c8d9ba27a3d86e00f5371c61a66b6f7871d1f68b74a51e3268af1530080d8c95a17b8b2175af159619bf5389a18c7f2cf48b2496e527b5f83ea4123c2b7f36bd78e5604a4357f94d613eca33da9e67fc28d59eb60c6f408a50a6abcd442f2c50f34fcf8d22b66f45de41215c16e14a0790e2d50c1335e017b3786e5eeae3e697b7978cc6e307a2b2247ff6f7ec972c56c93977ec0deb9557bf9d8d3a16cd3fccbf53dcc306b76c79377ff000878b13285d6618e7856b51267c03fb808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f", + "404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + ], + "measurement": [ + 19342, + 19615, + 3061 + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "91bccb193c2af55c231d91dc18f5f65b", + "52cdb195387cce74c9aa641f34b79189", + "a7978a001042cdd7357d4e74aaa8996b" + ], + [ + "0b975ea98108a56cfe3ac48bd98a5530", + "e16cb471c5c0b17598a0b0b58e0919e4", + "4a57e2660c780cc8157619a6b312a257" + ], + [ + "f3f7d53c42cd6536c2a7aa970d80b373", + "6e129af801c37f1566b4ea2a3d3f5592", + "051d9398e3452660980c98e5a144c43c" + ] + ], + "prep_messages": [ + "41e9ead9a8d4e83123f351ac162baee8858e3fbcee01e3e8e13395366342b087" + ], + "prep_shares": [ + [ + "51ffd96b532bbf0a52b2f58afc18ea46a7db6073a8e4f3f865b395dc0cd1d058a4234ca38722c594b0703d09cb9459f5a22eb285bbd2b0ee4f5e3bdf2d4ae2d2512f455169be0941be0732caab35d6da9f2c9776928454e1d3fc0cd81a24eb5863d164f547fa99f707b07d7c8026e94a1377e42283ab96c6f87b1381744d9ef9ade7d4310a98df24bb1872685ecf4bbc882679a0c0362cf08d39087cb2d04e5648bdd61c75604deb6a46c7603c8f438058da54fbb71d7d7aeca16630d4fd8e4c8c8a19a2654e04e85c86318413bcad9f27214639b1ce14d2aa5a8c6b46e81a54bef63b9d274521fc0e140a4dd8c9fc3d392397dabc861a9f444bcdffe48ac0e57bbadfa788aa88120a30d451bacc73bd95c77e9064fb21ec1a6283cd6241849c", + "aab8956a8796a121e384dd5b9dc2e196802208434ffa07ff6587ccc3c1fe8b58141a07a44f86f00b2cda02dd817a2f85ae6d940e21f1c96da205eccbab7602ab5a3e85c1d31a279ed84cdc4d85c2d8f52563bd07c9e0b151b4fdcc2cd5a3d70a198aa0dfed40b6a0773b3ce324359ebf1d76b0e274e051994c1a2e52e7815c4f0e2c33641f01626049d3db97f76f8213adb74cb2a3df578f6167df6e23ec6a3eae872b1c5d6d756b9c775ac1323c62b18f008a01fecf62323f15646a128a03e1c2ee08eefab0858accb535da8cf86797c44358b7cded05599af684c58a71f9a7e4c0a111242a58794b041e62036641582ad14b4e015b35082a9189535becf26364431e50f84337393bc357c54663ecd37a782e41bc39fc532d5e10c817752c33", + "06489029253e9fd3aec82c19662434225c32244c91840c8e5c34b2c8b4a4fdda30ba45d7f57de164b3aa9ece4b77a89098e5c001b43ee1a8859f1209a558442af7a49102dd52135c07ef99e633b2848ff4fa08143e1db73c9f4e3b20dd54d500795b72dfef7b53cb39a6208babe70df241530c60fe60d633c1550d3d3abb9bb30831d61e841d524e544f908c340bd58e30de8e27e9159683932fecc6b204b185e644b746b9f82276c8f72826491ab3720d708a06b466290917f1380aee393ac0c61a73afaf94c56913006bc1df239fd5b8fdcfecff6c7df4dbefb49a8b7c77a5afc72b98fe4b97278f0eae2ba038a2d60064cd25924c14665cc237834039da18c5d05045a2b15b194640d6871bb714f4693ee2ee8d0e5861ec969310aa2bcc77" + ] + ], + "public_share": "7bbadfa788aa88120a30d451bacc73bd95c77e9064fb21ec1a6283cd6241849c64431e50f84337393bc357c54663ecd37a782e41bc39fc532d5e10c817752c33c5d05045a2b15b194640d6871bb714f4693ee2ee8d0e5861ec969310aa2bcc77", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebf" + }, + { + "input_shares": [ + "85d237df3416b710eaf3a8de047980d219fc28c39f5fbdc7aee7b838034e2ea98dba20fb535040a21d805c78b8322906c8466acbbcd3a641dd4fec7fab05a795dacdef8c4cb6e6d1bf77b2a2559ad3e927540dfd13e8879173995a3b17c6a6622fe49768084ab70a6e423614bee0b6780036300b36517532168778de9ba321669ba5f321fcf73afbdc9c6255ef66d37d1ce1c390dff9607aabca6a32253aa447de9cfe68ca30827938402d0394cd892bf01e4dce1bdc57534069593d91430c2c86936d12debb90b07f1d32bcc28d8567b53ea47fd94ec9b90cfde39cada3ebba6f0d309e8aee29b9634b596880de0a02e8f44feab8f1144bfb3ce4e9002d1e2612e1ca567c63786f2c062f3540a0050a18f3459e79ab568caf1a5b1c52d29220362eeecc342967ef412a96894c8dd0ea8919c00bedcc2219b5b95e21e67e5aa0eef98064dab57378adeec40ebe5982234825b2f5908a4a7efc07ef57f1187f5e65ae268bfa646ecd80b6df6fac333cc00f42d8348600bb607321323d7124b7a2f90bacbf03f6cc690f4cf3be68868e97076828c70b0a9ab0d5e3599aa879957d3bbd7e6a59e677b3a4da26762aeeeb4c143f9241696613516f5d482f2d4246dd3844219e92bb6ba6d949af52205d6c7d9b567cf84d1fe21b3f19ebc1914904134e69146421b186095e05d395b64bbecf9bf21fee1a693853cccc0470e54001fd60fa4a5ad4be1b4f19b64e21111480b44638cbe6c5bce974ec414b8df52c839035f2fbff2ed7d67718d30778989eaf5b1b8fb01416cec455ed2c6416177e584ee49dd204f3778d1ef9ab9470c30e647eedbf80ab482bbf1ca41f6c4b00d62768ede36f6fb8a8ce3aa5e8f9207bec4e86db5cb574a5ad703c679969032234468444414ffe96ca893f500eedda1fb53ad4716099b995e120e7dc403f80ff4d814d91dcd1303a74b17aba4cc44c095d8c6b466b0a2ac415109f50290159a9a921816f85d9247a41f37f4afdaa4228312229285108a505a3981051f69430896bc9c761345d6602926413d003ad380e568f3fd365382c314b3076d34a9458cce0183ed096ab0f8259502653ba7eb6be635cf02306340bb5c0d658db16ebac3afad4d415f0fd316a153fcce9b964ac4d870a7160989de29100e87fafba45028201fe8fb1290b3de20651f31ed9dcb835d1089489f3369181a57c34c979a40d13c46c4969bd4b798e004453664618d913a7c34894ba39657863680ea27a3538cae4403847043556c67a98eadfbadc8baab039f00d7b760f8a884faee09fdd838680892ab9760212182dc94aa845c4283a3216d7b8faea7a3457ca7d25d5d9040ac222bc99731d3c8060a2d375e308d66669ac94ae5dea63d994b2a1066a22b8ed121f1d3d88e532ff5ad471ce5611e1cef203e86db1315be762648ecb578a09df60921c2192a42ba72f618d3ff11ec21dfb5400b6a1797b6878b0f676e414da6d5daeb53abb0efb3e9ee48da608dcc3a87b27cb86fd833c034ade3db7cdb647b2b3d32996abb215aa7ca129b68c82477c96aa6c3c2b7f36bd78e5604a4357f94d613ecac900fa40abdc13b070239f72286c02350005c38fc1bac3208ca43c94a49b02395574079eb726edeaf48335176cd92f5cb75bb35da307c15077a2cb3645bc085d1fd8f4a08f9c26e0b579b4f0e0ab25d8e320568f5e17f1294aaeaf3a5d9d6a1af37c657daad45013c7de10bfa224fda0808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f", + "404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + ], + "measurement": [ + 15986, + 24671, + 23910 + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "75afcb193c2af55c231d91dc18f5f65b", + "12e1b195387cce74c9aa641f34b79189", + "18e98a001042cdd7357d4e74aaa8996b" + ], + [ + "0b975ea98108a56cfe3ac48bd98a5530", + "e16cb471c5c0b17598a0b0b58e0919e4", + "4a57e2660c780cc8157619a6b312a257" + ], + [ + "f3f7d53c42cd6536c2a7aa970d80b373", + "6e129af801c37f1566b4ea2a3d3f5592", + "051d9398e3452660980c98e5a144c43c" + ] + ], + "prep_messages": [ + "9cccd419e212147f7e2caed91fbf740e30f2c0b9f644a87d0fc821fbd4d1aa5e" + ], + "prep_shares": [ + [ + "51ffd96b532bbf0a52b2f58afc18ea46e5ce4000200771e413f4cb24396df1a980e32429d5a7424669b4f6f382953063689d00cfef825fdb7baaf88dc5cb203fb5ab15bbd59114354436f75364cfbbd5ff35161ad479308b2ff312c74571caadc27c4bd0934dea828e194d75e35d58411e7a622a90facb38774ac5379205a898eb63d8e9e3a2210d7c22866b61c87eec8cf85dd11a18dfc671bccd58013f06ecdf15d75776293b80fd5fce226f579e6c3bab427d7bfd99e140be2fa1b2e244545a027d22dc1ed7418d9713512eafe0b3d73ab915ae58a08fea6ec80335cc6b1437e2c0dc3bf389b85fee46921ce28851a4fdb3535e345d369838f07ebcf08cdc8f4a5eed4b1e0e0ebaab6a40b65d4241a95c71dfb8f60fcb6bd19f45194478af", + "aab8956a8796a121e384dd5b9dc2e1960ce03fd2e16533a01365b236961d2415141a07a44f86f00b2cda02dd817a2f8537c237958110c96d2102807b0548e9ff5a3e85c1d31a279ed84cdc4d85c2d8f56fd7e1a0188accc8a4776d94782f2431198aa0dfed40b6a0773b3ce324359ebfd5816fc12f785be11f10952ae7129e680e2c33641f01626049d3db97f76f821397efa1f9703b923a4abd8a57ded162ffae872b1c5d6d756b9c775ac1323c62b167c309d1516223a712dfecf56eaef3d5c2ee08eefab0858accb535da8cf867971796f7cbf8bb8b6a03cde19192a18518e4c0a111242a58794b041e62036641582ad14b4e015b35082a9189535becf26364431e50f84337393bc357c54663ecd37a782e41bc39fc532d5e10c817752c33", + "06489029253e9fd3aec82c196624342279049ceb3f21fd8c7d73c37d120de61530ba45d7f57de164b3aa9ece4b77a8904082bda778407df26d1241d8e5cf2e9cf7a49102dd52135c07ef99e633b2848f81d3bbb9d291e6ea6a7652efb15f189d795b72dfef7b53cb39a6208babe70df2a6dd97f9a9c0cb4a5db69df5229872ac0831d61e841d524e544f908c340bd58e500a50c4a2217580795f4d353dee2d34e644b746b9f82276c8f72826491ab372301ad37817bed53aa717e639f8418b63c61a73afaf94c56913006bc1df239fd5d944e2c21c01e3278b1699df9c4290bdafc72b98fe4b97278f0eae2ba038a2d60064cd25924c14665cc237834039da18c5d05045a2b15b194640d6871bb714f4693ee2ee8d0e5861ec969310aa2bcc77" + ] + ], + "public_share": "8f4a5eed4b1e0e0ebaab6a40b65d4241a95c71dfb8f60fcb6bd19f45194478af64431e50f84337393bc357c54663ecd37a782e41bc39fc532d5e10c817752c33c5d05045a2b15b194640d6871bb714f4693ee2ee8d0e5861ec969310aa2bcc77", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebf" + } + ], + "shares": 3, + "verify_key": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" +} diff --git a/vdaf/prio3/testdata/Prio3Sum_0.json b/vdaf/prio3/testdata/Prio3Sum_0.json new file mode 100644 index 00000000..dea8ec7c --- /dev/null +++ b/vdaf/prio3/testdata/Prio3Sum_0.json @@ -0,0 +1,41 @@ +{ + "agg_param": "", + "agg_result": 100, + "agg_shares": [ + "21d79fba22fcea2e", + "44296045dc0315d1" + ], + "ctx": "736f6d65206170706c69636174696f6e", + "max_measurement": 255, + "prep": [ + { + "input_shares": [ + "43126178225dca30c56c892f4cef3ca6f627cae360f77d4b2994ee7fbe779a5892f97897b3c5ff28eb1156127a87cb71feca3aa67f3f66472914077ef4bb37488245444045a2293f2c51f6d5d497646aa2ab3bdc62c1db973fabd7f72169d6d5dbe73437837c1c0662bb24addf7e07e6ae56db956b47ccc755b7c35912f67fb1b50659e637f1034ee3214ff4916ea9d1298a119d0e44c922bd17cc333224c31e67dc3282b61b9aab42ca71062aea44000cf3d13d667e8223477604725e654230e2a7fe703f610869e9f65d5a00203af41da5120d8850de22994a3f5de88910257bf11730c7721c63d712f309ff1a16961a6870876f89b7aece0a7aae9726c957a3bbde29775ad0e4159e2cdfaa741f3f8562468e879f0f4e50829d16ade458e32e321f2b7ab80348c4fcd23a2aeb3921b4b6c297d0e0e10ba6ac3839d9be19018012dfcce38bfb12d0caefc81b0bf2901638317c0a708b0d73f45b43aaf7cc1f7eb7ea6bd7f8e1248ef49224f1735c8112e1f740fc7020d3185ed3c588611aa6aed0f49ac90d908e28213b754fc64e330998b132579ea55c4d5be49e026fcb6e962377d3d540fa2d45116efa46182b7175e29f95499362aa5b631a4b504c7289a7cbf673f2f9d0f0e224f37a862ae822b5359c93de1a40e52e142897dcf25ee5bfaf4132019c1ad28f128186fd48b49eeca0ba9c31e25a025e2d5999e2654a02b6d1bd07d2a2095045cbd367a00a2d34976dc10effb80228afb1c3a7f05943053d65bd900b7a4bfd3833a93f1e0c3c0ecc469d10fbc05ac7881c68f0e3229efdc0e7d15d08a63d9c6de25377f4e01bdc64748dcfc1381977f323cce3c0d453c6a97df87718f54f386228fa70b978c331be3c4af998645e68b00d1f95bb7fedd7", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" + ], + "measurement": 100, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "21d79fba22fcea2e" + ], + [ + "44296045dc0315d1" + ] + ], + "prep_messages": [ + "" + ], + "prep_shares": [ + [ + "3930d34b74e6676f0158033969b58f5f113b356a799287a5", + "c8cf2cb48a199890ca5a3a856a34c034919f038dd5483648" + ] + ], + "public_share": "", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + } + ], + "shares": 2, + "verify_key": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" +} diff --git a/vdaf/prio3/testdata/Prio3Sum_1.json b/vdaf/prio3/testdata/Prio3Sum_1.json new file mode 100644 index 00000000..13016621 --- /dev/null +++ b/vdaf/prio3/testdata/Prio3Sum_1.json @@ -0,0 +1,47 @@ +{ + "agg_param": "", + "agg_result": 100, + "agg_shares": [ + "0838d7ed77cd6687", + "44296045dc0315d1", + "1a9fc8cca92e84a7" + ], + "ctx": "736f6d65206170706c69636174696f6e", + "max_measurement": 255, + "prep": [ + { + "input_shares": [ + "c7fb0bdef5bfe20176af571fbc49515389eaadd4df90c3529f06e993f24e7938e710c770d2dbd06f9b2523f00213f7baaa65475354cb73e7a5d9f889974b2e776e8b996484aeb62b04576947b5a96b0a72189f03c37c2a8309fee95bc15681c9115ee8147e871e4f1edb0ec1e56b68ad083182c17baa213f17a8d8624f21213c55a404746658fb100e1cb0a086315bbcba60c6e3ed3018ed8e7e837f2033bb8284a440d0822e5aaf2cc0dc43c6fc7f78a9a9b2471a4db243f8de37a30b6bcc6c8369f1c6d0c80cc096d25fff0aee3a6e2f9d6da165b01cfe2d7141caa00439e110b68fdd94556d1506ef1499cd969438d98b641f9c132ed547da7eab49dff9c0545f57abbf971f52ccd2e993781cd0cd2c8788b5279e5f70339731ac86ed9195cd3c60836b6dd9698fd1e4ad7050a698df611eee9c5ba98f10e6b64485d7c82bf48968aacfabf982c4b8d98196e25c276dd5e31ee61144266c66d2d2889047cf0b509d0e447e378c179bbd18386eb389c10cfc815ce724b01e47aafef1bb8e52753548f77626a0af40b75036ad6518e293284f82ccb28b4baa512c45276c2986908c87cc69c53f9ac7e0d6850ee756cd430745239b545552c8776d6bd3e2573415e89d96f6b4064456d4cdeb577f87eff828e008e6b1ec0b5943abef717959c0816e12f771fe4feac12ebf5eebb6a268182d25e08027a8dc01a81fbfff43b5604d034cb8d0ba775899a9b6e02bb5542e7ccbeaedf230cedfadf50a541b51281b4d85f67b6c8cfbe1b5e77f95b70053553d7686ee34f5bc6462a0121af4d61057bdea117ebc86fb37f8ac45955a6b73d7dfa2a193033b4524a106de810ac96c754ffc1e46b09c6310564f3a58cfcc123f9fc6d9a530bd16fcbfe45a0dd91b929f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f", + "202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + ], + "measurement": 100, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "0838d7ed77cd6687" + ], + [ + "44296045dc0315d1" + ], + [ + "1a9fc8cca92e84a7" + ] + ], + "prep_messages": [ + "" + ], + "prep_shares": [ + [ + "bc2b0bbf09338766f8abb2e591e5b779587a4647599932a2", + "c8cf2cb48a199890ca5a3a856a34c034919f038dd5483648", + "7d04c88c6ab3e008f1ee26ce020902b52a880fe76f72d29a" + ] + ], + "public_share": "", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f" + } + ], + "shares": 3, + "verify_key": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" +} diff --git a/vdaf/prio3/testdata/Prio3Sum_2.json b/vdaf/prio3/testdata/Prio3Sum_2.json new file mode 100644 index 00000000..e98afe5c --- /dev/null +++ b/vdaf/prio3/testdata/Prio3Sum_2.json @@ -0,0 +1,230 @@ +{ + "agg_param": "", + "agg_result": 1521, + "agg_shares": [ + "3d90b1d19acf1386", + "b5754e2e6430ec79" + ], + "ctx": "736f6d65206170706c69636174696f6e", + "max_measurement": 1337, + "prep": [ + { + "input_shares": [ + "43126178225dca30c56c892f4cef3ca6f527cae360f77d4b2994ee7fbe779a5892f97897b3c5ff28ea1156127a87cb71fdca3aa67f3f66472914077ef4bb37488245444045a2293f2c51f6d5d497646aa1ab3bdc62c1db973fabd7f72169d6d5dce73437837c1c0662bb24addf7e07e6ad56db956b47ccc755b7c35912f67fb18ef8f9f52712c3080f914b74f00382004b165013481acf8be8175a22a882aa0eb80e78e0de28541108838a52471413dfb50659e637f1034e1f16577d02c362b788f2ba75655f48c3de2deca86d4c16dcb7ad16ee9be9abefb92edfc5ff3f936fb870dfe8d010e933b3d757755f70869463b12f0fee4391df94d8c3eaea71cb9eb448cebdcf1a9389aaffdf0add9c1ba4a3395ee3552988f68f846abd0d4c21d80797b31b3c093280a6dab8f6eb620cc224271c24a8e837b46c41d7448f92e8544b91b9258da94f10f9cc0c289acc1ca98e4921970f4645da92de8c4f01ceed91f67287a63c48f0efe31870630655eb8e771eae674a07d9208c92248153875c1a173ec6d0dbac7277d81f7d42fe00695163970bd22113a1fe897d45d0ae3ecd9232fc2f27cfe06c208fc152c37ff03f7daed0f49ac90d908eec2c33ecde71954dab2f085aff8226bc2d45c429c64678b147529367ef72e8e9ceac003b71c2dc01c96492eade00fc99ef01c7474f412e2526c2c5d54317487a37438dea9bd856781e92e0e296508b7e1d5f87e9e7df53669767fb7e72e5ae3ed7a009d3ee17a95cff7177086562e030875d1a518d2907983566800da114a280ee272902bcec631ed13e4e77f9aec2650667549603727f3fdd4dbb2476ec096b6b51ef2a4629889d8b8ad8018e594ce34bb030c6b68ccc6fc9db02c3a12a608eb01a1fbfbd64b152636ef87af0fb310d8ef8aae46ccbb794c59dd711cdda905e679f47c5fbad52209d211213c7f4111b38aa9f97c5f0c700", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" + ], + "measurement": 0, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "4a3136daf279c290" + ], + [ + "b7cec9250c863d6f" + ] + ], + "prep_messages": [ + "" + ], + "prep_shares": [ + [ + "fc4370f72d35fb2151811ef413c956ff342b7195eb58731e", + "05bc8f08d1ca04de00af93b17bde18cbad698b7a7dd6d58d" + ] + ], + "public_share": "", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + }, + { + "input_shares": [ + "44126178225dca30c56c892f4cef3ca6f527cae360f77d4b2994ee7fbe779a5892f97897b3c5ff28ea1156127a87cb71fdca3aa67f3f66472914077ef4bb37488245444045a2293f2c51f6d5d497646aa1ab3bdc62c1db9740abd7f72169d6d5dce73437837c1c0662bb24addf7e07e6ad56db956b47ccc755b7c35912f67fb18ef8f9f52712c3080f914b74f00382004b165013481acf8be8175a22a882aa0eb80e78e0de28541108838a52471413dfb50659e637f1034ea72dc76b211a70eb7fe9fdf23cf0bcce943e3cf677b2b53094dcd6fb6ac97ec4a05af004e87f92c6b406483756e68cb6325ddf6eb8da274f53ad4ca0581ebd88f82e66c767a58d0db89ff54c7319f5a2375a9f0d03890626247e02d2b5d3052be84c40b561eb5dbff61791c03271b92aef7f8973c1b2dd8bfd71a06e7d20198578a0d8ff103a4daae2f7ef838ba428d310c7e6f08dc4251b9ee657be8ff079b8ee17832393d334fc3f5254aec43a035d6944ba57c76d7ac9e02595222da66e469ad2edf1793434b1603d183b8fbb1d2699cf69935df52598abe65d9a0db52afbd1f1fc495705efe608118cda6d9e946349c54f32cea15eb2aed0f49ac90d908e6415c3fdbf1a8819b438c5dc27f2b1b0763474dcbce0d85c6923d35921931515e880effb8782ddaacdce299c592b5817707c3f4ef6d68c6a36c6a844d93c1cd1d2ecea0d20a594091a3bb953f35129659004c8e6c1f368e415235790133b310a7ed833db9a786c7510f199636efa58863eb849d4b7d935ce5c1bfcc2cbdcc0afe3c827473945ffc83bd81719fab3e9a2ef6c7acd0f7a76cdcdb084fdf541d58c0f18f956b423413341ab0bfa06673976c584e6d1f5733d3560d41b08bf8bca68a3da554e96b7d9bb1a6fa6103ded865ecd48be930dd7fa4d7d4e8549e1380762202b904b52e730ccc80cb65f2737ead77fa6a228763fa9cb", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" + ], + "measurement": 1, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "4b3136daf279c290" + ], + [ + "b7cec9250c863d6f" + ] + ], + "prep_messages": [ + "" + ], + "prep_shares": [ + [ + "fc4370f72d35fb211eb662209e58e2405d1a1b206c9f3fc5", + "05bc8f08d1ca04de00af93b17bde18cbad698b7a7dd6d58d" + ] + ], + "public_share": "", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + }, + { + "input_shares": [ + "44126178225dca30c56c892f4cef3ca6f527cae360f77d4b2a94ee7fbe779a5893f97897b3c5ff28eb1156127a87cb71fdca3aa67f3f66472914077ef4bb37488345444045a2293f2c51f6d5d497646aa2ab3bdc62c1db9740abd7f72169d6d5dce73437837c1c0662bb24addf7e07e6ae56db956b47ccc756b7c35912f67fb18ff8f9f52712c3080f914b74f00382004b165013481acf8be9175a22a882aa0eb80e78e0de28541109838a52471413dfb50659e637f1034e4ea3f731bdcdb2d15cde40b82ae8b2f958cf9926b84d1f101b2aacba2766ca4f0211a744f01ad937622bca186d7448311074990955f2f6cdde5c72c7790e6c1950807b95f52c6638327753e1ffa6a80bcf15500c8d5dcee16ad2d9a8374b9dbbf4eb9fe829c7607f5301f9b7e4aace4447dc7eb670e39324605c593843aa1ca2a846e48361529f2ac54ff9e68652a1b4b5e81d20835332fc2f405d2586293bb2266a5659025590a010a73442884f49010e7f6f3a71dfc5936fe02415e08651a00f20b7f6ecdda5921f2c3d4a2c5fb6529036b0e54c25f2c52e13d722c7e29d2ec197666a44f8fea894e4bb0d47c340e5778ac90f3d6d5709aed0f49ac90d908ebd9f923724674533d74382173afabb85b2a316ac7c456f7de2d5fd9a64f6c98985ca38bc80e796391faaa7ba429d9c9c936585b358bfbdebaa16831db94c6d407b9bd53f911dbcdea0635bbf66c475fcf84817e8371fa128d0ce7fb990c399797239d4a7d29c69b5b307326cbcc0436ce55b549109a97f35f93043f90553bd92b2221cc3e92cad4858800eb6fe0571c14b4b439e19eb69ec3c577f96ff081493d7c5252145a2e58e70562b664352f3d1204a31ef4b02f26ad1198c150cabe70e2e8d8c49230e68da5b808101a049ee31d6e177411ea72e20f9210cc1280b942e2f85262b66f4200a3c39862c4e123e5650e1284b0874b074", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" + ], + "measurement": 1337, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "833636daf279c290" + ], + [ + "b7cec9250c863d6f" + ] + ], + "prep_messages": [ + "" + ], + "prep_shares": [ + [ + "fc4370f72d35fb21d1a2b4da13818ff19ae1da2daa52e440", + "05bc8f08d1ca04de00af93b17bde18cbad698b7a7dd6d58d" + ] + ], + "public_share": "", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + }, + { + "input_shares": [ + "44126178225dca30c66c892f4cef3ca6f527cae360f77d4b2994ee7fbe779a5892f97897b3c5ff28eb1156127a87cb71feca3aa67f3f66472914077ef4bb37488245444045a2293f2c51f6d5d497646aa1ab3bdc62c1db9740abd7f72169d6d5dbe73437837c1c0661bb24addf7e07e6ae56db956b47ccc755b7c35912f67fb18ff8f9f52712c3080e914b74f00382004a165013481acf8be9175a22a882aa0eb80e78e0de28541108838a52471413dfb50659e637f1034e2e45375c41717d1d236e9d21e14c017ce572e18159e66d4eb3dbc784f8d5abc618c775703bf481a0599570c8ceb21ce9d4ab6c6d423578fa1198c7d8a5c499db443c9d9bf0d159bd25689231e5676d85e579ce0c032e9418bcd1daf6f248e470b12101afcbee6af953382fe0e8ed45b45730df5fe92bebb2e5fe76d958ecb1ec6af571ab2275371c13488a57f0e44966f75bf52dbc97383a702a187d53f95aa7273000c599ab06bba08836d40c710a2d140f38ae642a38bbab722dfd95b361dbd10373448b601da441085f7fa5afe5eabe4ce2e4f921dddcf6311a3afb1c7f671a819380aa3aaff841b6e05d27348a3396e9a69fa7f02e9daed0f49ac90d908eddfd520da0c37ae70fb425ae84956d032500cf50dbac203f4a24e2d09386e81270146a90340eeed02940010be05ec8e4cf2db24f6b7c3cbf78db2d0c8c963f7e87dfb3399678c859ad721c6f8103b182e2e498e7c14edbf17ecf7e6bd5c552c4b50373e130755f3bb4d0fb43b77dccfcd607f4e78f6028a7748e2558f0102848f0738e9b280a155709887d459673c80f08d86b90e1a663aefb6cc43e3239f49dd6ff7bb5ad4b6f74e07429d4be3032a61aba687b58b77f439687832d557ed7d36ca9d0fb848bf0c83aa45fcc25f9be99a8cb454271aa43093203c9a9f3d0b2f5d79bf914ffb170ba8e6761dc6ea1f40732824bbb9cf0d8e0", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" + ], + "measurement": 99, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "ad3136daf279c290" + ], + [ + "b7cec9250c863d6f" + ] + ], + "prep_messages": [ + "" + ], + "prep_shares": [ + [ + "fc4370f72d35fb21738306b80716f2e4c51acbcc0158dd8a", + "05bc8f08d1ca04de00af93b17bde18cbad698b7a7dd6d58d" + ] + ], + "public_share": "", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + }, + { + "input_shares": [ + "43126178225dca30c66c892f4cef3ca6f527cae360f77d4b2a94ee7fbe779a5892f97897b3c5ff28eb1156127a87cb71fdca3aa67f3f66472914077ef4bb37488245444045a2293f2c51f6d5d497646aa1ab3bdc62c1db973fabd7f72169d6d5dbe73437837c1c0661bb24addf7e07e6ad56db956b47ccc756b7c35912f67fb18ff8f9f52712c3080f914b74f00382004b165013481acf8be8175a22a882aa0eb80e78e0de28541108838a52471413dfb50659e637f1034e6a39bfe3b1c5b6044408bc17a9684a3c18667bebbb630aa6fef4ccb832bd20d3c926cd7027dad49c10591913ff0ed8c3b77648981e143b75c377f97ca7ad0df4552fecfc97236770bb0a78e08c3aadd08948040da9f2180727ac0999c3b05f11766438b2bf602a6f17d9a978b17667a56daba815bfb4e1978db9ec3a1c118b311eb30dd8572d7015bcfcffe27b6643b377d38d5bf15eb72ab23051b008a16062bf867d586cd07168a115b887ba9970fe7fbf34858ac4c6e967cc9e2c72cdf43f5f4ca960e60585bce5f1ccf5073e49fafddc6cdb16573e9453415cbcdcbaed30c85793400e4962c27e27482776a443fde4e6ca5e373f7dbaaed0f49ac90d908ea009cb85306f4100ee1907b8bc792443f30c35e7772f84e7ff0add9c599f7306bfb4129048289bd4717c58c0b0020d0aeb62d624909d7944c6fbfb678aadcb6576ec64d8ee26bba617d036c0d93071373d1663e71c8a560312f54fc9055ed723f0c03bde3c03a0c5ef2f81abeff4aa0bc08c2a32bad731c2cbd3aff62dec4e033cb6f26ef351dc5d61d307ba09f2cec28860d362acdfe4bdb9668b0b7d91eee23ea9fe21db2604c7e0e7a7201008ccd4af096ca4321df114d92d12fe7964446fde609adf29e688b096baf155c36a5b8a693bbb4b5475e251d4f386271333442c29c5f9549ba3bdf052f6f9121f313b3ee48427fc0ca28ac3", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" + ], + "measurement": 42, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "743136daf279c290" + ], + [ + "b7cec9250c863d6f" + ] + ], + "prep_messages": [ + "" + ], + "prep_shares": [ + [ + "fc4370f72d35fb2167e02e21452d6637328672ffd0423630", + "05bc8f08d1ca04de00af93b17bde18cbad698b7a7dd6d58d" + ] + ], + "public_share": "", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + }, + { + "input_shares": [ + "43126178225dca30c56c892f4cef3ca6f527cae360f77d4b2994ee7fbe779a5892f97897b3c5ff28ea1156127a87cb71fdca3aa67f3f66472914077ef4bb37488245444045a2293f2c51f6d5d497646aa1ab3bdc62c1db973fabd7f72169d6d5dce73437837c1c0662bb24addf7e07e6ad56db956b47ccc755b7c35912f67fb18ef8f9f52712c3080f914b74f00382004b165013481acf8be8175a22a882aa0eb80e78e0de28541108838a52471413dfb50659e637f1034e1f16577d02c362b788f2ba75655f48c3de2deca86d4c16dcb7ad16ee9be9abefb92edfc5ff3f936fb870dfe8d010e933b3d757755f70869463b12f0fee4391df94d8c3eaea71cb9eb448cebdcf1a9389aaffdf0add9c1ba4a3395ee3552988f68f846abd0d4c21d80797b31b3c093280a6dab8f6eb620cc224271c24a8e837b46c41d7448f92e8544b91b9258da94f10f9cc0c289acc1ca98e4921970f4645da92de8c4f01ceed91f67287a63c48f0efe31870630655eb8e771eae674a07d9208c92248153875c1a173ec6d0dbac7277d81f7d42fe00695163970bd22113a1fe897d45d0ae3ecd9232fc2f27cfe06c208fc152c37ff03f7daed0f49ac90d908eec2c33ecde71954dab2f085aff8226bc2d45c429c64678b147529367ef72e8e9ceac003b71c2dc01c96492eade00fc99ef01c7474f412e2526c2c5d54317487a37438dea9bd856781e92e0e296508b7e1d5f87e9e7df53669767fb7e72e5ae3ed7a009d3ee17a95cff7177086562e030875d1a518d2907983566800da114a280ee272902bcec631ed13e4e77f9aec2650667549603727f3fdd4dbb2476ec096b6b51ef2a4629889d8b8ad8018e594ce34bb030c6b68ccc6fc9db02c3a12a608eb01a1fbfbd64b152636ef87af0fb310d8ef8aae46ccbb794c59dd711cdda905e679f47c5fbad52209d211213c7f4111b38aa9f97c5f0c700", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" + ], + "measurement": 0, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "4a3136daf279c290" + ], + [ + "b7cec9250c863d6f" + ] + ], + "prep_messages": [ + "" + ], + "prep_shares": [ + [ + "fc4370f72d35fb2151811ef413c956ff342b7195eb58731e", + "05bc8f08d1ca04de00af93b17bde18cbad698b7a7dd6d58d" + ] + ], + "public_share": "", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + }, + { + "input_shares": [ + "43126178225dca30c56c892f4cef3ca6f527cae360f77d4b2994ee7fbe779a5892f97897b3c5ff28ea1156127a87cb71fdca3aa67f3f66472914077ef4bb37488245444045a2293f2c51f6d5d497646aa1ab3bdc62c1db973fabd7f72169d6d5dce73437837c1c0662bb24addf7e07e6ad56db956b47ccc755b7c35912f67fb18ef8f9f52712c3080f914b74f00382004b165013481acf8be8175a22a882aa0eb80e78e0de28541108838a52471413dfb50659e637f1034e1f16577d02c362b788f2ba75655f48c3de2deca86d4c16dcb7ad16ee9be9abefb92edfc5ff3f936fb870dfe8d010e933b3d757755f70869463b12f0fee4391df94d8c3eaea71cb9eb448cebdcf1a9389aaffdf0add9c1ba4a3395ee3552988f68f846abd0d4c21d80797b31b3c093280a6dab8f6eb620cc224271c24a8e837b46c41d7448f92e8544b91b9258da94f10f9cc0c289acc1ca98e4921970f4645da92de8c4f01ceed91f67287a63c48f0efe31870630655eb8e771eae674a07d9208c92248153875c1a173ec6d0dbac7277d81f7d42fe00695163970bd22113a1fe897d45d0ae3ecd9232fc2f27cfe06c208fc152c37ff03f7daed0f49ac90d908eec2c33ecde71954dab2f085aff8226bc2d45c429c64678b147529367ef72e8e9ceac003b71c2dc01c96492eade00fc99ef01c7474f412e2526c2c5d54317487a37438dea9bd856781e92e0e296508b7e1d5f87e9e7df53669767fb7e72e5ae3ed7a009d3ee17a95cff7177086562e030875d1a518d2907983566800da114a280ee272902bcec631ed13e4e77f9aec2650667549603727f3fdd4dbb2476ec096b6b51ef2a4629889d8b8ad8018e594ce34bb030c6b68ccc6fc9db02c3a12a608eb01a1fbfbd64b152636ef87af0fb310d8ef8aae46ccbb794c59dd711cdda905e679f47c5fbad52209d211213c7f4111b38aa9f97c5f0c700", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" + ], + "measurement": 0, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "4a3136daf279c290" + ], + [ + "b7cec9250c863d6f" + ] + ], + "prep_messages": [ + "" + ], + "prep_shares": [ + [ + "fc4370f72d35fb2151811ef413c956ff342b7195eb58731e", + "05bc8f08d1ca04de00af93b17bde18cbad698b7a7dd6d58d" + ] + ], + "public_share": "", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + }, + { + "input_shares": [ + "43126178225dca30c66c892f4cef3ca6f527cae360f77d4b2a94ee7fbe779a5892f97897b3c5ff28eb1156127a87cb71fdca3aa67f3f66472914077ef4bb37488245444045a2293f2c51f6d5d497646aa1ab3bdc62c1db973fabd7f72169d6d5dbe73437837c1c0661bb24addf7e07e6ad56db956b47ccc756b7c35912f67fb18ff8f9f52712c3080f914b74f00382004b165013481acf8be8175a22a882aa0eb80e78e0de28541108838a52471413dfb50659e637f1034e6a39bfe3b1c5b6044408bc17a9684a3c18667bebbb630aa6fef4ccb832bd20d3c926cd7027dad49c10591913ff0ed8c3b77648981e143b75c377f97ca7ad0df4552fecfc97236770bb0a78e08c3aadd08948040da9f2180727ac0999c3b05f11766438b2bf602a6f17d9a978b17667a56daba815bfb4e1978db9ec3a1c118b311eb30dd8572d7015bcfcffe27b6643b377d38d5bf15eb72ab23051b008a16062bf867d586cd07168a115b887ba9970fe7fbf34858ac4c6e967cc9e2c72cdf43f5f4ca960e60585bce5f1ccf5073e49fafddc6cdb16573e9453415cbcdcbaed30c85793400e4962c27e27482776a443fde4e6ca5e373f7dbaaed0f49ac90d908ea009cb85306f4100ee1907b8bc792443f30c35e7772f84e7ff0add9c599f7306bfb4129048289bd4717c58c0b0020d0aeb62d624909d7944c6fbfb678aadcb6576ec64d8ee26bba617d036c0d93071373d1663e71c8a560312f54fc9055ed723f0c03bde3c03a0c5ef2f81abeff4aa0bc08c2a32bad731c2cbd3aff62dec4e033cb6f26ef351dc5d61d307ba09f2cec28860d362acdfe4bdb9668b0b7d91eee23ea9fe21db2604c7e0e7a7201008ccd4af096ca4321df114d92d12fe7964446fde609adf29e688b096baf155c36a5b8a693bbb4b5475e251d4f386271333442c29c5f9549ba3bdf052f6f9121f313b3ee48427fc0ca28ac3", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" + ], + "measurement": 42, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "743136daf279c290" + ], + [ + "b7cec9250c863d6f" + ] + ], + "prep_messages": [ + "" + ], + "prep_shares": [ + [ + "fc4370f72d35fb2167e02e21452d6637328672ffd0423630", + "05bc8f08d1ca04de00af93b17bde18cbad698b7a7dd6d58d" + ] + ], + "public_share": "", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + } + ], + "shares": 2, + "verify_key": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" +} diff --git a/vdaf/prio3/testdata/XofTurboShake128.json b/vdaf/prio3/testdata/XofTurboShake128.json new file mode 100644 index 00000000..bfd78ffe --- /dev/null +++ b/vdaf/prio3/testdata/XofTurboShake128.json @@ -0,0 +1,8 @@ +{ + "binder": "62696e64657220737472696e67", + "derived_seed": "b62ef0a2778190792d4d42d8c167ba20e0c37a3f319ba79645829c427d70eea5", + "dst": "646f6d61696e2073657061726174696f6e20746167", + "expanded_vec_field128": "b62ef0a2778190792d4d42d8c167ba20e0c37a3f319ba79645829c427d70eea56d92fef65a07b17a0438e25452cdc7f15f63caf0e8a2a3c72ac69524729e64e03c7ec3a3afa7eb21cb6da6abf0a3b73630a91a5fa05dcbd33da3476f1c8bf4fd66fe5a80dd04bc95f0f02cb8fc9035b9e16e3a5c373bf81c820af513e0c832ca672c66dcc3b302fb8b27a48f09e0a843f5caf87b3c6c1c4b6765b5923e1d152c2e695601abbc69dbe810860fb30e871a2549861110672335ce50ee632264cbb21f62595298d1d1ad9303b84664801e52112989dfce93f0f9dc833ee0f4a0672ffe47cb0a13f80f9e9b7a2e267db7f7890ccd064bf2458cd4e27162d13e60dbc1b6cae71635a3e603f2c15d1c64a12d4e8235f7bf0a8efe6bb15f3e2adae06f7dd1c4d63ac6cecae731250f73c063c6e59aef630a7b6f4bc64bddadc8b8a479bfdb64ea31e6ab44540a52a8d3399d64a060d50190d66cac1335d739e5f8d508201058a2e0cc1ed90e23cfdc7a253f24710ef3b1604688606386dcc4c90e8476be9daac3271ac51301868df71a719a5f32184145d70fec31b4693d527f53875a2ea013523d3daa33bc49c22f66c9ae70dd7f06f227f50515ea9ab1fbe0162cf761e596d8999809cf672cd2d82b22231f841c36e494d7e44f7c6f07e29758b1b73ce95b202325116f04067a54aa767eab2e00ce55b3abcd5c3d5b05040a6bf5d4ba8a61267004bb82b12d43b08fed8f9aced3e833a58fc01004526631b0f4192d8754a397e1096511ee23761a29fcd6511ad2e5020683ca877e4075fe6bc5907f7df1ed4b6c97e0f897d781e850da0cf584842c124cdb6011fe8660e3b8c354cd659985332ea158ffcba83253d39803fa7efb9fcd02cea38089f239f68404814973", + "length": 40, + "seed": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" +} diff --git a/vdaf/prio3/vectors_test.go b/vdaf/prio3/vectors_test.go new file mode 100644 index 00000000..e867a1e8 --- /dev/null +++ b/vdaf/prio3/vectors_test.go @@ -0,0 +1,219 @@ +package prio3 + +import ( + "path/filepath" + "slices" + "strings" + "testing" + + "github.com/cloudflare/circl/internal/test" + "github.com/cloudflare/circl/vdaf/prio3/count" + "github.com/cloudflare/circl/vdaf/prio3/histogram" + "github.com/cloudflare/circl/vdaf/prio3/internal/prio3" + "github.com/cloudflare/circl/vdaf/prio3/mhcv" + "github.com/cloudflare/circl/vdaf/prio3/sum" + "github.com/cloudflare/circl/vdaf/prio3/sumvec" +) + +type VectorCount struct { + VectorBase[uint64, uint64] +} + +type VectorSum struct { + VectorBase[uint64, uint64] + MaxMeas uint64 `json:"max_measurement"` +} + +type VectorSumVec struct { + VectorBase[[]uint64, []uint64] + Length uint `json:"length"` + Bits uint `json:"bits"` + ChunkLen uint `json:"chunk_length"` +} + +type VectorHistogram struct { + VectorBase[uint64, []uint64] + Length uint `json:"length"` + ChunkLen uint `json:"chunk_length"` +} + +type VectorMultiHotCountVec struct { + VectorBase[[]bool, []uint64] + Length uint `json:"length"` + MaxWeight uint `json:"max_weight"` + ChunkLen uint `json:"chunk_length"` +} + +type VectorBase[Measurement, Aggregate any] struct { + Prep []Prepare[Measurement] `json:"prep"` + Params[Aggregate] +} + +type Params[Aggregate any] struct { + AggParam string `json:"agg_param"` + AggResult Aggregate `json:"agg_result"` + AggShares []Hex `json:"agg_shares"` + Ctx Hex `json:"ctx"` + VerifyKey Hex `json:"verify_key"` + Shares uint8 `json:"shares"` +} + +type Prepare2[Measurement any] struct { + Measurement Measurement `json:"measurement"` + PrepareParams +} + +type Prepare[Measurement any] struct { + Measurement Measurement `json:"measurement"` + PrepareParams +} + +type PrepareParams struct { + InputShares []Hex `json:"input_shares"` + Nonce Hex `json:"nonce"` + OutShares [][]Hex `json:"out_shares"` + PrepMessages []Hex `json:"prep_messages"` + PrepShares [][]Hex `json:"prep_shares"` + PublicShare Hex `json:"public_share"` + Rand Hex `json:"rand"` +} + +func convert[Aggregate any]( + t testing.TB, in *VectorBase[uint64, Aggregate], +) (out VectorBase[bool, Aggregate]) { + out.Params = in.Params + out.Prep = make([]Prepare[bool], len(in.Prep)) + for i := range in.Prep { + out.Prep[i].PrepareParams = in.Prep[i].PrepareParams + switch in.Prep[i].Measurement { + case 0: + out.Prep[i].Measurement = false + case 1: + out.Prep[i].Measurement = true + default: + t.Fatal("invalid measurement") + } + } + + return +} + +func TestVector(t *testing.T) { + fileNames, err := filepath.Glob("./testdata/Prio3*.json") + if err != nil { + t.Fatal(err) + } + + for _, fileName := range fileNames { + testName := strings.TrimSuffix(filepath.Base(fileName), ".json") + + t.Run(testName, func(t *testing.T) { + vdaf := strings.Split(strings.TrimPrefix(testName, "Prio3"), "_")[0] + + switch vdaf { + case "Count": + v := readFile[VectorCount](t, fileName) + c, err := count.New(v.Shares, v.Ctx) + test.CheckNoErr(t, err, "new Count failed") + runPrio3(t, c, convert(t, &v.VectorBase)) + + case "Sum": + v := readFile[VectorSum](t, fileName) + s, err := sum.New(v.Shares, v.MaxMeas, v.Ctx) + test.CheckNoErr(t, err, "new Sum failed") + runPrio3(t, s, v.VectorBase) + + case "SumVec": + v := readFile[VectorSumVec](t, fileName) + s, err := sumvec.New( + v.Shares, v.Length, v.Bits, v.ChunkLen, v.Ctx) + test.CheckNoErr(t, err, "new SumVec failed") + runPrio3(t, s, v.VectorBase) + + case "Histogram": + v := readFile[VectorHistogram](t, fileName) + h, err := histogram.New(v.Shares, v.Length, v.ChunkLen, v.Ctx) + test.CheckNoErr(t, err, "new Histogram failed") + runPrio3(t, h, v.VectorBase) + + case "MultihotCountVec": + v := readFile[VectorMultiHotCountVec](t, fileName) + m, err := mhcv.New( + v.Shares, v.Length, v.MaxWeight, v.ChunkLen, v.Ctx) + test.CheckNoErr(t, err, "new MultiHotCountVec failed") + runPrio3(t, m, v.VectorBase) + + default: + t.Fatal("unexpected test v for " + vdaf) + } + }) + } +} + +func runPrio3[ + P Prio3[ + Measurement, Aggregate, + AggShare, InputShare, OutShare, PrepShare, PrepState, + ], + Measurement, Aggregate any, + AggShare, InputShare, OutShare, PrepShare, PrepState any, +](t *testing.T, p P, v VectorBase[Measurement, Aggregate]) { + params := p.Params() + shares := params.Shares() + verifyKey := prio3.VerifyKey(v.VerifyKey) + + aggShares := make([]AggShare, shares) + for i := range aggShares { + aggShares[i] = p.AggregationInit() + } + + for _, instance := range v.Prep { + nonce := prio3.Nonce(instance.Nonce) + randb := instance.Rand + meas := instance.Measurement + + pubShare, inputShares, err := p.Shard(meas, &nonce, randb) + test.CheckNoErr(t, err, "shard failed") + checkEqual(t, &pubShare, instance.PublicShare) + for i := range inputShares { + checkEqual(t, &inputShares[i], instance.InputShares[i]) + } + + var prepStates []*PrepState + var outboundPrepShares []PrepShare + for i := range shares { + state, share, errx := p.PrepInit( + &verifyKey, &nonce, i, pubShare, inputShares[i]) + test.CheckNoErr(t, errx, "prepare init failed") + + prepStates = append(prepStates, state) + outboundPrepShares = append(outboundPrepShares, *share) + } + + for i := range outboundPrepShares { + checkEqual(t, &outboundPrepShares[i], instance.PrepShares[0][i]) + } + + prepMsg, err := p.PrepSharesToPrep(outboundPrepShares) + test.CheckNoErr(t, err, "PrepSharesToPrep failed") + checkEqual(t, prepMsg, instance.PrepMessages[0]) + + for i := range shares { + outShare, err := p.PrepNext(prepStates[i], prepMsg) + test.CheckNoErr(t, err, "PrepNext failed") + checkEqual(t, outShare, slices.Concat(instance.OutShares[i]...)) + + p.AggregationUpdate(&aggShares[i], outShare) + } + } + + numMeas := uint(len(v.Prep)) + aggResult, err := p.Unshard(aggShares, numMeas) + test.CheckNoErr(t, err, "unshard failed") + + got := *aggResult + want := v.AggResult + if !isEqual(t, got, want) { + test.ReportError(t, got, want) + } +} diff --git a/vdaf/prio3/xof_test.go b/vdaf/prio3/xof_test.go new file mode 100644 index 00000000..992da0e6 --- /dev/null +++ b/vdaf/prio3/xof_test.go @@ -0,0 +1,95 @@ +package prio3 + +import ( + "bytes" + "encoding/binary" + "testing" + + "github.com/cloudflare/circl/internal/sha3" + "github.com/cloudflare/circl/internal/test" + "github.com/cloudflare/circl/vdaf/prio3/arith" + "github.com/cloudflare/circl/vdaf/prio3/arith/fp128" + "github.com/cloudflare/circl/vdaf/prio3/internal/prio3" +) + +type VecXof struct { + Binder Hex `json:"binder"` + DerivedSeed Hex `json:"derived_seed"` + Dst Hex `json:"dst"` + ExpVecField128 Hex `json:"expanded_vec_field128"` + Seed Hex `json:"seed"` + Length uint `json:"length"` +} + +func prepXof( + t *testing.T, seed *prio3.Seed, dst, binder []byte, +) (*sha3.State, error) { + context := dst[8:] + usage := binary.BigEndian.Uint16(dst[6:]) + + x, err := prio3.NewXof[fp128.Vec](0, context) + test.CheckNoErr(t, err, "NewXof failed") + copy(x.Header[2:], dst) + + err = x.Init(usage, seed) + if err != nil { + return nil, err + } + + err = x.SetBinderBytes(binder) + if err != nil { + return nil, err + } + + return &x.State, nil +} + +func TestXof(t *testing.T) { + v := readFile[VecXof](t, "testdata/XofTurboShake128.json") + + t.Run("DeriveSeed", func(t *testing.T) { + r, err := prepXof(t, (*prio3.Seed)(v.Seed), v.Dst, v.Binder) + test.CheckNoErr(t, err, "create xof failed") + + var got prio3.Seed + _, err = r.Read(got[:]) + test.CheckNoErr(t, err, "deriving seed failed") + + want := prio3.Seed(v.DerivedSeed) + if got != want { + test.ReportError(t, got, want) + } + }) + + t.Run("VecFp128/RandomSHA3", func(t *testing.T) { + r, err := prepXof(t, (*prio3.Seed)(v.Seed), v.Dst, v.Binder) + test.CheckNoErr(t, err, "create xof failed") + + a := arith.NewVec[fp128.Vec](v.Length) + err = a.RandomSHA3(r) + test.CheckNoErr(t, err, "random vector failed") + + got, err := a.MarshalBinary() + test.CheckNoErr(t, err, "MarshalBinary failed") + + want := v.ExpVecField128 + if !bytes.Equal(got, want) { + test.ReportError(t, got, want) + } + }) + + t.Run("VecFp128/RandomSHA3Bytes", func(t *testing.T) { + r, err := prepXof(t, (*prio3.Seed)(v.Seed), v.Dst, v.Binder) + test.CheckNoErr(t, err, "create xof failed") + + a := arith.NewVec[fp128.Vec](v.Length) + got := make([]byte, a.Size()) + err = a.RandomSHA3Bytes(got[:0], r) + test.CheckNoErr(t, err, "random vector failed") + + want := v.ExpVecField128 + if !bytes.Equal(got, want) { + test.ReportError(t, got, want) + } + }) +}