From 38eb348dcc2b3092b1790aed7b2f462ce87332b3 Mon Sep 17 00:00:00 2001 From: Christopher Patton Date: Mon, 6 Jan 2025 16:46:36 -0800 Subject: [PATCH] mastic: Add test vectors, fix remaining bugs (#1183) Add test vectors for Mastic and fix the bugs they encounter: * Add domain separation to the payload check hash. * Truncate the weights prior to aggregation. * Adjust the order of the binder parts in the eval proof computation. * vidpf: Align public share encoding with the draft. * vidpf: Adjust index encoding in node proof. * vidpf: Align a few variable names with the spec. The test vectors were generated after making some changes to the spec based on our implementation experience here: https://github.com/jimouris/draft-mouris-cfrg-mastic/pull/101 --- src/flp/szk.rs | 2 +- src/vdaf/mastic.rs | 439 ++++++++++++++++-- .../test_vec/mastic/04/MasticCount_0.json | 56 +++ .../test_vec/mastic/04/MasticCount_1.json | 56 +++ .../test_vec/mastic/04/MasticHistogram_0.json | 182 ++++++++ .../mastic/04/MasticMultihotCountVec_0.json | 142 ++++++ .../test_vec/mastic/04/MasticSumVec_0.json | 137 ++++++ src/vdaf/test_vec/mastic/04/MasticSum_0.json | 213 +++++++++ src/vdaf/test_vec/mastic/04/MasticSum_1.json | 213 +++++++++ src/vidpf.rs | 165 ++++--- 10 files changed, 1493 insertions(+), 112 deletions(-) create mode 100644 src/vdaf/test_vec/mastic/04/MasticCount_0.json create mode 100644 src/vdaf/test_vec/mastic/04/MasticCount_1.json create mode 100644 src/vdaf/test_vec/mastic/04/MasticHistogram_0.json create mode 100644 src/vdaf/test_vec/mastic/04/MasticMultihotCountVec_0.json create mode 100644 src/vdaf/test_vec/mastic/04/MasticSumVec_0.json create mode 100644 src/vdaf/test_vec/mastic/04/MasticSum_0.json create mode 100644 src/vdaf/test_vec/mastic/04/MasticSum_1.json diff --git a/src/flp/szk.rs b/src/flp/szk.rs index 9c49f5a5..f39204b0 100644 --- a/src/flp/szk.rs +++ b/src/flp/szk.rs @@ -202,7 +202,7 @@ impl ParameterizedDecode<(bool } /// A tuple containing the state and messages produced by an SZK query. -#[derive(Clone, Debug)] +#[derive(Clone, Debug, PartialEq)] pub struct SzkQueryShare { joint_rand_part_opt: Option>, pub(crate) flp_verifier: Vec, diff --git a/src/vdaf/mastic.rs b/src/vdaf/mastic.rs index 15924165..ebda6c57 100644 --- a/src/vdaf/mastic.rs +++ b/src/vdaf/mastic.rs @@ -56,6 +56,7 @@ pub(crate) const USAGE_NODE_PROOF: u8 = 8; pub(crate) const USAGE_EVAL_PROOF: u8 = 9; pub(crate) const USAGE_EXTEND: u8 = 10; pub(crate) const USAGE_CONVERT: u8 = 11; +pub(crate) const USAGE_PAYLOAD_CHECK: u8 = 12; pub(crate) fn dst_usage(usage: u8) -> [u8; 11] { [b'm', b'a', b's', b't', b'i', b'c', 0, 0, 0, 0, usage] @@ -157,10 +158,7 @@ where mastic: &Mastic, bytes: &mut Cursor<&[u8]>, ) -> Result { - MasticPublicShare::>::decode_with_param( - &(mastic.bits, mastic.vidpf.weight_parameter), - bytes, - ) + VidpfPublicShare::decode_with_param(&(mastic.bits, mastic.vidpf.weight_parameter), bytes) } } @@ -251,17 +249,11 @@ where P: Xof, { fn decode_with_param( - decoding_parameter: &(&Mastic, &MasticAggregationParam), + (mastic, agg_param): &(&Mastic, &MasticAggregationParam), bytes: &mut Cursor<&[u8]>, ) -> Result { - let (mastic, agg_param) = decoding_parameter; - let l = mastic - .vidpf - .weight_parameter - .checked_mul(agg_param.level_and_prefixes.prefixes().len()) - .ok_or_else(|| CodecError::Other("multiplication overflow".into()))?; - let result = decode_fieldvec(l, bytes)?; - Ok(AggregateShare(result)) + let len = (1 + mastic.szk.typ.output_len()) * agg_param.level_and_prefixes.prefixes().len(); + decode_fieldvec(len, bytes).map(AggregateShare) } } @@ -273,17 +265,11 @@ where P: Xof, { fn decode_with_param( - decoding_parameter: &(&Mastic, &MasticAggregationParam), + (mastic, agg_param): &(&Mastic, &MasticAggregationParam), bytes: &mut Cursor<&[u8]>, ) -> Result { - let (mastic, agg_param) = decoding_parameter; - let l = mastic - .vidpf - .weight_parameter - .checked_mul(agg_param.level_and_prefixes.prefixes().len()) - .ok_or_else(|| CodecError::Other("multiplication overflow".into()))?; - let result = decode_fieldvec(l, bytes)?; - Ok(OutputShare(result)) + let len = (1 + mastic.szk.typ.output_len()) * agg_param.level_and_prefixes.prefixes().len(); + decode_fieldvec(len, bytes).map(OutputShare) } } @@ -422,7 +408,7 @@ pub struct MasticPrepareState { /// Broadcast message from an aggregator preparing Mastic output shares. Includes the /// [`Vidpf`] evaluation proof covering every prefix in the aggregation parameter, and optionally /// the verification message for Szk. -#[derive(Clone, Debug)] +#[derive(Clone, Debug, PartialEq)] pub struct MasticPrepareShare { /// [`Vidpf`] evaluation proof, which guarantees one-hotness and payload consistency. eval_proof: Seed, @@ -560,14 +546,12 @@ where // Onehot and payload checks let (payload_check, onehot_proof) = { - let mut payload_check_xof = P::init(&[0; SEED_SIZE], &[]); + let mut payload_check_xof = + P::init(&[0; SEED_SIZE], &[&dst_usage(USAGE_PAYLOAD_CHECK), ctx]); let mut payload_check_buf = Vec::with_capacity(T::Field::ENCODED_SIZE); let mut onehot_proof = ONEHOT_PROOF_INIT; // Traverse the prefix tree breadth-first. - // - // TODO spec: Adjust the onehot and payload checks accordingly. For the onehot check, - // we need to make sure to always visit the left node before the right. let mut q = VecDeque::with_capacity(100); q.push_back(root.left.as_ref().unwrap()); q.push_back(root.right.as_ref().unwrap()); @@ -599,7 +583,6 @@ where } } - // TODO spec: Pre-hash the payload check. let payload_check = payload_check_xof.into_seed().0; (payload_check, onehot_proof) @@ -617,14 +600,21 @@ where }; let eval_proof = { - // TODO spec: Use a zero seed. let mut eval_proof_xof = P::init(&[0; SEED_SIZE], &[&dst_usage(USAGE_EVAL_PROOF), ctx]); eval_proof_xof.update(&onehot_proof); - eval_proof_xof.update(&payload_check); eval_proof_xof.update(&counter_check); + eval_proof_xof.update(&payload_check); eval_proof_xof.into_seed() }; + let mut truncated_out_shares = + Vec::with_capacity(self.szk.typ.output_len() * prefixes.len()); + for VidpfWeight(mut out_share) in out_shares.into_iter() { + let mut truncated_out_share = self.szk.typ.truncate(out_share.drain(1..).collect())?; + truncated_out_shares.append(&mut out_share); + truncated_out_shares.append(&mut truncated_out_share); + } + Ok(if agg_param.require_weight_check { // Range check. let VidpfWeight(beta_share) = @@ -646,7 +636,7 @@ where let verifier_len = szk_query_share.flp_verifier.len(); ( MasticPrepareState { - output_shares: MasticOutputShare::from(out_shares), + output_shares: MasticOutputShare::from(truncated_out_shares), szk_query_state, verifier_len: Some(verifier_len), }, @@ -658,7 +648,7 @@ where } else { ( MasticPrepareState { - output_shares: MasticOutputShare::from(out_shares), + output_shares: MasticOutputShare::from(truncated_out_shares), szk_query_state: None, verifier_len: None, }, @@ -728,13 +718,33 @@ where fn aggregate_init(&self, agg_param: &Self::AggregationParam) -> Self::AggregateShare { MasticAggregateShare::::from(vec![ T::Field::zero(); - self.vidpf.weight_parameter + (1 + self.szk.typ.output_len()) * agg_param .level_and_prefixes .prefixes() .len() ]) } + + fn aggregate>>( + &self, + agg_param: &MasticAggregationParam, + output_shares: M, + ) -> Result, VdafError> { + let mut agg_share = + MasticAggregateShare::::from(vec![ + T::Field::zero(); + (1 + self.szk.typ.output_len()) + * agg_param + .level_and_prefixes + .prefixes() + .len() + ]); + for output_share in output_shares.into_iter() { + agg_share.accumulate(&output_share)?; + } + Ok(agg_share) + } } impl Collector for Mastic @@ -753,7 +763,7 @@ where let AggregateShare(agg) = agg_shares.into_iter().try_fold( AggregateShare(vec![ T::Field::zero(); - num_prefixes * self.vidpf.weight_parameter + num_prefixes * (1 + self.szk.typ.output_len()) ]), |mut agg, agg_share| { agg.merge(&agg_share)?; @@ -762,8 +772,7 @@ where )?; let mut result = Vec::with_capacity(num_prefixes); - for agg_for_prefix in agg.chunks(self.vidpf.weight_parameter) { - let encoded_agg_result = agg_for_prefix[1..].to_vec(); + for agg_for_prefix in agg.chunks(1 + self.szk.typ.output_len()) { let num_measurements = agg_for_prefix[0]; let num_measurements = ::Integer::from(num_measurements); @@ -775,10 +784,12 @@ where "failed to convert num_measurements to usize: {e}" )) })?; - result.push(self.szk.typ.decode_result( - &self.szk.typ.truncate(encoded_agg_result)?, - num_measurements, - )?); + let encoded_agg_result = &agg_for_prefix[1..]; + result.push( + self.szk + .typ + .decode_result(encoded_agg_result, num_measurements)?, + ); } Ok(result) @@ -1285,4 +1296,352 @@ mod tests { MasticPublicShare::get_decoded_with_param(&mastic, &encoded_public_share[..]).unwrap(); assert_eq!(public, decoded_public_share); } + + mod test_vec { + use serde::Deserialize; + use std::collections::HashMap; + + use super::*; + use crate::{ + flp::{ + types::{Histogram, MultihotCountVec}, + Type, + }, + idpf::IdpfInput, + }; + + #[derive(Debug, Deserialize)] + struct HexEncoded(#[serde(with = "hex")] Vec); + + fn check_test_vec( + algorithm_id: u32, + new_typ: impl Fn(&HashMap) -> T, + test_vec_str: &str, + ) where + T::Measurement: for<'a> Deserialize<'a>, + T::AggregateResult: for<'a> Deserialize<'a> + PartialEq, + { + #[derive(Debug, Deserialize)] + struct TestVector + where + T: Type, + T::Measurement: for<'a> Deserialize<'a>, + T::AggregateResult: for<'a> Deserialize<'a>, + { + agg_param: HexEncoded, + agg_result: Vec, + agg_shares: [HexEncoded; 2], + vidpf_bits: usize, + ctx: HexEncoded, + prep: Vec>, + #[serde(flatten)] + type_params: HashMap, + shares: usize, + verify_key: HexEncoded, + } + + #[derive(Debug, Deserialize)] + struct PrepTestVector { + input_shares: [HexEncoded; 2], + measurement: (Vec, M), + nonce: HexEncoded, + out_shares: [Vec; 2], + prep_messages: [HexEncoded; 1], + prep_shares: [[HexEncoded; 2]; 1], + public_share: HexEncoded, + rand: HexEncoded, + } + + let test_vec: TestVector = serde_json::from_str(test_vec_str).unwrap(); + + let mastic = Mastic::<_, XofTurboShake128, 32>::new( + algorithm_id, + new_typ(&test_vec.type_params), + test_vec.vidpf_bits, + ) + .unwrap(); + + let agg_param = MasticAggregationParam::get_decoded(&test_vec.agg_param.0).unwrap(); + + let verify_key = <[u8; 32]>::try_from(&test_vec.verify_key.0[..]).unwrap(); + + let HexEncoded(ctx) = &test_vec.ctx; + + let mut out_shares_0 = Vec::new(); + let mut out_shares_1 = Vec::new(); + for prep in &test_vec.prep { + let measurement = ( + IdpfInput::from_bools(&prep.measurement.0), + prep.measurement.1.clone(), + ); + let nonce = <[u8; NONCE_SIZE]>::try_from(&prep.nonce.0[..]).unwrap(); + let (vidpf_keys, szk_random, joint_random_opt) = { + let mut r = Cursor::new(prep.rand.0.as_ref()); + let vidpf_keys = [Seed::decode(&mut r).unwrap(), Seed::decode(&mut r).unwrap()]; + let szk_random = [Seed::decode(&mut r).unwrap(), Seed::decode(&mut r).unwrap()]; + + let joint_random_opt = mastic + .szk + .requires_joint_rand() + .then(|| Seed::decode(&mut r).unwrap()); + (vidpf_keys, szk_random, joint_random_opt) + }; + + // Sharding. + let (public_share, input_shares) = mastic + .shard_with_random( + ctx, + &measurement, + &nonce, + vidpf_keys, + szk_random, + joint_random_opt, + ) + .unwrap(); + { + let expected_public_share = + MasticPublicShare::get_decoded_with_param(&mastic, &prep.public_share.0) + .unwrap(); + assert_eq!(public_share, expected_public_share); + assert_eq!(public_share.get_encoded().unwrap(), prep.public_share.0); + + let expected_input_shares = prep + .input_shares + .iter() + .enumerate() + .map(|(agg_id, HexEncoded(bytes))| { + MasticInputShare::get_decoded_with_param(&(&mastic, agg_id), bytes) + .unwrap() + }) + .collect::>(); + assert_eq!(input_shares, expected_input_shares); + assert_eq!( + input_shares[0].get_encoded().unwrap(), + prep.input_shares[0].0 + ); + assert_eq!( + input_shares[1].get_encoded().unwrap(), + prep.input_shares[1].0 + ); + } + + // Preparation. + let (prep_state_0, prep_share_0) = mastic + .prepare_init( + &verify_key, + ctx, + 0, + &agg_param, + &nonce, + &public_share, + &input_shares[0], + ) + .unwrap(); + let (prep_state_1, prep_share_1) = mastic + .prepare_init( + &verify_key, + ctx, + 1, + &agg_param, + &nonce, + &public_share, + &input_shares[1], + ) + .unwrap(); + + { + let expected_prep_share_0 = MasticPrepareShare::get_decoded_with_param( + &prep_state_0, + &prep.prep_shares[0][0].0, + ) + .unwrap(); + assert_eq!(prep_share_0, expected_prep_share_0); + assert_eq!( + prep_share_0.get_encoded().unwrap(), + prep.prep_shares[0][0].0 + ); + + let expected_prep_share_1 = MasticPrepareShare::get_decoded_with_param( + &prep_state_1, + &prep.prep_shares[0][1].0, + ) + .unwrap(); + assert_eq!(prep_share_1, expected_prep_share_1); + assert_eq!( + prep_share_1.get_encoded().unwrap(), + prep.prep_shares[0][1].0 + ); + } + + let prep_msg = mastic + .prepare_shares_to_prepare_message( + ctx, + &agg_param, + [prep_share_0, prep_share_1], + ) + .unwrap(); + { + let expected_prep_msg = MasticPrepareMessage::get_decoded_with_param( + &prep_state_0, + &prep.prep_messages[0].0, + ) + .unwrap(); + assert_eq!(prep_msg, expected_prep_msg); + assert_eq!(prep_msg.get_encoded().unwrap(), prep.prep_messages[0].0); + } + + let PrepareTransition::Finish(out_share_0) = mastic + .prepare_next(ctx, prep_state_0, prep_msg.clone()) + .unwrap() + else { + panic!("unexpected transition"); + }; + let PrepareTransition::Finish(out_share_1) = + mastic.prepare_next(ctx, prep_state_1, prep_msg).unwrap() + else { + panic!("unexpected transition"); + }; + { + let expected_out_shares = prep + .out_shares + .iter() + .map(|out_share| { + MasticOutputShare::from( + out_share + .iter() + .map(|HexEncoded(bytes)| T::Field::get_decoded(bytes).unwrap()) + .collect::>(), + ) + }) + .collect::>(); + assert_eq!(out_share_0, expected_out_shares[0]); + assert_eq!(out_share_1, expected_out_shares[1]); + } + + out_shares_0.push(out_share_0); + out_shares_1.push(out_share_1); + } + + // Aggregation. + let agg_share_0 = mastic.aggregate(&agg_param, out_shares_0).unwrap(); + let agg_share_1 = mastic.aggregate(&agg_param, out_shares_1).unwrap(); + { + let expected_agg_shares = test_vec + .agg_shares + .iter() + .map(|HexEncoded(bytes)| { + MasticAggregateShare::get_decoded_with_param(&(&mastic, &agg_param), bytes) + .unwrap() + }) + .collect::>(); + assert_eq!(agg_share_0, expected_agg_shares[0]); + assert_eq!(agg_share_1, expected_agg_shares[1]); + } + + // Unsharding. + let agg_result = mastic + .unshard(&agg_param, [agg_share_0, agg_share_1], test_vec.prep.len()) + .unwrap(); + assert_eq!(agg_result, test_vec.agg_result); + + assert_eq!(test_vec.shares, 2); + } + + #[test] + fn count_0() { + check_test_vec( + 0xFFFF0001, + |_type_params| Count::::new(), + include_str!("test_vec/mastic/04/MasticCount_0.json"), + ); + } + + #[test] + fn count_1() { + check_test_vec( + 0xFFFF0001, + |_type_params| Count::::new(), + include_str!("test_vec/mastic/04/MasticCount_1.json"), + ); + } + + #[test] + fn sum_0() { + check_test_vec( + 0xFFFF0002, + |type_params| { + let max_measurement = type_params["max_measurement"].as_u64().unwrap(); + Sum::::new(max_measurement).unwrap() + }, + include_str!("test_vec/mastic/04/MasticSum_0.json"), + ); + } + + #[test] + fn sum_1() { + check_test_vec( + 0xFFFF0002, + |type_params| { + let max_measurement = type_params["max_measurement"].as_u64().unwrap(); + Sum::::new(max_measurement).unwrap() + }, + include_str!("test_vec/mastic/04/MasticSum_1.json"), + ); + } + + #[test] + fn sum_vec_0() { + check_test_vec( + 0xFFFF0003, + |type_params| { + let bits = type_params["bits"].as_u64().unwrap() as usize; + let length = type_params["length"].as_u64().unwrap() as usize; + let chunk_length = type_params["chunk_length"].as_u64().unwrap() as usize; + SumVec::>>::new( + bits, + length, + chunk_length, + ) + .unwrap() + }, + include_str!("test_vec/mastic/04/MasticSumVec_0.json"), + ); + } + + #[test] + fn histogram_0() { + check_test_vec( + 0xFFFF0004, + |type_params| { + let length = type_params["length"].as_u64().unwrap() as usize; + let chunk_length = type_params["chunk_length"].as_u64().unwrap() as usize; + Histogram::>>::new( + length, + chunk_length, + ) + .unwrap() + }, + include_str!("test_vec/mastic/04/MasticHistogram_0.json"), + ); + } + + #[test] + fn multihot_count_vec_0() { + check_test_vec( + 0xFFFF0005, + |type_params| { + let length = type_params["length"].as_u64().unwrap() as usize; + let max_weight = type_params["max_weight"].as_u64().unwrap() as usize; + let chunk_length = type_params["chunk_length"].as_u64().unwrap() as usize; + MultihotCountVec::>>::new( + length, + max_weight, + chunk_length, + ) + .unwrap() + }, + include_str!("test_vec/mastic/04/MasticMultihotCountVec_0.json"), + ); + } + } } diff --git a/src/vdaf/test_vec/mastic/04/MasticCount_0.json b/src/vdaf/test_vec/mastic/04/MasticCount_0.json new file mode 100644 index 00000000..6921ea8e --- /dev/null +++ b/src/vdaf/test_vec/mastic/04/MasticCount_0.json @@ -0,0 +1,56 @@ +{ + "agg_param": "000000000002008001", + "agg_result": [ + 0, + 1 + ], + "agg_shares": [ + "b7f9921c929a6d97e6dcde35a90237a34ad73fa33cefc5223b1354b6afbebcad", + "4a066de36c6592681b2321ca55fdc85cb828c05cc2103addc7ecab494f414352" + ], + "ctx": "736f6d65206170706c69636174696f6e", + "prep": [ + { + "input_shares": [ + "000102030405060708090a0b0c0d0e0f18e4527f6e16e586819caa63d4a3b11ca35ae9cba1bac0edd99ecf422a9233e9223000eb26fe45b8", + "101112131415161718191a1b1c1d1e1f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f" + ], + "measurement": [ + [ + true, + false + ], + true + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "b7f9921c929a6d97", + "e6dcde35a90237a3", + "4ad73fa33cefc522", + "3b1354b6afbebcad" + ], + [ + "4a066de36c659268", + "1b2321ca55fdc85c", + "b828c05cc2103add", + "c7ecab494f414352" + ] + ], + "prep_messages": [ + "" + ], + "prep_shares": [ + [ + "8fbf7bd1e6d11830692bd828041433ff60905d220dd23f1e4d9809e3b38276a5ccfbe6874465df6b13c091772d6cb8ff1dc268ab0e2591b0def6e33ffdb5a834", + "8fbf7bd1e6d11830692bd828041433ff60905d220dd23f1e4d9809e3b38276a535041978ba9a2094ff3ae157f12d9afe90008d6ef8ae35298a5adc89a5f1fffa" + ] + ], + "public_share": "0b40eac2eab18af3ac91184d5f466dc0fe1e9b00a994e6abffb9486a9d48a9623b3101fa6350e7a9831bfb7cf323506e335d928f520ed8fbfe0056b2dbdc41b30abc9bfeb20525cc0ce8771086a16c39a00aa20a65d67590d601d29a78e295828074afb0c0c610f3d0139e2c7e5f1762a72cc1bd0036307bce53dc15c49d419ac4", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f" + } + ], + "shares": 2, + "verify_key": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f", + "vidpf_bits": 2 +} diff --git a/src/vdaf/test_vec/mastic/04/MasticCount_1.json b/src/vdaf/test_vec/mastic/04/MasticCount_1.json new file mode 100644 index 00000000..b36fd695 --- /dev/null +++ b/src/vdaf/test_vec/mastic/04/MasticCount_1.json @@ -0,0 +1,56 @@ +{ + "agg_param": "000100000002004001", + "agg_result": [ + 0, + 0 + ], + "agg_shares": [ + "b747157958114cc62e1d497271c7270d8dc52279cde66d98155fe5f1b3762097", + "4ab8ea86a6eeb339d3e2b68d8d38d8f2743add8631199267eca01a0e4b89df68" + ], + "ctx": "736f6d65206170706c69636174696f6e", + "prep": [ + { + "input_shares": [ + "000102030405060708090a0b0c0d0e0f18e4527f6e16e586819caa63d4a3b11ca35ae9cba1bac0edd99ecf422a9233e9223000eb26fe45b8", + "101112131415161718191a1b1c1d1e1f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f" + ], + "measurement": [ + [ + true, + false + ], + true + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "b747157958114cc6", + "2e1d497271c7270d", + "8dc52279cde66d98", + "155fe5f1b3762097" + ], + [ + "4ab8ea86a6eeb339", + "d3e2b68d8d38d8f2", + "743add8631199267", + "eca01a0e4b89df68" + ] + ], + "prep_messages": [ + "" + ], + "prep_shares": [ + [ + "ac13211f48dcf0c9201df67ebc4979661b9a705d18ea377bf940d7c40895df80ccfbe6874465df6bcef64f43dd61f5661d79048f5c8f6e8e89270f2007e119ac", + "ac13211f48dcf0c9201df67ebc4979661b9a705d18ea377bf940d7c40895df8035041978ba9a2094c5edb5255d1187395e03bc1b36416ce932d8e39152ce8955" + ] + ], + "public_share": "0b40eac2eab18af3ac91184d5f466dc0fe1e9b00a994e6abffb9486a9d48a9623b3101fa6350e7a9831bfb7cf323506e335d928f520ed8fbfe0056b2dbdc41b30abc9bfeb20525cc0ce8771086a16c39a00aa20a65d67590d601d29a78e295828074afb0c0c610f3d0139e2c7e5f1762a72cc1bd0036307bce53dc15c49d419ac4", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f" + } + ], + "shares": 2, + "verify_key": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f", + "vidpf_bits": 2 +} diff --git a/src/vdaf/test_vec/mastic/04/MasticHistogram_0.json b/src/vdaf/test_vec/mastic/04/MasticHistogram_0.json new file mode 100644 index 00000000..7f77f931 --- /dev/null +++ b/src/vdaf/test_vec/mastic/04/MasticHistogram_0.json @@ -0,0 +1,182 @@ +{ + "agg_param": "000100000002004001", + "agg_result": [ + [ + 0, + 0, + 0, + 1 + ], + [ + 0, + 0, + 1, + 0 + ] + ], + "agg_shares": [ + "ab1c50b07a82e8740b6de7b72526a391220e88edfd85b4d621194410bd64c7cff6406f5b055ec5b7c908282cb836d447af43eee8d094f516ed6d619972dff19cf6a2d05fac19e06d96c2a17be84e839088374fa7a42ebaa035cbce842d1160dda40e01f0f310673d6d07ea8491058ac3c7b972088bcc17e036bee46055af4c513e37668f73b4dd64e2d0bb4060050afac4db2c15c86a679b58271187378cd75a", + "57e3af4f857d178bd8921848dad95c6edff17712027a4b29c2e6bbef429b38300bbf90a4faa13a481af7d7d347c92bb852bc11172f6b0ae9f6919e668d200e630c5d2fa053e61f924d3d5e8417b17c6f7ac8b0585bd1455fae34317bd2ee9f225df1fe0f0cef98c276f8157b6efa753c3a468df77433e81fad411b9faa50b3aec4c899708c4b229b012f44bf9ffaf5053d24d3ea379598648bd8ee78c87328a5" + ], + "chunk_length": 2, + "ctx": "736f6d65206170706c69636174696f6e", + "length": 4, + "prep": [ + { + "input_shares": [ + "000102030405060708090a0b0c0d0e0f17e4527f6f16e586809caa63d4a3b11ce77f155f4fd6f965eae9970c93ceb0f1b47610e26294d48cedd439b1d009292aa84677c59741edf744a9ebeaf13ea6a54e42774c74967c7062fc82c171ad3446b7a940866ca84ea18ce30397738b78d4f0dbc8d29b6283f1ae142a45b7535d673c9c61fd78e7e8139142546326a877edc37200858122fcd3858edddd92b6e4bd1072429a8d2135e05af4c2455246a14b1a42e6f353c630f001d709fcc145ab47606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f70b6ba6a7095a4af8d54c0e0e16d345ed923e68c626589488ab4390920ec2341", + "101112131415161718191a1b1c1d1e1f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f87e5e50e23e85a5fe50bdcc0b908f6b0a1a1099c49c5e6c9bc965215adeff296" + ], + "measurement": [ + [ + true, + false + ], + 1 + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "b847157958114cc6101d497272c7270d", + "41f91e1991b9333e8f87a10d64484c61", + "ff31ebc96df78d002724a8bc3705b448", + "24a003aa37e86fd228c2634a36c50473", + "57ec5d99b72ed656ab837615e6baab33", + "8dc52279cde66d98155fe5f1b3762097", + "00e16804881eff1023da897ff4824b77", + "9591bd1cbdd52983a1550aef8da45f22", + "fe3dd9950eef3bedf31a3699bf8d8a60", + "e22af0a9246c0ddf5d39e47b93332208" + ], + [ + "49b8ea86a7eeb339d3e2b68d8d38d8f2", + "c006e1e66e46ccc154785ef29bb7b39e", + "02ce1436920872ffbcdb5743c8fa4bb7", + "dd5ffc55c817902dbb3d9cb5c93afb8c", + "aa13a26648d129a9387c89ea194554cc", + "743add8632199267cea01a0e4c89df68", + "011f97fb77e100efc02576800b7db488", + "6c6e42e3422ad67c42aaf510725ba0dd", + "03c2266af110c412f0e4c9664072759f", + "1fd50f56db93f22086c61b846cccddf7" + ] + ], + "prep_messages": [ + "a2039299a848b33fd14b9d48635993986af272075a8e66101c22f6250a40fe88" + ], + "prep_shares": [ + [ + "badb8be5e28509757d7331affb9d323453ec5505ae56b525ad2c04b8d872269d87e5e50e23e85a5fe50bdcc0b908f6b0a1a1099c49c5e6c9bc965215adeff2960ce24cdf87197fe9882388ceed94c2e7125d831a3d8ff81b89a982fc341f64891552a935eebb4d55cbc5793ea9d24189c22972229024776188faf35f3f59596c42019350277327672d160354b7a527487b60df81a77c2b4e2914e78f21aa2baf", + "badb8be5e28509757d7331affb9d323453ec5505ae56b525ad2c04b8d872269d70b6ba6a7095a4af8d54c0e0e16d345ed923e68c626589488ab4390920ec2341f51db32078e680165bdc7731126b3d18b967249f3b307df8055076122ea7428085f18fcf635f613399edc22069702ada6bb14284dc36e343ed5ed1d475af1597f67fcb6f497664db45fa95346edef4460f8fed3c3fc256d81d48eb3d0f4e7d8e" + ] + ], + "public_share": "0b40eac2eab18af3ac91184d5f466dc0fe1e9b00a994e6abffb9486a9d48a9623b3001fa6351e7a9831bfb7cf323506e336a041d0b1eea4d694486884d91de700413c2257b5d446ba6a7236cbf8dc1246c46561fe9c6ce88757649ffeff995adfd7ae2c7a023c379f93ac0d6dd72c7d99b5d928f520fd8fbfee155b2dbdd41b30ad22234ba51abe53e2bac55027a1e925777f0e3cd6cac3cb7886346d56fff420adfff3984005c273473dd8d3686af3686db3b488ab613bea4a1dc3e9c923856d8bc9bfeb20525cc0ce8771086a16c39a00aa20a65d67590d601d29a78e295828074afb0c0c610f3d0139e2c7e5f1762a72cc1bd0036307bce53dc15c49d419ac4", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + }, + { + "input_shares": [ + "000102030405060708090a0b0c0d0e0f17e4527f6f16e586809caa63d4a3b11ce77f155f4fd6f965eae9970c93ceb0f1b47610e26294d48cedd439b1d009292aa84677c59741edf744a9ebeaf13ea6a5f1f281a27c355c1da1a795043173b8a97064f08a88f24f7f2ebd3ecf876dbccd4c2bf9987044143961c571e4980d1dfc3c9c61fd78e7e8139142546326a877ed20c2f52e79831c2747e3ca9ad3f0605a57b7929571d73302b91a880d3e645d52bff2b52d7fe49fa83326c25ce08bebb2606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7fbfc91c62236af16cd2a83f902500111705c359a9bfdd58faaf3d4022485e11dd", + "101112131415161718191a1b1c1d1e1f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f596be1556854daf1c28a12ba3ff4a85ff68b16b41da609657ddc266b137cafe9" + ], + "measurement": [ + [ + false, + true + ], + 2 + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "796a9d1b91384e57fd27cfa259af3d42", + "718a346a3666404cbb4851812c8e3db7", + "7c07c2c84bb39b5b43f2bf37c018907f", + "c651759f4cd64222d4d57e271e8df694", + "4f5b39637af5848b759f153301ca6b2e", + "31fd99cb39d14c36d533948a68bdad5f", + "f43c92bf096d47097f1edc818d8a3edc", + "aa348577f2b5246bf725ea1f720824c9", + "01761be1da2c7e34a6717ff95d6df3ac", + "574a49e41e7522bada812b814c540102" + ], + [ + "889562e46ec7b1a8e6d7305da650c2bd", + "9075cb95c999bfb328b7ae7ed371c248", + "85f83d37b44c64a4a00d40c83fe76f80", + "3bae8a60b329bddd0f2a81d8e172096b", + "b2a4c69c850a7b746e60eaccfe3594d1", + "d1026634c62eb3c90ecc6b75974252a0", + "0dc36d40f692b8f664e1237e7275c123", + "57cb7a880d4adb94ecd915e08df7db36", + "018ae41e25d381cb3d8e8006a2920c53", + "aab5b61be18add45097ed47eb3abfefd" + ] + ], + "prep_messages": [ + "a5e601484d107482d3b52a8a85d89b2cd878e8153f977de4670ac8b4cd73abfe" + ], + "prep_shares": [ + [ + "24e237dfc478f7784fd0c55144d6b88bdc52345fe469ed2283db11ef4e575da9596be1556854daf1c28a12ba3ff4a85ff68b16b41da609657ddc266b137cafe91f39aac5a6c7976f1714b8ab12c6c9e0591142d30a3a5aeae9dbe26b9ca05c2dea23b4aa38dd43551e12e229f8f667ea60c908053914d42f62ea28f86060928652d3bf96d4d55b2909f1fb4f3fe61c4d9c21ff3343b6c8e5b08b1aae5410101e", + "24e237dfc478f7784fd0c55144d6b88bdc52345fe469ed2283db11ef4e575da9bfc91c62236af16cd2a83f902500111705c359a9bfdd58faaf3d4022485e11dde2c6553a59386890cceb4754ed39361f751a2877034bd5fd6ab69ba41c948e55ca5dae0a9aa75ee4485e3a69009a68d96d8afae51e289aa7a86d9763a3fa666244139456627984df7757c3a65f97fe480f8fed3c3fc256d81d48eb3d0f4e7d8e" + ] + ], + "public_share": "0cfe948733e8abb0c8d8614ea90a159563bab5b3fb27db24b52744c7d7daf017e1a8930260961679081b2daf72f3195bb8ec7ecbbafb8b9fce046dfd466cf5b32e74e915792f57adab6e13c281af554d9b710479c1695940eb8441eb6070530e43b0ddca6e9358298707dd8cb25194fc52409894a45c20b02fbbf8d129b822799ffd8d9a76b09a19cb174512acb3dd097a05acadd1d1b4cfa141afcc3b7b9788dd98c0e67c7ee39c6278722daeb7776b052c56f8b928b8cca4e79d07834d0003accbd84d9b5607a7494f9995614aa3dd1cb065d58131a088e21ba6c87c4cc795ef1562ce16676335aa194125a674d8709b78e1b9382e44b462574de20b7305bfdd", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + }, + { + "input_shares": [ + "000102030405060708090a0b0c0d0e0f17e4527f6f16e586809caa63d4a3b11ce77f155f4fd6f965eae9970c93ceb0f1b47610e26294d48cedd439b1d009292aa84677c59741edf744a9ebeaf13ea6a50474bc1b96ee5b85c27b4e9b70bc454e07f93d812ac19406a6c185e4493d139c568584b2f37cfa7013fca1060261a4ea3c9c61fd78e7e8139142546326a877ed0d41bbb55fca1cbf250f120494a7d3b5c022459fcf08ef7a411641f87b940684b5982a14fcabb97081ef913a773864c4606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7fbfc91c62236af16cd2a83f902500111705c359a9bfdd58faaf3d4022485e11dd", + "101112131415161718191a1b1c1d1e1f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5fdd114721b24ba6d16fd08b695c6f506f0da608eea60ae71f53c14f9f8d4bf970" + ], + "measurement": [ + [ + false, + false + ], + 3 + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "7a6a9d1b91384e57fd27cfa259af3d42", + "718a346a3666404cbb4851812c8e3db7", + "7c07c2c84bb39b5b43f2bf37c018907f", + "c651759f4cd64222d4d57e271e8df694", + "505b39637af5848b759f153301ca6b2e", + "cb7492629d76ffd12e38550811dd91e6", + "b1f0052c62852023af0e84830ff8ff6f", + "89f32f74db40c9f18142f0515502c965", + "408371188a9823432c4406ae420a8cec", + "8b66f38684893702206c018a5704b450" + ], + [ + "889562e46ec7b1a8e6d7305da650c2bd", + "9075cb95c999bfb328b7ae7ed371c248", + "85f83d37b44c64a4a00d40c83fe76f80", + "3bae8a60b329bddd0f2a81d8e172096b", + "b2a4c69c850a7b746e60eaccfe3594d1", + "368b6d9d6289002eb5c7aaf7ee226e19", + "500ffad39d7adfdc34f17b7cf0070090", + "780cd08b24bf360e62bd0faeaafd369a", + "c17c8ee77567dcbcb7bbf951bdf57313", + "76990c797b76c8fdc393fe75a8fb4baf" + ] + ], + "prep_messages": [ + "2f9a1a0b3c2eee55e5f9b61a7fb99a5405939d5340f030ba589dceba4b62e3fc" + ], + "prep_shares": [ + [ + "14fd7bfa087d451cf3b5df70cba717db3edf07cc82f1659d57522ee10d4ba780dd114721b24ba6d16fd08b695c6f506f0da608eea60ae71f53c14f9f8d4bf9701f39aac5a6c7976f1714b8ab12c6c9e0b8094d0edea07625dcaa2ecd4d78e766d0e58afab77350a41b5502f611a9038a9c40b5a080b2b5f3fe84892f92401ef96c11e946553f4fda0baedb83253481ad70236b40ae1c482675fade4549ecbce4", + "14fd7bfa087d451cf3b5df70cba717db3edf07cc82f1659d57522ee10d4ba780bfc91c62236af16cd2a83f902500111705c359a9bfdd58faaf3d4022485e11dde2c6553a59386890cceb4754ed39361f13bb5aab9a1effeeb24eca41154ebfa2ca5dae0a9aa75ee4485e3a69009a68d96fca5d62f089e52c756c4e0c1b375b6244139456627984df7757c3a65f97fe480f8fed3c3fc256d81d48eb3d0f4e7d8e" + ] + ], + "public_share": "00fe948733e8abb0c8d8614ea90a1595630a50514ca8f19ef156afb335dcb1ee26a8930260961679081b2daf72f3195bb8ec7ecbbafb8b9fce046dfd466cf5b32e74e915792f57adab6e13c281af554d9b700479c1695940eb8441eb6070530e43b1ddca6e9358298707dd8cb25194fc52da0f8d3bc0c562cb30fd92a760425d26ba410ee308b3f2e44735baad354bcb0de46a58ceba3f7428cccbd26d5e912d7ad8cd3cb42d4f4271fe44b4629c1404456072a25c8ecce1ec2c88dd8b58b0b5facbd84d9b5607a7494f9995614aa3dd1cb065d58131a088e21ba6c87c4cc795ef22c376bd8f303ec420aad19361730e832916aac966b7345e93c94482a0e96e9a", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + } + ], + "shares": 2, + "verify_key": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f", + "vidpf_bits": 2 +} diff --git a/src/vdaf/test_vec/mastic/04/MasticMultihotCountVec_0.json b/src/vdaf/test_vec/mastic/04/MasticMultihotCountVec_0.json new file mode 100644 index 00000000..362a5e49 --- /dev/null +++ b/src/vdaf/test_vec/mastic/04/MasticMultihotCountVec_0.json @@ -0,0 +1,142 @@ +{ + "agg_param": "000100000002004001", + "agg_result": [ + [ + 0, + 0, + 0, + 0 + ], + [ + 0, + 1, + 1, + 0 + ] + ], + "agg_shares": [ + "31b2b294e9499a1d0e451815cc76654fb1835383c71f748a66d0f28e90d689187b39ad92b9aa295c6a1668f4f71d44c8eaf1784984beb2f41898e2715452fb07a64797fc31245be220238c48e7841762bec2bc4407b8baceea92797c1c34cef6f31dfbc3918b461abef86501820d8a533fc64294af8b4eee987bf40e00ad83ebfeb3f476e91bba21b68cb5921dfb7d0d3975398e43e12f9938bb0ffddf87230a", + "d04d4d6b16b665e2d5bae7ea33899ab0507cac7c38e08b757d2f0d716f2976e786c6526d4655d6a379e9970b08e2bb37170e87b67b414d0bcb671d8eabad04f85bb86803cedba41dc3dc73b7187be89d443d43bbf8474531f96c8683e3cb31090ee2043c6e74b9e525079afe7df275acc339bd6b5074b1114b840bf1ff527c14044c0b8916e445de2d734a6de20482f2c88ac671bc1ed066ab44f0022078dcf5" + ], + "chunk_length": 2, + "ctx": "736f6d65206170706c69636174696f6e", + "length": 4, + "max_weight": 2, + "prep": [ + { + "input_shares": [ + "000102030405060708090a0b0c0d0e0f17e4527f6f16e586809caa63d4a3b11ce77f155f4fd6f965eae9970c93ceb0f1b47610e26294d48cedd439b1d009292aa84677c59741edf744a9ebeaf13ea6a5ba635f4e3a7cad9fc7e35af69d6bf5da60f23a20c43fe6831bcd10549f781613ab116dc0b9ac6e9235c106512e7beabd3c9c61fd78e7e8139142546326a877ed57511883bb3ccba420a705a966f8232966294800368a9dfde70ab6882659030d600c4206367c454f5f2a2df04a1e1ef1606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f446b6b3aa3d29295d7b843d198e85b6f1c0f5783ddbfeb02fa431c16996f0d2f", + "101112131415161718191a1b1c1d1e1f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5fb2ae35ff79209b48d31e08a8100c9750e7b5512216ab529e5cea6f5bce6edfac" + ], + "measurement": [ + [ + true, + false + ], + [ + false, + true, + true, + false + ] + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "b847157958114cc6101d497272c7270d", + "41f91e1991b9333e8f87a10d64484c61", + "ff31ebc96df78d002724a8bc3705b448", + "25a003aa37e86fd228c2634a36c50473", + "57ec5d99b72ed656ab837615e6baab33", + "8dc52279cde66d98155fe5f1b3762097", + "00e16804881eff1023da897ff4824b77", + "9591bd1cbdd52983a1550aef8da45f22", + "fe3dd9950eef3bedf31a3699bf8d8a60", + "e22af0a9246c0ddf5d39e47b93332208" + ], + [ + "49b8ea86a7eeb339d3e2b68d8d38d8f2", + "c006e1e66e46ccc154785ef29bb7b39e", + "02ce1436920872ffbcdb5743c8fa4bb7", + "dc5ffc55c817902dbb3d9cb5c93afb8c", + "aa13a26648d129a9387c89ea194554cc", + "743add8632199267cea01a0e4c89df68", + "011f97fb77e100efc02576800b7db488", + "6c6e42e3422ad67c42aaf510725ba0dd", + "03c2266af110c412f0e4c9664072759f", + "1fd50f56db93f22086c61b846cccddf7" + ] + ], + "prep_messages": [ + "516ba1a0b55edf78ebac4c83f23cab2c111735f8171b6527b137808d53fef6e5" + ], + "prep_shares": [ + [ + "13cf720bd9ab5e3eadb0c5d035d03bf01761e0ca6eef8e5dc3d00e24e00c5efcb2ae35ff79209b48d31e08a8100c9750e7b5512216ab529e5cea6f5bce6edfacdca921daa80dbfee526adbeb7b0cd47fd8dda27f40571d39627ab23204e639b58424e40d28175c5d9f078050c984d537cda836e8dd4cf30975b5e6d74291c4ef0ca839b55d7d7252b220ee34d84545b00084e0e17ec231e4053fe84f588362c1", + "13cf720bd9ab5e3eadb0c5d035d03bf01761e0ca6eef8e5dc3d00e24e00c5efc446b6b3aa3d29295d7b843d198e85b6f1c0f5783ddbfeb02fa431c16996f0d2f2556de2557f240119195241484f32b80eead1f188a036fb683ac2321a522bf0f2f5d7ea7aa6d46dce3689c422f0cfb8b96ae640f1d0cdd0303f6754e0da1717a2dd9240b136c19f0a4efaa534d3ed7de0f8fed3c3fc256d81d48eb3d0f4e7d8e" + ] + ], + "public_share": "0b40eac2eab18af3ac91184d5f466dc0fe1e9b00a994e6abffb9486a9d48a9623b3001fa6351e7a9831bfb7cf323506e336a041d0b1eea4d694486884d91de700413c2257b5d446ba6a7236cbf8dc1246c45561fe9c6ce88757649ffeff995adfd7ae2c7a023c379f93ac0d6dd72c7d99b8881b4e882d9d2450385729a8ff445d281d56c1c00247aafde9ac1c9f00044d95d928f520fd8fbfee155b2dbdd41b30ad22234ba51abe53e2bac55027a1e925777f0e3cd6cac3cb7886346d56fff420ae0ff3984005c273473dd8d3686af3686db3b488ab613bea4a1dc3e9c923856d8a2557b44ec63f8bb599b0687322e48f500a85a50c5de3351bf724714be3da260bc9bfeb20525cc0ce8771086a16c39a00aa20a65d67590d601d29a78e295828074afb0c0c610f3d0139e2c7e5f1762a72cc1bd0036307bce53dc15c49d419ac4", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + }, + { + "input_shares": [ + "000102030405060708090a0b0c0d0e0f17e4527f6f16e586809caa63d4a3b11ce77f155f4fd6f965eae9970c93ceb0f1b47610e26294d48cedd439b1d009292aa84677c59741edf744a9ebeaf13ea6a5790371c15767ecbd2ce89d35772830973d1493115b77052027357ee6dde21791f5466ea7e73236ccf4ec8ea89244df323c9c61fd78e7e8139142546326a877ed98b106109e518c86bba2c2698d3be96c8a07f00e9f527e61c0a248f6e7ee018f15d7401f08f67d15bcfea498e654297c606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f959d4cc705237a4d1339e3ee028ba084bff6ca1f8be876d0c2048a6a032f807a", + "101112131415161718191a1b1c1d1e1f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f23bf3d58df45127beaf40f398bcd8d3a1a4693cf75ed75bf169786e6f5c81208" + ], + "measurement": [ + [ + false, + true + ], + [ + false, + true, + true, + false + ] + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "796a9d1b91384e57fd27cfa259af3d42", + "718a346a3666404cbb4851812c8e3db7", + "7c07c2c84bb39b5b43f2bf37c018907f", + "c651759f4cd64222d4d57e271e8df694", + "4f5b39637af5848b759f153301ca6b2e", + "31fd99cb39d14c36d533948a68bdad5f", + "f43c92bf096d47097f1edc818d8a3edc", + "aa348577f2b5246bf725ea1f720824c9", + "01761be1da2c7e34a6717ff95d6df3ac", + "574a49e41e7522bada812b814c540102" + ], + [ + "889562e46ec7b1a8e6d7305da650c2bd", + "9075cb95c999bfb328b7ae7ed371c248", + "85f83d37b44c64a4a00d40c83fe76f80", + "3bae8a60b329bddd0f2a81d8e172096b", + "b2a4c69c850a7b746e60eaccfe3594d1", + "d1026634c62eb3c90ecc6b75974252a0", + "0dc36d40f692b8f664e1237e7275c123", + "58cb7a880d4adb94ecd915e08df7db36", + "018ae41e25d381cb3d8e8006a2920c53", + "aab5b61be18add45097ed47eb3abfefd" + ] + ], + "prep_messages": [ + "ca1edb6dd0febb7df2cb91b4a09a991177dabc762601f5d0214d4c4403bc3fa1" + ], + "prep_shares": [ + [ + "d0341e09229512904f61397b7b2608e347270a516a97a4c9618c720ec91d0d5623bf3d58df45127beaf40f398bcd8d3a1a4693cf75ed75bf169786e6f5c812081973512a3b281f1f8199934cc618a55f160b058710c500e89b0c27adb4787f944266a240951ebb43569fab902740c154500c6d77c5ddaf217ba609447e9d9122f991ef48474b35882bd9561bed998a14fe2af892e7bee508e35ea50d8daefd04", + "d0341e09229512904f61397b7b2608e347270a516a97a4c9618c720ec91d0d56959d4cc705237a4d1339e3ee028ba084bff6ca1f8be876d0c2048a6a032f807ae88caed5c4d7e0e062666cb339e75aa09a190eb381ebcc98c633d153d3befca5711bc0743d66e7f52cd17002d1500f6f6996fa70287243c2384b527b37a4ca243fef6e77299e56ba4737426d38ea917a0f8fed3c3fc256d81d48eb3d0f4e7d8e" + ] + ], + "public_share": "0cfe948733e8abb0c8d8614ea90a159563bab5b3fb27db24b52744c7d7daf017e1a8930260961679081b2daf72f3195bb8ec7ecbbafb8b9fce046dfd466cf5b32e75e915792f57adab6e13c281af554d9b710479c1695940eb8441eb6070530e43b0ddca6e9358298707dd8cb25194fc5259ca16572f0bb65e542ca4556df987983269e57ccf4ade93043635921cdc5f15409894a45c20b02fbbf8d129b822799ffd8d9a76b09a19cb174512acb3dd097a04acadd1d1b4cfa141afcc3b7b9788dd98c0e67c7ee39c6278722daeb7776b052c56f8b928b8cca4e79d07834d0003acdc6a48bfd56c143b056697d659879970d3ab5938b7b3a69276e37203ce54c06ecbd84d9b5607a7494f9995614aa3dd1cb065d58131a088e21ba6c87c4cc795ef1562ce16676335aa194125a674d8709b78e1b9382e44b462574de20b7305bfdd", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + } + ], + "shares": 2, + "verify_key": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f", + "vidpf_bits": 2 +} diff --git a/src/vdaf/test_vec/mastic/04/MasticSumVec_0.json b/src/vdaf/test_vec/mastic/04/MasticSumVec_0.json new file mode 100644 index 00000000..0a00e8f5 --- /dev/null +++ b/src/vdaf/test_vec/mastic/04/MasticSumVec_0.json @@ -0,0 +1,137 @@ +{ + "agg_param": "000e00000001f0f001", + "agg_result": [ + [ + 0, + 1, + 1 + ] + ], + "agg_shares": [ + "0cb1ef756426b45bdb6e6b69e9b8c22e6b0a08c4727c62e83cd7642a8e0900715bcee1e02f3ec60f0553eb0c1bd44dd50359481ec72bafcbdc6b6f2e72b5da32", + "f74e108a9bd94ba40891949616473dd196f5f73b8d839d17a7289bd571f6ff8ea7311e1fd0c139f0deac14f3e42bb22affa6b7e138d45034079490d18d4a25cd" + ], + "bits": 1, + "chunk_length": 1, + "ctx": "736f6d65206170706c69636174696f6e", + "length": 3, + "prep": [ + { + "input_shares": [ + "000102030405060708090a0b0c0d0e0f17e4527f6f16e586809caa63d4a3b11ce77f155f4fd6f965eae9970c93ceb0f1a2fae1ea7971d7419679bf3cc6d8c8347be7c7ee8c16650ba80e985a85c0a3dd67b6299ee2ae1235df932fbf5c68485306b3011e166f778db5e31c113bae4be009f4aba5dfc8d02c298ef09339a835bb3552690e69592d99a9661b7bd205f9b05adf6e7754a2b76c2ea50d2689f3e0d7606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f2cf3638b71f4158c4c298ff47a26647d1ddd72cd8f6997b9852e84b17c5fd440", + "101112131415161718191a1b1c1d1e1f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5fa167557af229cbf23350e032b96f22c2bb25f04a61b90ea8d45a91364b81931d" + ], + "measurement": [ + [ + true, + true, + true, + true, + false, + false, + false, + false, + true, + true, + true, + true, + false, + false, + false, + false + ], + [ + 0, + 0, + 1 + ] + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "86d8f73a3213daad6db7b5b4745c6117", + "36050462393e3174906b3215c70480b8", + "2de770f0171fe38782a975860deaa66a", + "822c248fe395d765eeb53717b95a6d19" + ], + [ + "7c2708c5cdec255276484a4b8ba39ee8", + "cbfafb9dc6c1ce8b5394cdea38fb7f47", + "d4188f0fe8e01c7861568a79f2155995", + "80d3db701c6a289af549c8e846a592e6" + ] + ], + "prep_messages": [ + "c2c3b29caab586e426346a4fde075ccd9569e8a3b2c3e05461f12ce0b9618dd1" + ], + "prep_shares": [ + [ + "2ec7f8d9dc14f4a923edab9f963d24bdb851830b77d41adf190de6975411358ba167557af229cbf23350e032b96f22c2bb25f04a61b90ea8d45a91364b81931d8b49de80c97e24780d8502a686b2e935a31274af3e642d2daf4120ad7cffc56d5b4d65d7d1b89ad439991ff649bbdf3ba2a713bafc93f81159393349a8d8664f", + "2ec7f8d9dc14f4a923edab9f963d24bdb851830b77d41adf190de6975411358b2cf3638b71f4158c4c298ff47a26647d1ddd72cd8f6997b9852e84b17c5fd44076b6217f3681db87d67afd59794d16ca8fedd157dfc40ba50227bbdebfeb3975f7409453a5a3cc5e3cf84bb8ed0beae094603dfaa87b0589d440449e1a130728" + ] + ], + "public_share": "571a634140eac2eab18af3ac91184d5f466dc0fe7844c18adc9409938036d9d6ce63de0d50c8fbac0354e31bedf8d2e0c3a39facdc30ab517302a0b73db40f4884b086af16dbe922c88d7405c3c0916e91b2d7d0942666cd6d1db154763ac8825c849ce2d055e74992b7018f280bc5ff5c7aeb7e727acabf426e39a4b1ce7366b20c75460aac9db0500a7117ea94b98b0e2fcfa2ee809e2691ca6bd850aca21bc30b5218e08e1d53b36b56077189c76316bbbb5540f328ba4e920652570221658ce4efd404eeb85f28197a29c3df2c64b6a3912a060c505e165ca6dfc7802fa6d0fb1cd390c2a14cc3a8408a9b44bf361ff4fd91c88a4bcf01b54eff9bcb9e4a6452fe693001fa6351e7a9831bfb7cf323506e336a041d0b1eea4d694486884d91de700414c2257b5d446ba6a7236cbf8dc1246c45561fe9c6ce88757649ffeff995adfd2096d4c17cc70797e3bbfc59f4a52cd2080fd9b4dc5a2072ebd55a5da0e397fd168c6fd19f3555fed3054572b7bfc8b02b175ccec2cafd063f479095ba99a074958f64c921224423659930cb46579aa7d23663d99852ca42a0ddec57a1a1c1f10f9ad22751f3fe50f1aa16c74c751cf24c885662fcf6de7202d84b1321ffa15a0e9df42482969093b6841f4800c41f75e8529a618c9331299a4d8057785526ff549f0ee8b720c0ecf408ede86c03447ed1e4d53d7daa24a12a28fc7ff7bd98dcfaaee4abed4763beebd838042e25be1b757a84445092635a461425ea71a9abd11b32678e0db090fdf8f7d1e97479996c688272d0c4c2d91861d6713a6ce33d5d1b22f52ba4113b35e87b214a4e345aa5c0e62eef333c12a4d0f5ab1f26fb70685b848b86538ab88135159559d88650e7013ad419804bddf3eb70304949019ee199f26f22812c602bc1b4e4481e9f7389c48c16728919033a91d66db65559a53abe4a9008f373e940485bee8e30c94ad17595d8673f0482104b77bc58c11e7cd6fae92e58d61dfac32c15e6f20f2384ca8769927f33a0bb7cd9c042cb790b8f74baa280959859eee8a48f3eaa4ae6b6063a929e840eb50010e9cd9f92a3929eb487417047a19f6861aa3c66646d0521258937eb097917bf7b0fd8bba1f35bbd307dafde7f4ce187c7d520ef820e2c0e22ac9840df9ccc92c44882bfbafa257379db6bf1e2d069757ba601824887d0f40b4e06a70686ac8620eaaae60e14298e4ba38218737924b4f1764dfb77c6ea4212867993c191b5af09ca677bf23e8dc3c6cd14342e9d817f5b7dcdf47150acc565001ce37c60b628b365895431c02c6d2f232f6275be823a022f6f47c83243e3a88baed6a9f7db054f379c971062cf6a88b9769d9f45d1d72ba16585a890baeac8612150e92d41f45cf96e2dcd9b141300cdb58fcaabfa257da3a21d0ca8859a692d8ea8934b8d057b807c1a008c8e0b423f96164d8930f0eee3491ad1412190beadc519c9ab53c9095ed7a465827598537081326fdc0545429c7d02188c342f564471583e3fa2b3f1bbaf9f2d9ed66032fc33f6371e8b4dd5ddbd511aaee2037da6763d2315fa05563e134129bc9db36ae59424a9d6ec5206d5ffe395ea9c8cfe880867aaa0f939d0855817d9589600aeaf0333d56537359cbd59c49cc617bb9c5220d788c4f43295aafa238a6c4b1aae6818937cf207009a822c049e289b425393369d9d298f4b4ffaf58c2113d306f718b962ebaeb9e3ec087e77aa31906eb64858780fb5e6f87b8f2e8f00a05cca562137cdfa594546fc39550d329205c3c60b749d96e4a4822e6ec2967fb2ba74a5649163e0f0181c9d79919ab681132191cd2d3f4f76a885a6c587c2f4e9d3c22e29ee9fc421ffc2ca23e4deefd67f5bc5877fbfff4a7b0b63e38616ab262104c43568676c66b59037a4447f338559813b9c02cf07d15d0f25ad70c50eba751f3032fb94e079bcaf4f26cbea4db673d4d7a98b264a5888d85eeb93ad0f726bf731d052081c5b453c4e3c60b8ca9c7f5bfca222eaf871bd577aa56d0b363e71107e843045df67ec0c601ecbf90cff1d4b500d8348733c8e297a88ffc6ce7c296237a52c813f14975ac54214d7cf548be5a205acd882177ee7a616b7662f1792bf74e9cc4e9dd214cdc25e0aa8b9f8dfaee77ac31c25cb3296600f9b33deb6e4fd92b3c115dcf60df8301a84e98de938b6b16ab2fb191c301ccbdc6e1e18006826f44f15f1292f8916d686596777709f1d03ecdddf02dc8ed0d540a26e53f433807ffe15416dcdfb629da5809dfce7ab17e42820dc699b25ba834f857c945c679fc82c64f2b593b3c45ee55149bb714e8ba9923b97371a341700d9d0de7ce50c65acef00c2586e68c6075f0e5fb31b87df8b9e9fb0a6472a819ad08dbd5300279bdc6445fd3fe1b5ea748cfd2aed8ce19b6850325962ecd4cf1471ea63540a6aecc3d235d6e88ea47a477c9bcd338614db62289bd42df20e52582e0d5955d647e3c683cd11379eda1bc4a935b90903df343fcb5ba767076929b961101ed1324a76c1", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + }, + { + "input_shares": [ + "000102030405060708090a0b0c0d0e0f17e4527f6f16e586809caa63d4a3b11ce77f155f4fd6f965eae9970c93ceb0f1d045bb2018538007aea44e10844e2ab990e8976112285a99625d31cad6a20d1076e7f2aeb9d1ea779d54f82826e0329206b3011e166f778db5e31c113bae4be0dba8d26f41e72767116361c07b32d4361f51999be347380b0b18820b81238f7e4baea5667d7fdf2970e444bcbf7bf698606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f9a8870bb05261dc57b296454fd19048b55ea1cea2bec95e6c8ad966a6af56e1e", + "101112131415161718191a1b1c1d1e1f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f08cf7ead058c76fafc52057f44e817fceeace3db1adf3cf70dfacabadb373039" + ], + "measurement": [ + [ + true, + true, + true, + true, + false, + false, + false, + false, + true, + true, + true, + true, + false, + false, + false, + true + ], + [ + 0, + 1, + 0 + ] + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "86d8f73a3213daad6db7b5b4745c6117", + "36050462393e3174906b3215c70480b8", + "2ee770f0171fe38782a975860deaa66a", + "812c248fe395d765eeb53717b95a6d19" + ], + [ + "7c2708c5cdec255276484a4b8ba39ee8", + "cbfafb9dc6c1ce8b5394cdea38fb7f47", + "d4188f0fe8e01c7861568a79f2155995", + "80d3db701c6a289af549c8e846a592e6" + ] + ], + "prep_messages": [ + "f399e6c490265469ba3f1d47325ad3a7c868a13eaa84fa143dbe974f6ab84f82" + ], + "prep_shares": [ + [ + "ca5b4389086e0dd226c472477a199274f89a1ace2add61d251f8825613b5f7c108cf7ead058c76fafc52057f44e817fceeace3db1adf3cf70dfacabadb3730398b49de80c97e24780d8502a686b2e9358d76b2cacf641c605a457de7430081bfedff73c49d45d223ea125b4d230407f3021408dd9e8b849383e88ce3abb21ece", + "ca5b4389086e0dd226c472477a199274f89a1ace2add61d251f8825613b5f7c19a8870bb05261dc57b296454fd19048b55ea1cea2bec95e6c8ad966a6af56e1e76b6217f3681db87d67afd59794d16cacb6510ad0c351936e67128f0397e4b81d4db76790d8a5dc0bf04d5093b7a9b7294603dfaa87b0589d440449e1a130728" + ] + ], + "public_share": "571a638140eac2eab18af3ac91184d5f466dc0fe7844c18adc9409938036d9d6ce63de0d50c8fbac0354e31bedf8d2e0c3a39facdc30ab517302a0b73db40f4884b086af16dbe922c88d7405c3c0916e91b2d7d0942666cd6d1db154763ac8825c849ce2d055e74992b7018f280bc5ff5c7aeb7e727acabf426e39a4b1ce7366b20c75460aac9db0500a7117ea94b98b0e2fcfa2ee809e2691ca6bd850aca21bc30b5218e08e1d53b36b56077189c76316bbbb5540f328ba4e920652570221658ce4efd404eeb85f28197a29c3df2c64b6a3912a060c505e165ca6dfc7802fa6d0fb1cd390c2a14cc3a8408a9b44bf361ff4fd91e08f9aafb07824f81f78d380c6ddeee53001fa6351e7a9831bfb7cf323506e336a041d0b1eea4d694486884d91de700413c2257b5d446ba6a7236cbf8dc1246c46561fe9c6ce88757649ffeff995adfd2096d4c17cc70797e3bbfc59f4a52cd2080fd9b4dc5a2072ebd55a5da0e397fd158c6fd19f3555fed3054572b7bfc8b02c175ccec2cafd063f479095ba99a074958f64c921224423659930cb46579aa7d23663d99852ca42a0ddec57a1a1c1f1109ad22751f3fe50f1aa16c74c751cf24b885662fcf6de7202d84b1321ffa15a0e9df42482969093b6841f4800c41f75e8529a618c9331299a4d8057785526ff539f0ee8b720c0ecf408ede86c03447ed2e4d53d7daa24a12a28fc7ff7bd98dcfaaee4abed4763beebd838042e25be1b757a84445092635a461425ea71a9abd11c32678e0db090fdf8f7d1e97479996c678272d0c4c2d91861d6713a6ce33d5d1b22f52ba4113b35e87b214a4e345aa5c0e62eef333c12a4d0f5ab1f26fb70685c848b86538ab88135159559d88650e7003ad419804bddf3eb70304949019ee199f26f22812c602bc1b4e4481e9f7389c48c16728919033a91d66db65559a53abd4a9008f373e940485bee8e30c94ad17695d8673f0482104b77bc58c11e7cd6fae92e58d61dfac32c15e6f20f2384ca8769927f33a0bb7cd9c042cb790b8f74b9a280959859eee8a48f3eaa4ae6b6063b929e840eb50010e9cd9f92a3929eb487417047a19f6861aa3c66646d0521258937eb097917bf7b0fd8bba1f35bbd307cafde7f4ce187c7d520ef820e2c0e22ad9840df9ccc92c44882bfbafa257379db6bf1e2d069757ba601824887d0f40b4e06a70686ac8620eaaae60e14298e4ba48218737924b4f1764dfb77c6ea4212857993c191b5af09ca677bf23e8dc3c6cd14342e9d817f5b7dcdf47150acc565001ce37c60b628b365895431c02c6d2f242f6275be823a022f6f47c83243e3a88aaed6a9f7db054f379c971062cf6a88b9769d9f45d1d72ba16585a890baeac8612150e92d41f45cf96e2dcd9b141300ccb58fcaabfa257da3a21d0ca8859a692e8ea8934b8d057b807c1a008c8e0b423f96164d8930f0eee3491ad1412190beadc519c9ab53c9095ed7a465827598537181326fdc0545429c7d02188c342f564371583e3fa2b3f1bbaf9f2d9ed66032fc33f6371e8b4dd5ddbd511aaee2037da6763d2315fa05563e134129bc9db36ae69424a9d6ec5206d5ffe395ea9c8cfe870867aaa0f939d0855817d9589600aeaf0333d56537359cbd59c49cc617bb9c5220d788c4f43295aafa238a6c4b1aae6918937cf207009a822c049e289b425392369d9d298f4b4ffaf58c2113d306f7a7145c021f06eae81bcb53a3f57f0742c60db79a2fae58bb2bbaed4246a6f45d5b2507db16c741608295f1df64f32f2ad5a64bde8a5784ec54151d9aeb44eb66649163e0f0181c9d79919ab681132191cd2d3f4f76a885a6c587c2f4e9d3c22e29ee9fc421ffc2ca23e4deefd67f5bc5877fbfff4a7b0b63e38616ab262104c43568676c66b59037a4447f338559813b9c02cf07d15d0f25ad70c50eba751f3032fb94e079bcaf4f26cbea4db673d4d7a98b264a5888d85eeb93ad0f726bf731d052081c5b453c4e3c60b8ca9c7f5bfca222eaf871bd577aa56d0b363e71107e843045df67ec0c601ecbf90cff1d4b500d8348733c8e297a88ffc6ce7c296237a52c813f14975ac54214d7cf548be5a205acd882177ee7a616b7662f1792bf74e9cc4e9dd214cdc25e0aa8b9f8dfaee77ac31c25cb3296600f9b33deb6e4fd92b3c115dcf60df8301a84e98de938b6b16ab2fb191c301ccbdc6e1e18006826f44f15f1292f8916d686596777709f1d03ecdddf02dc8ed0d540a26e53f433807ffe15416dcdfb629da5809dfce7ab17e42820dc699b25ba834f857c945c679fc82c64f2b593b3c45ee55149bb714e8ba9923b97371a341700d9d0de7ce50c65acef00c2586e68c6075f0e5fb31b87df8b9e9fb0a6472a819ad08dbd5300279bdc6445fd3fe1b5ea748cfd2aed8ce19b6850325962ecd4cf1471ea63540a6aecc3d235d6e88ea47a477c9bcd338614db62289bd42df20e52582e0d5955d647e3c6b1ddb507fee92132d40e4b56ca91ce60f5b1f1ea799af34be30e39a6e55cf524", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + } + ], + "shares": 2, + "verify_key": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f", + "vidpf_bits": 16 +} diff --git a/src/vdaf/test_vec/mastic/04/MasticSum_0.json b/src/vdaf/test_vec/mastic/04/MasticSum_0.json new file mode 100644 index 00000000..e6e98e10 --- /dev/null +++ b/src/vdaf/test_vec/mastic/04/MasticSum_0.json @@ -0,0 +1,213 @@ +{ + "agg_param": "000000000002008001", + "agg_result": [ + 11, + 10 + ], + "agg_shares": [ + "7e05f0866763c2feaf7647dcb843b13072343f302facddadc78e462c0eabee95", + "85fa0f79979c3d015d89b82346bc4ecf92cbc0cfcf5322524471b9d3f054116a" + ], + "ctx": "736f6d65206170706c69636174696f6e", + "max_measurement": 7, + "prep": [ + { + "input_shares": [ + "000102030405060708090a0b0c0d0e0f18e4527f6e16e58651db64c0870fe979b88cd1dd90df1ac8444d045fea61a47fb263015247fcaf787e2b90be34a1df891ba55d525d6b98ad817e25b6d22c51cbfaed0c4dd0e5b61e59da5246272e484f5b8e30c9e57f6d7081e78d9cb5fb104598f3fdfed378ea4f8189eea85c8482e733fd446b5a3fec502ca45cb6163eaf44", + "101112131415161718191a1b1c1d1e1f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f" + ], + "measurement": [ + [ + true, + false + ], + 1 + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "b7f9921c929a6d97", + "49fd19775bb0b10c", + "4ad73fa33cefc522", + "c24f416f352296b7" + ], + [ + "4a066de36c659268", + "b802e688a34f4ef3", + "b828c05cc2103add", + "40b0be90c9dd6948" + ] + ], + "prep_messages": [ + "" + ], + "prep_shares": [ + [ + "8fbf7bd1e6d11830692bd828041433ff60905d220dd23f1e4d9809e3b38276a59017c1892291b3663b7b1b0a66c1d8149facf96acf610675", + "8fbf7bd1e6d11830692bd828041433ff60905d220dd23f1e4d9809e3b38276a571e83e76dc6e4c99e7492648cb46ef6f5189cfcee4d86679" + ] + ], + "public_share": "0b40eac2eab18af3ac91184d5f466dc0fe1e9b00a994e6abffb9486a9d48a9623b3101fa6350e7a9831bfb7cf323506e336b041d0b1dea4d694586884d91de700414c2257b5c446ba6a8236cbf8dc1246c45561fe9c6ce88755d928f520ed8fbfe0056b2dbdc41b30ad12234ba51abe53e48ac5502791e925778f0e3cd6bac3cb7896346d56fff420adfff3984005c2734bc9bfeb20525cc0ce8771086a16c39a00aa20a65d67590d601d29a78e295828074afb0c0c610f3d0139e2c7e5f1762a72cc1bd0036307bce53dc15c49d419ac4", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f" + }, + { + "input_shares": [ + "000102030405060708090a0b0c0d0e0f18e4527f6e16e5869309b0269f22661ef86cb9e8f89d2d77c5e2efd2cc32a8ccac607ebea9b37eba78281d339768aec3691e9990768a4e79b7b77b503c009f13faed0c4dd0e5b61e17ac07e00f1bcbaa1bae48be7dc15ac10152a228d22a0df89ef6809271c11b0e878c6134fabcb3ade583092d41203685f66a061cad6a61fc", + "101112131415161718191a1b1c1d1e1f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f" + ], + "measurement": [ + [ + false, + false + ], + 6 + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "2d8c9b18d8c93c1c", + "6ebf7c3b53194e05", + "4ad73fa33cefc522", + "c24f416f352296b7" + ], + [ + "d57364e72636c3e3", + "994083c4abe6b1fa", + "b728c05cc2103add", + "3fb0be90c9dd6948" + ] + ], + "prep_messages": [ + "" + ], + "prep_shares": [ + [ + "bbad07ad1fe6766323186683e700a0fe625bcb639575afa529a923f8611a16ce10159caaadecb8643e0e95fd4ab2fedc09f309ad19293222", + "bbad07ad1fe6766323186683e700a0fe625bcb639575afa529a923f8611a16cef1ea63555113479b9696b0cc1dc9653e5189cfcee4d86679" + ] + ], + "public_share": "00fe948733e8abb0c8d8614ea90a1595630a50514ca8f19ef156afb335dcb1ee26a793026096167908382daf72f2195bb8ee7ecbbafa8b9fce066dfd466cf5b32e74e915792e57adab8d13c281ae554d9b720479c1685940ebdb0f8d3bbfc562cb31fd92a760425d26bc410ee307b3f2e44935baad354bcb0de46a58ceba3f7428cdcbd26d5e912d7adacd3cb42c4f4271cbd84d9b5607a7494f9995614aa3dd1cb065d58131a088e21ba6c87c4cc795ef22c376bd8f303ec420aad19361730e832916aac966b7345e93c94482a0e96e9a", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f" + }, + { + "input_shares": [ + "000102030405060708090a0b0c0d0e0f18e4527f6e16e586d637fbacb535e3a25e57ce2fba480377b0e99d5af49f0f7af4914cb85e0f2d1dc059db344cc45c1e3c654233793b27ec5710d730e0f16265faed0c4dd0e5b61ed47dbc59f9074e26b5c33377bc1685c1154bf4a0abbda54a56c5b298bc656dab3e5ba33246610553123d608a3e6f5d125612ab3b09799daa", + "101112131415161718191a1b1c1d1e1f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f" + ], + "measurement": [ + [ + true, + true + ], + 7 + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "b7f9921c929a6d97", + "43fd19775bb0b10c", + "4ad73fa33cefc522", + "c24f416f352296b7" + ], + [ + "4a066de36c659268", + "be02e688a34f4ef3", + "b828c05cc2103add", + "46b0be90c9dd6948" + ] + ], + "prep_messages": [ + "" + ], + "prep_shares": [ + [ + "8fbf7bd1e6d11830692bd828041433ff60905d220dd23f1e4d9809e3b38276a59017c1892291b366ff3f21ca01047a43b341df26ef3d7319", + "8fbf7bd1e6d11830692bd828041433ff60905d220dd23f1e4d9809e3b38276a571e83e76dc6e4c995fc01ac893c1ac125189cfcee4d86679" + ] + ], + "public_share": "0740eac2eab18af3ac91184d5f466dc0fe7844c18adc9409938036d9d6ce63de0d3101fa6350e7a9831bfb7cf323506e336a041d0b1dea4d694486884d91de700414c2257b5c446ba6a7236cbf8dc1246c44561fe9c6ce88752096d4c17bc7079700bcfc59f3a52cd2060fd9b4dc5a207207d65a5d9fe397fd158c6fd19e3555fef0054572b6bfc8b02b175ccec2cafd06bc9bfeb20525cc0ce8771086a16c39a00aa20a65d67590d601d29a78e2958280aa0c1d4d8f1c113199e4b3ee9fb2a63bff1560c494e475989550af2b66d66f5e", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f" + }, + { + "input_shares": [ + "000102030405060708090a0b0c0d0e0f18e4527f6e16e5869309b0269f22661efcf6c6dbfe11ca180b9b382ceab1c112328ab83847beb71cfe5137ad3473e725c184438e6184c7e6714c81d41e059505faed0c4dd0e5b61e17ac07e00f1bcbaa16243bcb784dbe1fba9959cfb5abf3b118cd4618d4b6e2ab006347ba5db27a4b8d1d5f2f5626bd173bd60098cb656b0a", + "101112131415161718191a1b1c1d1e1f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f" + ], + "measurement": [ + [ + false, + true + ], + 5 + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "2d8c9b18d8c93c1c", + "6dbf7c3b53194e05", + "4ad73fa33cefc522", + "c24f416f352296b7" + ], + [ + "d57364e72636c3e3", + "994083c4abe6b1fa", + "b728c05cc2103add", + "3fb0be90c9dd6948" + ] + ], + "prep_messages": [ + "" + ], + "prep_shares": [ + [ + "bbad07ad1fe6766323186683e700a0fe625bcb639575afa529a923f8611a16ce10159caaadecb864cbb3d048bd2a9f103338413af8303c67", + "bbad07ad1fe6766323186683e700a0fe625bcb639575afa529a923f8611a16cef1ea63555113479b9696b0cc1dc9653e5189cfcee4d86679" + ] + ], + "public_share": "0cfe948733e8abb0c8d8614ea90a159563bab5b3fb27db24b52744c7d7daf017e1a793026096167908392daf72f2195bb8ed7ecbbafa8b9fce066dfd466cf5b32e75e915792e57adab8c13c281ae554d9b720479c1685940eb3f9894a45c20b02fd7f8d129b722799ffe8d9a76af9a19cb174512acb3dd097a04acadd1d0b4cfa15fafcc3b7a9788dd99c0e67c7de39c62cbd84d9b5607a7494f9995614aa3dd1cb065d58131a088e21ba6c87c4cc795ef1562ce16676335aa194125a674d8709b78e1b9382e44b462574de20b7305bfdd", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f" + }, + { + "input_shares": [ + "000102030405060708090a0b0c0d0e0f18e4527f6e16e58651db64c0870fe9799302c4daab7b7e36f594a30dd6da8a313b3ae7c79ae17626f701764498a6a627c33ea35472711f40dfe9274ad81f5bc1faed0c4dd0e5b61e59da5246272e484f7f183ecccbe30902d09feeedc9822a930f1d1889809323a207b30823fa7ebb498b63ff68453965bece385a22114ba54e", + "101112131415161718191a1b1c1d1e1f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f" + ], + "measurement": [ + [ + true, + true + ], + 2 + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "b7f9921c929a6d97", + "48fd19775bb0b10c", + "4ad73fa33cefc522", + "c24f416f352296b7" + ], + [ + "4a066de36c659268", + "b902e688a34f4ef3", + "b828c05cc2103add", + "41b0be90c9dd6948" + ] + ], + "prep_messages": [ + "" + ], + "prep_shares": [ + [ + "8fbf7bd1e6d11830692bd828041433ff60905d220dd23f1e4d9809e3b38276a59017c1892291b366c9205755d7397948db599905f6bedd7e", + "8fbf7bd1e6d11830692bd828041433ff60905d220dd23f1e4d9809e3b38276a571e83e76dc6e4c99cbfeaeb1e855ae085189cfcee4d86679" + ] + ], + "public_share": "0740eac2eab18af3ac91184d5f466dc0fe7844c18adc9409938036d9d6ce63de0d3101fa6350e7a9831cfb7cf323506e336a041d0b1dea4d694586884d91de700415c2257b5c446ba6a7236cbf8dc1246c45561fe9c6ce88752096d4c17bc7079701bcfc59f3a52cd2060fd9b4dc5a207208d65a5d9fe397fd168c6fd19e3555fef0054572b6bfc8b02c175ccec2cafd06bc9bfeb20525cc0ce8771086a16c39a00aa20a65d67590d601d29a78e2958280aa0c1d4d8f1c113199e4b3ee9fb2a63bff1560c494e475989550af2b66d66f5e", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f" + } + ], + "shares": 2, + "verify_key": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f", + "vidpf_bits": 2 +} diff --git a/src/vdaf/test_vec/mastic/04/MasticSum_1.json b/src/vdaf/test_vec/mastic/04/MasticSum_1.json new file mode 100644 index 00000000..b14e5bea --- /dev/null +++ b/src/vdaf/test_vec/mastic/04/MasticSum_1.json @@ -0,0 +1,213 @@ +{ + "agg_param": "000100000002004001", + "agg_result": [ + 2, + 3 + ], + "agg_shares": [ + "4ceded43588b07d866fd6ec5f858d2f426b8bd0ce369beb5cf337002982e9b28", + "b61212bca674f8279d02913a06a72d0bdd4742f31b96414a35cc8ffd66d164d7" + ], + "ctx": "736f6d65206170706c69636174696f6e", + "max_measurement": 3, + "prep": [ + { + "input_shares": [ + "000102030405060708090a0b0c0d0e0f18e4527f6e16e5869309b0269f22661ec501deeeb29b70d7e4a55f3f8e4b68d1328ab83847beb71cfe5137ad3473e725898f5aa1160e6ea52a5788e7e29e3bc4faed0c4dd0e5b61e17ac07e00f1bcbaa4e1924b8c3c31761e28e32bc10124df318cd4618d4b6e2ab006347ba5db27a4bc512481ca19c165983cbf98406ccc44b", + "101112131415161718191a1b1c1d1e1f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f" + ], + "measurement": [ + [ + true, + false + ], + 3 + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "b747157958114cc6", + "ae0f87a4953a8f89", + "8dc52279cde66d98", + "1521b7fac3b31eb9" + ], + [ + "4ab8ea86a6eeb339", + "53f0785b69c57076", + "743add8631199267", + "ecde48053b4ce146" + ] + ], + "prep_messages": [ + "" + ], + "prep_shares": [ + [ + "82d5d94c6fdbde274726db31c92f265769393517550963cfdc4d84154682f7c768a782e98b27c0129350252b073d80f3d84f0ee115c5abdd", + "82d5d94c6fdbde274726db31c92f265769393517550963cfdc4d84154682f7c799587d1673d83fed3244d2e9b46ed4da81954ef7d00ab191" + ] + ], + "public_share": "0b40eac2eab18af3ac91184d5f466dc0fe1e9b00a994e6abffb9486a9d48a9623b3101fa6350e7a9831bfb7cf323506e336a041d0b1dea4d694486884d91de700414c2257b5c446ba65d928f520ed8fbfe0056b2dbdc41b30ad22234ba51abe53e49ac5502791e925778f0e3cd6bac3cb7bc9bfeb20525cc0ce8771086a16c39a00aa20a65d67590d601d29a78e295828074afb0c0c610f3d0139e2c7e5f1762a72cc1bd0036307bce53dc15c49d419ac4", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f" + }, + { + "input_shares": [ + "000102030405060708090a0b0c0d0e0f18e4527f6e16e58651db64c0870fe979c7be7dcb4513d781d662ff1331b3ce83793243588390011678281d239768aed3ce7a45e4bf8851f46e4283228d191f1bfaed0c4dd0e5b61e59da5246272e484f4c5c84db304cb1b6efd192e76eaae640d124bcf897e498b2878c6144fabcb39d80275dd9f721330a3fe0fe495c51e1f4", + "101112131415161718191a1b1c1d1e1f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f" + ], + "measurement": [ + [ + false, + false + ], + 2 + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "7a6a9d1b91384e57", + "e13c3877c67bbeda", + "cc7492629c76ffd1", + "92196160d6e7d22c" + ], + [ + "889562e46dc7b1a8", + "22c3c78838844125", + "358b6d9d6289002e", + "6fe69e9f28182dd3" + ] + ], + "prep_messages": [ + "" + ], + "prep_shares": [ + [ + "d9d4f3c493f3306874baf72e3e40c25aadad84c0f43ce5e161afd757c5bb29645468b1303a0ce4c22ea1a70ab38e02f9b1e2368e5ac5ba27", + "d9d4f3c493f3306874baf72e3e40c25aadad84c0f43ce5e161afd757c5bb2964ad974ecfc4f31b3de89ce1b0ce39dbfb81954ef7d00ab191" + ] + ], + "public_share": "00fe948733e8abb0c8d8614ea90a1595630a50514ca8f19ef156afb335dcb1ee26a793026096167908382daf72f2195bb8ee7ecbbafa8b9fce056dfd466cf5b32e75e915792e57adabdb0f8d3bbfc562cb31fd92a760425d26bc410ee307b3f2e44835baad354bcb0de56a58ceba3f7428cbd84d9b5607a7494f9995614aa3dd1cb065d58131a088e21ba6c87c4cc795ef22c376bd8f303ec420aad19361730e832916aac966b7345e93c94482a0e96e9a", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f" + }, + { + "input_shares": [ + "000102030405060708090a0b0c0d0e0f18e4527f6e16e5860fad197a70fc6bb542a2cc76df3445e851464ecfcadc3cda7932434883a0012635fad1bc8055312f485e949f5ababf4ae925d2dd26438d71faed0c4dd0e5b61e9b089e8c3e41c513d1783530972a435075ee432cd48078ead124bc0898d498a2c9baacaa11d0304206440e1e5df0c4b3c4fcaf8ec227739e", + "101112131415161718191a1b1c1d1e1f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f" + ], + "measurement": [ + [ + true, + true + ], + 0 + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "2a6600784bd0d00b", + "1c373fbb0cab07db", + "6d83d499036ab7de", + "b09de6930364305e" + ], + [ + "d799ff87b32f2ff4", + "e5c8c044f254f824", + "947c2b66fb954821", + "5162196cfb9bcfa1" + ] + ], + "prep_messages": [ + "" + ], + "prep_shares": [ + [ + "e3e83fa4cc115ce5494bfee2046e41938ce3767171e97e6164d665a9d68f113c68a782e98b27c0121f3bf20ef0c4cd45faea5a725a799390", + "e3e83fa4cc115ce5494bfee2046e41938ce3767171e97e6164d665a9d68f113c99587d1673d83fed186f3822e55e393681954ef7d00ab191" + ] + ], + "public_share": "0740eac2eab18af3ac91184d5f466dc0fe7844c18adc9409938036d9d6ce63de0d3101fa6350e7a9831cfb7cf323506e336b041d0b1dea4d694586884d91de700415c2257b5c446ba62096d4c17bc7079701bcfc59f3a52cd2070fd9b4dc5a207208d65a5d9fe397fd168c6fd19e3555febc9bfeb20525cc0ce8771086a16c39a00aa20a65d67590d601d29a78e2958280aa0c1d4d8f1c113199e4b3ee9fb2a63bff1560c494e475989550af2b66d66f5e", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f" + }, + { + "input_shares": [ + "000102030405060708090a0b0c0d0e0f18e4527f6e16e58651db64c0870fe9794fe51caa3dcdde2d4e89aefa3875d627428aa83837beb71cac23fc462d606a810473a95cb03fdcfba43ae7a27dc8a91afaed0c4dd0e5b61e59da5246272e484fc335e5fc3992a90a77abe30067e8de9c08cd5618e4b6e2ab5391822064c5f7ef4a2ff960076ba80209e89ac96ba256f5", + "101112131415161718191a1b1c1d1e1f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f" + ], + "measurement": [ + [ + false, + true + ], + 1 + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "796a9d1b91384e57", + "df3c3877c67bbeda", + "31fd99cb39d14c36", + "bdadb8097c973c72" + ], + [ + "889562e46dc7b1a8", + "22c3c78838844125", + "d1026634c52eb3c9", + "455247f68268c38d" + ] + ], + "prep_messages": [ + "" + ], + "prep_shares": [ + [ + "174f80cdba2341b2df9c31d5d002bf511fe169ffddfb99b5bb74a9cf97913cbc5468b1303a0ce4c2ff63b7d93fcda259c865f02637d1c4e3", + "174f80cdba2341b2df9c31d5d002bf511fe169ffddfb99b5bb74a9cf97913cbcad974ecfc4f31b3de89ce1b0ce39dbfb81954ef7d00ab191" + ] + ], + "public_share": "0cfe948733e8abb0c8d8614ea90a159563bab5b3fb27db24b52744c7d7daf017e1a793026096167908392daf72f2195bb8ed7ecbbafa8b9fce066dfd466cf5b32e74e915792e57adab3f9894a45c20b02fd7f8d129b722799ffe8d9a76af9a19cb174512acb3dd097a05acadd1d0b4cfa1cbd84d9b5607a7494f9995614aa3dd1cb065d58131a088e21ba6c87c4cc795ef1562ce16676335aa194125a674d8709b78e1b9382e44b462574de20b7305bfdd", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f" + }, + { + "input_shares": [ + "000102030405060708090a0b0c0d0e0f18e4527f6e16e58651db64c0870fe979c7be7dcb4513d781d662ff1331b3ce83793243588390011678281d239768aed3ce7a45e4bf8851f46e4283228d191f1bfaed0c4dd0e5b61e59da5246272e484f4c5c84db304cb1b6efd192e76eaae640d124bcf897e498b2878c6144fabcb39d80275dd9f721330a3fe0fe495c51e1f4", + "101112131415161718191a1b1c1d1e1f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f" + ], + "measurement": [ + [ + false, + true + ], + 2 + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "796a9d1b91384e57", + "df3c3877c67bbeda", + "31fd99cb39d14c36", + "bdadb8097c973c72" + ], + [ + "889562e46dc7b1a8", + "22c3c78838844125", + "d1026634c52eb3c9", + "465247f68268c38d" + ] + ], + "prep_messages": [ + "" + ], + "prep_shares": [ + [ + "2649c7c603aa044d91ae267bd78e949899aaad3f3853d2f30e6596cba63008a85468b1303a0ce4c22ea1a70ab38e02f9b1e2368e5ac5ba27", + "2649c7c603aa044d91ae267bd78e949899aaad3f3853d2f30e6596cba63008a8ad974ecfc4f31b3de89ce1b0ce39dbfb81954ef7d00ab191" + ] + ], + "public_share": "0cfe948733e8abb0c8d8614ea90a159563bab5b3fb27db24b52744c7d7daf017e1a793026096167908382daf72f2195bb8ee7ecbbafa8b9fce056dfd466cf5b32e75e915792e57adab3f9894a45c20b02fd8f8d129b722799ffd8d9a76af9a19cb184512acb3dd097a04acadd1d0b4cfa1cbd84d9b5607a7494f9995614aa3dd1cb065d58131a088e21ba6c87c4cc795ef1562ce16676335aa194125a674d8709b78e1b9382e44b462574de20b7305bfdd", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f" + } + ], + "shares": 2, + "verify_key": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f", + "vidpf_bits": 2 +} diff --git a/src/vidpf.rs b/src/vidpf.rs index 9693387f..3e52d35e 100644 --- a/src/vidpf.rs +++ b/src/vidpf.rs @@ -14,7 +14,6 @@ use core::{ ops::{Add, AddAssign, BitXor, BitXorAssign, Index, Sub}, }; -use bitvec::field::BitField; use bitvec::prelude::{BitVec, Lsb0}; use rand_core::RngCore; use std::fmt::Debug; @@ -286,17 +285,17 @@ impl Vidpf { let VidpfEvalResult { state: _, - share: mut weight_share_left, + share: weight_share_left, } = self.eval_next(ctx, cw, idx_left, &state, nonce); let VidpfEvalResult { state: _, - share: mut weight_share_right, + share: weight_share_right, } = self.eval_next(ctx, cw, idx_left.right_sibling(), &state, nonce); - weight_share_left.conditional_negate(Choice::from(id)); - weight_share_right.conditional_negate(Choice::from(id)); - Ok(weight_share_left + weight_share_right) + let mut beta_share = weight_share_left + weight_share_right; + beta_share.conditional_negate(Choice::from(id)); + Ok(beta_share) } fn extend(seed: VidpfSeed, ctx: &[u8], nonce: &[u8]) -> ExtendedSeed { @@ -327,17 +326,16 @@ impl Vidpf { } fn convert(&self, seed: VidpfSeed, ctx: &[u8], nonce: &[u8]) -> (VidpfSeed, W) { - let mut rng = XofFixedKeyAes128::seed_stream( + let mut seed_stream = XofFixedKeyAes128::seed_stream( &Seed(seed), &[&mastic::dst_usage(mastic::USAGE_CONVERT), ctx], &[nonce], ); - let mut out_seed = VidpfSeed::default(); - rng.fill_bytes(&mut out_seed); - let value = ::generate(&mut rng, &self.weight_parameter); - - (out_seed, value) + let mut next_seed = VidpfSeed::default(); + seed_stream.fill_bytes(&mut next_seed); + let weight = W::generate(&mut seed_stream, &self.weight_parameter); + (next_seed, weight) } fn index_iter<'a>( @@ -387,8 +385,8 @@ impl Vidpf> { nonce: &[u8], prefixes: &[VidpfInput], prefix_tree: &mut BinaryTree>>, - ) -> Result, VidpfError> { - let mut out_shares = Vec::with_capacity(self.weight_parameter * prefixes.len()); + ) -> Result>, VidpfError> { + let mut out_shares = Vec::with_capacity(prefixes.len()); for prefix in prefixes { if prefix.len() > public.cw.len() { @@ -429,13 +427,11 @@ impl Vidpf> { }; } - out_shares.extend_from_slice(&sub_tree.value.share.0); + out_shares.push(sub_tree.value.share.clone()); } - if id == VidpfServerId::S1 { - for o in out_shares.iter_mut() { - *o = -*o; - } + for out_share in out_shares.iter_mut() { + out_share.conditional_negate(Choice::from(id)); } Ok(out_shares) } @@ -503,48 +499,40 @@ pub struct VidpfPublicShare { impl Encode for VidpfPublicShare { fn encode(&self, bytes: &mut Vec) -> Result<(), CodecError> { - // Control bits need to be written within each byte in LSB-to-MSB order, and assigned into - // bytes in big-endian order. Thus, the first four levels will have their control bits - // encoded in the last byte, and the last levels will have their control bits encoded in the - // first byte. + // Control bits let mut control_bits: BitVec = BitVec::with_capacity(self.cw.len() * 2); - for correction_words in self.cw.iter() { - control_bits.extend( - [ - bool::from(correction_words.ctrl_left), - bool::from(correction_words.ctrl_right), - ] - .iter(), - ); + for cw in self.cw.iter() { + control_bits.push(bool::from(cw.ctrl_left)); + control_bits.push(bool::from(cw.ctrl_right)); } control_bits.set_uninitialized(false); let mut packed_control = control_bits.into_vec(); bytes.append(&mut packed_control); - for VidpfCorrectionWord { - seed, - ctrl_left: _, - ctrl_right: _, - weight, - proof, - } in self.cw.iter() - { - bytes.extend_from_slice(seed); - weight.encode(bytes)?; - bytes.extend_from_slice(proof); + // Seeds + for cw in self.cw.iter() { + bytes.extend_from_slice(&cw.seed); + } + + // Weights + for cw in self.cw.iter() { + cw.weight.encode(bytes)?; + } + + // Node proofs + for cw in self.cw.iter() { + bytes.extend_from_slice(&cw.proof); } Ok(()) } fn encoded_len(&self) -> Option { - let control_bits_count = (self.cw.len()) * 2; - let mut len = 0; - len += (control_bits_count + 7) / 8; // control bits - let cw_encoded_len = VIDPF_SEED_SIZE - + VIDPF_PROOF_SIZE - + self.cw.first().and_then(|cw| cw.weight.encoded_len())?; - len += self.cw.len() * cw_encoded_len; + let control_bits_count = self.cw.len() * 2; + let mut len = (control_bits_count + 7) / 8 + self.cw.len() * 48; + for cw in self.cw.iter() { + len += cw.weight.encoded_len()?; + } Some(len) } } @@ -555,26 +543,57 @@ impl ParameterizedDecode<(usize, W::ValueParameter)> for VidpfPub bytes: &mut Cursor<&[u8]>, ) -> Result { let packed_control_len = (bits + 3) / 4; - let mut packed = vec![0u8; packed_control_len]; - bytes.read_exact(&mut packed)?; - let unpacked_control_bits: BitVec = BitVec::from_vec(packed); - - let mut cw = Vec::with_capacity(*bits); - for chunk in unpacked_control_bits[0..(bits) * 2].chunks(2) { - let ctrl_left = (chunk[0] as u8).into(); - let ctrl_right = (chunk[1] as u8).into(); - let seed = Seed::decode(bytes)?.0; - let weight = W::decode_with_param(weight_parameter, bytes)?; - let mut proof = [0u8; VIDPF_PROOF_SIZE]; - bytes.read_exact(&mut proof)?; - cw.push(VidpfCorrectionWord { - seed, - ctrl_left, - ctrl_right, - weight, - proof, - }) + let mut packed_control_bits = vec![0u8; packed_control_len]; + bytes.read_exact(&mut packed_control_bits)?; + let unpacked_control_bits: BitVec = BitVec::from_vec(packed_control_bits); + + // Control bits + let mut control_bits = Vec::with_capacity(*bits); + for chunk in unpacked_control_bits[0..bits * 2].chunks(2) { + control_bits.push([(chunk[0] as u8).into(), (chunk[1] as u8).into()]); + } + + // Check that unused packed bits are zero. + if unpacked_control_bits[bits * 2..].any() { + return Err(CodecError::UnexpectedValue); } + + // Seeds + let seeds = std::iter::repeat_with(|| Seed::decode(bytes).map(|seed| seed.0)) + .take(*bits) + .collect::, _>>()?; + + // Weights + let weights = std::iter::repeat_with(|| W::decode_with_param(weight_parameter, bytes)) + .take(*bits) + .collect::, _>>()?; + + let proofs = std::iter::repeat_with(|| { + let mut proof = [0; VIDPF_PROOF_SIZE]; + bytes.read_exact(&mut proof)?; + Ok::<_, CodecError>(proof) + }) + .take(*bits) + .collect::, _>>()?; + + let cw = seeds + .into_iter() + .zip( + control_bits + .into_iter() + .zip(weights.into_iter().zip(proofs)), + ) + .map( + |(seed, ([ctrl_left, ctrl_right], (weight, proof)))| VidpfCorrectionWord { + seed, + ctrl_left, + ctrl_right, + weight, + proof, + }, + ) + .collect::>(); + Ok(Self { cw }) } } @@ -806,14 +825,18 @@ impl VidpfEvalIndex<'_> { .input .index(..=usize::from(self.level)) .chunks(8) - .map(BitField::load_le::) .enumerate() - .map(|(byte_index, mut byte)| { + .map(|(byte_index, chunk)| { + let mut byte = 0; + for (bit_index, bit) in chunk.iter().enumerate() { + byte |= u8::from(*bit) << (7 - bit_index); + } + // Typically `input[level] == bit` , but `bit` may be overwritten by either // `left_sibling()` or `right_sibling()`. Adjust its value accordingly. if byte_index == usize::from(self.level) / 8 { let bit_index = self.level % 8; - let m = 1 << bit_index; + let m = 1 << (7 - bit_index); byte = u8::conditional_select(&(byte & !m), &(byte | m), self.bit); } byte