From 46f0a6b1f7e9e59ee0df2011bd35fd4d9f7d67b3 Mon Sep 17 00:00:00 2001 From: David Cook Date: Mon, 2 Dec 2024 11:25:04 -0600 Subject: [PATCH 01/20] Fix clippy lints (#1148) --- src/field/field255.rs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/field/field255.rs b/src/field/field255.rs index 07306400b..65fb443e2 100644 --- a/src/field/field255.rs +++ b/src/field/field255.rs @@ -195,7 +195,7 @@ impl Neg for Field255 { } } -impl<'a> Neg for &'a Field255 { +impl Neg for &Field255 { type Output = Field255; fn neg(self) -> Field255 { @@ -216,7 +216,7 @@ impl From for Field255 { } } -impl<'a> TryFrom<&'a [u8]> for Field255 { +impl TryFrom<&[u8]> for Field255 { type Error = FieldError; fn try_from(bytes: &[u8]) -> Result { From 4f151e246b297ff9bcd289d6b904f18344205ecd Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 2 Dec 2024 19:49:59 +0000 Subject: [PATCH 02/20] build(deps): Bump serde from 1.0.214 to 1.0.215 (#1144) --- Cargo.lock | 8 ++++---- supply-chain/config.toml | 9 --------- supply-chain/imports.lock | 35 +++++++++++++++++++++++++++++++---- 3 files changed, 35 insertions(+), 17 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 9e599e8da..2fb40c08d 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -871,18 +871,18 @@ dependencies = [ [[package]] name = "serde" -version = "1.0.214" +version = "1.0.215" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f55c3193aca71c12ad7890f1785d2b73e1b9f63a0bbc353c08ef26fe03fc56b5" +checksum = "6513c1ad0b11a9376da888e3e0baa0077f1aed55c17f50e7b2397136129fb88f" dependencies = [ "serde_derive", ] [[package]] name = "serde_derive" -version = "1.0.214" +version = "1.0.215" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "de523f781f095e28fa605cdce0f8307e451cc0fd14e2eb4cd2e98a355b147766" +checksum = "ad1e866f866923f252f05c889987993144fb74e722403468a4ebd70c3cd756c0" dependencies = [ "proc-macro2", "quote", diff --git a/supply-chain/config.toml b/supply-chain/config.toml index bfc08a75a..10ff1741c 100644 --- a/supply-chain/config.toml +++ b/supply-chain/config.toml @@ -161,19 +161,10 @@ criteria = "safe-to-deploy" version = "0.8.5" criteria = "safe-to-deploy" -[[exemptions.rand_distr]] -version = "0.4.3" -criteria = "safe-to-run" - [[exemptions.safe_arch]] version = "0.7.0" criteria = "safe-to-run" -[[exemptions.sha2]] -version = "0.10.8" -criteria = "safe-to-deploy" -notes = "We do not use the new asm backend, either its feature or CPU architecture" - [[exemptions.simba]] version = "0.6.0" criteria = "safe-to-run" diff --git a/supply-chain/imports.lock b/supply-chain/imports.lock index ead58bc02..cf70d5ea4 100644 --- a/supply-chain/imports.lock +++ b/supply-chain/imports.lock @@ -107,15 +107,15 @@ user-login = "dtolnay" user-name = "David Tolnay" [[publisher.serde]] -version = "1.0.214" -when = "2024-10-28" +version = "1.0.215" +when = "2024-11-11" user-id = 3618 user-login = "dtolnay" user-name = "David Tolnay" [[publisher.serde_derive]] -version = "1.0.214" -when = "2024-10-28" +version = "1.0.215" +when = "2024-11-11" user-id = 3618 user-login = "dtolnay" user-name = "David Tolnay" @@ -626,6 +626,16 @@ criteria = "safe-to-deploy" delta = "0.6.3 -> 0.6.4" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" +[[audits.mozilla.audits.rand_distr]] +who = "Ben Dean-Kawamura " +criteria = "safe-to-deploy" +version = "0.4.3" +notes = """ +Simple crate that extends `rand`. It has little unsafe code and uses Miri to test it. +As far as I can tell, it does not have any file IO or network access. +""" +aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" + [[audits.mozilla.audits.rayon]] who = "Josh Stone " criteria = "safe-to-deploy" @@ -639,6 +649,23 @@ criteria = "safe-to-deploy" delta = "1.5.3 -> 1.6.1" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" +[[audits.mozilla.audits.sha2]] +who = "Mike Hommey " +criteria = "safe-to-deploy" +delta = "0.10.2 -> 0.10.6" +aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" + +[[audits.mozilla.audits.sha2]] +who = "Jeff Muizelaar " +criteria = "safe-to-deploy" +delta = "0.10.6 -> 0.10.8" +notes = """ +The bulk of this is https://github.com/RustCrypto/hashes/pull/490 which adds aarch64 support along with another PR adding longson. +I didn't check the implementation thoroughly but there wasn't anything obviously nefarious. 0.10.8 has been out for more than a year +which suggests no one else has found anything either. +""" +aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" + [[audits.mozilla.audits.subtle]] who = "Simon Friedberger " criteria = "safe-to-deploy" From db00be27a845d8f3c2f031c35dbf1c982804ad52 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 2 Dec 2024 20:17:20 +0000 Subject: [PATCH 03/20] build(deps): Bump serde_json from 1.0.132 to 1.0.133 (#1143) --- Cargo.lock | 4 ++-- supply-chain/imports.lock | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 2fb40c08d..2850a5d45 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -891,9 +891,9 @@ dependencies = [ [[package]] name = "serde_json" -version = "1.0.132" +version = "1.0.133" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d726bfaff4b320266d395898905d0eba0345aae23b54aee3a737e260fd46db03" +checksum = "c7fceb2473b9166b2294ef05efcb65a3db80803f0b03ef86a5fc88a2b85ee377" dependencies = [ "itoa", "memchr", diff --git a/supply-chain/imports.lock b/supply-chain/imports.lock index cf70d5ea4..36aaa0e2f 100644 --- a/supply-chain/imports.lock +++ b/supply-chain/imports.lock @@ -121,8 +121,8 @@ user-login = "dtolnay" user-name = "David Tolnay" [[publisher.serde_json]] -version = "1.0.132" -when = "2024-10-19" +version = "1.0.133" +when = "2024-11-17" user-id = 3618 user-login = "dtolnay" user-name = "David Tolnay" From 3c1aeb30c661d373566749a81589fc0a4045f89a Mon Sep 17 00:00:00 2001 From: Michael Rosenberg Date: Mon, 9 Dec 2024 16:09:40 +0100 Subject: [PATCH 04/20] Added `max_measurement` field to `Prio3Sum` type (#1150) --- benches/cycle_counts.rs | 3 +- benches/speed_tests.rs | 11 +- binaries/src/bin/vdaf_message_sizes.rs | 6 +- src/field.rs | 15 +++ src/field/field255.rs | 6 + src/flp/szk.rs | 12 +- src/flp/types.rs | 164 ++++++++++++++++++------- src/vdaf/mastic.rs | 14 ++- src/vdaf/prio3.rs | 58 ++++----- src/vdaf/prio3_test.rs | 5 +- 10 files changed, 203 insertions(+), 91 deletions(-) diff --git a/benches/cycle_counts.rs b/benches/cycle_counts.rs index 8b1b3c184..3e3ebdf57 100644 --- a/benches/cycle_counts.rs +++ b/benches/cycle_counts.rs @@ -126,7 +126,8 @@ fn prio3_client_histogram_10() -> Vec> { } fn prio3_client_sum_32() -> Vec> { - let prio3 = Prio3::new_sum(2, 16).unwrap(); + let bits = 16; + let prio3 = Prio3::new_sum(2, (1 << bits) - 1).unwrap(); let measurement = 1337; let nonce = [0; 16]; prio3 diff --git a/benches/speed_tests.rs b/benches/speed_tests.rs index 053cabb2e..94dd5d183 100644 --- a/benches/speed_tests.rs +++ b/benches/speed_tests.rs @@ -198,8 +198,10 @@ fn prio3(c: &mut Criterion) { let mut group = c.benchmark_group("prio3sum_shard"); for bits in [8, 32] { group.bench_with_input(BenchmarkId::from_parameter(bits), &bits, |b, bits| { - let vdaf = Prio3::new_sum(num_shares, *bits).unwrap(); - let measurement = (1 << bits) - 1; + // Doesn't matter for speed what we use for max measurement, or measurement + let max_measurement = (1 << bits) - 1; + let vdaf = Prio3::new_sum(num_shares, max_measurement).unwrap(); + let measurement = max_measurement; let nonce = black_box([0u8; 16]); b.iter(|| vdaf.shard(b"", &measurement, &nonce).unwrap()); }); @@ -209,8 +211,9 @@ fn prio3(c: &mut Criterion) { let mut group = c.benchmark_group("prio3sum_prepare_init"); for bits in [8, 32] { group.bench_with_input(BenchmarkId::from_parameter(bits), &bits, |b, bits| { - let vdaf = Prio3::new_sum(num_shares, *bits).unwrap(); - let measurement = (1 << bits) - 1; + let max_measurement = (1 << bits) - 1; + let vdaf = Prio3::new_sum(num_shares, max_measurement).unwrap(); + let measurement = max_measurement; let nonce = black_box([0u8; 16]); let verify_key = black_box([0u8; 16]); let (public_share, input_shares) = vdaf.shard(b"", &measurement, &nonce).unwrap(); diff --git a/binaries/src/bin/vdaf_message_sizes.rs b/binaries/src/bin/vdaf_message_sizes.rs index 998f15722..940be79a4 100644 --- a/binaries/src/bin/vdaf_message_sizes.rs +++ b/binaries/src/bin/vdaf_message_sizes.rs @@ -42,12 +42,12 @@ fn main() { ) ); - let bits = 32; - let prio3 = Prio3::new_sum(num_shares, bits).unwrap(); + let max_measurement = 0xffff_ffff; + let prio3 = Prio3::new_sum(num_shares, max_measurement).unwrap(); let measurement = 1337; println!( "prio3 sum ({} bits) share size = {}", - bits, + max_measurement.ilog2() + 1, vdaf_input_share_size::( prio3.shard(PRIO3_CTX_STR, &measurement, &nonce).unwrap() ) diff --git a/src/field.rs b/src/field.rs index 7b8460a4b..88bf40ff1 100644 --- a/src/field.rs +++ b/src/field.rs @@ -201,6 +201,9 @@ pub trait Integer: /// Returns one. fn one() -> Self; + + /// Returns ⌊log₂(self)⌋, or `None` if `self == 0` + fn checked_ilog2(&self) -> Option; } /// Extension trait for field elements that can be converted back and forth to an integer type. @@ -785,6 +788,10 @@ impl Integer for u32 { fn one() -> Self { 1 } + + fn checked_ilog2(&self) -> Option { + u32::checked_ilog2(*self) + } } impl Integer for u64 { @@ -798,6 +805,10 @@ impl Integer for u64 { fn one() -> Self { 1 } + + fn checked_ilog2(&self) -> Option { + u64::checked_ilog2(*self) + } } impl Integer for u128 { @@ -811,6 +822,10 @@ impl Integer for u128 { fn one() -> Self { 1 } + + fn checked_ilog2(&self) -> Option { + u128::checked_ilog2(*self) + } } make_field!( diff --git a/src/field/field255.rs b/src/field/field255.rs index 65fb443e2..8a3f74bda 100644 --- a/src/field/field255.rs +++ b/src/field/field255.rs @@ -388,6 +388,12 @@ mod tests { fn one() -> Self { Self::new(Vec::from([1])) } + + fn checked_ilog2(&self) -> Option { + // This is a test module, and this code is never used. If we need this in the future, + // use BigUint::bits() + unimplemented!() + } } impl TestFieldElementWithInteger for Field255 { diff --git a/src/flp/szk.rs b/src/flp/szk.rs index e25598d0f..4531d3bf9 100644 --- a/src/flp/szk.rs +++ b/src/flp/szk.rs @@ -794,8 +794,9 @@ mod tests { #[test] fn test_sum_proof_share_encode() { let mut nonce = [0u8; 16]; + let max_measurement = 13; thread_rng().fill(&mut nonce[..]); - let sum = Sum::::new(5).unwrap(); + let sum = Sum::::new(max_measurement).unwrap(); let encoded_measurement = sum.encode_measurement(&9).unwrap(); let algorithm_id = 5; let szk_typ = Szk::new_turboshake128(sum, algorithm_id); @@ -896,9 +897,10 @@ mod tests { #[test] fn test_sum_leader_proof_share_roundtrip() { + let max_measurement = 13; let mut nonce = [0u8; 16]; thread_rng().fill(&mut nonce[..]); - let sum = Sum::::new(5).unwrap(); + let sum = Sum::::new(max_measurement).unwrap(); let encoded_measurement = sum.encode_measurement(&9).unwrap(); let algorithm_id = 5; let szk_typ = Szk::new_turboshake128(sum, algorithm_id); @@ -936,9 +938,10 @@ mod tests { #[test] fn test_sum_helper_proof_share_roundtrip() { + let max_measurement = 13; let mut nonce = [0u8; 16]; thread_rng().fill(&mut nonce[..]); - let sum = Sum::::new(5).unwrap(); + let sum = Sum::::new(max_measurement).unwrap(); let encoded_measurement = sum.encode_measurement(&9).unwrap(); let algorithm_id = 5; let szk_typ = Szk::new_turboshake128(sum, algorithm_id); @@ -1138,7 +1141,8 @@ mod tests { #[test] fn test_sum() { - let sum = Sum::::new(5).unwrap(); + let max_measurement = 13; + let sum = Sum::::new(max_measurement).unwrap(); let five = Field128::from(5); let nine = sum.encode_measurement(&9).unwrap(); diff --git a/src/flp/types.rs b/src/flp/types.rs index 9403039ef..2431af986 100644 --- a/src/flp/types.rs +++ b/src/flp/types.rs @@ -2,7 +2,7 @@ //! A collection of [`Type`] implementations. -use crate::field::{FftFriendlyFieldElement, FieldElementWithIntegerExt}; +use crate::field::{FftFriendlyFieldElement, FieldElementWithIntegerExt, Integer}; use crate::flp::gadgets::{Mul, ParallelSumGadget, PolyEval}; use crate::flp::{FlpError, Gadget, Type}; use crate::polynomial::poly_range_check; @@ -113,37 +113,57 @@ impl Type for Count { } } -/// This sum type. Each measurement is a integer in `[0, 2^bits)` and the aggregate is the sum of -/// the measurements. +/// The sum type. Each measurement is a integer in `[0, max_measurement]` and the aggregate is the +/// sum of the measurements. /// /// The validity circuit is based on the SIMD circuit construction of [[BBCG+19], Theorem 5.3]. /// /// [BBCG+19]: https://ia.cr/2019/188 #[derive(Clone, PartialEq, Eq)] pub struct Sum { + max_measurement: F::Integer, + + // Computed from max_measurement + offset: F::Integer, bits: usize, - range_checker: Vec, + // Constant + bit_range_checker: Vec, } impl Debug for Sum { fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { - f.debug_struct("Sum").field("bits", &self.bits).finish() + f.debug_struct("Sum") + .field("max_measurement", &self.max_measurement) + .field("bits", &self.bits) + .finish() } } impl Sum { /// Return a new [`Sum`] type parameter. Each value of this type is an integer in range `[0, - /// 2^bits)`. - pub fn new(bits: usize) -> Result { - if !F::valid_integer_bitlength(bits) { - return Err(FlpError::Encode( - "invalid bits: number of bits exceeds maximum number of bits in this field" - .to_string(), + /// max_measurement]` where `max_measurement > 0`. Errors if `max_measurement == 0`. + pub fn new(max_measurement: F::Integer) -> Result { + if max_measurement == F::Integer::zero() { + return Err(FlpError::InvalidParameter( + "max measurement cannot be zero".to_string(), )); } + + // Number of bits needed to represent x is ⌊log₂(x)⌋ + 1 + let bits = max_measurement.checked_ilog2().unwrap() as usize + 1; + + // The offset we add to the summand for range-checking purposes + let one = F::Integer::try_from(1).unwrap(); + let offset = (one << bits) - one - max_measurement; + + // Construct a range checker to ensure encoded bits are in the range [0, 2) + let bit_range_checker = poly_range_check(0, 2); + Ok(Self { bits, - range_checker: poly_range_check(0, 2), + max_measurement, + offset, + bit_range_checker, }) } } @@ -154,8 +174,17 @@ impl Type for Sum { type Field = F; fn encode_measurement(&self, summand: &F::Integer) -> Result, FlpError> { - let v = F::encode_as_bitvector(*summand, self.bits)?.collect(); - Ok(v) + if summand > &self.max_measurement { + return Err(FlpError::Encode(format!( + "unexpected measurement: got {:?}; want ≤{:?}", + summand, self.max_measurement + ))); + } + + let enc_summand = F::encode_as_bitvector(*summand, self.bits)?; + let enc_summand_plus_offset = F::encode_as_bitvector(self.offset + *summand, self.bits)?; + + Ok(enc_summand.chain(enc_summand_plus_offset).collect()) } fn decode_result(&self, data: &[F], _num_measurements: usize) -> Result { @@ -164,8 +193,8 @@ impl Type for Sum { fn gadget(&self) -> Vec>> { vec![Box::new(PolyEval::new( - self.range_checker.clone(), - self.bits, + self.bit_range_checker.clone(), + 2 * self.bits, ))] } @@ -178,25 +207,38 @@ impl Type for Sum { g: &mut Vec>>, input: &[F], joint_rand: &[F], - _num_shares: usize, + num_shares: usize, ) -> Result, FlpError> { self.valid_call_check(input, joint_rand)?; let gadget = &mut g[0]; - input.iter().map(|&b| gadget.call(&[b])).collect() + let bit_checks = input + .iter() + .map(|&b| gadget.call(&[b])) + .collect::, _>>()?; + + let range_check = { + let offset = F::from(self.offset); + let shares_inv = F::from(F::valid_integer_try_from(num_shares)?).inv(); + let sum = F::decode_bitvector(&input[..self.bits])?; + let sum_plus_offset = F::decode_bitvector(&input[self.bits..])?; + offset * shares_inv + sum - sum_plus_offset + }; + + Ok([bit_checks.as_slice(), &[range_check]].concat()) } fn truncate(&self, input: Vec) -> Result, FlpError> { self.truncate_call_check(&input)?; - let res = F::decode_bitvector(&input)?; + let res = F::decode_bitvector(&input[..self.bits])?; Ok(vec![res]) } fn input_len(&self) -> usize { - self.bits + 2 * self.bits } fn proof_len(&self) -> usize { - 2 * ((1 + self.bits).next_power_of_two() - 1) + 2 + 2 * ((1 + 2 * self.bits).next_power_of_two() - 1) + 2 } fn verifier_len(&self) -> usize { @@ -212,7 +254,7 @@ impl Type for Sum { } fn eval_output_len(&self) -> usize { - self.bits + 2 * self.bits + 1 } fn prove_rand_len(&self) -> usize { @@ -220,8 +262,8 @@ impl Type for Sum { } } -/// The average type. Each measurement is an integer in `[0,2^bits)` for some `0 < bits < 64` and the -/// aggregate is the arithmetic average. +/// The average type. Each measurement is an integer in `[0, max_measurement]` and the aggregate is +/// the arithmetic average of the measurements. // This is just a `Sum` object under the hood. The only difference is that the aggregate result is // an f64, which we get by dividing by `num_measurements` #[derive(Clone, PartialEq, Eq)] @@ -232,6 +274,7 @@ pub struct Average { impl Debug for Average { fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { f.debug_struct("Average") + .field("max_measurement", &self.summer.max_measurement) .field("bits", &self.summer.bits) .finish() } @@ -239,9 +282,9 @@ impl Debug for Average { impl Average { /// Return a new [`Average`] type parameter. Each value of this type is an integer in range `[0, - /// 2^bits)`. - pub fn new(bits: usize) -> Result { - let summer = Sum::new(bits)?; + /// max_measurement]` where `max_measurement > 0`. Errors if `max_measurement == 0`. + pub fn new(max_measurement: F::Integer) -> Result { + let summer = Sum::new(max_measurement)?; Ok(Average { summer }) } } @@ -288,7 +331,7 @@ impl Type for Average { } fn input_len(&self) -> usize { - self.summer.bits + self.summer.input_len() } fn proof_len(&self) -> usize { @@ -592,20 +635,19 @@ where } // Convert bool vector to field elems - let multihot_vec: Vec = measurement + let multihot_vec = measurement .iter() // We can unwrap because any Integer type can cast from bool - .map(|bit| F::from(F::valid_integer_try_from(*bit as usize).unwrap())) - .collect(); + .map(|bit| F::from(F::valid_integer_try_from(*bit as usize).unwrap())); // Encode the measurement weight in binary (actually, the weight plus some offset) let offset_weight_bits = { let offset_weight_reported = F::valid_integer_try_from(self.offset + weight_reported)?; - F::encode_as_bitvector(offset_weight_reported, self.bits_for_weight)?.collect() + F::encode_as_bitvector(offset_weight_reported, self.bits_for_weight)? }; // Report the concat of the two - Ok([multihot_vec, offset_weight_bits].concat()) + Ok(multihot_vec.chain(offset_weight_bits).collect()) } fn decode_result( @@ -1024,7 +1066,9 @@ mod tests { #[test] fn test_sum() { - let sum = Sum::new(11).unwrap(); + let max_measurement = 1458; + + let sum = Sum::new(max_measurement).unwrap(); let zero = TestField::zero(); let one = TestField::one(); let nine = TestField::from(9); @@ -1045,22 +1089,52 @@ mod tests { &sum.encode_measurement(&1337).unwrap(), &[TestField::from(1337)], ); - FlpTest::expect_valid::<3>(&Sum::new(0).unwrap(), &[], &[zero]); - FlpTest::expect_valid::<3>(&Sum::new(2).unwrap(), &[one, zero], &[one]); - FlpTest::expect_valid::<3>( - &Sum::new(9).unwrap(), - &[one, zero, one, one, zero, one, one, one, zero], - &[TestField::from(237)], - ); - // Test FLP on invalid input. - FlpTest::expect_invalid::<3>(&Sum::new(3).unwrap(), &[one, nine, zero]); - FlpTest::expect_invalid::<3>(&Sum::new(5).unwrap(), &[zero, zero, zero, zero, nine]); + { + let sum = Sum::new(3).unwrap(); + let meas = 1; + FlpTest::expect_valid::<3>( + &sum, + &sum.encode_measurement(&meas).unwrap(), + &[TestField::from(meas)], + ); + } + + { + let sum = Sum::new(400).unwrap(); + let meas = 237; + FlpTest::expect_valid::<3>( + &sum, + &sum.encode_measurement(&meas).unwrap(), + &[TestField::from(meas)], + ); + } + + // Test FLP on invalid input, specifically on field elements outside of {0,1} + { + let sum = Sum::new((1 << 3) - 1).unwrap(); + // The sum+offset value can be whatever. The binariness test should fail first + let sum_plus_offset = vec![zero; 3]; + FlpTest::expect_invalid::<3>( + &sum, + &[&[one, nine, zero], sum_plus_offset.as_slice()].concat(), + ); + } + { + let sum = Sum::new((1 << 5) - 1).unwrap(); + let sum_plus_offset = vec![zero; 5]; + FlpTest::expect_invalid::<3>( + &sum, + &[&[zero, zero, zero, zero, nine], sum_plus_offset.as_slice()].concat(), + ); + } } #[test] fn test_average() { - let average = Average::new(11).unwrap(); + let max_measurement = (1 << 11) - 13; + + let average = Average::new(max_measurement).unwrap(); let zero = TestField::zero(); let one = TestField::one(); let ten = TestField::from(10); diff --git a/src/vdaf/mastic.rs b/src/vdaf/mastic.rs index afbac9331..6e3426b5f 100644 --- a/src/vdaf/mastic.rs +++ b/src/vdaf/mastic.rs @@ -394,9 +394,12 @@ mod tests { #[test] fn test_mastic_shard_sum() { let algorithm_id = 6; - let sum_typ = Sum::::new(5).unwrap(); + let max_measurement = 29; + let sum_typ = Sum::::new(max_measurement).unwrap(); + let encoded_meas_len = sum_typ.input_len(); + let sum_szk = Szk::new_turboshake128(sum_typ, algorithm_id); - let sum_vidpf = Vidpf::, TEST_NONCE_SIZE>::new(5); + let sum_vidpf = Vidpf::, TEST_NONCE_SIZE>::new(encoded_meas_len); let mut nonce = [0u8; 16]; let mut verify_key = [0u8; 16]; @@ -414,9 +417,12 @@ mod tests { #[test] fn test_input_share_encode_sum() { let algorithm_id = 6; - let sum_typ = Sum::::new(5).unwrap(); + let max_measurement = 29; + let sum_typ = Sum::::new(max_measurement).unwrap(); + let encoded_meas_len = sum_typ.input_len(); + let sum_szk = Szk::new_turboshake128(sum_typ, algorithm_id); - let sum_vidpf = Vidpf::, TEST_NONCE_SIZE>::new(5); + let sum_vidpf = Vidpf::, TEST_NONCE_SIZE>::new(encoded_meas_len); let mut nonce = [0u8; 16]; let mut verify_key = [0u8; 16]; diff --git a/src/vdaf/prio3.rs b/src/vdaf/prio3.rs index 3936730ec..840872e76 100644 --- a/src/vdaf/prio3.rs +++ b/src/vdaf/prio3.rs @@ -33,7 +33,9 @@ use super::AggregatorWithNoise; use crate::codec::{CodecError, Decode, Encode, ParameterizedDecode}; #[cfg(feature = "experimental")] use crate::dp::DifferentialPrivacyStrategy; -use crate::field::{decode_fieldvec, FftFriendlyFieldElement, FieldElement}; +use crate::field::{ + decode_fieldvec, FftFriendlyFieldElement, FieldElement, FieldElementWithInteger, +}; use crate::field::{Field128, Field64}; #[cfg(feature = "multithreaded")] use crate::flp::gadgets::ParallelSumMultithreaded; @@ -141,16 +143,13 @@ impl Prio3SumVecMultithreaded { pub type Prio3Sum = Prio3, XofTurboShake128, 16>; impl Prio3Sum { - /// Construct an instance of Prio3Sum with the given number of aggregators and required bit - /// length. The bit length must not exceed 64. - pub fn new_sum(num_aggregators: u8, bits: usize) -> Result { - if bits > 64 { - return Err(VdafError::Uncategorized(format!( - "bit length ({bits}) exceeds limit for aggregate type (64)" - ))); - } - - Prio3::new(num_aggregators, 1, 0x00000001, Sum::new(bits)?) + /// Construct an instance of `Prio3Sum` with the given number of aggregators, where each summand + /// must be in the range `[0, max_measurement]`. Errors if `max_measurement == 0`. + pub fn new_sum( + num_aggregators: u8, + max_measurement: ::Integer, + ) -> Result { + Prio3::new(num_aggregators, 1, 0x00000001, Sum::new(max_measurement)?) } } @@ -340,22 +339,19 @@ impl Prio3MultihotCountVecMultithreaded { pub type Prio3Average = Prio3, XofTurboShake128, 16>; impl Prio3Average { - /// Construct an instance of Prio3Average with the given number of aggregators and required bit - /// length. The bit length must not exceed 64. - pub fn new_average(num_aggregators: u8, bits: usize) -> Result { + /// Construct an instance of `Prio3Average` with the given number of aggregators, where each + /// summand must be in the range `[0, max_measurement]`. Errors if `max_measurement == 0`. + pub fn new_average( + num_aggregators: u8, + max_measurement: ::Integer, + ) -> Result { check_num_aggregators(num_aggregators)?; - if bits > 64 { - return Err(VdafError::Uncategorized(format!( - "bit length ({bits}) exceeds limit for aggregate type (64)" - ))); - } - Ok(Prio3 { num_aggregators, num_proofs: 1, algorithm_id: 0xFFFF0000, - typ: Average::new(bits)?, + typ: Average::new(max_measurement)?, phantom: PhantomData, }) } @@ -1700,11 +1696,13 @@ mod tests { #[test] fn test_prio3_sum() { - let prio3 = Prio3::new_sum(3, 16).unwrap(); + let max_measurement = 35_891; + + let prio3 = Prio3::new_sum(3, max_measurement).unwrap(); assert_eq!( - run_vdaf(CTX_STR, &prio3, &(), [0, (1 << 16) - 1, 0, 1, 1]).unwrap(), - (1 << 16) + 1 + run_vdaf(CTX_STR, &prio3, &(), [0, max_measurement, 0, 1, 1]).unwrap(), + max_measurement + 2, ); let mut verify_key = [0; 16]; @@ -2082,7 +2080,8 @@ mod tests { #[test] fn test_prio3_average() { - let prio3 = Prio3::new_average(2, 64).unwrap(); + let max_measurement = 43_208; + let prio3 = Prio3::new_average(2, max_measurement).unwrap(); assert_eq!(run_vdaf(CTX_STR, &prio3, &(), [17, 8]).unwrap(), 12.5f64); assert_eq!(run_vdaf(CTX_STR, &prio3, &(), [1, 1, 1, 1]).unwrap(), 1f64); @@ -2098,7 +2097,8 @@ mod tests { #[test] fn test_prio3_input_share() { - let prio3 = Prio3::new_sum(5, 16).unwrap(); + let max_measurement = 1; + let prio3 = Prio3::new_sum(5, max_measurement).unwrap(); let (_public_share, input_shares) = prio3.shard(CTX_STR, &1, &[0; 16]).unwrap(); // Check that seed shares are distinct. @@ -2217,7 +2217,8 @@ mod tests { let vdaf = Prio3::new_count(2).unwrap(); fieldvec_roundtrip_test::>(&vdaf, &(), 1); - let vdaf = Prio3::new_sum(2, 17).unwrap(); + let max_measurement = 13; + let vdaf = Prio3::new_sum(2, max_measurement).unwrap(); fieldvec_roundtrip_test::>(&vdaf, &(), 1); let vdaf = Prio3::new_histogram(2, 12, 3).unwrap(); @@ -2229,7 +2230,8 @@ mod tests { let vdaf = Prio3::new_count(2).unwrap(); fieldvec_roundtrip_test::>(&vdaf, &(), 1); - let vdaf = Prio3::new_sum(2, 17).unwrap(); + let max_measurement = 13; + let vdaf = Prio3::new_sum(2, max_measurement).unwrap(); fieldvec_roundtrip_test::>(&vdaf, &(), 1); let vdaf = Prio3::new_histogram(2, 12, 3).unwrap(); diff --git a/src/vdaf/prio3_test.rs b/src/vdaf/prio3_test.rs index 10b72c739..56223bcb9 100644 --- a/src/vdaf/prio3_test.rs +++ b/src/vdaf/prio3_test.rs @@ -285,13 +285,14 @@ mod tests { #[ignore] #[test] fn test_vec_prio3_sum() { + const FAKE_MAX_MEASUREMENT_UPDATE_ME: u128 = 0; for test_vector_str in [ include_str!("test_vec/08/Prio3Sum_0.json"), include_str!("test_vec/08/Prio3Sum_1.json"), ] { check_test_vec(test_vector_str, |json_params, num_shares| { - let bits = json_params["bits"].as_u64().unwrap() as usize; - Prio3::new_sum(num_shares, bits).unwrap() + let _bits = json_params["bits"].as_u64().unwrap() as usize; + Prio3::new_sum(num_shares, FAKE_MAX_MEASUREMENT_UPDATE_ME).unwrap() }); } } From a200dad9dba02d95ffb70c0cfa9f2f50649b114a Mon Sep 17 00:00:00 2001 From: Christopher Patton Date: Thu, 12 Dec 2024 08:52:01 -0800 Subject: [PATCH 05/20] Prio3Sum: Use Field64 (#1159) As of draft 12, Prio3Sum uses Field64 instead of Field128, since we no longer use joint randomness in the circuit. Co-authored-by: Michael Rosenberg --- benches/cycle_counts.rs | 2 +- src/vdaf/prio3.rs | 8 ++++---- src/vdaf/prio3_test.rs | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/benches/cycle_counts.rs b/benches/cycle_counts.rs index 3e3ebdf57..a4598bed1 100644 --- a/benches/cycle_counts.rs +++ b/benches/cycle_counts.rs @@ -125,7 +125,7 @@ fn prio3_client_histogram_10() -> Vec> { .1 } -fn prio3_client_sum_32() -> Vec> { +fn prio3_client_sum_32() -> Vec> { let bits = 16; let prio3 = Prio3::new_sum(2, (1 << bits) - 1).unwrap(); let measurement = 1337; diff --git a/src/vdaf/prio3.rs b/src/vdaf/prio3.rs index 840872e76..fdefb0933 100644 --- a/src/vdaf/prio3.rs +++ b/src/vdaf/prio3.rs @@ -140,14 +140,14 @@ impl Prio3SumVecMultithreaded { /// The sum type. Each measurement is an integer in `[0,2^bits)` for some `0 < bits < 64` and the /// aggregate is the sum. -pub type Prio3Sum = Prio3, XofTurboShake128, 16>; +pub type Prio3Sum = Prio3, XofTurboShake128, 16>; impl Prio3Sum { /// Construct an instance of `Prio3Sum` with the given number of aggregators, where each summand /// must be in the range `[0, max_measurement]`. Errors if `max_measurement == 0`. pub fn new_sum( num_aggregators: u8, - max_measurement: ::Integer, + max_measurement: ::Integer, ) -> Result { Prio3::new(num_aggregators, 1, 0x00000001, Sum::new(max_measurement)?) } @@ -1711,7 +1711,7 @@ mod tests { let (public_share, mut input_shares) = prio3.shard(CTX_STR, &1, &nonce).unwrap(); assert_matches!(input_shares[0].measurement_share, Share::Leader(ref mut data) => { - data[0] += Field128::one(); + data[0] += Field64::one(); }); let result = run_vdaf_prepare( &prio3, @@ -1726,7 +1726,7 @@ mod tests { let (public_share, mut input_shares) = prio3.shard(CTX_STR, &1, &nonce).unwrap(); assert_matches!(input_shares[0].proofs_share, Share::Leader(ref mut data) => { - data[0] += Field128::one(); + data[0] += Field64::one(); }); let result = run_vdaf_prepare( &prio3, diff --git a/src/vdaf/prio3_test.rs b/src/vdaf/prio3_test.rs index 56223bcb9..18c9817de 100644 --- a/src/vdaf/prio3_test.rs +++ b/src/vdaf/prio3_test.rs @@ -285,7 +285,7 @@ mod tests { #[ignore] #[test] fn test_vec_prio3_sum() { - const FAKE_MAX_MEASUREMENT_UPDATE_ME: u128 = 0; + const FAKE_MAX_MEASUREMENT_UPDATE_ME: u64 = 0; for test_vector_str in [ include_str!("test_vec/08/Prio3Sum_0.json"), include_str!("test_vec/08/Prio3Sum_1.json"), From e119a3731bbbcf981fe3e097e2bce333b99f4ba7 Mon Sep 17 00:00:00 2001 From: Christopher Patton Date: Fri, 13 Dec 2024 07:42:43 -0800 Subject: [PATCH 06/20] idpf: Use XofTurboShake128 for the leaves (#1158) As required by the latest draft, modify IDPF by using XofTurboShake128 for extension/conversion at the leaves of the tree. To accomplish this, encapsulate in the fixed AES key -- now use only for inner nodes -- with a type that has the content appropriate for the level of the tree. For the leaf nodes, this is the context string and nonce. While at it, rename "binder" to "nonce", as has been done in the latest draft. --- src/idpf.rs | 132 +++++++++++++++++++++++++++++++--------------------- 1 file changed, 80 insertions(+), 52 deletions(-) diff --git a/src/idpf.rs b/src/idpf.rs index ac6fdb2db..93d5390ba 100644 --- a/src/idpf.rs +++ b/src/idpf.rs @@ -7,7 +7,7 @@ use crate::{ codec::{CodecError, Decode, Encode, ParameterizedDecode}, field::{FieldElement, FieldElementExt}, vdaf::{ - xof::{Seed, XofFixedKeyAes128Key}, + xof::{Seed, Xof, XofFixedKeyAes128Key, XofTurboShake128}, VdafError, VERSION, }, }; @@ -239,12 +239,25 @@ where } } -fn extend(seed: &[u8; 16], xof_fixed_key: &XofFixedKeyAes128Key) -> ([[u8; 16]; 2], [Choice; 2]) { - let mut seed_stream = xof_fixed_key.with_seed(seed); - +fn extend(seed: &[u8; 16], xof_mode: &XofMode<'_>) -> ([[u8; 16]; 2], [Choice; 2]) { let mut seeds = [[0u8; 16], [0u8; 16]]; - seed_stream.fill_bytes(&mut seeds[0]); - seed_stream.fill_bytes(&mut seeds[1]); + match xof_mode { + XofMode::Inner(fixed_key) => { + let mut seed_stream = fixed_key.with_seed(seed); + seed_stream.fill_bytes(&mut seeds[0]); + seed_stream.fill_bytes(&mut seeds[1]); + } + XofMode::Leaf(ctx, nonce) => { + let mut dst = Vec::with_capacity(EXTEND_DOMAIN_SEP.len() + ctx.len()); + dst.extend(EXTEND_DOMAIN_SEP); + dst.extend(*ctx); + let mut xof = XofTurboShake128::init(seed, &dst); + xof.update(nonce); + let mut seed_stream = xof.into_seed_stream(); + seed_stream.fill_bytes(&mut seeds[0]); + seed_stream.fill_bytes(&mut seeds[1]); + } + } // "Steal" the control bits from the seeds. let control_bits_0 = seeds[0].as_ref()[0] & 1; @@ -257,18 +270,30 @@ fn extend(seed: &[u8; 16], xof_fixed_key: &XofFixedKeyAes128Key) -> ([[u8; 16]; fn convert( seed: &[u8; 16], - xof_fixed_key: &XofFixedKeyAes128Key, + xof_mode: &XofMode<'_>, parameter: &V::ValueParameter, ) -> ([u8; 16], V) where V: IdpfValue, { - let mut seed_stream = xof_fixed_key.with_seed(seed); - let mut next_seed = [0u8; 16]; - seed_stream.fill_bytes(&mut next_seed); - - (next_seed, V::generate(&mut seed_stream, parameter)) + match xof_mode { + XofMode::Inner(fixed_key) => { + let mut seed_stream = fixed_key.with_seed(seed); + seed_stream.fill_bytes(&mut next_seed); + (next_seed, V::generate(&mut seed_stream, parameter)) + } + XofMode::Leaf(ctx, nonce) => { + let mut dst = Vec::with_capacity(CONVERT_DOMAIN_SEP.len() + ctx.len()); + dst.extend(CONVERT_DOMAIN_SEP); + dst.extend(*ctx); + let mut xof = XofTurboShake128::init(seed, &dst); + xof.update(nonce); + let mut seed_stream = xof.into_seed_stream(); + seed_stream.fill_bytes(&mut next_seed); + (next_seed, V::generate(&mut seed_stream, parameter)) + } + } } /// Helper method to update seeds, update control bits, and output the correction word for one level @@ -279,15 +304,15 @@ fn generate_correction_word( parameter: &V::ValueParameter, keys: &mut [[u8; 16]; 2], control_bits: &mut [Choice; 2], - extend_xof_fixed_key: &XofFixedKeyAes128Key, - convert_xof_fixed_key: &XofFixedKeyAes128Key, + extend_mode: &XofMode<'_>, + convert_mode: &XofMode<'_>, ) -> IdpfCorrectionWord where V: IdpfValue, { // Expand both keys into two seeds and two control bits each. - let (seed_0, control_bits_0) = extend(&keys[0], extend_xof_fixed_key); - let (seed_1, control_bits_1) = extend(&keys[1], extend_xof_fixed_key); + let (seed_0, control_bits_0) = extend(&keys[0], extend_mode); + let (seed_1, control_bits_1) = extend(&keys[1], extend_mode); let (keep, lose) = (input_bit, !input_bit); @@ -317,10 +342,8 @@ where conditional_xor_seeds(&seed_1_keep, &cw_seed, previous_control_bits[1]), ]; - let (new_key_0, elements_0) = - convert::(&seeds_corrected[0], convert_xof_fixed_key, parameter); - let (new_key_1, elements_1) = - convert::(&seeds_corrected[1], convert_xof_fixed_key, parameter); + let (new_key_0, elements_0) = convert::(&seeds_corrected[0], convert_mode, parameter); + let (new_key_1, elements_1) = convert::(&seeds_corrected[1], convert_mode, parameter); keys[0] = new_key_0; keys[1] = new_key_1; @@ -345,13 +368,13 @@ fn eval_next( control_bit: &mut Choice, correction_word: &IdpfCorrectionWord, input_bit: Choice, - extend_xof_fixed_key: &XofFixedKeyAes128Key, - convert_xof_fixed_key: &XofFixedKeyAes128Key, + extend_mode: &XofMode<'_>, + convert_mode: &XofMode<'_>, ) -> V where V: IdpfValue, { - let (mut seeds, mut control_bits) = extend(key, extend_xof_fixed_key); + let (mut seeds, mut control_bits) = extend(key, extend_mode); seeds[0] = conditional_xor_seeds(&seeds[0], &correction_word.seed, *control_bit); control_bits[0] ^= correction_word.control_bits[0] & *control_bit; @@ -361,7 +384,7 @@ where let seed_corrected = conditional_select_seed(input_bit, &seeds); *control_bit = Choice::conditional_select(&control_bits[0], &control_bits[1], input_bit); - let (new_key, elements) = convert::(&seed_corrected, convert_xof_fixed_key, parameter); + let (new_key, elements) = convert::(&seed_corrected, convert_mode, parameter); *key = new_key; let mut out = @@ -407,7 +430,7 @@ where inner_values: M, leaf_value: VL, ctx: &[u8], - binder: &[u8], + nonce: &[u8], random: &[[u8; 16]; 2], ) -> Result<(IdpfPublicShare, [Seed<16>; 2]), VdafError> { let bits = input.len(); @@ -415,8 +438,8 @@ where let initial_keys: [Seed<16>; 2] = [Seed::from_bytes(random[0]), Seed::from_bytes(random[1])]; - let extend_xof_fixed_key = XofFixedKeyAes128Key::new(&[EXTEND_DOMAIN_SEP, ctx], binder); - let convert_xof_fixed_key = XofFixedKeyAes128Key::new(&[CONVERT_DOMAIN_SEP, ctx], binder); + let extend_xof_fixed_key = XofFixedKeyAes128Key::new(&[EXTEND_DOMAIN_SEP, ctx], nonce); + let convert_xof_fixed_key = XofFixedKeyAes128Key::new(&[CONVERT_DOMAIN_SEP, ctx], nonce); let mut keys = [initial_keys[0].0, initial_keys[1].0]; let mut control_bits = [Choice::from(0u8), Choice::from(1u8)]; @@ -435,8 +458,8 @@ where &self.inner_node_value_parameter, &mut keys, &mut control_bits, - &extend_xof_fixed_key, - &convert_xof_fixed_key, + &XofMode::Inner(&extend_xof_fixed_key), + &XofMode::Inner(&convert_xof_fixed_key), )); } if inner_correction_words.len() != bits - 1 { @@ -450,8 +473,8 @@ where &self.leaf_node_value_parameter, &mut keys, &mut control_bits, - &extend_xof_fixed_key, - &convert_xof_fixed_key, + &XofMode::Leaf(ctx, nonce), + &XofMode::Leaf(ctx, nonce), ); let public_share = IdpfPublicShare { inner_correction_words, @@ -471,7 +494,7 @@ where inner_values: M, leaf_value: VL, ctx: &[u8], - binder: &[u8], + nonce: &[u8], ) -> Result<(IdpfPublicShare, [Seed<16>; 2]), VdafError> where M: IntoIterator, @@ -485,7 +508,7 @@ where for random_seed in random.iter_mut() { getrandom::getrandom(random_seed)?; } - self.gen_with_random(input, inner_values, leaf_value, ctx, binder, &random) + self.gen_with_random(input, inner_values, leaf_value, ctx, nonce, &random) } /// Evaluate an IDPF share on `prefix`, starting from a particular tree level with known @@ -500,13 +523,13 @@ where mut control_bit: Choice, prefix: &IdpfInput, ctx: &[u8], - binder: &[u8], + nonce: &[u8], cache: &mut dyn IdpfCache, ) -> Result, IdpfError> { let bits = public_share.inner_correction_words.len() + 1; - let extend_xof_fixed_key = XofFixedKeyAes128Key::new(&[EXTEND_DOMAIN_SEP, ctx], binder); - let convert_xof_fixed_key = XofFixedKeyAes128Key::new(&[CONVERT_DOMAIN_SEP, ctx], binder); + let extend_xof_fixed_key = XofFixedKeyAes128Key::new(&[EXTEND_DOMAIN_SEP, ctx], nonce); + let convert_xof_fixed_key = XofFixedKeyAes128Key::new(&[CONVERT_DOMAIN_SEP, ctx], nonce); let mut last_inner_output = None; for ((correction_word, input_bit), level) in public_share.inner_correction_words @@ -522,8 +545,8 @@ where &mut control_bit, correction_word, Choice::from(*input_bit as u8), - &extend_xof_fixed_key, - &convert_xof_fixed_key, + &XofMode::Inner(&extend_xof_fixed_key), + &XofMode::Inner(&convert_xof_fixed_key), )); let cache_key = &prefix[..=level]; cache.insert(cache_key, &(key, control_bit.unwrap_u8())); @@ -537,8 +560,8 @@ where &mut control_bit, &public_share.leaf_correction_word, Choice::from(prefix[bits - 1] as u8), - &extend_xof_fixed_key, - &convert_xof_fixed_key, + &XofMode::Leaf(ctx, nonce), + &XofMode::Leaf(ctx, nonce), ); // Note: there's no point caching this node's key, because we will always run the // eval_next() call for the leaf level. @@ -559,7 +582,7 @@ where key: &Seed<16>, prefix: &IdpfInput, ctx: &[u8], - binder: &[u8], + nonce: &[u8], cache: &mut dyn IdpfCache, ) -> Result, IdpfError> { let bits = public_share.inner_correction_words.len() + 1; @@ -600,7 +623,7 @@ where Choice::from(control_bit), prefix, ctx, - binder, + nonce, cache, ); } @@ -616,7 +639,7 @@ where /* control_bit */ Choice::from((!is_leader) as u8), prefix, ctx, - binder, + nonce, cache, ) } @@ -983,6 +1006,11 @@ impl IdpfCache for RingBufferCache { } } +enum XofMode<'a> { + Inner(&'a XofFixedKeyAes128Key), + Leaf(&'a [u8], &'a [u8]), +} + /// Utilities for testing IDPFs. #[cfg(feature = "test-util")] #[cfg_attr(docsrs, doc(cfg(feature = "test-util")))] @@ -1301,17 +1329,17 @@ mod tests { public_share: &IdpfPublicShare, Poplar1IdpfValue>, keys: &[Seed<16>; 2], prefix: &IdpfInput, - binder: &[u8], + nonce: &[u8], expected_output: &IdpfOutputShare, Poplar1IdpfValue>, cache_0: &mut dyn IdpfCache, cache_1: &mut dyn IdpfCache, ) { let idpf = Idpf::new((), ()); let share_0 = idpf - .eval(0, public_share, &keys[0], prefix, CTX_STR, binder, cache_0) + .eval(0, public_share, &keys[0], prefix, CTX_STR, nonce, cache_0) .unwrap(); let share_1 = idpf - .eval(1, public_share, &keys[1], prefix, CTX_STR, binder, cache_1) + .eval(1, public_share, &keys[1], prefix, CTX_STR, nonce, cache_1) .unwrap(); let output = share_0.merge(share_1).unwrap(); assert_eq!(&output, expected_output); @@ -1929,8 +1957,8 @@ mod tests { struct IdpfTestVector { /// The number of bits in IDPF inputs. bits: usize, - /// The binder string used when generating and evaluating keys. - binder: Vec, + /// The nonce used when generating and evaluating keys. + nonce: Vec, /// The IDPF input provided to the key generation algorithm. alpha: IdpfInput, /// The IDPF output values, at each inner level, provided to the key generation algorithm. @@ -2010,12 +2038,12 @@ mod tests { let public_share_hex = test_vec_obj.get("public_share").unwrap(); let public_share = hex::decode(public_share_hex.as_str().unwrap()).unwrap(); - let binder_hex = test_vec_obj.get("binder").unwrap(); - let binder = hex::decode(binder_hex.as_str().unwrap()).unwrap(); + let nonce_hex = test_vec_obj.get("binder").unwrap(); + let nonce = hex::decode(nonce_hex.as_str().unwrap()).unwrap(); IdpfTestVector { bits, - binder, + nonce, alpha, beta_inner, beta_leaf, @@ -2035,7 +2063,7 @@ mod tests { test_vector.beta_inner, test_vector.beta_leaf, b"WRONG CTX, REPLACE ME", // TODO: Update test vectors to ones that provide ctx str - &test_vector.binder, + &test_vector.nonce, &test_vector.keys, ) .unwrap(); From cbb79b244f4c0d89ce97528319656b1c908be160 Mon Sep 17 00:00:00 2001 From: David Cook Date: Fri, 13 Dec 2024 10:57:11 -0600 Subject: [PATCH 07/20] Update constants (#1152) * Update VERSION constant * Update algorithm IDs --- src/vdaf.rs | 2 +- src/vdaf/poplar1.rs | 2 +- src/vdaf/prio3.rs | 16 ++++++++-------- 3 files changed, 10 insertions(+), 10 deletions(-) diff --git a/src/vdaf.rs b/src/vdaf.rs index 815836430..035ef4254 100644 --- a/src/vdaf.rs +++ b/src/vdaf.rs @@ -26,7 +26,7 @@ use subtle::{Choice, ConstantTimeEq}; /// A component of the domain-separation tag, used to bind the VDAF operations to the document /// version. This will be revised with each draft with breaking changes. -pub(crate) const VERSION: u8 = 8; +pub(crate) const VERSION: u8 = 12; /// Errors emitted by this module. #[derive(Debug, thiserror::Error)] diff --git a/src/vdaf/poplar1.rs b/src/vdaf/poplar1.rs index 70c572dbd..df5da34b6 100644 --- a/src/vdaf/poplar1.rs +++ b/src/vdaf/poplar1.rs @@ -855,7 +855,7 @@ impl, const SEED_SIZE: usize> Vdaf for Poplar1 { type AggregateShare = Poplar1FieldVec; fn algorithm_id(&self) -> u32 { - 0x00001000 + 0x00000006 } fn num_aggregators(&self) -> usize { diff --git a/src/vdaf/prio3.rs b/src/vdaf/prio3.rs index fdefb0933..eab2ec235 100644 --- a/src/vdaf/prio3.rs +++ b/src/vdaf/prio3.rs @@ -80,7 +80,7 @@ pub type Prio3Count = Prio3, XofTurboShake128, 16>; impl Prio3Count { /// Construct an instance of Prio3Count with the given number of aggregators. pub fn new_count(num_aggregators: u8) -> Result { - Prio3::new(num_aggregators, 1, 0x00000000, Count::new()) + Prio3::new(num_aggregators, 1, 0x00000001, Count::new()) } } @@ -102,7 +102,7 @@ impl Prio3SumVec { Prio3::new( num_aggregators, 1, - 0x00000002, + 0x00000003, SumVec::new(bits, len, chunk_length)?, ) } @@ -132,7 +132,7 @@ impl Prio3SumVecMultithreaded { Prio3::new( num_aggregators, 1, - 0x00000002, + 0x00000003, SumVec::new(bits, len, chunk_length)?, ) } @@ -149,7 +149,7 @@ impl Prio3Sum { num_aggregators: u8, max_measurement: ::Integer, ) -> Result { - Prio3::new(num_aggregators, 1, 0x00000001, Sum::new(max_measurement)?) + Prio3::new(num_aggregators, 1, 0x00000002, Sum::new(max_measurement)?) } } @@ -247,7 +247,7 @@ impl Prio3Histogram { Prio3::new( num_aggregators, 1, - 0x00000003, + 0x00000004, Histogram::new(length, chunk_length)?, ) } @@ -275,7 +275,7 @@ impl Prio3HistogramMultithreaded { Prio3::new( num_aggregators, 1, - 0x00000003, + 0x00000004, Histogram::new(length, chunk_length)?, ) } @@ -299,7 +299,7 @@ impl Prio3MultihotCountVec { Prio3::new( num_aggregators, 1, - 0xFFFF0000, + 0x00000005, MultihotCountVec::new(num_buckets, max_weight, chunk_length)?, ) } @@ -328,7 +328,7 @@ impl Prio3MultihotCountVecMultithreaded { Prio3::new( num_aggregators, 1, - 0xFFFF0000, + 0x00000005, MultihotCountVec::new(num_buckets, max_weight, chunk_length)?, ) } From 937e8a61c51019671232dee2d28dbe72413cdadc Mon Sep 17 00:00:00 2001 From: David Cook Date: Fri, 13 Dec 2024 10:58:03 -0600 Subject: [PATCH 08/20] Update test vector files (#1153) --- src/idpf.rs | 16 +- src/vdaf/poplar1.rs | 61 +- src/vdaf/prio3_test.rs | 40 +- src/vdaf/test_vec/08/IdpfPoplar_0.json | 52 - src/vdaf/test_vec/08/Poplar1_0.json | 56 - src/vdaf/test_vec/08/Poplar1_1.json | 64 - src/vdaf/test_vec/08/Poplar1_2.json | 64 - src/vdaf/test_vec/08/Poplar1_3.json | 76 - src/vdaf/test_vec/08/Prio3Histogram_0.json | 52 - src/vdaf/test_vec/08/Prio3Histogram_1.json | 89 - .../08/Prio3SumVecField64Multiproof_0.json | 194 -- .../08/Prio3SumVecField64Multiproof_1.json | 146 - src/vdaf/test_vec/08/Prio3SumVec_0.json | 194 -- src/vdaf/test_vec/08/Prio3SumVec_1.json | 146 - src/vdaf/test_vec/08/Prio3Sum_0.json | 40 - src/vdaf/test_vec/08/Prio3Sum_1.json | 46 - src/vdaf/test_vec/08/XofFixedKeyAes128.json | 8 - src/vdaf/test_vec/08/XofTurboShake128.json | 8 - src/vdaf/test_vec/13/IdpfBBCGGI21_0.json | 64 + src/vdaf/test_vec/13/Poplar1_0.json | 56 + src/vdaf/test_vec/13/Poplar1_1.json | 62 + src/vdaf/test_vec/13/Poplar1_2.json | 62 + src/vdaf/test_vec/13/Poplar1_3.json | 71 + src/vdaf/test_vec/13/Poplar1_4.json | 63 + src/vdaf/test_vec/13/Poplar1_5.json | 69 + .../test_vec/{08 => 13}/Prio3Count_0.json | 21 +- .../test_vec/{08 => 13}/Prio3Count_1.json | 27 +- src/vdaf/test_vec/13/Prio3Count_2.json | 148 ++ src/vdaf/test_vec/13/Prio3Histogram_0.json | 53 + src/vdaf/test_vec/13/Prio3Histogram_1.json | 90 + src/vdaf/test_vec/13/Prio3Histogram_2.json | 2366 +++++++++++++++++ .../test_vec/13/Prio3MultihotCountVec_0.json | 59 + .../test_vec/13/Prio3MultihotCountVec_1.json | 113 + .../test_vec/13/Prio3MultihotCountVec_2.json | 211 ++ .../13/Prio3SumVecWithMultiproof_0.json | 195 ++ .../13/Prio3SumVecWithMultiproof_1.json | 147 + src/vdaf/test_vec/13/Prio3SumVec_0.json | 195 ++ src/vdaf/test_vec/13/Prio3SumVec_1.json | 147 + src/vdaf/test_vec/13/Prio3Sum_0.json | 41 + src/vdaf/test_vec/13/Prio3Sum_1.json | 47 + src/vdaf/test_vec/13/Prio3Sum_2.json | 230 ++ src/vdaf/test_vec/13/XofFixedKeyAes128.json | 8 + src/vdaf/test_vec/13/XofTurboShake128.json | 8 + src/vdaf/xof.rs | 6 +- 44 files changed, 4618 insertions(+), 1293 deletions(-) delete mode 100644 src/vdaf/test_vec/08/IdpfPoplar_0.json delete mode 100644 src/vdaf/test_vec/08/Poplar1_0.json delete mode 100644 src/vdaf/test_vec/08/Poplar1_1.json delete mode 100644 src/vdaf/test_vec/08/Poplar1_2.json delete mode 100644 src/vdaf/test_vec/08/Poplar1_3.json delete mode 100644 src/vdaf/test_vec/08/Prio3Histogram_0.json delete mode 100644 src/vdaf/test_vec/08/Prio3Histogram_1.json delete mode 100644 src/vdaf/test_vec/08/Prio3SumVecField64Multiproof_0.json delete mode 100644 src/vdaf/test_vec/08/Prio3SumVecField64Multiproof_1.json delete mode 100644 src/vdaf/test_vec/08/Prio3SumVec_0.json delete mode 100644 src/vdaf/test_vec/08/Prio3SumVec_1.json delete mode 100644 src/vdaf/test_vec/08/Prio3Sum_0.json delete mode 100644 src/vdaf/test_vec/08/Prio3Sum_1.json delete mode 100644 src/vdaf/test_vec/08/XofFixedKeyAes128.json delete mode 100644 src/vdaf/test_vec/08/XofTurboShake128.json create mode 100644 src/vdaf/test_vec/13/IdpfBBCGGI21_0.json create mode 100644 src/vdaf/test_vec/13/Poplar1_0.json create mode 100644 src/vdaf/test_vec/13/Poplar1_1.json create mode 100644 src/vdaf/test_vec/13/Poplar1_2.json create mode 100644 src/vdaf/test_vec/13/Poplar1_3.json create mode 100644 src/vdaf/test_vec/13/Poplar1_4.json create mode 100644 src/vdaf/test_vec/13/Poplar1_5.json rename src/vdaf/test_vec/{08 => 13}/Prio3Count_0.json (50%) rename src/vdaf/test_vec/{08 => 13}/Prio3Count_1.json (51%) create mode 100644 src/vdaf/test_vec/13/Prio3Count_2.json create mode 100644 src/vdaf/test_vec/13/Prio3Histogram_0.json create mode 100644 src/vdaf/test_vec/13/Prio3Histogram_1.json create mode 100644 src/vdaf/test_vec/13/Prio3Histogram_2.json create mode 100644 src/vdaf/test_vec/13/Prio3MultihotCountVec_0.json create mode 100644 src/vdaf/test_vec/13/Prio3MultihotCountVec_1.json create mode 100644 src/vdaf/test_vec/13/Prio3MultihotCountVec_2.json create mode 100644 src/vdaf/test_vec/13/Prio3SumVecWithMultiproof_0.json create mode 100644 src/vdaf/test_vec/13/Prio3SumVecWithMultiproof_1.json create mode 100644 src/vdaf/test_vec/13/Prio3SumVec_0.json create mode 100644 src/vdaf/test_vec/13/Prio3SumVec_1.json create mode 100644 src/vdaf/test_vec/13/Prio3Sum_0.json create mode 100644 src/vdaf/test_vec/13/Prio3Sum_1.json create mode 100644 src/vdaf/test_vec/13/Prio3Sum_2.json create mode 100644 src/vdaf/test_vec/13/XofFixedKeyAes128.json create mode 100644 src/vdaf/test_vec/13/XofTurboShake128.json diff --git a/src/idpf.rs b/src/idpf.rs index 93d5390ba..0c205695d 100644 --- a/src/idpf.rs +++ b/src/idpf.rs @@ -1957,6 +1957,8 @@ mod tests { struct IdpfTestVector { /// The number of bits in IDPF inputs. bits: usize, + /// The application context string. + ctx: Vec, /// The nonce used when generating and evaluating keys. nonce: Vec, /// The IDPF input provided to the key generation algorithm. @@ -1972,9 +1974,9 @@ mod tests { } /// Load a test vector for Idpf key generation. - fn load_idpfpoplar_test_vector() -> IdpfTestVector { + fn load_idpfbbcggi21_test_vector() -> IdpfTestVector { let test_vec: serde_json::Value = - serde_json::from_str(include_str!("vdaf/test_vec/08/IdpfPoplar_0.json")).unwrap(); + serde_json::from_str(include_str!("vdaf/test_vec/13/IdpfBBCGGI21_0.json")).unwrap(); let test_vec_obj = test_vec.as_object().unwrap(); let bits = test_vec_obj @@ -2038,11 +2040,15 @@ mod tests { let public_share_hex = test_vec_obj.get("public_share").unwrap(); let public_share = hex::decode(public_share_hex.as_str().unwrap()).unwrap(); + let ctx_hex = test_vec_obj.get("ctx").unwrap(); + let ctx = hex::decode(ctx_hex.as_str().unwrap()).unwrap(); + let nonce_hex = test_vec_obj.get("binder").unwrap(); let nonce = hex::decode(nonce_hex.as_str().unwrap()).unwrap(); IdpfTestVector { bits, + ctx, nonce, alpha, beta_inner, @@ -2054,15 +2060,15 @@ mod tests { #[ignore] #[test] - fn idpf_poplar_generate_test_vector() { - let test_vector = load_idpfpoplar_test_vector(); + fn idpf_bbcggi21_generate_test_vector() { + let test_vector = load_idpfbbcggi21_test_vector(); let idpf = Idpf::new((), ()); let (public_share, keys) = idpf .gen_with_random( &test_vector.alpha, test_vector.beta_inner, test_vector.beta_leaf, - b"WRONG CTX, REPLACE ME", // TODO: Update test vectors to ones that provide ctx str + &test_vector.ctx, &test_vector.nonce, &test_vector.keys, ) diff --git a/src/vdaf/poplar1.rs b/src/vdaf/poplar1.rs index df5da34b6..98b8c9d29 100644 --- a/src/vdaf/poplar1.rs +++ b/src/vdaf/poplar1.rs @@ -2107,6 +2107,7 @@ mod tests { bits: usize, prep: Vec, verify_key: HexEncoded, + ctx: HexEncoded, } #[derive(Debug, Deserialize)] @@ -2122,10 +2123,6 @@ mod tests { } fn check_test_vec(input: &str) { - // We need to use an empty context string for these test vectors to pass. - // TODO: update test vectors to ones that use a real context string - const CTX_STR: &[u8] = b""; - let test_vector: PoplarTestVector = serde_json::from_str(input).unwrap(); assert_eq!(test_vector.prep.len(), 1); let prep = &test_vector.prep[0]; @@ -2163,14 +2160,20 @@ mod tests { // Shard measurement. let poplar = Poplar1::new_turboshake128(test_vector.bits); let (public_share, input_shares) = poplar - .shard_with_random(CTX_STR, &measurement, &nonce, &idpf_random, &poplar_random) + .shard_with_random( + test_vector.ctx.as_ref(), + &measurement, + &nonce, + &idpf_random, + &poplar_random, + ) .unwrap(); // Run aggregation. let (init_prep_state_0, init_prep_share_0) = poplar .prepare_init( &verify_key, - CTX_STR, + test_vector.ctx.as_ref(), 0, &agg_param, &nonce, @@ -2181,7 +2184,7 @@ mod tests { let (init_prep_state_1, init_prep_share_1) = poplar .prepare_init( &verify_key, - CTX_STR, + test_vector.ctx.as_ref(), 1, &agg_param, &nonce, @@ -2192,7 +2195,7 @@ mod tests { let r1_prep_msg = poplar .prepare_shares_to_prepare_message( - CTX_STR, + test_vector.ctx.as_ref(), &agg_param, [init_prep_share_0.clone(), init_prep_share_1.clone()], ) @@ -2200,20 +2203,28 @@ mod tests { let (r1_prep_state_0, r1_prep_share_0) = assert_matches!( poplar - .prepare_next(CTX_STR,init_prep_state_0.clone(), r1_prep_msg.clone()) + .prepare_next( + test_vector.ctx.as_ref(), + init_prep_state_0.clone(), + r1_prep_msg.clone(), + ) .unwrap(), PrepareTransition::Continue(state, share) => (state, share) ); let (r1_prep_state_1, r1_prep_share_1) = assert_matches!( poplar - .prepare_next(CTX_STR,init_prep_state_1.clone(), r1_prep_msg.clone()) + .prepare_next( + test_vector.ctx.as_ref(), + init_prep_state_1.clone(), + r1_prep_msg.clone(), + ) .unwrap(), PrepareTransition::Continue(state, share) => (state, share) ); let r2_prep_msg = poplar .prepare_shares_to_prepare_message( - CTX_STR, + test_vector.ctx.as_ref(), &agg_param, [r1_prep_share_0.clone(), r1_prep_share_1.clone()], ) @@ -2221,13 +2232,17 @@ mod tests { let out_share_0 = assert_matches!( poplar - .prepare_next(CTX_STR, r1_prep_state_0.clone(), r2_prep_msg.clone()) + .prepare_next( + test_vector.ctx.as_ref(), + r1_prep_state_0.clone(), + r2_prep_msg.clone(), + ) .unwrap(), PrepareTransition::Finish(out) => out ); let out_share_1 = assert_matches!( poplar - .prepare_next(CTX_STR,r1_prep_state_1, r2_prep_msg.clone()) + .prepare_next(test_vector.ctx.as_ref(), r1_prep_state_1, r2_prep_msg.clone()) .unwrap(), PrepareTransition::Finish(out) => out ); @@ -2391,25 +2406,37 @@ mod tests { #[ignore] #[test] fn test_vec_poplar1_0() { - check_test_vec(include_str!("test_vec/08/Poplar1_0.json")); + check_test_vec(include_str!("test_vec/13/Poplar1_0.json")); } #[ignore] #[test] fn test_vec_poplar1_1() { - check_test_vec(include_str!("test_vec/08/Poplar1_1.json")); + check_test_vec(include_str!("test_vec/13/Poplar1_1.json")); } #[ignore] #[test] fn test_vec_poplar1_2() { - check_test_vec(include_str!("test_vec/08/Poplar1_2.json")); + check_test_vec(include_str!("test_vec/13/Poplar1_2.json")); } #[ignore] #[test] fn test_vec_poplar1_3() { - check_test_vec(include_str!("test_vec/08/Poplar1_3.json")); + check_test_vec(include_str!("test_vec/13/Poplar1_3.json")); + } + + #[ignore] + #[test] + fn test_vec_poplar1_4() { + check_test_vec(include_str!("test_vec/13/Poplar1_4.json")); + } + + #[ignore] + #[test] + fn test_vec_poplar1_5() { + check_test_vec(include_str!("test_vec/13/Poplar1_5.json")); } #[test] diff --git a/src/vdaf/prio3_test.rs b/src/vdaf/prio3_test.rs index 18c9817de..01c238fe9 100644 --- a/src/vdaf/prio3_test.rs +++ b/src/vdaf/prio3_test.rs @@ -272,8 +272,9 @@ mod tests { #[test] fn test_vec_prio3_count() { for test_vector_str in [ - include_str!("test_vec/08/Prio3Count_0.json"), - include_str!("test_vec/08/Prio3Count_1.json"), + include_str!("test_vec/13/Prio3Count_0.json"), + include_str!("test_vec/13/Prio3Count_1.json"), + include_str!("test_vec/13/Prio3Count_2.json"), ] { check_test_vec_custom_de::( test_vector_str, @@ -287,8 +288,9 @@ mod tests { fn test_vec_prio3_sum() { const FAKE_MAX_MEASUREMENT_UPDATE_ME: u64 = 0; for test_vector_str in [ - include_str!("test_vec/08/Prio3Sum_0.json"), - include_str!("test_vec/08/Prio3Sum_1.json"), + include_str!("test_vec/13/Prio3Sum_0.json"), + include_str!("test_vec/13/Prio3Sum_1.json"), + include_str!("test_vec/13/Prio3Sum_2.json"), ] { check_test_vec(test_vector_str, |json_params, num_shares| { let _bits = json_params["bits"].as_u64().unwrap() as usize; @@ -301,8 +303,8 @@ mod tests { #[test] fn test_vec_prio3_sum_vec() { for test_vector_str in [ - include_str!("test_vec/08/Prio3SumVec_0.json"), - include_str!("test_vec/08/Prio3SumVec_1.json"), + include_str!("test_vec/13/Prio3SumVec_0.json"), + include_str!("test_vec/13/Prio3SumVec_1.json"), ] { check_test_vec(test_vector_str, |json_params, num_shares| { let bits = json_params["bits"].as_u64().unwrap() as usize; @@ -319,8 +321,8 @@ mod tests { type Prio3SumVecField64Multiproof = Prio3>>, XofTurboShake128, 16>; for test_vector_str in [ - include_str!("test_vec/08/Prio3SumVecField64Multiproof_0.json"), - include_str!("test_vec/08/Prio3SumVecField64Multiproof_1.json"), + include_str!("test_vec/13/Prio3SumVecWithMultiproof_0.json"), + include_str!("test_vec/13/Prio3SumVecWithMultiproof_1.json"), ] { check_test_vec(test_vector_str, |json_params, num_shares| { let bits = json_params["bits"].as_u64().unwrap() as usize; @@ -341,8 +343,9 @@ mod tests { #[test] fn test_vec_prio3_histogram() { for test_vector_str in [ - include_str!("test_vec/08/Prio3Histogram_0.json"), - include_str!("test_vec/08/Prio3Histogram_1.json"), + include_str!("test_vec/13/Prio3Histogram_0.json"), + include_str!("test_vec/13/Prio3Histogram_1.json"), + include_str!("test_vec/13/Prio3Histogram_2.json"), ] { check_test_vec(test_vector_str, |json_params, num_shares| { let length = json_params["length"].as_u64().unwrap() as usize; @@ -351,4 +354,21 @@ mod tests { }); } } + + #[ignore] + #[test] + fn test_vec_prio3_multihot_count_vec() { + for test_vector_str in [ + include_str!("test_vec/13/Prio3MultihotCountVec_0.json"), + include_str!("test_vec/13/Prio3MultihotCountVec_1.json"), + include_str!("test_vec/13/Prio3MultihotCountVec_2.json"), + ] { + check_test_vec(test_vector_str, |json_params, num_shares| { + let length = json_params["length"].as_u64().unwrap() as usize; + let max_weight = json_params["max_weight"].as_u64().unwrap() as usize; + let chunk_length = json_params["chunk_length"].as_u64().unwrap() as usize; + Prio3::new_multihot_count_vec(num_shares, length, max_weight, chunk_length).unwrap() + }); + } + } } diff --git a/src/vdaf/test_vec/08/IdpfPoplar_0.json b/src/vdaf/test_vec/08/IdpfPoplar_0.json deleted file mode 100644 index 68f315923..000000000 --- a/src/vdaf/test_vec/08/IdpfPoplar_0.json +++ /dev/null @@ -1,52 +0,0 @@ -{ - "alpha": "0", - "beta_inner": [ - [ - "0", - "0" - ], - [ - "1", - "1" - ], - [ - "2", - "2" - ], - [ - "3", - "3" - ], - [ - "4", - "4" - ], - [ - "5", - "5" - ], - [ - "6", - "6" - ], - [ - "7", - "7" - ], - [ - "8", - "8" - ] - ], - "beta_leaf": [ - "9", - "9" - ], - "binder": "736f6d65206e6f6e6365", - "bits": 10, - "keys": [ - "000102030405060708090a0b0c0d0e0f", - "101112131415161718191a1b1c1d1e1f" - ], - "public_share": "18850fb4933f36be2d456c4e2477baf2c9a4a7204fb09ae3e3ff925ecfe07a297b07b1980635d1e1f512afbd6388c98f5bf076cc5fe746282e59b81e51bffd6699fac7ec2dab3e9dd2c60d896beb64131d73b8abd7b2f0b327e5d91b42c677468048180e55bd80946611101ff01cb82022f7aecbe1db443499a311b7b9ee114acc16ae30d73d77ab2995eef0d536c26753647394f24d0c7b6db95b0eda08056b919e862c373e9c7a1e17590e5d5f250e56249ad28f9c13a8b57dfd7dcd05d78d49640d0aa35173cb4a659ada59f57d0c408edf52cb16d8bfb5c5d56d0c28a1aa7d96054c848cfeb0eeb6576b7c8c5328dfe502bc5eef4f1c6f58abe9ad37b448995e2b584cdb5f3a94f056ca7b868ad8f593f07c73f88596398fb4f13c5a7393b8fb0d2c76076132f54484f5f18209f42e4fe98ba2b9b1d1d19c139dc4520ada547ddbb70baecf1bba61a7b3cbb4648a7235142e201a173038dac559940a55d29a68cc87298d722b6644fa445460ddb9938c64" -} diff --git a/src/vdaf/test_vec/08/Poplar1_0.json b/src/vdaf/test_vec/08/Poplar1_0.json deleted file mode 100644 index c4056a156..000000000 --- a/src/vdaf/test_vec/08/Poplar1_0.json +++ /dev/null @@ -1,56 +0,0 @@ -{ - "agg_param": [ - 0, - [ - 0, - 1 - ] - ], - "agg_result": [ - 0, - 1 - ], - "agg_shares": [ - "42417a6b9fd228e050220f57293f7555", - "bfbe85945f2dd71fb2ddf0a8d5c08aaa" - ], - "bits": 4, - "prep": [ - { - "input_shares": [ - "000102030405060708090a0b0c0d0e0f202122232425262728292a2b2c2d2e2f53a9af607a9ba90a1d3f318b8c32b858b3d50db495dd0cea621fc5acb48f197bd4e873a62181a039dda958c94fddf92a8c77579c03c6dfc230f22f48f76c4f904d2b114e3c8289045ca768975bbede4b411e83158149e59dcbccf8746fd6c3e46d02f6c1d55b61707cf072837674ce53", - "101112131415161718191a1b1c1d1e1f303132333435363738393a3b3c3d3e3ff353dae51a27e776577e4452505c1be72ff784ff29b113a7d382ed46393d577cbd67fe52d4b6de1db2e204d4a6eaca3e7cee015d5fe92a830800f01375b8b9e799ac36fc76ae347a6478dad319ed9e59a21d8102ae380d8462c88d5b5bdf438b46dfec7042682ff4ac55fb9e516d1721" - ], - "measurement": 13, - "nonce": "000102030405060708090a0b0c0d0e0f", - "out_shares": [ - [ - "42417a6b9fd228e0", - "50220f57293f7555" - ], - [ - "bfbe85945f2dd71f", - "b2ddf0a8d5c08aaa" - ] - ], - "prep_messages": [ - "f7c882b687b7bd461fb1f898356db5fa88833cdaa1e26a71", - "" - ], - "prep_shares": [ - [ - "029b574f4e07246cb5b90e90207a148abb7dfba2efb9a32a", - "f62d2b6738b099da6af7e90815f3a070cd054137b228c746" - ], - [ - "264531e72e56a380", - "dbbace18d0a95c7f" - ] - ], - "public_share": "dfe8ba3fa8bf0b8340a577388d7f4537bc2ed02a8b8c11e498d8ffdf6eae85c76f1c8c890ad535ba72d385b77962a0a8dbb59836381fbd9d80814b2b0d95948d11ee55bcd51bece3c27a76ad9aa132f4dfe46ee0783cdf650b6276ffda3830a7f61a859d311aa38580829ef9097c0a5032d798b8a28a17869323b84f36f0e6fe82ed6bc5bff3ae8cc4d32d25ff56e9af6da83c2943b41bb4a49555dcdc76033c31ec7098db3274261f3b50d3335fc1474e", - "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f" - } - ], - "shares": 2, - "verify_key": "000102030405060708090a0b0c0d0e0f" -} diff --git a/src/vdaf/test_vec/08/Poplar1_1.json b/src/vdaf/test_vec/08/Poplar1_1.json deleted file mode 100644 index ea8bbfea1..000000000 --- a/src/vdaf/test_vec/08/Poplar1_1.json +++ /dev/null @@ -1,64 +0,0 @@ -{ - "agg_param": [ - 1, - [ - 0, - 1, - 2, - 3 - ] - ], - "agg_result": [ - 0, - 0, - 0, - 1 - ], - "agg_shares": [ - "f4265a0ff9c4f0d1f068b522d608c1a38cde98228531a78ccb74919ef72f5051", - "0dd9a5f0053b0f2e11974add28f73e5c752167dd79ce5873378b6e6107d0afae" - ], - "bits": 4, - "prep": [ - { - "input_shares": [ - "000102030405060708090a0b0c0d0e0f202122232425262728292a2b2c2d2e2f53a9af607a9ba90a1d3f318b8c32b858b3d50db495dd0cea621fc5acb48f197bd4e873a62181a039dda958c94fddf92a8c77579c03c6dfc230f22f48f76c4f904d2b114e3c8289045ca768975bbede4b411e83158149e59dcbccf8746fd6c3e46d02f6c1d55b61707cf072837674ce53", - "101112131415161718191a1b1c1d1e1f303132333435363738393a3b3c3d3e3ff353dae51a27e776577e4452505c1be72ff784ff29b113a7d382ed46393d577cbd67fe52d4b6de1db2e204d4a6eaca3e7cee015d5fe92a830800f01375b8b9e799ac36fc76ae347a6478dad319ed9e59a21d8102ae380d8462c88d5b5bdf438b46dfec7042682ff4ac55fb9e516d1721" - ], - "measurement": 13, - "nonce": "000102030405060708090a0b0c0d0e0f", - "out_shares": [ - [ - "f4265a0ff9c4f0d1", - "f068b522d608c1a3", - "8cde98228531a78c", - "cb74919ef72f5051" - ], - [ - "0dd9a5f0053b0f2e", - "11974add28f73e5c", - "752167dd79ce5873", - "378b6e6107d0afae" - ] - ], - "prep_messages": [ - "d2ca8d38065df3047d92ebacf9c366b83ad81d98fb17356a", - "" - ], - "prep_shares": [ - [ - "4c00ed0607d7702352c8786bb90f360edd89e3c8507274b1", - "87caa031fe8582e12bca724140b430aa5e4e3acfa9a5c0b8" - ], - [ - "1ed0621986d79f57", - "e32f9de6782860a8" - ] - ], - "public_share": "dfe8ba3fa8bf0b8340a577388d7f4537bc2ed02a8b8c11e498d8ffdf6eae85c76f1c8c890ad535ba72d385b77962a0a8dbb59836381fbd9d80814b2b0d95948d11ee55bcd51bece3c27a76ad9aa132f4dfe46ee0783cdf650b6276ffda3830a7f61a859d311aa38580829ef9097c0a5032d798b8a28a17869323b84f36f0e6fe82ed6bc5bff3ae8cc4d32d25ff56e9af6da83c2943b41bb4a49555dcdc76033c31ec7098db3274261f3b50d3335fc1474e", - "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f" - } - ], - "shares": 2, - "verify_key": "000102030405060708090a0b0c0d0e0f" -} diff --git a/src/vdaf/test_vec/08/Poplar1_2.json b/src/vdaf/test_vec/08/Poplar1_2.json deleted file mode 100644 index 9b4fd0bc7..000000000 --- a/src/vdaf/test_vec/08/Poplar1_2.json +++ /dev/null @@ -1,64 +0,0 @@ -{ - "agg_param": [ - 2, - [ - 0, - 2, - 4, - 6 - ] - ], - "agg_result": [ - 0, - 0, - 0, - 1 - ], - "agg_shares": [ - "6bc200377c0ebf33de6ac488c1427b38bea3859050a09e19208319b3875c5099", - "963dffc882f140cc23953b773dbd84c7435c7a6fae5f61e6e27ce64c77a3af66" - ], - "bits": 4, - "prep": [ - { - "input_shares": [ - "000102030405060708090a0b0c0d0e0f202122232425262728292a2b2c2d2e2f53a9af607a9ba90a1d3f318b8c32b858b3d50db495dd0cea621fc5acb48f197bd4e873a62181a039dda958c94fddf92a8c77579c03c6dfc230f22f48f76c4f904d2b114e3c8289045ca768975bbede4b411e83158149e59dcbccf8746fd6c3e46d02f6c1d55b61707cf072837674ce53", - "101112131415161718191a1b1c1d1e1f303132333435363738393a3b3c3d3e3ff353dae51a27e776577e4452505c1be72ff784ff29b113a7d382ed46393d577cbd67fe52d4b6de1db2e204d4a6eaca3e7cee015d5fe92a830800f01375b8b9e799ac36fc76ae347a6478dad319ed9e59a21d8102ae380d8462c88d5b5bdf438b46dfec7042682ff4ac55fb9e516d1721" - ], - "measurement": 13, - "nonce": "000102030405060708090a0b0c0d0e0f", - "out_shares": [ - [ - "6bc200377c0ebf33", - "de6ac488c1427b38", - "bea3859050a09e19", - "208319b3875c5099" - ], - [ - "963dffc882f140cc", - "23953b773dbd84c7", - "435c7a6fae5f61e6", - "e27ce64c77a3af66" - ] - ], - "prep_messages": [ - "453405bb632d670892ddc291c4d886ce098d206debd7e121", - "" - ], - "prep_shares": [ - [ - "bd7d6befff9982c88c631d4c593d754f4b817e23f0faf751", - "89b699cb6293e43f067aa5456b9b117fbf0ba249fadce9cf" - ], - [ - "c36085ecec965e1f", - "3e9f7a131269a1e0" - ] - ], - "public_share": "dfe8ba3fa8bf0b8340a577388d7f4537bc2ed02a8b8c11e498d8ffdf6eae85c76f1c8c890ad535ba72d385b77962a0a8dbb59836381fbd9d80814b2b0d95948d11ee55bcd51bece3c27a76ad9aa132f4dfe46ee0783cdf650b6276ffda3830a7f61a859d311aa38580829ef9097c0a5032d798b8a28a17869323b84f36f0e6fe82ed6bc5bff3ae8cc4d32d25ff56e9af6da83c2943b41bb4a49555dcdc76033c31ec7098db3274261f3b50d3335fc1474e", - "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f" - } - ], - "shares": 2, - "verify_key": "000102030405060708090a0b0c0d0e0f" -} diff --git a/src/vdaf/test_vec/08/Poplar1_3.json b/src/vdaf/test_vec/08/Poplar1_3.json deleted file mode 100644 index f280aedeb..000000000 --- a/src/vdaf/test_vec/08/Poplar1_3.json +++ /dev/null @@ -1,76 +0,0 @@ -{ - "agg_param": [ - 3, - [ - 1, - 3, - 5, - 7, - 9, - 13, - 15 - ] - ], - "agg_result": [ - 0, - 0, - 0, - 0, - 0, - 1, - 0 - ], - "agg_shares": [ - "7e787b132dfe4dfcf9f8cab505a6133d30b7fd75f52a422d05ce25abe1b9cc5d3c4dce1f874d3e6bc4e9d9162ce3ae1e01da0581055c3d83de238e22b71bed1e8a69ed19cf9ccc49f2bb00c049d3153af4087218b63d6ae26ad30ca130641f50cb85fedfecf35fed0451625ebf2dac37281549b3cd8798fdd12d3eca3a68a17ec2c6f6086fca7b6dd59cd532e1b72bc95bedbfb4ce1dcc7cc873d989601e8a16ca1724e563a6c114b58e3bf58a65c621b00ebd22074223ec8e863c418a8ec83e0701d49174dab847df196325664790b6aba39c2d8ab74275b80ecc5d85c43c61", - "6f8784ecd201b2030607354afa59ecc2cf48028a0ad5bdd2fa31da541e463322b1b231e078b2c1943b1626e9d31c51e1fe25fa7efaa3c27c21dc71dd48e41261639612e6306333b60d44ff3fb62ceac50bf78de749c2951d952cf35ecf9be02f227a0120130ca012fbae9da140d253c8d7eab64c327867022ed2c135c5975e012b3909f7903584922a632acd1e48d436a412404b31e23383378c26769fe1756924e8db1a9c593eeb4a71c40a759a39de4ff142ddf8bddc137179c3be75713741e6fe2b6e8b2547b820e69cda99b86f49545c63d27548bd8a47f133a27a3bc31e" - ], - "bits": 4, - "prep": [ - { - "input_shares": [ - "000102030405060708090a0b0c0d0e0f202122232425262728292a2b2c2d2e2f53a9af607a9ba90a1d3f318b8c32b858b3d50db495dd0cea621fc5acb48f197bd4e873a62181a039dda958c94fddf92a8c77579c03c6dfc230f22f48f76c4f904d2b114e3c8289045ca768975bbede4b411e83158149e59dcbccf8746fd6c3e46d02f6c1d55b61707cf072837674ce53", - "101112131415161718191a1b1c1d1e1f303132333435363738393a3b3c3d3e3ff353dae51a27e776577e4452505c1be72ff784ff29b113a7d382ed46393d577cbd67fe52d4b6de1db2e204d4a6eaca3e7cee015d5fe92a830800f01375b8b9e799ac36fc76ae347a6478dad319ed9e59a21d8102ae380d8462c88d5b5bdf438b46dfec7042682ff4ac55fb9e516d1721" - ], - "measurement": 13, - "nonce": "000102030405060708090a0b0c0d0e0f", - "out_shares": [ - [ - "7e787b132dfe4dfcf9f8cab505a6133d30b7fd75f52a422d05ce25abe1b9cc5d", - "3c4dce1f874d3e6bc4e9d9162ce3ae1e01da0581055c3d83de238e22b71bed1e", - "8a69ed19cf9ccc49f2bb00c049d3153af4087218b63d6ae26ad30ca130641f50", - "cb85fedfecf35fed0451625ebf2dac37281549b3cd8798fdd12d3eca3a68a17e", - "c2c6f6086fca7b6dd59cd532e1b72bc95bedbfb4ce1dcc7cc873d989601e8a16", - "ca1724e563a6c114b58e3bf58a65c621b00ebd22074223ec8e863c418a8ec83e", - "0701d49174dab847df196325664790b6aba39c2d8ab74275b80ecc5d85c43c61" - ], - [ - "6f8784ecd201b2030607354afa59ecc2cf48028a0ad5bdd2fa31da541e463322", - "b1b231e078b2c1943b1626e9d31c51e1fe25fa7efaa3c27c21dc71dd48e41261", - "639612e6306333b60d44ff3fb62ceac50bf78de749c2951d952cf35ecf9be02f", - "227a0120130ca012fbae9da140d253c8d7eab64c327867022ed2c135c5975e01", - "2b3909f7903584922a632acd1e48d436a412404b31e23383378c26769fe17569", - "24e8db1a9c593eeb4a71c40a759a39de4ff142ddf8bddc137179c3be75713741", - "e6fe2b6e8b2547b820e69cda99b86f49545c63d27548bd8a47f133a27a3bc31e" - ] - ], - "prep_messages": [ - "d6ce08ae0327f913210f5e0701c594bf1baa15a33f6933f9b73787f73464db6a6a10f3c7e7e76a1844367d0091f16a7f090e7ed1fcc6f2a456e9e12daec41b18e08c45f8b9c5d20b02e8fecd25cb7fc05e98a6c79a1ee08da284161b3bd94d53", - "" - ], - "prep_shares": [ - [ - "b289bbdd941be53774dbb8177fd40ee4614c325d64ca211dee7268c34fd93c7855030fd22ac1db9e4760d9cd03a090b976b2b9a9bcef2e9f9affeb5cd6afe05423b5b3db766c04dc072864e1dd8b0d0fabf8b8add732c7eeff4ae5ba5fe0fc13", - "11454dd06e0b14dcac33a5ef81f085dbb95de345db9e11dcc9c41e34e58a9e72020de4f5bc268f79fcd5a3328d51dac5925bc42740d7c305bce9f5d0d7143b43bdd7911c4359ce2ffabf9aec473f72b1b39fed19c3eb189fa2393160dbf8503f" - ], - [ - "b4fe321bd55f5135b7ebfda820401ad7b7fba83b65e68b8ede4b0a566a9f5629", - "3901cde42aa0aeca48140257dfbfe528480457c49a19747121b4f5a99560a956" - ] - ], - "public_share": "dfe8ba3fa8bf0b8340a577388d7f4537bc2ed02a8b8c11e498d8ffdf6eae85c76f1c8c890ad535ba72d385b77962a0a8dbb59836381fbd9d80814b2b0d95948d11ee55bcd51bece3c27a76ad9aa132f4dfe46ee0783cdf650b6276ffda3830a7f61a859d311aa38580829ef9097c0a5032d798b8a28a17869323b84f36f0e6fe82ed6bc5bff3ae8cc4d32d25ff56e9af6da83c2943b41bb4a49555dcdc76033c31ec7098db3274261f3b50d3335fc1474e", - "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f" - } - ], - "shares": 2, - "verify_key": "000102030405060708090a0b0c0d0e0f" -} diff --git a/src/vdaf/test_vec/08/Prio3Histogram_0.json b/src/vdaf/test_vec/08/Prio3Histogram_0.json deleted file mode 100644 index b39dc2838..000000000 --- a/src/vdaf/test_vec/08/Prio3Histogram_0.json +++ /dev/null @@ -1,52 +0,0 @@ -{ - "agg_param": null, - "agg_result": [ - 0, - 0, - 1, - 0 - ], - "agg_shares": [ - "ac3ba28d7f5649e6b3932251da118acf6740508adaf7837c87cd0574c48a00ea2ba59154eff2921c69cdeb23276510d3758486d91898690c4ba0fd3e6e149956", - "55c45d7280a9b619306cddae25ee75309abfaf7525087c835c32fa8b3b75ff15d75a6eab100d6de37a3214dcd89aef2c8c7b7926e76796f3985f02c191eb66a9" - ], - "chunk_length": 2, - "length": 4, - "prep": [ - { - "input_shares": [ - "ac3ba28d7f5649e6b3932251da118acf6740508adaf7837c87cd0574c48a00ea2ba59154eff2921c69cdeb23276510d3758486d91898690c4ba0fd3e6e149956aaa0fbc70889fae40bf0b8873db6f2c2c26ef6772e0dd8d091e12a1dbe4388bbc88819a887c53a4afa8e3e35b0c00100af9000ad245790e71c322e5c252e25a25514ccc4ebeb9b9f47a98223b2d04d44f94a2cb4791ff9a056eca2a0c74ab11f08d41d917cdaa2858d372c08339c414559066eb7be61cf2b5bb36c7c598a97b19802fead02586c39b001c18b5ff36e66d9ab75d6e9c6c0c0eaae66b1014ba2645047801054acea9f87404cc2749584db303132333435363738393a3b3c3d3e3f", - "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f" - ], - "measurement": 2, - "nonce": "000102030405060708090a0b0c0d0e0f", - "out_shares": [ - [ - "ac3ba28d7f5649e6b3932251da118acf", - "6740508adaf7837c87cd0574c48a00ea", - "2ba59154eff2921c69cdeb23276510d3", - "758486d91898690c4ba0fd3e6e149956" - ], - [ - "55c45d7280a9b619306cddae25ee7530", - "9abfaf7525087c835c32fa8b3b75ff15", - "d75a6eab100d6de37a3214dcd89aef2c", - "8c7b7926e76796f3985f02c191eb66a9" - ] - ], - "prep_messages": [ - "1acd91a20b79e95050d47db9bf4b1ed5" - ], - "prep_shares": [ - [ - "aaf0cada92114681d890231d05395ea51dcf30c4fa042de2f21b10d3126976a4565c5032534c5af98418b0bf0647dddada1e47da1c608f0d03070d5baf530d1e52b4ace95d26bdc41c0bf64068880a5bcbf5ab84954e1087ff8721b600477c48bc82ef4255afbf48216c910cd76ca594", - "570f35256deeb97e0b6fdce2fac6a15a8d4d3367a586ac831119c6edeefb5ab1d4a2ad70c499a97f61b3eb86717264b1a941e67b26a189ff84bc81c89edafd3187e190bacd40bfa5813ccbd77338c7eedb90e273a045b29382cdddc5571e35de1da4a26362199818038b8624ba1ea4a9" - ] - ], - "public_share": "bc82ef4255afbf48216c910cd76ca5941da4a26362199818038b8624ba1ea4a9", - "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f" - } - ], - "shares": 2, - "verify_key": "000102030405060708090a0b0c0d0e0f" -} diff --git a/src/vdaf/test_vec/08/Prio3Histogram_1.json b/src/vdaf/test_vec/08/Prio3Histogram_1.json deleted file mode 100644 index 512b2aca9..000000000 --- a/src/vdaf/test_vec/08/Prio3Histogram_1.json +++ /dev/null @@ -1,89 +0,0 @@ -{ - "agg_param": null, - "agg_result": [ - 0, - 0, - 1, - 0, - 0, - 0, - 0, - 0, - 0, - 0, - 0 - ], - "agg_shares": [ - "6ef23fd4b5f5502e5c215848c3703c1ac06dbc83cebd2ebb78b8549c64cf10b6a709f226d0e6aadbaac7c1512dce7f44e0715547855fae84e0a1f1fe7612423940c18ce556a3754c64b46de79038603b2ffae8c57346b7a9385f34f084d8f62d8e145aab9b0f1c038ed9f7b94d82a6cc7d32743c367987da80859005285a4b2f41e62177eead51b17bae964e100bd7408688c19870104fddb90ed31a0065a92f870079891c2ccc659a2a2cf3cb424cc3", - "55c45d7280a9b619306cddae25ee75309abfaf7525087c835c32fa8b3b75ff15d75a6eab100d6de37a3214dcd89aef2c8c7b7926e76796f3985f02c191eb66a970fd5de8e08724782338a0d5e77d181f61a976f8712fccdde127760cb8056d105e3d2f6c325607ab4a9a3ce791283b3af006fd1a4aa66fbfb30ade0e81c5d226e5c8ad6b7e4bdd02db51d98a13f5cf81d7797d2adb9c59afef3378108eec9ad02f4bddb5208b11cdd02e159b36eddd76", - "3e4962b9c960f8b75772ca0817a14db5a7d293060c3a55c10e15b1d75fbbef33849b9f2d1f0ce840be052ad2f996908e951231929338bb876afe0b40f701571d51411532c8d4653b5c13f242874987a5715ca0411a8a7c78c9785503c3219cc116ae76e8319adc51ef8bcb5e20551ef994c68ea87fe00866af6f91eb56e0e1a9db50301d9306d14b8dff8f26dcff583da5fdc03cb45257731ebdb4d471aebbff4cb4a9c0c24822cd5ca6be71fdcfd5c5" - ], - "chunk_length": 3, - "length": 11, - "prep": [ - { - "input_shares": [ - "6ef23fd4b5f5502e5c215848c3703c1ac06dbc83cebd2ebb78b8549c64cf10b6a709f226d0e6aadbaac7c1512dce7f44e0715547855fae84e0a1f1fe7612423940c18ce556a3754c64b46de79038603b2ffae8c57346b7a9385f34f084d8f62d8e145aab9b0f1c038ed9f7b94d82a6cc7d32743c367987da80859005285a4b2f41e62177eead51b17bae964e100bd7408688c19870104fddb90ed31a0065a92f870079891c2ccc659a2a2cf3cb424cc31d60b4e3908aa656e527d0a66eaeaaf493bde0a7a86be4ed3145a5596fab04256c95611675891b234a939c91215ec467aa9a516cd6a9a7b8d1a4ddb91e8dbfbcc8d9a45d8792f9d56a68061809b7ef4963736c20e3cb8ce6a95e1bd84c7ae51ccb14192b3101ac85a5a3a62415fb516df685b9313b53f39bc6a74062a55435f9c35f50ffd660a6d7e0e9365128bf6d87e52358afe563bc1bdce119291c611597889d36caf3247f61821eb596b089dddaf32359b12e74260a24d816335a2bf1aa93dbd84dd31773f2795ee931187525a570589f31e66a0e0d8a92370c3458fb00b2afb3e3d98f142cf9606d47d28a75caa8b4ee730e1ff3faf0aed3a154887dceaa6dfad49582d4a560b0d6599e0cbab2b36f20b8ca497f6540ca17f69595c695c2c6e0e00956acca22c71fab529936c47ad8de0e09f39d41a3b0469edcbfea242b20cd6a4748d4075ffb9a755b297902606162636465666768696a6b6c6d6e6f", - "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f", - "303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f" - ], - "measurement": 2, - "nonce": "000102030405060708090a0b0c0d0e0f", - "out_shares": [ - [ - "6ef23fd4b5f5502e5c215848c3703c1a", - "c06dbc83cebd2ebb78b8549c64cf10b6", - "a709f226d0e6aadbaac7c1512dce7f44", - "e0715547855fae84e0a1f1fe76124239", - "40c18ce556a3754c64b46de79038603b", - "2ffae8c57346b7a9385f34f084d8f62d", - "8e145aab9b0f1c038ed9f7b94d82a6cc", - "7d32743c367987da80859005285a4b2f", - "41e62177eead51b17bae964e100bd740", - "8688c19870104fddb90ed31a0065a92f", - "870079891c2ccc659a2a2cf3cb424cc3" - ], - [ - "55c45d7280a9b619306cddae25ee7530", - "9abfaf7525087c835c32fa8b3b75ff15", - "d75a6eab100d6de37a3214dcd89aef2c", - "8c7b7926e76796f3985f02c191eb66a9", - "70fd5de8e08724782338a0d5e77d181f", - "61a976f8712fccdde127760cb8056d10", - "5e3d2f6c325607ab4a9a3ce791283b3a", - "f006fd1a4aa66fbfb30ade0e81c5d226", - "e5c8ad6b7e4bdd02db51d98a13f5cf81", - "d7797d2adb9c59afef3378108eec9ad0", - "2f4bddb5208b11cdd02e159b36eddd76" - ], - [ - "3e4962b9c960f8b75772ca0817a14db5", - "a7d293060c3a55c10e15b1d75fbbef33", - "849b9f2d1f0ce840be052ad2f996908e", - "951231929338bb876afe0b40f701571d", - "51411532c8d4653b5c13f242874987a5", - "715ca0411a8a7c78c9785503c3219cc1", - "16ae76e8319adc51ef8bcb5e20551ef9", - "94c68ea87fe00866af6f91eb56e0e1a9", - "db50301d9306d14b8dff8f26dcff583d", - "a5fdc03cb45257731ebdb4d471aebbff", - "4cb4a9c0c24822cd5ca6be71fdcfd5c5" - ] - ], - "prep_messages": [ - "1b2dc3cedc43f65731985f19081f490a" - ], - "prep_shares": [ - [ - "cd5978e237aafb0552d6f2614be379176c256bd1bb2d3fa71ec64fcf5e64b6baf5c530e6c828d5be1468539c16917e08f6cc5d754b81f6ea05ed0747377a2dbb5a731ed05a41704a11aea67a37c668810c7fbee6ef543f6a757ffa07f22a6fdc6c37173af38746dcd7ef1f2cb0f555d13b999f3ef6a282b6649c29878349c501711da5ad2a4ac3de6fccb15c803f918a", - "87cd13bcc0f7bb62542f40b8a480db80fca16e26264525b236a3664c792009277d9133d4ff0df494d18758677dbea683d9be082297301d1db87b6a345f74f07a3e268fd6e440eec02b3d4109b30d9c680c18d29df84586f30d30a2cf2419471d2b45845e9a4ba9f1c835ef577bcfa710e9d907592e678fa3a225e115cac914fde07e503edb901812725c6f25d7585fb2", - "add87361075e48973dfacce50f9caa67077de5a0a3d6e85b8b04772423132387fb2732f839d0de182c65e61553e08af6fa237248acc8e6cfad227ed43c8eed56bd3c1ae929a7c2bc1c5b47dfd2d57a56fd8f3a4f2187c7f94ae1dd203aa9e3bc20a53b7ada0b4f545e0c7a8370be163a582fb321c11446cb9f3b65dc2979f432236aba9b84dbe8182bce25a97ad12186" - ] - ], - "public_share": "711da5ad2a4ac3de6fccb15c803f918ae07e503edb901812725c6f25d7585fb2236aba9b84dbe8182bce25a97ad12186", - "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" - } - ], - "shares": 3, - "verify_key": "000102030405060708090a0b0c0d0e0f" -} diff --git a/src/vdaf/test_vec/08/Prio3SumVecField64Multiproof_0.json b/src/vdaf/test_vec/08/Prio3SumVecField64Multiproof_0.json deleted file mode 100644 index 66d8bf83c..000000000 --- a/src/vdaf/test_vec/08/Prio3SumVecField64Multiproof_0.json +++ /dev/null @@ -1,194 +0,0 @@ -{ - "agg_param": null, - "agg_result": [ - 256, - 257, - 258, - 259, - 260, - 261, - 262, - 263, - 264, - 265 - ], - "agg_shares": [ - "3ab5f614e81c3ca680120874db037b5475f32d39e5bd61aac380255effb87bc91a3681607b2e45ea793e6ded3ab0bf1a2f242b1eafbada51ebdced8705cf23f939f5a0e3b8e324fa7b497cac9bac8ab4", - "c74b09eb16e3c35982eef78b23fc84ab8e0dd2c619429e554180daa1ff468436ebca7e9f83d1ba158dc29212c44f40e5d8dcd4e14f4525ae1d241278f930dc06d00b5f1c461cdb058fb783536353754b" - ], - "bits": 8, - "chunk_length": 9, - "length": 10, - "prep": [ - { - "input_shares": [ - "84675ba0202a240351e778a3f634ddcb86b94463a2ecefd29ee209b3561dc66cde2d4b315934ebd38a0b93fe1d098606301d390222862e9336e4098f76081faaf9afe5397cdd0c524d5a39408a9b49fea00a30d91931d96dd1a06f9bba3ed54439b1bc5467100fa08ac69e874b839ec2f62d7fed81f481dfc850190b98ccc9be8db0e47f0698f242841bb15fb9e956b302e2398e7914146d73017bf2be8ef7a442037cfcf200da78021cc06549b105352fe4ef7f6803df67d742c1ed46636ff8a7e636eceb16bc3f239755d69fbaf54a4f525661e97fc71516f1d1932cfe913a924236f7dbe805c106cfad57848a22f67219a1e688107f91bc0f4df5d314709d3d5f066ddc22446fc3118232adc99470157e09af41acc22df9ab98f9285bc6d295407d211666c3a2b8d20476802b090947d5bcf6d84ad00ab5cd2523e34fb39a59f6c158f9305a1ef908db7b811d5b3ce127d28e4a2cad3b192ae7a56612608083583f8c9b5cd5155546f888e619ec16d927cdba789e86e4fc6ea6b21ff3f170b3e3974879707eb9522668b412096a94da0f82b3d8ed9eb30e286840b1f73ae504bea65da1cce1002d2ffe072e0b0fa4849413908ad4d4ea958b5071e789a1401c98e5fcc85c50642c1fe641941b1682542183f706a91f3ac2161be60b16221e9850345496f14af08f3a149997050629b14f79bc30bdb0d58cdadd2e311754fefdca1bdb18c2b9731caaf1efb89e0bab543086a404f50de5a1ea807709724d879cd5e1eda98f2e3c2905e09ffcb00754f2acb334bb61e8ba6d1a225567eb79c7afac59e74cc27a03e518529af940a0638120e4ba5f8768bc5b7607b1ba279877f1aa9748eff8c1576f6f7a503cb3bee403eb638f7917fec7a5e26f7833d209a02353607c9ef562248805f33c915c95d722b05525228e8c689fb920a1e0b67551412d8eb7cd5ef251e1ce98098c49a53d079e77c7cba555b56427111e2ac0331e731f8cb9ff510d7b7e97f44e412b2a618776b3cf81156437bfe2bd3ba97957488103c87396e335cd5810f09d7205b53c4f301fe29d5defa4dba75d371cdddb428b1fea5fef7b474416947d37390cf400e676371be452b9d206f06d85dd7460b476b194f92442ac8287c3c460468e17a740517061542cc67f614ec6b03e80e9eea78448dff6b244252b498b4e7f806abbf898508514920ad4d0cc8dcd130b47799fbd1dc76f22d118d7fd34343260b8e7a68e70a6f255babdf67507e0d2c57748fd1750e350e8a6cc1a1216c34c4b4bd6a45a855fe1a3adb373be73bf58df0e10df5ced30c2b74f855ace26dc37c030b6f26360723d5d1684aba7a99cc49c440880ac1f0a8273605f826c40540919f9261f3806e0c56ad1ee15f3c437ea616206161495b2f5cd10680ece23ea904d6747ef713ebed216eeb15776fe380a4ce0354394bf1a6cc87bea07de166a451a917f4cdf2d2a8f44aa845fcd503514eba85544a8d94e09cde74bb9d042ab3c0f8062b3db67991c6192e65d1505131b539832843c23a0f1750af52b4aa068f3f3564dc3aab2fb6a72413f91903e7b9f502ccf84e7300e4430dbe3595ca6af85f15b7d9893a185755e73137e2f53d95637806323f6095b18327eec66db8ef37859386298a1bd79f8841a4e21fd19fffe4c45ac5c698d6b0cfaaa722f94710519531fb91478de4abcb358730b59650d330e4d363c43d45ef597a3471e0c69419562b493168588c4679413ebc109460561a46c908e6c092db7d071398fe9465cdab63f9b2d86574eb0b6f12e013056cb95481fdcdc81f4962a4e655cbc3d4ee440970051f105d70cc02c1cc6ab46d92b77830b02aaf004999440b9d8ac348b4d6e589d181c5ffd5cb91f436d6800c6e8b5b0b877f8c7ac55838b23d12ededc8972e970da0539fe160d2646feff4d2d5856724975e9d924588712d9206ec73e304e05067050f35314414394a9a27c4d897381877d1e5822dcd2c8c136cca6f7c77e936bf48d11070964e1be584480fbc39c580f1720f3c7350baf9f0ac53a2562c156002ba0b82bd3db09394bd6e9118005c4c0bdcef9b974f3b81942bd3e487908e2dab1666269bc8227b32b5aa80da9ef9fde8e9f5e205ce16a772fdedb1ae6ea06129705a4235e21c7466216e91de0eca8b16f28f3d50fdd32527925d48b1cae99d36af0e9265b30d50c415b3071b98bb102124bd708582ae8a4eebea1e89bbd133cf9aee87737c27679d4732901742dbe5c4aaeb9a7f4172f384ae63665ef24575a7e049b45d9fc45a09f005bcb7d209f00e2480d3c33aa986c81abfd07217f5fdda90ecb34be605e3a1b468fbcd4d7fd36155994c30b588ea4f2db96ebc5e0e39f5e26dd5b755d092aa905807b43bc79f63f34806348a62032b120b875ef0a8cfde3d2761da9a2ea925a17b5078600197d99726503149fc9edff7be5b8acc1fcdee2c6c23a03b28e37451b456af37e5c94e36976083457cda2d0f790811bb8fb89294c534fde4fb836f83e67b2c5a7565ee51b1704ea13a8cefc70cd6c00053e58fec137a3d34da69bbc303132333435363738393a3b3c3d3e3f", - "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f" - ], - "measurement": [ - 0, - 1, - 2, - 3, - 4, - 5, - 6, - 7, - 8, - 9 - ], - "nonce": "000102030405060708090a0b0c0d0e0f", - "out_shares": [ - [ - "bee6fc06f85e6937", - "2c5bad26f3abd3c6", - "29a66468f6e975e3", - "992ab77454e8d3ed", - "0c67807528bac1f8", - "2cbf79a468e53f5e", - "14610e0a3a3e9e70", - "a99ea482569ab6fd", - "c3a635a13da16153", - "dac27e39de8e8391" - ], - [ - "431903f906a196c8", - "d6a452d90b542c39", - "da599b9708168a1c", - "6bd5488baa172c12", - "f9987f8ad6453e07", - "da40865b961ac0a1", - "f39ef1f5c4c1618f", - "5f615b7da8654902", - "4659ca5ec15e9eac", - "303d81c620717c6e" - ] - ], - "prep_messages": [ - "a592bbd7cace57212e13001b9a3ef581" - ], - "prep_shares": [ - [ - "8245b11b412c99a45090d4e4430020eddedcbb81e84ebbcee7c78db567af58bdb170d1d6730beecc1f0c8ae7261c99807c57cce927b44dc734c1139830ac2e52ceeeb849be8a757dbcb51806dfbcddf83c1ae8daf32b62079441c9d4a613ba753594af0a707c3b12f165e406786f5ba3a7d281f8c9ae83a0f2d455f67cccb6aa49f5186d1a4a26421a0415a705e31999085c10d648e8d53f2e5d7e0e6df3a525a6d7957f32b7847f3182388f8ddf6c46744b7219f9faada4aa5aa95b04495e276b8f14a30edb31071aec993e547e0afbb308b0e0255e89677cc57acd82ed0700d8837c2faed9940eb553417b04ff7c8d1114c23e29440d58444ec5e11ba7fd0c9df340b8aaa0b990c57e69c26c2d2189a29ba10388fa86eb2a163e34488104ef9407427f26a02ad1b14adade0c04e403f3f0f51b00300b39b8804a023a48f5a755dad15a0eb0dccf02513ff81fbfed64f4b0f8a1375ae581098c81dc7f0a27e5f3afc505cade0a1b39e174c1804c8e966a8df6536af35c22f1b783cfb8a8e2bc4abf3815de37d747e6be6e4ab2da41256b6d7bd0dadfa57e174196632102072f36ff659e6fde4a85bc770a816ff22efc0a4a0e853ec26596e3f1271d124b698bdf635a0e7f54f2dda165fd0d6d95d89db39b380183bcaebfdf6e6915e13fea89cda699e71b970103935ced54d5826a39", - "7fba4ee4bdd3665b859bdc168e8f2a5527749a729e703b23713b3cec5a99b8ba476c084674e94e10100ccfc02d1bb14ae7ad15272f75fbf29d1464e69f6b22651ec386ad643f06ccecebf82cacb08b6ee0ad945c8ce3629eaf100dc8d7b0e54f88114edf1fd3f68d77754f3a43714d928bfc4b57798c4fb8441634d729a3801040e8541f836ea1123373bb8402bc55ccfc9863e8dd60f4eda1ce327d5c8bd8e75b286a80cc487b806411c687b6afb8ef54bf08ae7e21c06787b92608150fb41e13a1efc2fdcff33e1c6d1d03796b3b662bd354bc1011d23e9f9c6a68a73f8164ac9e46638299c1fce017debc6ded50c0d95380eb5d69bef27ca1569efecaad1c16115b02c16ada793484f92878920ea9b15b36b3646679c2af644dadaa35197d20daed98f782566f561fdd4d11789e1c2930f473d398595e23a18b847ef71e43ac252ea5f04f23306c591c31c0f44f74238e23019072b44357afae1aed62be12a77e88f571e7e7e754cc6765ec569db6988a0a9ec28f7b42f93a80209ab4ed5eca7599cb1017b17f2e4361354285cd165969bdced5c1eb328112ca8b66420142305c72b8118e8f81ee77ba24a5ab159c8389e55af1dfdb7541c56eadb3333819943b42ff2cde52bd8452f27a37f30990abc75667bfbc6d1f128248d4e442861e1079f03dadb88b677dbc3114399e1d90" - ] - ], - "public_share": "cda699e71b970103935ced54d5826a391079f03dadb88b677dbc3114399e1d90", - "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f" - }, - { - "input_shares": [ - "85675ba0202a240351e778a3f634ddcb86b94463a2ecefd29ee209b3561dc66cde2d4b315934ebd38a0b93fe1d098606301d390222862e9336e4098f76081faaf9afe5397cdd0c524d5a39408a9b49fea00a30d91931d96dd1a06f9bba3ed54439b1bc5467100fa08ac69e874b839ec2f62d7fed81f481dfc850190b98ccc9be8eb0e47f0698f242831bb15fb9e956b302e2398e7914146d73017bf2be8ef7a442037cfcf200da78021cc06549b105352fe4ef7f6803df67d742c1ed46636ff8a7e636eceb16bc3f229755d69fbaf54a4f525661e97fc71516f1d1932cfe913a924236f7dbe805c106cfad57848a22f67219a1e688107f91bc0f4df5d314709d3e5f066ddc22446fc3118232adc99470147e09af41acc22df9ab98f9285bc6d295407d211666c3a2b8d20476802b090947d5bcf6d84ad00ab5cd2523e34fb39a59f6c158f9305a1ef908db7b811d5b3ce027d28e4a2cad3b192ae7a56612608083583f8c9b5cd5155546f888e619ec16d927cdba789e86e4fc6ea6b21ff3f170b4e3974879707eb9512668b412096a94d90f82b3d8ed9eb30e286840b1f73ae504bea65da1cce1002d2ffe072e0b0fa4849413908ad4d4ea958b5071e789a1401c98e5fcc85c50642b1fe641941b1682532183f706a91f3ac2161be60b16221e9850345496f14af08f3a149997050629b14f79bc30bdb0d58cdadd2e311754fefeca1bdb18c2b9731caaf1efb89e0bab543086a404f50de5a0ea807709724d879cd5e1eda98f2e3c2905e09ffcb00754f2acb334bb61e8ba6d1a225567eb79c7afac59e74cc27a03e518529af940a0638120e4ba5f8768bc5a7607b1ba279877f1aa9748eff8c1576f6f7a503cb3bee403eb638f7917fec7a5e26f7833d209a02353607c9ef562248805f33c915c95d722b05525228e8c689fb920a1e0b67551412d8eb7cd5ef251e1ce98098c49a53d079e77c7cba555b56427111e2ac0331e731f8cb9ff510d7b7e97f44e412b2a618776b3cf81156437bfe2bd3ba97957488103c87396e335cd5810f09d7205b53c4f301fe29d5defa4dba75d371cdddb428b1fea5fef7b474416947d37390cf4000a106de88b8888818efb044d2728453229617dc4843fc1392761fff78965916babdda8b107149e02bea37a5bac81289a878fe2b5bee9a3ab4ca33c6c49ea77927147779803920cad3a170f4808b4db2d5d60f0da38abc76647fd344705a3600ca3331de5b5246c6d4c56df8daedd094a8625e38eb3447c751a1216c34c4b4bd67fc14f923a6ede04ebb2dcf70e2c2a922cad046662ba3aceba30ec44f4e8b6f186d727228b753e014e52f5f1569b055da1a18533b93c01d961128f363fafeb4fa589dfccd76acf15aba843bdf5b8cd515871c29e2c451a1a9dce23d7be0abf22f1cc917f10483c020196268b2e344e34b9862c6f0a6ca64107de166a451a917f4cdf2d2a8f44aa845fcd503514eba85544a8d94e09cde74bb9d042ab3c0f8062b3db67991c6192e65d1505131b539832843c23a0f1750af52b4aa068f3f3564dc3aab2fb6a72413f91903e7b9f502ccf84e7300e4430dbe3595ca6af85f15b7d9893a185755e73137e2f53d95637806323f6095b18327eec66db8ef37859386298a1bd79f8841a4e9b33ed086323a861978149ae7194e77556a690656d0fadb6afcb37e99a023bc9e5450baa495fcee8f2d544a22666ee29f3e205a67369b34dd8ed503bdafaf8f90f12d9881bd6eaaf7b0a84bd321a2fc52cad096bdb3a0eca2895e869620f418efcd24055e94343b043829587dd9ffc251aad87ba00ce7c52f105d70cc02c1cc63110062213ada84c6fd848562fa67cd585226ced199c0f1b810ba4bedad060178f13204c9e5f37c542353c1252bdd8ee5807402595e2712043d035a09abf60efb1459ad49b40cb55fd3baac70ac91b95d1037c214d81374155e4c2f88eea444aa7d962ff1f8663a9b75781eb1f772a6d6e37bef1be5ceff28d11070964e1be584480fbc39c580f1720f3c7350baf9f0ac53a2562c156002ba0b82bd3db09394bd6e9118005c4c0bdcef9b974f3b81942bd3e487908e2dab1666269bc8227b32b5aa80da9ef9fde8e9f5e205ce16a772fdedb1ae6ea06129705a4235e21c7466216e91de0eca8b16f28f3d50fdd32527925d48b1cae99d36af0e9265b30d50c415b3071b98bb1021270f97a581b96080c015babf27610ce4354d691bc01bd6c1c779c22fdf693dfb324fc0fa13e6acb9cb912647ca7f41dab5f9b139193ec8342cb01634c8c7d1e52a02e5cc2d852658168c7569e220ed478ecdbe58eed21f053b37fee71c77120a89a79710abec706da86baac80dcb2cfc953b52092c00ef77405807b43bc79f63f0e5ef147b672ce93dcfeb298528f6b992b89032464a49f121342e6fc3643fa2ffc229b67788e5aada809ba1f3f5f1bb66bc26c4b1be853a24f9ed224147e76731155e8a42813aad03ac7329e144d935a6e429e0dc3f480bfd1768028b8e27452d93156ebae6e6c15c5a9ab45096f2893945fdeb6eaa0cef0303132333435363738393a3b3c3d3e3f", - "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f" - ], - "measurement": [ - 1, - 1, - 1, - 1, - 1, - 1, - 1, - 1, - 1, - 1 - ], - "nonce": "000102030405060708090a0b0c0d0e0f", - "out_shares": [ - [ - "bfe6fc06f85e6937", - "2c5bad26f3abd3c6", - "28a66468f6e975e3", - "972ab77454e8d3ed", - "0967807528bac1f8", - "28bf79a468e53f5e", - "0f610e0a3a3e9e70", - "a39ea482569ab6fd", - "bca635a13da16153", - "d2c27e39de8e8391" - ], - [ - "431903f906a196c8", - "d6a452d90b542c39", - "da599b9708168a1c", - "6bd5488baa172c12", - "f9987f8ad6453e07", - "da40865b961ac0a1", - "f39ef1f5c4c1618f", - "5f615b7da8654902", - "4659ca5ec15e9eac", - "303d81c620717c6e" - ] - ], - "prep_messages": [ - "26137f127a559a5443b56b1fb714dd11" - ], - "prep_shares": [ - [ - "8245b11b412c99a45745cc29dbbd75d7fbe8f224a7879992e35eab4309bc7528f3adb9ca7607f824dbd4d25b82ac60397c57cce927b44dc7a5afd31d39b7e97cc9ad48872e5f35d0f202a751283918507d8b836168c80755897fd2146499b4acb6608a92193b6fd68a7c961a2f049e01f574072318e187d67b31a7b113f893cffd6064db8508b08f5746d2cd24944f5a2b596c5e869d56c4706039d64be0e97fa6d7957f32b7847ff767d771ca7666ace93949f3eb48282e8263984a25113058d658fde375ceb9c18391593d915f1642b308b0e0255e896725e84711472c8d816c1d4715e49ddfacc90a7bbd5760f66893e341293e13d09e5c5fde01aac239bb4fe00aef03dd608b0ade1e9d8e1a7942adb934bdd472fadf9ce680f017f8f34945ceacdbd112c12b2e5f7361d8a4bc538ecd8d26378fb5dfa08134a4a3ffc68155dad15a0eb0dccfb1641100233e2a49cd5f3854aae14189d1167be147b48214d9648065341ffbc633bd626600904b296a8df6536af35c22cacf4a03e3d953cfb7589ad0b58f515b789bc4c0e48062b2b8803e234b714fc1f62dbb1c8497fb936a24c07fc8e3cb3d6cc44a890b8175f1d3003878168cb5247abe76dd8a4720c9b02501ff217fe128d36b5834cf23f9c8219d50b9bad2648b525909ac7501ec89db7e24cdbb98c85d9b9d8dcc54d32b1b", - "7fba4ee4bdd3665bbb22e10088f9191727749a729e703b230fed5b277447db85476c084674e94e10a423c9c3495f5c5be7ad15272f75fbf2812768a8f15215b21ec386ad643f06cc0294234879b56684e0ad945c8ce3629ee994af00e04e3ca388114edf1fd3f68d071a8a31fccef7d78bfc4b57798c4fb8c81fe7a0baac68ba40e8541f836ea112ac4b574160529c46fc9863e8dd60f4eda1ce327d5c8bd8e75b286a80cc487b80e8f34daf052185b654bf08ae7e21c067855024e1cecc414e13a1efc2fdcff33e1dfabe6aeaf699c62bd354bc1011d23e7151836d57026be9ac9e46638299c1fc5dfc2e8d0bede3a5d95380eb5d69bef2cd7c9634f2e09a5716115b02c16ada7914bdb21e9d1a1fe1b15b36b3646679c200f73fdcbae962b920daed98f782566f42648e431b9670752930f473d398595e23a18b847ef71e43ac252ea5f04f2330db0166bca9806e9c238e23019072b44365a40c2f0a9c8959a77e88f571e7e7e72c4772f359a74bd6988a0a9ec28f7b429f7b0307ed1501abca7599cb1017b17fbdf1bc1f7f62b4285969bdced5c1eb322e3c0d73fdbdc937305c72b8118e8f81ca5bd279e7f48bd98389e55af1dfdb751c34709b2adcf3a3943b42ff2cde52bd349f4126e29eda3fabc75667bfbc6d1f128248d4e442861e1079f03dadb88b677dbc3114399e1d90" - ] - ], - "public_share": "db7e24cdbb98c85d9b9d8dcc54d32b1b1079f03dadb88b677dbc3114399e1d90", - "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f" - }, - { - "input_shares": [ - "85675ba0202a240352e778a3f634ddcb87b94463a2ecefd29fe209b3561dc66cdf2d4b315934ebd38b0b93fe1d098606311d390222862e9337e4098f76081faaf9afe5397cdd0c524e5a39408a9b49fea10a30d91931d96dd2a06f9bba3ed5443ab1bc5467100fa08bc69e874b839ec2f72d7fed81f481dfc950190b98ccc9be8eb0e47f0698f242841bb15fb9e956b303e2398e7914146d74017bf2be8ef7a443037cfcf200da78031cc06549b1053530e4ef7f6803df67d842c1ed46636ff8a7e636eceb16bc3f239755d69fbaf54a50525661e97fc71517f1d1932cfe913a934236f7dbe805c107cfad57848a22f67319a1e688107f91bd0f4df5d314709d3e5f066ddc22446fc4118232adc99470157e09af41acc22dfaab98f9285bc6d296407d211666c3a2b9d20476802b090948d5bcf6d84ad00ab6cd2523e34fb39a59f6c158f9305a1efa08db7b811d5b3ce127d28e4a2cad3b1a2ae7a56612608084583f8c9b5cd5155646f888e619ec16da27cdba789e86e4fd6ea6b21ff3f170b4e3974879707eb9522668b412096a94da0f82b3d8ed9eb30f286840b1f73ae505bea65da1cce1002e2ffe072e0b0fa4859413908ad4d4ea968b5071e789a1401c98e5fcc85c50642c1fe641941b1682542183f706a91f3ac3161be60b16221e9950345496f14af0903a149997050629b24f79bc30bdb0d58ddadd2e311754fefeca1bdb18c2b9731daaf1efb89e0bab553086a404f50de5a1ea807709724d879dd5e1eda98f2e3c2a05e09ffcb00754f3acb334bb61e8ba6e1a225567eb79c7afac59e74cc27a03e618529af940a0638220e4ba5f8768bc5b7607b1ba279877f2aa9748eff8c157706f7a503cb3bee404eb638f7917fec7a6e26f7833d209a02353607c9ef562248805f33c915c95d722b05525228e8c689fb920a1e0b67551412d8eb7cd5ef251e1ce98098c49a53d079e77c7cba555b56427111e2ac0331e731f8cb9ff510d7b7e97f44e412b2a618776b3cf81156437bfe2bd3ba97957488103c87396e335cd5810f09d7205b53c4f301fe29d5defa4dba75d371cdddb428b1fea5fef7b474416947d37390cf400782c5e4340de97616dd9915d828468a5c492cf8663fad5d9926a7d32211978347a53018fe968eb6092d0ce8bdbe1dd8d9c3e66c912a27d3ae8573ceb02436af2b20650b53d34bfae3b5e5ab56a692f741c85d95c89466974e8f49ffe17757a1cbf30dc55981a4b8e9f1ec5d179afe4acefc65a62b9f726d01a1216c34c4b4bd611a55e378618cf240cd54fe7b3cf061f917bb2a383ff252e4e276e0a5e35d028b861cf44a820f1a27a25a1c1273b50698bf201206684274ac65d8fb78456f9ef64ca06b09dc81c14aa61f84f93037a0b994cd91cdca9780cfcd6b81fac38a512d6cfd20e2d525de1afcd4047626273d151e5b49b03b9fbe607de166a451a917f4cdf2d2a8f44aa845fcd503514eba85544a8d94e09cde74bb9d042ab3c0f8062b3db67991c6192e65d1505131b539832843c23a0f1750af52b4aa068f3f3564dc3aab2fb6a72413f91903e7b9f502ccf84e7300e4430dbe3595ca6af85f15b7d9893a185755e73137e2f53d95637806323f6095b18327eec66db8ef37859386298a1bd79f8841a4ecddee5d05c42bd68038fd7c4102b64ece7a7463aa6975bb19e5ec33a014b1f49d56621a66961841db5378b5b7dd43e3f02c6d7e6827592b0bf89ee897c778bf97cbb83ef54fe51915dfe7e53fb5418ef0a4edc7eb343df486e82d0b745becd36f99f7f06ad4d706ed9a04502e9e4123b61ff047e879114dbf105d70cc02c1cc6ff640d5a198e934503cbba3f900f005ff420b618e11361209278186d74887c979ef209507f5d81907fd3f558fb4e88d94a246ee484d692bd5c349851f842ceef449cef6d621864741b48af31428e326bf362a90d757866c20ff7daaaab3bb8a1aa0c244e5c7c36eb2139d1701432145827e5402e3899576a8d11070964e1be584480fbc39c580f1720f3c7350baf9f0ac53a2562c156002ba0b82bd3db09394bd6e9118005c4c0bdcef9b974f3b81942bd3e487908e2dab1666269bc8227b32b5aa80da9ef9fde8e9f5e205ce16a772fdedb1ae6ea06129705a4235e21c7466216e91de0eca8b16f28f3d50fdd32527925d48b1cae99d36af0e9265b30d50c415b3071b98bb10212e05054a121686fb1f2e6900da739cb1238b22541dd4007169803a2aa12eca9afa75495a34d5bda049b6ad0d7e37bbbc800cb09d5de0d468fc0c6727c41afe7f4468f989eaa8469a19daa242583e0084a63c01db31f475929991d6a10ce7f2bf3a2d3da35f1ae8f19ff052e548ad8553146c00409ebcb0b6d05807b43bc79f63f9f0618ffaea067eeeb72cd7d22666eca47ad6f9f88200519f2da664f1beb2f3478ca15656a9d4b45c6b14dc402d87d98ca927607d0c691555bd9c2f45d4cadd06bf4abc856e1a5b005e46417b47a5e89f75d66e990cf17eaebd8048ab1d46907d1d7ecbf7b87e3d54b5e2a725c49a22ba154fa3fc0e3b9f8303132333435363738393a3b3c3d3e3f", - "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f" - ], - "measurement": [ - 255, - 255, - 255, - 255, - 255, - 255, - 255, - 255, - 255, - 255 - ], - "nonce": "000102030405060708090a0b0c0d0e0f", - "out_shares": [ - [ - "bde7fc06f85e6937", - "2a5cad26f3abd3c6", - "26a76468f6e975e3", - "952bb77454e8d3ed", - "0768807528bac1f8", - "26c079a468e53f5e", - "0d620e0a3a3e9e70", - "a19fa482569ab6fd", - "baa735a13da16153", - "d0c37e39de8e8391" - ], - [ - "431903f906a196c8", - "d6a452d90b542c39", - "da599b9708168a1c", - "6bd5488baa172c12", - "f9987f8ad6453e07", - "da40865b961ac0a1", - "f39ef1f5c4c1618f", - "5f615b7da8654902", - "4659ca5ec15e9eac", - "303d81c620717c6e" - ] - ], - "prep_messages": [ - "ad711812f6aeb0d46346895b11ad7f65" - ], - "prep_shares": [ - [ - "8245b11b412c99a420de13b25d8bd954746fcef4fb8f64b88784cfcc01f608a9970a97a9ab80e4078ab0421a19bfcb37ca2b75c8e47922a72662d68676b8ee39cbbbaec8571cfd0be94cad25818caf9fb2c7ce5eed6f02c63eb51a236eb60a6938a2154c9839034e2ebf0f21f766f52f16d0ae05b240eba6d035cbdbeace260106f88536fb32274f3a569b314d9d76b3a4df472edba521ea030c79951406a7dca6d7957f32b7847fd0cf83c1b372d3a776cc9bdd6fd0064b147a6539db75fe61dad4d1e1bcb37e1bea481a644cd9375998c950e5c9fb9a82e354fcb5a6e4d52a518089b91974b2bb0d216c09535d5a790d479221396490a7c65a19e5e799f47c8256835ce0768c9f49cf0533beb54770a4713934375ca9f539d24a75c4e8c6924ff00125b74ab8e691a43132b15cfe9e1b60e010bb1694fc23a4a3e6c645179855dad15a0eb0dccf4a141e276ca03c7609d174ad502fedd57c9ba47303ba6a9698f9d5aa20a1a9cdaada76eb042e8fb3a69cc0fc39415185c43e5b3802c42fe5f6a46e247098344c3d1191968fd4fc02258178bb7afd3d0230c0dfca4a2496e5754b3af229e72d769d0330481bdd7d2951309df83c4e366898b85b7967a634dbc370295cb05736a78b78752652e548b05d0e8d12612010d8dd21edc30a177e12a76a70f943da98d193f950dc84ee7398", - "7fba4ee4bdd3665ba0be4b21c5149b8a27749a729e703b23e03bda969ec78fa8476c084674e94e1039f233470df9be27e7ad15272f75fbf2574f74acf7d5bad71ec386ad643f06cc71c8b467c0b8e4b7e0ad945c8ce3629e87df5bba961b752f88114edf1fd3f68d4cafa0a881842d4d8bfc4b57798c4fb84156f42203be962c40e8541f836ea112df59e19f11da845efc9863e8dd60f4eda1ce327d5c8bd8e75b286a80cc487b80229aaab5c26f1a7554bf08ae7e21c067c83afa5f6885e51f13a1efc2fdcff33e431acf9ce425cd132bd354bc1011d23e5835cd74aff8ebfaac9e46638299c1fc68f7ac8d9aa6089cd95380eb5d69bef2682d9021fa46733016115b02c16ada79cecaa9c6916dcb7cb15b36b3646679c2b23c32b74eaaa72120daed98f782566f3f74fce2367be8142930f473d398595e23a18b847ef71e43ac252ea5f04f2330207802fad3d1a19e238e23019072b443c2ee743fb71300faa77e88f571e7e7e7f05416e2953e0caa988a0a9ec28f7b42c19bb9377bf225aaca7599cb1017b17f01b9ab6ebcbf3fb05969bdced5c1eb3239bfedfa18145539305c72b8118e8f81c183d1a5d6ec7bdc8389e55af1dfdb75779a2130577ef1e4943b42ff2cde52bd5a9ed7fb2b39e6a2abc75667bfbc6d1f128248d4e442861e1079f03dadb88b677dbc3114399e1d90" - ] - ], - "public_share": "a76a70f943da98d193f950dc84ee73981079f03dadb88b677dbc3114399e1d90", - "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f" - } - ], - "shares": 2, - "verify_key": "000102030405060708090a0b0c0d0e0f" -} diff --git a/src/vdaf/test_vec/08/Prio3SumVecField64Multiproof_1.json b/src/vdaf/test_vec/08/Prio3SumVecField64Multiproof_1.json deleted file mode 100644 index 992c9190e..000000000 --- a/src/vdaf/test_vec/08/Prio3SumVecField64Multiproof_1.json +++ /dev/null @@ -1,146 +0,0 @@ -{ - "agg_param": null, - "agg_result": [ - 45328, - 76286, - 26980 - ], - "agg_shares": [ - "6ee48f3c5c11f4940059a219a8a6b54bc3e082cdf010183d", - "1ccdf7e24d07c0de584e52a1f141e5d9065741327b960a56", - "88ff78e053e74b8ca8820c45641765da9c313c009358dd6c" - ], - "bits": 16, - "chunk_length": 7, - "length": 3, - "prep": [ - { - "input_shares": [ - "bf36e204aa90c8abd6312db8f42b1d99415e084891e9a31b9101ad665d8d5a50b69af7526fd6e5d28331f220cf6acb6a5651e0e3ca379cbb0d0531ce361ba3dfd9936b8e36a0b0d67236b6d4ba2956c3542e950e392dac9e173546eb5ad5518db7be670db7abff423e9cd7966058d2edb37898c30c4be58f22feeb42f5d9f1b38171bc195f364372d6d11e4c5b09320cdcb28b01c545aa03ceb1e48d3e4860de81e2f9a3dec1cc0e13cf4634101989d3746f162812733d62607393c80e8bad7673868c2f4f6c092e81efa6a8647335b0924f64218525cab00a4044111ff8ef913f01297483b877db8b247313181d5476b7e512b2c55c41d1c770f04da2abf9233dc15580605d1915ff3c18712181260ad507679f6218857a0fee551526525fb3da415df7d5e7d92c569e91c2cd9266e64a0494cdadb03f1ee10ae7e7966f518ef8e621b70cd63a419ceae6873166f2bfedca804b97f9ca55638058cf8dae6c53b31f03169b562f64ca176d020493b6f4543bc76e3cfffb102fd2c9c322dff7eb044b0569148d317820d52ee0bc6325bf1c58dcbb783986d59ba935304bafa007a8cdd283eb6118e2d0e660037d929d404467594d7890b073b1036092bd64914fe62c4bb103c4d158e118d78d439f63c21ad38cf30b2c087f2cbc95ff685927573d4aec2ff77c8223b41d2e86c6aba47caadd80e30d428b015ab5080186eb86938915c69a7da4eb865963601486eb49e7a353968a3ba321d3f3fa882b33c6a383fb1ec8e5560001b78dd78ad31165820842b4408cc37be152bb44774571f935e031dfc495546a4d6be4ccd94f9c2567ced62cffbee95233c639c4fb7375902f6cca8b092d0ad6b8ce44f5ab3367acec355ff7a9553ec20b552f2d24709b10ddd51c564f590cdb27e67476eb5f0709986798b5e517b561c04487b1fa6254342c1a4a3db5adb273d63490e178ed63239d68e88daef1c53840fc80259b06f124b013158984a0abbd1e0d9a08687bdd1a4d14685205174d0df62e8735fbec670127fb84edbeee5ccc887e0ed5d5c0b974c1b9e15b0023800b5cbd5d64ff357b99f32706efa465583281881a9015c3d7dc352d7c2f1c01ca7d5e0ce0dcaf9b27215809d67d0ccc943814c522c30697efa080f2420dba9c30ca23b295db673b2a1ee9660dd33faaad8f59605ee42860d024f836991e9bc3d44a45b07e1f5d83d602c0147e1bfe2be548ccaa3f7bbfde1a9d8cf2ddfbe3044c57bd0e693dd2bb6accc52379ffe28c6f36e1d39f6ff9e0ae2ed47e2d656312cedc25ffcb398f9a64d84da560a79f9d83f8468321fefcee7093c04d2d81627c5449604a05cacc7cb269237a9555643473076c0b635ae51fd9ab2f6ff12ee81150e0570d28b2251821f9bb6324cdd16a8bc3223fa3597ba3be7af845683106804fc7a0a793a65af3c98ab22a896eddfb2210e6c9424db92f557b6afa09f341305fb78f8bf0aa9df49610cf56d03918175bc74100769b3d67c71c507db22819a30630fb5d606162636465666768696a6b6c6d6e6f", - "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f", - "303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f" - ], - "measurement": [ - 10000, - 32000, - 9 - ], - "nonce": "000102030405060708090a0b0c0d0e0f", - "out_shares": [ - [ - "dae22f1474b0a631", - "563736b3e28c3c19", - "297d2bef4fb0b269" - ], - [ - "0aefa74b19adeaf4", - "c8c470e0a5c0a148", - "5872c010d3dc58c7" - ], - [ - "2e5528a070a26ed9", - "e380596c76b2219e", - "8a101400db72f4ce" - ] - ], - "prep_messages": [ - "72a19a31cbfafa41d0899a76bdd30605" - ], - "prep_shares": [ - [ - "771c8f6387a3ed1b617fb5d4baed0c28293e3290b878895b3d257679809abe49320d63ff395f119d3de615e82fe566a158337e12d9e0a71c22edb4d1763c46a5cd34e39438df96e61415cf0ca9c1f68b3cd5ec146a115727e461344bcc48b78ca71f7ee2b30b918ca6497cbaab9c16e47634c702bdbb25ca34aa3e677a51aef62b6ea4448308d7d7b6d4eb52d20b2a79528fc82b420190461ca5c99670ca690cb022f4994cd1237405b3217ba21df44d30dfc4eb27af52879a67b0a11238dd3080feb002ffc347a565381f637191fce60c39e07d48b2d9cbacdf28b98807ebfe33d883a5dc6f60871e5bf21b19519524518be6b58a718b38541d8bf5909aca0161392310f93736e52b754a151ffdaf505eeafbd8d632524c0f4727eee1fcd8de9f39b82d5fe084d6bc57b3117cf3d070860437499555ff0441b1377822cf1c867814e838f3028db45283064e9e5e40ba192e75f8ba5ee8c88733f18e1be762c067a01f68959db2c33524b18c29261d1a57d49ce564a03863a58fbaa68fd61c0e2a35a8146ae85a5011ca7b8f57301712", - "691e9c15045ecf2c7561230b8b643ede4f218a2b78173886f4eea2d0da850f7aea724353a05c72e84351bc0c408599b04be33024b9c22b9d429610e2ebcbdfb47f365f5233eeaecd7e0d10e89d4469ae140f0cb204e457cc3c8eb986c8fa8bc1e878f60d8ee03c40217f4fb21416975ae05613bfb9c49744cc8646e661441bd0b6a7e1407fa26545230d9ff9f1f37dce56fbdd983d3081deed6712804b7a75cc7c7aa88c6f1f7bded45a2fcf6c3a8928779fac5565b4d1401e4f46f91861a2d2df5869f0c2e2a561be8d4e76c1121e532bface962b758f61b85f332f13d708be75c866c7939c0af12d44765c8a56be4a1e9cf84375f0ef8d2876b68ab9a83646306108a06a527e8e4a503ead667eecccfacdd5e1e6a0fcc0a97c286c07dca02bc9ae2f427898ff859f8d9c33ce01a9c9d9e3352ce9d471c510d5c2c68459caafd75730b7a4eaacf70d1dbc2fdbdb3ee530817a3fd90ebdeddcbd9650df2fc4c739f4ee069a85f0c691888c6d2ba56b7dbbae457ef58e4ec6a130ac61bcd4178e9f5e42f1c229a3136646c99bc28d37e4", - "21c5d48673fe42b7f1f41fe9c2f06150f3ef19a3466b2c1de4538a28c1784359845a240e796bee980396d1d82423ffb81b04eda362709ef85f0991f4dc80a9aba20cc8698635ece7f2eaeaa52c4a4e5d6cd05776c2766fc46d68c216d3d3a876edca8ffdc48fbfb5c05fd7d2973bd122c61c31465e3bb51b416fadcea4ee3b8921ea797afb54c3e236e4889e6eaeb02ba8060140d180a469eaf37ead94c7adb435fe324074b408c89c4d34f6538b2e9f6684773d805674357ff70fd89cd60691b36ce6bb2c9d7ff09bbd3da037ff754421aed7c603d6bc71a7fcaf033e4bcb959b88992427a8d54e0afca8d051277839011f153123626b740ec1db70844ed9047165d44f9a754b8c5bcdc9c91e9c31c606a327e4db663adbdf68716fa9d9431861b09fe5ca1157ea40a486384849327aca6000db51a45287d6103c6c237f0c4069c5931e7968d305425dbf520f68ae3e3f8217acfc69f0ea5723739e0f63aea65dd621d98ccbbd8a6168667a86d7f67fb5f6047bab4de7f76110b167ccf7a8bbf87e42b805b8a739fc690a9ef1beb9b1" - ] - ], - "public_share": "2a35a8146ae85a5011ca7b8f573017129f5e42f1c229a3136646c99bc28d37e4f87e42b805b8a739fc690a9ef1beb9b1", - "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" - }, - { - "input_shares": [ - "bf36e204aa90c8abd7312db8f42b1d99425e084891e9a31b9201ad665d8d5a50b59af7526fd6e5d28331f220cf6acb6a5651e0e3ca379cbb0e0531ce361ba3dfd9936b8e36a0b0d67236b6d4ba2956c3532e950e392dac9e183546eb5ad5518db7be670db7abff423d9cd7966058d2edb47898c30c4be58f22feeb42f5d9f1b38271bc195f364372d7d11e4c5b09320cddb28b01c545aa03cfb1e48d3e4860de82e2f9a3dec1cc0e13cf4634101989d3746f162812733d62617393c80e8bad7672868c2f4f6c092e81efa6a8647335b0924f64218525cab00a4044111ff8ef913e01297483b877db8a247313181d5476b7e512b2c55c41d1c770f04da2abf9233dc15580605d1915ff3c18712181260ad607679f6218857a0eee551526525fb3db415df7d5e7d92c579e91c2cd9266e64b0494cdadb03f1ee20ae7e7966f518ef9e621b70cd63a419deae6873166f2bfedca804b97f9ca55648058cf8dae6c53b31f03169b562f64ca176d020493b6f4543bc76e3cfffb102fd2c9c322dff7eb044b0569148d317820d52ee0bc6325bf1c58dcbb783986d59ba935304bafa007a8cdd283eb6118e2d0e660037d929d404467594d7890b073b1036092bd64914fe62c4bb103c4d158e118d78d439f63c21ad38cf30b2c087f2cbc95ff685927573d4aec2ff77c8223b41d2e86c6aba47c716973c5f4a1aa4efa7dd097936e3abff95fd45956cac0b5f5575ab25ca58d1933172a0ff2255854db3b3066322cfbf8eff50aea0c19a8368dd78ad3116582087b284eaadc1bc2051b7cafae637682b4c194b6d67b44783c47d8dfb1c66b239c45696b3a34d0fc4452835439752ad8f6d5b4c62855bd114f44f5ab3367acec355ff7a9553ec20b552f2d24709b10ddd51c564f590cdb27e67476eb5f0709986798b5e517b561c04487b1fa6254342c1a4a3db5adb273d63490e178ed63239d68e88daef1c53840fc80259b06f124b013158984a0abbd1e0d9a08687bdd1a4d14685205174d0df62e8b15ec62a930c9f0aa29346848087fb92e3dbb65d5ac32ffab3131d5b63afd6c4c50e296d7d94e5037f5cf462b4a4a7b11cd2b3b736992537c2f1c01ca7d5e0cdcfcbe25e6f1b513b0419752a9fc1d8a025b21f2d3680fad773789eafa9a8202a6ef84dacddd8d3edccc14c9da77906d67a712e834989b10991e9bc3d44a45b07e1f5d83d602c0147e1bfe2be548ccaa3f7bbfde1a9d8cf2ddfbe3044c57bd0e693dd2bb6accc52379ffe28c6f36e1d39f6ff9e0ae2ed47e2d656312cedc25ffcb398f9a64d84da560a79f9d83f8468321fefcee7093c04d2d81627c5449604a05cacc7cb269237ad0206d56a0522e2e44682e230e8a95a1892d7ca0d240bdf7b013ff7af3aef6ede73cbe78f974edcdaededaf419e3bdf38f160897a873d9ec93a65af3c98ab22a4ea3d4d9f5c423a7613f702c209d04c872f4ada1db562aa16949c491c35a94cc0eca2b09ec1577716c16de156bb48acf8b43178cad83c218606162636465666768696a6b6c6d6e6f", - "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f", - "303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f" - ], - "measurement": [ - 19342, - 19615, - 3061 - ], - "nonce": "000102030405060708090a0b0c0d0e0f", - "out_shares": [ - [ - "5807301474b0a631", - "f50636b3e28c3c19", - "15892bef4fb0b269" - ], - [ - "0aefa74b19adeaf4", - "c8c470e0a5c0a148", - "5872c010d3dc58c7" - ], - [ - "2e5528a070a26ed9", - "e380596c76b2219e", - "8a101400db72f4ce" - ] - ], - "prep_messages": [ - "34cd960edc6673ba6e4a19487309b3ac" - ], - "prep_shares": [ - [ - "771c8f6387a3ed1b8fb4cc4a036831ba6a48d958da854e8a25f8ec7374e0423f1d249fdc9d18b23564bfa5dd8e0b090f744b7870e5e964655b406c3390ee55694ba665f4acc1ce95290a416dfcc8a1ba5593c99b58805f6724bb2082b02a1115894221bc778a6d2a78d79d40849b450825c58e3a1ebd838f2fbfca1696daad2c2b6ea4448308d7d71365ba971aba6ea9437e377def77ce9c390f1437fe6b83c3d2d01ea7245349ddef41ac44b6457d053ca5d94a0f567a32b022cc7217b9301d72d2be70be55c228fa7551127cf3f46ca870532a97ebf77393ecd34f5c638d53bc0f850cdbef3e640aad6a2c1d448e7387da2a5c5e0898641ca018f616f09f3c61392310f93736e573cb06363839b11860456716dfd71963d6ff8cffce4460dd8ddabe9d8706e5c739b344a3c5a5d3197ef46b802a9b4064927407bdfe3baf4f76a37908dea2e3811fe11f14f78a97b4ebf8a1999143856e085289cdee01af61b1989ab5031abc0921424637a1690929d2d1404793fc197f5dd2962f1250c36658d04a794aad122fd1b16a0b56ca15c3", - "691e9c15045ecf2c77b0ca2d5b70d24c4f218a2b781738868b8de3e409329521ea724353a05c72e8ac8f0e6fb98ea4384be33024b9c22b9da0a51855497510e07f365f5233eeaecdebe3ff91d226105e140f0cb204e457ccb15eebbf47bf9238e878f60d8ee03c4085834677caaaf360e05613bfb9c49744cc8646e661441bd0b6a7e1407fa265458a1bbb1bfc0786d256fbdd983d3081ded96327e5d556aa237c7aa88c6f1f7bdea28745a707c90119779fac5565b4d14031ef49812e6ca7f5df5869f0c2e2a561968cb62f49e777402bface962b758f612c66793cdc78706d75c866c7939c0af126bb747cdd41a1531e9cf84375f0ef8d2876b68ab9a83646306108a06a527e8ed776187ceec45bccfacdd5e1e6a0fcc0eb3968681793a8e2c9ae2f427898ff852fa8692dc838df40d9e3352ce9d471c5615b4b9a6dcdf96ad75730b7a4eaacf72d32c60c09684fa630817a3fd90ebdedf35cac8ea0766b7b39f4ee069a85f0c640301e994e403e75bbae457ef58e4ec6a130ac61bcd4178e9f5e42f1c229a3136646c99bc28d37e4", - "21c5d48673fe42b7e505df396585a473f3ef19a3466b2c1d34a0e81d3b34d065845a240e796bee98c0d403c7d84f40d91b04eda362709ef8ec92097b8e0bfe8ba20cc8698635ece7bd8ea207d19ac2a16cd05776c2766fc4c8a47a7a3bc55cb8edca8ffdc48fbfb538010bd0f395cfafc61c31465e3bb51b416fadcea4ee3b8921ea797afb54c3e22e88c22e548d7cbaa8060140d180a469d89f2e8f9af96ad535fe324074b408c8d1f3ce0af81714986684773d805674358838ac1a50c89ad7b36ce6bb2c9d7ff0ae3f6fa5be5171b121aed7c603d6bc7189652916c6d7ab209b88992427a8d54e501fda10de933512011f153123626b740ec1db70844ed9047165d44f9a754b8cbabc91030dd4ca1506a327e4db663adb64e83b0247de755f61b09fe5ca1157eaf962a6ae440430efca6000db51a45287ddf7d51cad5dc1a769c5931e7968d3055c489fb368340ebd3f8217acfc69f0eaf92942332b08b2a95dd621d98ccbbd8a40693360475f44c9b5f6047bab4de7f76110b167ccf7a8bbf87e42b805b8a739fc690a9ef1beb9b1" - ] - ], - "public_share": "58d04a794aad122fd1b16a0b56ca15c39f5e42f1c229a3136646c99bc28d37e4f87e42b805b8a739fc690a9ef1beb9b1", - "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" - }, - { - "input_shares": [ - "bf36e204aa90c8abd7312db8f42b1d99415e084891e9a31b9101ad665d8d5a50b69af7526fd6e5d28431f220cf6acb6a5751e0e3ca379cbb0d0531ce361ba3dfd8936b8e36a0b0d67236b6d4ba2956c3542e950e392dac9e183546eb5ad5518db8be670db7abff423e9cd7966058d2edb37898c30c4be58f22feeb42f5d9f1b38271bc195f364372d7d11e4c5b09320cddb28b01c545aa03cfb1e48d3e4860de82e2f9a3dec1cc0e13cf4634101989d3756f162812733d62607393c80e8bad7672868c2f4f6c092e81efa6a8647335b0914f64218525cab0094044111ff8ef913e01297483b877db8b247313181d5476b7e512b2c55c41d1c770f04da2abf9233cc15580605d1915003d18712181260ad607679f6218857a0eee551526525fb3da415df7d5e7d92c579e91c2cd9266e64b0494cdadb03f1ee10ae7e7966f518ef9e621b70cd63a419ceae6873166f2bfeeca804b97f9ca55648058cf8dae6c53b41f03169b562f64ca176d020493b6f4553bc76e3cfffb102fd2c9c322dff7eb044b0569148d317820d52ee0bc6325bf1c58dcbb783986d59ba935304bafa007a8cdd283eb6118e2d0e660037d929d404467594d7890b073b1036092bd64914fe62c4bb103c4d158e118d78d439f63c21ad38cf30b2c087f2cbc95ff685927573d4aec2ff77c8223b41d2e86c6aba47cb3c3ce3fb02fd211fa973e204f5b087047f860bd7a88389f9191e9ce7180dc68c617478737ed0ae1332f909d9b44fdbe29a7d997d8b13f6f8dd78ad31165820839cef22f218e9a421a624126a989b40373fc297357860053ab9e5095b190d44cb3684ec2ed084ab8f98ff4010d12d6309b03f87a89247a1644f5ab3367acec355ff7a9553ec20b552f2d24709b10ddd51c564f590cdb27e67476eb5f0709986798b5e517b561c04487b1fa6254342c1a4a3db5adb273d63490e178ed63239d68e88daef1c53840fc80259b06f124b013158984a0abbd1e0d9a08687bdd1a4d14685205174d0df62e000fa11da6b617d6fc6942a447b41afda49def2b2f1c12e6a192815b19624d2df546362ece9600cbcec38aee7df7b45f4f748be7d0121ddb7c2f1c01ca7d5e0c67030a6be96b672e5e018916aa5082468cfaec2b7af92fc681d6386498733242fef83043d620dcc345fe592188ca25892a00b33bd6ee1089991e9bc3d44a45b07e1f5d83d602c0147e1bfe2be548ccaa3f7bbfde1a9d8cf2ddfbe3044c57bd0e693dd2bb6accc52379ffe28c6f36e1d39f6ff9e0ae2ed47e2d656312cedc25ffcb398f9a64d84da560a79f9d83f8468321fefcee7093c04d2d81627c5449604a05cacc7cb269237a5e8109dfa4fae5a5f8a04b019a215e130495584b95bc48e542c24a22052708e04557fc7d97e247a484d5da3e4c3ef0d25ec9d4975349876d93a65af3c98ab22ac0423851f11c6c2fac06534e95053c56f78cd1f618db9eb3d79a78eab1e282dab0afed034ea81c9b961fdecb385958f0bc904a8b02ae1498606162636465666768696a6b6c6d6e6f", - "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f", - "303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f" - ], - "measurement": [ - 15986, - 24671, - 23910 - ], - "nonce": "000102030405060708090a0b0c0d0e0f", - "out_shares": [ - [ - "3cfa2f1474b0a631", - "b51a36b3e28c3c19", - "86da2bef4fb0b269" - ], - [ - "0aefa74b19adeaf4", - "c8c470e0a5c0a148", - "5872c010d3dc58c7" - ], - [ - "2e5528a070a26ed9", - "e380596c76b2219e", - "8a101400db72f4ce" - ] - ], - "prep_messages": [ - "486d616ca58bbfda75a5018a5dfe68cd" - ], - "prep_shares": [ - [ - "771c8f6387a3ed1bc8b708403a0e4f0434cb2603f3642c4ef2655ff5002b2033add23eaedd4fe105b2b7890ad8e72c04bfa04f7b4694077904d2ad6738fbe0a281419fa1d8b1fa377762c626ac89182e6cff2dc6b74a6ab81622768b9fe91748b86d21ceb6db05651685432dcb0e194adb325530edc53bfeac0b6397cd14b3bb2b6ea4448308d7d70d50f711ca0ebeb288e1111ea69e1e38673b9b9a80d78ebd8cb3bb2eaca5e29e1db852ff152bcd0925447e79e6870bccf08d1f411363835e86d230b60d0f02f470ec93c4b9cdc682deed2e61f47aaba5748b5ee5f8ca0e0d0b45e1f04d1a377c839474fb0daafad0a034180c75774406a08a8a395c915f2e61392310f93736e54591aba7391072c34c92998d4c0c30e45ee813600b5e313d752a2c5e915e270a6742bef16c9644f16b29a0f081441fc5e6ad5122f6ac4ca2fe752b5c460b77e1feb2320ec218581bc001c20d16727b069fce7009a2f5e339e4ce7685a455e485aa1a3681286762e35883cc712b9f09199f11ce2084c17b8089ed3a7c59d026d0ee92d4653dd160b8", - "691e9c15045ecf2cfb52633a6e932e4e4f218a2b78173886cad2ca03e2fb6b75ea724353a05c72e80ebb9eefc04494594be33024b9c22b9d988a3a06d8f3377d7f365f5233eeaecd0022765f1cd375cc140f0cb204e457cc192af0d3cc5a4aa3e878f60d8ee03c4077ad5c8aae9c74a8e05613bfb9c49744cc8646e661441bd0b6a7e1407fa26545e4fb350ae09da91f56fbdd983d3081de2b1a113ba22675c77c7aa88c6f1f7bde7fb25fc1c798ae5a779fac5565b4d1402b349dca2598b005df5869f0c2e2a561775a55bc7b9e60d62bface962b758f611a9676e3e4c7cd8575c866c7939c0af10ed26f86f81e5f6a1e9cf84375f0ef8d2876b68ab9a83646306108a06a527e8eaee841f697acf207facdd5e1e6a0fcc069fddf30de65bdcbc9ae2f427898ff85d1e01bbb2cf68a18d9e3352ce9d471c5278eed7a5ca661b1d75730b7a4eaacf711a74aa635c1ab6130817a3fd90ebded2410fbeccbc5a3ec39f4ee069a85f0c68c68e95450460673bbae457ef58e4ec6a130ac61bcd4178e9f5e42f1c229a3136646c99bc28d37e4", - "21c5d48673fe42b73e75591d735998a9f3ef19a3466b2c1d90c818c5d2700a4e845a240e796bee9808b07b541b6ded311b04eda362709ef89892402cb6194f18a20cc8698635ece7636a88eb729af70f6cd05776c2766fc492df7c0ee2d423b9edca8ffdc48fbfb5afb2a1fe55817129c61c31465e3bb51b416fadcea4ee3b8921ea797afb54c3e29a3ec67d0163d69aa8060140d180a469444bdd8a47ffd5f235fe324074b408c87b964df176c59ea36684773d80567435a9d4f6258bb8eb93b36ce6bb2c9d7ff0e45268dcea82bb4f21aed7c603d6bc71b6aef0c8fa2acb629b88992427a8d54ea622d2b4cf78cd42011f153123626b740ec1db70844ed9047165d44f9a754b8c681050fcd35064fc06a327e4db663adb373148e24879b0a361b09fe5ca1157eac9ca5ffcb175f41eca6000db51a452879782a7db483f721469c5931e7968d3054ecff913d18ed3273f8217acfc69f0ea68370310c6e2a5315dd621d98ccbbd8a9893af639b3b0da1b5f6047bab4de7f76110b167ccf7a8bbf87e42b805b8a739fc690a9ef1beb9b1" - ] - ], - "public_share": "89ed3a7c59d026d0ee92d4653dd160b89f5e42f1c229a3136646c99bc28d37e4f87e42b805b8a739fc690a9ef1beb9b1", - "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" - } - ], - "shares": 3, - "verify_key": "000102030405060708090a0b0c0d0e0f" -} diff --git a/src/vdaf/test_vec/08/Prio3SumVec_0.json b/src/vdaf/test_vec/08/Prio3SumVec_0.json deleted file mode 100644 index f18f47d50..000000000 --- a/src/vdaf/test_vec/08/Prio3SumVec_0.json +++ /dev/null @@ -1,194 +0,0 @@ -{ - "agg_param": null, - "agg_result": [ - 256, - 257, - 258, - 259, - 260, - 261, - 262, - 263, - 264, - 265 - ], - "agg_shares": [ - "b43a2f79240602a73fafe498f4596524e2d16ccd2a68978aa0fc3b08cb757afa0e634bcf86a6f9f6066716d8d6ff6fc5d8323c1f04aa8b08948ef2e9e7a7a10e3be55e452c536f004da7d3502d93f9ef835b59067c8de2bec68afff55e15d4923cdab73e57ea28b90b70d15dc110dac2ab8c34f509842b025606222ee32ce920b14cc3ccabdfc4f1f743b9ef3ca0c2b5bd715085b0d76c95daeecfad16278bb6", - "4dc6d086dbf9fd58a4501b670ba69adb202f9332d59768754303c4f7348a8505f59db43079590609dd98e9272900903a2ccec3e0fb5574f74f710d1618585ef1ca1ba1bad3ac90ff96582cafd26c061083a5a6f983721d411d75000aa1ea2b6dcb2648c1a815d746d88f2ea23eef253d5d74cb0af67bd4fd8df9ddd11cd316df58b43c3354203b0eecbb4610c35f3d4a4d8faf7a4f28936a09113052e9d87449" - ], - "bits": 8, - "chunk_length": 9, - "length": 10, - "prep": [ - { - "input_shares": [ - "43118698b73a59751812aa20a73ae412766ef3c4c7559adaf4f08d6d73fbe01849ac4f0da41a26f10b1709d08f56da39953a74ee5cca941b880a5857b143cdeb7065b4b8f6b13b474040cd9e5307fd42850c79e49dc4808a8bf2d976223522179142c2cce38fce9218a371029ac88597283e246464233e9d7cf7048bbe3d18d369dfb8d462dddbe94e33f7ebc07bf0cbe8ecf9e42a156f1fd2b6c434eb62813c0929e78c86cf9bcfad5d54287598c986364fcb6fbbfa0db79dc0f4c1dbaebed54201c88b9e1f93a7fcabc0137d2b6c8ec6f423d7aeeced8f7dbd4c64e7ed595b6e5d76034a16c5686a8982397ef1e882232a95e11e7377d5b758015b716472c4dfaa9021bf2f861e18507f7f8435b55a4a3c8f7357e245596c08975169be3fdf4f2bc8600e680b9013f52b67000959ce3a588caaabdedb7d6201210902695051d808571846039dc672be3d2a7d2d25137baf47f5b71d1d907c9db4d3c20045cb32bdcf9c0094bce467da04ed90e885c9e0765a41d98cc0cc454d1d97efe2255eed21c3b2297d9d0717f8d46d1a016ab89afabd89620aa6090d21ad7226d173f23cbdd31702582ca06b336d277c4f39903414ab2baddfa578bce3be8ba27d68651d720b8401a4ffc61c999f628cdc71c058767c63f23e8b933add17cd3e50ab8540c9ebf935b2912fa26d68e2cc9289e4f894b8d03a81b8d306cadabb209de35c980d4ceea42abc4a0581b6114c77e4cc66c01be07deb7bdb8db23df5d67398497b30ea78518ff759304b5269502f93848838ba2d3e1737aadbbcbd4cde25689fff7a738df9017a4f2986c8fe8b8ba6b6f87b4dd6ec84876ba076c31039cf59b695313060ca1dfdb288c8924ebcaddddf9d067f2be6033af80313292c03996a39281c78299d8549d12cd8427104783575ec604930ab55e288606fdeb863afbeb9df6a009694c055c34d68e19c19ef3fa851363493cdf197c201958449e57e327b15eb5e25d2d347374a85e4685b432a15f4f768fa0b180f6db9f0af65cbbcb0c137a2e12cbb0aadf81e78244e2b8855634a9d0014005d9c9209381943f019df54769b4452a47ce0f223ae52a4d28d725d97e40b37b250499508838bc8a7ccb133f7a02fbfc91fa1c27685786808ae4a45e08cf841c79f3a61b58ae87005dd4e43920089fc2bc23b8c6ac3aaf2081a14edf30a0299f3094410689ec026a8bf8ba2b1c470583987c30d5d8ca6e7ea605d0c7661dba95beef2f4b94f5306317ecfa60010d6b18c2aebb994a4559fad9f3538ef7eaaf35761f7640b807483793ed8ab3ae20672da387979a8171eb1425700e257a912e645a80739e5d494ba6d419dcd4fec13aa806fcfcc84480d7e0e676916aded6f1cf9d69f7e958dceae1edaa11b2569954b7689e647906cccbdcbc2897f139356d9c85168f08ed8990aefc891158a1b89d7c19d3c56ad2a91d3de46ada48ec6338d13efb16c4cb49acd981a044c335240ce7d1db84fde51058290cae528cc7dc5794daa652268d9e5d0fa639a8549c9fdcd3fd126f653f9b970d804fdd4f420e473a31410fe9a84fc43ae415d008ac86ca0881f737382196cd5b6dd4b8673cb515ef70c4624bea32c22a7b72c2f8e1c2fc693a4905215e10580aef647be4bd36baab91c2867bcec745bc5334ce8cda1a0d77f6bb5f1838c60904f8ba7aec00d2529e87c41702b774c6f11c632d35f477988847de39626fd7e83b07ca2de2d7dbd68d07617dc590e00684c79ff1d8ff484a31056b53b29cbe470c8bf99515d7ad2939120d3b9b9ebabfb29d0e7b77cc7bb5ab97fc44591ee036de0206b8331c99c75e8bcc50ac1cb75fec3fb640318010d3ddeaaf423d14d2d715e7cf81ee4d01ad0c0f09c66b2e0b396b93c2bc97b21a42cdafe748aa4b59c250e4639be7173f4cff260339d2797e402653a3bef19a0a17763395889c4269679f6bd0289a356eaf0f06b409d24d4c112ff8f60b9383669677635f20d8eeed5c38d9500e39dca878f578b4980f374ee556aa3458b551628ff9f110d11b7f2497195d9bf3c9557e6f3d11c05f52158aab8f6485cdecfa158e592453351f1866faed652e75b37562a4c696867a89ed8b55355c82c6b571918d3995cb6516f00742a7f0974f62ca846d1306422176a204627930693eaf08951f082629d0a5537aea1d8729693798896fb16830a7cc7b29737f29637308283d5577ee3ea54987f14e4b1b4a51a17f7426a1ea86b42db1410a05064dd773bb5dacdf49702f7cf3ee9695f82fe881ef34c52e8d46e1e415989a757ec94cdd07294a2290e19749606638ed7ab2138cb9f7769a75b169f02dded1bb93c70095ef01be80b96b0ec21588146c8a238abd2bc14a170c5a024fe683c809ff478def04de33f353111c054ff502e7fad8e768bde39cfe419373b0bd40f1ae943d61b6fb824ac689955567fb7526f05d4db0c32f0e7b76cadb917ce200edfda6065129e19fa38ba3855586913baee0bbbade97144bac9c4763c95278f90bcaaa42fbbbfac31fcba0b8291025dbfd1a3660a60cc97763672331ee7db22c0932f46dfc313e7bd60ee86b7e3b4c11b5daaf8cf3e35fcaa124ae0a05bd063ff4944364ee16326b6131422bf08803aa713c771377f5f47cc940f879b2a1763110c22867c7a704c970163b15f702757d87e6e24a4474865877352ecef45294ef3bb7ec9e45f8609da982a161f89a8a9c2a6cf56fc9e8a2d9396fccf4bdd7b8aaf370f4478cb45bd5773f2a5af3d6149b4e41e364cf87c771848716998b070fe95d1d74c9d77466eae8efe0d5a0435de53d50d562c611ed8a2145c752ea54b31101db21f2688fefac5a3df5fc8163f134e5bcfcfcb2106a642ae3e6bcbd15654f09546ccb8c48d84d3bc7d0a18900dba3d66cb02ec33303132333435363738393a3b3c3d3e3f", - "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f" - ], - "measurement": [ - 0, - 1, - 2, - 3, - 4, - 5, - 6, - 7, - 8, - 9 - ], - "nonce": "000102030405060708090a0b0c0d0e0f", - "out_shares": [ - [ - "3c1365280c0256e2bf8fa1dda6c8210c", - "4cf0ce9963cd8783355469ad43277e53", - "5ccbc3ef2ce2fdfc4422b2f29caa7aec", - "f565690aac38d90228da50a3a2e2355a", - "c1f6746cb91b25006fe29bc5b9dbfd4f", - "2f1e7357292ff6949783aafc745cf130", - "c39d92bfc7f862e84f259b7440b04896", - "932ebc51032cb90072570bba4b64f80a", - "966e96998e4aeca59e1693fabe8aeb91", - "9b25702c90f2ce3136faef39b2b783e7" - ], - [ - "c5ec9ad7f3fda91d24705e225937def3", - "b60f31669c32787caeab9652bcd881ac", - "a7343c10d31d02039fdd4d0d63558513", - "0f9a96f553c726fdbb25af5c5d1dcaa5", - "44098b9346e4daff741d643a462402b0", - "d7e18ca8d6d0096b4c7c55038ba30ecf", - "44626d4038079d1794da648bbf4fb769", - "75d143aefcd346ff71a8f445b49b07f5", - "7391696671b5135a45e96c054175146e", - "6fda8fd36f0d31cead0510c64d487c18" - ] - ], - "prep_messages": [ - "faa44093d924dc5a7a7964fd9c8ec82b" - ], - "prep_shares": [ - [ - "f9ab3aa30354eb87abdd838ca558b6cbf26345360ccb2dea7deffb9e075c54b422f03470466c54abee94d25dd57eff3a073bf64fcf5eb3d7334b815115b39e6b16ea9cd0bd90f550dd701f3bf288451f17d4c7a3adc44ef5ad49663dfa2e95250320cb7d3fa0323ddcddcdb0d628146f48f6b53badd73c5333fe30cefbca3badd9a688c628f9df7129d7283772dfa0cc630e06a2795703ee70e9a01f64d3a704df997b7b6de7335aedbab9b3a1932989f93e66bb51c72416fc7f1c54bdf6f15d04c07dd5c8c2d5abea0921c5047299cd82f633af0f04fbde479b82628f0e446e781cca6b0548eaa34d8d1e5279078afe906905aa91922bf69977a92b586541d02a80245334e5321901ea62181f121f7aaaaf89061b36b0f9eb5c9ca22ddb5d09bca32696a262178178745830d0c0dee8fcc9033f8f5c98e5f3eaa91fded998019c068644495dcc3fad1eb4b63821a23b", - "0854c55cfcab147838227c735aa7493430369af6251b129c24fca111dc13d34678b16bc625356621f29ea8e47b665ab509578cae546f46e04b013376fc8439d5cde2eb50a36d1303c487fd8456539db6e653b588217b6b273b7b3d79de062a76332662a738cb172c781306cffa8b46f9aceaaf6b663a749763c9db91c5ebb62dd0f94a3d036b82c41b49709fe6c3815e215adf1c2ae55fd9d90f8186c07c37af26d2e0803bbda031317b76cdbcc7b6817529c92ef23b00db2243ffd4767f7c8e9d39781324cef39ddf613e24e4a6351037d62b77ff946d119fb2da47fd757e16d34aa0c53bd7d6fb53472d84ca55f554638e2529702522faa8c177d51394a89bbd4cec850ee6ff565296aad4f2cd6b9f35ad7ff7b7b494b97248e3a894dce393259fa038f067fb28655b6e18edc9a032053e900a2e3d07f7ca52461922710f91f4ec2449a30929eb714d75d9db74f3a7" - ] - ], - "public_share": "9c068644495dcc3fad1eb4b63821a23bf4ec2449a30929eb714d75d9db74f3a7", - "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f" - }, - { - "input_shares": [ - "44118698b73a59751812aa20a73ae412766ef3c4c7559adaf4f08d6d73fbe01849ac4f0da41a26f10b1709d08f56da39953a74ee5cca941b880a5857b143cdeb7065b4b8f6b13b474040cd9e5307fd42850c79e49dc4808a8bf2d976223522179142c2cce38fce9218a371029ac88597283e246464233e9d7cf7048bbe3d18d369dfb8d462dddbe94e33f7ebc07bf0cbe8ecf9e42a156f1fd2b6c434eb62813c0929e78c86cf9bcfad5d54287598c986364fcb6fbbfa0db79dc0f4c1dbaebed54201c88b9e1f93a7fcabc0137d2b6c8ec6f423d7aeeced8f7dbd4c64e7ed595b6e5d76034a16c5686a8982397ef1e882232a95e11e7377d5b758015b716472c4e0aa9021bf2f861e18507f7f8435b55a493c8f7357e245596c08975169be3fdf4f2bc8600e680b9013f52b67000959ce3a588caaabdedb7d6201210902695051d808571846039dc672be3d2a7d2d25137baf47f5b71d1d907c9db4d3c20045cb32bdcf9c0094bce467da04ed90e885c9e0765a41d98cc0cc454d1d97efe2255eed21c3b2297d9d0717f8d46d1a016ab899fabd89620aa6090d21ad7226d173f23cbdd31702582ca06b336d277c4f39903414ab2baddfa578bce3be8ba27d68651d720b8401a4ffc61c999f628cdc71c058767c63f23e8b933add17cd3e50ab8540c9ebf935b2912fa26d68e2cc9289e4f894b8d03a81b8d306cadabb209de35c990d4ceea42abc4a0581b6114c77e4cc66c01be07deb7bdb8db23df5d67398497a30ea78518ff759304b5269502f93848838ba2d3e1737aadbbcbd4cde25689fff7a738df9017a4f2986c8fe8b8ba6b6f87b4dd6ec84876ba076c31039cf59b695313060ca1dfdb288c8924ebcaddddf9d067f2be6033af80313292c03996a39281c78299d8549d12cd8427104783575ec604930ab55e288606fdeb863afbeb9de6a009694c055c34d68e19c19ef3fa851363493cdf197c201958449e57e327b15eb5e25d2d347374a85e4685b432a15f4f768fa0b180f6db9f0af65cbbcb0c137a2e12cbb0aadf81e78244e2b8855634a9d0014005d9c9209381943f019df54779b4452a47ce0f223ae52a4d28d725d96e40b37b250499508838bc8a7ccb133f6a02fbfc91fa1c27685786808ae4a45e08cf841c79f3a61b58ae87005dd4e43920089fc2bc23b8c6ac3aaf2081a14edf30a0299f3094410689ec026a8bf8ba2b1c470583987c30d5d8ca6e7ea605d0c7661dba95beef2f4b94f5306317ecfa60010d6b18c2aebb994a4559fad9f3538ee7eaaf35761f7640b807483793ed8ab39e20672da387979a8171eb1425700e257a912e645a80739e5d494ba6d419dcd4fec13aa806fcfcc84480d7e0e676916aded6f1cf9d69f7e958dceae1edaa11b2569954b7689e647906cccbdcbc2897f139356d9c85168f08ed8990aefc891158b1b89d7c19d3c56ad2a91d3de46ada48ec6338d13efb16c4cb49acd981a044c335240ce7d1db84fde51058290cae528cb7dc5794daa652268d9e5d0fa639a8549c9fdcd3fd126f653f9b970d804fdd4f420e473a31410fe9a84fc43ae415d008ac86ca0881f737382196cd5b6dd4b8673cb515ef70c4624bea32c22a7b72c2f8e1c2fc693a4905215e10580aef647be4bd36baab91c2867bcec745bc5334ce8cda1a0d77f6bb5f1838c60904f8ba7aebf0d2529e87c41702b774c6f11c632d35f477988847de39626fd7e83b07ca2de2d7dbd68d07617dc590e00684c79ff1d8ff484a31056b53b29cbe470c8bf99515d7ad2939120d3b9b9ebabfb29d0e7b77cc7bb5ab97fc44591ee036de0206b8331c99c75e8bcc50ac1cb75fec3fb640318010d3ddeaaf423d14d2d715e7cf81ee4d01ad0c0f09c66b2e0b396b93c2bc97b21a42cdafe748aa4b59c250e4639be7173f4cff260339d2797e402653a3bef19a0a17763395889c4269679f6bd0289a356eaf0f06b409d24d4c112ff8f60b9383669677635f20d8eeed5c38d9500e39dca878f578b4980f374ee556aa3458b551628ff9f110d11b7f2497195d9bf3c9557e6f3d11c05f52158aab8f6485cdecfa158e592453351f1866faed652e75b37562a4c696867a89ed8b55355c82c6b571918d3995cb6516f00742a7f0974f62ca846d1306422176a204627930693eaf08951f082629d0a5537aea1d8729693798896fb16830a7cc7b29737f296373045c4b3272022ca8eba72c601043d08da35f439bc7d0100d6aeb7c2a7cb74a82c9abf8982362807bed855c50ebe0e571d2624f06387b4439e7580af40033dccb657fea66e721e9b2c20cdd3dba93c3261c4ec327a89ed4007b7393820f46a60ace5876392117b97b9a358a1286944bcf0e7cf4f471d46694dc37fc670aee1d4cd7fa002020f5c7ea0bc65d0ca4e42729107abeab7a2f7b86d9f663a73485f54c4870609a0789554bd2f623176f563b8d577965464bc1d7ecca70103d13c963f741f6981cb1d83a7eb09878d39d5ec7e007d390fd93c9dba87670e981d6e21069f72602526625fd88a5cafc400b01720fccc97763672331ee7db22c0932f46dfc351a6df904c48d8a976ce693f58706d7f16ffb3c0ea860cc818c14c42c925832c041c075fd291ba417723cb6e68e5deea5716298370a7c6aae23beb7276354591e9c084351aa1ddb79d9067319c93931e5018cc62705ac5dd58f1a8b7439bf4bcff7192ee243138bc26a9a2c42eb57859751a58f04f4f83b4b673254700571cdcb66a38b1187b425df9e234484fa168dd01ab675fb38b167ec06b6b7878311fcf2f20ca9aee115b9d683375ce1dc64f98d93136680c056af071501b2b50ea4b267cab3e117c157683ba9f7a10069efa0afab0ed9ec6444ddf16d5e834834fe2e0dbd0df92d6b6c19697673837bf51d697303132333435363738393a3b3c3d3e3f", - "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f" - ], - "measurement": [ - 1, - 1, - 1, - 1, - 1, - 1, - 1, - 1, - 1, - 1 - ], - "nonce": "000102030405060708090a0b0c0d0e0f", - "out_shares": [ - [ - "3d1365280c0256e2bf8fa1dda6c8210c", - "4cf0ce9963cd8783355469ad43277e53", - "5bcbc3ef2ce2fdfc4422b2f29caa7aec", - "f365690aac38d90228da50a3a2e2355a", - "bef6746cb91b25006fe29bc5b9dbfd4f", - "2b1e7357292ff6949783aafc745cf130", - "be9d92bfc7f862e84f259b7440b04896", - "8d2ebc51032cb90072570bba4b64f80a", - "8f6e96998e4aeca59e1693fabe8aeb91", - "9325702c90f2ce3136faef39b2b783e7" - ], - [ - "c5ec9ad7f3fda91d24705e225937def3", - "b60f31669c32787caeab9652bcd881ac", - "a7343c10d31d02039fdd4d0d63558513", - "0f9a96f553c726fdbb25af5c5d1dcaa5", - "44098b9346e4daff741d643a462402b0", - "d7e18ca8d6d0096b4c7c55038ba30ecf", - "44626d4038079d1794da648bbf4fb769", - "75d143aefcd346ff71a8f445b49b07f5", - "7391696671b5135a45e96c054175146e", - "6fda8fd36f0d31cead0510c64d487c18" - ] - ], - "prep_messages": [ - "22b05b9abf6f7798c91fb089ec73d79c" - ], - "prep_shares": [ - [ - "f9ab3aa30354eb87abdd838ca558b6cba06d3c978291ea82c4c856026ce4a3cb3dec40f98bf1cf3db33e3a736043891abbb4629ed714cfb72b9a70be2083cc84c41c02e448c46154ed923d78db089e67c7bbe0ef236ecd77f99c8d5e5272f4aa0320cb7d3fa0323ddcddcdb0d628146f3a94850ce63a023fa1ec776f6082d00e5fef53097f1b9a562fe9c3c4b1d9b03a87131642b49c990eb174e205bf6d68af4248001090e9ee0c2c52614d1778ac60eaf3003e3714c6ef5c99442ad527fb434fea0dce4d6fe6cd3de25237bf75d34a3b619efbec942fe7f466c96521a9672a1b8773d0a3c0009b8020cc9719ddae7aee79d2a751e4405c17493fb96c28b9dfd90c135f76582ed5f72b0867cf2276d0aee16e5c44d6ac86eff63369b58b79fd5f34e68b4406f78664224591044c64f776d62683c1ad354cfd588c2168df20c6374a2b13433b05ee12db5fdd45070eac", - "0854c55cfcab147838227c735aa74934a0198736b579cfe4f87a1ab05d6cecc278b16bc625356621f29ea8e47b665ab59a91a8a0b72799489818a54757992f45cde2eb50a36d1303c487fd8456539db688dec5f51c76fdade09bf05bb59d8f82332662a738cb172c781306cffa8b46f986b9544adb196632fd3464f73faa14d8d0f94a3d036b82c41b49709fe6c3815ee39a9e9f46241986e33eb72c43757e3d26d2e0803bbda031317b76cdbcc7b681efe9a68224da578206e4518bbd64e9b69d39781324cef39ddf613e24e4a6351009ef3a1ca5f6d5b556077ed9c6e12b98d34aa0c53bd7d6fb53472d84ca55f554bff591feeca2f8c458b72bc0dd4a9dc4bd4cec850ee6ff565296aad4f2cd6b9fe2ca244753a83522e0d4496a1c66cdb8259fa038f067fb28655b6e18edc9a032053e900a2e3d07f7ca52461922710f91f4ec2449a30929eb714d75d9db74f3a7" - ] - ], - "public_share": "374a2b13433b05ee12db5fdd45070eacf4ec2449a30929eb714d75d9db74f3a7", - "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f" - }, - { - "input_shares": [ - "44118698b73a59751812aa20a73ae412776ef3c4c7559adaf4f08d6d73fbe0184aac4f0da41a26f10b1709d08f56da39963a74ee5cca941b880a5857b143cdeb7165b4b8f6b13b474040cd9e5307fd42860c79e49dc4808a8bf2d976223522179242c2cce38fce9218a371029ac88597293e246464233e9d7cf7048bbe3d18d369dfb8d462dddbe94e33f7ebc07bf0cbe9ecf9e42a156f1fd2b6c434eb62813c0a29e78c86cf9bcfad5d54287598c986374fcb6fbbfa0db79dc0f4c1dbaebed54301c88b9e1f93a7fcabc0137d2b6c8ec7f423d7aeeced8f7dbd4c64e7ed595b6f5d76034a16c5686a8982397ef1e882242a95e11e7377d5b758015b716472c4e0aa9021bf2f861e18507f7f8435b55a4a3c8f7357e245596c08975169be3fdf502bc8600e680b9013f52b67000959ce3b588caaabdedb7d6201210902695051d908571846039dc672be3d2a7d2d25137caf47f5b71d1d907c9db4d3c20045cb33bdcf9c0094bce467da04ed90e885c9e1765a41d98cc0cc454d1d97efe2255eed21c3b2297d9d0717f8d46d1a016ab89afabd89620aa6090d21ad7226d173f23dbdd31702582ca06b336d277c4f39903514ab2baddfa578bce3be8ba27d68651e720b8401a4ffc61c999f628cdc71c059767c63f23e8b933add17cd3e50ab8541c9ebf935b2912fa26d68e2cc9289e4f994b8d03a81b8d306cadabb209de35c990d4ceea42abc4a0581b6114c77e4cc67c01be07deb7bdb8db23df5d67398497b30ea78518ff759304b5269502f93848938ba2d3e1737aadbbcbd4cde25689f007b738df9017a4f2986c8fe8b8ba6b6f97b4dd6ec84876ba076c31039cf59b696313060ca1dfdb288c8924ebcaddddf9e067f2be6033af80313292c03996a39281c78299d8549d12cd8427104783575ed604930ab55e288606fdeb863afbeb9df6a009694c055c34d68e19c19ef3fa852363493cdf197c201958449e57e327b16eb5e25d2d347374a85e4685b432a15f5f768fa0b180f6db9f0af65cbbcb0c138a2e12cbb0aadf81e78244e2b8855634b9d0014005d9c9209381943f019df54779b4452a47ce0f223ae52a4d28d725d97e40b37b250499508838bc8a7ccb133f7a02fbfc91fa1c27685786808ae4a45e18cf841c79f3a61b58ae87005dd4e43930089fc2bc23b8c6ac3aaf2081a14edf40a0299f3094410689ec026a8bf8ba2b2c470583987c30d5d8ca6e7ea605d0c7761dba95beef2f4b94f5306317ecfa60010d6b18c2aebb994a4559fad9f3538ef7eaaf35761f7640b807483793ed8ab3ae20672da387979a8171eb1425700e258a912e645a80739e5d494ba6d419dcd50ec13aa806fcfcc84480d7e0e676916aeed6f1cf9d69f7e958dceae1edaa11b2669954b7689e647906cccbdcbc2897f149356d9c85168f08ed8990aefc891158b1b89d7c19d3c56ad2a91d3de46ada48fc6338d13efb16c4cb49acd981a044c345240ce7d1db84fde51058290cae528cc7dc5794daa652268d9e5d0fa639a854ac9fdcd3fd126f653f9b970d804fdd4f520e473a31410fe9a84fc43ae415d008bc86ca0881f737382196cd5b6dd4b8674cb515ef70c4624bea32c22a7b72c2f8e1c2fc693a4905215e10580aef647be4cd36baab91c2867bcec745bc5334ce8cea1a0d77f6bb5f1838c60904f8ba7aec00d2529e87c41702b774c6f11c632d360477988847de39626fd7e83b07ca2de2e7dbd68d07617dc590e00684c79ff1d90f484a31056b53b29cbe470c8bf99515e7ad2939120d3b9b9ebabfb29d0e7b77cc7bb5ab97fc44591ee036de0206b8331c99c75e8bcc50ac1cb75fec3fb640318010d3ddeaaf423d14d2d715e7cf81ee4d01ad0c0f09c66b2e0b396b93c2bc97b21a42cdafe748aa4b59c250e4639be7173f4cff260339d2797e402653a3bef19a0a17763395889c4269679f6bd0289a356eaf0f06b409d24d4c112ff8f60b9383669677635f20d8eeed5c38d9500e39dca878f578b4980f374ee556aa3458b551628ff9f110d11b7f2497195d9bf3c9557e6f3d11c05f52158aab8f6485cdecfa158e592453351f1866faed652e75b37562a4c696867a89ed8b55355c82c6b571918d3995cb6516f00742a7f0974f62ca846d1306422176a204627930693eaf08951f082629d0a5537aea1d8729693798896fb16830a7cc7b29737f29637303d4b2d335a15f1c48ed11d7948cae1b1efcb5af7c398f535e799f58a13109605cc3afae7e08683e40b1d015cfb8de1f5ca44d2eaa0fbfa549b4aa3933de82380b81ddd451d5e44a8f7f456355dfa125c002c8c5e7b2697e33dbd5cc1ac7ac8bbdfcb08ed49999a24a72685a31cdc25e0c9a27be6eb32af2d260f6d60427108a552cbe2a99ad070aec066c78bbf260e49e7ead7646ddd80d2fd067e7361e83e23aa3df8810cb4a44ee4b1205ecc8c548c064345134bb02e081a65ade1d3ec4523448d81153fa692e852e443120c8aba426dbc11bcef30ab6de561000c5be09b10524cedfab2395b99861a6f0c7e9c820dcc97763672331ee7db22c0932f46dfc3591f66851255b173a26f12c813e393a75c279385a4ef1668e0de195f818a9553d2a096f927333e1b445c8f212b665412b3f546fc56600ff4bc71f71f3c8aedc788a14e5e6f61343cc668e4d7e8d5b22314d9727e7e216f01d26d84168b8b8cad052eed93ec12355123dbbe497b1d0f6a92472c5181623dd46fe47e576cc7e804e23f58098d06504f11e23d87debccc25206b7ab2e8a54e197ecb27785fa834700ce9dab85af30a0cb4e385e6469db3e14a8545b97d72b9b4ffec701ab993457758873ec75af28a865542c437cf00bfc8092eebbb13b15cf9b481804696904c6ffae417be85dc3e8889fc8d2bf1cc7386303132333435363738393a3b3c3d3e3f", - "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f" - ], - "measurement": [ - 255, - 255, - 255, - 255, - 255, - 255, - 255, - 255, - 255, - 255 - ], - "nonce": "000102030405060708090a0b0c0d0e0f", - "out_shares": [ - [ - "3b1465280c0256e2bf8fa1dda6c8210c", - "4af1ce9963cd8783355469ad43277e53", - "59ccc3ef2ce2fdfc4422b2f29caa7aec", - "f166690aac38d90228da50a3a2e2355a", - "bcf7746cb91b25006fe29bc5b9dbfd4f", - "291f7357292ff6949783aafc745cf130", - "bc9e92bfc7f862e84f259b7440b04896", - "8b2fbc51032cb90072570bba4b64f80a", - "8d6f96998e4aeca59e1693fabe8aeb91", - "9126702c90f2ce3136faef39b2b783e7" - ], - [ - "c5ec9ad7f3fda91d24705e225937def3", - "b60f31669c32787caeab9652bcd881ac", - "a7343c10d31d02039fdd4d0d63558513", - "0f9a96f553c726fdbb25af5c5d1dcaa5", - "44098b9346e4daff741d643a462402b0", - "d7e18ca8d6d0096b4c7c55038ba30ecf", - "44626d4038079d1794da648bbf4fb769", - "75d143aefcd346ff71a8f445b49b07f5", - "7391696671b5135a45e96c054175146e", - "6fda8fd36f0d31cead0510c64d487c18" - ] - ], - "prep_messages": [ - "4b28ca5fab189f5689d02be161fe25af" - ], - "prep_shares": [ - [ - "f9ab3aa30354eb87abdd838ca558b6cb4cd1280dfc7d2f12bcb14c5a38a5fa1e4225a50845bc43cc7276668331627f53e6d1debec49fc79a6e0a2382b73e01d1af45275c3e553e9f0df2dce1fb8adf9b7cc9862e001ad0d0059d27c68b40e998a4233df802cb98ef8c94504a86e9b0e423e0661acc82059937329f34832d079f0184e04d6aafecf62dee814f748123de797d05203e140ccc9be383de282e7d377e0e3400af264e528f66cc39c14f6b590939d50e82fe5df4fa1e0aa96c27af32a5540a1ab456284c050fdf4fc7190c71acfc9d952d03d4af955b8df3f10fc64b48f1399d22792b7b18e64c7c09d986b27c4874ee16fff4ecde9d89391d3ca98a14f95ce098c05629305bb26e0db0955be0bafa82ff2a6b48283de372c395862a636d4a9bfdd06a15405a71a1d56a5a30afa2bde6fc55d8a3386fe4bd3c08985014376e4adc53e094949d34b36f1e8b16", - "0854c55cfcab147838227c735aa7493459da23320d129aafa331318931d85cdd78b16bc625356621f29ea8e47b665ab5d29caacc5ba36200516852c360c0a2d9cde2eb50a36d1303c487fd8456539db613567966c72ef1b9f8b8f2e93aebdc1c332662a738cb172c781306cffa8b46f908c1bfd01acb45c5c06c9ecb16265a3fd0f94a3d036b82c41b49709fe6c3815e1af0509da314c9297ca795e4487c9cc326d2e0803bbda031317b76cdbcc7b6819dd6910f3002a99c7075366ab035710a9d39781324cef39ddf613e24e4a635108fbc5c1b9dada07dd81a620426914410d34aa0c53bd7d6fb53472d84ca55f554883acb353f6718ee88b8e595fe5b9373bd4cec850ee6ff565296aad4f2cd6b9f2bdf8fd9fae82be3d2039778cad3aa16259fa038f067fb28655b6e18edc9a032053e900a2e3d07f7ca52461922710f91f4ec2449a30929eb714d75d9db74f3a7" - ] - ], - "public_share": "14376e4adc53e094949d34b36f1e8b16f4ec2449a30929eb714d75d9db74f3a7", - "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f" - } - ], - "shares": 2, - "verify_key": "000102030405060708090a0b0c0d0e0f" -} diff --git a/src/vdaf/test_vec/08/Prio3SumVec_1.json b/src/vdaf/test_vec/08/Prio3SumVec_1.json deleted file mode 100644 index 21fcfa001..000000000 --- a/src/vdaf/test_vec/08/Prio3SumVec_1.json +++ /dev/null @@ -1,146 +0,0 @@ -{ - "agg_param": null, - "agg_result": [ - 45328, - 76286, - 26980 - ], - "agg_shares": [ - "447fb76d69adab4dc1990d2289325675e67772e564baab6396c6b45c58a1c5febe9c72ab66aab2aab4b588ff774cb480", - "47e6ff190ecf95c1c1941e2b03db246104c982f459555c7d30035b353f18e8985d9e4661cd30031dc481a1afdc0df13b", - "864b49788883bef060d1d3b273f2842916e90b2641f0f71e0136f06d684652684a2e47f3cb244a386bc8d550aba55a43" - ], - "bits": 16, - "chunk_length": 7, - "length": 3, - "prep": [ - { - "input_shares": [ - "5d82bd1f81516122465f8a60a3209afef5a5c181fdfd80d20d280edb0ae8ccc4953eff5c0efe473d411cf4f3b2e3fd320c83c6b8f2c626a42d25f89594365561966e130ecf8a778e42ce7cca37b919eb9304560ba6a60a5e5b523f5ad397b378edff4b21af66fba2f59db74e46ffdfa077bcea50472d6e771640a71fa31dd96446a2d8ce308904ea0d94760e7f8721d1531754521de6b338a20bdc8eda1d1acb6f3407a9f6f9d6cf9ccc3696c4d3226e89cf3207643a12d8c30332a8d364c97aaee81f4dc31ad62d49506e422e146492bd92a5cc933532fbfc1ee2e8e33116414358edd4baf633cdd80856f8132124171d9a2d989d3a9cf5d1d2b27baf94a5c523cf7ae624b8fe1c8ffc2229bbeecfc18e91c8683df7c579390d8b31ca87372cb5ebbe716d0edc0fe8f10c54835396a68cbacc670eee07dffa3203f8b202dc414ccb317950b35d8f4da3f0bafe8f4b0d09b5103494ed9cf9075bfd19c47f8bdee607eccea1987b4bf6ba603e29043ef636b1b327e57adf1b29b098d4eadfebb737a5ea3558794f02b97f3611034adf002518d85e769210bb2ed2e4b4390433c55d6140ffda97a5018ee007adf5125f079bebdb6eba6c35d0504d8b7a9cbbf0bd9d57bd5b563fdc052a492a7dad4a3c782b69b711ac2969758cffc3d9089a34716517c45fbb164a6bd15a001d454dfd444becef4c4a7fdbc1aaf3b7e0983b900222674a726db2b1b155190cec29c6afefe3841924dd7b212437fb10bffc8a17cea09a97ec2dfafe897e8ad4c5418946525e0908ac8790580a47a17a8089e7b78498f2a54375778e387b0985293431e2103f51600211e6e9a3f388e53d2df072d486d4c4838d8d8601fad2bd86d51ad3a58aebc0d8f6bac048d77968b26826cf545b44f7513667ac696564df8113529415a6e467d3a9f6bda8630717be753a45b5d688bbc4b95712f3bec044eb26db66f23861bf870cfb30347361e81a451f7f17642f6cbd902e92cc063b7cd4cdffbec78cb3f1957d650f89be7798894f6594ae1965964b5968c67003b247c0e83d3cef1ba2feef4c5c59d42a3efa8309f0ec4e9497b1c5a7c6b72f341d4ce5950bd12be5b6b22f32eade71f969f4ee1c0a864741fb2b5b1ad278c5f2f27000e4237b71cc664a87c50a7088b36bab5ad5a5494d599407fda9df6c538ad53563c222d3242b635116f5246b9dd6b7aba1f5abda8fd607ba18a3155c6e6c877ba0965f4005c8f475e5116bd7f899ba48ad299e5007401e49b85abf0ad681cbad302393975d682f6fb5a0795702ada0cf559198efff5ed8a16b12d1e866545db67d13ea5b7e59557776d458f5872d20ab0a3f6c74d61345bb6cd1f2dec5ee4a8d1c96d22a7b3c8ef21c1284d0785a56143100639cbfc12d1a6582b16b4bf804f6503665f275e5de6c60aac82324be975fedb2dd651c1173635fde95660cc844d347d10f8a24586a75597b1c39e828063364e13921665af885b721addc72a72d9a23bb6aa7aa3169804cf944d523d855c97a71d723b464e3976d1264bef3c266ff630ac23753eb79ad90eb5593ce456db34e977dbb19cfb58c52cbaf4826858368c3cbd8863abb5b2b95c36a447b8a4eef73e276d8bc61be6a420a12dd507bc72ef767bf49ddc9a7dcf61290b191ca4c1444e4863f1438e480a661f860c6868256aa7390e1a5033292afdcb6da8c464298c1cf5bc86bac0ad5ee5f72219e33a356a4cc3bdefd606162636465666768696a6b6c6d6e6f", - "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f", - "303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f" - ], - "measurement": [ - 10000, - 32000, - 9 - ], - "nonce": "000102030405060708090a0b0c0d0e0f", - "out_shares": [ - [ - "22c1e77978e4e319838804b62d66c7d1", - "4eecd0a1213e3921caece61ec83597ff", - "27112639228e3b8e913cd8ff27c4e62a" - ], - [ - "18a2aa085a9adc958c310ab9abf3b675", - "0243d6a6c871c929a8ab73bcbfb2a2dd", - "75df6c20efbaab098480e08f49afa5be" - ], - [ - "d8c36d7d2d813f50b845f19026a681b8", - "b24d59b71550fdb45567a5247817c622", - "6e0f6da6eeb61868ce4247708e8c7316" - ] - ], - "prep_messages": [ - "065f5893e9afb58b358f78e7ed2cc07c" - ], - "prep_shares": [ - [ - "fedaa3d68353f75a2db6a1e49b2397a2bed007840b0f6ccc5ff3d89835264b58afa1771f5d2a277b65bbc2190fcac717b4f07c6d7ac4c692ad519e8a33e6d22479dfdaa6e2d3eb787ff4c9cc9deb4638b69a422203daec5a3a9b28f4eaddda1eef0000c41066465d05570989f605ad679d3d6906a8eba159f5af3995de50bdd1068ba7c0556bbd0724ada90ce58efc5b7c24f02cbc919cdb90bd915098f1f7b4bbc85c69e091f780fd70df4abb883070d02d2e06f76874cd4496526ce4aad58adf2b97e7cfed76951b532ebde9a3518e407992b67cbc6f3ccef64065bc5c214973167fea3f7baea5bf44bc32b85e37fb1f12524e4f720b7d10547ea1b558c569220ea8f5008a9be1e061606e347c3c49", - "cb8307fb467bb023448e58c74d159bf4ed77785c059b1bfe3c5b36ab3bb46cc6051853dd2151e2cc480d5164567c8c41df857ef182519ceaf1c704a25e6c948712d4839078fa72b1e64e8531f3e54c090d01fcc6023c8dc28300ceb5fd722c80211848dd2c787bd764b2099de3139df3e7472bf3c98fc31f1d3e09b8deaada8bb19f2941d9f4660018a051ede752680aa6d05e91c0c2feb5199be821f7eba9e3abe594acb8e9611a81294b8ed708fa93caa4f00ab2df5a298a09a7d71924a9ea0b98b57a0d21fda8ff765c0394041a9a2fce409f56e24f387aba5eec7bb507d18f623f5f376d80e762ee64ef3db152a4eaa42964a69f705f15eb77df0cf6f81589a8eaa4f01fe1b5aa656a0919ae5449", - "39a1542e3531588156bb055416c7cd68c32c28a3ac4eed2bb0f0460d41e3634bc0746eb13013792fcc318698a96b1343b152abb747abd3245a70d95eaf31f330e9e844395897d8d5f475d4644149864ca15c31da48dce96e593075a17d4deff6ae67d137adc6f38ec943c596b6fec177e66c119988225c82ac239141c8448add3f9b5c6e59d9736159ede439854b0532d9253f45dd09cb6b800fab1308b1f265978eab94b6bf4105729f7da8eddcee387a2a1eac1c64418e342368a3478fa335500371d0434c5e6511da60302f9947e84a52c49e6dc731f79ca0543441bff7a4cd909fe76206570074fca8dd8cc511ed104a88289bd3cd4d9e34a6c9a50a03649a431dd8df92d78dd6c0d478dd93c0cb" - ] - ], - "public_share": "220ea8f5008a9be1e061606e347c3c4989a8eaa4f01fe1b5aa656a0919ae54499a431dd8df92d78dd6c0d478dd93c0cb", - "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" - }, - { - "input_shares": [ - "5d82bd1f81516122465f8a60a3209afef6a5c181fdfd80d20d280edb0ae8ccc4963eff5c0efe473d411cf4f3b2e3fd320d83c6b8f2c626a42d25f89594365561956e130ecf8a778e42ce7cca37b919eb9304560ba6a60a5e5b523f5ad397b378edff4b21af66fba2f59db74e46ffdfa078bcea50472d6e771640a71fa31dd96446a2d8ce308904ea0d94760e7f8721d1531754521de6b338a20bdc8eda1d1acb6e3407a9f6f9d6cf9ccc3696c4d3226e8acf3207643a12d8c30332a8d364c97aaee81f4dc31ad62d49506e422e146492bc92a5cc933532fbfc1ee2e8e33116414458edd4baf633cdd80856f8132124171d9a2d989d3a9cf5d1d2b27baf94a5c524cf7ae624b8fe1c8ffc2229bbeecfc18f91c8683df7c579390d8b31ca87372cb6ebbe716d0edc0fe8f10c54835396a68dbacc670eee07dffa3203f8b202dc414dcb317950b35d8f4da3f0bafe8f4b0d09b5103494ed9cf9075bfd19c47f8bdee607eccea1987b4bf6ba603e29043ef637b1b327e57adf1b29b098d4eadfebb736a5ea3558794f02b97f3611034adf002518d85e769210bb2ed2e4b4390433c55d6140ffda97a5018ee007adf5125f079bebdb6eba6c35d0504d8b7a9cbbf0bd9c57bd5b563fdc052a492a7dad4a3c782a69b711ac2969758cffc3d9089a34716517c45fbb164a6bd15a001d454dfd444becef4c4a7fdbc1aaf3b7e0983b900222674a726db2b1b155190cec29c6afefe3841924dd7b212437fb10bffc8a17cea19a97ec2dfafe897e8ad4c5418946525d0908ac8790580a47a17a8089e7b78499f2a54375778e387b0985293431e2104051600211e6e9a3f388e53d2df072d487d4c4838d8d8601fad2bd86d51ad3a58bebc0d8f6bac048d77968b26826cf545c44f7513667ac696564df8113529415a7e467d3a9f6bda8630717be753a45b5d688bbc4b95712f3bec044eb26db66f23961bf870cfb30347361e81a451f7f17642f6cbd902e92cc063b7cd4cdffbec78cb3f1957d650f89be7798894f6594ae1965964b5968c67003b247c0e83d3cef1ba2feef4c5c59d42a3efa8309f0ec4e9497b1c5a7c6b72f341d4ce5950bd12be5b6b22f32eade71f969f4ee1c0a864741fb2b5b1ad278c5f2f27000e4237b71cc664a87c50a7088b36bab5ad5a5494d599407fda9df6c538ad53563c222d3242b635116f5246b9dd6b7aba1f5abda8fd607ba18a3155c6e6c877ba0965f4005c8f475e5116bd7f899ba48ad299e5007401e49b85abf0ad681cbad302393975d682f6fb5a0795702ada0cf559198efff5ed8a16b12d1e866545db67d13ea5b7e59557776d458f5872d20ab0a3f6c74d61345bb6cd1f2dec5ee4a8d1c96d22a7b3c8ef21c1284d0785a56143100639cbfaddd5e94884c05ad97bdc1b9878082a47662898f549754812b390a2bb02ba487c6791eb083959499d8c22ec4b79caf467542aa89e22d69fa2bea599ce1923cb05efda49baa01b0405db15d8cbfe774cf38d520cde78b817177df5ddfdd1b7c5b164c1955aadd97a8ee58a53940041a8feb79ad90eb5593ce456db34e977dbb19e3054823c514afc4e5ca9c5a7abdf60b2ad80e66199c131e1dad4436e5289a51acb7aff16412afc36a49d37a813224bbadcfa7c6ab7e817fab68ed0be42d24ca34df61c2d8a38df8d0fe92416f131481fcc5f12eee6f2e3fa7b8035d631770c4faa15307c8f847e907b1b0ce96f9fbc1606162636465666768696a6b6c6d6e6f", - "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f", - "303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f" - ], - "measurement": [ - 19342, - 19615, - 3061 - ], - "nonce": "000102030405060708090a0b0c0d0e0f", - "out_shares": [ - [ - "a0e5e77978e4e319838804b62d66c7d1", - "edbbd0a1213e3921caece61ec83597ff", - "131d2639228e3b8e913cd8ff27c4e62a" - ], - [ - "18a2aa085a9adc958c310ab9abf3b675", - "0243d6a6c871c929a8ab73bcbfb2a2dd", - "75df6c20efbaab098480e08f49afa5be" - ], - [ - "d8c36d7d2d813f50b845f19026a681b8", - "b24d59b71550fdb45567a5247817c622", - "6e0f6da6eeb61868ce4247708e8c7316" - ] - ], - "prep_messages": [ - "25034fec369564c831e89105a21ed2c7" - ], - "prep_shares": [ - [ - "fedaa3d68353f75a2db6a1e49b2397a29e8bb52fe68533a6e7518d7c431765b09d9fb09303205bd20b7bad45f8ee66e18d4ff77adffd7c0b1990ba9c1c18c0d83c70aab9194ab6e494736b7521bff256e44fb48a11052214545c4fc23b0424f8965526d4d9d8d65bb919f8e823db52d0cd97bbb67e45ed5ae83205b3c379c8b72f4220e4407e1f46c60ea678ed8d47742d82abe8cc8b00055cbeb2bf9c5cf03ee851b53b57812560f8c16902a3ca3e54d95174e928fcb415d903ba75e20b5c824ad2d32f70d2375df7fd78e3a9da48d881c81e5a3126d013776adc18fa8ffbfa1ad84cc857cabdf17c81c8f08d04e9dcf11e92808e461939e811b768e5fd98c3186d21176ab71c0fd31e38c5ce590cae", - "cb8307fb467bb023448e58c74d159bf447187a131bca6a8f66f613129c42c481051853dd2151e2cc480d5164567c8c4164b4ac35f70fe6b64517e65804ca767a12d4839078fa72b1e64e8531f3e54c09efe5a1f7aca60dd9e174711c82596e04211848dd2c787bd764b2099de3139df35aacfef634fc7a8fd7d4cb8f68a8c4eab19f2941d9f4660018a051ede752680abcbc6d60afb6984df051b2a1940016a2abe594acb8e9611a81294b8ed708fa932e03ad037523630eff76925e1a8076900b98b57a0d21fda8ff765c0394041a9ac56ec6717034855e757728c6617c78e28f623f5f376d80e762ee64ef3db152a4eaa42964a69f705f15eb77df0cf6f81589a8eaa4f01fe1b5aa656a0919ae5449", - "39a1542e3531588156bb055416c7cd6884463d0b107893ff1174455e3c438265c0746eb13013792fcc318698a96b1343f33bbecee2d08efabd7facd829d80dafe9e844395897d8d5f475d4644149864c3faef9fbd6b690a3750c76e3721c6667ae67d137adc6f38ec943c596b6fec17750073dadaecc860ca8ce32846d68208c3f9b5c6e59d9736159ede439854b05328ab3d8b398c8d0d7401a8718d9aad830978eab94b6bf4105729f7da8eddcee386ddf59f7d19da2437c7656a1f3d873c2500371d0434c5e6511da60302f9947e8c857cee7aa680bb0dd711dfda75fe0a0cd909fe76206570074fca8dd8cc511ed104a88289bd3cd4d9e34a6c9a50a03649a431dd8df92d78dd6c0d478dd93c0cb" - ] - ], - "public_share": "186d21176ab71c0fd31e38c5ce590cae89a8eaa4f01fe1b5aa656a0919ae54499a431dd8df92d78dd6c0d478dd93c0cb", - "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" - }, - { - "input_shares": [ - "5d82bd1f81516122465f8a60a3209afef6a5c181fdfd80d20d280edb0ae8ccc4953eff5c0efe473d411cf4f3b2e3fd320c83c6b8f2c626a42d25f89594365561966e130ecf8a778e42ce7cca37b919eb9404560ba6a60a5e5b523f5ad397b378eeff4b21af66fba2f59db74e46ffdfa077bcea50472d6e771640a71fa31dd96445a2d8ce308904ea0d94760e7f8721d1531754521de6b338a20bdc8eda1d1acb6f3407a9f6f9d6cf9ccc3696c4d3226e8acf3207643a12d8c30332a8d364c97aafe81f4dc31ad62d49506e422e146492bd92a5cc933532fbfc1ee2e8e33116414358edd4baf633cdd80856f8132124171d9a2d989d3a9cf5d1d2b27baf94a5c524cf7ae624b8fe1c8ffc2229bbeecfc18f91c8683df7c579390d8b31ca87372cb6ebbe716d0edc0fe8f10c54835396a68dbacc670eee07dffa3203f8b202dc414dcb317950b35d8f4da3f0bafe8f4b0d09b5103494ed9cf9075bfd19c47f8bdee707eccea1987b4bf6ba603e29043ef636b1b327e57adf1b29b098d4eadfebb736a5ea3558794f02b97f3611034adf002518d85e769210bb2ed2e4b4390433c55c6140ffda97a5018ee007adf5125f079aebdb6eba6c35d0504d8b7a9cbbf0bd9c57bd5b563fdc052a492a7dad4a3c782b69b711ac2969758cffc3d9089a34716517c45fbb164a6bd15a001d454dfd444becef4c4a7fdbc1aaf3b7e0983b900221674a726db2b1b155190cec29c6afefe4841924dd7b212437fb10bffc8a17cea19a97ec2dfafe897e8ad4c5418946525d0908ac8790580a47a17a8089e7b78498f2a54375778e387b0985293431e2104051600211e6e9a3f388e53d2df072d487d4c4838d8d8601fad2bd86d51ad3a58aebc0d8f6bac048d77968b26826cf545c44f7513667ac696564df8113529415a6e467d3a9f6bda8630717be753a45b5d788bbc4b95712f3bec044eb26db66f23961bf870cfb30347361e81a451f7f17652f6cbd902e92cc063b7cd4cdffbec78cb3f1957d650f89be7798894f6594ae1a65964b5968c67003b247c0e83d3cef1ba2feef4c5c59d42a3efa8309f0ec4e9497b1c5a7c6b72f341d4ce5950bd12be5b6b22f32eade71f969f4ee1c0a864741fb2b5b1ad278c5f2f27000e4237b71cc664a87c50a7088b36bab5ad5a5494d599407fda9df6c538ad53563c222d3242b635116f5246b9dd6b7aba1f5abda8fd607ba18a3155c6e6c877ba0965f4005c8f475e5116bd7f899ba48ad299e5007401e49b85abf0ad681cbad302393975d682f6fb5a0795702ada0cf559198efff5ed8a16b12d1e866545db67d13ea5b7e59557776d458f5872d20ab0a3f6c74d61345bb6cd1f2dec5ee4a8d1c96d22a7b3c8ef21c1284d0785a56143100639cbfc3289478e516bd187dc85011217df3d9cc14a8f70c84bbd98d3a48ee1708913c3bd3c479700f0d9a01bc20a88c2c74202d08300dd1b74ec473f59b9f837fa6643b9a7627923e328512a0d1eaaef78c6fdb44f2789df4d6fea8cd33877405fbb744d075db8e2ea1c6363e0cb892ee5f90eb79ad90eb5593ce456db34e977dbb19ceba123f684af758e4bf0d03e1c085d6d425f0fd60afacc5baab06737d4cad9c375e0928789836c34150e196aca25fe1f4092243bdf49bb57f5dab084241ba1557429036f1660bb41b101fe37f03fce0595620833807d9b175ca2db5cc2df167cc1df780e3a73ecbbfcb4950440fb6c0606162636465666768696a6b6c6d6e6f", - "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f", - "303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f" - ], - "measurement": [ - 15986, - 24671, - 23910 - ], - "nonce": "000102030405060708090a0b0c0d0e0f", - "out_shares": [ - [ - "84d8e77978e4e319838804b62d66c7d1", - "adcfd0a1213e3921caece61ec83597ff", - "846e2639228e3b8e913cd8ff27c4e62a" - ], - [ - "18a2aa085a9adc958c310ab9abf3b675", - "0243d6a6c871c929a8ab73bcbfb2a2dd", - "75df6c20efbaab098480e08f49afa5be" - ], - [ - "d8c36d7d2d813f50b845f19026a681b8", - "b24d59b71550fdb45567a5247817c622", - "6e0f6da6eeb61868ce4247708e8c7316" - ] - ], - "prep_messages": [ - "164bb9a531ed86890f679cfee8e40bd7" - ], - "prep_shares": [ - [ - "fedaa3d68353f75a2db6a1e49b2397a2d951596ce321ca830642b1c9a71f119b750393c6c754d535696c304ff488bcc6977ced640b7644d68067fa674f608e0a5751aaca2e39d7e4f47bec846689f311124c532053e2285de1dd28c7430d205d7bef7f1ff5f36d363f8ca7cf16b9d28d7fe79342273ee2629adb1396910910d4f1243c6e17898c5de5b4e50915995e0ec6b2c92fd59cf001c32018e569d540e26a5512100c73b1dfb9e76c4865fb4c8a98d2382c1bd1bbef9cb6f8fee190a7b2c18bb9c694e107ede1966ba61589e8a1ee07c034878188043745d1a13e9d328c35ab0af3a25ad52a2941d5c87ef54e798f310d45c2a44eb9b8b484c4cf2cb11289979db009d84867e096271383f95f17", - "cb8307fb467bb023448e58c74d159bf49f9b010f8d3342eccac47f456395810c051853dd2151e2cc480d5164567c8c41b406b0bc3e39acaada3e1565084d70c512d4839078fa72b1e64e8531f3e54c09965aa5eacbdfd1c87023b5c2c1751952211848dd2c787bd764b2099de3139df3696d74860c683106e0ba03981fd175ceb19f2941d9f4660018a051ede752680a2e4d31fc97379acf03c3454eb29d0433abe594acb8e9611a81294b8ed708fa932cd4dc5aeb67e4082571e2c1a9e2e9370b98b57a0d21fda8ff765c0394041a9abc294b2171b29cdda805a50345b159548f623f5f376d80e762ee64ef3db152a4eaa42964a69f705f15eb77df0cf6f81589a8eaa4f01fe1b5aa656a0919ae5449", - "39a1542e3531588156bb055416c7cd68bc76b21ba7b0f0ee6be53024718f5ae0c0746eb13013792fcc318698a96b13435bf89e78f7ee3fd7e39a1fdab2ea808be9e844395897d8d5f475d4644149864c3768148cc4a96a193de9ea7fad3ee418ae67d137adc6f38ec943c596b6fec177dc960939e2aa0560144c058bc34cabcb3f9b5c6e59d9736159ede439854b053235b3543dd1ff08e9184d44c28b2e98c8978eab94b6bf4105729f7da8eddcee388df030cba4cd2df0eccbf799ad07d72e500371d0434c5e6511da60302f9947e8a9a78a25434f4d85ce460e1dc1446ea7cd909fe76206570074fca8dd8cc511ed104a88289bd3cd4d9e34a6c9a50a03649a431dd8df92d78dd6c0d478dd93c0cb" - ] - ], - "public_share": "89979db009d84867e096271383f95f1789a8eaa4f01fe1b5aa656a0919ae54499a431dd8df92d78dd6c0d478dd93c0cb", - "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" - } - ], - "shares": 3, - "verify_key": "000102030405060708090a0b0c0d0e0f" -} diff --git a/src/vdaf/test_vec/08/Prio3Sum_0.json b/src/vdaf/test_vec/08/Prio3Sum_0.json deleted file mode 100644 index 040e3f174..000000000 --- a/src/vdaf/test_vec/08/Prio3Sum_0.json +++ /dev/null @@ -1,40 +0,0 @@ -{ - "agg_param": null, - "agg_result": 100, - "agg_shares": [ - "f3d18d266d89cb425fd64a19a436e8bc", - "722e72d9927634bd8429b5e65bc91743" - ], - "bits": 8, - "prep": [ - { - "input_shares": [ - "6dc25550077a71c59f7020e3d0e7ac8da5809fa59c2a1c7da50f49f348a2dd8f46ac57b16cf3a153fb3aa17f19b651354b6e5e2666029f55a6e0d76f25269781bb4f7cf5e79ddd703d07a49094e878e48a68b2a4b901bceeb954375740d2385821e421c0d14a2246d80a4ef53b99eb6dac3738491e6a337c124d1bbdc0e1c752ee2e3b77c8f83cf734b152c7c93caab48127d1fcae79f5dc47d4e8f62463408f5c82435087d2a244e8b54a508f8474307003ff6d76327921cfc1b68e893f1eb8cbaf513ed61bbae3d3580c34c2dfae2ceb8a1120842f5db85c78c2f4225452a6f2b618972d56f013db62e73b92a8ec83107719d35a27f5cdc493d73a772c9f5c7bc67f4280e90dc1eadbe043546a8b5975976a00739136f5f4ab37b8d845f32db1c97a831b3a9d2d3bbec621146d5a5f8788d7e7a1958b2a9382c1d9f538b91d9582bab31f496c9ddc517ae206533a8b18e0b3854587379a3120970b0246aa13758de413cee5f99794170de0bbd7479bdf968c1db98d53b30bea4417d54c9cdcc5f5e71bd7367ad95aacfb02693f25bca1a5fd67cfb3ef6406607ecef3bbe052cab782eacce5d25f6589325d20a1d6f2d9beb14c3c89cb18d0042a5376907c057203feffcd8a36b24ecabc6fe4e0133ec68a1313b669c1771b91ffb86c284646ea5ad270c492b5d5d7a24b27655c2a715af2e797823fa97f87df42184add6f1cc26e9762159d43e9548a6a89da738a8a36159369e3aa7d3b2c25c8cf95b788bfd6293b9e66a42d3bde7b00a5822eb4f97347c91f9882d54a6279c22501ce4f3fa5ebca8fcbfd7baff84e687cb8d77b48e8b4026560d873e2b8c0529d02f3d4f1e5764e498cc9d22a5d64b50fb38edc42491e5f1571244bc6269a7fbbe64406b4303132333435363738393a3b3c3d3e3f", - "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f" - ], - "measurement": 100, - "nonce": "000102030405060708090a0b0c0d0e0f", - "out_shares": [ - [ - "f3d18d266d89cb425fd64a19a436e8bc" - ], - [ - "722e72d9927634bd8429b5e65bc91743" - ] - ], - "prep_messages": [ - "aac7d7306c0cdbbd7e23ef394322d54a" - ], - "prep_shares": [ - [ - "5e6f31522c0cb9b5107ad0c560b6ef9a69553124df856a84affd0a814674ea325a2f1c7fc62f1838a8d7aa8d4263ac0d86243c1f5c53992219ddfef99b94f76d", - "a390ceadd3f3464ad3852f3a9f49106571003e04a8d922570934a5812d4a8c45c1cf374cea16117767d4f4ee963acd756d42402e0f2b584af325b34eaa1615ad" - ] - ], - "public_share": "86243c1f5c53992219ddfef99b94f76d6d42402e0f2b584af325b34eaa1615ad", - "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f" - } - ], - "shares": 2, - "verify_key": "000102030405060708090a0b0c0d0e0f" -} diff --git a/src/vdaf/test_vec/08/Prio3Sum_1.json b/src/vdaf/test_vec/08/Prio3Sum_1.json deleted file mode 100644 index 8baf391f0..000000000 --- a/src/vdaf/test_vec/08/Prio3Sum_1.json +++ /dev/null @@ -1,46 +0,0 @@ -{ - "agg_param": null, - "agg_result": 100, - "agg_shares": [ - "f91bcafa315d7cfa26564999203babdc", - "722e72d9927634bd8429b5e65bc91743", - "fbb5c32b3b2c4f481c80018083fb3ce0" - ], - "bits": 8, - "prep": [ - { - "input_shares": [ - "a48f16f9472cb825154a980720bd436b62db8329758026ed40deaa18e9bccea80cc0d2e40164379e7498b61a280fa86e7080b53acd1baf84604c5270ba2e161b069c2f1187bbead120b10d073d3326c5da5edeca2a2e0322253face85a769c92155d2859b86caac4f2b25d8779b2a99de3af195b2be8a4e5923d2a566833f86a683fdd68189962ea14ca940bcae99c612ca93caf3ec9bfa9ca2bdc0adeb80dba90992e4ea878bd39e321fe43f0cc073d9b5a8f9ff7f38b333e907e510a04499dc78059a620bc2d7201e3c7a4545cb5066add82690fd25269e66e1cf4334211b5578dc556c377753a501da19da81e839e6f3b7f56724ad9ee5e6dbc0a1cdcd3fc36601586eca9a50a620ed1c8941379369ae3a72b13c11c76cbd1f69d5d5acca56da4d8567007cbba3da384aa2d73e1bfba7ff77864c3b508d5a5b69b69a0bc6c092fc84d564e8f9726686e13f32239912a8a0bd92a8849d81f30560618db3bbd7f8b14a68e8a4bb2f61db7fa471573a4bee095db799ff19407b22fd77ecd55206e85f36dabec6323d8aaea77e328a07e3ccbcb3c893f6522fd0aa39f09b79dd9167cb9bccc326e2aaf51cc0e187c46766ccbe75321deb403d470795926b6879f0398a996aa5330734a5f3fed8b0e69e3a2c8a4efcd739fbedda27ae086f7144e655cdc89b07183818b56ce01dddf691d2a57f846c77d8601b203a2caf8a9bb3ec4f340d68702bf320df74e304d2db24de0dd26a6346ccc9a65c6c24e45a31636efb0919a87c8b14c08226807807acb467c29481b03e541c3ad3b2512b89c794687f4dae6b4c5f7fef5b5c348e61cca26629f015fc7babc7e0261b477843df830057f7c69248b4493b2e7a9f5503ba3eee569fc9911b35d0dd6111e8985a42273606162636465666768696a6b6c6d6e6f", - "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f", - "303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f" - ], - "measurement": 100, - "nonce": "000102030405060708090a0b0c0d0e0f", - "out_shares": [ - [ - "f91bcafa315d7cfa26564999203babdc" - ], - [ - "722e72d9927634bd8429b5e65bc91743" - ], - [ - "fbb5c32b3b2c4f481c80018083fb3ce0" - ] - ], - "prep_messages": [ - "215cd3acf2c12d42b2897cb57fb420a6" - ], - "prep_shares": [ - [ - "8a17e1ae7baf0fcb35b9d89394f8f34e5e965d98db9ffbe0867029fbbdfd7195d7fda8b597d471f0046bd4508be2e2abbf23e0b165f191b5165f0350ae251442", - "6c98be496224df8772c21173ad6fa2b271003e04a8d922570934a5812d4a8c45c1cf374cea16117767d4f4ee963acd756d42402e0f2b584af325b34eaa1615ad", - "0c506007222c11ad1f8415f9bd9769fe526f9e6835c5e2ce8c44b01f27cc5060c4c159a86eb48e1571437659eb32b3e8800a1a73b5ae07e45e4cc67555122b2d" - ] - ], - "public_share": "bf23e0b165f191b5165f0350ae2514426d42402e0f2b584af325b34eaa1615ad800a1a73b5ae07e45e4cc67555122b2d", - "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" - } - ], - "shares": 3, - "verify_key": "000102030405060708090a0b0c0d0e0f" -} diff --git a/src/vdaf/test_vec/08/XofFixedKeyAes128.json b/src/vdaf/test_vec/08/XofFixedKeyAes128.json deleted file mode 100644 index 6a34d6e32..000000000 --- a/src/vdaf/test_vec/08/XofFixedKeyAes128.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "binder": "62696e64657220737472696e67", - "derived_seed": "3805276060157b7376b069305303669b", - "dst": "646f6d61696e2073657061726174696f6e20746167", - "expanded_vec_field128": "3805276060157b7376b069305303669b92beaaa4afa982314428494ba98f3595d49e76d1301b451d6fd79c9acbe9118717cfd0d4b9ef29806b4dce298a2d6aba17d7025e7964a2d7e24a263bd79d19edb11cd1db4bc07ce0ae1a9c6d1f59233e8d7065a66ce1b123ed773e4b370c9217c7032fc805f3a13f6fe2ef6f7961bf9d20fd22b8cd544cefe8e634d9245db7813ba43f630a123dfda73b6bbad8b11a916090a7d5ba8a4d20853f3f5c8222684050a53119e829313fa8de64f92553a44aa522fc90d9ec75f80547ec9637ce60e74afd51baa1d80b549444c5f0a6283ff494698ea6ffaea65964c4e0c2f9cf72a11310000261ddc85661f5068f505d34273295be9b8549b4c6278a80794929093a17cc017cf0b0e68e32e941708cfa58b9e598ac3d5d2ab4e9b33111c9c9fbc0a3682617d0ed1a0d15c9bfb9d5fd2889d1f56dd3a7f2e61ca59b0705d35f915349ffea0341816532bbdaa6dddba42bf27d1699d9e9ef580f3686ea42d687e54a87c3e6dab4f1ee5e1185faa6b809eb1a1e940692b3ba882684e8440b73e23088411000cf77ba69777b3bfa417050f0cef6cd0c9b6e7a47ab5c3da9a0e3de6ec323aed32f4cc3f51ac719e34f0bd9b0cc617e3034581a708f4a3bba587b4b4cb91529cfd47393893c3b5cd430d0456a245b0c45d4398fe423b67faa8682c764d92c514d7e34a89abc16353e71de7d49895527e632a6163d7362549a8e9ab12277460d30d7892e0a5993a4d3922738f07892764b0ceabf280779894ced52aa7fba94100c2ec0fa1973d2b11044e6844ddcdbd59f26e1b321d02c9189414cace4abece30878ca21d198f2e61b84e7cbebb6a0ad83e2abd5bf69d7f8eed193a8e141088a4b7d41fe23a939f678ba94a1d9c9c2", - "length": 40, - "seed": "000102030405060708090a0b0c0d0e0f" -} diff --git a/src/vdaf/test_vec/08/XofTurboShake128.json b/src/vdaf/test_vec/08/XofTurboShake128.json deleted file mode 100644 index 1e48d1f64..000000000 --- a/src/vdaf/test_vec/08/XofTurboShake128.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "binder": "62696e64657220737472696e67", - "derived_seed": "8bac064e720bb1c413040a3f41990075", - "dst": "646f6d61696e2073657061726174696f6e20746167", - "expanded_vec_field128": "8bac064e720bb1c413040a3f419900750ce08494b0f4f2d95171dcf44255ef94606fd5e6ffe3735329f5550e34fe61f0d4704239c107e4beb6623e20cb2e2659662aef8409fcc162a01d2333fc8d8ee7bc31c394c88edeb5904d25bf851d30246d9bf4221a5aec6ff4cb2580dde88dfa726e21b35da18f5b1839a257482ab292615b094b092444013874fce11cbd293fc81fd9a00d1befca7b1aefa2324ad2c84a8d678b02973bd539021e18861647474211e99ccfff5e47483985b25257f83665f44ed3fbce4f5a2b20e5c54239653141f7d5132b255936d33327789e13b145362059f67bd8d5b240dfd1e525d6ac5c0bb6a5b4a0b7b7318a5e22fc91763d2eb9dbd5fd3a3665127ffa63ac5be71a0b67a5ce5ee158d902a4e3a4c580e734ee40682e471373b958853eddee1de30dda6e6f4a3e3a297a79bd7f332ce89b8f0cd50589f03b95408405df362a41f58688e1fb818deaccf36eedbabc1762215102de02125dc79450d47dc04ba88cd507bdf1690ae6c1dbb44352c29687e3f60e0d3d9ed8758aa1495f4976477bda7e3cdbf37078f615dfde8330df46aebe393a665fa3f9b906498ef59ac5a0da50ebeb91c80ac0d8ba3d9bcb4e23f37e416dbe679d633834b8351085a321314d8b0276b24de1dc41091f9bdf765f2879ef0d624927a649bb693386b5a22af2ec5b67b8298abadf1e4ffa10a794ebb9924761d08ad75b595ef11118b33a8f5e649e0b8351600be077a164c806a7ee2aba58de06177ccd18e8822d35c2d6843378f254d64e5a1ee52d9c5b3f63ae262c3d6d5b63baf4e2faf436d51d6318ac9d05cf4fe3e203b2b047bdb1b4f4f8d5645a5d59ab506afc423f3a0ae5691e7f755dc5bff3b6b4f08c61614b62f63b03ce30d35a2c0d", - "length": 40, - "seed": "000102030405060708090a0b0c0d0e0f" -} diff --git a/src/vdaf/test_vec/13/IdpfBBCGGI21_0.json b/src/vdaf/test_vec/13/IdpfBBCGGI21_0.json new file mode 100644 index 000000000..0bc3e082f --- /dev/null +++ b/src/vdaf/test_vec/13/IdpfBBCGGI21_0.json @@ -0,0 +1,64 @@ +{ + "alpha": [ + false, + false, + false, + false, + false, + false, + false, + false, + false, + false + ], + "beta_inner": [ + [ + "0", + "0" + ], + [ + "1", + "1" + ], + [ + "2", + "2" + ], + [ + "3", + "3" + ], + [ + "4", + "4" + ], + [ + "5", + "5" + ], + [ + "6", + "6" + ], + [ + "7", + "7" + ], + [ + "8", + "8" + ] + ], + "beta_leaf": [ + "9", + "9" + ], + "bits": 10, + "ctx": "736f6d65206170706c69636174696f6e", + "keys": [ + "000102030405060708090a0b0c0d0e0f", + "101112131415161718191a1b1c1d1e1f" + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "public_share": "7db601e4a750964ed1ae57542b1ebe0b0a08fe58d02497b9db91673fb102da7748e7e81aac58088bf47f335bd5f6159fd20170100e16a2674cebd72d9e97e429effdca443283c74886657fb376b6fa364bd9de1ca1903db51d82c91ad35bee9c41c474365afb96a24199c7d503ffdd6844673b4c8d48e8dca480bc2964b52f85d8d484dcac4fe6991e2f854cb49a5df34e27aac828957384199a8abdaf52a4e55e62c7ecfcc77e47eba098eb9c85c67f28978cb827a7963d196e3f2b9b12ebf9a2dc77dc65f218f1b9c98b27860255425b6035f6ff3d74b4ea0f89877656159eef6b6392bdb12d80c75853daeffa5105888cbb45932d9de21906089192149d57a03ab414fb695446b442feaba55ca5146c2084a107e16ac42071154b69cc67e57632cb2cc586e7e6bd554b3d3363bc51396a21c565132591a592328d3a3cbaf94339eb96ce623c1f37588537647cbde8b52a0464379b0f9f2a6d69b3781833f6ccb01b844e15291270ecc8cbd36ddaaf8e7c3d" +} diff --git a/src/vdaf/test_vec/13/Poplar1_0.json b/src/vdaf/test_vec/13/Poplar1_0.json new file mode 100644 index 000000000..9629c3a47 --- /dev/null +++ b/src/vdaf/test_vec/13/Poplar1_0.json @@ -0,0 +1,56 @@ +{ + "agg_param": "0000000000020080", + "agg_result": [ + 0, + 1 + ], + "agg_shares": [ + "f8145f10fdc8bca62df57afdc4066a8c", + "09eba0ef01374359d50a85023af99573" + ], + "bits": 4, + "ctx": "736f6d65206170706c69636174696f6e", + "prep": [ + { + "input_shares": [ + "000102030405060708090a0b0c0d0e0f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3fda98fdbc162bff6a3d8ae1be166aa452ffc1a31a1869f47c52fe72a43ce9cecc47717f655044d6a42d6ab3625ecee4dfc389bbebbf3ed7c12458aaef564f5bb1e491d79bba4359041f11561164a8396784bf71ed7bd8e16ac4f11f1eaf6dd55b6b8c538f54ebead6920cb8509ee2211f", + "101112131415161718191a1b1c1d1e1f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f6752ae15a1277011caf754974e5f9c7b51bbb6f537f446f4b99414f0cfd31eb4568278b83ac975508853807b1b9d27cef5e2ee3d4d8436ad7f3c82bd56101979a4ab82454a0d0692cd62a7dc020b297feb9bc83164430e9d6db65e54d1f01d3102ffaa1e6542b45ab78ca492593b4660" + ], + "measurement": [ + true, + true, + false, + true + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "f8145f10fdc8bca6", + "2df57afdc4066a8c" + ], + [ + "09eba0ef01374359", + "d50a85023af99573" + ] + ], + "prep_messages": [ + "1be0415318fa71a0025509fdb4559fced849a418e0819d4c", + "" + ], + "prep_shares": [ + [ + "0666e598602128e425ea5ac5440b241198c1253251d0773e", + "167a5cbab6d849bcdd6aae37704a7bbd40887ee68eb1250e" + ], + [ + "8dddb537d3b587de", + "74224ac82b4a7821" + ] + ], + "public_share": "ea706203dc060e8f96eea7a90a09011bf9d6ec84927d83a71ac6f1110e0d11e7dbec8d93e59d350995244ae87c17a5ce6cbe110ec9197dcda1433d652b904cb6aa90979f92f30320c2bbb1743b1d4f3578f54a5a9b0b242bf1841d6b39f5e70e1a75963d080ed76a295e89489ff47eb835d8920e9a95b4cd4812b71f114a07773a20bfe4362e0648fce76b8cb3dcf95e659379e3e151b7a62059020b7ae4c8081cda96253fa780a8b0ab6cdf22f92c136f", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + } + ], + "shares": 2, + "verify_key": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" +} diff --git a/src/vdaf/test_vec/13/Poplar1_1.json b/src/vdaf/test_vec/13/Poplar1_1.json new file mode 100644 index 000000000..889dc93de --- /dev/null +++ b/src/vdaf/test_vec/13/Poplar1_1.json @@ -0,0 +1,62 @@ +{ + "agg_param": "000100000004004080c0", + "agg_result": [ + 0, + 0, + 0, + 1 + ], + "agg_shares": [ + "6a175fdf8f26c6aeb0ab3fb9b95c288e686221f9b21a43f975aecba0241a1916", + "97e8a0206fd939515154c04645a3d771999dde064ce5bc068d51345fdae5e6e9" + ], + "bits": 4, + "ctx": "736f6d65206170706c69636174696f6e", + "prep": [ + { + "input_shares": [ + "000102030405060708090a0b0c0d0e0f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3fda98fdbc162bff6a3d8ae1be166aa452ffc1a31a1869f47c52fe72a43ce9cecc47717f655044d6a42d6ab3625ecee4dfc389bbebbf3ed7c12458aaef564f5bb1e491d79bba4359041f11561164a8396784bf71ed7bd8e16ac4f11f1eaf6dd55b6b8c538f54ebead6920cb8509ee2211f", + "101112131415161718191a1b1c1d1e1f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f6752ae15a1277011caf754974e5f9c7b51bbb6f537f446f4b99414f0cfd31eb4568278b83ac975508853807b1b9d27cef5e2ee3d4d8436ad7f3c82bd56101979a4ab82454a0d0692cd62a7dc020b297feb9bc83164430e9d6db65e54d1f01d3102ffaa1e6542b45ab78ca492593b4660" + ], + "measurement": [ + true, + true, + false, + true + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "6a175fdf8f26c6ae", + "b0ab3fb9b95c288e", + "686221f9b21a43f9", + "75aecba0241a1916" + ], + [ + "97e8a0206fd93951", + "5154c04645a3d771", + "999dde064ce5bc06", + "8d51345fdae5e6e9" + ] + ], + "prep_messages": [ + "9962c3798c6cefd8c356ed0a50585c5c44c02307e0b8cedb", + "" + ], + "prep_shares": [ + [ + "5b9d20684913a2696307dc3a03f8935ede135e8e653c5a6c", + "3ec5a21143594d6f614f11d04b60c8fd66acc5787a7c746f" + ], + [ + "ede48501afe2f08a", + "141b7afe4f1d0f75" + ] + ], + "public_share": "ea706203dc060e8f96eea7a90a09011bf9d6ec84927d83a71ac6f1110e0d11e7dbec8d93e59d350995244ae87c17a5ce6cbe110ec9197dcda1433d652b904cb6aa90979f92f30320c2bbb1743b1d4f3578f54a5a9b0b242bf1841d6b39f5e70e1a75963d080ed76a295e89489ff47eb835d8920e9a95b4cd4812b71f114a07773a20bfe4362e0648fce76b8cb3dcf95e659379e3e151b7a62059020b7ae4c8081cda96253fa780a8b0ab6cdf22f92c136f", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + } + ], + "shares": 2, + "verify_key": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" +} diff --git a/src/vdaf/test_vec/13/Poplar1_2.json b/src/vdaf/test_vec/13/Poplar1_2.json new file mode 100644 index 000000000..b0d92174e --- /dev/null +++ b/src/vdaf/test_vec/13/Poplar1_2.json @@ -0,0 +1,62 @@ +{ + "agg_param": "000200000004004080c0", + "agg_result": [ + 0, + 0, + 0, + 1 + ], + "agg_shares": [ + "9f264e896625e15df3e34b825d37c92aa8dd47f5f1fd55cec5c8bd00c5eb2640", + "62d9b17698da1ea20e1cb47da1c836d55922b80a0d02aa313d3742ff3914d9bf" + ], + "bits": 4, + "ctx": "736f6d65206170706c69636174696f6e", + "prep": [ + { + "input_shares": [ + "000102030405060708090a0b0c0d0e0f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3fda98fdbc162bff6a3d8ae1be166aa452ffc1a31a1869f47c52fe72a43ce9cecc47717f655044d6a42d6ab3625ecee4dfc389bbebbf3ed7c12458aaef564f5bb1e491d79bba4359041f11561164a8396784bf71ed7bd8e16ac4f11f1eaf6dd55b6b8c538f54ebead6920cb8509ee2211f", + "101112131415161718191a1b1c1d1e1f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f6752ae15a1277011caf754974e5f9c7b51bbb6f537f446f4b99414f0cfd31eb4568278b83ac975508853807b1b9d27cef5e2ee3d4d8436ad7f3c82bd56101979a4ab82454a0d0692cd62a7dc020b297feb9bc83164430e9d6db65e54d1f01d3102ffaa1e6542b45ab78ca492593b4660" + ], + "measurement": [ + true, + true, + false, + true + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "9f264e896625e15d", + "f3e34b825d37c92a", + "a8dd47f5f1fd55ce", + "c5c8bd00c5eb2640" + ], + [ + "62d9b17698da1ea2", + "0e1cb47da1c836d5", + "5922b80a0d02aa31", + "3d3742ff3914d9bf" + ] + ], + "prep_messages": [ + "c2575a57cd9c93a22b1b6cd869226045d99a016b369b8834", + "" + ], + "prep_shares": [ + [ + "466257086581b4a7222bef9446e67759b305e8e5b9718292", + "7df5024f671bdffa0af07c43223ce8eb279519857b2906a2" + ], + [ + "9b223444167bf1bf", + "66ddcbbbe8840e40" + ] + ], + "public_share": "ea706203dc060e8f96eea7a90a09011bf9d6ec84927d83a71ac6f1110e0d11e7dbec8d93e59d350995244ae87c17a5ce6cbe110ec9197dcda1433d652b904cb6aa90979f92f30320c2bbb1743b1d4f3578f54a5a9b0b242bf1841d6b39f5e70e1a75963d080ed76a295e89489ff47eb835d8920e9a95b4cd4812b71f114a07773a20bfe4362e0648fce76b8cb3dcf95e659379e3e151b7a62059020b7ae4c8081cda96253fa780a8b0ab6cdf22f92c136f", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + } + ], + "shares": 2, + "verify_key": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" +} diff --git a/src/vdaf/test_vec/13/Poplar1_3.json b/src/vdaf/test_vec/13/Poplar1_3.json new file mode 100644 index 000000000..d84554b76 --- /dev/null +++ b/src/vdaf/test_vec/13/Poplar1_3.json @@ -0,0 +1,71 @@ +{ + "agg_param": "0003000000071030507090d0f0", + "agg_result": [ + 0, + 0, + 0, + 0, + 0, + 1, + 0 + ], + "agg_shares": [ + "2d33a6c6914134e86b28db019499a40e624d0e35a954566426ef278575a80075bb1c9cdd3183915c65ea2350dda1bfedd8be8831092d581922bb2abf9229aa415bc6dd4000b6d160bb6f9112ca88562d1891397df208deed0c2060929d893f35d29cdfc356faa320545df78e279875e871d19884b25ec2e3a4bbf96a57250766d7de114e2f2ff7bb1ab428d8470bdd13dd27d7514859584b603340546ec19835b8f6a799f07c3640ff0bc47fea239219e46132c191c8a5954501248b5ab7817b605af7ed5491cfcae08e88a756320cdc99189428952bc9859508293392cc3c7f", + "c0cc59396ebecb1794d724fe6b665bf19db2f1ca56aba99bd910d87a8a57ff0a32e36322ce7c6ea39a15dcaf225e4012274177cef6d2a7e6dd44d5406dd6553e923922bfff492e9f44906eed3577a9d2e76ec6820df72112f3df9f6d6276c04a1b63203ca9055cdfaba20871d8678a178e2e677b4da13d1c5b440695a8daf8191621eeb1d0d00844e54bd727b8f422ec22d828aeb7a6a7b49fccbfab913e674a360958660f83c9bf00f43b8015dc6de61b9ecd3e6e375a6abafedb74a5487e048da50812ab6e30351f717758a9cdf32366e76bd76ad4367a6af7d6cc6d33c300" + ], + "bits": 4, + "ctx": "736f6d65206170706c69636174696f6e", + "prep": [ + { + "input_shares": [ + "000102030405060708090a0b0c0d0e0f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3fda98fdbc162bff6a3d8ae1be166aa452ffc1a31a1869f47c52fe72a43ce9cecc47717f655044d6a42d6ab3625ecee4dfc389bbebbf3ed7c12458aaef564f5bb1e491d79bba4359041f11561164a8396784bf71ed7bd8e16ac4f11f1eaf6dd55b6b8c538f54ebead6920cb8509ee2211f", + "101112131415161718191a1b1c1d1e1f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f6752ae15a1277011caf754974e5f9c7b51bbb6f537f446f4b99414f0cfd31eb4568278b83ac975508853807b1b9d27cef5e2ee3d4d8436ad7f3c82bd56101979a4ab82454a0d0692cd62a7dc020b297feb9bc83164430e9d6db65e54d1f01d3102ffaa1e6542b45ab78ca492593b4660" + ], + "measurement": [ + true, + true, + false, + true + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "2d33a6c6914134e86b28db019499a40e624d0e35a954566426ef278575a80075", + "bb1c9cdd3183915c65ea2350dda1bfedd8be8831092d581922bb2abf9229aa41", + "5bc6dd4000b6d160bb6f9112ca88562d1891397df208deed0c2060929d893f35", + "d29cdfc356faa320545df78e279875e871d19884b25ec2e3a4bbf96a57250766", + "d7de114e2f2ff7bb1ab428d8470bdd13dd27d7514859584b603340546ec19835", + "b8f6a799f07c3640ff0bc47fea239219e46132c191c8a5954501248b5ab7817b", + "605af7ed5491cfcae08e88a756320cdc99189428952bc9859508293392cc3c7f" + ], + [ + "c0cc59396ebecb1794d724fe6b665bf19db2f1ca56aba99bd910d87a8a57ff0a", + "32e36322ce7c6ea39a15dcaf225e4012274177cef6d2a7e6dd44d5406dd6553e", + "923922bfff492e9f44906eed3577a9d2e76ec6820df72112f3df9f6d6276c04a", + "1b63203ca9055cdfaba20871d8678a178e2e677b4da13d1c5b440695a8daf819", + "1621eeb1d0d00844e54bd727b8f422ec22d828aeb7a6a7b49fccbfab913e674a", + "360958660f83c9bf00f43b8015dc6de61b9ecd3e6e375a6abafedb74a5487e04", + "8da50812ab6e30351f717758a9cdf32366e76bd76ad4367a6af7d6cc6d33c300" + ] + ], + "prep_messages": [ + "614ed49602ef5034d6572fa5c3b40890eb8d0623d0c5e25e309ea8fb2f555f4b4f587251492daa3239a212928b2bd33d0b04ad744ee57b44ecb05acd6e916e29c3584921ef1ccbeffd215f93f799c68b1552621bcaa93d35ada1c495bb2a7d0e", + "" + ], + "prep_shares": [ + [ + "500b8f3cdc4173c21b56e19673c5daaf40517e5bc3ee3cea6f1d7667a1c8ef615189a704fe4738b5757a52beefb4daeda272856fb41e283bc7bd51fb472eda295fecb60db98a60afff3d7ffb764c9481f39a9ca2ebf6ecf6dfeff9b4aa700160", + "fe42455a26addd71ba014e0e50ef2de0aa3c88c70cd7a574c08032948e8c6f69ebceca4c4be5717dc327c0d39b76f84f689127059ac6530925f308d22663947f516c921336926a40fee3df97804d320a22b7c578deb2503ecdb1cae010ba7b2e" + ], + [ + "974633f332f3f33384f9535d1f282b8fd10892105b73452116e34012681c5b01", + "56b9cc0ccd0c0ccc7b06aca2e0d7d4702ef76defa48cbadee91cbfed97e3a47e" + ] + ], + "public_share": "ea706203dc060e8f96eea7a90a09011bf9d6ec84927d83a71ac6f1110e0d11e7dbec8d93e59d350995244ae87c17a5ce6cbe110ec9197dcda1433d652b904cb6aa90979f92f30320c2bbb1743b1d4f3578f54a5a9b0b242bf1841d6b39f5e70e1a75963d080ed76a295e89489ff47eb835d8920e9a95b4cd4812b71f114a07773a20bfe4362e0648fce76b8cb3dcf95e659379e3e151b7a62059020b7ae4c8081cda96253fa780a8b0ab6cdf22f92c136f", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + } + ], + "shares": 2, + "verify_key": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" +} diff --git a/src/vdaf/test_vec/13/Poplar1_4.json b/src/vdaf/test_vec/13/Poplar1_4.json new file mode 100644 index 000000000..fc341d8d4 --- /dev/null +++ b/src/vdaf/test_vec/13/Poplar1_4.json @@ -0,0 +1,63 @@ +{ + "agg_param": "0000000000020080", + "agg_result": [ + 0, + 1 + ], + "agg_shares": [ + "f8145f10fdc8bca62df57afdc4066a8c", + "09eba0ef01374359d50a85023af99573" + ], + "bits": 11, + "ctx": "736f6d65206170706c69636174696f6e", + "prep": [ + { + "input_shares": [ + "000102030405060708090a0b0c0d0e0f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3fc2ae29156142560363d6b3101bbc3a3c831ab3334d5212f220f7be62a879dfe3303d99c9b91c2ec4b2be88bf152958538910d1b290d4132fef827a3497d8b6afd07a6d42b5dd7418fe90b98a2fe671e6b09afa685444f5765969e1a411c6180b72e62f67b7d8338edff68762d0d0a59baa4793638727a6162003f84c2596acb467c4e928d904546058cd260b0042b3bb0294e677645e2078d76c33ea1a53929de1aef060ec73d23fffc162594b5be6c43ca72c91cd9814b72ecd11894674a56fe8bd2713309a0b1f19794338f30477cc3e36e5d8c889529db1d245507bc99900", + "101112131415161718191a1b1c1d1e1f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f7f3c82bd56101979a4ab82454a0d0692cd62a7dc020b297feb9bc83164430e9d6db65e54d1f01d3102ffaa1e6542b45ab78ca492593b46e06e76d0d8d758ba8c3b15c2f12607b151228c095e1958aa23da07e702e6350ad9f4a63bfa33cfe2f7257bf42fd73f5fa2dc92a4988f14f40934886a69f8df372cebc3468df580d5c07e05112170e8d81b30e346eccec758a1061c0c7aa27020e5ffb2c3fb90d089144fdb1011273eecfa42ccca7e8b5af4c70f7cc82df8c8e0fc9a0cb8a10aa026736f3961d47e3f4a275c11311a7ef12849beb141a53a937378fa80413eda1e2f6f" + ], + "measurement": [ + true, + true, + false, + false, + true, + false, + false, + false, + false, + false, + true + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "f8145f10fdc8bca6", + "2df57afdc4066a8c" + ], + [ + "09eba0ef01374359", + "d50a85023af99573" + ] + ], + "prep_messages": [ + "1be0415318fa71a0025509fdb4559fced849a418e0819d4c", + "" + ], + "prep_shares": [ + [ + "0666e598602128e425ea5ac5440b241198c1253251d0773e", + "167a5cbab6d849bcdd6aae37704a7bbd40887ee68eb1250e" + ], + [ + "4a5f1a8007a83201", + "b7a0e57ff757cdfe" + ] + ], + "public_share": "6a1329706203dc060e8f96eea7a90a09011bf9d6ec84927d83a71ac6f1110e0d11e7dbec8d93e59d350995244ae87c17a5ce6cfaff8ce533763568b692904206d7e470ece45c4fda5556d5b5b62c3d7be2dd649830ea94d67042a055fc38b0d4c307aeccd53526cb04f05ac3237e54ab58554582c00c3837f9ea51cf494b9ef71d413dccde24f39378eee9347774958295313fda51d3b1be516df9084ee46cad89fe554246acfd40d4c424c8356132d053344e90979f92f30320c2bbb1743b1d4f3578f54a5a9b0b242bf1841d6b39f5e70e1a75963d080ed76a295e89489ff47eb83541a49c02299250357f3bd66755a20ff515520f0712a459a651881d31f6bc0f2838fa1094e019c0d0625982399d50d9332948f9b83c59a1d039e07f9a1766b56f5818a51ed19930e9db0426c0a047d74e962240b3e06100c502868e30d62d547aca59df848918ef02e02a8683ec541237ae33b2bbfe7de5eb4b01991c8c0866a4949009c100fac98f8956d9bc82ffbf7eba76a7774146d2018dd5b97f331ddf546dde718780bb97364b321f7f9d524d21", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + } + ], + "shares": 2, + "verify_key": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" +} diff --git a/src/vdaf/test_vec/13/Poplar1_5.json b/src/vdaf/test_vec/13/Poplar1_5.json new file mode 100644 index 000000000..449db82eb --- /dev/null +++ b/src/vdaf/test_vec/13/Poplar1_5.json @@ -0,0 +1,69 @@ +{ + "agg_param": "000a000000040000c800c820ffe0", + "agg_result": [ + 0, + 0, + 1, + 0 + ], + "agg_shares": [ + "d2cd4b7f24280e5a405b5b5cd4ae2d5190e6a18cd895929de2b7613739347f1f7ec642e913685f1b2be02add94a1000201bed9d86ed118f624d13423ce10ff0128a3d7193a01b7f10727e695de56ddb14df1cb8612697284bef73f0b8ad35b0cbce0dfca542e1e9a6b91f9db47d6bb68efcdafd7c0f58c76ab8f96ec77b03828", + "1b32b480dbd7f1a5bfa4a4a32b51d2ae6f195e73276a6d621d489ec8c6cb80606f39bd16ec97a0e4d41fd5226b5efffdfe412627912ee709db2ecbdc31ef007ec65c28e6c5fe480ef8d8196a21a9224eb20e3479ed968d7b4108c0f4752ca473311f2035abd1e165946e0624b8294497103250283f0a738954706913884fc757" + ], + "bits": 11, + "ctx": "736f6d65206170706c69636174696f6e", + "prep": [ + { + "input_shares": [ + "000102030405060708090a0b0c0d0e0f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3fc2ae29156142560363d6b3101bbc3a3c831ab3334d5212f220f7be62a879dfe3303d99c9b91c2ec4b2be88bf152958538910d1b290d4132fef827a3497d8b6afd07a6d42b5dd7418fe90b98a2fe671e6b09afa685444f5765969e1a411c6180b72e62f67b7d8338edff68762d0d0a59baa4793638727a6162003f84c2596acb467c4e928d904546058cd260b0042b3bb0294e677645e2078d76c33ea1a53929de1aef060ec73d23fffc162594b5be6c43ca72c91cd9814b72ecd11894674a56fe8bd2713309a0b1f19794338f30477cc3e36e5d8c889529db1d245507bc99900", + "101112131415161718191a1b1c1d1e1f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f7f3c82bd56101979a4ab82454a0d0692cd62a7dc020b297feb9bc83164430e9d6db65e54d1f01d3102ffaa1e6542b45ab78ca492593b46e06e76d0d8d758ba8c3b15c2f12607b151228c095e1958aa23da07e702e6350ad9f4a63bfa33cfe2f7257bf42fd73f5fa2dc92a4988f14f40934886a69f8df372cebc3468df580d5c07e05112170e8d81b30e346eccec758a1061c0c7aa27020e5ffb2c3fb90d089144fdb1011273eecfa42ccca7e8b5af4c70f7cc82df8c8e0fc9a0cb8a10aa026736f3961d47e3f4a275c11311a7ef12849beb141a53a937378fa80413eda1e2f6f" + ], + "measurement": [ + true, + true, + false, + false, + true, + false, + false, + false, + false, + false, + true + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "d2cd4b7f24280e5a405b5b5cd4ae2d5190e6a18cd895929de2b7613739347f1f", + "7ec642e913685f1b2be02add94a1000201bed9d86ed118f624d13423ce10ff01", + "28a3d7193a01b7f10727e695de56ddb14df1cb8612697284bef73f0b8ad35b0c", + "bce0dfca542e1e9a6b91f9db47d6bb68efcdafd7c0f58c76ab8f96ec77b03828" + ], + [ + "1b32b480dbd7f1a5bfa4a4a32b51d2ae6f195e73276a6d621d489ec8c6cb8060", + "6f39bd16ec97a0e4d41fd5226b5efffdfe412627912ee709db2ecbdc31ef007e", + "c65c28e6c5fe480ef8d8196a21a9224eb20e3479ed968d7b4108c0f4752ca473", + "311f2035abd1e165946e0624b8294497103250283f0a738954706913884fc757" + ] + ], + "prep_messages": [ + "d3c3fc12914cd2a31c7a41b62a77273b5275154cdb30a0fec68912f9ccc66b0b6b15ce285c181e4f16a65fbcc188b3f1d4daaa14b6823f69127b41ec7e1f30516ff551aea1448229641258ba9b3fb64b4b8b4b166010c803d107541d5045425e", + "" + ], + "prep_shares": [ + [ + "d4c8460a5f62404f0ab779db098a078a8643f294f2ead87fef399a85adca9b2447ea034a67ec05dca8afc0a41c9ebc8e445ff7aca391a80e6ba24be308435f65daca191dddf03952c12402cc424509236c429d30c430944e8ad88424e35ddb0c", + "ecfab50832ea915412c3c7da20ed1fb1cb3123b7e845c77ed74f78731ffccf66112bcadef42b18736df69e17a5eaf662907bb36712f1965aa7d8f50876dcd06b952a3891c45348d7a2ed55ee58faac28df48aee59bdf33b5462fcff86ce76651" + ], + [ + "1a4aa3de4303c3d7d525a4c391558ea83bd9eec7db79e19415795cbb718eb571", + "d3b55c21bcfc3c282ada5b3c6eaa7157c426113824861e6bea86a3448e714a0e" + ] + ], + "public_share": "6a1329706203dc060e8f96eea7a90a09011bf9d6ec84927d83a71ac6f1110e0d11e7dbec8d93e59d350995244ae87c17a5ce6cfaff8ce533763568b692904206d7e470ece45c4fda5556d5b5b62c3d7be2dd649830ea94d67042a055fc38b0d4c307aeccd53526cb04f05ac3237e54ab58554582c00c3837f9ea51cf494b9ef71d413dccde24f39378eee9347774958295313fda51d3b1be516df9084ee46cad89fe554246acfd40d4c424c8356132d053344e90979f92f30320c2bbb1743b1d4f3578f54a5a9b0b242bf1841d6b39f5e70e1a75963d080ed76a295e89489ff47eb83541a49c02299250357f3bd66755a20ff515520f0712a459a651881d31f6bc0f2838fa1094e019c0d0625982399d50d9332948f9b83c59a1d039e07f9a1766b56f5818a51ed19930e9db0426c0a047d74e962240b3e06100c502868e30d62d547aca59df848918ef02e02a8683ec541237ae33b2bbfe7de5eb4b01991c8c0866a4949009c100fac98f8956d9bc82ffbf7eba76a7774146d2018dd5b97f331ddf546dde718780bb97364b321f7f9d524d21", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + } + ], + "shares": 2, + "verify_key": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" +} diff --git a/src/vdaf/test_vec/08/Prio3Count_0.json b/src/vdaf/test_vec/13/Prio3Count_0.json similarity index 50% rename from src/vdaf/test_vec/08/Prio3Count_0.json rename to src/vdaf/test_vec/13/Prio3Count_0.json index c0336fa67..81249048a 100644 --- a/src/vdaf/test_vec/08/Prio3Count_0.json +++ b/src/vdaf/test_vec/13/Prio3Count_0.json @@ -1,24 +1,25 @@ { - "agg_param": null, + "agg_param": "", "agg_result": 1, "agg_shares": [ - "352c53cbc1f95eee", - "cdd3ac343d06a111" + "e369056891a9fd95", + "1f96fa976d56026a" ], + "ctx": "736f6d65206170706c69636174696f6e", "prep": [ { "input_shares": [ - "352c53cbc1f95eee43253a8650e8ac18a5bd9c18b824886772947facdf1a413f1cf547cdb8c1ad4ed4c1294ccc856209", + "e369056891a9fd95d44e6fadb3b75e6774b666d312bcc59b57694d189321ffe06f46b37d26db61d056b17152e3726a2e", "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" ], "measurement": 1, "nonce": "000102030405060708090a0b0c0d0e0f", "out_shares": [ [ - "352c53cbc1f95eee" + "e369056891a9fd95" ], [ - "cdd3ac343d06a111" + "1f96fa976d56026a" ] ], "prep_messages": [ @@ -26,14 +27,14 @@ ], "prep_shares": [ [ - "f6340e6030e5960b53ad59de202314363e6063ed75a89676e3b9635d397d650e", - "0bcbf19fce1a69f4b5de9ce10c9c671b9baa607f88bfa49de4367212193d9b3b" + "5c6a0685bd0f0aa9b19b8c1c4431ec49eca02338e5e05da8fc91575311627200", + "a595f97a41f0f5565abc07086ef01d5b3cb2629a3c534bd4dbd8f5187ad75aad" ] ], "public_share": "", - "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f" + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" } ], "shares": 2, - "verify_key": "000102030405060708090a0b0c0d0e0f" + "verify_key": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" } diff --git a/src/vdaf/test_vec/08/Prio3Count_1.json b/src/vdaf/test_vec/13/Prio3Count_1.json similarity index 51% rename from src/vdaf/test_vec/08/Prio3Count_1.json rename to src/vdaf/test_vec/13/Prio3Count_1.json index 6731f2a13..18f53370a 100644 --- a/src/vdaf/test_vec/08/Prio3Count_1.json +++ b/src/vdaf/test_vec/13/Prio3Count_1.json @@ -1,15 +1,16 @@ { - "agg_param": null, + "agg_param": "", "agg_result": 1, "agg_shares": [ - "4eeea47bcff955f0", - "cdd3ac343d06a111", - "e83dae4ff1ff08fe" + "afccf0c22c8901be", + "1f96fa976d56026a", + "359d14a56320fcd7" ], + "ctx": "736f6d65206170706c69636174696f6e", "prep": [ { "input_shares": [ - "4eeea47bcff955f08194b8660a6bb007a346b42952b2298158c165d94c1c40979e10b54ae7092a5a14b325df003a6f9d", + "afccf0c22c8901be040bc9d44987fd40085bf595185a34267ec8e975e8fdfa331abaaecc9d7104785e186102448192ad", "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f", "202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" ], @@ -17,13 +18,13 @@ "nonce": "000102030405060708090a0b0c0d0e0f", "out_shares": [ [ - "4eeea47bcff955f0" + "afccf0c22c8901be" ], [ - "cdd3ac343d06a111" + "1f96fa976d56026a" ], [ - "e83dae4ff1ff08fe" + "359d14a56320fcd7" ] ], "prep_messages": [ @@ -31,15 +32,15 @@ ], "prep_shares": [ [ - "817531f295522feac2551124114fdc827bfda7719fb1eb33b0b4e1c49761f62f", - "0bcbf19fce1a69f4b5de9ce10c9c671b9baa607f88bfa49de4367212193d9b3b", - "76bfdc6d999267219aa129cccf1e2459cf93ae20bf886d0d22fe0f5fcded28e6" + "145aabe8608487ab66ff1e11a196662b0d268a8dbd2b01481daf7d190bf1b0b6", + "a595f97a41f0f5565abc07086ef01d5b3cb2629a3c534bd4dbd8f5187ad75aad", + "49105b9c5b8b82fd30916e72506a0c5679b07c05a3255a85103f30cfd5ab310e" ] ], "public_share": "", - "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f" + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f" } ], "shares": 3, - "verify_key": "000102030405060708090a0b0c0d0e0f" + "verify_key": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" } diff --git a/src/vdaf/test_vec/13/Prio3Count_2.json b/src/vdaf/test_vec/13/Prio3Count_2.json new file mode 100644 index 000000000..ced47bc65 --- /dev/null +++ b/src/vdaf/test_vec/13/Prio3Count_2.json @@ -0,0 +1,148 @@ +{ + "agg_param": "", + "agg_result": 3, + "agg_shares": [ + "6b111b08d94ff4ed", + "99eee4f725b00b12" + ], + "ctx": "736f6d65206170706c69636174696f6e", + "prep": [ + { + "input_shares": [ + "e269056891a9fd95d44e6fadb3b75e6774b666d312bcc59b04b52413d9e5e26d6f46b3fd26db6150a8659ad79dae8621", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" + ], + "measurement": 0, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "e269056891a9fd95" + ], + [ + "1f96fa976d56026a" + ] + ], + "prep_messages": [ + "" + ], + "prep_shares": [ + [ + "5c6a0685bd0f0aa98bb9c0942022d854c6be57b0c1d149b3d5a14867e2750b29", + "a595f97a41f0f5565abc07086ef01d5b3cb2629a3c534bd4dbd8f5187ad75aad" + ] + ], + "public_share": "", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + }, + { + "input_shares": [ + "e369056891a9fd95d44e6fadb3b75e6774b666d312bcc59b57694d189321ffe06f46b37d26db61d056b17152e3726a2e", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" + ], + "measurement": 1, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "e369056891a9fd95" + ], + [ + "1f96fa976d56026a" + ] + ], + "prep_messages": [ + "" + ], + "prep_shares": [ + [ + "5c6a0685bd0f0aa9b19b8c1c4431ec49eca02338e5e05da8fc91575311627200", + "a595f97a41f0f5565abc07086ef01d5b3cb2629a3c534bd4dbd8f5187ad75aad" + ] + ], + "public_share": "", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + }, + { + "input_shares": [ + "e369056891a9fd95d44e6fadb3b75e6774b666d312bcc59b57694d189321ffe06f46b37d26db61d056b17152e3726a2e", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" + ], + "measurement": 1, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "e369056891a9fd95" + ], + [ + "1f96fa976d56026a" + ] + ], + "prep_messages": [ + "" + ], + "prep_shares": [ + [ + "5c6a0685bd0f0aa9b19b8c1c4431ec49eca02338e5e05da8fc91575311627200", + "a595f97a41f0f5565abc07086ef01d5b3cb2629a3c534bd4dbd8f5187ad75aad" + ] + ], + "public_share": "", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + }, + { + "input_shares": [ + "e269056891a9fd95d44e6fadb3b75e6774b666d312bcc59b04b52413d9e5e26d6f46b3fd26db6150a8659ad79dae8621", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" + ], + "measurement": 0, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "e269056891a9fd95" + ], + [ + "1f96fa976d56026a" + ] + ], + "prep_messages": [ + "" + ], + "prep_shares": [ + [ + "5c6a0685bd0f0aa98bb9c0942022d854c6be57b0c1d149b3d5a14867e2750b29", + "a595f97a41f0f5565abc07086ef01d5b3cb2629a3c534bd4dbd8f5187ad75aad" + ] + ], + "public_share": "", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + }, + { + "input_shares": [ + "e369056891a9fd95d44e6fadb3b75e6774b666d312bcc59b57694d189321ffe06f46b37d26db61d056b17152e3726a2e", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" + ], + "measurement": 1, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "e369056891a9fd95" + ], + [ + "1f96fa976d56026a" + ] + ], + "prep_messages": [ + "" + ], + "prep_shares": [ + [ + "5c6a0685bd0f0aa9b19b8c1c4431ec49eca02338e5e05da8fc91575311627200", + "a595f97a41f0f5565abc07086ef01d5b3cb2629a3c534bd4dbd8f5187ad75aad" + ] + ], + "public_share": "", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + } + ], + "shares": 2, + "verify_key": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" +} diff --git a/src/vdaf/test_vec/13/Prio3Histogram_0.json b/src/vdaf/test_vec/13/Prio3Histogram_0.json new file mode 100644 index 000000000..64a2cb786 --- /dev/null +++ b/src/vdaf/test_vec/13/Prio3Histogram_0.json @@ -0,0 +1,53 @@ +{ + "agg_param": "", + "agg_result": [ + 0, + 0, + 1, + 0 + ], + "agg_shares": [ + "e720f2d625ee3cabce61d583c8c4054e82e8487025764348020264792b3d100f0d8c76f65caf04ee0e22373be0d61ac5fa6e2f2866078b31b90537e24416fad1", + "1adf0d29da11c354159e2a7c373bfab17f17b78fda89bcb7e1fd9b86d4c2eff0f5738909a350fb11d5ddc8c41f29e53a0791d0d799f874ce2afac81dbbe9052e" + ], + "chunk_length": 2, + "ctx": "736f6d65206170706c69636174696f6e", + "length": 4, + "prep": [ + { + "input_shares": [ + "e720f2d625ee3cabce61d583c8c4054e82e8487025764348020264792b3d100f0d8c76f65caf04ee0e22373be0d61ac5fa6e2f2866078b31b90537e24416fad1d878d8b7b93954e80a0a008ae08698e74409c646c5089bf508d7b32589a4442c84c94b77dd83e10d4cbdcb0a8e9084ba58812ef6c40e078587f3c82140facd7e6a4d6942338c87ab5336de984fca87d6315bd0cd55be021a5e8c95cb2f58d403209e06a16b0e535a34828e56812b7a3f995ffd32815553c38fc0ce8a7963e9758fc2a45b02b69ec05eb19de856357e3a3fd3063b2501f1c7e5791e3350f60a5e870c1d8d239707d61f61f6f3f8413185404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + ], + "measurement": 2, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "e720f2d625ee3cabce61d583c8c4054e", + "82e8487025764348020264792b3d100f", + "0d8c76f65caf04ee0e22373be0d61ac5", + "fa6e2f2866078b31b90537e24416fad1" + ], + [ + "1adf0d29da11c354159e2a7c373bfab1", + "7f17b78fda89bcb7e1fd9b86d4c2eff0", + "f5738909a350fb11d5ddc8c41f29e53a", + "0791d0d799f874ce2afac81dbbe9052e" + ] + ], + "prep_messages": [ + "915cca74703d352a8e12e7441aa3896efbd633bf8eacd9a101ab922f6481404b" + ], + "prep_shares": [ + [ + "d94d1f36d8d2f9867208928069335f0957497c6df0fe6568d4304b27f51456acf8093e765dfe404541c27935c03bf8677569234022700212e1112ad5b4a474126b01b5b1be78d897a9e616bcb21c5644fad4b87f09bc65f0c46ec41e29b19ffd064ddc2301a2ff2176338dd52a09fdadd442cddcbe5d10dafe0d92551d81eac7", + "28b2e0c9272d067971f76d7f96cca0f6bef7d43878716b3fcee1d230515956acdd7ced66a61a897483b4b233e4fe32b48babf43d070fc14b1c7fc4e1a386fd223f58eec1544973c9f39e871c48543e979da23642e48ae655de8c7e6b008ab43bc27dda399f3c8341c7476370573e51b6ebe601061807bb886fc55c2161ce436e" + ] + ], + "public_share": "064ddc2301a2ff2176338dd52a09fdadd442cddcbe5d10dafe0d92551d81eac7c27dda399f3c8341c7476370573e51b6ebe601061807bb886fc55c2161ce436e", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + } + ], + "shares": 2, + "verify_key": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" +} diff --git a/src/vdaf/test_vec/13/Prio3Histogram_1.json b/src/vdaf/test_vec/13/Prio3Histogram_1.json new file mode 100644 index 000000000..8568c4f84 --- /dev/null +++ b/src/vdaf/test_vec/13/Prio3Histogram_1.json @@ -0,0 +1,90 @@ +{ + "agg_param": "", + "agg_result": [ + 0, + 0, + 1, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0 + ], + "agg_shares": [ + "7c81185c4933c0c53be9489a06fe6f271c677e2d2f3469491cd4a5df164da7898ab986810546eb5f44d266bab7912eec02afbee3faa2fc691c60e08cb5b4fc441550907d4b1c16f374bda4acec4f4285934b3867956e39a671054936d1d35a7f4e834925c9aab4102a4d4869bdd3adf4c87230df479eadc9d8fd5113f230d1535754c64ae50e7acf66d0d49d6668f99d862a872d07d7c5e5bba254be6eaa867af95b6a6fe60b4cc1011e0fc2acd1c239", + "1adf0d29da11c354159e2a7c373bfab17f17b78fda89bcb7e1fd9b86d4c2eff0f5738909a350fb11d5ddc8c41f29e53a0791d0d799f874ce2afac81dbbe9052ed75bb48b448e3dab58ea08704f275cf79253d1b055657dfd4862c648d1385a5b7b61459c9aeb8d5c9565370551c67bdea48ce598f7e3c93be4d48ecf19ee20a146a80033c3bbc8feb23771e908b528c13b5d8363939cd7df29d312b4ff9e453e7e3bce6b34722b6d70a389c1ab4724ef", + "6b9fd97adcba7ce592788ce9c1c695266781ca42f641dafec92dbe9914f0688584d2ef745769198eae4fd0802845ecd8f8bf70446b648ec79ca556558f61fd8c1654bbf66f55ac61fa5752e3c3886183dc60f6e7142c495c2998f0805df34a25391b713e9c69bd92084d8091f165d62c9500ea87c07d88fa262d1f1df4e00d0b650339825735bd31aef7b97890e2dda04078f56e658c623afe89988d91b633478b68c724e58188d1553e677ca7e618d7" + ], + "chunk_length": 3, + "ctx": "736f6d65206170706c69636174696f6e", + "length": 11, + "prep": [ + { + "input_shares": [ + "7c81185c4933c0c53be9489a06fe6f271c677e2d2f3469491cd4a5df164da7898ab986810546eb5f44d266bab7912eec02afbee3faa2fc691c60e08cb5b4fc441550907d4b1c16f374bda4acec4f4285934b3867956e39a671054936d1d35a7f4e834925c9aab4102a4d4869bdd3adf4c87230df479eadc9d8fd5113f230d1535754c64ae50e7acf66d0d49d6668f99d862a872d07d7c5e5bba254be6eaa867af95b6a6fe60b4cc1011e0fc2acd1c239bbc08eaa2f65a321aab41077ee2ee67cf916f12d74bd3e0db0b7f053c6000e42e127a7a9d766608fcfefe7741ad8098f7e4180cc5a7af54b4e1a2f6385bc3205c60cd615037620637b96a87b6277db02df81cfa9389ae42515dc02f26bd54d4f6d22ce1c37ba89287248bdde8c71cba5e08cf30d48fab7a600fb27d441ec60788419a3c2fe4f162404a45cbc6a759d71bb3537e109dd50d2810cd3bee8e3ed828646009b0d11310b6dbf5d768d4da864950b09ec34d39e9bde8d9a4496031a33a6452188885035ee869560aee14cd02c484588f5399d364dacfc2e63dbfa2844418722107a38f8af774f4b334ddafd699d3ff3aeb1653f19c0cba384337b114a290ea69463793a5f9986c22bea8ef77b51358adb52e8a61c9f8046504a6156ff82fe86b3868cb262b8db8fdfc07444132c7c42f3dce18d99f6b221319e54a908e7d458925900d23c120489a930b802aa808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f", + "404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + ], + "measurement": 2, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "7c81185c4933c0c53be9489a06fe6f27", + "1c677e2d2f3469491cd4a5df164da789", + "8ab986810546eb5f44d266bab7912eec", + "02afbee3faa2fc691c60e08cb5b4fc44", + "1550907d4b1c16f374bda4acec4f4285", + "934b3867956e39a671054936d1d35a7f", + "4e834925c9aab4102a4d4869bdd3adf4", + "c87230df479eadc9d8fd5113f230d153", + "5754c64ae50e7acf66d0d49d6668f99d", + "862a872d07d7c5e5bba254be6eaa867a", + "f95b6a6fe60b4cc1011e0fc2acd1c239" + ], + [ + "1adf0d29da11c354159e2a7c373bfab1", + "7f17b78fda89bcb7e1fd9b86d4c2eff0", + "f5738909a350fb11d5ddc8c41f29e53a", + "0791d0d799f874ce2afac81dbbe9052e", + "d75bb48b448e3dab58ea08704f275cf7", + "9253d1b055657dfd4862c648d1385a5b", + "7b61459c9aeb8d5c9565370551c67bde", + "a48ce598f7e3c93be4d48ecf19ee20a1", + "46a80033c3bbc8feb23771e908b528c1", + "3b5d8363939cd7df29d312b4ff9e453e", + "7e3bce6b34722b6d70a389c1ab4724ef" + ], + [ + "6b9fd97adcba7ce592788ce9c1c69526", + "6781ca42f641dafec92dbe9914f06885", + "84d2ef745769198eae4fd0802845ecd8", + "f8bf70446b648ec79ca556558f61fd8c", + "1654bbf66f55ac61fa5752e3c3886183", + "dc60f6e7142c495c2998f0805df34a25", + "391b713e9c69bd92084d8091f165d62c", + "9500ea87c07d88fa262d1f1df4e00d0b", + "650339825735bd31aef7b97890e2dda0", + "4078f56e658c623afe89988d91b63347", + "8b68c724e58188d1553e677ca7e618d7" + ] + ], + "prep_messages": [ + "8794e3c89b479fd38914037c778563366e9c90f61a47f52e02e51003048af9e1" + ], + "prep_shares": [ + [ + "9c992f824ce7e69496d40dfa1da358109a3472a03ed58dc33d5426b0115bc7834b72373b9e78170ed075be80bd7842796b25594ce5825c4166bffa9165a98e40a56d6d17e0ca74af36cb5dbdb3a2f3c7d246b8f5bd78acc9f6c26ffde64d4817cdd9b28b742924c79516ca016098492df7580a49dd091f4f6e81fcf9d9fc148365b3e30205531b610d546de28a6b7c7cc058087324206afad931cea724e2285c", + "5db683a2145d865bdcf7b710ffb7e5ebb0bd9384c53299aae2cfe91888654d713fb6f1f7c85c5cfeaad11f1231a6ad8af800be32effc0abc03e33cd8160323e080e98fdc84db0024002bf3aec21c8a9ba3d69a20bbf18d9ff7234d6b03e993f5ef0c2dad87518e4f16634da8f1d947a518540775525c97a3d8d4323fa0f488b782c591e1ce996072e1f096b5991133f1d6ab883b98ec6a028b1de85eefed6989", + "08b04cdb9ebb920f71333af5e2a4c1037e6f5e776923d04de57b5c3ae70c15ad22f5380db9898c43134eb63198f64d67b47df6087bf19d0f85c2f729bb3235bc92bf9dc3a0f5ded0191ae397b5a2553a7ce4a518a7928893a51dc7dbfbdcb3b0d59aaa9ee4849b9d94faab5b691dc86fca19867ae82f97927ff5eece600cd002ed585479d34bf381eb8c5a1655338d24d04951ef27510d46ac2d45d22b5fc6c2" + ] + ], + "public_share": "65b3e30205531b610d546de28a6b7c7cc058087324206afad931cea724e2285c82c591e1ce996072e1f096b5991133f1d6ab883b98ec6a028b1de85eefed6989ed585479d34bf381eb8c5a1655338d24d04951ef27510d46ac2d45d22b5fc6c2", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebf" + } + ], + "shares": 3, + "verify_key": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" +} diff --git a/src/vdaf/test_vec/13/Prio3Histogram_2.json b/src/vdaf/test_vec/13/Prio3Histogram_2.json new file mode 100644 index 000000000..b6317d208 --- /dev/null +++ b/src/vdaf/test_vec/13/Prio3Histogram_2.json @@ -0,0 +1,2366 @@ +{ + "agg_param": "", + "agg_result": [ + 3, + 1, + 2, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 1, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 1, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 2 + ], + "agg_shares": [ + "064975657a4d61b066d25526d5af390c1515d962769da2d21614e8bdb263a2967378a1a0a1d92e4c59552750c2640cb3bc55da91fd496eef1b3a26d6b0dec433a469f48a5271984f71d7a69fe576665650bcd217a70a1a19b6284028d3c7796e3b314ae5f5cb74622e07d6cbd5402a4f9f81080754181daa51ae6be4fdb2b6b44c6df90160aa280c22d293e1a6ed6874b55bde1c3ee2934109c043f702ca47911eadf1c9f3894dbc839c9f704a3395a8c36292db0c8bd9bb77fb172f8c6d68db9635d15f16feb6478098f9fd89b0fb1ebb6b41d0f9a423dab914dc455051d7dafe151be7921237bf8541a34c3a64155a554d489370cf8bfe2b0894480382360b05c1d0f02dbbd7bab9ad9d39936a1bca5db320fc9e9f153ac9d4c2de65e6fdb78d75cbc8c97893ca0a55f98b9abf8127f3b827e86baee8d73c1b60e996e036e599d249a0efd766bf834c0f7412f82a7f6fa95139bf136762ad219910d9df127f5018711487c9811297abc354a76a4f2cf428e90176b5024aca6d22f86cb05c5eac715e398d7d374fb1999ea7fb64f1533289ebec40337ef35a1ba1f078ad45500fd52df11fb888952211d3e81839c6a2ac6879588d0c48f5bed22a3b2eed0d8132c1e8206e933058419ed596a1275a235127ac04561d7f14ab9ed9db40aedd0eb9c1ec994cf1a66dcc05437d34cfb8ff0c129ae4e04d4321aeea613d1ff68f8eb809fce39f697b9cf5b309e4a034340f9b6993ef83604714ef257f21341a1511bb2a25f805136e4425355c23f636f7f54f3ccfbf357c633c687e6a5008c7a26a76c4f6cd640526cb87b17fdf186a0f9d71f377ea0738c820235ac540ea2949ca4d738dcd651e9950fb5ceb32a18ff4c9601c28c91d962df915616aa64dcc80c440fe3fafaf3778ed85e25d2101f6f7cf84f82d65aaaa7b1df384aced53d386724be89e0071795c946b84fe8dcfab2e32f7e36cfcb24912f24b016c8c303228bc01281d4577765ddea7c8666678d9f3d7d04a64c4760b885d7e64314fb1fef8c496b63c3a6547ff64d6509b947c9386ae366c589f8e2ed9f25729aff3cb58cc496598e496c7e2a39d4be2462231b0f86b29eb9263ef4f9ed695037d4a2ceed4a574956a49a66164cafc553cebecad474dbea137470478b630e4c948925fdd903934afbe75bd0cd58906d3a727dcb7ad0f88825883607796c8310ca1a5dc74d154996841060dd54e1c24c0e9e98ef14fc588a1f44ab55d4fb4de70e7936aff49387a27549c626dba13810ae616b366549473b0d51ab89065e62a37b69993b3f03391ce7bbf9e4cd1ccb3c744b8fa9bfea3193223753acd06579d9a27b9671b05421780b1a6e20a57142389e5757419d95b02b52c713e9e0fbe6171e5c65fcbf99459eff9f5d5f318e5a15dfae05faafd027480062ad28e27b5f89641c0de4f4613d541a6d3ae51ee51c3d410445d7b3a1bd303c04177b90b03f519badadb73803e13aa052fa03680d63f17d94337809d96e8938f09fb9495c7ba02ae5fd5e38f1472d30acfe65e804c3478b2884987c765c47969d45647adc5331f9dcc61b8f5c8bc5f923efcd4702b4ed12acaec677bf908c88eac20437e8da1b31eff280fe601fbecf7e59d156b165e4b3d29a5b8e85ccc4f0b16f7cc351ae5e5ab06ceec96231eb3b0fb99a1f73ab7c9e7b985c59635e4b86f39c0c1d9a715529c9f3158c02bb7e80401104a8bd31230be6c7b8ae744cd383e1df09d6be5ad1c3341d780ae09a575a717e96bf805ae53ab6b56aa0616c684982929e00e7a4fcf66ca43654372ad8e670214fb6e25a94e4326ff67c8d0b0e74d7a9e1effb2823a467e9a0aa7d2304f0276136e8ac9de327688a4a9237e235630ae0d0fe4b6a109c3a52c959c6687ebf9d70228ab0af8f727915971575bcc020e6b8b4c68273ee5d609694bbe65e61cf5bc4534d31b0f9f9e0ac2e2a4c9d5222319dde59b95ff9c8fc945ba4d0c055cc3482e015436992410641ac093d912e604cff721700646eef5bbf483cdd57034a6099fc2cc7fe97f54193f3818b9bb263e69fcbe224410998cb927e067ab8713353863ec188118e97dd8ccd008aceb13f68e6ee98400da21966bd831b15078b5c773aada17512b2265c5d1ea6078e5b541184c080a211dd135d59d0da5a578a924aa096759f0c942a67038ec6d2cd085f4b8d2c87aae5e3b6493c4b2016b6e08c31f8c5f277953576532f845fcebb88047be2633475989413bb5d280e88a", + "feb68a9a85b29e4f7d2daad92a50c6f3edea269d89625d2dcdeb17424d9c5d6990875e5f5e26d1b38aaad8af3d9bf34c45aa256e02b69110c8c5d9294f213bcc5d960b75ad8e67b0722859601a8999a9b1432de858f5e5e62dd7bfd72c388691c6ceb51a0a348b9db5f829342abfd5b0627ef7f8abe7e2559251941b024d494bb59206fe9f55d7f3c12d6c1e5912978b4ca421e3c11d6cbeda3fbc08fd35b86ee3520e360c76b2436063608fb5cc6a573e9d6d24f37426446c04e8d0739297246bca2ea0e90149b863670602764f04e14694be2f065bdc252aeb23baafae282503eae4186dedc8405ebe5cb3c59beaa5acb2b76c8f307401b8f76bb7fc7dc9f4fc3e2f0fd24428452a5262c66c95e435a54cdf036160eac51a2b3d219a190248748a343736876c35d9aa067465407ed80e47d81794511728a7e49f16691fc91a682db65f1028994060b3f08bed07d5809256aec640ec989d36de66ef2620ed80b1e78eeb78367eed4c543cab5895b0d30dd716fe894afdb51992dd07934fa3a1558ea1c67282c8b032666158049b0eaccf761413bfcc810c89e45e0f8752baaff22ad20ee047776ac1ee2c17e7c6395d559786a772f3b70a252dd5c4d112f27ecf3e17df916ccfa7a2612a695ed8a5dcb0d853fba9e280eb38612624bf5122f1483e1366b30e599217fabc82cb304700f5ed651b1fb2bcde35159ec2e009707149f6031c60968463ee4bf61b5fcbcbf066966c107c9fb8ebf4d980decbe5eaee46d5da07faec91bbbecaa3dc09c9080ab2c33040ca839cc37b8195aff7385d958b3b09329bfad9345c4e8020e795f062900c8815f8c737dfc0a53abf15d6b635b48c72329ae166afe8a214cd5e700b36a1e3d736e269d206ce9e9559b2337f3bc101c05050c887125e1da2defe0908307d07d29a555584e2f07a5312ac2c798db71761ff8e86a36b787b01723054d1cd0a1c93034db6ed0d98fe9373cfcdd74300d8e2ba8889a2213c37999987260c2831b59b3b89f477a2659bceb04e01073b6b49c3c59ab8009b0daf646b836c7951cb93a76071d1260d8cd6500c34a733b69c671b69381d5c62981db9ddce4f0794d8146d9c10b061294efc82b5d3112b5a8d6a95b6599e9b35e7a9c3141352b8b2435ec8b8fb8749cfff35b76da0226fc6cd50418a42f32a76dd2c58d8234852f0797da77c9f886937b2f35e5a238b2eab6897bef9f22ab1e3bf3f1616710eb03a795e0bb54aa2b04b058f186c9500b6c787d8ab639d9245ec62f519e94c99ab6b8e4f2ae5476f9a19b9c849666c4c0fcc7031844061b32e333038bb470564015ce8cddc8ac532f9a84665d84698e4fabdea7f4e591df5a8ebc0761a8a8be626a4ff4ad38ec161f041828e1a39a034066ba810060a2a0ce71a42a2051fa05502fd8d7ff9d52d71d84aeb68be3f21b0b9ec2cbe592c51ae11ae202befbba284c5e42efc3fbe8846f4fceee54525248c7fc1ee55fad05fc97f29a4e826bcc87f6269196c70f6046b6a3829fd51a02a1c70eb8f2cf53019a17fb3af874d77b678389a3d86962ba9b8523ab0e062339e470a3745a06dc1032b8fd4952ed53513988406f9377153dfbc8172424ce100d7f019fe0613081a62ea94e985b4c2d65a4717a335b0f4e90833cae5fe1954f9311369dce34c4f04665e08c52c3618467a3a69ca1d4790c63f3e2658cead6360cea73fd44a17fbfeefb5742cd1cf4193847518bb34c7c1e20f62941a36e3ccbe287f51f65c8a58e8169407fa35ac5494a955f9e93b7b67d6d61ff18594309935bc9abc8d547198fdeb0491da3ab1bcd90098372f5118b28561e1004d61c5b98165f5582dd1b0fd89ec91753605cd89775b56dc81dea9cf51f2f01b4942f63c5ad36a63997a140628fdd754f5eb07d86ea68ea8a435fdf19474b397d8a51a29f696b4419a1be30a43bacb2ce4d46061f53d1d5b362cdddce6221a646ae4627036ba45b2f3fca33cb7d1feabc94adbef9be53f6c26ef19fb3008de8ff99d110a440b7c322a91cb59f6603d3380fa7fabe6c0c7e74646d9c1960341ddbbd3667346d81f98547aeccac79c13e77ecb168227332ff75316ec097191167bff09de699427ce4eaf894a388c5525e8aeb8dd9a3a2e159f871c4abee7b3f7f5dec62eca2a62f25a5a8956db55f698a60f1abd598fc71392d3317a0b472d37855185c49b6c3b4dfe9493f73ce073a0d88690a89acd07ba03144b7fb841d9ccb8a65abec44a2d7f1775" + ], + "chunk_length": 10, + "ctx": "736f6d65206170706c69636174696f6e", + "length": 100, + "prep": [ + { + "input_shares": [ + "e720f2d625ee3cabce61d583c8c4054e82e8487025764348020264792b3d100f0d8c76f65caf04ee0e22373be0d61ac5fa6e2f2866078b31b90537e24416fad12aa44b74bb71c2548b15f78fb0d8a3086fac2e4faa9a82029b9d39b72ec7a5a4869eba63651472a34e9ac8faae3984215d731a67081c36c4ff2a7130e611df5ebb57ffcc3c44370131c88e16f74ad73ec6a27c9c6c632820ba2ced4b0061bac183c43194cb8dd492735c763e54b8db10143d28498127fcc54acce837c1d7f0955c852ea368195f3a075cff32745e4c36c68a06c8e5f6692f7668fc0688ee7b2fcd1be9e341e8eb5fb5b976d4058a686f56a1ed418b617499bd004287334052b4b479ae311ef97b5fbdf7c285dbbd0261234503e68f2902b94115adfcd6639945c28b47c7ad2575473a55ff0d299326b7e6f80364a4449715a002f0b0a84952fda92ed45cfe7bbd2cd7ba34a5ce1851268c2a8852c64e0abd11500fe8c87c1bf3d5e8a41b2794a64e56c44655aa8aa1371984ca99584500a1b6d769b2d74409a3c5718952c1bfb854e7a85c2a198afea15227b1172005f3b1b682767ef22a3a3b1c6251cb9c4527426a4e48171c6cadf645573fefda9aed7e3548849f846481a6ecac7d36be0e38ef28f6ae28909d229d556a44cdbb4fa61bdb8f627c062b161bc679640feee4c3d7584d20a6eb475f6635680f4a6321ed9c0031f0523632dba72c349963f6f0a58f982b347d76388501f6f0c16440230782fbb68c3605e94e1be01d6a321a353eeda86bbc36b2b898983cb994f99ebfd6d28a0c716e1a4710f13fad98148a00b7faf3c48c49cfbdb40fbffe0b3167d2e01c8f227a0631843a94eff15a613db675eeff55e451c37498faa4cf50c7cf5b51ff9e09715da14773e03a66869191058c64353056836665327b74321e0a1191bf4f400d5e315548da7108e40f80bea56f282d0d338e61449e9e66b0d7b25e0735987966a4a7d1d1d09234b74fed0bbf6fc996ad703dbf95cbc848d4d646f2cdc06fd956eb87de7fb213431206b92387190aff870f4259a840de9fd788a97451affebb1d2b65143c6107d7a8e35b7a63905c9e16071d38ab652451e4c156fe074362bfe672079ee42e2a264224d4c3090ae182088617fe2a87d493f6ebd36672456b3014d4c1bcafc105ec77f9bedf1a62a7a82ef70396c5f767dbd98873567275fac01a901016f214a2768a06e71ae20736fb5f974a8efe8760f4dc7e87f8223b451658ca0ef1ffa0052637d542f00af9813a344a82ab7008423f2be235dff4d6e37b055f8f5b78fe51a994bfacdcbae1faabe006ac32a9ccf69d1e1d721fae8055c3f58392bd8200edd08cde43b01a6fe803f496d8beb595ef1a121ed89f5cce5fb7f116c7bcfa1842bd64fffe2ee5e89610d6e5fc6ff7b2e60c409a6a7bc15045a728a079c9d453682fa0907b916e3188ddae01baefa5521cc966c6b9585fb4e68402792fc93e73b969f7e63743d20c2fd91bfcb938f342c2985b8e1a19c25b7a2f002b236230dbcebfae1a7b7d0940a193a5dec0edf39370fa58d7ae88ed2afa51b60f2e709218149309753919e224d11b4804e1caf0254ccee0a777b606f35aeb118319840197661afecb632982d79bd6ed52b743dfb0ef62eecd1b7f94381c1acaaa007be45bd0b7dec4325cc318b948c7302c5aad28d2e4f8579ff92cfcc3c3a18f29386fc66ae0b0b3990121c1aee83746f1a55a4aed489fec02985c24cad582ebec7ba6c44d2bf2c3e83071329ade2191d73b449ae87b408fead07c01593eae70c786f039d8abf4a366e8e5571d0ebb06b7cc707a2ec5306e3f76e97fab3a6c6dd975e74348b8d4995868712714e3d10b74902a9d0cd13b6b91b4347dc5af4d60ddea0e76bdf4fd9815cd504434c9981d28bcf1bb22ae66815774d4f003537d951a24a12c0ae48218c6d31e954fe20f4334e0495d474950504fc9635cf5715c8efa06f93a8167bc4607ebcc6e850c6aced635935b2f354a4d2eff9c71cdd39798dffe596115d89e901a43e0fabffd3f554f066c8212add01fa47f79033aa175f4f8033057c4f481381f3db1b5d9b2fd72e27aaecd2a6568e5a724e4a699e89c287162eb44bbf35efa71772f4fbb2650bd93ae4aa3a53192069c0734b4e9742e52955c819090f3106af780bdd564036ddda405fe0a9e9540e5787b7a3fde839f2375e091e63da54d6036c1bc50bf16efd6d198a0ff7ddf8c6d791d85ed885a53ecdee10ce40dd878d8b7b93954e80a0a008ae08698e74409c646c5089bf508d7b32589a4442c84c94b77dd83e10d4cbdcb0a8e9084ba58812ef6c40e078587f3c82140facd7e4a942a967e09580a4969fe4ff18a3c0156538253cf7271ee1be187ac03023eeb037d6b09093308cd5d6ebfccf11f43f9a9963431d1745088180bcd4d59e2bcb9241f4e73c5d72d390b47511a90b3e07f49dae42a11096070f11692f20f77c53b6067dba2171d959b5a2275debdd1a9c7a010efeb75b84ba5a7660b401376022d56817e423ccc9db1bc6b1d2b956782349d7c500986d7f0654e8fe3643715b99ec7334da180d4c011dcf727b2e0bacab1df94afd33a4b8f7bb66cda5811ea1500a00b158d660483287bc26bc04d01ae548ec804478df047de419cbfec2bde1051e1b50b8df92be4909a300094555983dcacf615ca79f394923721f1d9c3bf001a9f4d10c3a0130028e99c355bc4da57b4fa22195bda8151b0ae8901ceb458c28964b2d2d19d109d8c1c2a03dd251e4a2c48312ae66e609e3a8f4cc40d84d7f928a3f0ace6fc07e05ab17c01b9fa7906249d3c0d59e05cd71d020c7263100c4d3ece5cd1d7deb7255413ce7a2e20eb514ef6ee6a3af1bd50aece20562b0a1bf5f9f6d0801166978bbd9d6d17b9925cf7bf53a7385370f960daad1dafd4931eaa5b43ff628a3ae52b4e38067b0d1317954381a9fd9cd1581296425be048e507f51bc1febf332f32d8d3d0d77802b9de5e77963081199c99952dc46ca4e7f92c3986f64902d7dfd243dd388dfc44c95ce461d23684d519da66012bc1d0ce4e3c0072437ea43ce2ff34c688206fc5918c90b236c74664ca28fd0e50daefb7e025a934ab88e6dca644649fb870305df8ab2311461368f2fd837c9d8deedaa811e511ea2f417a2841e3c1796f5c3db316abd070bf049b98e27d023ee0351bc747622556e706968efac792a7792d37cc89ad154e464cd7a6e1fbe278b14d5509a5ed0046e6f1af095a53d238f0427efa87b64ad5ca7a0cc7f649f7be83731b85608946ef03ac01588a2af6533647e24c07b8d8654aeecffb6a2ba11603e101cc708ee80ecb4695457826ae70ce830a5622d3551d7e37eabac8ec2e735dbee213a5b26050e1bdc52d21f7be9578668d3044484180404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + ], + "measurement": 2, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "e720f2d625ee3cabce61d583c8c4054e", + "82e8487025764348020264792b3d100f", + "0d8c76f65caf04ee0e22373be0d61ac5", + "fa6e2f2866078b31b90537e24416fad1", + "2aa44b74bb71c2548b15f78fb0d8a308", + "6fac2e4faa9a82029b9d39b72ec7a5a4", + "869eba63651472a34e9ac8faae398421", + "5d731a67081c36c4ff2a7130e611df5e", + "bb57ffcc3c44370131c88e16f74ad73e", + "c6a27c9c6c632820ba2ced4b0061bac1", + "83c43194cb8dd492735c763e54b8db10", + "143d28498127fcc54acce837c1d7f095", + "5c852ea368195f3a075cff32745e4c36", + "c68a06c8e5f6692f7668fc0688ee7b2f", + "cd1be9e341e8eb5fb5b976d4058a686f", + "56a1ed418b617499bd004287334052b4", + "b479ae311ef97b5fbdf7c285dbbd0261", + "234503e68f2902b94115adfcd6639945", + "c28b47c7ad2575473a55ff0d299326b7", + "e6f80364a4449715a002f0b0a84952fd", + "a92ed45cfe7bbd2cd7ba34a5ce185126", + "8c2a8852c64e0abd11500fe8c87c1bf3", + "d5e8a41b2794a64e56c44655aa8aa137", + "1984ca99584500a1b6d769b2d74409a3", + "c5718952c1bfb854e7a85c2a198afea1", + "5227b1172005f3b1b682767ef22a3a3b", + "1c6251cb9c4527426a4e48171c6cadf6", + "45573fefda9aed7e3548849f846481a6", + "ecac7d36be0e38ef28f6ae28909d229d", + "556a44cdbb4fa61bdb8f627c062b161b", + "c679640feee4c3d7584d20a6eb475f66", + "35680f4a6321ed9c0031f0523632dba7", + "2c349963f6f0a58f982b347d76388501", + "f6f0c16440230782fbb68c3605e94e1b", + "e01d6a321a353eeda86bbc36b2b89898", + "3cb994f99ebfd6d28a0c716e1a4710f1", + "3fad98148a00b7faf3c48c49cfbdb40f", + "bffe0b3167d2e01c8f227a0631843a94", + "eff15a613db675eeff55e451c37498fa", + "a4cf50c7cf5b51ff9e09715da14773e0", + "3a66869191058c64353056836665327b", + "74321e0a1191bf4f400d5e315548da71", + "08e40f80bea56f282d0d338e61449e9e", + "66b0d7b25e0735987966a4a7d1d1d092", + "34b74fed0bbf6fc996ad703dbf95cbc8", + "48d4d646f2cdc06fd956eb87de7fb213", + "431206b92387190aff870f4259a840de", + "9fd788a97451affebb1d2b65143c6107", + "d7a8e35b7a63905c9e16071d38ab6524", + "51e4c156fe074362bfe672079ee42e2a", + "264224d4c3090ae182088617fe2a87d4", + "93f6ebd36672456b3014d4c1bcafc105", + "ec77f9bedf1a62a7a82ef70396c5f767", + "dbd98873567275fac01a901016f214a2", + "768a06e71ae20736fb5f974a8efe8760", + "f4dc7e87f8223b451658ca0ef1ffa005", + "2637d542f00af9813a344a82ab700842", + "3f2be235dff4d6e37b055f8f5b78fe51", + "a994bfacdcbae1faabe006ac32a9ccf6", + "9d1e1d721fae8055c3f58392bd8200ed", + "d08cde43b01a6fe803f496d8beb595ef", + "1a121ed89f5cce5fb7f116c7bcfa1842", + "bd64fffe2ee5e89610d6e5fc6ff7b2e6", + "0c409a6a7bc15045a728a079c9d45368", + "2fa0907b916e3188ddae01baefa5521c", + "c966c6b9585fb4e68402792fc93e73b9", + "69f7e63743d20c2fd91bfcb938f342c2", + "985b8e1a19c25b7a2f002b236230dbce", + "bfae1a7b7d0940a193a5dec0edf39370", + "fa58d7ae88ed2afa51b60f2e70921814", + "9309753919e224d11b4804e1caf0254c", + "cee0a777b606f35aeb11831984019766", + "1afecb632982d79bd6ed52b743dfb0ef", + "62eecd1b7f94381c1acaaa007be45bd0", + "b7dec4325cc318b948c7302c5aad28d2", + "e4f8579ff92cfcc3c3a18f29386fc66a", + "e0b0b3990121c1aee83746f1a55a4aed", + "489fec02985c24cad582ebec7ba6c44d", + "2bf2c3e83071329ade2191d73b449ae8", + "7b408fead07c01593eae70c786f039d8", + "abf4a366e8e5571d0ebb06b7cc707a2e", + "c5306e3f76e97fab3a6c6dd975e74348", + "b8d4995868712714e3d10b74902a9d0c", + "d13b6b91b4347dc5af4d60ddea0e76bd", + "f4fd9815cd504434c9981d28bcf1bb22", + "ae66815774d4f003537d951a24a12c0a", + "e48218c6d31e954fe20f4334e0495d47", + "4950504fc9635cf5715c8efa06f93a81", + "67bc4607ebcc6e850c6aced635935b2f", + "354a4d2eff9c71cdd39798dffe596115", + "d89e901a43e0fabffd3f554f066c8212", + "add01fa47f79033aa175f4f8033057c4", + "f481381f3db1b5d9b2fd72e27aaecd2a", + "6568e5a724e4a699e89c287162eb44bb", + "f35efa71772f4fbb2650bd93ae4aa3a5", + "3192069c0734b4e9742e52955c819090", + "f3106af780bdd564036ddda405fe0a9e", + "9540e5787b7a3fde839f2375e091e63d", + "a54d6036c1bc50bf16efd6d198a0ff7d", + "df8c6d791d85ed885a53ecdee10ce40d" + ], + [ + "1adf0d29da11c354159e2a7c373bfab1", + "7f17b78fda89bcb7e1fd9b86d4c2eff0", + "f5738909a350fb11d5ddc8c41f29e53a", + "0791d0d799f874ce2afac81dbbe9052e", + "d75bb48b448e3dab58ea08704f275cf7", + "9253d1b055657dfd4862c648d1385a5b", + "7b61459c9aeb8d5c9565370551c67bde", + "a48ce598f7e3c93be4d48ecf19ee20a1", + "46a80033c3bbc8feb23771e908b528c1", + "3b5d8363939cd7df29d312b4ff9e453e", + "7e3bce6b34722b6d70a389c1ab4724ef", + "edc2d7b67ed8033a993317c83e280f6a", + "a57ad15c97e6a0c5dca300cd8ba1b3c9", + "3b75f9371a0996d06d9703f9771184d0", + "34e4161cbe1714a02e46892bfa759790", + "ab5e12be749e8b6626ffbd78ccbfad4b", + "4d8651cee10684a026083d7a2442fd9e", + "debafc1970d6fd46a2ea5203299c66ba", + "3f74b83852da8ab8a9aa00f2d66cd948", + "1b07fc9b5bbb68ea43fd0f4f57b6ad02", + "58d12ba3018442d30c45cb5a31e7aed9", + "75d577ad39b1f542d2aff0173783e40c", + "2c175be4d86b59b18d3bb9aa55755ec8", + "e87b3566a7baff5e2d28964d28bbf65c", + "3c8e76ad3e4047abfc56a3d5e675015e", + "afd84ee8dffa0c4e2d7d89810dd5c5c4", + "e59dae3463bad8bd79b1b7e8e3935209", + "bca8c01025651281aeb77b607b9b7e59", + "155382c941f1c710bb0951d76f62dd62", + "ac95bb3244b059e408709d83f9d4e9e4", + "3b869bf0111b3c288bb2df5914b8a099", + "cc97f0b59cde1263e3ce0fadc9cd2458", + "d5cb669c090f5a704bd4cb8289c77afe", + "0b0f3e9bbfdcf87de84873c9fa16b1e4", + "21e295cde5cac1123b9443c94d476767", + "c5466b066140292d59f38e91e5b8ef0e", + "c25267eb75ff4805f03a73b630424bf0", + "4201f4ce982d1fe354dd85f9ce7bc56b", + "120ea59ec2498a11e4a91bae3c8b6705", + "5d30af3830a4ae0045f68ea25eb88c1f", + "c799796e6efa739baecfa97c999acd84", + "8dcde1f5ee6e40b0a3f2a1ceaab7258e", + "f91bf07f415a90d7b6f2cc719ebb6161", + "9b4f284da1f8ca676a995b582e2e2f6d", + "cd48b012f44090364d528fc2406a3437", + "b92b29b90d323f900aa9147821804dec", + "beedf946dc78e6f5e477f0bda657bf21", + "622877568bae500128e2d49aebc39ef8", + "2a571ca4859c6fa345e9f8e2c7549adb", + "b01b3ea901f8bc9d24198df8611bd1d5", + "dbbddb2b3cf6f51e61f779e801d5782b", + "6e09142c998dba94b3eb2b3e43503efa", + "1588064120e59d583bd108fc693a0898", + "2626778ca98d8a0523e56fefe90deb5d", + "8b75f918e51df8c9e89f68b57101789f", + "0d23817807ddc4bacda735f10e005ffa", + "dbc82abd0ff5067ea9cbb57d548ff7bd", + "c2d41dca200b291c68faa070a48701ae", + "586b405323451e05381ff953cd563309", + "64e1e28de0517faa200a7c6d427dff12", + "317321bc4fe59017e00b6927414a6a10", + "e7ede12760a331a02c0ee9384305e7bd", + "449b0001d11a1769d3291a0390084d19", + "f5bf6595843eafba3cd75f86362bac97", + "d25f6f846e91ce770651fe45105aade3", + "38993946a7a04b195ffd86d036c18c46", + "980819c8bc2df3d00ae40346c70cbd3d", + "69a471e5e63da485b4ffd4dc9dcf2431", + "4251e58482f6bf5e505a213f120c6c8f", + "07a728517712d5059249f0d18f6de7eb", + "6ef68ac6e61ddb2ec8b7fb1e350fdab3", + "331f588849f90ca5f8ed7ce67bfe6899", + "e701349cd67d28640d12ad48bc204f10", + "9f1132e4806bc7e3c93555ff841ba42f", + "4a213bcda33ce7469b38cfd3a552d72d", + "1d07a86006d3033c205e70d6c7903995", + "214f4c66fede3e51fbc7b90e5aa5b512", + "b96013fd67a3db350e7d141384593bb2", + "d60d3c17cf8ecd6505de6e28c4bb6517", + "86bf70152f83fea6a5518f38790fc627", + "560b5c99171aa8e2d544f948338f85d1", + "3ccf91c089168054a99392268a18bcb7", + "492b66a7978ed8eb002ef48b6fd562f3", + "30c4946e4bcb823a34b29f2215f18942", + "0d0267ea32afbbcb1a67e2d7430e44dd", + "53997ea88b2b0ffc90826ae5db5ed3f5", + "1d7de7392ce16ab001f0bccb1fb6a2b8", + "b8afafb0369ca30a72a37105f906c57e", + "9a43b9f81433917ad7953129ca6ca4d0", + "ccb5b2d100638e321068672001a69eea", + "29616fe5bc1f0540e6bfaab0f9937ded", + "542fe05b8086fcc5428a0b07fccfa83b", + "0d7ec7e0c24e4a2631028d1d855132d5", + "9c971a58db1b5966fb62d78e9d14bb44", + "0ea1058e88d0b044bdaf426c51b55c5a", + "d06df963f8cb4b166fd1ad6aa37e6f6f", + "0eef95087f422a9be092225bfa01f561", + "6cbf1a878485c0216060dc8a1f6e19c2", + "5cb29fc93e43af40cd10292e675f0082", + "22739286e27a127789ac13211ef31bf2" + ] + ], + "prep_messages": [ + "baa2841ddb7c9165f4a782633dd7e92b49dd1b3442de0069c780f74a63cb53e6" + ], + "prep_shares": [ + [ + "66e14d38c90694ecaed6e1e6e54ff37f27eba1c272bf7ca7ab0768e3d1f75404ae6456b732d066ab74d4f2da6dcaa2494b444ff6c14e6773609eabc32282d9d456cc565ec94950085319139daef29568e2fa6699702a0d3aa4018d71a3c28b9cdf73ee692130d39de44328e3e4d49af0a5bd4b6f62bb3357eacc129f8e358c99388813e1976784d821d2babaedcd760d02a6fce712900190c3b95ccee4938267eca51216da0b13cd6c9c7978189efda79f847e987c4b6a31778cd1466a2967e22b6143d62e4e1229aa7f5ea7853901c6d542b0d5ab0fd6de397ae38bf935dd3b3521e9a9f0eb93b2a26dbdf9654d6c68562725cf6aeea09fed87fe61ed35d8d570a03cdeee9719af30cf68bd18cf728ad989db144725a3b8b81f6c7f12c1af0bdb7b5dead163e4ce99128251a44a6476b4a46cee9fd105411657e6dd313dc90a8bc37948a39bc02ee7a80168be082b4667085e83d49c770521af5a4baff811b9fa66d5dbb62e46d22ecd373679b0025334b8c93cb5aca96774a571d0601ab77d", + "9b1eb2c736f96b1335291e191ab00c80c464d3dc55c52b9f6d0a6c5d7ed0f01ccac1655435b03aec8c6f8aa8c6798e053ee915cb8a8b70d1582b242961f39b401db842439560a70ce333a273d4da9b37dc5fc812448a68f27bf39ef221b32b8c1d51e55b553ea3a4056d627a2e5b2ced712688d79553a0321c32cb1fb474da3b12ba32779614365afdfd645a8b3fa5178c2702c30745ab64a048340a733022bc5e4d60fbae27377187a09ee9d933ce06bb5851772b2f9c71d9e37a28078db2bd1f97bf8466cbf7dda8442d7f7af37c32b79c7d70e993ac0f2f44ece039290c13345318abde99a7db7b9fee2a33d5938d4b71eda2201dce4b4626e2f47757834fe9761e56d960409a891124141f1ff5a194b2245749a34f12514f0cf75774a86a4c3d78cad0829883f6c1f520ec2808c7279e2949fdb4d2ed8c2c519332588fc00d61f8fc19a8f4829a1853b60eba481c3177450712ccb1da331bd9ad3fd98d3e40ae4be243e624b1ffde96162c2fa48392128bd79d2861098ffc5ab20af7ec18" + ] + ], + "public_share": "fa66d5dbb62e46d22ecd373679b0025334b8c93cb5aca96774a571d0601ab77d40ae4be243e624b1ffde96162c2fa48392128bd79d2861098ffc5ab20af7ec18", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + }, + { + "input_shares": [ + "e720f2d625ee3cabce61d583c8c4054e82e8487025764348020264792b3d100f0c8c76f65caf04ee0e22373be0d61ac5fa6e2f2866078b31b90537e24416fad12aa44b74bb71c2548b15f78fb0d8a3086fac2e4faa9a82029b9d39b72ec7a5a4869eba63651472a34e9ac8faae3984215d731a67081c36c4ff2a7130e611df5ebb57ffcc3c44370131c88e16f74ad73ec6a27c9c6c632820ba2ced4b0061bac183c43194cb8dd492735c763e54b8db10143d28498127fcc54acce837c1d7f0955c852ea368195f3a075cff32745e4c36c68a06c8e5f6692f7668fc0688ee7b2fcd1be9e341e8eb5fb5b976d4058a686f56a1ed418b617499bd004287334052b4b479ae311ef97b5fbdf7c285dbbd0261234503e68f2902b94115adfcd6639945c28b47c7ad2575473a55ff0d299326b7e6f80364a4449715a002f0b0a84952fda92ed45cfe7bbd2cd7ba34a5ce1851268c2a8852c64e0abd11500fe8c87c1bf3d5e8a41b2794a64e56c44655aa8aa1371984ca99584500a1b6d769b2d74409a3c5718952c1bfb854e7a85c2a198afea15227b1172005f3b1b682767ef22a3a3b1c6251cb9c4527426a4e48171c6cadf645573fefda9aed7e3548849f846481a6ecac7d36be0e38ef28f6ae28909d229d556a44cdbb4fa61bdb8f627c062b161bc679640feee4c3d7584d20a6eb475f6635680f4a6321ed9c0031f0523632dba72c349963f6f0a58f982b347d76388501f6f0c16440230782fbb68c3605e94e1be01d6a321a353eeda86bbc36b2b898983cb994f99ebfd6d28a0c716e1a4710f13fad98148a00b7faf3c48c49cfbdb40fbffe0b3167d2e01c8f227a0631843a94eff15a613db675eeff55e451c37498faa4cf50c7cf5b51ff9e09715da14773e03a66869191058c64353056836665327b74321e0a1191bf4f400d5e315548da7108e40f80bea56f282d0d338e61449e9e66b0d7b25e0735987966a4a7d1d1d09234b74fed0bbf6fc996ad703dbf95cbc848d4d646f2cdc06fd956eb87de7fb213431206b92387190aff870f4259a840de9fd788a97451affebb1d2b65143c6107d7a8e35b7a63905c9e16071d38ab652451e4c156fe074362bfe672079ee42e2a264224d4c3090ae182088617fe2a87d493f6ebd36672456b3014d4c1bcafc105ec77f9bedf1a62a7a82ef70396c5f767dbd98873567275fac01a901016f214a2768a06e71ae20736fb5f974a8efe8760f4dc7e87f8223b451658ca0ef1ffa0052637d542f00af9813a344a82ab7008423f2be235dff4d6e37b055f8f5b78fe51a994bfacdcbae1faabe006ac32a9ccf69d1e1d721fae8055c3f58392bd8200edd08cde43b01a6fe803f496d8beb595ef1a121ed89f5cce5fb7f116c7bcfa1842bd64fffe2ee5e89610d6e5fc6ff7b2e60c409a6a7bc15045a728a079c9d453682fa0907b916e3188ddae01baefa5521cc966c6b9585fb4e68402792fc93e73b969f7e63743d20c2fd91bfcb938f342c2985b8e1a19c25b7a2f002b236230dbcebfae1a7b7d0940a193a5dec0edf39370fa58d7ae88ed2afa51b60f2e709218149309753919e224d11b4804e1caf0254ccee0a777b606f35aeb118319840197661afecb632982d79bd6ed52b743dfb0ef62eecd1b7f94381c1acaaa007be45bd0b7dec4325cc318b948c7302c5aad28d2e4f8579ff92cfcc3c3a18f29386fc66ae0b0b3990121c1aee83746f1a55a4aed489fec02985c24cad582ebec7ba6c44d2bf2c3e83071329ade2191d73b449ae87b408fead07c01593eae70c786f039d8abf4a366e8e5571d0ebb06b7cc707a2ec5306e3f76e97fab3a6c6dd975e74348b8d4995868712714e3d10b74902a9d0cd13b6b91b4347dc5af4d60ddea0e76bdf4fd9815cd504434c9981d28bcf1bb22ae66815774d4f003537d951a24a12c0ae48218c6d31e954fe20f4334e0495d474950504fc9635cf5715c8efa06f93a8167bc4607ebcc6e850c6aced635935b2f354a4d2eff9c71cdd39798dffe596115d89e901a43e0fabffd3f554f066c8212add01fa47f79033aa175f4f8033057c4f481381f3db1b5d9b2fd72e27aaecd2a6568e5a724e4a699e89c287162eb44bbf35efa71772f4fbb2650bd93ae4aa3a53192069c0734b4e9742e52955c819090f3106af780bdd564036ddda405fe0a9e9540e5787b7a3fde839f2375e091e63da54d6036c1bc50bf16efd6d198a0ff7de08c6d791d85ed885a53ecdee10ce40dd878d8b7b93954e80a0a008ae08698e74409c646c5089bf508d7b32589a4442c84c94b77dd83e10d4cbdcb0a8e9084ba58812ef6c40e078587f3c82140facd7e4a942a967e09580a4969fe4ff18a3c0156538253cf7271ee1be187ac03023eeb037d6b09093308cd5d6ebfccf11f43f9a9963431d1745088180bcd4d59e2bcb9241f4e73c5d72d390b47511a90b3e07f49dae42a11096070f11692f20f77c53b6067dba2171d959b5a2275debdd1a9c7a010efeb75b84ba5a7660b401376022d56817e423ccc9db1bc6b1d2b956782349d7c500986d7f0654e8fe3643715b99ec7334da180d4c011dcf727b2e0bacab1df94afd33a4b8f7bb66cda5811ea1500a00b158d660483287bc26bc04d01ae548ec804478df047de419cbfec2bde1051e1b50b8df92be4909a300094555983dcacf615ca79f394923721f1d9c3bf001adca7981fce37c38b216b2674cdf08e34a305dd18a5027553155ed527d6789e1b25a7b45e058ef22d4e3e352f008437c677e133839a824b3bf853bbf3a0a00f129037ff071aa7f85d8a68b8f2fb9f9b0cd9865270d4d64dce6f95d8206f8154bb3f7900f6fc5163edf7541f0421c5cec6752a580f2f4405aaef5d0a53324a8c5b7231d06018ed66ac4302eb0418001761c438288ca5606fee8d061c9c08c9874f6bc7f96802eae1af0b4b962cdb936179f589efdfb9293f0d90a559184d311562d8cee42e499e432705ef48f7a7f607fbcb02db1627dc54902e2db34de1ced1d27558386e1e0cf29a9062dae33e3ac72ad23684d519da66012bc1d0ce4e3c007205241ce0b4db71626c527eac887659328de482a6ffa7d96be9051c5ebf05cda2eb9304503fc70efe6a5cfe0a1e46367716635e55d261cf9c40e7e3c2f41bfc0042fa27072444a9769670867915853b8884ba5581ee038c8d56acb409e9ec1dd977ea6670dc2d550e79a692f688d398d5c710ead1a3752e7d9010a1e17cbe69e4699160baa7fdf64966aeaaae02132b3459e91c8ec1e2e8aaa38aaebdebde68fbdbe36a79c22540f26202c72d3f3b0c30d70ddeb8825a749f999688fc0865c8c8b576704a5eba421d7e6c3a6133bbac99496590bd3daa6f10f3fdd3adbd10c80362af8f96e2bd10d82091af91ce6a5eb7404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + ], + "measurement": 99, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "e720f2d625ee3cabce61d583c8c4054e", + "82e8487025764348020264792b3d100f", + "0c8c76f65caf04ee0e22373be0d61ac5", + "fa6e2f2866078b31b90537e24416fad1", + "2aa44b74bb71c2548b15f78fb0d8a308", + "6fac2e4faa9a82029b9d39b72ec7a5a4", + "869eba63651472a34e9ac8faae398421", + "5d731a67081c36c4ff2a7130e611df5e", + "bb57ffcc3c44370131c88e16f74ad73e", + "c6a27c9c6c632820ba2ced4b0061bac1", + "83c43194cb8dd492735c763e54b8db10", + "143d28498127fcc54acce837c1d7f095", + "5c852ea368195f3a075cff32745e4c36", + "c68a06c8e5f6692f7668fc0688ee7b2f", + "cd1be9e341e8eb5fb5b976d4058a686f", + "56a1ed418b617499bd004287334052b4", + "b479ae311ef97b5fbdf7c285dbbd0261", + "234503e68f2902b94115adfcd6639945", + "c28b47c7ad2575473a55ff0d299326b7", + "e6f80364a4449715a002f0b0a84952fd", + "a92ed45cfe7bbd2cd7ba34a5ce185126", + "8c2a8852c64e0abd11500fe8c87c1bf3", + "d5e8a41b2794a64e56c44655aa8aa137", + "1984ca99584500a1b6d769b2d74409a3", + "c5718952c1bfb854e7a85c2a198afea1", + "5227b1172005f3b1b682767ef22a3a3b", + "1c6251cb9c4527426a4e48171c6cadf6", + "45573fefda9aed7e3548849f846481a6", + "ecac7d36be0e38ef28f6ae28909d229d", + "556a44cdbb4fa61bdb8f627c062b161b", + "c679640feee4c3d7584d20a6eb475f66", + "35680f4a6321ed9c0031f0523632dba7", + "2c349963f6f0a58f982b347d76388501", + "f6f0c16440230782fbb68c3605e94e1b", + "e01d6a321a353eeda86bbc36b2b89898", + "3cb994f99ebfd6d28a0c716e1a4710f1", + "3fad98148a00b7faf3c48c49cfbdb40f", + "bffe0b3167d2e01c8f227a0631843a94", + "eff15a613db675eeff55e451c37498fa", + "a4cf50c7cf5b51ff9e09715da14773e0", + "3a66869191058c64353056836665327b", + "74321e0a1191bf4f400d5e315548da71", + "08e40f80bea56f282d0d338e61449e9e", + "66b0d7b25e0735987966a4a7d1d1d092", + "34b74fed0bbf6fc996ad703dbf95cbc8", + "48d4d646f2cdc06fd956eb87de7fb213", + "431206b92387190aff870f4259a840de", + "9fd788a97451affebb1d2b65143c6107", + "d7a8e35b7a63905c9e16071d38ab6524", + "51e4c156fe074362bfe672079ee42e2a", + "264224d4c3090ae182088617fe2a87d4", + "93f6ebd36672456b3014d4c1bcafc105", + "ec77f9bedf1a62a7a82ef70396c5f767", + "dbd98873567275fac01a901016f214a2", + "768a06e71ae20736fb5f974a8efe8760", + "f4dc7e87f8223b451658ca0ef1ffa005", + "2637d542f00af9813a344a82ab700842", + "3f2be235dff4d6e37b055f8f5b78fe51", + "a994bfacdcbae1faabe006ac32a9ccf6", + "9d1e1d721fae8055c3f58392bd8200ed", + "d08cde43b01a6fe803f496d8beb595ef", + "1a121ed89f5cce5fb7f116c7bcfa1842", + "bd64fffe2ee5e89610d6e5fc6ff7b2e6", + "0c409a6a7bc15045a728a079c9d45368", + "2fa0907b916e3188ddae01baefa5521c", + "c966c6b9585fb4e68402792fc93e73b9", + "69f7e63743d20c2fd91bfcb938f342c2", + "985b8e1a19c25b7a2f002b236230dbce", + "bfae1a7b7d0940a193a5dec0edf39370", + "fa58d7ae88ed2afa51b60f2e70921814", + "9309753919e224d11b4804e1caf0254c", + "cee0a777b606f35aeb11831984019766", + "1afecb632982d79bd6ed52b743dfb0ef", + "62eecd1b7f94381c1acaaa007be45bd0", + "b7dec4325cc318b948c7302c5aad28d2", + "e4f8579ff92cfcc3c3a18f29386fc66a", + "e0b0b3990121c1aee83746f1a55a4aed", + "489fec02985c24cad582ebec7ba6c44d", + "2bf2c3e83071329ade2191d73b449ae8", + "7b408fead07c01593eae70c786f039d8", + "abf4a366e8e5571d0ebb06b7cc707a2e", + "c5306e3f76e97fab3a6c6dd975e74348", + "b8d4995868712714e3d10b74902a9d0c", + "d13b6b91b4347dc5af4d60ddea0e76bd", + "f4fd9815cd504434c9981d28bcf1bb22", + "ae66815774d4f003537d951a24a12c0a", + "e48218c6d31e954fe20f4334e0495d47", + "4950504fc9635cf5715c8efa06f93a81", + "67bc4607ebcc6e850c6aced635935b2f", + "354a4d2eff9c71cdd39798dffe596115", + "d89e901a43e0fabffd3f554f066c8212", + "add01fa47f79033aa175f4f8033057c4", + "f481381f3db1b5d9b2fd72e27aaecd2a", + "6568e5a724e4a699e89c287162eb44bb", + "f35efa71772f4fbb2650bd93ae4aa3a5", + "3192069c0734b4e9742e52955c819090", + "f3106af780bdd564036ddda405fe0a9e", + "9540e5787b7a3fde839f2375e091e63d", + "a54d6036c1bc50bf16efd6d198a0ff7d", + "e08c6d791d85ed885a53ecdee10ce40d" + ], + [ + "1adf0d29da11c354159e2a7c373bfab1", + "7f17b78fda89bcb7e1fd9b86d4c2eff0", + "f5738909a350fb11d5ddc8c41f29e53a", + "0791d0d799f874ce2afac81dbbe9052e", + "d75bb48b448e3dab58ea08704f275cf7", + "9253d1b055657dfd4862c648d1385a5b", + "7b61459c9aeb8d5c9565370551c67bde", + "a48ce598f7e3c93be4d48ecf19ee20a1", + "46a80033c3bbc8feb23771e908b528c1", + "3b5d8363939cd7df29d312b4ff9e453e", + "7e3bce6b34722b6d70a389c1ab4724ef", + "edc2d7b67ed8033a993317c83e280f6a", + "a57ad15c97e6a0c5dca300cd8ba1b3c9", + "3b75f9371a0996d06d9703f9771184d0", + "34e4161cbe1714a02e46892bfa759790", + "ab5e12be749e8b6626ffbd78ccbfad4b", + "4d8651cee10684a026083d7a2442fd9e", + "debafc1970d6fd46a2ea5203299c66ba", + "3f74b83852da8ab8a9aa00f2d66cd948", + "1b07fc9b5bbb68ea43fd0f4f57b6ad02", + "58d12ba3018442d30c45cb5a31e7aed9", + "75d577ad39b1f542d2aff0173783e40c", + "2c175be4d86b59b18d3bb9aa55755ec8", + "e87b3566a7baff5e2d28964d28bbf65c", + "3c8e76ad3e4047abfc56a3d5e675015e", + "afd84ee8dffa0c4e2d7d89810dd5c5c4", + "e59dae3463bad8bd79b1b7e8e3935209", + "bca8c01025651281aeb77b607b9b7e59", + "155382c941f1c710bb0951d76f62dd62", + "ac95bb3244b059e408709d83f9d4e9e4", + "3b869bf0111b3c288bb2df5914b8a099", + "cc97f0b59cde1263e3ce0fadc9cd2458", + "d5cb669c090f5a704bd4cb8289c77afe", + "0b0f3e9bbfdcf87de84873c9fa16b1e4", + "21e295cde5cac1123b9443c94d476767", + "c5466b066140292d59f38e91e5b8ef0e", + "c25267eb75ff4805f03a73b630424bf0", + "4201f4ce982d1fe354dd85f9ce7bc56b", + "120ea59ec2498a11e4a91bae3c8b6705", + "5d30af3830a4ae0045f68ea25eb88c1f", + "c799796e6efa739baecfa97c999acd84", + "8dcde1f5ee6e40b0a3f2a1ceaab7258e", + "f91bf07f415a90d7b6f2cc719ebb6161", + "9b4f284da1f8ca676a995b582e2e2f6d", + "cd48b012f44090364d528fc2406a3437", + "b92b29b90d323f900aa9147821804dec", + "beedf946dc78e6f5e477f0bda657bf21", + "622877568bae500128e2d49aebc39ef8", + "2a571ca4859c6fa345e9f8e2c7549adb", + "b01b3ea901f8bc9d24198df8611bd1d5", + "dbbddb2b3cf6f51e61f779e801d5782b", + "6e09142c998dba94b3eb2b3e43503efa", + "1588064120e59d583bd108fc693a0898", + "2626778ca98d8a0523e56fefe90deb5d", + "8b75f918e51df8c9e89f68b57101789f", + "0d23817807ddc4bacda735f10e005ffa", + "dbc82abd0ff5067ea9cbb57d548ff7bd", + "c2d41dca200b291c68faa070a48701ae", + "586b405323451e05381ff953cd563309", + "64e1e28de0517faa200a7c6d427dff12", + "317321bc4fe59017e00b6927414a6a10", + "e7ede12760a331a02c0ee9384305e7bd", + "449b0001d11a1769d3291a0390084d19", + "f5bf6595843eafba3cd75f86362bac97", + "d25f6f846e91ce770651fe45105aade3", + "38993946a7a04b195ffd86d036c18c46", + "980819c8bc2df3d00ae40346c70cbd3d", + "69a471e5e63da485b4ffd4dc9dcf2431", + "4251e58482f6bf5e505a213f120c6c8f", + "07a728517712d5059249f0d18f6de7eb", + "6ef68ac6e61ddb2ec8b7fb1e350fdab3", + "331f588849f90ca5f8ed7ce67bfe6899", + "e701349cd67d28640d12ad48bc204f10", + "9f1132e4806bc7e3c93555ff841ba42f", + "4a213bcda33ce7469b38cfd3a552d72d", + "1d07a86006d3033c205e70d6c7903995", + "214f4c66fede3e51fbc7b90e5aa5b512", + "b96013fd67a3db350e7d141384593bb2", + "d60d3c17cf8ecd6505de6e28c4bb6517", + "86bf70152f83fea6a5518f38790fc627", + "560b5c99171aa8e2d544f948338f85d1", + "3ccf91c089168054a99392268a18bcb7", + "492b66a7978ed8eb002ef48b6fd562f3", + "30c4946e4bcb823a34b29f2215f18942", + "0d0267ea32afbbcb1a67e2d7430e44dd", + "53997ea88b2b0ffc90826ae5db5ed3f5", + "1d7de7392ce16ab001f0bccb1fb6a2b8", + "b8afafb0369ca30a72a37105f906c57e", + "9a43b9f81433917ad7953129ca6ca4d0", + "ccb5b2d100638e321068672001a69eea", + "29616fe5bc1f0540e6bfaab0f9937ded", + "542fe05b8086fcc5428a0b07fccfa83b", + "0d7ec7e0c24e4a2631028d1d855132d5", + "9c971a58db1b5966fb62d78e9d14bb44", + "0ea1058e88d0b044bdaf426c51b55c5a", + "d06df963f8cb4b166fd1ad6aa37e6f6f", + "0eef95087f422a9be092225bfa01f561", + "6cbf1a878485c0216060dc8a1f6e19c2", + "5cb29fc93e43af40cd10292e675f0082", + "22739286e27a127789ac13211ef31bf2" + ] + ], + "prep_messages": [ + "0900d619e75cda06ed8b38db0a1d1ada2c3570643374d4d0223b63bd9f4ed7b6" + ], + "prep_shares": [ + [ + "66e14d38c90694ecaed6e1e6e54ff37fce4abb3d00eb8a7dd7c26bc25d0fffaeae6456b732d066ab74d4f2da6dcaa249f8525a13e33a3bd9950fde34fd1f1d3256cc565ec94950085319139daef29568048c2943883dfda634b6ff5c49709e1f1771b890a81981bd862ff9eb352d2c7a39f5100e20caac624a0e0279a449195f388813e1976784d821d2babaedcd760db60e161a0259afafd537e1db1485813ceca51216da0b13cd6c9c7978189efda752c1051f95d025b237f3884902f3e8842b6143d62e4e1229aa7f5ea7853901c63f6afb66440558221790880305179b633521e9a9f0eb93b2a26dbdf9654d6c688698126d4789f557989863634d3ca19f70a03cdeee9719af30cf68bd18cf728afda6370e8e6197bd6c7390d0aefb3f3adb7b5dead163e4ce99128251a44a64763141fa7df5e74394166bc1636804bef37b44255378dc49c5a4cae709ea3485165a149b4a733d2c76efca5b9af9ea34342fecd68b2f22c7d563da5c4e5206638d88f2b13480cc62d18a56960eae5848ce", + "9b1eb2c736f96b1335291e191ab00c801e05ba61c8991dc9254f687ef2b84672cac1655435b03aec8c6f8aa8c6798e0591da0aae699f9c6b23baf1b7865558e31db842439560a70ce333a273d4da9b37dbcf3289b790c1c043355fec8cc50a591d51e55b553ea3a4056d627a2e5b2cedddeec238d8442727bcf0db459e604d7612ba32779614365afdfd645a8b3fa517d8bee890187cfd448ecaaffc423f23e75e4d60fbae27377187a09ee9d933ce06071ccaf012aae0f0347dc3256fc3301b1f97bf8466cbf7dda8442d7f7af37c324e7532df509e2acc352e47692e484eeb345318abde99a7db7b9fee2a33d5938d1b000005448279939b157df31751ba85e9761e56d960409a891124141f1ff5a17095c85d02675b0d9dfbe7a5bb39183c4c3d78cad0829883f6c1f520ec2808c73aa5446dd7c86fa6e62df1e1a69033d40d61f8fc19a8f4829a1853b60eba481c3177450712ccb1da331bd9ad3fd98d3e40ae4be243e624b1ffde96162c2fa48392128bd79d2861098ffc5ab20af7ec18" + ] + ], + "public_share": "2fecd68b2f22c7d563da5c4e5206638d88f2b13480cc62d18a56960eae5848ce40ae4be243e624b1ffde96162c2fa48392128bd79d2861098ffc5ab20af7ec18", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + }, + { + "input_shares": [ + "e720f2d625ee3cabce61d583c8c4054e82e8487025764348020264792b3d100f0c8c76f65caf04ee0e22373be0d61ac5fa6e2f2866078b31b90537e24416fad12aa44b74bb71c2548b15f78fb0d8a3086fac2e4faa9a82029b9d39b72ec7a5a4869eba63651472a34e9ac8faae3984215d731a67081c36c4ff2a7130e611df5ebb57ffcc3c44370131c88e16f74ad73ec6a27c9c6c632820ba2ced4b0061bac183c43194cb8dd492735c763e54b8db10143d28498127fcc54acce837c1d7f0955c852ea368195f3a075cff32745e4c36c68a06c8e5f6692f7668fc0688ee7b2fcd1be9e341e8eb5fb5b976d4058a686f56a1ed418b617499bd004287334052b4b479ae311ef97b5fbdf7c285dbbd0261234503e68f2902b94115adfcd6639945c28b47c7ad2575473a55ff0d299326b7e6f80364a4449715a002f0b0a84952fda92ed45cfe7bbd2cd7ba34a5ce1851268c2a8852c64e0abd11500fe8c87c1bf3d5e8a41b2794a64e56c44655aa8aa1371984ca99584500a1b6d769b2d74409a3c5718952c1bfb854e7a85c2a198afea15227b1172005f3b1b682767ef22a3a3b1c6251cb9c4527426a4e48171c6cadf645573fefda9aed7e3548849f846481a6ecac7d36be0e38ef28f6ae28909d229d556a44cdbb4fa61bdb8f627c062b161bc679640feee4c3d7584d20a6eb475f6635680f4a6321ed9c0031f0523632dba72c349963f6f0a58f982b347d76388501f6f0c16440230782fbb68c3605e94e1be01d6a321a353eeda86bbc36b2b898983cb994f99ebfd6d28a0c716e1a4710f13fad98148a00b7faf3c48c49cfbdb40fbffe0b3167d2e01c8f227a0631843a94eff15a613db675eeff55e451c37498faa4cf50c7cf5b51ff9e09715da14773e03a66869191058c64353056836665327b74321e0a1191bf4f400d5e315548da7108e40f80bea56f282d0d338e61449e9e66b0d7b25e0735987966a4a7d1d1d09234b74fed0bbf6fc996ad703dbf95cbc848d4d646f2cdc06fd956eb87de7fb213431206b92387190aff870f4259a840de9fd788a97451affebb1d2b65143c6107d7a8e35b7a63905c9e16071d38ab652451e4c156fe074362bfe672079ee42e2a264224d4c3090ae182088617fe2a87d493f6ebd36672456b3014d4c1bcafc105ec77f9bedf1a62a7a82ef70396c5f767dbd98873567275fac01a901016f214a2768a06e71ae20736fb5f974a8efe8760f4dc7e87f8223b451658ca0ef1ffa0052637d542f00af9813a344a82ab7008423f2be235dff4d6e37b055f8f5b78fe51a994bfacdcbae1faabe006ac32a9ccf69d1e1d721fae8055c3f58392bd8200edd08cde43b01a6fe803f496d8beb595ef1a121ed89f5cce5fb7f116c7bcfa1842bd64fffe2ee5e89610d6e5fc6ff7b2e60c409a6a7bc15045a728a079c9d453682fa0907b916e3188ddae01baefa5521cc966c6b9585fb4e68402792fc93e73b969f7e63743d20c2fd91bfcb938f342c2985b8e1a19c25b7a2f002b236230dbcebfae1a7b7d0940a193a5dec0edf39370fa58d7ae88ed2afa51b60f2e709218149309753919e224d11b4804e1caf0254ccee0a777b606f35aeb118319840197661afecb632982d79bd6ed52b743dfb0ef62eecd1b7f94381c1acaaa007be45bd0b7dec4325cc318b948c7302c5aad28d2e4f8579ff92cfcc3c3a18f29386fc66ae0b0b3990121c1aee83746f1a55a4aed489fec02985c24cad582ebec7ba6c44d2bf2c3e83071329ade2191d73b449ae87b408fead07c01593eae70c786f039d8abf4a366e8e5571d0ebb06b7cc707a2ec5306e3f76e97fab3a6c6dd975e74348b8d4995868712714e3d10b74902a9d0cd13b6b91b4347dc5af4d60ddea0e76bdf4fd9815cd504434c9981d28bcf1bb22ae66815774d4f003537d951a24a12c0ae48218c6d31e954fe20f4334e0495d474950504fc9635cf5715c8efa06f93a8167bc4607ebcc6e850c6aced635935b2f354a4d2eff9c71cdd39798dffe596115d89e901a43e0fabffd3f554f066c8212add01fa47f79033aa175f4f8033057c4f481381f3db1b5d9b2fd72e27aaecd2a6568e5a724e4a699e89c287162eb44bbf35efa71772f4fbb2650bd93ae4aa3a53192069c0734b4e9742e52955c819090f3106af780bdd564036ddda405fe0a9e9540e5787b7a3fde839f2375e091e63da54d6036c1bc50bf16efd6d198a0ff7de08c6d791d85ed885a53ecdee10ce40dd878d8b7b93954e80a0a008ae08698e74409c646c5089bf508d7b32589a4442c84c94b77dd83e10d4cbdcb0a8e9084ba58812ef6c40e078587f3c82140facd7e4a942a967e09580a4969fe4ff18a3c0156538253cf7271ee1be187ac03023eeb037d6b09093308cd5d6ebfccf11f43f9a9963431d1745088180bcd4d59e2bcb9241f4e73c5d72d390b47511a90b3e07f49dae42a11096070f11692f20f77c53b6067dba2171d959b5a2275debdd1a9c7a010efeb75b84ba5a7660b401376022d56817e423ccc9db1bc6b1d2b956782349d7c500986d7f0654e8fe3643715b99ec7334da180d4c011dcf727b2e0bacab1df94afd33a4b8f7bb66cda5811ea1500a00b158d660483287bc26bc04d01ae548ec804478df047de419cbfec2bde1051e1b50b8df92be4909a300094555983dcacf615ca79f394923721f1d9c3bf001adca7981fce37c38b216b2674cdf08e34a305dd18a5027553155ed527d6789e1b25a7b45e058ef22d4e3e352f008437c677e133839a824b3bf853bbf3a0a00f129037ff071aa7f85d8a68b8f2fb9f9b0cd9865270d4d64dce6f95d8206f8154bb3f7900f6fc5163edf7541f0421c5cec6752a580f2f4405aaef5d0a53324a8c5b7231d06018ed66ac4302eb0418001761c438288ca5606fee8d061c9c08c9874f6bc7f96802eae1af0b4b962cdb936179f589efdfb9293f0d90a559184d311562d8cee42e499e432705ef48f7a7f607fbcb02db1627dc54902e2db34de1ced1d27558386e1e0cf29a9062dae33e3ac72ad23684d519da66012bc1d0ce4e3c007205241ce0b4db71626c527eac887659328de482a6ffa7d96be9051c5ebf05cda2eb9304503fc70efe6a5cfe0a1e46367716635e55d261cf9c40e7e3c2f41bfc0042fa27072444a9769670867915853b8884ba5581ee038c8d56acb409e9ec1dd977ea6670dc2d550e79a692f688d398d5c710ead1a3752e7d9010a1e17cbe69e4699160baa7fdf64966aeaaae02132b3459e91c8ec1e2e8aaa38aaebdebde68fbdbe36a79c22540f26202c72d3f3b0c30d70ddeb8825a749f999688fc0865c8c8b576704a5eba421d7e6c3a6133bbac99496590bd3daa6f10f3fdd3adbd10c80362af8f96e2bd10d82091af91ce6a5eb7404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + ], + "measurement": 99, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "e720f2d625ee3cabce61d583c8c4054e", + "82e8487025764348020264792b3d100f", + "0c8c76f65caf04ee0e22373be0d61ac5", + "fa6e2f2866078b31b90537e24416fad1", + "2aa44b74bb71c2548b15f78fb0d8a308", + "6fac2e4faa9a82029b9d39b72ec7a5a4", + "869eba63651472a34e9ac8faae398421", + "5d731a67081c36c4ff2a7130e611df5e", + "bb57ffcc3c44370131c88e16f74ad73e", + "c6a27c9c6c632820ba2ced4b0061bac1", + "83c43194cb8dd492735c763e54b8db10", + "143d28498127fcc54acce837c1d7f095", + "5c852ea368195f3a075cff32745e4c36", + "c68a06c8e5f6692f7668fc0688ee7b2f", + "cd1be9e341e8eb5fb5b976d4058a686f", + "56a1ed418b617499bd004287334052b4", + "b479ae311ef97b5fbdf7c285dbbd0261", + "234503e68f2902b94115adfcd6639945", + "c28b47c7ad2575473a55ff0d299326b7", + "e6f80364a4449715a002f0b0a84952fd", + "a92ed45cfe7bbd2cd7ba34a5ce185126", + "8c2a8852c64e0abd11500fe8c87c1bf3", + "d5e8a41b2794a64e56c44655aa8aa137", + "1984ca99584500a1b6d769b2d74409a3", + "c5718952c1bfb854e7a85c2a198afea1", + "5227b1172005f3b1b682767ef22a3a3b", + "1c6251cb9c4527426a4e48171c6cadf6", + "45573fefda9aed7e3548849f846481a6", + "ecac7d36be0e38ef28f6ae28909d229d", + "556a44cdbb4fa61bdb8f627c062b161b", + "c679640feee4c3d7584d20a6eb475f66", + "35680f4a6321ed9c0031f0523632dba7", + "2c349963f6f0a58f982b347d76388501", + "f6f0c16440230782fbb68c3605e94e1b", + "e01d6a321a353eeda86bbc36b2b89898", + "3cb994f99ebfd6d28a0c716e1a4710f1", + "3fad98148a00b7faf3c48c49cfbdb40f", + "bffe0b3167d2e01c8f227a0631843a94", + "eff15a613db675eeff55e451c37498fa", + "a4cf50c7cf5b51ff9e09715da14773e0", + "3a66869191058c64353056836665327b", + "74321e0a1191bf4f400d5e315548da71", + "08e40f80bea56f282d0d338e61449e9e", + "66b0d7b25e0735987966a4a7d1d1d092", + "34b74fed0bbf6fc996ad703dbf95cbc8", + "48d4d646f2cdc06fd956eb87de7fb213", + "431206b92387190aff870f4259a840de", + "9fd788a97451affebb1d2b65143c6107", + "d7a8e35b7a63905c9e16071d38ab6524", + "51e4c156fe074362bfe672079ee42e2a", + "264224d4c3090ae182088617fe2a87d4", + "93f6ebd36672456b3014d4c1bcafc105", + "ec77f9bedf1a62a7a82ef70396c5f767", + "dbd98873567275fac01a901016f214a2", + "768a06e71ae20736fb5f974a8efe8760", + "f4dc7e87f8223b451658ca0ef1ffa005", + "2637d542f00af9813a344a82ab700842", + "3f2be235dff4d6e37b055f8f5b78fe51", + "a994bfacdcbae1faabe006ac32a9ccf6", + "9d1e1d721fae8055c3f58392bd8200ed", + "d08cde43b01a6fe803f496d8beb595ef", + "1a121ed89f5cce5fb7f116c7bcfa1842", + "bd64fffe2ee5e89610d6e5fc6ff7b2e6", + "0c409a6a7bc15045a728a079c9d45368", + "2fa0907b916e3188ddae01baefa5521c", + "c966c6b9585fb4e68402792fc93e73b9", + "69f7e63743d20c2fd91bfcb938f342c2", + "985b8e1a19c25b7a2f002b236230dbce", + "bfae1a7b7d0940a193a5dec0edf39370", + "fa58d7ae88ed2afa51b60f2e70921814", + "9309753919e224d11b4804e1caf0254c", + "cee0a777b606f35aeb11831984019766", + "1afecb632982d79bd6ed52b743dfb0ef", + "62eecd1b7f94381c1acaaa007be45bd0", + "b7dec4325cc318b948c7302c5aad28d2", + "e4f8579ff92cfcc3c3a18f29386fc66a", + "e0b0b3990121c1aee83746f1a55a4aed", + "489fec02985c24cad582ebec7ba6c44d", + "2bf2c3e83071329ade2191d73b449ae8", + "7b408fead07c01593eae70c786f039d8", + "abf4a366e8e5571d0ebb06b7cc707a2e", + "c5306e3f76e97fab3a6c6dd975e74348", + "b8d4995868712714e3d10b74902a9d0c", + "d13b6b91b4347dc5af4d60ddea0e76bd", + "f4fd9815cd504434c9981d28bcf1bb22", + "ae66815774d4f003537d951a24a12c0a", + "e48218c6d31e954fe20f4334e0495d47", + "4950504fc9635cf5715c8efa06f93a81", + "67bc4607ebcc6e850c6aced635935b2f", + "354a4d2eff9c71cdd39798dffe596115", + "d89e901a43e0fabffd3f554f066c8212", + "add01fa47f79033aa175f4f8033057c4", + "f481381f3db1b5d9b2fd72e27aaecd2a", + "6568e5a724e4a699e89c287162eb44bb", + "f35efa71772f4fbb2650bd93ae4aa3a5", + "3192069c0734b4e9742e52955c819090", + "f3106af780bdd564036ddda405fe0a9e", + "9540e5787b7a3fde839f2375e091e63d", + "a54d6036c1bc50bf16efd6d198a0ff7d", + "e08c6d791d85ed885a53ecdee10ce40d" + ], + [ + "1adf0d29da11c354159e2a7c373bfab1", + "7f17b78fda89bcb7e1fd9b86d4c2eff0", + "f5738909a350fb11d5ddc8c41f29e53a", + "0791d0d799f874ce2afac81dbbe9052e", + "d75bb48b448e3dab58ea08704f275cf7", + "9253d1b055657dfd4862c648d1385a5b", + "7b61459c9aeb8d5c9565370551c67bde", + "a48ce598f7e3c93be4d48ecf19ee20a1", + "46a80033c3bbc8feb23771e908b528c1", + "3b5d8363939cd7df29d312b4ff9e453e", + "7e3bce6b34722b6d70a389c1ab4724ef", + "edc2d7b67ed8033a993317c83e280f6a", + "a57ad15c97e6a0c5dca300cd8ba1b3c9", + "3b75f9371a0996d06d9703f9771184d0", + "34e4161cbe1714a02e46892bfa759790", + "ab5e12be749e8b6626ffbd78ccbfad4b", + "4d8651cee10684a026083d7a2442fd9e", + "debafc1970d6fd46a2ea5203299c66ba", + "3f74b83852da8ab8a9aa00f2d66cd948", + "1b07fc9b5bbb68ea43fd0f4f57b6ad02", + "58d12ba3018442d30c45cb5a31e7aed9", + "75d577ad39b1f542d2aff0173783e40c", + "2c175be4d86b59b18d3bb9aa55755ec8", + "e87b3566a7baff5e2d28964d28bbf65c", + "3c8e76ad3e4047abfc56a3d5e675015e", + "afd84ee8dffa0c4e2d7d89810dd5c5c4", + "e59dae3463bad8bd79b1b7e8e3935209", + "bca8c01025651281aeb77b607b9b7e59", + "155382c941f1c710bb0951d76f62dd62", + "ac95bb3244b059e408709d83f9d4e9e4", + "3b869bf0111b3c288bb2df5914b8a099", + "cc97f0b59cde1263e3ce0fadc9cd2458", + "d5cb669c090f5a704bd4cb8289c77afe", + "0b0f3e9bbfdcf87de84873c9fa16b1e4", + "21e295cde5cac1123b9443c94d476767", + "c5466b066140292d59f38e91e5b8ef0e", + "c25267eb75ff4805f03a73b630424bf0", + "4201f4ce982d1fe354dd85f9ce7bc56b", + "120ea59ec2498a11e4a91bae3c8b6705", + "5d30af3830a4ae0045f68ea25eb88c1f", + "c799796e6efa739baecfa97c999acd84", + "8dcde1f5ee6e40b0a3f2a1ceaab7258e", + "f91bf07f415a90d7b6f2cc719ebb6161", + "9b4f284da1f8ca676a995b582e2e2f6d", + "cd48b012f44090364d528fc2406a3437", + "b92b29b90d323f900aa9147821804dec", + "beedf946dc78e6f5e477f0bda657bf21", + "622877568bae500128e2d49aebc39ef8", + "2a571ca4859c6fa345e9f8e2c7549adb", + "b01b3ea901f8bc9d24198df8611bd1d5", + "dbbddb2b3cf6f51e61f779e801d5782b", + "6e09142c998dba94b3eb2b3e43503efa", + "1588064120e59d583bd108fc693a0898", + "2626778ca98d8a0523e56fefe90deb5d", + "8b75f918e51df8c9e89f68b57101789f", + "0d23817807ddc4bacda735f10e005ffa", + "dbc82abd0ff5067ea9cbb57d548ff7bd", + "c2d41dca200b291c68faa070a48701ae", + "586b405323451e05381ff953cd563309", + "64e1e28de0517faa200a7c6d427dff12", + "317321bc4fe59017e00b6927414a6a10", + "e7ede12760a331a02c0ee9384305e7bd", + "449b0001d11a1769d3291a0390084d19", + "f5bf6595843eafba3cd75f86362bac97", + "d25f6f846e91ce770651fe45105aade3", + "38993946a7a04b195ffd86d036c18c46", + "980819c8bc2df3d00ae40346c70cbd3d", + "69a471e5e63da485b4ffd4dc9dcf2431", + "4251e58482f6bf5e505a213f120c6c8f", + "07a728517712d5059249f0d18f6de7eb", + "6ef68ac6e61ddb2ec8b7fb1e350fdab3", + "331f588849f90ca5f8ed7ce67bfe6899", + "e701349cd67d28640d12ad48bc204f10", + "9f1132e4806bc7e3c93555ff841ba42f", + "4a213bcda33ce7469b38cfd3a552d72d", + "1d07a86006d3033c205e70d6c7903995", + "214f4c66fede3e51fbc7b90e5aa5b512", + "b96013fd67a3db350e7d141384593bb2", + "d60d3c17cf8ecd6505de6e28c4bb6517", + "86bf70152f83fea6a5518f38790fc627", + "560b5c99171aa8e2d544f948338f85d1", + "3ccf91c089168054a99392268a18bcb7", + "492b66a7978ed8eb002ef48b6fd562f3", + "30c4946e4bcb823a34b29f2215f18942", + "0d0267ea32afbbcb1a67e2d7430e44dd", + "53997ea88b2b0ffc90826ae5db5ed3f5", + "1d7de7392ce16ab001f0bccb1fb6a2b8", + "b8afafb0369ca30a72a37105f906c57e", + "9a43b9f81433917ad7953129ca6ca4d0", + "ccb5b2d100638e321068672001a69eea", + "29616fe5bc1f0540e6bfaab0f9937ded", + "542fe05b8086fcc5428a0b07fccfa83b", + "0d7ec7e0c24e4a2631028d1d855132d5", + "9c971a58db1b5966fb62d78e9d14bb44", + "0ea1058e88d0b044bdaf426c51b55c5a", + "d06df963f8cb4b166fd1ad6aa37e6f6f", + "0eef95087f422a9be092225bfa01f561", + "6cbf1a878485c0216060dc8a1f6e19c2", + "5cb29fc93e43af40cd10292e675f0082", + "22739286e27a127789ac13211ef31bf2" + ] + ], + "prep_messages": [ + "0900d619e75cda06ed8b38db0a1d1ada2c3570643374d4d0223b63bd9f4ed7b6" + ], + "prep_shares": [ + [ + "66e14d38c90694ecaed6e1e6e54ff37fce4abb3d00eb8a7dd7c26bc25d0fffaeae6456b732d066ab74d4f2da6dcaa249f8525a13e33a3bd9950fde34fd1f1d3256cc565ec94950085319139daef29568048c2943883dfda634b6ff5c49709e1f1771b890a81981bd862ff9eb352d2c7a39f5100e20caac624a0e0279a449195f388813e1976784d821d2babaedcd760db60e161a0259afafd537e1db1485813ceca51216da0b13cd6c9c7978189efda752c1051f95d025b237f3884902f3e8842b6143d62e4e1229aa7f5ea7853901c63f6afb66440558221790880305179b633521e9a9f0eb93b2a26dbdf9654d6c688698126d4789f557989863634d3ca19f70a03cdeee9719af30cf68bd18cf728afda6370e8e6197bd6c7390d0aefb3f3adb7b5dead163e4ce99128251a44a64763141fa7df5e74394166bc1636804bef37b44255378dc49c5a4cae709ea3485165a149b4a733d2c76efca5b9af9ea34342fecd68b2f22c7d563da5c4e5206638d88f2b13480cc62d18a56960eae5848ce", + "9b1eb2c736f96b1335291e191ab00c801e05ba61c8991dc9254f687ef2b84672cac1655435b03aec8c6f8aa8c6798e0591da0aae699f9c6b23baf1b7865558e31db842439560a70ce333a273d4da9b37dbcf3289b790c1c043355fec8cc50a591d51e55b553ea3a4056d627a2e5b2cedddeec238d8442727bcf0db459e604d7612ba32779614365afdfd645a8b3fa517d8bee890187cfd448ecaaffc423f23e75e4d60fbae27377187a09ee9d933ce06071ccaf012aae0f0347dc3256fc3301b1f97bf8466cbf7dda8442d7f7af37c324e7532df509e2acc352e47692e484eeb345318abde99a7db7b9fee2a33d5938d1b000005448279939b157df31751ba85e9761e56d960409a891124141f1ff5a17095c85d02675b0d9dfbe7a5bb39183c4c3d78cad0829883f6c1f520ec2808c73aa5446dd7c86fa6e62df1e1a69033d40d61f8fc19a8f4829a1853b60eba481c3177450712ccb1da331bd9ad3fd98d3e40ae4be243e624b1ffde96162c2fa48392128bd79d2861098ffc5ab20af7ec18" + ] + ], + "public_share": "2fecd68b2f22c7d563da5c4e5206638d88f2b13480cc62d18a56960eae5848ce40ae4be243e624b1ffde96162c2fa48392128bd79d2861098ffc5ab20af7ec18", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + }, + { + "input_shares": [ + "e720f2d625ee3cabce61d583c8c4054e82e8487025764348020264792b3d100f0c8c76f65caf04ee0e22373be0d61ac5fa6e2f2866078b31b90537e24416fad12aa44b74bb71c2548b15f78fb0d8a3086fac2e4faa9a82029b9d39b72ec7a5a4869eba63651472a34e9ac8faae3984215d731a67081c36c4ff2a7130e611df5ebb57ffcc3c44370131c88e16f74ad73ec6a27c9c6c632820ba2ced4b0061bac183c43194cb8dd492735c763e54b8db10143d28498127fcc54acce837c1d7f0955c852ea368195f3a075cff32745e4c36c68a06c8e5f6692f7668fc0688ee7b2fcd1be9e341e8eb5fb5b976d4058a686f56a1ed418b617499bd004287334052b4b479ae311ef97b5fbdf7c285dbbd0261244503e68f2902b94115adfcd6639945c28b47c7ad2575473a55ff0d299326b7e6f80364a4449715a002f0b0a84952fda92ed45cfe7bbd2cd7ba34a5ce1851268c2a8852c64e0abd11500fe8c87c1bf3d5e8a41b2794a64e56c44655aa8aa1371984ca99584500a1b6d769b2d74409a3c5718952c1bfb854e7a85c2a198afea15227b1172005f3b1b682767ef22a3a3b1c6251cb9c4527426a4e48171c6cadf645573fefda9aed7e3548849f846481a6ecac7d36be0e38ef28f6ae28909d229d556a44cdbb4fa61bdb8f627c062b161bc679640feee4c3d7584d20a6eb475f6635680f4a6321ed9c0031f0523632dba72c349963f6f0a58f982b347d76388501f6f0c16440230782fbb68c3605e94e1be01d6a321a353eeda86bbc36b2b898983cb994f99ebfd6d28a0c716e1a4710f13fad98148a00b7faf3c48c49cfbdb40fbffe0b3167d2e01c8f227a0631843a94eff15a613db675eeff55e451c37498faa4cf50c7cf5b51ff9e09715da14773e03a66869191058c64353056836665327b74321e0a1191bf4f400d5e315548da7108e40f80bea56f282d0d338e61449e9e66b0d7b25e0735987966a4a7d1d1d09234b74fed0bbf6fc996ad703dbf95cbc848d4d646f2cdc06fd956eb87de7fb213431206b92387190aff870f4259a840de9fd788a97451affebb1d2b65143c6107d7a8e35b7a63905c9e16071d38ab652451e4c156fe074362bfe672079ee42e2a264224d4c3090ae182088617fe2a87d493f6ebd36672456b3014d4c1bcafc105ec77f9bedf1a62a7a82ef70396c5f767dbd98873567275fac01a901016f214a2768a06e71ae20736fb5f974a8efe8760f4dc7e87f8223b451658ca0ef1ffa0052637d542f00af9813a344a82ab7008423f2be235dff4d6e37b055f8f5b78fe51a994bfacdcbae1faabe006ac32a9ccf69d1e1d721fae8055c3f58392bd8200edd08cde43b01a6fe803f496d8beb595ef1a121ed89f5cce5fb7f116c7bcfa1842bd64fffe2ee5e89610d6e5fc6ff7b2e60c409a6a7bc15045a728a079c9d453682fa0907b916e3188ddae01baefa5521cc966c6b9585fb4e68402792fc93e73b969f7e63743d20c2fd91bfcb938f342c2985b8e1a19c25b7a2f002b236230dbcebfae1a7b7d0940a193a5dec0edf39370fa58d7ae88ed2afa51b60f2e709218149309753919e224d11b4804e1caf0254ccee0a777b606f35aeb118319840197661afecb632982d79bd6ed52b743dfb0ef62eecd1b7f94381c1acaaa007be45bd0b7dec4325cc318b948c7302c5aad28d2e4f8579ff92cfcc3c3a18f29386fc66ae0b0b3990121c1aee83746f1a55a4aed489fec02985c24cad582ebec7ba6c44d2bf2c3e83071329ade2191d73b449ae87b408fead07c01593eae70c786f039d8abf4a366e8e5571d0ebb06b7cc707a2ec5306e3f76e97fab3a6c6dd975e74348b8d4995868712714e3d10b74902a9d0cd13b6b91b4347dc5af4d60ddea0e76bdf4fd9815cd504434c9981d28bcf1bb22ae66815774d4f003537d951a24a12c0ae48218c6d31e954fe20f4334e0495d474950504fc9635cf5715c8efa06f93a8167bc4607ebcc6e850c6aced635935b2f354a4d2eff9c71cdd39798dffe596115d89e901a43e0fabffd3f554f066c8212add01fa47f79033aa175f4f8033057c4f481381f3db1b5d9b2fd72e27aaecd2a6568e5a724e4a699e89c287162eb44bbf35efa71772f4fbb2650bd93ae4aa3a53192069c0734b4e9742e52955c819090f3106af780bdd564036ddda405fe0a9e9540e5787b7a3fde839f2375e091e63da54d6036c1bc50bf16efd6d198a0ff7ddf8c6d791d85ed885a53ecdee10ce40dd878d8b7b93954e80a0a008ae08698e74409c646c5089bf508d7b32589a4442c84c94b77dd83e10d4cbdcb0a8e9084ba58812ef6c40e078587f3c82140facd7e4a942a967e09580a4969fe4ff18a3c0156538253cf7271ee1be187ac03023eeb037d6b09093308cd5d6ebfccf11f43f9a9963431d1745088180bcd4d59e2bcb9241f4e73c5d72d390b47511a90b3e07f49dae42a11096070f11692f20f77c53b6067dba2171d959b5a2275debdd1a9c7a010efeb75b84ba5a7660b401376022d56817e423ccc9db1bc6b1d2b956782349d7c500986d7f0654e8fe3643715b99ec7334da180d4c011dcf727b2e0bacab1df94afd33a4b8f7bb66cda5811ea1500a00b158d660483287bc26bc04d01ae548ec804478df047de419cbfec2bde1051e1b50b8df92be4909a300094555983dcacf615ca79f394923721f1d9c3bf001a785a976259a56ae8545d25e052340eb42df29fc6dd5f7a7c2b73b4dab6529ad6474e50e7f2da3b37b4d73776a9ff5ad21dc3e54cd105e84f6ac65d9a756a62eb74c7f8f07913500787e86362eaafe41991d7bf6e0d9e2238f4ad039be13d7b81d9b2f7286791ef0e2489534b4c3c45768133a889ea2d927558d693aed7579981be372640ec8de6ad058e146a94d8209943db7fb7cc744f74656c6a875654f22e7a92feb75933a9881f570d5cb2e8e55cf8bc0f1a77719131969ed8806bdac47ad04543e5b7c67ec0011b1a3e85a3744be567d6de453af3b7ec5adf294ab21b49368738a3c8fd89820eaafbe94cbfb75ad23684d519da66012bc1d0ce4e3c00726a711d9d296eca051d607f400333dab204f8bff8c64ad442b7f03cabde2bd1e7c9ec68c7517ac5f404c3fbc374ca126b7181ac8b9bde3288b274411c2052a9275e6a2e1ec4d751cd99f0da092775f27acb69e882b53cb723ee93898f7630f712dcb06f3d72eec8ec68725eaf5d5c2226bb079a57e88ba1b127981786d7b05cbe1e8b0adbd35c774888228149863a21fcd946c5629ace0825e82460d29d53fe1bcc18662a6bdc78194ff64ffe67e6874cd4dabd7ec512227b939d0994eabb18b0bcff1194ef9107849d40691a560e40492f0095f51e4cd1e834d0a7d1542d7e8da1808f6138cc78f0a2498e8bc0e56d87404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + ], + "measurement": 17, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "e720f2d625ee3cabce61d583c8c4054e", + "82e8487025764348020264792b3d100f", + "0c8c76f65caf04ee0e22373be0d61ac5", + "fa6e2f2866078b31b90537e24416fad1", + "2aa44b74bb71c2548b15f78fb0d8a308", + "6fac2e4faa9a82029b9d39b72ec7a5a4", + "869eba63651472a34e9ac8faae398421", + "5d731a67081c36c4ff2a7130e611df5e", + "bb57ffcc3c44370131c88e16f74ad73e", + "c6a27c9c6c632820ba2ced4b0061bac1", + "83c43194cb8dd492735c763e54b8db10", + "143d28498127fcc54acce837c1d7f095", + "5c852ea368195f3a075cff32745e4c36", + "c68a06c8e5f6692f7668fc0688ee7b2f", + "cd1be9e341e8eb5fb5b976d4058a686f", + "56a1ed418b617499bd004287334052b4", + "b479ae311ef97b5fbdf7c285dbbd0261", + "244503e68f2902b94115adfcd6639945", + "c28b47c7ad2575473a55ff0d299326b7", + "e6f80364a4449715a002f0b0a84952fd", + "a92ed45cfe7bbd2cd7ba34a5ce185126", + "8c2a8852c64e0abd11500fe8c87c1bf3", + "d5e8a41b2794a64e56c44655aa8aa137", + "1984ca99584500a1b6d769b2d74409a3", + "c5718952c1bfb854e7a85c2a198afea1", + "5227b1172005f3b1b682767ef22a3a3b", + "1c6251cb9c4527426a4e48171c6cadf6", + "45573fefda9aed7e3548849f846481a6", + "ecac7d36be0e38ef28f6ae28909d229d", + "556a44cdbb4fa61bdb8f627c062b161b", + "c679640feee4c3d7584d20a6eb475f66", + "35680f4a6321ed9c0031f0523632dba7", + "2c349963f6f0a58f982b347d76388501", + "f6f0c16440230782fbb68c3605e94e1b", + "e01d6a321a353eeda86bbc36b2b89898", + "3cb994f99ebfd6d28a0c716e1a4710f1", + "3fad98148a00b7faf3c48c49cfbdb40f", + "bffe0b3167d2e01c8f227a0631843a94", + "eff15a613db675eeff55e451c37498fa", + "a4cf50c7cf5b51ff9e09715da14773e0", + "3a66869191058c64353056836665327b", + "74321e0a1191bf4f400d5e315548da71", + "08e40f80bea56f282d0d338e61449e9e", + "66b0d7b25e0735987966a4a7d1d1d092", + "34b74fed0bbf6fc996ad703dbf95cbc8", + "48d4d646f2cdc06fd956eb87de7fb213", + "431206b92387190aff870f4259a840de", + "9fd788a97451affebb1d2b65143c6107", + "d7a8e35b7a63905c9e16071d38ab6524", + "51e4c156fe074362bfe672079ee42e2a", + "264224d4c3090ae182088617fe2a87d4", + "93f6ebd36672456b3014d4c1bcafc105", + "ec77f9bedf1a62a7a82ef70396c5f767", + "dbd98873567275fac01a901016f214a2", + "768a06e71ae20736fb5f974a8efe8760", + "f4dc7e87f8223b451658ca0ef1ffa005", + "2637d542f00af9813a344a82ab700842", + "3f2be235dff4d6e37b055f8f5b78fe51", + "a994bfacdcbae1faabe006ac32a9ccf6", + "9d1e1d721fae8055c3f58392bd8200ed", + "d08cde43b01a6fe803f496d8beb595ef", + "1a121ed89f5cce5fb7f116c7bcfa1842", + "bd64fffe2ee5e89610d6e5fc6ff7b2e6", + "0c409a6a7bc15045a728a079c9d45368", + "2fa0907b916e3188ddae01baefa5521c", + "c966c6b9585fb4e68402792fc93e73b9", + "69f7e63743d20c2fd91bfcb938f342c2", + "985b8e1a19c25b7a2f002b236230dbce", + "bfae1a7b7d0940a193a5dec0edf39370", + "fa58d7ae88ed2afa51b60f2e70921814", + "9309753919e224d11b4804e1caf0254c", + "cee0a777b606f35aeb11831984019766", + "1afecb632982d79bd6ed52b743dfb0ef", + "62eecd1b7f94381c1acaaa007be45bd0", + "b7dec4325cc318b948c7302c5aad28d2", + "e4f8579ff92cfcc3c3a18f29386fc66a", + "e0b0b3990121c1aee83746f1a55a4aed", + "489fec02985c24cad582ebec7ba6c44d", + "2bf2c3e83071329ade2191d73b449ae8", + "7b408fead07c01593eae70c786f039d8", + "abf4a366e8e5571d0ebb06b7cc707a2e", + "c5306e3f76e97fab3a6c6dd975e74348", + "b8d4995868712714e3d10b74902a9d0c", + "d13b6b91b4347dc5af4d60ddea0e76bd", + "f4fd9815cd504434c9981d28bcf1bb22", + "ae66815774d4f003537d951a24a12c0a", + "e48218c6d31e954fe20f4334e0495d47", + "4950504fc9635cf5715c8efa06f93a81", + "67bc4607ebcc6e850c6aced635935b2f", + "354a4d2eff9c71cdd39798dffe596115", + "d89e901a43e0fabffd3f554f066c8212", + "add01fa47f79033aa175f4f8033057c4", + "f481381f3db1b5d9b2fd72e27aaecd2a", + "6568e5a724e4a699e89c287162eb44bb", + "f35efa71772f4fbb2650bd93ae4aa3a5", + "3192069c0734b4e9742e52955c819090", + "f3106af780bdd564036ddda405fe0a9e", + "9540e5787b7a3fde839f2375e091e63d", + "a54d6036c1bc50bf16efd6d198a0ff7d", + "df8c6d791d85ed885a53ecdee10ce40d" + ], + [ + "1adf0d29da11c354159e2a7c373bfab1", + "7f17b78fda89bcb7e1fd9b86d4c2eff0", + "f5738909a350fb11d5ddc8c41f29e53a", + "0791d0d799f874ce2afac81dbbe9052e", + "d75bb48b448e3dab58ea08704f275cf7", + "9253d1b055657dfd4862c648d1385a5b", + "7b61459c9aeb8d5c9565370551c67bde", + "a48ce598f7e3c93be4d48ecf19ee20a1", + "46a80033c3bbc8feb23771e908b528c1", + "3b5d8363939cd7df29d312b4ff9e453e", + "7e3bce6b34722b6d70a389c1ab4724ef", + "edc2d7b67ed8033a993317c83e280f6a", + "a57ad15c97e6a0c5dca300cd8ba1b3c9", + "3b75f9371a0996d06d9703f9771184d0", + "34e4161cbe1714a02e46892bfa759790", + "ab5e12be749e8b6626ffbd78ccbfad4b", + "4d8651cee10684a026083d7a2442fd9e", + "debafc1970d6fd46a2ea5203299c66ba", + "3f74b83852da8ab8a9aa00f2d66cd948", + "1b07fc9b5bbb68ea43fd0f4f57b6ad02", + "58d12ba3018442d30c45cb5a31e7aed9", + "75d577ad39b1f542d2aff0173783e40c", + "2c175be4d86b59b18d3bb9aa55755ec8", + "e87b3566a7baff5e2d28964d28bbf65c", + "3c8e76ad3e4047abfc56a3d5e675015e", + "afd84ee8dffa0c4e2d7d89810dd5c5c4", + "e59dae3463bad8bd79b1b7e8e3935209", + "bca8c01025651281aeb77b607b9b7e59", + "155382c941f1c710bb0951d76f62dd62", + "ac95bb3244b059e408709d83f9d4e9e4", + "3b869bf0111b3c288bb2df5914b8a099", + "cc97f0b59cde1263e3ce0fadc9cd2458", + "d5cb669c090f5a704bd4cb8289c77afe", + "0b0f3e9bbfdcf87de84873c9fa16b1e4", + "21e295cde5cac1123b9443c94d476767", + "c5466b066140292d59f38e91e5b8ef0e", + "c25267eb75ff4805f03a73b630424bf0", + "4201f4ce982d1fe354dd85f9ce7bc56b", + "120ea59ec2498a11e4a91bae3c8b6705", + "5d30af3830a4ae0045f68ea25eb88c1f", + "c799796e6efa739baecfa97c999acd84", + "8dcde1f5ee6e40b0a3f2a1ceaab7258e", + "f91bf07f415a90d7b6f2cc719ebb6161", + "9b4f284da1f8ca676a995b582e2e2f6d", + "cd48b012f44090364d528fc2406a3437", + "b92b29b90d323f900aa9147821804dec", + "beedf946dc78e6f5e477f0bda657bf21", + "622877568bae500128e2d49aebc39ef8", + "2a571ca4859c6fa345e9f8e2c7549adb", + "b01b3ea901f8bc9d24198df8611bd1d5", + "dbbddb2b3cf6f51e61f779e801d5782b", + "6e09142c998dba94b3eb2b3e43503efa", + "1588064120e59d583bd108fc693a0898", + "2626778ca98d8a0523e56fefe90deb5d", + "8b75f918e51df8c9e89f68b57101789f", + "0d23817807ddc4bacda735f10e005ffa", + "dbc82abd0ff5067ea9cbb57d548ff7bd", + "c2d41dca200b291c68faa070a48701ae", + "586b405323451e05381ff953cd563309", + "64e1e28de0517faa200a7c6d427dff12", + "317321bc4fe59017e00b6927414a6a10", + "e7ede12760a331a02c0ee9384305e7bd", + "449b0001d11a1769d3291a0390084d19", + "f5bf6595843eafba3cd75f86362bac97", + "d25f6f846e91ce770651fe45105aade3", + "38993946a7a04b195ffd86d036c18c46", + "980819c8bc2df3d00ae40346c70cbd3d", + "69a471e5e63da485b4ffd4dc9dcf2431", + "4251e58482f6bf5e505a213f120c6c8f", + "07a728517712d5059249f0d18f6de7eb", + "6ef68ac6e61ddb2ec8b7fb1e350fdab3", + "331f588849f90ca5f8ed7ce67bfe6899", + "e701349cd67d28640d12ad48bc204f10", + "9f1132e4806bc7e3c93555ff841ba42f", + "4a213bcda33ce7469b38cfd3a552d72d", + "1d07a86006d3033c205e70d6c7903995", + "214f4c66fede3e51fbc7b90e5aa5b512", + "b96013fd67a3db350e7d141384593bb2", + "d60d3c17cf8ecd6505de6e28c4bb6517", + "86bf70152f83fea6a5518f38790fc627", + "560b5c99171aa8e2d544f948338f85d1", + "3ccf91c089168054a99392268a18bcb7", + "492b66a7978ed8eb002ef48b6fd562f3", + "30c4946e4bcb823a34b29f2215f18942", + "0d0267ea32afbbcb1a67e2d7430e44dd", + "53997ea88b2b0ffc90826ae5db5ed3f5", + "1d7de7392ce16ab001f0bccb1fb6a2b8", + "b8afafb0369ca30a72a37105f906c57e", + "9a43b9f81433917ad7953129ca6ca4d0", + "ccb5b2d100638e321068672001a69eea", + "29616fe5bc1f0540e6bfaab0f9937ded", + "542fe05b8086fcc5428a0b07fccfa83b", + "0d7ec7e0c24e4a2631028d1d855132d5", + "9c971a58db1b5966fb62d78e9d14bb44", + "0ea1058e88d0b044bdaf426c51b55c5a", + "d06df963f8cb4b166fd1ad6aa37e6f6f", + "0eef95087f422a9be092225bfa01f561", + "6cbf1a878485c0216060dc8a1f6e19c2", + "5cb29fc93e43af40cd10292e675f0082", + "22739286e27a127789ac13211ef31bf2" + ] + ], + "prep_messages": [ + "baef7355f66644fe751d36705981dfacf26c987691c76409c848808bdff226f2" + ], + "prep_shares": [ + [ + "66e14d38c90694ecaed6e1e6e54ff37fa2196c3106d421c1951bae3b75e1e0c1ae6456b732d066ab74d4f2da6dcaa249b8a39312c2b26c426fc71b6d8a27b0a956cc565ec94950085319139daef295688de0e8fef0420811156670019b67583b1771b890a81981bd862ff9eb352d2c7a16b7131e254fad27c3aa073ba1a21190388813e1976784d821d2babaedcd760d9e251bc0442029a5e82cf338cfd31cbbeca51216da0b13cd6c9c7978189efda72e734f48def48e3afbe610f55d131a972b6143d62e4e1229aa7f5ea7853901c671bc334e444ad084b6f3b54b0d18b4e63521e9a9f0eb93b2a26dbdf9654d6c68bb7f9f61b6d16cef2972ae3421f6c47470707f9adc16da4a980e632f64377a5e5fcc4d8ec24afe5a4fb34fddbd79fd82db7b5dead163e4ce99128251a44a64762312440d0f878486adf5a925baf613fa8bc37948a39bc02ee7a80168be082b462498ad784d9a7a6c9ab8ef92028d1b3ad6b284d1755b860b5ec7195f6ec52c9e940fa71e761c80b2060cf9aeb681f373", + "9b1eb2c736f96b1335291e191ab00c804a36096ec2b0868567f62505dbe6645fcac1655435b03aec8c6f8aa8c6798e05d189d1ae8a276b024a02b47ff94dc56b1db842439560a70ce333a273d4da9b37527b73cd4e8bb6566385ee473bce503d1d51e55b553ea3a4056d627a2e5b2ced002dc028d3bf26624354d683a107554512ba32779614365afdfd645a8b3fa517f0a7e3ead5b4834f7bd59d9f88f087685e4d60fbae27377187a09ee9d933ce062b6a80c7c985776871893b7a13a3ff081f97bf8466cbf7dda8442d7f7af37c321c23faf75059b26996ca192126473568345318abde99a7db7b9fee2a33d5938d601b30f3d41d8b55c7f087fa5ba5a10fe9761e56d960409a891124141f1ff5a10f70b2ddcd7df46f9ebb2899acbb5af34c3d78cad0829883f6c1f520ec2808c7b930522a8eff53a8d98d8d4baa9e44d10d61f8fc19a8f4829a1853b60eba481c3177450712ccb1da331bd9ad3fd98d3e40ae4be243e624b1ffde96162c2fa48392128bd79d2861098ffc5ab20af7ec18" + ] + ], + "public_share": "d6b284d1755b860b5ec7195f6ec52c9e940fa71e761c80b2060cf9aeb681f37340ae4be243e624b1ffde96162c2fa48392128bd79d2861098ffc5ab20af7ec18", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + }, + { + "input_shares": [ + "e720f2d625ee3cabce61d583c8c4054e82e8487025764348020264792b3d100f0c8c76f65caf04ee0e22373be0d61ac5fa6e2f2866078b31b90537e24416fad12aa44b74bb71c2548b15f78fb0d8a3086fac2e4faa9a82029b9d39b72ec7a5a4869eba63651472a34e9ac8faae3984215d731a67081c36c4ff2a7130e611df5ebb57ffcc3c44370131c88e16f74ad73ec6a27c9c6c632820ba2ced4b0061bac183c43194cb8dd492735c763e54b8db10143d28498127fcc54acce837c1d7f0955c852ea368195f3a075cff32745e4c36c68a06c8e5f6692f7668fc0688ee7b2fcd1be9e341e8eb5fb5b976d4058a686f56a1ed418b617499bd004287334052b4b479ae311ef97b5fbdf7c285dbbd0261234503e68f2902b94115adfcd6639945c28b47c7ad2575473a55ff0d299326b7e6f80364a4449715a002f0b0a84952fda92ed45cfe7bbd2cd7ba34a5ce1851268c2a8852c64e0abd11500fe8c87c1bf3d5e8a41b2794a64e56c44655aa8aa1371984ca99584500a1b6d769b2d74409a3c5718952c1bfb854e7a85c2a198afea15227b1172005f3b1b682767ef22a3a3b1c6251cb9c4527426a4e48171c6cadf645573fefda9aed7e3548849f846481a6ecac7d36be0e38ef28f6ae28909d229d556a44cdbb4fa61bdb8f627c062b161bc679640feee4c3d7584d20a6eb475f6635680f4a6321ed9c0031f0523632dba72c349963f6f0a58f982b347d76388501f6f0c16440230782fbb68c3605e94e1be01d6a321a353eeda86bbc36b2b898983cb994f99ebfd6d28a0c716e1a4710f13fad98148a00b7faf3c48c49cfbdb40fbffe0b3167d2e01c8f227a0631843a94eff15a613db675eeff55e451c37498faa4cf50c7cf5b51ff9e09715da14773e03a66869191058c64353056836665327b74321e0a1191bf4f400d5e315548da7109e40f80bea56f282d0d338e61449e9e66b0d7b25e0735987966a4a7d1d1d09234b74fed0bbf6fc996ad703dbf95cbc848d4d646f2cdc06fd956eb87de7fb213431206b92387190aff870f4259a840de9fd788a97451affebb1d2b65143c6107d7a8e35b7a63905c9e16071d38ab652451e4c156fe074362bfe672079ee42e2a264224d4c3090ae182088617fe2a87d493f6ebd36672456b3014d4c1bcafc105ec77f9bedf1a62a7a82ef70396c5f767dbd98873567275fac01a901016f214a2768a06e71ae20736fb5f974a8efe8760f4dc7e87f8223b451658ca0ef1ffa0052637d542f00af9813a344a82ab7008423f2be235dff4d6e37b055f8f5b78fe51a994bfacdcbae1faabe006ac32a9ccf69d1e1d721fae8055c3f58392bd8200edd08cde43b01a6fe803f496d8beb595ef1a121ed89f5cce5fb7f116c7bcfa1842bd64fffe2ee5e89610d6e5fc6ff7b2e60c409a6a7bc15045a728a079c9d453682fa0907b916e3188ddae01baefa5521cc966c6b9585fb4e68402792fc93e73b969f7e63743d20c2fd91bfcb938f342c2985b8e1a19c25b7a2f002b236230dbcebfae1a7b7d0940a193a5dec0edf39370fa58d7ae88ed2afa51b60f2e709218149309753919e224d11b4804e1caf0254ccee0a777b606f35aeb118319840197661afecb632982d79bd6ed52b743dfb0ef62eecd1b7f94381c1acaaa007be45bd0b7dec4325cc318b948c7302c5aad28d2e4f8579ff92cfcc3c3a18f29386fc66ae0b0b3990121c1aee83746f1a55a4aed489fec02985c24cad582ebec7ba6c44d2bf2c3e83071329ade2191d73b449ae87b408fead07c01593eae70c786f039d8abf4a366e8e5571d0ebb06b7cc707a2ec5306e3f76e97fab3a6c6dd975e74348b8d4995868712714e3d10b74902a9d0cd13b6b91b4347dc5af4d60ddea0e76bdf4fd9815cd504434c9981d28bcf1bb22ae66815774d4f003537d951a24a12c0ae48218c6d31e954fe20f4334e0495d474950504fc9635cf5715c8efa06f93a8167bc4607ebcc6e850c6aced635935b2f354a4d2eff9c71cdd39798dffe596115d89e901a43e0fabffd3f554f066c8212add01fa47f79033aa175f4f8033057c4f481381f3db1b5d9b2fd72e27aaecd2a6568e5a724e4a699e89c287162eb44bbf35efa71772f4fbb2650bd93ae4aa3a53192069c0734b4e9742e52955c819090f3106af780bdd564036ddda405fe0a9e9540e5787b7a3fde839f2375e091e63da54d6036c1bc50bf16efd6d198a0ff7ddf8c6d791d85ed885a53ecdee10ce40dd878d8b7b93954e80a0a008ae08698e74409c646c5089bf508d7b32589a4442c84c94b77dd83e10d4cbdcb0a8e9084ba58812ef6c40e078587f3c82140facd7e4a942a967e09580a4969fe4ff18a3c0156538253cf7271ee1be187ac03023eeb037d6b09093308cd5d6ebfccf11f43f9a9963431d1745088180bcd4d59e2bcb9241f4e73c5d72d390b47511a90b3e07f49dae42a11096070f11692f20f77c53b6067dba2171d959b5a2275debdd1a9c7a010efeb75b84ba5a7660b401376022d56817e423ccc9db1bc6b1d2b956782349d7c500986d7f0654e8fe3643715b99ec7334da180d4c011dcf727b2e0bacab1df94afd33a4b8f7bb66cda5811ea1500a00b158d660483287bc26bc04d01ae548ec804478df047de419cbfec2bde1051e1b50b8df92be4909a300094555983dcacf615ca79f394923721f1d9c3bf001a06bf37862adea5bddcb77042b1735aaf2f6c899b7fd125ac3573513e3c7460b729bc674b9bafd3e8f9ef9a7db45a3c246462a6d7b4add7047df653b7a5a2ca02859c83a4c28695d82f12b4f7fe7f286a824a027b516857688ddf7f615e40817471f3c37abded4f51d58fab456ee0e0a72ae10f9316f2599ae0e2e7b221db4bbfd2f32a6eb860729a125dc504a640f9396767511aad9f91bcd3c36b8765d25e6fafcbdf34c1416882cd79d9464ac2850d2bb27f8e5f64902dbbdeb7b3f0d8afb95132020792359690002ac258773cc87fa47ae8441aecf28413a66505b00d3a4e7905259803966520fcf0cf940742ace4d23684d519da66012bc1d0ce4e3c0072dc0c7d7958358f30950534dea4f38db7017ed62325d92813c9f09f47590a0b07e67e5163a9a52d43dbaa98bc696f311929e2eb00b83643d3bb444bffef1941104d95a36a7b640cfcf0c68a7412a5ae2adaf6a576717282f354620dc9f92df11f4570a3eb1b9268aa9b6b06b53bb886f4125a324ebcc7d98c9f8bc3818d2daa8009cf05ad078aeb5b9753d0ae74d2485bb6baf3ffb9a3c6dc5dcd5ed28ed591db97df84ad03ceb91fa1d38313d00ce89ba1e54d0add1f237f6e5d2a6165bd2d713b1353721523f0b39e31c1ff6375ec1470ed828f4a9ad11b0e8521f6eed15f885f02a36cfd339d529902bae0056379fd404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + ], + "measurement": 42, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "e720f2d625ee3cabce61d583c8c4054e", + "82e8487025764348020264792b3d100f", + "0c8c76f65caf04ee0e22373be0d61ac5", + "fa6e2f2866078b31b90537e24416fad1", + "2aa44b74bb71c2548b15f78fb0d8a308", + "6fac2e4faa9a82029b9d39b72ec7a5a4", + "869eba63651472a34e9ac8faae398421", + "5d731a67081c36c4ff2a7130e611df5e", + "bb57ffcc3c44370131c88e16f74ad73e", + "c6a27c9c6c632820ba2ced4b0061bac1", + "83c43194cb8dd492735c763e54b8db10", + "143d28498127fcc54acce837c1d7f095", + "5c852ea368195f3a075cff32745e4c36", + "c68a06c8e5f6692f7668fc0688ee7b2f", + "cd1be9e341e8eb5fb5b976d4058a686f", + "56a1ed418b617499bd004287334052b4", + "b479ae311ef97b5fbdf7c285dbbd0261", + "234503e68f2902b94115adfcd6639945", + "c28b47c7ad2575473a55ff0d299326b7", + "e6f80364a4449715a002f0b0a84952fd", + "a92ed45cfe7bbd2cd7ba34a5ce185126", + "8c2a8852c64e0abd11500fe8c87c1bf3", + "d5e8a41b2794a64e56c44655aa8aa137", + "1984ca99584500a1b6d769b2d74409a3", + "c5718952c1bfb854e7a85c2a198afea1", + "5227b1172005f3b1b682767ef22a3a3b", + "1c6251cb9c4527426a4e48171c6cadf6", + "45573fefda9aed7e3548849f846481a6", + "ecac7d36be0e38ef28f6ae28909d229d", + "556a44cdbb4fa61bdb8f627c062b161b", + "c679640feee4c3d7584d20a6eb475f66", + "35680f4a6321ed9c0031f0523632dba7", + "2c349963f6f0a58f982b347d76388501", + "f6f0c16440230782fbb68c3605e94e1b", + "e01d6a321a353eeda86bbc36b2b89898", + "3cb994f99ebfd6d28a0c716e1a4710f1", + "3fad98148a00b7faf3c48c49cfbdb40f", + "bffe0b3167d2e01c8f227a0631843a94", + "eff15a613db675eeff55e451c37498fa", + "a4cf50c7cf5b51ff9e09715da14773e0", + "3a66869191058c64353056836665327b", + "74321e0a1191bf4f400d5e315548da71", + "09e40f80bea56f282d0d338e61449e9e", + "66b0d7b25e0735987966a4a7d1d1d092", + "34b74fed0bbf6fc996ad703dbf95cbc8", + "48d4d646f2cdc06fd956eb87de7fb213", + "431206b92387190aff870f4259a840de", + "9fd788a97451affebb1d2b65143c6107", + "d7a8e35b7a63905c9e16071d38ab6524", + "51e4c156fe074362bfe672079ee42e2a", + "264224d4c3090ae182088617fe2a87d4", + "93f6ebd36672456b3014d4c1bcafc105", + "ec77f9bedf1a62a7a82ef70396c5f767", + "dbd98873567275fac01a901016f214a2", + "768a06e71ae20736fb5f974a8efe8760", + "f4dc7e87f8223b451658ca0ef1ffa005", + "2637d542f00af9813a344a82ab700842", + "3f2be235dff4d6e37b055f8f5b78fe51", + "a994bfacdcbae1faabe006ac32a9ccf6", + "9d1e1d721fae8055c3f58392bd8200ed", + "d08cde43b01a6fe803f496d8beb595ef", + "1a121ed89f5cce5fb7f116c7bcfa1842", + "bd64fffe2ee5e89610d6e5fc6ff7b2e6", + "0c409a6a7bc15045a728a079c9d45368", + "2fa0907b916e3188ddae01baefa5521c", + "c966c6b9585fb4e68402792fc93e73b9", + "69f7e63743d20c2fd91bfcb938f342c2", + "985b8e1a19c25b7a2f002b236230dbce", + "bfae1a7b7d0940a193a5dec0edf39370", + "fa58d7ae88ed2afa51b60f2e70921814", + "9309753919e224d11b4804e1caf0254c", + "cee0a777b606f35aeb11831984019766", + "1afecb632982d79bd6ed52b743dfb0ef", + "62eecd1b7f94381c1acaaa007be45bd0", + "b7dec4325cc318b948c7302c5aad28d2", + "e4f8579ff92cfcc3c3a18f29386fc66a", + "e0b0b3990121c1aee83746f1a55a4aed", + "489fec02985c24cad582ebec7ba6c44d", + "2bf2c3e83071329ade2191d73b449ae8", + "7b408fead07c01593eae70c786f039d8", + "abf4a366e8e5571d0ebb06b7cc707a2e", + "c5306e3f76e97fab3a6c6dd975e74348", + "b8d4995868712714e3d10b74902a9d0c", + "d13b6b91b4347dc5af4d60ddea0e76bd", + "f4fd9815cd504434c9981d28bcf1bb22", + "ae66815774d4f003537d951a24a12c0a", + "e48218c6d31e954fe20f4334e0495d47", + "4950504fc9635cf5715c8efa06f93a81", + "67bc4607ebcc6e850c6aced635935b2f", + "354a4d2eff9c71cdd39798dffe596115", + "d89e901a43e0fabffd3f554f066c8212", + "add01fa47f79033aa175f4f8033057c4", + "f481381f3db1b5d9b2fd72e27aaecd2a", + "6568e5a724e4a699e89c287162eb44bb", + "f35efa71772f4fbb2650bd93ae4aa3a5", + "3192069c0734b4e9742e52955c819090", + "f3106af780bdd564036ddda405fe0a9e", + "9540e5787b7a3fde839f2375e091e63d", + "a54d6036c1bc50bf16efd6d198a0ff7d", + "df8c6d791d85ed885a53ecdee10ce40d" + ], + [ + "1adf0d29da11c354159e2a7c373bfab1", + "7f17b78fda89bcb7e1fd9b86d4c2eff0", + "f5738909a350fb11d5ddc8c41f29e53a", + "0791d0d799f874ce2afac81dbbe9052e", + "d75bb48b448e3dab58ea08704f275cf7", + "9253d1b055657dfd4862c648d1385a5b", + "7b61459c9aeb8d5c9565370551c67bde", + "a48ce598f7e3c93be4d48ecf19ee20a1", + "46a80033c3bbc8feb23771e908b528c1", + "3b5d8363939cd7df29d312b4ff9e453e", + "7e3bce6b34722b6d70a389c1ab4724ef", + "edc2d7b67ed8033a993317c83e280f6a", + "a57ad15c97e6a0c5dca300cd8ba1b3c9", + "3b75f9371a0996d06d9703f9771184d0", + "34e4161cbe1714a02e46892bfa759790", + "ab5e12be749e8b6626ffbd78ccbfad4b", + "4d8651cee10684a026083d7a2442fd9e", + "debafc1970d6fd46a2ea5203299c66ba", + "3f74b83852da8ab8a9aa00f2d66cd948", + "1b07fc9b5bbb68ea43fd0f4f57b6ad02", + "58d12ba3018442d30c45cb5a31e7aed9", + "75d577ad39b1f542d2aff0173783e40c", + "2c175be4d86b59b18d3bb9aa55755ec8", + "e87b3566a7baff5e2d28964d28bbf65c", + "3c8e76ad3e4047abfc56a3d5e675015e", + "afd84ee8dffa0c4e2d7d89810dd5c5c4", + "e59dae3463bad8bd79b1b7e8e3935209", + "bca8c01025651281aeb77b607b9b7e59", + "155382c941f1c710bb0951d76f62dd62", + "ac95bb3244b059e408709d83f9d4e9e4", + "3b869bf0111b3c288bb2df5914b8a099", + "cc97f0b59cde1263e3ce0fadc9cd2458", + "d5cb669c090f5a704bd4cb8289c77afe", + "0b0f3e9bbfdcf87de84873c9fa16b1e4", + "21e295cde5cac1123b9443c94d476767", + "c5466b066140292d59f38e91e5b8ef0e", + "c25267eb75ff4805f03a73b630424bf0", + "4201f4ce982d1fe354dd85f9ce7bc56b", + "120ea59ec2498a11e4a91bae3c8b6705", + "5d30af3830a4ae0045f68ea25eb88c1f", + "c799796e6efa739baecfa97c999acd84", + "8dcde1f5ee6e40b0a3f2a1ceaab7258e", + "f91bf07f415a90d7b6f2cc719ebb6161", + "9b4f284da1f8ca676a995b582e2e2f6d", + "cd48b012f44090364d528fc2406a3437", + "b92b29b90d323f900aa9147821804dec", + "beedf946dc78e6f5e477f0bda657bf21", + "622877568bae500128e2d49aebc39ef8", + "2a571ca4859c6fa345e9f8e2c7549adb", + "b01b3ea901f8bc9d24198df8611bd1d5", + "dbbddb2b3cf6f51e61f779e801d5782b", + "6e09142c998dba94b3eb2b3e43503efa", + "1588064120e59d583bd108fc693a0898", + "2626778ca98d8a0523e56fefe90deb5d", + "8b75f918e51df8c9e89f68b57101789f", + "0d23817807ddc4bacda735f10e005ffa", + "dbc82abd0ff5067ea9cbb57d548ff7bd", + "c2d41dca200b291c68faa070a48701ae", + "586b405323451e05381ff953cd563309", + "64e1e28de0517faa200a7c6d427dff12", + "317321bc4fe59017e00b6927414a6a10", + "e7ede12760a331a02c0ee9384305e7bd", + "449b0001d11a1769d3291a0390084d19", + "f5bf6595843eafba3cd75f86362bac97", + "d25f6f846e91ce770651fe45105aade3", + "38993946a7a04b195ffd86d036c18c46", + "980819c8bc2df3d00ae40346c70cbd3d", + "69a471e5e63da485b4ffd4dc9dcf2431", + "4251e58482f6bf5e505a213f120c6c8f", + "07a728517712d5059249f0d18f6de7eb", + "6ef68ac6e61ddb2ec8b7fb1e350fdab3", + "331f588849f90ca5f8ed7ce67bfe6899", + "e701349cd67d28640d12ad48bc204f10", + "9f1132e4806bc7e3c93555ff841ba42f", + "4a213bcda33ce7469b38cfd3a552d72d", + "1d07a86006d3033c205e70d6c7903995", + "214f4c66fede3e51fbc7b90e5aa5b512", + "b96013fd67a3db350e7d141384593bb2", + "d60d3c17cf8ecd6505de6e28c4bb6517", + "86bf70152f83fea6a5518f38790fc627", + "560b5c99171aa8e2d544f948338f85d1", + "3ccf91c089168054a99392268a18bcb7", + "492b66a7978ed8eb002ef48b6fd562f3", + "30c4946e4bcb823a34b29f2215f18942", + "0d0267ea32afbbcb1a67e2d7430e44dd", + "53997ea88b2b0ffc90826ae5db5ed3f5", + "1d7de7392ce16ab001f0bccb1fb6a2b8", + "b8afafb0369ca30a72a37105f906c57e", + "9a43b9f81433917ad7953129ca6ca4d0", + "ccb5b2d100638e321068672001a69eea", + "29616fe5bc1f0540e6bfaab0f9937ded", + "542fe05b8086fcc5428a0b07fccfa83b", + "0d7ec7e0c24e4a2631028d1d855132d5", + "9c971a58db1b5966fb62d78e9d14bb44", + "0ea1058e88d0b044bdaf426c51b55c5a", + "d06df963f8cb4b166fd1ad6aa37e6f6f", + "0eef95087f422a9be092225bfa01f561", + "6cbf1a878485c0216060dc8a1f6e19c2", + "5cb29fc93e43af40cd10292e675f0082", + "22739286e27a127789ac13211ef31bf2" + ] + ], + "prep_messages": [ + "f1bd870009988050f4ef94cdeeb766a2311f7e59f1f3ca0efd4ec7334d439314" + ], + "prep_shares": [ + [ + "66e14d38c90694ecaed6e1e6e54ff37f144c5c68db22629297bcd826fb529288ae6456b732d066ab74d4f2da6dcaa249a6da44a507c53b943e0f77e8e4b4b15956cc565ec94950085319139daef2956849da90a79b6e54d488aae905f16d67501123dd856722e6b3ffdb9d0fc0fa3cc824d506ce843469f16c35d57de5d01b75388813e1976784d821d2babaedcd760db4935cd97da241e35e720387dd8721feeca51216da0b13cd6c9c7978189efda71d20eff4cd3c0e1f4c9ed2d3ac0c49c62b6143d62e4e1229aa7f5ea7853901c641b7558cda57f9d4b5cb36b5d0b9af1e3521e9a9f0eb93b2a26dbdf9654d6c682ab96dc5cb93b5b007e36d08f0f1f51e70a03cdeee9719af30cf68bd18cf728a10302f2ad0eb70b76df1703e692f854bdb7b5dead163e4ce99128251a44a6476ba4367b0e3c675c70bfdeaaea65123958bc37948a39bc02ee7a80168be082b46ef1f787cc439e143cb4442f818ea6fcf67199ce6418d9555c9cfe6e4ba826631ea5379d4235d8113e9a364960d6c742e", + "9b1eb2c736f96b1335291e191ab00c80d8031937ed6146b46555fb195575b398cac1655435b03aec8c6f8aa8c6798e05e352201c45159cb07aba58049fc0c3bb1db842439560a70ce333a273d4da9b37508e897f49f6c4a906b355a6810564bc1d51e55b553ea3a4056d627a2e5b2cedf20ecd7873da6a9899c908415dd94a6012ba32779614365afdfd645a8b3fa517da39a2d19c326b1105908d517a3c83255e4d60fbae27377187a09ee9d933ce063dbde01ada3df88304d2799bc4a9d0d91f97bf8466cbf7dda8442d7f7af37c324b28d8b9ba4b8919b3f298b762a53930345318abde99a7db7b9fee2a33d5938d76dfa4acbf77b93a48cb724e759b6506e9761e56d960409a891124141f1ff5a15d0cd141c0dc81139c7d07380106d32a4c3d78cad0829883f6c1f520ec2808c721ff2e87b9bf626797864cc2bd4335360d61f8fc19a8f4829a1853b60eba481c3177450712ccb1da331bd9ad3fd98d3e40ae4be243e624b1ffde96162c2fa48392128bd79d2861098ffc5ab20af7ec18" + ] + ], + "public_share": "67199ce6418d9555c9cfe6e4ba826631ea5379d4235d8113e9a364960d6c742e40ae4be243e624b1ffde96162c2fa48392128bd79d2861098ffc5ab20af7ec18", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + }, + { + "input_shares": [ + "e820f2d625ee3cabce61d583c8c4054e82e8487025764348020264792b3d100f0c8c76f65caf04ee0e22373be0d61ac5fa6e2f2866078b31b90537e24416fad12aa44b74bb71c2548b15f78fb0d8a3086fac2e4faa9a82029b9d39b72ec7a5a4869eba63651472a34e9ac8faae3984215d731a67081c36c4ff2a7130e611df5ebb57ffcc3c44370131c88e16f74ad73ec6a27c9c6c632820ba2ced4b0061bac183c43194cb8dd492735c763e54b8db10143d28498127fcc54acce837c1d7f0955c852ea368195f3a075cff32745e4c36c68a06c8e5f6692f7668fc0688ee7b2fcd1be9e341e8eb5fb5b976d4058a686f56a1ed418b617499bd004287334052b4b479ae311ef97b5fbdf7c285dbbd0261234503e68f2902b94115adfcd6639945c28b47c7ad2575473a55ff0d299326b7e6f80364a4449715a002f0b0a84952fda92ed45cfe7bbd2cd7ba34a5ce1851268c2a8852c64e0abd11500fe8c87c1bf3d5e8a41b2794a64e56c44655aa8aa1371984ca99584500a1b6d769b2d74409a3c5718952c1bfb854e7a85c2a198afea15227b1172005f3b1b682767ef22a3a3b1c6251cb9c4527426a4e48171c6cadf645573fefda9aed7e3548849f846481a6ecac7d36be0e38ef28f6ae28909d229d556a44cdbb4fa61bdb8f627c062b161bc679640feee4c3d7584d20a6eb475f6635680f4a6321ed9c0031f0523632dba72c349963f6f0a58f982b347d76388501f6f0c16440230782fbb68c3605e94e1be01d6a321a353eeda86bbc36b2b898983cb994f99ebfd6d28a0c716e1a4710f13fad98148a00b7faf3c48c49cfbdb40fbffe0b3167d2e01c8f227a0631843a94eff15a613db675eeff55e451c37498faa4cf50c7cf5b51ff9e09715da14773e03a66869191058c64353056836665327b74321e0a1191bf4f400d5e315548da7108e40f80bea56f282d0d338e61449e9e66b0d7b25e0735987966a4a7d1d1d09234b74fed0bbf6fc996ad703dbf95cbc848d4d646f2cdc06fd956eb87de7fb213431206b92387190aff870f4259a840de9fd788a97451affebb1d2b65143c6107d7a8e35b7a63905c9e16071d38ab652451e4c156fe074362bfe672079ee42e2a264224d4c3090ae182088617fe2a87d493f6ebd36672456b3014d4c1bcafc105ec77f9bedf1a62a7a82ef70396c5f767dbd98873567275fac01a901016f214a2768a06e71ae20736fb5f974a8efe8760f4dc7e87f8223b451658ca0ef1ffa0052637d542f00af9813a344a82ab7008423f2be235dff4d6e37b055f8f5b78fe51a994bfacdcbae1faabe006ac32a9ccf69d1e1d721fae8055c3f58392bd8200edd08cde43b01a6fe803f496d8beb595ef1a121ed89f5cce5fb7f116c7bcfa1842bd64fffe2ee5e89610d6e5fc6ff7b2e60c409a6a7bc15045a728a079c9d453682fa0907b916e3188ddae01baefa5521cc966c6b9585fb4e68402792fc93e73b969f7e63743d20c2fd91bfcb938f342c2985b8e1a19c25b7a2f002b236230dbcebfae1a7b7d0940a193a5dec0edf39370fa58d7ae88ed2afa51b60f2e709218149309753919e224d11b4804e1caf0254ccee0a777b606f35aeb118319840197661afecb632982d79bd6ed52b743dfb0ef62eecd1b7f94381c1acaaa007be45bd0b7dec4325cc318b948c7302c5aad28d2e4f8579ff92cfcc3c3a18f29386fc66ae0b0b3990121c1aee83746f1a55a4aed489fec02985c24cad582ebec7ba6c44d2bf2c3e83071329ade2191d73b449ae87b408fead07c01593eae70c786f039d8abf4a366e8e5571d0ebb06b7cc707a2ec5306e3f76e97fab3a6c6dd975e74348b8d4995868712714e3d10b74902a9d0cd13b6b91b4347dc5af4d60ddea0e76bdf4fd9815cd504434c9981d28bcf1bb22ae66815774d4f003537d951a24a12c0ae48218c6d31e954fe20f4334e0495d474950504fc9635cf5715c8efa06f93a8167bc4607ebcc6e850c6aced635935b2f354a4d2eff9c71cdd39798dffe596115d89e901a43e0fabffd3f554f066c8212add01fa47f79033aa175f4f8033057c4f481381f3db1b5d9b2fd72e27aaecd2a6568e5a724e4a699e89c287162eb44bbf35efa71772f4fbb2650bd93ae4aa3a53192069c0734b4e9742e52955c819090f3106af780bdd564036ddda405fe0a9e9540e5787b7a3fde839f2375e091e63da54d6036c1bc50bf16efd6d198a0ff7ddf8c6d791d85ed885a53ecdee10ce40dd878d8b7b93954e80a0a008ae08698e74409c646c5089bf508d7b32589a4442c84c94b77dd83e10d4cbdcb0a8e9084ba58812ef6c40e078587f3c82140facd7e4a942a967e09580a4969fe4ff18a3c0156538253cf7271ee1be187ac03023eeb037d6b09093308cd5d6ebfccf11f43f9a9963431d1745088180bcd4d59e2bcb9241f4e73c5d72d390b47511a90b3e07f49dae42a11096070f11692f20f77c53b6067dba2171d959b5a2275debdd1a9c7a010efeb75b84ba5a7660b401376022d56817e423ccc9db1bc6b1d2b956782349d7c500986d7f0654e8fe3643715b99ec7334da180d4c011dcf727b2e0bacab1df94afd33a4b8f7bb66cda5811ea1500a00b158d660483287bc26bc04d01ae548ec804478df047de419cbfec2bde1051e1b50b8df92be4909a300094555983dcacf615ca79f394923721f1d9c3bf001ad93e89cf70b750049d40bf4f5f5703784a5d5a60d7918cafb4415a98d9dc69dee763053753e06b715ebdd2bf303fd0791c77038ca967c886722fd5c76f65091139160af6525d206b6c8aea3f08d866ba4b0254d20b231f4f3eae6358fdfc94dbb43cf964e343f06614dc433770765b3bd75395f8d8759c1e79535686ee0aa06ef60f3735629bfdd883c4461496439d5aea53039970021213373e401bd16705c50e97b76c6532d8bf0fc04489d7ae2090b084cee663c1fd87cf57d40f9da1dd035236a8f76dc9c52aa5a2de290316b81f8bcb800861619f6dd87afb591b0c4748cada2ac5e756842f416cdfa2f3007807d23684d519da66012bc1d0ce4e3c0072098d2b30125ce4e9d47ce5d0f60fe5eee78c055fcd18c20f2e2297edbba101e029d7b377f17495ba5add607aed8a9dc371cd8e4cc37c5251c60bcaee255702029a1b1d19eb8d8169984e542c094d70da123f541fb7b7ba0c889329d25a71ddb801276e01f63bc894781f6ec339220c6165e7ace8f9439708071b55aec0fd55d1e5b2f9e55d4f601d26ec4e9f84cfa43a33ce4181f6404686fa528a3e2340eb853814ad755fdd49e25e8d18d142204d191b13ffb1d8c2b52476e40d05b9f4ff263a0fad81398fc019fab8a42ed89bfc74899ceacb0325253349b08ba183d3528e0d2d9d3f19737e437087aad219a4adda404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + ], + "measurement": 0, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "e820f2d625ee3cabce61d583c8c4054e", + "82e8487025764348020264792b3d100f", + "0c8c76f65caf04ee0e22373be0d61ac5", + "fa6e2f2866078b31b90537e24416fad1", + "2aa44b74bb71c2548b15f78fb0d8a308", + "6fac2e4faa9a82029b9d39b72ec7a5a4", + "869eba63651472a34e9ac8faae398421", + "5d731a67081c36c4ff2a7130e611df5e", + "bb57ffcc3c44370131c88e16f74ad73e", + "c6a27c9c6c632820ba2ced4b0061bac1", + "83c43194cb8dd492735c763e54b8db10", + "143d28498127fcc54acce837c1d7f095", + "5c852ea368195f3a075cff32745e4c36", + "c68a06c8e5f6692f7668fc0688ee7b2f", + "cd1be9e341e8eb5fb5b976d4058a686f", + "56a1ed418b617499bd004287334052b4", + "b479ae311ef97b5fbdf7c285dbbd0261", + "234503e68f2902b94115adfcd6639945", + "c28b47c7ad2575473a55ff0d299326b7", + "e6f80364a4449715a002f0b0a84952fd", + "a92ed45cfe7bbd2cd7ba34a5ce185126", + "8c2a8852c64e0abd11500fe8c87c1bf3", + "d5e8a41b2794a64e56c44655aa8aa137", + "1984ca99584500a1b6d769b2d74409a3", + "c5718952c1bfb854e7a85c2a198afea1", + "5227b1172005f3b1b682767ef22a3a3b", + "1c6251cb9c4527426a4e48171c6cadf6", + "45573fefda9aed7e3548849f846481a6", + "ecac7d36be0e38ef28f6ae28909d229d", + "556a44cdbb4fa61bdb8f627c062b161b", + "c679640feee4c3d7584d20a6eb475f66", + "35680f4a6321ed9c0031f0523632dba7", + "2c349963f6f0a58f982b347d76388501", + "f6f0c16440230782fbb68c3605e94e1b", + "e01d6a321a353eeda86bbc36b2b89898", + "3cb994f99ebfd6d28a0c716e1a4710f1", + "3fad98148a00b7faf3c48c49cfbdb40f", + "bffe0b3167d2e01c8f227a0631843a94", + "eff15a613db675eeff55e451c37498fa", + "a4cf50c7cf5b51ff9e09715da14773e0", + "3a66869191058c64353056836665327b", + "74321e0a1191bf4f400d5e315548da71", + "08e40f80bea56f282d0d338e61449e9e", + "66b0d7b25e0735987966a4a7d1d1d092", + "34b74fed0bbf6fc996ad703dbf95cbc8", + "48d4d646f2cdc06fd956eb87de7fb213", + "431206b92387190aff870f4259a840de", + "9fd788a97451affebb1d2b65143c6107", + "d7a8e35b7a63905c9e16071d38ab6524", + "51e4c156fe074362bfe672079ee42e2a", + "264224d4c3090ae182088617fe2a87d4", + "93f6ebd36672456b3014d4c1bcafc105", + "ec77f9bedf1a62a7a82ef70396c5f767", + "dbd98873567275fac01a901016f214a2", + "768a06e71ae20736fb5f974a8efe8760", + "f4dc7e87f8223b451658ca0ef1ffa005", + "2637d542f00af9813a344a82ab700842", + "3f2be235dff4d6e37b055f8f5b78fe51", + "a994bfacdcbae1faabe006ac32a9ccf6", + "9d1e1d721fae8055c3f58392bd8200ed", + "d08cde43b01a6fe803f496d8beb595ef", + "1a121ed89f5cce5fb7f116c7bcfa1842", + "bd64fffe2ee5e89610d6e5fc6ff7b2e6", + "0c409a6a7bc15045a728a079c9d45368", + "2fa0907b916e3188ddae01baefa5521c", + "c966c6b9585fb4e68402792fc93e73b9", + "69f7e63743d20c2fd91bfcb938f342c2", + "985b8e1a19c25b7a2f002b236230dbce", + "bfae1a7b7d0940a193a5dec0edf39370", + "fa58d7ae88ed2afa51b60f2e70921814", + "9309753919e224d11b4804e1caf0254c", + "cee0a777b606f35aeb11831984019766", + "1afecb632982d79bd6ed52b743dfb0ef", + "62eecd1b7f94381c1acaaa007be45bd0", + "b7dec4325cc318b948c7302c5aad28d2", + "e4f8579ff92cfcc3c3a18f29386fc66a", + "e0b0b3990121c1aee83746f1a55a4aed", + "489fec02985c24cad582ebec7ba6c44d", + "2bf2c3e83071329ade2191d73b449ae8", + "7b408fead07c01593eae70c786f039d8", + "abf4a366e8e5571d0ebb06b7cc707a2e", + "c5306e3f76e97fab3a6c6dd975e74348", + "b8d4995868712714e3d10b74902a9d0c", + "d13b6b91b4347dc5af4d60ddea0e76bd", + "f4fd9815cd504434c9981d28bcf1bb22", + "ae66815774d4f003537d951a24a12c0a", + "e48218c6d31e954fe20f4334e0495d47", + "4950504fc9635cf5715c8efa06f93a81", + "67bc4607ebcc6e850c6aced635935b2f", + "354a4d2eff9c71cdd39798dffe596115", + "d89e901a43e0fabffd3f554f066c8212", + "add01fa47f79033aa175f4f8033057c4", + "f481381f3db1b5d9b2fd72e27aaecd2a", + "6568e5a724e4a699e89c287162eb44bb", + "f35efa71772f4fbb2650bd93ae4aa3a5", + "3192069c0734b4e9742e52955c819090", + "f3106af780bdd564036ddda405fe0a9e", + "9540e5787b7a3fde839f2375e091e63d", + "a54d6036c1bc50bf16efd6d198a0ff7d", + "df8c6d791d85ed885a53ecdee10ce40d" + ], + [ + "1adf0d29da11c354159e2a7c373bfab1", + "7f17b78fda89bcb7e1fd9b86d4c2eff0", + "f5738909a350fb11d5ddc8c41f29e53a", + "0791d0d799f874ce2afac81dbbe9052e", + "d75bb48b448e3dab58ea08704f275cf7", + "9253d1b055657dfd4862c648d1385a5b", + "7b61459c9aeb8d5c9565370551c67bde", + "a48ce598f7e3c93be4d48ecf19ee20a1", + "46a80033c3bbc8feb23771e908b528c1", + "3b5d8363939cd7df29d312b4ff9e453e", + "7e3bce6b34722b6d70a389c1ab4724ef", + "edc2d7b67ed8033a993317c83e280f6a", + "a57ad15c97e6a0c5dca300cd8ba1b3c9", + "3b75f9371a0996d06d9703f9771184d0", + "34e4161cbe1714a02e46892bfa759790", + "ab5e12be749e8b6626ffbd78ccbfad4b", + "4d8651cee10684a026083d7a2442fd9e", + "debafc1970d6fd46a2ea5203299c66ba", + "3f74b83852da8ab8a9aa00f2d66cd948", + "1b07fc9b5bbb68ea43fd0f4f57b6ad02", + "58d12ba3018442d30c45cb5a31e7aed9", + "75d577ad39b1f542d2aff0173783e40c", + "2c175be4d86b59b18d3bb9aa55755ec8", + "e87b3566a7baff5e2d28964d28bbf65c", + "3c8e76ad3e4047abfc56a3d5e675015e", + "afd84ee8dffa0c4e2d7d89810dd5c5c4", + "e59dae3463bad8bd79b1b7e8e3935209", + "bca8c01025651281aeb77b607b9b7e59", + "155382c941f1c710bb0951d76f62dd62", + "ac95bb3244b059e408709d83f9d4e9e4", + "3b869bf0111b3c288bb2df5914b8a099", + "cc97f0b59cde1263e3ce0fadc9cd2458", + "d5cb669c090f5a704bd4cb8289c77afe", + "0b0f3e9bbfdcf87de84873c9fa16b1e4", + "21e295cde5cac1123b9443c94d476767", + "c5466b066140292d59f38e91e5b8ef0e", + "c25267eb75ff4805f03a73b630424bf0", + "4201f4ce982d1fe354dd85f9ce7bc56b", + "120ea59ec2498a11e4a91bae3c8b6705", + "5d30af3830a4ae0045f68ea25eb88c1f", + "c799796e6efa739baecfa97c999acd84", + "8dcde1f5ee6e40b0a3f2a1ceaab7258e", + "f91bf07f415a90d7b6f2cc719ebb6161", + "9b4f284da1f8ca676a995b582e2e2f6d", + "cd48b012f44090364d528fc2406a3437", + "b92b29b90d323f900aa9147821804dec", + "beedf946dc78e6f5e477f0bda657bf21", + "622877568bae500128e2d49aebc39ef8", + "2a571ca4859c6fa345e9f8e2c7549adb", + "b01b3ea901f8bc9d24198df8611bd1d5", + "dbbddb2b3cf6f51e61f779e801d5782b", + "6e09142c998dba94b3eb2b3e43503efa", + "1588064120e59d583bd108fc693a0898", + "2626778ca98d8a0523e56fefe90deb5d", + "8b75f918e51df8c9e89f68b57101789f", + "0d23817807ddc4bacda735f10e005ffa", + "dbc82abd0ff5067ea9cbb57d548ff7bd", + "c2d41dca200b291c68faa070a48701ae", + "586b405323451e05381ff953cd563309", + "64e1e28de0517faa200a7c6d427dff12", + "317321bc4fe59017e00b6927414a6a10", + "e7ede12760a331a02c0ee9384305e7bd", + "449b0001d11a1769d3291a0390084d19", + "f5bf6595843eafba3cd75f86362bac97", + "d25f6f846e91ce770651fe45105aade3", + "38993946a7a04b195ffd86d036c18c46", + "980819c8bc2df3d00ae40346c70cbd3d", + "69a471e5e63da485b4ffd4dc9dcf2431", + "4251e58482f6bf5e505a213f120c6c8f", + "07a728517712d5059249f0d18f6de7eb", + "6ef68ac6e61ddb2ec8b7fb1e350fdab3", + "331f588849f90ca5f8ed7ce67bfe6899", + "e701349cd67d28640d12ad48bc204f10", + "9f1132e4806bc7e3c93555ff841ba42f", + "4a213bcda33ce7469b38cfd3a552d72d", + "1d07a86006d3033c205e70d6c7903995", + "214f4c66fede3e51fbc7b90e5aa5b512", + "b96013fd67a3db350e7d141384593bb2", + "d60d3c17cf8ecd6505de6e28c4bb6517", + "86bf70152f83fea6a5518f38790fc627", + "560b5c99171aa8e2d544f948338f85d1", + "3ccf91c089168054a99392268a18bcb7", + "492b66a7978ed8eb002ef48b6fd562f3", + "30c4946e4bcb823a34b29f2215f18942", + "0d0267ea32afbbcb1a67e2d7430e44dd", + "53997ea88b2b0ffc90826ae5db5ed3f5", + "1d7de7392ce16ab001f0bccb1fb6a2b8", + "b8afafb0369ca30a72a37105f906c57e", + "9a43b9f81433917ad7953129ca6ca4d0", + "ccb5b2d100638e321068672001a69eea", + "29616fe5bc1f0540e6bfaab0f9937ded", + "542fe05b8086fcc5428a0b07fccfa83b", + "0d7ec7e0c24e4a2631028d1d855132d5", + "9c971a58db1b5966fb62d78e9d14bb44", + "0ea1058e88d0b044bdaf426c51b55c5a", + "d06df963f8cb4b166fd1ad6aa37e6f6f", + "0eef95087f422a9be092225bfa01f561", + "6cbf1a878485c0216060dc8a1f6e19c2", + "5cb29fc93e43af40cd10292e675f0082", + "22739286e27a127789ac13211ef31bf2" + ] + ], + "prep_messages": [ + "774e1ebb45b1c0e11bf01b23d0a2f1822a68e27345e3f5ff256e9253dad417ad" + ], + "prep_shares": [ + [ + "66e14d38c90694ecaed6e1e6e54ff37f626cd891b3b1ffe20bacaa5741a9b19676678c90abe6b88bd2e821d21c7211c061da7b45ff16d851eb4ef88cc3f89ecd56cc565ec94950085319139daef295682a34ee3b89f4b71ca6e8bf5930ff033b1771b890a81981bd862ff9eb352d2c7a7f98b8e30631d46d75eda32a07f681fa388813e1976784d821d2babaedcd760dba72a20438b47e581667aed24ff37a22eca51216da0b13cd6c9c7978189efda7293867a3a10cde89e65ac695e94983832b6143d62e4e1229aa7f5ea7853901c6046e04bf993f1b75c67623131ff658f43521e9a9f0eb93b2a26dbdf9654d6c6859ebb4f2ba4cece36f8bd4d93ad9fb5970a03cdeee9719af30cf68bd18cf728ad26a549be48bd7203945fb904d6aed93db7b5dead163e4ce99128251a44a6476921b916493511ee254c5c44bd0793bcd8bc37948a39bc02ee7a80168be082b46ccbeeadfaa954a31a899367aed48f364225526ab0a748466845abda64883baf691a577e092b36c8178a3e3c4f7fecc79", + "9b1eb2c736f96b1335291e191ab00c80e550c1b959b141150218275087013144cac1655435b03aec8c6f8aa8c6798e052853e97b4dc3fff2cd7ad75fc07cd6471db842439560a70ce333a273d4da9b37b5276e90b6d9064bd2029fefa536a53d1d51e55b553ea3a4056d627a2e5b2ced984b1b63f1ddff1b75113a943bb4e4da12ba32779614365afdfd645a8b3fa517d35a5ca6e2202e9c699be20508d129015e4d60fbae27377187a09ee9d933ce0630a5686c066e2819861586d9876c961c1f97bf8466cbf7dda8442d7f7af37c3289712987fb6367798647ac591469905a345318abde99a7db7b9fee2a33d5938d48ad5d7fd0be8207c4220c7d2ab45fcbe9761e56d960409a891124141f1ff5a19cd1abd0ab3c1baab4297de51ccb6ae24c3d78cad0829883f6c1f520ec2808c74a2705d30935ba4c32be7225941b1dfe0d61f8fc19a8f4829a1853b60eba481c3177450712ccb1da331bd9ad3fd98d3e40ae4be243e624b1ffde96162c2fa48392128bd79d2861098ffc5ab20af7ec18" + ] + ], + "public_share": "225526ab0a748466845abda64883baf691a577e092b36c8178a3e3c4f7fecc7940ae4be243e624b1ffde96162c2fa48392128bd79d2861098ffc5ab20af7ec18", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + }, + { + "input_shares": [ + "e820f2d625ee3cabce61d583c8c4054e82e8487025764348020264792b3d100f0c8c76f65caf04ee0e22373be0d61ac5fa6e2f2866078b31b90537e24416fad12aa44b74bb71c2548b15f78fb0d8a3086fac2e4faa9a82029b9d39b72ec7a5a4869eba63651472a34e9ac8faae3984215d731a67081c36c4ff2a7130e611df5ebb57ffcc3c44370131c88e16f74ad73ec6a27c9c6c632820ba2ced4b0061bac183c43194cb8dd492735c763e54b8db10143d28498127fcc54acce837c1d7f0955c852ea368195f3a075cff32745e4c36c68a06c8e5f6692f7668fc0688ee7b2fcd1be9e341e8eb5fb5b976d4058a686f56a1ed418b617499bd004287334052b4b479ae311ef97b5fbdf7c285dbbd0261234503e68f2902b94115adfcd6639945c28b47c7ad2575473a55ff0d299326b7e6f80364a4449715a002f0b0a84952fda92ed45cfe7bbd2cd7ba34a5ce1851268c2a8852c64e0abd11500fe8c87c1bf3d5e8a41b2794a64e56c44655aa8aa1371984ca99584500a1b6d769b2d74409a3c5718952c1bfb854e7a85c2a198afea15227b1172005f3b1b682767ef22a3a3b1c6251cb9c4527426a4e48171c6cadf645573fefda9aed7e3548849f846481a6ecac7d36be0e38ef28f6ae28909d229d556a44cdbb4fa61bdb8f627c062b161bc679640feee4c3d7584d20a6eb475f6635680f4a6321ed9c0031f0523632dba72c349963f6f0a58f982b347d76388501f6f0c16440230782fbb68c3605e94e1be01d6a321a353eeda86bbc36b2b898983cb994f99ebfd6d28a0c716e1a4710f13fad98148a00b7faf3c48c49cfbdb40fbffe0b3167d2e01c8f227a0631843a94eff15a613db675eeff55e451c37498faa4cf50c7cf5b51ff9e09715da14773e03a66869191058c64353056836665327b74321e0a1191bf4f400d5e315548da7108e40f80bea56f282d0d338e61449e9e66b0d7b25e0735987966a4a7d1d1d09234b74fed0bbf6fc996ad703dbf95cbc848d4d646f2cdc06fd956eb87de7fb213431206b92387190aff870f4259a840de9fd788a97451affebb1d2b65143c6107d7a8e35b7a63905c9e16071d38ab652451e4c156fe074362bfe672079ee42e2a264224d4c3090ae182088617fe2a87d493f6ebd36672456b3014d4c1bcafc105ec77f9bedf1a62a7a82ef70396c5f767dbd98873567275fac01a901016f214a2768a06e71ae20736fb5f974a8efe8760f4dc7e87f8223b451658ca0ef1ffa0052637d542f00af9813a344a82ab7008423f2be235dff4d6e37b055f8f5b78fe51a994bfacdcbae1faabe006ac32a9ccf69d1e1d721fae8055c3f58392bd8200edd08cde43b01a6fe803f496d8beb595ef1a121ed89f5cce5fb7f116c7bcfa1842bd64fffe2ee5e89610d6e5fc6ff7b2e60c409a6a7bc15045a728a079c9d453682fa0907b916e3188ddae01baefa5521cc966c6b9585fb4e68402792fc93e73b969f7e63743d20c2fd91bfcb938f342c2985b8e1a19c25b7a2f002b236230dbcebfae1a7b7d0940a193a5dec0edf39370fa58d7ae88ed2afa51b60f2e709218149309753919e224d11b4804e1caf0254ccee0a777b606f35aeb118319840197661afecb632982d79bd6ed52b743dfb0ef62eecd1b7f94381c1acaaa007be45bd0b7dec4325cc318b948c7302c5aad28d2e4f8579ff92cfcc3c3a18f29386fc66ae0b0b3990121c1aee83746f1a55a4aed489fec02985c24cad582ebec7ba6c44d2bf2c3e83071329ade2191d73b449ae87b408fead07c01593eae70c786f039d8abf4a366e8e5571d0ebb06b7cc707a2ec5306e3f76e97fab3a6c6dd975e74348b8d4995868712714e3d10b74902a9d0cd13b6b91b4347dc5af4d60ddea0e76bdf4fd9815cd504434c9981d28bcf1bb22ae66815774d4f003537d951a24a12c0ae48218c6d31e954fe20f4334e0495d474950504fc9635cf5715c8efa06f93a8167bc4607ebcc6e850c6aced635935b2f354a4d2eff9c71cdd39798dffe596115d89e901a43e0fabffd3f554f066c8212add01fa47f79033aa175f4f8033057c4f481381f3db1b5d9b2fd72e27aaecd2a6568e5a724e4a699e89c287162eb44bbf35efa71772f4fbb2650bd93ae4aa3a53192069c0734b4e9742e52955c819090f3106af780bdd564036ddda405fe0a9e9540e5787b7a3fde839f2375e091e63da54d6036c1bc50bf16efd6d198a0ff7ddf8c6d791d85ed885a53ecdee10ce40dd878d8b7b93954e80a0a008ae08698e74409c646c5089bf508d7b32589a4442c84c94b77dd83e10d4cbdcb0a8e9084ba58812ef6c40e078587f3c82140facd7e4a942a967e09580a4969fe4ff18a3c0156538253cf7271ee1be187ac03023eeb037d6b09093308cd5d6ebfccf11f43f9a9963431d1745088180bcd4d59e2bcb9241f4e73c5d72d390b47511a90b3e07f49dae42a11096070f11692f20f77c53b6067dba2171d959b5a2275debdd1a9c7a010efeb75b84ba5a7660b401376022d56817e423ccc9db1bc6b1d2b956782349d7c500986d7f0654e8fe3643715b99ec7334da180d4c011dcf727b2e0bacab1df94afd33a4b8f7bb66cda5811ea1500a00b158d660483287bc26bc04d01ae548ec804478df047de419cbfec2bde1051e1b50b8df92be4909a300094555983dcacf615ca79f394923721f1d9c3bf001ad93e89cf70b750049d40bf4f5f5703784a5d5a60d7918cafb4415a98d9dc69dee763053753e06b715ebdd2bf303fd0791c77038ca967c886722fd5c76f65091139160af6525d206b6c8aea3f08d866ba4b0254d20b231f4f3eae6358fdfc94dbb43cf964e343f06614dc433770765b3bd75395f8d8759c1e79535686ee0aa06ef60f3735629bfdd883c4461496439d5aea53039970021213373e401bd16705c50e97b76c6532d8bf0fc04489d7ae2090b084cee663c1fd87cf57d40f9da1dd035236a8f76dc9c52aa5a2de290316b81f8bcb800861619f6dd87afb591b0c4748cada2ac5e756842f416cdfa2f3007807d23684d519da66012bc1d0ce4e3c0072098d2b30125ce4e9d47ce5d0f60fe5eee78c055fcd18c20f2e2297edbba101e029d7b377f17495ba5add607aed8a9dc371cd8e4cc37c5251c60bcaee255702029a1b1d19eb8d8169984e542c094d70da123f541fb7b7ba0c889329d25a71ddb801276e01f63bc894781f6ec339220c6165e7ace8f9439708071b55aec0fd55d1e5b2f9e55d4f601d26ec4e9f84cfa43a33ce4181f6404686fa528a3e2340eb853814ad755fdd49e25e8d18d142204d191b13ffb1d8c2b52476e40d05b9f4ff263a0fad81398fc019fab8a42ed89bfc74899ceacb0325253349b08ba183d3528e0d2d9d3f19737e437087aad219a4adda404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + ], + "measurement": 0, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "e820f2d625ee3cabce61d583c8c4054e", + "82e8487025764348020264792b3d100f", + "0c8c76f65caf04ee0e22373be0d61ac5", + "fa6e2f2866078b31b90537e24416fad1", + "2aa44b74bb71c2548b15f78fb0d8a308", + "6fac2e4faa9a82029b9d39b72ec7a5a4", + "869eba63651472a34e9ac8faae398421", + "5d731a67081c36c4ff2a7130e611df5e", + "bb57ffcc3c44370131c88e16f74ad73e", + "c6a27c9c6c632820ba2ced4b0061bac1", + "83c43194cb8dd492735c763e54b8db10", + "143d28498127fcc54acce837c1d7f095", + "5c852ea368195f3a075cff32745e4c36", + "c68a06c8e5f6692f7668fc0688ee7b2f", + "cd1be9e341e8eb5fb5b976d4058a686f", + "56a1ed418b617499bd004287334052b4", + "b479ae311ef97b5fbdf7c285dbbd0261", + "234503e68f2902b94115adfcd6639945", + "c28b47c7ad2575473a55ff0d299326b7", + "e6f80364a4449715a002f0b0a84952fd", + "a92ed45cfe7bbd2cd7ba34a5ce185126", + "8c2a8852c64e0abd11500fe8c87c1bf3", + "d5e8a41b2794a64e56c44655aa8aa137", + "1984ca99584500a1b6d769b2d74409a3", + "c5718952c1bfb854e7a85c2a198afea1", + "5227b1172005f3b1b682767ef22a3a3b", + "1c6251cb9c4527426a4e48171c6cadf6", + "45573fefda9aed7e3548849f846481a6", + "ecac7d36be0e38ef28f6ae28909d229d", + "556a44cdbb4fa61bdb8f627c062b161b", + "c679640feee4c3d7584d20a6eb475f66", + "35680f4a6321ed9c0031f0523632dba7", + "2c349963f6f0a58f982b347d76388501", + "f6f0c16440230782fbb68c3605e94e1b", + "e01d6a321a353eeda86bbc36b2b89898", + "3cb994f99ebfd6d28a0c716e1a4710f1", + "3fad98148a00b7faf3c48c49cfbdb40f", + "bffe0b3167d2e01c8f227a0631843a94", + "eff15a613db675eeff55e451c37498fa", + "a4cf50c7cf5b51ff9e09715da14773e0", + "3a66869191058c64353056836665327b", + "74321e0a1191bf4f400d5e315548da71", + "08e40f80bea56f282d0d338e61449e9e", + "66b0d7b25e0735987966a4a7d1d1d092", + "34b74fed0bbf6fc996ad703dbf95cbc8", + "48d4d646f2cdc06fd956eb87de7fb213", + "431206b92387190aff870f4259a840de", + "9fd788a97451affebb1d2b65143c6107", + "d7a8e35b7a63905c9e16071d38ab6524", + "51e4c156fe074362bfe672079ee42e2a", + "264224d4c3090ae182088617fe2a87d4", + "93f6ebd36672456b3014d4c1bcafc105", + "ec77f9bedf1a62a7a82ef70396c5f767", + "dbd98873567275fac01a901016f214a2", + "768a06e71ae20736fb5f974a8efe8760", + "f4dc7e87f8223b451658ca0ef1ffa005", + "2637d542f00af9813a344a82ab700842", + "3f2be235dff4d6e37b055f8f5b78fe51", + "a994bfacdcbae1faabe006ac32a9ccf6", + "9d1e1d721fae8055c3f58392bd8200ed", + "d08cde43b01a6fe803f496d8beb595ef", + "1a121ed89f5cce5fb7f116c7bcfa1842", + "bd64fffe2ee5e89610d6e5fc6ff7b2e6", + "0c409a6a7bc15045a728a079c9d45368", + "2fa0907b916e3188ddae01baefa5521c", + "c966c6b9585fb4e68402792fc93e73b9", + "69f7e63743d20c2fd91bfcb938f342c2", + "985b8e1a19c25b7a2f002b236230dbce", + "bfae1a7b7d0940a193a5dec0edf39370", + "fa58d7ae88ed2afa51b60f2e70921814", + "9309753919e224d11b4804e1caf0254c", + "cee0a777b606f35aeb11831984019766", + "1afecb632982d79bd6ed52b743dfb0ef", + "62eecd1b7f94381c1acaaa007be45bd0", + "b7dec4325cc318b948c7302c5aad28d2", + "e4f8579ff92cfcc3c3a18f29386fc66a", + "e0b0b3990121c1aee83746f1a55a4aed", + "489fec02985c24cad582ebec7ba6c44d", + "2bf2c3e83071329ade2191d73b449ae8", + "7b408fead07c01593eae70c786f039d8", + "abf4a366e8e5571d0ebb06b7cc707a2e", + "c5306e3f76e97fab3a6c6dd975e74348", + "b8d4995868712714e3d10b74902a9d0c", + "d13b6b91b4347dc5af4d60ddea0e76bd", + "f4fd9815cd504434c9981d28bcf1bb22", + "ae66815774d4f003537d951a24a12c0a", + "e48218c6d31e954fe20f4334e0495d47", + "4950504fc9635cf5715c8efa06f93a81", + "67bc4607ebcc6e850c6aced635935b2f", + "354a4d2eff9c71cdd39798dffe596115", + "d89e901a43e0fabffd3f554f066c8212", + "add01fa47f79033aa175f4f8033057c4", + "f481381f3db1b5d9b2fd72e27aaecd2a", + "6568e5a724e4a699e89c287162eb44bb", + "f35efa71772f4fbb2650bd93ae4aa3a5", + "3192069c0734b4e9742e52955c819090", + "f3106af780bdd564036ddda405fe0a9e", + "9540e5787b7a3fde839f2375e091e63d", + "a54d6036c1bc50bf16efd6d198a0ff7d", + "df8c6d791d85ed885a53ecdee10ce40d" + ], + [ + "1adf0d29da11c354159e2a7c373bfab1", + "7f17b78fda89bcb7e1fd9b86d4c2eff0", + "f5738909a350fb11d5ddc8c41f29e53a", + "0791d0d799f874ce2afac81dbbe9052e", + "d75bb48b448e3dab58ea08704f275cf7", + "9253d1b055657dfd4862c648d1385a5b", + "7b61459c9aeb8d5c9565370551c67bde", + "a48ce598f7e3c93be4d48ecf19ee20a1", + "46a80033c3bbc8feb23771e908b528c1", + "3b5d8363939cd7df29d312b4ff9e453e", + "7e3bce6b34722b6d70a389c1ab4724ef", + "edc2d7b67ed8033a993317c83e280f6a", + "a57ad15c97e6a0c5dca300cd8ba1b3c9", + "3b75f9371a0996d06d9703f9771184d0", + "34e4161cbe1714a02e46892bfa759790", + "ab5e12be749e8b6626ffbd78ccbfad4b", + "4d8651cee10684a026083d7a2442fd9e", + "debafc1970d6fd46a2ea5203299c66ba", + "3f74b83852da8ab8a9aa00f2d66cd948", + "1b07fc9b5bbb68ea43fd0f4f57b6ad02", + "58d12ba3018442d30c45cb5a31e7aed9", + "75d577ad39b1f542d2aff0173783e40c", + "2c175be4d86b59b18d3bb9aa55755ec8", + "e87b3566a7baff5e2d28964d28bbf65c", + "3c8e76ad3e4047abfc56a3d5e675015e", + "afd84ee8dffa0c4e2d7d89810dd5c5c4", + "e59dae3463bad8bd79b1b7e8e3935209", + "bca8c01025651281aeb77b607b9b7e59", + "155382c941f1c710bb0951d76f62dd62", + "ac95bb3244b059e408709d83f9d4e9e4", + "3b869bf0111b3c288bb2df5914b8a099", + "cc97f0b59cde1263e3ce0fadc9cd2458", + "d5cb669c090f5a704bd4cb8289c77afe", + "0b0f3e9bbfdcf87de84873c9fa16b1e4", + "21e295cde5cac1123b9443c94d476767", + "c5466b066140292d59f38e91e5b8ef0e", + "c25267eb75ff4805f03a73b630424bf0", + "4201f4ce982d1fe354dd85f9ce7bc56b", + "120ea59ec2498a11e4a91bae3c8b6705", + "5d30af3830a4ae0045f68ea25eb88c1f", + "c799796e6efa739baecfa97c999acd84", + "8dcde1f5ee6e40b0a3f2a1ceaab7258e", + "f91bf07f415a90d7b6f2cc719ebb6161", + "9b4f284da1f8ca676a995b582e2e2f6d", + "cd48b012f44090364d528fc2406a3437", + "b92b29b90d323f900aa9147821804dec", + "beedf946dc78e6f5e477f0bda657bf21", + "622877568bae500128e2d49aebc39ef8", + "2a571ca4859c6fa345e9f8e2c7549adb", + "b01b3ea901f8bc9d24198df8611bd1d5", + "dbbddb2b3cf6f51e61f779e801d5782b", + "6e09142c998dba94b3eb2b3e43503efa", + "1588064120e59d583bd108fc693a0898", + "2626778ca98d8a0523e56fefe90deb5d", + "8b75f918e51df8c9e89f68b57101789f", + "0d23817807ddc4bacda735f10e005ffa", + "dbc82abd0ff5067ea9cbb57d548ff7bd", + "c2d41dca200b291c68faa070a48701ae", + "586b405323451e05381ff953cd563309", + "64e1e28de0517faa200a7c6d427dff12", + "317321bc4fe59017e00b6927414a6a10", + "e7ede12760a331a02c0ee9384305e7bd", + "449b0001d11a1769d3291a0390084d19", + "f5bf6595843eafba3cd75f86362bac97", + "d25f6f846e91ce770651fe45105aade3", + "38993946a7a04b195ffd86d036c18c46", + "980819c8bc2df3d00ae40346c70cbd3d", + "69a471e5e63da485b4ffd4dc9dcf2431", + "4251e58482f6bf5e505a213f120c6c8f", + "07a728517712d5059249f0d18f6de7eb", + "6ef68ac6e61ddb2ec8b7fb1e350fdab3", + "331f588849f90ca5f8ed7ce67bfe6899", + "e701349cd67d28640d12ad48bc204f10", + "9f1132e4806bc7e3c93555ff841ba42f", + "4a213bcda33ce7469b38cfd3a552d72d", + "1d07a86006d3033c205e70d6c7903995", + "214f4c66fede3e51fbc7b90e5aa5b512", + "b96013fd67a3db350e7d141384593bb2", + "d60d3c17cf8ecd6505de6e28c4bb6517", + "86bf70152f83fea6a5518f38790fc627", + "560b5c99171aa8e2d544f948338f85d1", + "3ccf91c089168054a99392268a18bcb7", + "492b66a7978ed8eb002ef48b6fd562f3", + "30c4946e4bcb823a34b29f2215f18942", + "0d0267ea32afbbcb1a67e2d7430e44dd", + "53997ea88b2b0ffc90826ae5db5ed3f5", + "1d7de7392ce16ab001f0bccb1fb6a2b8", + "b8afafb0369ca30a72a37105f906c57e", + "9a43b9f81433917ad7953129ca6ca4d0", + "ccb5b2d100638e321068672001a69eea", + "29616fe5bc1f0540e6bfaab0f9937ded", + "542fe05b8086fcc5428a0b07fccfa83b", + "0d7ec7e0c24e4a2631028d1d855132d5", + "9c971a58db1b5966fb62d78e9d14bb44", + "0ea1058e88d0b044bdaf426c51b55c5a", + "d06df963f8cb4b166fd1ad6aa37e6f6f", + "0eef95087f422a9be092225bfa01f561", + "6cbf1a878485c0216060dc8a1f6e19c2", + "5cb29fc93e43af40cd10292e675f0082", + "22739286e27a127789ac13211ef31bf2" + ] + ], + "prep_messages": [ + "774e1ebb45b1c0e11bf01b23d0a2f1822a68e27345e3f5ff256e9253dad417ad" + ], + "prep_shares": [ + [ + "66e14d38c90694ecaed6e1e6e54ff37f626cd891b3b1ffe20bacaa5741a9b19676678c90abe6b88bd2e821d21c7211c061da7b45ff16d851eb4ef88cc3f89ecd56cc565ec94950085319139daef295682a34ee3b89f4b71ca6e8bf5930ff033b1771b890a81981bd862ff9eb352d2c7a7f98b8e30631d46d75eda32a07f681fa388813e1976784d821d2babaedcd760dba72a20438b47e581667aed24ff37a22eca51216da0b13cd6c9c7978189efda7293867a3a10cde89e65ac695e94983832b6143d62e4e1229aa7f5ea7853901c6046e04bf993f1b75c67623131ff658f43521e9a9f0eb93b2a26dbdf9654d6c6859ebb4f2ba4cece36f8bd4d93ad9fb5970a03cdeee9719af30cf68bd18cf728ad26a549be48bd7203945fb904d6aed93db7b5dead163e4ce99128251a44a6476921b916493511ee254c5c44bd0793bcd8bc37948a39bc02ee7a80168be082b46ccbeeadfaa954a31a899367aed48f364225526ab0a748466845abda64883baf691a577e092b36c8178a3e3c4f7fecc79", + "9b1eb2c736f96b1335291e191ab00c80e550c1b959b141150218275087013144cac1655435b03aec8c6f8aa8c6798e052853e97b4dc3fff2cd7ad75fc07cd6471db842439560a70ce333a273d4da9b37b5276e90b6d9064bd2029fefa536a53d1d51e55b553ea3a4056d627a2e5b2ced984b1b63f1ddff1b75113a943bb4e4da12ba32779614365afdfd645a8b3fa517d35a5ca6e2202e9c699be20508d129015e4d60fbae27377187a09ee9d933ce0630a5686c066e2819861586d9876c961c1f97bf8466cbf7dda8442d7f7af37c3289712987fb6367798647ac591469905a345318abde99a7db7b9fee2a33d5938d48ad5d7fd0be8207c4220c7d2ab45fcbe9761e56d960409a891124141f1ff5a19cd1abd0ab3c1baab4297de51ccb6ae24c3d78cad0829883f6c1f520ec2808c74a2705d30935ba4c32be7225941b1dfe0d61f8fc19a8f4829a1853b60eba481c3177450712ccb1da331bd9ad3fd98d3e40ae4be243e624b1ffde96162c2fa48392128bd79d2861098ffc5ab20af7ec18" + ] + ], + "public_share": "225526ab0a748466845abda64883baf691a577e092b36c8178a3e3c4f7fecc7940ae4be243e624b1ffde96162c2fa48392128bd79d2861098ffc5ab20af7ec18", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + }, + { + "input_shares": [ + "e720f2d625ee3cabce61d583c8c4054e83e8487025764348020264792b3d100f0c8c76f65caf04ee0e22373be0d61ac5fa6e2f2866078b31b90537e24416fad12aa44b74bb71c2548b15f78fb0d8a3086fac2e4faa9a82029b9d39b72ec7a5a4869eba63651472a34e9ac8faae3984215d731a67081c36c4ff2a7130e611df5ebb57ffcc3c44370131c88e16f74ad73ec6a27c9c6c632820ba2ced4b0061bac183c43194cb8dd492735c763e54b8db10143d28498127fcc54acce837c1d7f0955c852ea368195f3a075cff32745e4c36c68a06c8e5f6692f7668fc0688ee7b2fcd1be9e341e8eb5fb5b976d4058a686f56a1ed418b617499bd004287334052b4b479ae311ef97b5fbdf7c285dbbd0261234503e68f2902b94115adfcd6639945c28b47c7ad2575473a55ff0d299326b7e6f80364a4449715a002f0b0a84952fda92ed45cfe7bbd2cd7ba34a5ce1851268c2a8852c64e0abd11500fe8c87c1bf3d5e8a41b2794a64e56c44655aa8aa1371984ca99584500a1b6d769b2d74409a3c5718952c1bfb854e7a85c2a198afea15227b1172005f3b1b682767ef22a3a3b1c6251cb9c4527426a4e48171c6cadf645573fefda9aed7e3548849f846481a6ecac7d36be0e38ef28f6ae28909d229d556a44cdbb4fa61bdb8f627c062b161bc679640feee4c3d7584d20a6eb475f6635680f4a6321ed9c0031f0523632dba72c349963f6f0a58f982b347d76388501f6f0c16440230782fbb68c3605e94e1be01d6a321a353eeda86bbc36b2b898983cb994f99ebfd6d28a0c716e1a4710f13fad98148a00b7faf3c48c49cfbdb40fbffe0b3167d2e01c8f227a0631843a94eff15a613db675eeff55e451c37498faa4cf50c7cf5b51ff9e09715da14773e03a66869191058c64353056836665327b74321e0a1191bf4f400d5e315548da7108e40f80bea56f282d0d338e61449e9e66b0d7b25e0735987966a4a7d1d1d09234b74fed0bbf6fc996ad703dbf95cbc848d4d646f2cdc06fd956eb87de7fb213431206b92387190aff870f4259a840de9fd788a97451affebb1d2b65143c6107d7a8e35b7a63905c9e16071d38ab652451e4c156fe074362bfe672079ee42e2a264224d4c3090ae182088617fe2a87d493f6ebd36672456b3014d4c1bcafc105ec77f9bedf1a62a7a82ef70396c5f767dbd98873567275fac01a901016f214a2768a06e71ae20736fb5f974a8efe8760f4dc7e87f8223b451658ca0ef1ffa0052637d542f00af9813a344a82ab7008423f2be235dff4d6e37b055f8f5b78fe51a994bfacdcbae1faabe006ac32a9ccf69d1e1d721fae8055c3f58392bd8200edd08cde43b01a6fe803f496d8beb595ef1a121ed89f5cce5fb7f116c7bcfa1842bd64fffe2ee5e89610d6e5fc6ff7b2e60c409a6a7bc15045a728a079c9d453682fa0907b916e3188ddae01baefa5521cc966c6b9585fb4e68402792fc93e73b969f7e63743d20c2fd91bfcb938f342c2985b8e1a19c25b7a2f002b236230dbcebfae1a7b7d0940a193a5dec0edf39370fa58d7ae88ed2afa51b60f2e709218149309753919e224d11b4804e1caf0254ccee0a777b606f35aeb118319840197661afecb632982d79bd6ed52b743dfb0ef62eecd1b7f94381c1acaaa007be45bd0b7dec4325cc318b948c7302c5aad28d2e4f8579ff92cfcc3c3a18f29386fc66ae0b0b3990121c1aee83746f1a55a4aed489fec02985c24cad582ebec7ba6c44d2bf2c3e83071329ade2191d73b449ae87b408fead07c01593eae70c786f039d8abf4a366e8e5571d0ebb06b7cc707a2ec5306e3f76e97fab3a6c6dd975e74348b8d4995868712714e3d10b74902a9d0cd13b6b91b4347dc5af4d60ddea0e76bdf4fd9815cd504434c9981d28bcf1bb22ae66815774d4f003537d951a24a12c0ae48218c6d31e954fe20f4334e0495d474950504fc9635cf5715c8efa06f93a8167bc4607ebcc6e850c6aced635935b2f354a4d2eff9c71cdd39798dffe596115d89e901a43e0fabffd3f554f066c8212add01fa47f79033aa175f4f8033057c4f481381f3db1b5d9b2fd72e27aaecd2a6568e5a724e4a699e89c287162eb44bbf35efa71772f4fbb2650bd93ae4aa3a53192069c0734b4e9742e52955c819090f3106af780bdd564036ddda405fe0a9e9540e5787b7a3fde839f2375e091e63da54d6036c1bc50bf16efd6d198a0ff7ddf8c6d791d85ed885a53ecdee10ce40dd878d8b7b93954e80a0a008ae08698e74409c646c5089bf508d7b32589a4442c84c94b77dd83e10d4cbdcb0a8e9084ba58812ef6c40e078587f3c82140facd7e4a942a967e09580a4969fe4ff18a3c0156538253cf7271ee1be187ac03023eeb037d6b09093308cd5d6ebfccf11f43f9a9963431d1745088180bcd4d59e2bcb9241f4e73c5d72d390b47511a90b3e07f49dae42a11096070f11692f20f77c53b6067dba2171d959b5a2275debdd1a9c7a010efeb75b84ba5a7660b401376022d56817e423ccc9db1bc6b1d2b956782349d7c500986d7f0654e8fe3643715b99ec7334da180d4c011dcf727b2e0bacab1df94afd33a4b8f7bb66cda5811ea1500a00b158d660483287bc26bc04d01ae548ec804478df047de419cbfec2bde1051e1b50b8df92be4909a300094555983dcacf615ca79f394923721f1d9c3bf001a92228f3ccf7a882871c5980e660230bac0d8dea0fc22f19353fb54c7e29323ed695a9287c7f97fa5d28f831c0644eee64859883b45bcb72cde0f94bf15e4f1a0ca010d171f73ac7729747974c545d7e8424eae6e64080a799fcf6cf3887a52c66fe9ef132718818e5db2daf9e68d2ec01bdffc16380204204b42692a36fed01cfa2fbcf7ec15347c1181ad8928e8cd7e8d8ab83b31f0c7462a13e62fa3f57e89ded227e903176d2d86969a88ac3e0a0a86506a1ad970838c0190ca339e71bdc639a7507812dcc08b75df9c660d872476272e22a5484f52c4118fbcf097916d4f84d013b22419c79894a19f858ce82b8ad23684d519da66012bc1d0ce4e3c007250a925c3b398acc500f80b12f064b8ac7111811ea8875d2b8f689cbeb2ea47d1a7e026277d5b8186e60ab01d18867f5646eb099d272863ab3e2b0bf77fd8197209301af81e78f55cdb64c5f74bdfffab1bf3f9825ed2cfe226722037cff31fce477a7752b267376d1349d700c30a39dc205c45ca9ab72f07512c420a790a2523e1927423d3d4297a982fe829f22a741690978cde35539052077ee42951b271c168d83cf9c0f8b474e8b6c2d16d90639f4647637e6313302028ac17e1b7242064539e0401957cc5b8297ce6f1cd2a901eed39492f1c3772dc0f9cca0a074e2c875337b452dcb03bda1c52eaef80bcf957404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + ], + "measurement": 1, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "e720f2d625ee3cabce61d583c8c4054e", + "83e8487025764348020264792b3d100f", + "0c8c76f65caf04ee0e22373be0d61ac5", + "fa6e2f2866078b31b90537e24416fad1", + "2aa44b74bb71c2548b15f78fb0d8a308", + "6fac2e4faa9a82029b9d39b72ec7a5a4", + "869eba63651472a34e9ac8faae398421", + "5d731a67081c36c4ff2a7130e611df5e", + "bb57ffcc3c44370131c88e16f74ad73e", + "c6a27c9c6c632820ba2ced4b0061bac1", + "83c43194cb8dd492735c763e54b8db10", + "143d28498127fcc54acce837c1d7f095", + "5c852ea368195f3a075cff32745e4c36", + "c68a06c8e5f6692f7668fc0688ee7b2f", + "cd1be9e341e8eb5fb5b976d4058a686f", + "56a1ed418b617499bd004287334052b4", + "b479ae311ef97b5fbdf7c285dbbd0261", + "234503e68f2902b94115adfcd6639945", + "c28b47c7ad2575473a55ff0d299326b7", + "e6f80364a4449715a002f0b0a84952fd", + "a92ed45cfe7bbd2cd7ba34a5ce185126", + "8c2a8852c64e0abd11500fe8c87c1bf3", + "d5e8a41b2794a64e56c44655aa8aa137", + "1984ca99584500a1b6d769b2d74409a3", + "c5718952c1bfb854e7a85c2a198afea1", + "5227b1172005f3b1b682767ef22a3a3b", + "1c6251cb9c4527426a4e48171c6cadf6", + "45573fefda9aed7e3548849f846481a6", + "ecac7d36be0e38ef28f6ae28909d229d", + "556a44cdbb4fa61bdb8f627c062b161b", + "c679640feee4c3d7584d20a6eb475f66", + "35680f4a6321ed9c0031f0523632dba7", + "2c349963f6f0a58f982b347d76388501", + "f6f0c16440230782fbb68c3605e94e1b", + "e01d6a321a353eeda86bbc36b2b89898", + "3cb994f99ebfd6d28a0c716e1a4710f1", + "3fad98148a00b7faf3c48c49cfbdb40f", + "bffe0b3167d2e01c8f227a0631843a94", + "eff15a613db675eeff55e451c37498fa", + "a4cf50c7cf5b51ff9e09715da14773e0", + "3a66869191058c64353056836665327b", + "74321e0a1191bf4f400d5e315548da71", + "08e40f80bea56f282d0d338e61449e9e", + "66b0d7b25e0735987966a4a7d1d1d092", + "34b74fed0bbf6fc996ad703dbf95cbc8", + "48d4d646f2cdc06fd956eb87de7fb213", + "431206b92387190aff870f4259a840de", + "9fd788a97451affebb1d2b65143c6107", + "d7a8e35b7a63905c9e16071d38ab6524", + "51e4c156fe074362bfe672079ee42e2a", + "264224d4c3090ae182088617fe2a87d4", + "93f6ebd36672456b3014d4c1bcafc105", + "ec77f9bedf1a62a7a82ef70396c5f767", + "dbd98873567275fac01a901016f214a2", + "768a06e71ae20736fb5f974a8efe8760", + "f4dc7e87f8223b451658ca0ef1ffa005", + "2637d542f00af9813a344a82ab700842", + "3f2be235dff4d6e37b055f8f5b78fe51", + "a994bfacdcbae1faabe006ac32a9ccf6", + "9d1e1d721fae8055c3f58392bd8200ed", + "d08cde43b01a6fe803f496d8beb595ef", + "1a121ed89f5cce5fb7f116c7bcfa1842", + "bd64fffe2ee5e89610d6e5fc6ff7b2e6", + "0c409a6a7bc15045a728a079c9d45368", + "2fa0907b916e3188ddae01baefa5521c", + "c966c6b9585fb4e68402792fc93e73b9", + "69f7e63743d20c2fd91bfcb938f342c2", + "985b8e1a19c25b7a2f002b236230dbce", + "bfae1a7b7d0940a193a5dec0edf39370", + "fa58d7ae88ed2afa51b60f2e70921814", + "9309753919e224d11b4804e1caf0254c", + "cee0a777b606f35aeb11831984019766", + "1afecb632982d79bd6ed52b743dfb0ef", + "62eecd1b7f94381c1acaaa007be45bd0", + "b7dec4325cc318b948c7302c5aad28d2", + "e4f8579ff92cfcc3c3a18f29386fc66a", + "e0b0b3990121c1aee83746f1a55a4aed", + "489fec02985c24cad582ebec7ba6c44d", + "2bf2c3e83071329ade2191d73b449ae8", + "7b408fead07c01593eae70c786f039d8", + "abf4a366e8e5571d0ebb06b7cc707a2e", + "c5306e3f76e97fab3a6c6dd975e74348", + "b8d4995868712714e3d10b74902a9d0c", + "d13b6b91b4347dc5af4d60ddea0e76bd", + "f4fd9815cd504434c9981d28bcf1bb22", + "ae66815774d4f003537d951a24a12c0a", + "e48218c6d31e954fe20f4334e0495d47", + "4950504fc9635cf5715c8efa06f93a81", + "67bc4607ebcc6e850c6aced635935b2f", + "354a4d2eff9c71cdd39798dffe596115", + "d89e901a43e0fabffd3f554f066c8212", + "add01fa47f79033aa175f4f8033057c4", + "f481381f3db1b5d9b2fd72e27aaecd2a", + "6568e5a724e4a699e89c287162eb44bb", + "f35efa71772f4fbb2650bd93ae4aa3a5", + "3192069c0734b4e9742e52955c819090", + "f3106af780bdd564036ddda405fe0a9e", + "9540e5787b7a3fde839f2375e091e63d", + "a54d6036c1bc50bf16efd6d198a0ff7d", + "df8c6d791d85ed885a53ecdee10ce40d" + ], + [ + "1adf0d29da11c354159e2a7c373bfab1", + "7f17b78fda89bcb7e1fd9b86d4c2eff0", + "f5738909a350fb11d5ddc8c41f29e53a", + "0791d0d799f874ce2afac81dbbe9052e", + "d75bb48b448e3dab58ea08704f275cf7", + "9253d1b055657dfd4862c648d1385a5b", + "7b61459c9aeb8d5c9565370551c67bde", + "a48ce598f7e3c93be4d48ecf19ee20a1", + "46a80033c3bbc8feb23771e908b528c1", + "3b5d8363939cd7df29d312b4ff9e453e", + "7e3bce6b34722b6d70a389c1ab4724ef", + "edc2d7b67ed8033a993317c83e280f6a", + "a57ad15c97e6a0c5dca300cd8ba1b3c9", + "3b75f9371a0996d06d9703f9771184d0", + "34e4161cbe1714a02e46892bfa759790", + "ab5e12be749e8b6626ffbd78ccbfad4b", + "4d8651cee10684a026083d7a2442fd9e", + "debafc1970d6fd46a2ea5203299c66ba", + "3f74b83852da8ab8a9aa00f2d66cd948", + "1b07fc9b5bbb68ea43fd0f4f57b6ad02", + "58d12ba3018442d30c45cb5a31e7aed9", + "75d577ad39b1f542d2aff0173783e40c", + "2c175be4d86b59b18d3bb9aa55755ec8", + "e87b3566a7baff5e2d28964d28bbf65c", + "3c8e76ad3e4047abfc56a3d5e675015e", + "afd84ee8dffa0c4e2d7d89810dd5c5c4", + "e59dae3463bad8bd79b1b7e8e3935209", + "bca8c01025651281aeb77b607b9b7e59", + "155382c941f1c710bb0951d76f62dd62", + "ac95bb3244b059e408709d83f9d4e9e4", + "3b869bf0111b3c288bb2df5914b8a099", + "cc97f0b59cde1263e3ce0fadc9cd2458", + "d5cb669c090f5a704bd4cb8289c77afe", + "0b0f3e9bbfdcf87de84873c9fa16b1e4", + "21e295cde5cac1123b9443c94d476767", + "c5466b066140292d59f38e91e5b8ef0e", + "c25267eb75ff4805f03a73b630424bf0", + "4201f4ce982d1fe354dd85f9ce7bc56b", + "120ea59ec2498a11e4a91bae3c8b6705", + "5d30af3830a4ae0045f68ea25eb88c1f", + "c799796e6efa739baecfa97c999acd84", + "8dcde1f5ee6e40b0a3f2a1ceaab7258e", + "f91bf07f415a90d7b6f2cc719ebb6161", + "9b4f284da1f8ca676a995b582e2e2f6d", + "cd48b012f44090364d528fc2406a3437", + "b92b29b90d323f900aa9147821804dec", + "beedf946dc78e6f5e477f0bda657bf21", + "622877568bae500128e2d49aebc39ef8", + "2a571ca4859c6fa345e9f8e2c7549adb", + "b01b3ea901f8bc9d24198df8611bd1d5", + "dbbddb2b3cf6f51e61f779e801d5782b", + "6e09142c998dba94b3eb2b3e43503efa", + "1588064120e59d583bd108fc693a0898", + "2626778ca98d8a0523e56fefe90deb5d", + "8b75f918e51df8c9e89f68b57101789f", + "0d23817807ddc4bacda735f10e005ffa", + "dbc82abd0ff5067ea9cbb57d548ff7bd", + "c2d41dca200b291c68faa070a48701ae", + "586b405323451e05381ff953cd563309", + "64e1e28de0517faa200a7c6d427dff12", + "317321bc4fe59017e00b6927414a6a10", + "e7ede12760a331a02c0ee9384305e7bd", + "449b0001d11a1769d3291a0390084d19", + "f5bf6595843eafba3cd75f86362bac97", + "d25f6f846e91ce770651fe45105aade3", + "38993946a7a04b195ffd86d036c18c46", + "980819c8bc2df3d00ae40346c70cbd3d", + "69a471e5e63da485b4ffd4dc9dcf2431", + "4251e58482f6bf5e505a213f120c6c8f", + "07a728517712d5059249f0d18f6de7eb", + "6ef68ac6e61ddb2ec8b7fb1e350fdab3", + "331f588849f90ca5f8ed7ce67bfe6899", + "e701349cd67d28640d12ad48bc204f10", + "9f1132e4806bc7e3c93555ff841ba42f", + "4a213bcda33ce7469b38cfd3a552d72d", + "1d07a86006d3033c205e70d6c7903995", + "214f4c66fede3e51fbc7b90e5aa5b512", + "b96013fd67a3db350e7d141384593bb2", + "d60d3c17cf8ecd6505de6e28c4bb6517", + "86bf70152f83fea6a5518f38790fc627", + "560b5c99171aa8e2d544f948338f85d1", + "3ccf91c089168054a99392268a18bcb7", + "492b66a7978ed8eb002ef48b6fd562f3", + "30c4946e4bcb823a34b29f2215f18942", + "0d0267ea32afbbcb1a67e2d7430e44dd", + "53997ea88b2b0ffc90826ae5db5ed3f5", + "1d7de7392ce16ab001f0bccb1fb6a2b8", + "b8afafb0369ca30a72a37105f906c57e", + "9a43b9f81433917ad7953129ca6ca4d0", + "ccb5b2d100638e321068672001a69eea", + "29616fe5bc1f0540e6bfaab0f9937ded", + "542fe05b8086fcc5428a0b07fccfa83b", + "0d7ec7e0c24e4a2631028d1d855132d5", + "9c971a58db1b5966fb62d78e9d14bb44", + "0ea1058e88d0b044bdaf426c51b55c5a", + "d06df963f8cb4b166fd1ad6aa37e6f6f", + "0eef95087f422a9be092225bfa01f561", + "6cbf1a878485c0216060dc8a1f6e19c2", + "5cb29fc93e43af40cd10292e675f0082", + "22739286e27a127789ac13211ef31bf2" + ] + ], + "prep_messages": [ + "53fdf4849decb971572e581c89b1ddf6dedbb87edb4e6b5d9370a01cf699f6cc" + ], + "prep_shares": [ + [ + "66e14d38c90694ecaed6e1e6e54ff37f27956e1c8eb8563e3aa9b40b4cb8a9ecae6456b732d066ab74d4f2da6dcaa2490bd8efabe604227964f93c7fda2018491ecf8c374260a2e8b02d42945d9a04dfb687ce23c5997481d638953ded113f6f1771b890a81981bd862ff9eb352d2c7a18671782ba5244a37a2d39459a4d569a388813e1976784d821d2babaedcd760dd5204e80577d20d34168d5c01313bceaeca51216da0b13cd6c9c7978189efda703eec10fa13a87a27255b92840afa37f2b6143d62e4e1229aa7f5ea7853901c661f14c6b32c050fefec7b32f27a2ceaa3521e9a9f0eb93b2a26dbdf9654d6c68e1293ae4a208fe272e7336755020396670a03cdeee9719af30cf68bd18cf728a9df3e85a22c27adf964ed51d038dc106db7b5dead163e4ce99128251a44a647610d1d4b9eb8091d09bc6fe90de2083138bc37948a39bc02ee7a80168be082b46868174607af7260d5656f7ff5993fa45a4861a1383ebd01daf71ae010ddf00beba2bdbdb6cd3ebb6f6204d65ce9ea173", + "9b1eb2c736f96b1335291e191ab00c80c5ba06833acc5108c3681f3504109c34cac1655435b03aec8c6f8aa8c6798e052bf97a5a52e23df7718591b64d320aa41db842439560a70ce333a273d4da9b3729d48da87a344ae6a1b2c90be9236a091d51e55b553ea3a4056d627a2e5b2cedfe7cbcc43dbc8fe68bd1a479a85c103b12ba32779614365afdfd645a8b3fa517b9acb02ac3578c21229abb1744b1e8385e4d60fbae27377187a09ee9d933ce0656ef0d0007407f00fa1a9346310776201f97bf8466cbf7dda8442d7f7af37c322ceee0da62e331f04df61b3d0cbd1aa4345318abde99a7db7b9fee2a33d5938dc06ed88de80271c3053baae1146d22bfe9761e56d960409a891124141f1ff5a1d04817116e0678eb7220a35867a8966f4c3d78cad0829883f6c1f520ec2808c7cb71c17db105475e07bd38e08574d5b70d61f8fc19a8f4829a1853b60eba481c3177450712ccb1da331bd9ad3fd98d3e40ae4be243e624b1ffde96162c2fa48392128bd79d2861098ffc5ab20af7ec18" + ] + ], + "public_share": "a4861a1383ebd01daf71ae010ddf00beba2bdbdb6cd3ebb6f6204d65ce9ea17340ae4be243e624b1ffde96162c2fa48392128bd79d2861098ffc5ab20af7ec18", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + }, + { + "input_shares": [ + "e720f2d625ee3cabce61d583c8c4054e82e8487025764348020264792b3d100f0d8c76f65caf04ee0e22373be0d61ac5fa6e2f2866078b31b90537e24416fad12aa44b74bb71c2548b15f78fb0d8a3086fac2e4faa9a82029b9d39b72ec7a5a4869eba63651472a34e9ac8faae3984215d731a67081c36c4ff2a7130e611df5ebb57ffcc3c44370131c88e16f74ad73ec6a27c9c6c632820ba2ced4b0061bac183c43194cb8dd492735c763e54b8db10143d28498127fcc54acce837c1d7f0955c852ea368195f3a075cff32745e4c36c68a06c8e5f6692f7668fc0688ee7b2fcd1be9e341e8eb5fb5b976d4058a686f56a1ed418b617499bd004287334052b4b479ae311ef97b5fbdf7c285dbbd0261234503e68f2902b94115adfcd6639945c28b47c7ad2575473a55ff0d299326b7e6f80364a4449715a002f0b0a84952fda92ed45cfe7bbd2cd7ba34a5ce1851268c2a8852c64e0abd11500fe8c87c1bf3d5e8a41b2794a64e56c44655aa8aa1371984ca99584500a1b6d769b2d74409a3c5718952c1bfb854e7a85c2a198afea15227b1172005f3b1b682767ef22a3a3b1c6251cb9c4527426a4e48171c6cadf645573fefda9aed7e3548849f846481a6ecac7d36be0e38ef28f6ae28909d229d556a44cdbb4fa61bdb8f627c062b161bc679640feee4c3d7584d20a6eb475f6635680f4a6321ed9c0031f0523632dba72c349963f6f0a58f982b347d76388501f6f0c16440230782fbb68c3605e94e1be01d6a321a353eeda86bbc36b2b898983cb994f99ebfd6d28a0c716e1a4710f13fad98148a00b7faf3c48c49cfbdb40fbffe0b3167d2e01c8f227a0631843a94eff15a613db675eeff55e451c37498faa4cf50c7cf5b51ff9e09715da14773e03a66869191058c64353056836665327b74321e0a1191bf4f400d5e315548da7108e40f80bea56f282d0d338e61449e9e66b0d7b25e0735987966a4a7d1d1d09234b74fed0bbf6fc996ad703dbf95cbc848d4d646f2cdc06fd956eb87de7fb213431206b92387190aff870f4259a840de9fd788a97451affebb1d2b65143c6107d7a8e35b7a63905c9e16071d38ab652451e4c156fe074362bfe672079ee42e2a264224d4c3090ae182088617fe2a87d493f6ebd36672456b3014d4c1bcafc105ec77f9bedf1a62a7a82ef70396c5f767dbd98873567275fac01a901016f214a2768a06e71ae20736fb5f974a8efe8760f4dc7e87f8223b451658ca0ef1ffa0052637d542f00af9813a344a82ab7008423f2be235dff4d6e37b055f8f5b78fe51a994bfacdcbae1faabe006ac32a9ccf69d1e1d721fae8055c3f58392bd8200edd08cde43b01a6fe803f496d8beb595ef1a121ed89f5cce5fb7f116c7bcfa1842bd64fffe2ee5e89610d6e5fc6ff7b2e60c409a6a7bc15045a728a079c9d453682fa0907b916e3188ddae01baefa5521cc966c6b9585fb4e68402792fc93e73b969f7e63743d20c2fd91bfcb938f342c2985b8e1a19c25b7a2f002b236230dbcebfae1a7b7d0940a193a5dec0edf39370fa58d7ae88ed2afa51b60f2e709218149309753919e224d11b4804e1caf0254ccee0a777b606f35aeb118319840197661afecb632982d79bd6ed52b743dfb0ef62eecd1b7f94381c1acaaa007be45bd0b7dec4325cc318b948c7302c5aad28d2e4f8579ff92cfcc3c3a18f29386fc66ae0b0b3990121c1aee83746f1a55a4aed489fec02985c24cad582ebec7ba6c44d2bf2c3e83071329ade2191d73b449ae87b408fead07c01593eae70c786f039d8abf4a366e8e5571d0ebb06b7cc707a2ec5306e3f76e97fab3a6c6dd975e74348b8d4995868712714e3d10b74902a9d0cd13b6b91b4347dc5af4d60ddea0e76bdf4fd9815cd504434c9981d28bcf1bb22ae66815774d4f003537d951a24a12c0ae48218c6d31e954fe20f4334e0495d474950504fc9635cf5715c8efa06f93a8167bc4607ebcc6e850c6aced635935b2f354a4d2eff9c71cdd39798dffe596115d89e901a43e0fabffd3f554f066c8212add01fa47f79033aa175f4f8033057c4f481381f3db1b5d9b2fd72e27aaecd2a6568e5a724e4a699e89c287162eb44bbf35efa71772f4fbb2650bd93ae4aa3a53192069c0734b4e9742e52955c819090f3106af780bdd564036ddda405fe0a9e9540e5787b7a3fde839f2375e091e63da54d6036c1bc50bf16efd6d198a0ff7ddf8c6d791d85ed885a53ecdee10ce40dd878d8b7b93954e80a0a008ae08698e74409c646c5089bf508d7b32589a4442c84c94b77dd83e10d4cbdcb0a8e9084ba58812ef6c40e078587f3c82140facd7e4a942a967e09580a4969fe4ff18a3c0156538253cf7271ee1be187ac03023eeb037d6b09093308cd5d6ebfccf11f43f9a9963431d1745088180bcd4d59e2bcb9241f4e73c5d72d390b47511a90b3e07f49dae42a11096070f11692f20f77c53b6067dba2171d959b5a2275debdd1a9c7a010efeb75b84ba5a7660b401376022d56817e423ccc9db1bc6b1d2b956782349d7c500986d7f0654e8fe3643715b99ec7334da180d4c011dcf727b2e0bacab1df94afd33a4b8f7bb66cda5811ea1500a00b158d660483287bc26bc04d01ae548ec804478df047de419cbfec2bde1051e1b50b8df92be4909a300094555983dcacf615ca79f394923721f1d9c3bf001a9f4d10c3a0130028e99c355bc4da57b4fa22195bda8151b0ae8901ceb458c28964b2d2d19d109d8c1c2a03dd251e4a2c48312ae66e609e3a8f4cc40d84d7f928a3f0ace6fc07e05ab17c01b9fa7906249d3c0d59e05cd71d020c7263100c4d3ece5cd1d7deb7255413ce7a2e20eb514ef6ee6a3af1bd50aece20562b0a1bf5f9f6d0801166978bbd9d6d17b9925cf7bf53a7385370f960daad1dafd4931eaa5b43ff628a3ae52b4e38067b0d1317954381a9fd9cd1581296425be048e507f51bc1febf332f32d8d3d0d77802b9de5e77963081199c99952dc46ca4e7f92c3986f64902d7dfd243dd388dfc44c95ce461d23684d519da66012bc1d0ce4e3c0072437ea43ce2ff34c688206fc5918c90b236c74664ca28fd0e50daefb7e025a934ab88e6dca644649fb870305df8ab2311461368f2fd837c9d8deedaa811e511ea2f417a2841e3c1796f5c3db316abd070bf049b98e27d023ee0351bc747622556e706968efac792a7792d37cc89ad154e464cd7a6e1fbe278b14d5509a5ed0046e6f1af095a53d238f0427efa87b64ad5ca7a0cc7f649f7be83731b85608946ef03ac01588a2af6533647e24c07b8d8654aeecffb6a2ba11603e101cc708ee80ecb4695457826ae70ce830a5622d3551d7e37eabac8ec2e735dbee213a5b26050e1bdc52d21f7be9578668d3044484180404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + ], + "measurement": 2, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "e720f2d625ee3cabce61d583c8c4054e", + "82e8487025764348020264792b3d100f", + "0d8c76f65caf04ee0e22373be0d61ac5", + "fa6e2f2866078b31b90537e24416fad1", + "2aa44b74bb71c2548b15f78fb0d8a308", + "6fac2e4faa9a82029b9d39b72ec7a5a4", + "869eba63651472a34e9ac8faae398421", + "5d731a67081c36c4ff2a7130e611df5e", + "bb57ffcc3c44370131c88e16f74ad73e", + "c6a27c9c6c632820ba2ced4b0061bac1", + "83c43194cb8dd492735c763e54b8db10", + "143d28498127fcc54acce837c1d7f095", + "5c852ea368195f3a075cff32745e4c36", + "c68a06c8e5f6692f7668fc0688ee7b2f", + "cd1be9e341e8eb5fb5b976d4058a686f", + "56a1ed418b617499bd004287334052b4", + "b479ae311ef97b5fbdf7c285dbbd0261", + "234503e68f2902b94115adfcd6639945", + "c28b47c7ad2575473a55ff0d299326b7", + "e6f80364a4449715a002f0b0a84952fd", + "a92ed45cfe7bbd2cd7ba34a5ce185126", + "8c2a8852c64e0abd11500fe8c87c1bf3", + "d5e8a41b2794a64e56c44655aa8aa137", + "1984ca99584500a1b6d769b2d74409a3", + "c5718952c1bfb854e7a85c2a198afea1", + "5227b1172005f3b1b682767ef22a3a3b", + "1c6251cb9c4527426a4e48171c6cadf6", + "45573fefda9aed7e3548849f846481a6", + "ecac7d36be0e38ef28f6ae28909d229d", + "556a44cdbb4fa61bdb8f627c062b161b", + "c679640feee4c3d7584d20a6eb475f66", + "35680f4a6321ed9c0031f0523632dba7", + "2c349963f6f0a58f982b347d76388501", + "f6f0c16440230782fbb68c3605e94e1b", + "e01d6a321a353eeda86bbc36b2b89898", + "3cb994f99ebfd6d28a0c716e1a4710f1", + "3fad98148a00b7faf3c48c49cfbdb40f", + "bffe0b3167d2e01c8f227a0631843a94", + "eff15a613db675eeff55e451c37498fa", + "a4cf50c7cf5b51ff9e09715da14773e0", + "3a66869191058c64353056836665327b", + "74321e0a1191bf4f400d5e315548da71", + "08e40f80bea56f282d0d338e61449e9e", + "66b0d7b25e0735987966a4a7d1d1d092", + "34b74fed0bbf6fc996ad703dbf95cbc8", + "48d4d646f2cdc06fd956eb87de7fb213", + "431206b92387190aff870f4259a840de", + "9fd788a97451affebb1d2b65143c6107", + "d7a8e35b7a63905c9e16071d38ab6524", + "51e4c156fe074362bfe672079ee42e2a", + "264224d4c3090ae182088617fe2a87d4", + "93f6ebd36672456b3014d4c1bcafc105", + "ec77f9bedf1a62a7a82ef70396c5f767", + "dbd98873567275fac01a901016f214a2", + "768a06e71ae20736fb5f974a8efe8760", + "f4dc7e87f8223b451658ca0ef1ffa005", + "2637d542f00af9813a344a82ab700842", + "3f2be235dff4d6e37b055f8f5b78fe51", + "a994bfacdcbae1faabe006ac32a9ccf6", + "9d1e1d721fae8055c3f58392bd8200ed", + "d08cde43b01a6fe803f496d8beb595ef", + "1a121ed89f5cce5fb7f116c7bcfa1842", + "bd64fffe2ee5e89610d6e5fc6ff7b2e6", + "0c409a6a7bc15045a728a079c9d45368", + "2fa0907b916e3188ddae01baefa5521c", + "c966c6b9585fb4e68402792fc93e73b9", + "69f7e63743d20c2fd91bfcb938f342c2", + "985b8e1a19c25b7a2f002b236230dbce", + "bfae1a7b7d0940a193a5dec0edf39370", + "fa58d7ae88ed2afa51b60f2e70921814", + "9309753919e224d11b4804e1caf0254c", + "cee0a777b606f35aeb11831984019766", + "1afecb632982d79bd6ed52b743dfb0ef", + "62eecd1b7f94381c1acaaa007be45bd0", + "b7dec4325cc318b948c7302c5aad28d2", + "e4f8579ff92cfcc3c3a18f29386fc66a", + "e0b0b3990121c1aee83746f1a55a4aed", + "489fec02985c24cad582ebec7ba6c44d", + "2bf2c3e83071329ade2191d73b449ae8", + "7b408fead07c01593eae70c786f039d8", + "abf4a366e8e5571d0ebb06b7cc707a2e", + "c5306e3f76e97fab3a6c6dd975e74348", + "b8d4995868712714e3d10b74902a9d0c", + "d13b6b91b4347dc5af4d60ddea0e76bd", + "f4fd9815cd504434c9981d28bcf1bb22", + "ae66815774d4f003537d951a24a12c0a", + "e48218c6d31e954fe20f4334e0495d47", + "4950504fc9635cf5715c8efa06f93a81", + "67bc4607ebcc6e850c6aced635935b2f", + "354a4d2eff9c71cdd39798dffe596115", + "d89e901a43e0fabffd3f554f066c8212", + "add01fa47f79033aa175f4f8033057c4", + "f481381f3db1b5d9b2fd72e27aaecd2a", + "6568e5a724e4a699e89c287162eb44bb", + "f35efa71772f4fbb2650bd93ae4aa3a5", + "3192069c0734b4e9742e52955c819090", + "f3106af780bdd564036ddda405fe0a9e", + "9540e5787b7a3fde839f2375e091e63d", + "a54d6036c1bc50bf16efd6d198a0ff7d", + "df8c6d791d85ed885a53ecdee10ce40d" + ], + [ + "1adf0d29da11c354159e2a7c373bfab1", + "7f17b78fda89bcb7e1fd9b86d4c2eff0", + "f5738909a350fb11d5ddc8c41f29e53a", + "0791d0d799f874ce2afac81dbbe9052e", + "d75bb48b448e3dab58ea08704f275cf7", + "9253d1b055657dfd4862c648d1385a5b", + "7b61459c9aeb8d5c9565370551c67bde", + "a48ce598f7e3c93be4d48ecf19ee20a1", + "46a80033c3bbc8feb23771e908b528c1", + "3b5d8363939cd7df29d312b4ff9e453e", + "7e3bce6b34722b6d70a389c1ab4724ef", + "edc2d7b67ed8033a993317c83e280f6a", + "a57ad15c97e6a0c5dca300cd8ba1b3c9", + "3b75f9371a0996d06d9703f9771184d0", + "34e4161cbe1714a02e46892bfa759790", + "ab5e12be749e8b6626ffbd78ccbfad4b", + "4d8651cee10684a026083d7a2442fd9e", + "debafc1970d6fd46a2ea5203299c66ba", + "3f74b83852da8ab8a9aa00f2d66cd948", + "1b07fc9b5bbb68ea43fd0f4f57b6ad02", + "58d12ba3018442d30c45cb5a31e7aed9", + "75d577ad39b1f542d2aff0173783e40c", + "2c175be4d86b59b18d3bb9aa55755ec8", + "e87b3566a7baff5e2d28964d28bbf65c", + "3c8e76ad3e4047abfc56a3d5e675015e", + "afd84ee8dffa0c4e2d7d89810dd5c5c4", + "e59dae3463bad8bd79b1b7e8e3935209", + "bca8c01025651281aeb77b607b9b7e59", + "155382c941f1c710bb0951d76f62dd62", + "ac95bb3244b059e408709d83f9d4e9e4", + "3b869bf0111b3c288bb2df5914b8a099", + "cc97f0b59cde1263e3ce0fadc9cd2458", + "d5cb669c090f5a704bd4cb8289c77afe", + "0b0f3e9bbfdcf87de84873c9fa16b1e4", + "21e295cde5cac1123b9443c94d476767", + "c5466b066140292d59f38e91e5b8ef0e", + "c25267eb75ff4805f03a73b630424bf0", + "4201f4ce982d1fe354dd85f9ce7bc56b", + "120ea59ec2498a11e4a91bae3c8b6705", + "5d30af3830a4ae0045f68ea25eb88c1f", + "c799796e6efa739baecfa97c999acd84", + "8dcde1f5ee6e40b0a3f2a1ceaab7258e", + "f91bf07f415a90d7b6f2cc719ebb6161", + "9b4f284da1f8ca676a995b582e2e2f6d", + "cd48b012f44090364d528fc2406a3437", + "b92b29b90d323f900aa9147821804dec", + "beedf946dc78e6f5e477f0bda657bf21", + "622877568bae500128e2d49aebc39ef8", + "2a571ca4859c6fa345e9f8e2c7549adb", + "b01b3ea901f8bc9d24198df8611bd1d5", + "dbbddb2b3cf6f51e61f779e801d5782b", + "6e09142c998dba94b3eb2b3e43503efa", + "1588064120e59d583bd108fc693a0898", + "2626778ca98d8a0523e56fefe90deb5d", + "8b75f918e51df8c9e89f68b57101789f", + "0d23817807ddc4bacda735f10e005ffa", + "dbc82abd0ff5067ea9cbb57d548ff7bd", + "c2d41dca200b291c68faa070a48701ae", + "586b405323451e05381ff953cd563309", + "64e1e28de0517faa200a7c6d427dff12", + "317321bc4fe59017e00b6927414a6a10", + "e7ede12760a331a02c0ee9384305e7bd", + "449b0001d11a1769d3291a0390084d19", + "f5bf6595843eafba3cd75f86362bac97", + "d25f6f846e91ce770651fe45105aade3", + "38993946a7a04b195ffd86d036c18c46", + "980819c8bc2df3d00ae40346c70cbd3d", + "69a471e5e63da485b4ffd4dc9dcf2431", + "4251e58482f6bf5e505a213f120c6c8f", + "07a728517712d5059249f0d18f6de7eb", + "6ef68ac6e61ddb2ec8b7fb1e350fdab3", + "331f588849f90ca5f8ed7ce67bfe6899", + "e701349cd67d28640d12ad48bc204f10", + "9f1132e4806bc7e3c93555ff841ba42f", + "4a213bcda33ce7469b38cfd3a552d72d", + "1d07a86006d3033c205e70d6c7903995", + "214f4c66fede3e51fbc7b90e5aa5b512", + "b96013fd67a3db350e7d141384593bb2", + "d60d3c17cf8ecd6505de6e28c4bb6517", + "86bf70152f83fea6a5518f38790fc627", + "560b5c99171aa8e2d544f948338f85d1", + "3ccf91c089168054a99392268a18bcb7", + "492b66a7978ed8eb002ef48b6fd562f3", + "30c4946e4bcb823a34b29f2215f18942", + "0d0267ea32afbbcb1a67e2d7430e44dd", + "53997ea88b2b0ffc90826ae5db5ed3f5", + "1d7de7392ce16ab001f0bccb1fb6a2b8", + "b8afafb0369ca30a72a37105f906c57e", + "9a43b9f81433917ad7953129ca6ca4d0", + "ccb5b2d100638e321068672001a69eea", + "29616fe5bc1f0540e6bfaab0f9937ded", + "542fe05b8086fcc5428a0b07fccfa83b", + "0d7ec7e0c24e4a2631028d1d855132d5", + "9c971a58db1b5966fb62d78e9d14bb44", + "0ea1058e88d0b044bdaf426c51b55c5a", + "d06df963f8cb4b166fd1ad6aa37e6f6f", + "0eef95087f422a9be092225bfa01f561", + "6cbf1a878485c0216060dc8a1f6e19c2", + "5cb29fc93e43af40cd10292e675f0082", + "22739286e27a127789ac13211ef31bf2" + ] + ], + "prep_messages": [ + "baa2841ddb7c9165f4a782633dd7e92b49dd1b3442de0069c780f74a63cb53e6" + ], + "prep_shares": [ + [ + "66e14d38c90694ecaed6e1e6e54ff37f27eba1c272bf7ca7ab0768e3d1f75404ae6456b732d066ab74d4f2da6dcaa2494b444ff6c14e6773609eabc32282d9d456cc565ec94950085319139daef29568e2fa6699702a0d3aa4018d71a3c28b9cdf73ee692130d39de44328e3e4d49af0a5bd4b6f62bb3357eacc129f8e358c99388813e1976784d821d2babaedcd760d02a6fce712900190c3b95ccee4938267eca51216da0b13cd6c9c7978189efda79f847e987c4b6a31778cd1466a2967e22b6143d62e4e1229aa7f5ea7853901c6d542b0d5ab0fd6de397ae38bf935dd3b3521e9a9f0eb93b2a26dbdf9654d6c68562725cf6aeea09fed87fe61ed35d8d570a03cdeee9719af30cf68bd18cf728ad989db144725a3b8b81f6c7f12c1af0bdb7b5dead163e4ce99128251a44a6476b4a46cee9fd105411657e6dd313dc90a8bc37948a39bc02ee7a80168be082b4667085e83d49c770521af5a4baff811b9fa66d5dbb62e46d22ecd373679b0025334b8c93cb5aca96774a571d0601ab77d", + "9b1eb2c736f96b1335291e191ab00c80c464d3dc55c52b9f6d0a6c5d7ed0f01ccac1655435b03aec8c6f8aa8c6798e053ee915cb8a8b70d1582b242961f39b401db842439560a70ce333a273d4da9b37dc5fc812448a68f27bf39ef221b32b8c1d51e55b553ea3a4056d627a2e5b2ced712688d79553a0321c32cb1fb474da3b12ba32779614365afdfd645a8b3fa5178c2702c30745ab64a048340a733022bc5e4d60fbae27377187a09ee9d933ce06bb5851772b2f9c71d9e37a28078db2bd1f97bf8466cbf7dda8442d7f7af37c32b79c7d70e993ac0f2f44ece039290c13345318abde99a7db7b9fee2a33d5938d4b71eda2201dce4b4626e2f47757834fe9761e56d960409a891124141f1ff5a194b2245749a34f12514f0cf75774a86a4c3d78cad0829883f6c1f520ec2808c7279e2949fdb4d2ed8c2c519332588fc00d61f8fc19a8f4829a1853b60eba481c3177450712ccb1da331bd9ad3fd98d3e40ae4be243e624b1ffde96162c2fa48392128bd79d2861098ffc5ab20af7ec18" + ] + ], + "public_share": "fa66d5dbb62e46d22ecd373679b0025334b8c93cb5aca96774a571d0601ab77d40ae4be243e624b1ffde96162c2fa48392128bd79d2861098ffc5ab20af7ec18", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + }, + { + "input_shares": [ + "e820f2d625ee3cabce61d583c8c4054e82e8487025764348020264792b3d100f0c8c76f65caf04ee0e22373be0d61ac5fa6e2f2866078b31b90537e24416fad12aa44b74bb71c2548b15f78fb0d8a3086fac2e4faa9a82029b9d39b72ec7a5a4869eba63651472a34e9ac8faae3984215d731a67081c36c4ff2a7130e611df5ebb57ffcc3c44370131c88e16f74ad73ec6a27c9c6c632820ba2ced4b0061bac183c43194cb8dd492735c763e54b8db10143d28498127fcc54acce837c1d7f0955c852ea368195f3a075cff32745e4c36c68a06c8e5f6692f7668fc0688ee7b2fcd1be9e341e8eb5fb5b976d4058a686f56a1ed418b617499bd004287334052b4b479ae311ef97b5fbdf7c285dbbd0261234503e68f2902b94115adfcd6639945c28b47c7ad2575473a55ff0d299326b7e6f80364a4449715a002f0b0a84952fda92ed45cfe7bbd2cd7ba34a5ce1851268c2a8852c64e0abd11500fe8c87c1bf3d5e8a41b2794a64e56c44655aa8aa1371984ca99584500a1b6d769b2d74409a3c5718952c1bfb854e7a85c2a198afea15227b1172005f3b1b682767ef22a3a3b1c6251cb9c4527426a4e48171c6cadf645573fefda9aed7e3548849f846481a6ecac7d36be0e38ef28f6ae28909d229d556a44cdbb4fa61bdb8f627c062b161bc679640feee4c3d7584d20a6eb475f6635680f4a6321ed9c0031f0523632dba72c349963f6f0a58f982b347d76388501f6f0c16440230782fbb68c3605e94e1be01d6a321a353eeda86bbc36b2b898983cb994f99ebfd6d28a0c716e1a4710f13fad98148a00b7faf3c48c49cfbdb40fbffe0b3167d2e01c8f227a0631843a94eff15a613db675eeff55e451c37498faa4cf50c7cf5b51ff9e09715da14773e03a66869191058c64353056836665327b74321e0a1191bf4f400d5e315548da7108e40f80bea56f282d0d338e61449e9e66b0d7b25e0735987966a4a7d1d1d09234b74fed0bbf6fc996ad703dbf95cbc848d4d646f2cdc06fd956eb87de7fb213431206b92387190aff870f4259a840de9fd788a97451affebb1d2b65143c6107d7a8e35b7a63905c9e16071d38ab652451e4c156fe074362bfe672079ee42e2a264224d4c3090ae182088617fe2a87d493f6ebd36672456b3014d4c1bcafc105ec77f9bedf1a62a7a82ef70396c5f767dbd98873567275fac01a901016f214a2768a06e71ae20736fb5f974a8efe8760f4dc7e87f8223b451658ca0ef1ffa0052637d542f00af9813a344a82ab7008423f2be235dff4d6e37b055f8f5b78fe51a994bfacdcbae1faabe006ac32a9ccf69d1e1d721fae8055c3f58392bd8200edd08cde43b01a6fe803f496d8beb595ef1a121ed89f5cce5fb7f116c7bcfa1842bd64fffe2ee5e89610d6e5fc6ff7b2e60c409a6a7bc15045a728a079c9d453682fa0907b916e3188ddae01baefa5521cc966c6b9585fb4e68402792fc93e73b969f7e63743d20c2fd91bfcb938f342c2985b8e1a19c25b7a2f002b236230dbcebfae1a7b7d0940a193a5dec0edf39370fa58d7ae88ed2afa51b60f2e709218149309753919e224d11b4804e1caf0254ccee0a777b606f35aeb118319840197661afecb632982d79bd6ed52b743dfb0ef62eecd1b7f94381c1acaaa007be45bd0b7dec4325cc318b948c7302c5aad28d2e4f8579ff92cfcc3c3a18f29386fc66ae0b0b3990121c1aee83746f1a55a4aed489fec02985c24cad582ebec7ba6c44d2bf2c3e83071329ade2191d73b449ae87b408fead07c01593eae70c786f039d8abf4a366e8e5571d0ebb06b7cc707a2ec5306e3f76e97fab3a6c6dd975e74348b8d4995868712714e3d10b74902a9d0cd13b6b91b4347dc5af4d60ddea0e76bdf4fd9815cd504434c9981d28bcf1bb22ae66815774d4f003537d951a24a12c0ae48218c6d31e954fe20f4334e0495d474950504fc9635cf5715c8efa06f93a8167bc4607ebcc6e850c6aced635935b2f354a4d2eff9c71cdd39798dffe596115d89e901a43e0fabffd3f554f066c8212add01fa47f79033aa175f4f8033057c4f481381f3db1b5d9b2fd72e27aaecd2a6568e5a724e4a699e89c287162eb44bbf35efa71772f4fbb2650bd93ae4aa3a53192069c0734b4e9742e52955c819090f3106af780bdd564036ddda405fe0a9e9540e5787b7a3fde839f2375e091e63da54d6036c1bc50bf16efd6d198a0ff7ddf8c6d791d85ed885a53ecdee10ce40dd878d8b7b93954e80a0a008ae08698e74409c646c5089bf508d7b32589a4442c84c94b77dd83e10d4cbdcb0a8e9084ba58812ef6c40e078587f3c82140facd7e4a942a967e09580a4969fe4ff18a3c0156538253cf7271ee1be187ac03023eeb037d6b09093308cd5d6ebfccf11f43f9a9963431d1745088180bcd4d59e2bcb9241f4e73c5d72d390b47511a90b3e07f49dae42a11096070f11692f20f77c53b6067dba2171d959b5a2275debdd1a9c7a010efeb75b84ba5a7660b401376022d56817e423ccc9db1bc6b1d2b956782349d7c500986d7f0654e8fe3643715b99ec7334da180d4c011dcf727b2e0bacab1df94afd33a4b8f7bb66cda5811ea1500a00b158d660483287bc26bc04d01ae548ec804478df047de419cbfec2bde1051e1b50b8df92be4909a300094555983dcacf615ca79f394923721f1d9c3bf001ad93e89cf70b750049d40bf4f5f5703784a5d5a60d7918cafb4415a98d9dc69dee763053753e06b715ebdd2bf303fd0791c77038ca967c886722fd5c76f65091139160af6525d206b6c8aea3f08d866ba4b0254d20b231f4f3eae6358fdfc94dbb43cf964e343f06614dc433770765b3bd75395f8d8759c1e79535686ee0aa06ef60f3735629bfdd883c4461496439d5aea53039970021213373e401bd16705c50e97b76c6532d8bf0fc04489d7ae2090b084cee663c1fd87cf57d40f9da1dd035236a8f76dc9c52aa5a2de290316b81f8bcb800861619f6dd87afb591b0c4748cada2ac5e756842f416cdfa2f3007807d23684d519da66012bc1d0ce4e3c0072098d2b30125ce4e9d47ce5d0f60fe5eee78c055fcd18c20f2e2297edbba101e029d7b377f17495ba5add607aed8a9dc371cd8e4cc37c5251c60bcaee255702029a1b1d19eb8d8169984e542c094d70da123f541fb7b7ba0c889329d25a71ddb801276e01f63bc894781f6ec339220c6165e7ace8f9439708071b55aec0fd55d1e5b2f9e55d4f601d26ec4e9f84cfa43a33ce4181f6404686fa528a3e2340eb853814ad755fdd49e25e8d18d142204d191b13ffb1d8c2b52476e40d05b9f4ff263a0fad81398fc019fab8a42ed89bfc74899ceacb0325253349b08ba183d3528e0d2d9d3f19737e437087aad219a4adda404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + ], + "measurement": 0, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "e820f2d625ee3cabce61d583c8c4054e", + "82e8487025764348020264792b3d100f", + "0c8c76f65caf04ee0e22373be0d61ac5", + "fa6e2f2866078b31b90537e24416fad1", + "2aa44b74bb71c2548b15f78fb0d8a308", + "6fac2e4faa9a82029b9d39b72ec7a5a4", + "869eba63651472a34e9ac8faae398421", + "5d731a67081c36c4ff2a7130e611df5e", + "bb57ffcc3c44370131c88e16f74ad73e", + "c6a27c9c6c632820ba2ced4b0061bac1", + "83c43194cb8dd492735c763e54b8db10", + "143d28498127fcc54acce837c1d7f095", + "5c852ea368195f3a075cff32745e4c36", + "c68a06c8e5f6692f7668fc0688ee7b2f", + "cd1be9e341e8eb5fb5b976d4058a686f", + "56a1ed418b617499bd004287334052b4", + "b479ae311ef97b5fbdf7c285dbbd0261", + "234503e68f2902b94115adfcd6639945", + "c28b47c7ad2575473a55ff0d299326b7", + "e6f80364a4449715a002f0b0a84952fd", + "a92ed45cfe7bbd2cd7ba34a5ce185126", + "8c2a8852c64e0abd11500fe8c87c1bf3", + "d5e8a41b2794a64e56c44655aa8aa137", + "1984ca99584500a1b6d769b2d74409a3", + "c5718952c1bfb854e7a85c2a198afea1", + "5227b1172005f3b1b682767ef22a3a3b", + "1c6251cb9c4527426a4e48171c6cadf6", + "45573fefda9aed7e3548849f846481a6", + "ecac7d36be0e38ef28f6ae28909d229d", + "556a44cdbb4fa61bdb8f627c062b161b", + "c679640feee4c3d7584d20a6eb475f66", + "35680f4a6321ed9c0031f0523632dba7", + "2c349963f6f0a58f982b347d76388501", + "f6f0c16440230782fbb68c3605e94e1b", + "e01d6a321a353eeda86bbc36b2b89898", + "3cb994f99ebfd6d28a0c716e1a4710f1", + "3fad98148a00b7faf3c48c49cfbdb40f", + "bffe0b3167d2e01c8f227a0631843a94", + "eff15a613db675eeff55e451c37498fa", + "a4cf50c7cf5b51ff9e09715da14773e0", + "3a66869191058c64353056836665327b", + "74321e0a1191bf4f400d5e315548da71", + "08e40f80bea56f282d0d338e61449e9e", + "66b0d7b25e0735987966a4a7d1d1d092", + "34b74fed0bbf6fc996ad703dbf95cbc8", + "48d4d646f2cdc06fd956eb87de7fb213", + "431206b92387190aff870f4259a840de", + "9fd788a97451affebb1d2b65143c6107", + "d7a8e35b7a63905c9e16071d38ab6524", + "51e4c156fe074362bfe672079ee42e2a", + "264224d4c3090ae182088617fe2a87d4", + "93f6ebd36672456b3014d4c1bcafc105", + "ec77f9bedf1a62a7a82ef70396c5f767", + "dbd98873567275fac01a901016f214a2", + "768a06e71ae20736fb5f974a8efe8760", + "f4dc7e87f8223b451658ca0ef1ffa005", + "2637d542f00af9813a344a82ab700842", + "3f2be235dff4d6e37b055f8f5b78fe51", + "a994bfacdcbae1faabe006ac32a9ccf6", + "9d1e1d721fae8055c3f58392bd8200ed", + "d08cde43b01a6fe803f496d8beb595ef", + "1a121ed89f5cce5fb7f116c7bcfa1842", + "bd64fffe2ee5e89610d6e5fc6ff7b2e6", + "0c409a6a7bc15045a728a079c9d45368", + "2fa0907b916e3188ddae01baefa5521c", + "c966c6b9585fb4e68402792fc93e73b9", + "69f7e63743d20c2fd91bfcb938f342c2", + "985b8e1a19c25b7a2f002b236230dbce", + "bfae1a7b7d0940a193a5dec0edf39370", + "fa58d7ae88ed2afa51b60f2e70921814", + "9309753919e224d11b4804e1caf0254c", + "cee0a777b606f35aeb11831984019766", + "1afecb632982d79bd6ed52b743dfb0ef", + "62eecd1b7f94381c1acaaa007be45bd0", + "b7dec4325cc318b948c7302c5aad28d2", + "e4f8579ff92cfcc3c3a18f29386fc66a", + "e0b0b3990121c1aee83746f1a55a4aed", + "489fec02985c24cad582ebec7ba6c44d", + "2bf2c3e83071329ade2191d73b449ae8", + "7b408fead07c01593eae70c786f039d8", + "abf4a366e8e5571d0ebb06b7cc707a2e", + "c5306e3f76e97fab3a6c6dd975e74348", + "b8d4995868712714e3d10b74902a9d0c", + "d13b6b91b4347dc5af4d60ddea0e76bd", + "f4fd9815cd504434c9981d28bcf1bb22", + "ae66815774d4f003537d951a24a12c0a", + "e48218c6d31e954fe20f4334e0495d47", + "4950504fc9635cf5715c8efa06f93a81", + "67bc4607ebcc6e850c6aced635935b2f", + "354a4d2eff9c71cdd39798dffe596115", + "d89e901a43e0fabffd3f554f066c8212", + "add01fa47f79033aa175f4f8033057c4", + "f481381f3db1b5d9b2fd72e27aaecd2a", + "6568e5a724e4a699e89c287162eb44bb", + "f35efa71772f4fbb2650bd93ae4aa3a5", + "3192069c0734b4e9742e52955c819090", + "f3106af780bdd564036ddda405fe0a9e", + "9540e5787b7a3fde839f2375e091e63d", + "a54d6036c1bc50bf16efd6d198a0ff7d", + "df8c6d791d85ed885a53ecdee10ce40d" + ], + [ + "1adf0d29da11c354159e2a7c373bfab1", + "7f17b78fda89bcb7e1fd9b86d4c2eff0", + "f5738909a350fb11d5ddc8c41f29e53a", + "0791d0d799f874ce2afac81dbbe9052e", + "d75bb48b448e3dab58ea08704f275cf7", + "9253d1b055657dfd4862c648d1385a5b", + "7b61459c9aeb8d5c9565370551c67bde", + "a48ce598f7e3c93be4d48ecf19ee20a1", + "46a80033c3bbc8feb23771e908b528c1", + "3b5d8363939cd7df29d312b4ff9e453e", + "7e3bce6b34722b6d70a389c1ab4724ef", + "edc2d7b67ed8033a993317c83e280f6a", + "a57ad15c97e6a0c5dca300cd8ba1b3c9", + "3b75f9371a0996d06d9703f9771184d0", + "34e4161cbe1714a02e46892bfa759790", + "ab5e12be749e8b6626ffbd78ccbfad4b", + "4d8651cee10684a026083d7a2442fd9e", + "debafc1970d6fd46a2ea5203299c66ba", + "3f74b83852da8ab8a9aa00f2d66cd948", + "1b07fc9b5bbb68ea43fd0f4f57b6ad02", + "58d12ba3018442d30c45cb5a31e7aed9", + "75d577ad39b1f542d2aff0173783e40c", + "2c175be4d86b59b18d3bb9aa55755ec8", + "e87b3566a7baff5e2d28964d28bbf65c", + "3c8e76ad3e4047abfc56a3d5e675015e", + "afd84ee8dffa0c4e2d7d89810dd5c5c4", + "e59dae3463bad8bd79b1b7e8e3935209", + "bca8c01025651281aeb77b607b9b7e59", + "155382c941f1c710bb0951d76f62dd62", + "ac95bb3244b059e408709d83f9d4e9e4", + "3b869bf0111b3c288bb2df5914b8a099", + "cc97f0b59cde1263e3ce0fadc9cd2458", + "d5cb669c090f5a704bd4cb8289c77afe", + "0b0f3e9bbfdcf87de84873c9fa16b1e4", + "21e295cde5cac1123b9443c94d476767", + "c5466b066140292d59f38e91e5b8ef0e", + "c25267eb75ff4805f03a73b630424bf0", + "4201f4ce982d1fe354dd85f9ce7bc56b", + "120ea59ec2498a11e4a91bae3c8b6705", + "5d30af3830a4ae0045f68ea25eb88c1f", + "c799796e6efa739baecfa97c999acd84", + "8dcde1f5ee6e40b0a3f2a1ceaab7258e", + "f91bf07f415a90d7b6f2cc719ebb6161", + "9b4f284da1f8ca676a995b582e2e2f6d", + "cd48b012f44090364d528fc2406a3437", + "b92b29b90d323f900aa9147821804dec", + "beedf946dc78e6f5e477f0bda657bf21", + "622877568bae500128e2d49aebc39ef8", + "2a571ca4859c6fa345e9f8e2c7549adb", + "b01b3ea901f8bc9d24198df8611bd1d5", + "dbbddb2b3cf6f51e61f779e801d5782b", + "6e09142c998dba94b3eb2b3e43503efa", + "1588064120e59d583bd108fc693a0898", + "2626778ca98d8a0523e56fefe90deb5d", + "8b75f918e51df8c9e89f68b57101789f", + "0d23817807ddc4bacda735f10e005ffa", + "dbc82abd0ff5067ea9cbb57d548ff7bd", + "c2d41dca200b291c68faa070a48701ae", + "586b405323451e05381ff953cd563309", + "64e1e28de0517faa200a7c6d427dff12", + "317321bc4fe59017e00b6927414a6a10", + "e7ede12760a331a02c0ee9384305e7bd", + "449b0001d11a1769d3291a0390084d19", + "f5bf6595843eafba3cd75f86362bac97", + "d25f6f846e91ce770651fe45105aade3", + "38993946a7a04b195ffd86d036c18c46", + "980819c8bc2df3d00ae40346c70cbd3d", + "69a471e5e63da485b4ffd4dc9dcf2431", + "4251e58482f6bf5e505a213f120c6c8f", + "07a728517712d5059249f0d18f6de7eb", + "6ef68ac6e61ddb2ec8b7fb1e350fdab3", + "331f588849f90ca5f8ed7ce67bfe6899", + "e701349cd67d28640d12ad48bc204f10", + "9f1132e4806bc7e3c93555ff841ba42f", + "4a213bcda33ce7469b38cfd3a552d72d", + "1d07a86006d3033c205e70d6c7903995", + "214f4c66fede3e51fbc7b90e5aa5b512", + "b96013fd67a3db350e7d141384593bb2", + "d60d3c17cf8ecd6505de6e28c4bb6517", + "86bf70152f83fea6a5518f38790fc627", + "560b5c99171aa8e2d544f948338f85d1", + "3ccf91c089168054a99392268a18bcb7", + "492b66a7978ed8eb002ef48b6fd562f3", + "30c4946e4bcb823a34b29f2215f18942", + "0d0267ea32afbbcb1a67e2d7430e44dd", + "53997ea88b2b0ffc90826ae5db5ed3f5", + "1d7de7392ce16ab001f0bccb1fb6a2b8", + "b8afafb0369ca30a72a37105f906c57e", + "9a43b9f81433917ad7953129ca6ca4d0", + "ccb5b2d100638e321068672001a69eea", + "29616fe5bc1f0540e6bfaab0f9937ded", + "542fe05b8086fcc5428a0b07fccfa83b", + "0d7ec7e0c24e4a2631028d1d855132d5", + "9c971a58db1b5966fb62d78e9d14bb44", + "0ea1058e88d0b044bdaf426c51b55c5a", + "d06df963f8cb4b166fd1ad6aa37e6f6f", + "0eef95087f422a9be092225bfa01f561", + "6cbf1a878485c0216060dc8a1f6e19c2", + "5cb29fc93e43af40cd10292e675f0082", + "22739286e27a127789ac13211ef31bf2" + ] + ], + "prep_messages": [ + "774e1ebb45b1c0e11bf01b23d0a2f1822a68e27345e3f5ff256e9253dad417ad" + ], + "prep_shares": [ + [ + "66e14d38c90694ecaed6e1e6e54ff37f626cd891b3b1ffe20bacaa5741a9b19676678c90abe6b88bd2e821d21c7211c061da7b45ff16d851eb4ef88cc3f89ecd56cc565ec94950085319139daef295682a34ee3b89f4b71ca6e8bf5930ff033b1771b890a81981bd862ff9eb352d2c7a7f98b8e30631d46d75eda32a07f681fa388813e1976784d821d2babaedcd760dba72a20438b47e581667aed24ff37a22eca51216da0b13cd6c9c7978189efda7293867a3a10cde89e65ac695e94983832b6143d62e4e1229aa7f5ea7853901c6046e04bf993f1b75c67623131ff658f43521e9a9f0eb93b2a26dbdf9654d6c6859ebb4f2ba4cece36f8bd4d93ad9fb5970a03cdeee9719af30cf68bd18cf728ad26a549be48bd7203945fb904d6aed93db7b5dead163e4ce99128251a44a6476921b916493511ee254c5c44bd0793bcd8bc37948a39bc02ee7a80168be082b46ccbeeadfaa954a31a899367aed48f364225526ab0a748466845abda64883baf691a577e092b36c8178a3e3c4f7fecc79", + "9b1eb2c736f96b1335291e191ab00c80e550c1b959b141150218275087013144cac1655435b03aec8c6f8aa8c6798e052853e97b4dc3fff2cd7ad75fc07cd6471db842439560a70ce333a273d4da9b37b5276e90b6d9064bd2029fefa536a53d1d51e55b553ea3a4056d627a2e5b2ced984b1b63f1ddff1b75113a943bb4e4da12ba32779614365afdfd645a8b3fa517d35a5ca6e2202e9c699be20508d129015e4d60fbae27377187a09ee9d933ce0630a5686c066e2819861586d9876c961c1f97bf8466cbf7dda8442d7f7af37c3289712987fb6367798647ac591469905a345318abde99a7db7b9fee2a33d5938d48ad5d7fd0be8207c4220c7d2ab45fcbe9761e56d960409a891124141f1ff5a19cd1abd0ab3c1baab4297de51ccb6ae24c3d78cad0829883f6c1f520ec2808c74a2705d30935ba4c32be7225941b1dfe0d61f8fc19a8f4829a1853b60eba481c3177450712ccb1da331bd9ad3fd98d3e40ae4be243e624b1ffde96162c2fa48392128bd79d2861098ffc5ab20af7ec18" + ] + ], + "public_share": "225526ab0a748466845abda64883baf691a577e092b36c8178a3e3c4f7fecc7940ae4be243e624b1ffde96162c2fa48392128bd79d2861098ffc5ab20af7ec18", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + } + ], + "shares": 2, + "verify_key": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" +} diff --git a/src/vdaf/test_vec/13/Prio3MultihotCountVec_0.json b/src/vdaf/test_vec/13/Prio3MultihotCountVec_0.json new file mode 100644 index 000000000..8fdb1baa2 --- /dev/null +++ b/src/vdaf/test_vec/13/Prio3MultihotCountVec_0.json @@ -0,0 +1,59 @@ +{ + "agg_param": "", + "agg_result": [ + 0, + 1, + 1, + 0 + ], + "agg_shares": [ + "e2bb7419a8ac96a1c6def1bed78dcb074557af87236442363aa49be4fd351b11b64bede210be55b253caa20a0f75703e295aa329cd650b825d3d4492d46d2fb3", + "1f448be65753695e1d210e41287234f8bda85078dc9bbdc9a95b641b02cae4ee4cb4121def41aa4d90355df5f08a8fc1d8a55cd6329af47d86c2bb6d2b92d04c" + ], + "chunk_length": 2, + "ctx": "736f6d65206170706c69636174696f6e", + "length": 4, + "max_weight": 2, + "prep": [ + { + "input_shares": [ + "e2bb7419a8ac96a1c6def1bed78dcb074557af87236442363aa49be4fd351b11b64bede210be55b253caa20a0f75703e295aa329cd650b825d3d4492d46d2fb362d5c7a84cb3dc77420ae9fb319a83b91a5ed94b3fee03d209e78f1b2561041a66cf7dff4a43e15165bcaed22955b547461b80bb28663b502ad8b1536aa6d3cffdd56552a27dab37d3921be5ad85e990d6182143dd4b359053d6b41b58a260a36444c50596526e58032cf8d75335a776d8e856f751d5b9972dcb6d5e9df41e1a13612efca2bf4dc3a35d88e64bde741e93d680d9a3e0261d17a21ccdee91bde85440901071218a3ab71661cef25d4275b17fdfedfdd8a9e6e48a0ebcb73f8fec09f6945689cb0a789221792d689e2ab2404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + ], + "measurement": [ + false, + true, + true, + false + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "e2bb7419a8ac96a1c6def1bed78dcb07", + "4557af87236442363aa49be4fd351b11", + "b64bede210be55b253caa20a0f75703e", + "295aa329cd650b825d3d4492d46d2fb3" + ], + [ + "1f448be65753695e1d210e41287234f8", + "bda85078dc9bbdc9a95b641b02cae4ee", + "4cb4121def41aa4d90355df5f08a8fc1", + "d8a55cd6329af47d86c2bb6d2b92d04c" + ] + ], + "prep_messages": [ + "407dd84e19e24c5dd58e2a735bade1c3feaa768f055f553e0767e8f8066ddc8b" + ], + "prep_shares": [ + [ + "0c82e0cc5f690b9caafa428dd6d85ec0cb91386cb2e980e5475e84dc83a874724d0ec28fc8583fcd3d2049ed82fe4cb49b774302bf9e3f22840fdcae9eda08edf34af1e39cf607549e72d9603c9064bd1ce6bcc5c3cff0cd2404afaa25d39fbef626f32389f3abd8f1007f22683246938f85d46fdcf067e79c9b6b088a0c70ba", + "f57d1f33a096f4633905bd722927a13f27c3d26278454e1a5238c31d07b79cfb65698f64c871fc3ae4f3ec5c948d0436d2d857e9751199e9364d6f9097174bf6f551d066f30ae33ed61f9b4bed3609d6fd20479675bf4583e46fa4df4e93182f5728b4e324470bb29993bf18e20714421c8e06f4c0622e3641eb50f24fed1117" + ] + ], + "public_share": "f626f32389f3abd8f1007f22683246938f85d46fdcf067e79c9b6b088a0c70ba5728b4e324470bb29993bf18e20714421c8e06f4c0622e3641eb50f24fed1117", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + } + ], + "shares": 2, + "verify_key": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" +} diff --git a/src/vdaf/test_vec/13/Prio3MultihotCountVec_1.json b/src/vdaf/test_vec/13/Prio3MultihotCountVec_1.json new file mode 100644 index 000000000..127c76377 --- /dev/null +++ b/src/vdaf/test_vec/13/Prio3MultihotCountVec_1.json @@ -0,0 +1,113 @@ +{ + "agg_param": "", + "agg_result": [ + 0, + 1, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 1 + ], + "agg_shares": [ + "781bcdf49ab6cc3905ddc9468ba3770da93b52b6850a6d98fda820b899e3b66db99c81ef1b1c865cb5efd83a31c2f04aece94430b7ca762c1d136c4b324ccb133c414a50f7c6842f5ace7c4e063a40a143d8d7d2a451a3a38efe662c928909bb51615b73d0634675c28073fe8bbc903ed3aafb155bc2662a9f3a62e83641da00da4853618f6664e1553c949cc5b836685f02f3396816e79747e3be5fbc28e193", + "1f448be65753695e1d210e41287234f8bda85078dc9bbdc9a95b641b02cae4ee4cb4121def41aa4d90355df5f08a8fc1d8a55cd6329af47d86c2bb6d2b92d04ca02a3857b34c2388a1f51604ce657c46e8a126b4c011fc2dda1870e4da9efbe54ecaad63670383735c9147d029a5ce03f744adcd817d8b8193701eb0e5205a85c5dfa58103daa2c7b771ceea8337b2214082f4c93b0bc641415917797dbc38e2", + "ff2f6b009697e49299e90da15ae5290a2942cae56bd275a2d8f03559a786b6f201695f5dc2ffc6494de65a25135f6dad9a94d87862672aa862450f061067d3abda47a8cbb895558b4ffc871bb1abe7f6d68d52c7927b3f5462d4c91b100a4acbb29c41730607fea082660c46ca6921ca52dc64d21f01a65da0e10e20647d07d56487f50aac1a09052234e204a03d30561d8abcc6d4e4b3d6c801b5b1a584553c", + "6c703c24775ee5d40b181ad7f1042af075d992eb31875ffb2b0a45d3bccbadb0fc450c9632a2080c35f46eaaca531246a4db8580b3336aadc1e4c84092ba90f34c4cd58c9c5602bd7c3fe4917ab45b2102f8aeb1072121dae0135fd382cdb093b137b5b5c1913876268738eb7f347ff3e633f24903bf67f6f47270477f20c4a4fe4f1112c1a4ef51b41dbb7316d2e61f47f15b3587f99e4f76c174752096904d" + ], + "chunk_length": 3, + "ctx": "736f6d65206170706c69636174696f6e", + "length": 10, + "max_weight": 2, + "prep": [ + { + "input_shares": [ + "781bcdf49ab6cc3905ddc9468ba3770da93b52b6850a6d98fda820b899e3b66db99c81ef1b1c865cb5efd83a31c2f04aece94430b7ca762c1d136c4b324ccb133c414a50f7c6842f5ace7c4e063a40a143d8d7d2a451a3a38efe662c928909bb51615b73d0634675c28073fe8bbc903ed3aafb155bc2662a9f3a62e83641da00da4853618f6664e1553c949cc5b836685f02f3396816e79747e3be5fbc28e193d6ef25e6111cbe64d8aa9bb7d1e45d4018d4e09983efb42009e731d7876edd0fb51db5d367cba65352cd4e8a467599c00ffffc9ce9bd8fc86b6cd630c0acf18e79dca744bc07b49fb78affea16190c112049cc4bbc5ccaf14c4a2f96c38b60f3f8fe14301095168d635be5bf3265507825c030369182e08d747fc6b9d0353f89e4ac4b881c81cf8d0721196a71068b3c28c753ec8fcb7b0446ad514a92136515c16f287f616ba0f83d1c6f06774886e2b21e0fe7e34f6b7d076bcda1e515f6a5d9912f0526f0ed0751f25648ba2b3b2119bf68d6746da1030416f32cefe8259cb0fc365b409eb8dc0640ef36a2aeef3124b3dbf37e6eaddde55b4d9dff1d13a65e8874c77d8ba000a934a6c2220d9b22106db138a2024fb830146e74c385964dcde91517e010303ad4c575ded39da50f25f36b2756145ebffb50f591935cd81274705ab2a21ab3b52b72689817c2eeb50ddb567e4947035aeafbdca5707a27ef0189eefa973d7c70bf542004e4eedcb5c0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedf", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f", + "404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f", + "808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebf" + ], + "measurement": [ + false, + true, + false, + false, + false, + false, + false, + false, + false, + true + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "781bcdf49ab6cc3905ddc9468ba3770d", + "a93b52b6850a6d98fda820b899e3b66d", + "b99c81ef1b1c865cb5efd83a31c2f04a", + "ece94430b7ca762c1d136c4b324ccb13", + "3c414a50f7c6842f5ace7c4e063a40a1", + "43d8d7d2a451a3a38efe662c928909bb", + "51615b73d0634675c28073fe8bbc903e", + "d3aafb155bc2662a9f3a62e83641da00", + "da4853618f6664e1553c949cc5b83668", + "5f02f3396816e79747e3be5fbc28e193" + ], + [ + "1f448be65753695e1d210e41287234f8", + "bda85078dc9bbdc9a95b641b02cae4ee", + "4cb4121def41aa4d90355df5f08a8fc1", + "d8a55cd6329af47d86c2bb6d2b92d04c", + "a02a3857b34c2388a1f51604ce657c46", + "e8a126b4c011fc2dda1870e4da9efbe5", + "4ecaad63670383735c9147d029a5ce03", + "f744adcd817d8b8193701eb0e5205a85", + "c5dfa58103daa2c7b771ceea8337b221", + "4082f4c93b0bc641415917797dbc38e2" + ], + [ + "ff2f6b009697e49299e90da15ae5290a", + "2942cae56bd275a2d8f03559a786b6f2", + "01695f5dc2ffc6494de65a25135f6dad", + "9a94d87862672aa862450f061067d3ab", + "da47a8cbb895558b4ffc871bb1abe7f6", + "d68d52c7927b3f5462d4c91b100a4acb", + "b29c41730607fea082660c46ca6921ca", + "52dc64d21f01a65da0e10e20647d07d5", + "6487f50aac1a09052234e204a03d3056", + "1d8abcc6d4e4b3d6c801b5b1a584553c" + ], + [ + "6c703c24775ee5d40b181ad7f1042af0", + "75d992eb31875ffb2b0a45d3bccbadb0", + "fc450c9632a2080c35f46eaaca531246", + "a4db8580b3336aadc1e4c84092ba90f3", + "4c4cd58c9c5602bd7c3fe4917ab45b21", + "02f8aeb1072121dae0135fd382cdb093", + "b137b5b5c1913876268738eb7f347ff3", + "e633f24903bf67f6f47270477f20c4a4", + "fe4f1112c1a4ef51b41dbb7316d2e61f", + "47f15b3587f99e4f76c174752096904d" + ] + ], + "prep_messages": [ + "aa3d8e6257c466bc3173d454e46493c662d2e2377c60b1eb53808cdc231e8292" + ], + "prep_shares": [ + [ + "3d641c737846ac6347415a39f0460706161b78f45441c4f571c675ad977c1e569acfdbefed88b73e37d374da9b35abf7001afb1320dc90678b166811f357c7ec30a0a8be486b56d79d35d4a84f5e51864b829f9c74d386e114fd8592d083b93313a2198ec71058793b0405c971d3f9bca7c044481ad26366abdf9a305efe9eeefe81d25365b05a7d6f2cfd118c387e52584e3fc90e73acc0c17673b63bf98656", + "ff861e22d4bedb6cb50fd8d45398283fc31e12b09efa9b1d25f9c9b1ae98d2df263eebbea09201393c0c4f56e4797c22bf656006ee88b2a3873340c5821753d0bab172e5a332467bc77ff5bb585c4209900f1790247cd23eb1c3d4a0e314466cf96c4358c10e3d54bcdb9cf9fe3421d302c84b82f9b7aacbce9c9411539265961c03081b9e0b8b0a5dfdec6485969578f8704a628d19d074992f4a7374e9d534", + "0f67a601dcedd6767d4d28a6ccf47249444fb33d24d5949ed3691d49e1b87f4f3c3d080f87ea23f04d73dd2d65a2c058b221d50bbe74a3fb8ce8b7dc8c4fcb9cff59b081e848f598fd8256091b56b30cc9ad83d14e35b4aa58390d0deecbc452ca662416b4648fa177154ea775bf07e09f45276e775cb1105c81ef86c26e3b00d462ef6d88b6578c2b1ffb6471ab9d20379901919c448fb43c4463b26de3422d", + "b6ad1e69d70ca1b86961a54bef2b5d71e42954395b808a34b8747594131bf6212199d7d40829fdff5745dffd4fdf781fd9cad9d28c45e8053b25a5955b941fb6ae0172cfc2bd07f81108815a8772bf0ecf24fa93147007bdae65fb6384544be21e13d421a9685db56769a24a029d4791a8207cddd30e695e44c1fd9c9eac1ab10ff631cd5510a3b15c117d3914e8943dee24437b6abc6c04bd58b4d6239185aa" + ] + ], + "public_share": "fe81d25365b05a7d6f2cfd118c387e52584e3fc90e73acc0c17673b63bf986561c03081b9e0b8b0a5dfdec6485969578f8704a628d19d074992f4a7374e9d534d462ef6d88b6578c2b1ffb6471ab9d20379901919c448fb43c4463b26de3422d0ff631cd5510a3b15c117d3914e8943dee24437b6abc6c04bd58b4d6239185aa", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff" + } + ], + "shares": 4, + "verify_key": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" +} diff --git a/src/vdaf/test_vec/13/Prio3MultihotCountVec_2.json b/src/vdaf/test_vec/13/Prio3MultihotCountVec_2.json new file mode 100644 index 000000000..d7ccb03ef --- /dev/null +++ b/src/vdaf/test_vec/13/Prio3MultihotCountVec_2.json @@ -0,0 +1,211 @@ +{ + "agg_param": "", + "agg_result": [ + 2, + 3, + 4, + 1 + ], + "agg_shares": [ + "6cab477f485ff127e159b9ba36c5f92657b46ca6b1f44b0f23350a77f50d88558c7aa26e54b6ac7bbef32d354b493238cbc230d001fd388a273355db2625ed7f", + "9754b880b7a00ed802a64645c93a06d9ad4b93594e0bb4f0c0caf5880af277aa79855d91ab495384250cd2cab4b6cdc7373dcf2ffe02c775bcccaa24d9da1280" + ], + "chunk_length": 1, + "ctx": "736f6d65206170706c69636174696f6e", + "length": 4, + "max_weight": 4, + "prep": [ + { + "input_shares": [ + "e2bb7419a8ac96a1c6def1bed78dcb074557af87236442363aa49be4fd351b11b64bede210be55b253caa20a0f75703e295aa329cd650b825d3d4492d46d2fb362d5c7a84cb3dc77420ae9fb319a83b9195ed94b3fee03d209e78f1b2561041ab435529c98fc7c8c876eb82fd65a31fc66cf7dff4a43e15165bcaed22955b547461b80bb28663b502ad8b1536aa6d3cf8e705bd868a6285c8f72784c197180fdcb1b50029d910e62f6d3bebbd091725f687ed53430cb0818cdada631d9bd1e370ab5a6c2a2b6d543e0e918131c67aedd5b77cb75ce71d8c8dd5ec9028440226d124bc44458e5c4e329096c1ab250ff75b66121e927d624d471d2e7e648928016920efc2d378dc0e8ee13a36d87fbdd35d4a88e6c937da0cc54fd49e9e3f4f4e971bda86ce701e9ab267195ca19bd9b318358d9d6de83a3f8be79f370a3aba801a3d79af7d7df1fb0d61dffd8d00627f7c75fc765e1ec4579c1fb4c907feff49b99198983ece8440b5d6ea9fde97a2020094a42dac99c8f0c1a6267d25128b21b404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + ], + "measurement": [ + false, + true, + true, + false + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "e2bb7419a8ac96a1c6def1bed78dcb07", + "4557af87236442363aa49be4fd351b11", + "b64bede210be55b253caa20a0f75703e", + "295aa329cd650b825d3d4492d46d2fb3" + ], + [ + "1f448be65753695e1d210e41287234f8", + "bda85078dc9bbdc9a95b641b02cae4ee", + "4cb4121def41aa4d90355df5f08a8fc1", + "d8a55cd6329af47d86c2bb6d2b92d04c" + ] + ], + "prep_messages": [ + "1cb5c0b55decfe04be8c9c84c9e29614449ed43534727e7f6189a7206287bf59" + ], + "prep_shares": [ + [ + "e54359db132ef59eec785c12afbcd0c41095ec67b32f42ca286f3dba81d2f4d52a403e1b48dfa7f4a5a6d23ae37d1051dce6452e9ae476eb0764deecce8a40db7b547c43a9891dd84dbbbfe39840e7baabd2e24b618d91e6404723c5cd8ae26c", + "1cbca624ecd10a61f786a3ed50432f3bda4bbbc57edf2cddf1ff2a876ff1b8a00822fcd3fd0c9087a94588084d124e91105ac0f6e69e7f327f9c989a03c990fa59339032814730865c9eb4e827d6c696e3e6b53a2039714fa507e920708af091" + ] + ], + "public_share": "7b547c43a9891dd84dbbbfe39840e7baabd2e24b618d91e6404723c5cd8ae26c59339032814730865c9eb4e827d6c696e3e6b53a2039714fa507e920708af091", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + }, + { + "input_shares": [ + "e2bb7419a8ac96a1c6def1bed78dcb074457af87236442363aa49be4fd351b11b64bede210be55b253caa20a0f75703e295aa329cd650b825d3d4492d46d2fb361d5c7a84cb3dc77420ae9fb319a83b9195ed94b3fee03d209e78f1b2561041ab435529c98fc7c8c876eb82fd65a31fc66cf7dff4a43e15165bcaed22955b547461b80bb28663b502ad8b1536aa6d3cf4dd9d294fe4b5dfe6a035bf7c093bc3739e06b1224caa5b68b0a3240016a62d1e13cd4750741b83bf16614e687fb4ad6d08a9104fc57825d867cb6e43082cc5356dc187c4e7ff7bc9f68ccdcd074f42b37f5b9cb574739ec6152bf68e5ef8f1c1e4a446d5dbcb1233c30c7db5ce97888920efc2d378dc0e8ee13a36d87fbdd35144017b0fdd76b2a956c673e3cd2b8af04f98c5c60c95157753a2246e9e4abbf0b9ada95070ef4d47ec085bcf46d7c62dc01b0b57e3e73964c8b6107bceb0881ccfa795f61df2685fff149b632bb22dd746f93fcec86d002252556afb6db8f79a2611f5694b602bd330488dd3dd1b9a9404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + ], + "measurement": [ + false, + false, + true, + false + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "e2bb7419a8ac96a1c6def1bed78dcb07", + "4457af87236442363aa49be4fd351b11", + "b64bede210be55b253caa20a0f75703e", + "295aa329cd650b825d3d4492d46d2fb3" + ], + [ + "1f448be65753695e1d210e41287234f8", + "bda85078dc9bbdc9a95b641b02cae4ee", + "4cb4121def41aa4d90355df5f08a8fc1", + "d8a55cd6329af47d86c2bb6d2b92d04c" + ] + ], + "prep_messages": [ + "c24bc83b6d97bf557b590fea3e93b567b122a1cd957bcaa9aec448aca7726899" + ], + "prep_shares": [ + [ + "e54359db132ef59eec785c12afbcd0c4bc8093f51d55c746fd0ddc2e937ec2f330b04b8b772f62ab1ec1adc762c94ff9608a58476c33ec43cbd673643576dd2e42ab6d3c84a37c14bfadd7d17006387b1398149b4d736d6727f455ddeb0e8d62", + "1cbca624ecd10a61f786a3ed50432f3b96ae6b20fffa93bcf425c53e822b4ff50822fcd3fd0c9087a94588084d124e91105ac0f6e69e7f327f9c989a03c990fa59339032814730865c9eb4e827d6c696e3e6b53a2039714fa507e920708af091" + ] + ], + "public_share": "42ab6d3c84a37c14bfadd7d17006387b1398149b4d736d6727f455ddeb0e8d6259339032814730865c9eb4e827d6c696e3e6b53a2039714fa507e920708af091", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + }, + { + "input_shares": [ + "e2bb7419a8ac96a1c6def1bed78dcb074457af87236442363aa49be4fd351b11b54bede210be55b253caa20a0f75703e295aa329cd650b825d3d4492d46d2fb362d5c7a84cb3dc77420ae9fb319a83b91a5ed94b3fee03d209e78f1b2561041ab335529c98fc7c8c876eb82fd65a31fc66cf7dff4a43e15165bcaed22955b547461b80bb28663b502ad8b1536aa6d3cf4025a91e2e42deba4c317240c77fb80fde5dcd86b144bb2df213d72a8bf2baea3a4dd9ae180d83470a22d9d4eaa1b0c4dbddfc151145b025cc0ce900a1bd0c9baadd792e2991654a51e51ead894211fc50964f986c2042f74a1fda80c3ecf0f412cf7551c6f265123271a4353820ee94920efc2d378dc0e8ee13a36d87fbdd3521f44026cee1ea6db33e50f535e6bcd75f7b2be8d24e3ce00e317d5b5f5c53a6b289d55cf64129c96505c1cd91c71674d1ae44a4695145ce06fb2eeb4bb0c83978f918ad86cdb8f74d75f7e579ed050d5ccefd2fd8adc7f71f583b97d8de2ea1aedced712b804ece3dc3aa83629a449d404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + ], + "measurement": [ + false, + false, + false, + false + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "e2bb7419a8ac96a1c6def1bed78dcb07", + "4457af87236442363aa49be4fd351b11", + "b54bede210be55b253caa20a0f75703e", + "295aa329cd650b825d3d4492d46d2fb3" + ], + [ + "1f448be65753695e1d210e41287234f8", + "bda85078dc9bbdc9a95b641b02cae4ee", + "4cb4121def41aa4d90355df5f08a8fc1", + "d8a55cd6329af47d86c2bb6d2b92d04c" + ] + ], + "prep_messages": [ + "c3b3331981af8ffa017c3fc4acdf8275c2dd31484200de3098f3e9560d00a943" + ], + "prep_shares": [ + [ + "e54359db132ef59eec785c12afbcd0c424c727ac2cdaafc3813020484c7bc9b6c45ada8371c5d4dbd4f9d77e2064e8061992d56621092be95a40e591a2615d8ba8b2abd7d94ff6a85516e59a79b71c229c13b132bd251e1302a6fe5d02817927", + "1cbca624ecd10a61f786a3ed50432f3b2efb430cd6b5d98874bfc62d858c1b060822fcd3fd0c9087a94588084d124e91105ac0f6e69e7f327f9c989a03c990fa59339032814730865c9eb4e827d6c696e3e6b53a2039714fa507e920708af091" + ] + ], + "public_share": "a8b2abd7d94ff6a85516e59a79b71c229c13b132bd251e1302a6fe5d0281792759339032814730865c9eb4e827d6c696e3e6b53a2039714fa507e920708af091", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + }, + { + "input_shares": [ + "e3bb7419a8ac96a1c6def1bed78dcb074557af87236442363aa49be4fd351b11b64bede210be55b253caa20a0f75703e295aa329cd650b825d3d4492d46d2fb361d5c7a84cb3dc77420ae9fb319a83b91a5ed94b3fee03d209e78f1b2561041ab435529c98fc7c8c876eb82fd65a31fc66cf7dff4a43e15165bcaed22955b547461b80bb28663b502ad8b1536aa6d3cf1d40bde9925d4b17c846dd3594fed83dc892ca94d3c04183fa3e3e9c30b20a8c4747be8800152c9d08ddb4916ad19cfb3bfbf22858f63ff68dbf8f300abcd3c1523cea0e97d0e81f3e130785696b0fd20edd6849bb3aa68707bf11e59d1733ada4ae070d7c35a4aa785b4359d92c94e9920efc2d378dc0e8ee13a36d87fbdd3544d92c5b69c67d113829e5ff68679ca974462edab0d2b58a220616eab99c0305a58ff0820e3a8073674ae51012982a3d71914e9122a0b5fd444888bbe2b10113d09aa8cc188e352261470f0e9ac407379e87e47e8993636763b80333feb3ece81cfd5bb6753d1036f7d80b60c18d9e48404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + ], + "measurement": [ + true, + true, + true, + false + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "e3bb7419a8ac96a1c6def1bed78dcb07", + "4557af87236442363aa49be4fd351b11", + "b64bede210be55b253caa20a0f75703e", + "295aa329cd650b825d3d4492d46d2fb3" + ], + [ + "1f448be65753695e1d210e41287234f8", + "bda85078dc9bbdc9a95b641b02cae4ee", + "4cb4121def41aa4d90355df5f08a8fc1", + "d8a55cd6329af47d86c2bb6d2b92d04c" + ] + ], + "prep_messages": [ + "ffa6aa6631a9caed44243158a9b823cd6d03ccd9c0061e32905f64878a71657b" + ], + "prep_shares": [ + [ + "e54359db132ef59eec785c12afbcd0c46afdfeebb2cfb53fe66ec386a655dbc7998879597006242af323ee8edbdc70e9aa8f8db407bca86ae285576865be82a58e7a554c0e2fa5553f86ee96de11b6fa1f973b14695dfffdd21490e09765686d", + "1cbca624ecd10a61f786a3ed50432f3b6dddb72e222cee22981333990002d1cc0822fcd3fd0c9087a94588084d124e91105ac0f6e69e7f327f9c989a03c990fa59339032814730865c9eb4e827d6c696e3e6b53a2039714fa507e920708af091" + ] + ], + "public_share": "8e7a554c0e2fa5553f86ee96de11b6fa1f973b14695dfffdd21490e09765686d59339032814730865c9eb4e827d6c696e3e6b53a2039714fa507e920708af091", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + }, + { + "input_shares": [ + "e3bb7419a8ac96a1c6def1bed78dcb074557af87236442363aa49be4fd351b11b64bede210be55b253caa20a0f75703e2a5aa329cd650b825d3d4492d46d2fb362d5c7a84cb3dc77420ae9fb319a83b91a5ed94b3fee03d209e78f1b2561041ab435529c98fc7c8c876eb82fd65a31fc66cf7dff4a43e15165bcaed22955b547461b80bb28663b502ad8b1536aa6d3cfb8918ed5588ae5657f52706150b90f3b7563a4e1847a3252288d55ed722f9efc30fb18f33cf498ed14cd6ed91437e035bbc19908859c3b9169ad78dc32fa1cd00225523ffa19a72ceea504b22886fe4a5f4a4af495e251e6266d18ea3a62c6194d30914ad76eaca4cc68911472efa372920efc2d378dc0e8ee13a36d87fbdd35a9875b6fa399e3c2801d52d4acac65acc875548dff18c5bbd8b7fe98771f7094bbdb9518d25a1323775a2bc96732e702f1caa7b1f5f9b962695a9f0fba73b80420b2409cb5447715b1b411e1daa918be4c1a03d4aeebb708600afd2d6169597c737bd2781a04083ca3cbbda428cb8ebf404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + ], + "measurement": [ + true, + true, + true, + true + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "e3bb7419a8ac96a1c6def1bed78dcb07", + "4557af87236442363aa49be4fd351b11", + "b64bede210be55b253caa20a0f75703e", + "2a5aa329cd650b825d3d4492d46d2fb3" + ], + [ + "1f448be65753695e1d210e41287234f8", + "bda85078dc9bbdc9a95b641b02cae4ee", + "4cb4121def41aa4d90355df5f08a8fc1", + "d8a55cd6329af47d86c2bb6d2b92d04c" + ] + ], + "prep_messages": [ + "8168d1e866a10ff4cc68c5a974e74b30d03faf32df83d833bf44fc7069430654" + ], + "prep_shares": [ + [ + "e54359db132ef59eec785c12afbcd0c4631e1fa996b00e4ef539d7b7e668113d9b63c65b32e40c5f03b4f8f527ad35bc595cdf351c8fb3f0f6ac9d6701a1bac7718dc7f5c50b4119fb6c3c767cae0c30a69a3166f4c6ecb28c535766c93dbb2e", + "1cbca624ecd10a61f786a3ed50432f3b7f34b51d5bf17a64064e62b7470b71e00822fcd3fd0c9087a94588084d124e91105ac0f6e69e7f327f9c989a03c990fa59339032814730865c9eb4e827d6c696e3e6b53a2039714fa507e920708af091" + ] + ], + "public_share": "718dc7f5c50b4119fb6c3c767cae0c30a69a3166f4c6ecb28c535766c93dbb2e59339032814730865c9eb4e827d6c696e3e6b53a2039714fa507e920708af091", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + } + ], + "shares": 2, + "verify_key": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" +} diff --git a/src/vdaf/test_vec/13/Prio3SumVecWithMultiproof_0.json b/src/vdaf/test_vec/13/Prio3SumVecWithMultiproof_0.json new file mode 100644 index 000000000..5883f2533 --- /dev/null +++ b/src/vdaf/test_vec/13/Prio3SumVecWithMultiproof_0.json @@ -0,0 +1,195 @@ +{ + "agg_param": "", + "agg_result": [ + 256, + 257, + 258, + 259, + 260, + 261, + 262, + 263, + 264, + 265 + ], + "agg_shares": [ + "c39874de5db91c9413dab3c055c16f0401886fdef172d79f6d1c8a8a494c99f5155e78a9ca0b393ba7f04c7d467df46f06e28c26102df9680ffc45b7dd00264287a40c330560ea67b587fa6c2d22c3b2", + "3e688b21a146e36bef264c3fa93e90fb027990210d8d286097e47575b5b3660af0a2875634f4c6c45f10b382b8820b90011f73d9eed20697f904ba4821ffd9bd825cf3ccf99f159855790593d1dd3c4d" + ], + "bits": 8, + "chunk_length": 9, + "ctx": "736f6d65206170706c69636174696f6e", + "length": 10, + "prep": [ + { + "input_shares": [ + "5127d69ab76c1f05d94c9c774cb39eea4febe74e8a9a99e48f135a5c9813922c09b023df10761d495ac4f0cc1f55070ff628aace33323d70be3e78ed4c4e118f1543a7b8efb9b1f4633f1834dd83f76fdfae87342566de69ca9c77ac49a9d23e573a094ca6803848b797da24d1910017d1c99dcf3729ba77fe5e4c1bbd4c790a1d3a9a71e6641b47db44034e5e9335697dd9a3d88bc082032f76fa16de383f980a0162ae5b756f8ba2e11a276f168a895389b8692c2d4fcf7105d5ebc418ca13963e127c925b1df38e43fc8a78df6c5e6249be1f287e6c44f7f0d88d808ea758fed647d672e046e0a2a4ed86cc403aee3a633e5687c7ff3033da63361e4b29b293937148e3e194140f107767d6610c586580dbf46959f58e775c4f42f51b02c3b788e59da3e0aafedf39b2e44dc08e80e90d6a2a86c99f4e8a78ad0f460d588d2ec687298d1486eb786785268b0a89507b152bf416137776b8411f16462f1922ec18972d317af399ee5ab777a1c623f4354f917c9dc7a767e65f24ef5fe24011706929f845cb17d7b4c014ba275cd7a8684e5971b730aaed2502bc78564a2b8d17b3727218908a58d7463c7ebbbdc31203cdf7e16544f1d03c3451dff0d9ce1cdaa3ff1608e5ba7e06afdf65d9e3e190413a70d136ed050a74d092fd3b915ede9fafeabaa066c68dabe26c50a454a038d41aa4af226553826d10b0839a19552edaf5a46bbb7da4fcf25e79749ff518d99a855e10cc1731aa507f58614c16b0c1fd44214391cbb98264874d5d8c8ae4ef2eb66b0daf545b1855f7729a32b4a76d6c2068199f12a70ac2272245f0578b2fafbf92386191053b98ed041b8e9602b3e3a7ee934907b3d0f82421f3c0dbe0d3090f30f7b1bd67aee598034095e4582a8e61138ab4df4d6cfed341d603ab1d1f442a31fa9cf36bb1b0cce841275f764ecf85de615d04eefc6214145731b82e94adb841012ce95b1b917e6d5364a81954407b2799ea4df4d7f27934454344e13b757d6ddd05441b96465de3f90eb2052772408c8d7bb9f035c72961b89bc2b22165dc97bf37043547bf2019b5cb0307346384220ff42d5f990d2288687d183caf73333f4f50bbae848f3927d3b87718fe2fd2c1d459a8f591de2cc999724b6598e6722b83c4e374100cb8ee1cba758f5aa3f811a5e2b1ec5ad336578c20556eb3e99f298b9e9a72800f6e4211e7d2daacd8f4febd1cb21d8f4cac506c9d02fc3deeecd24bf11230e1211861b0181ce74aa81245dd3aa3ef0e699292dd509f54ebac25fb0408a1238f2112d5cf626ceb35a9d04b2990a2bc3eac6520f303216cdaf84a8edaf243f10f9ce663c1642599a482a66850708a6fb0d3c99383c275c37ca5b8f0fbadb98f75272d95c864bead7222aaeb4f2611414057d10a3ecc9347a95b4d1312eac11a42f08eb13df791834e39cfc5e9287dbb3013a42d627b8c502f2f1e58690f13625db15a7df9b18b14dd75272ede774026c21ce1fa7269c6f9fe95a62545bd85140e4a44a302c41874df08f3b6f2adcf291ce99102197a6edeecf11086e52943ad55f0333dc01c2bfc55c453b9f24e5d7212391b438a93053648efe9af1149e0221b00c6a6f7f35e2a722f1e3e15e15909f925a590ee20b9fc82337658ce902126cf27f9d7fcc592bed1d4e05626052d33a7d0a23211530d1b8b15f85966a80c0a48e26a887b37e835b0483bf4e59e89100ecda4812e9922c5aecb49e1279ee27d036ddc9ddd2e69a448358db1c0b8b46aa6065de026d41f2edb1fb5b06047b40e8890eceb4cb80edcc34c7e18e586047455444a30b2a4f056332c7ca1bdde62f126f6d2361f29cdb78b22543cfb09d9b67da86ba81f504121c57ad9ef0f1abe53716bcd8e27838d77988082b28b0d2789b5cc024f86ffe3ba0f34197a7aeb804e551d2c0621153d2c73d39e3a893825c644b964c0c328987856a288897f82d28c5e62a059cd44bfabc2daa9ff5ce3b5b012abb3e3685334c9384b4d88c5afc49b05b2e922ab9fd58d8ac1643df9c51cc4f8a5ca269c6b2f9d7a2934889e81f6a5e86f1d97b343057caa13f34393d977e7b8c96fa01e3038e94b5f142f9d07116be771250018168e9ece9587aa0bebb1dc0eb7979d285a05c738ed9a8a18f2f11ba2ee9d53c9684bc4cd6cb47270f26b50c95eb0eb9a99c96d86b9cbd834b320f96986207182be2599dde5433c71d26956827c241ea9e6508d5b4216a4074b8e7c3bc37f28dc279264975d7cb458b613e35491d0093e79d6dec186243cea8c0be2c5e6aeab63cc4b1fb8c81fb11284fe76be8eb41af591f44b28389dd7f132b2ea23686d4239b034415545bc8f12ef4f3ca680635f11d9d19fdb819d188ef82e3ad392e960ffba567ed73451659d226be4537bdc3988ead5a1454bc39a4dcdd678067eaed4b92a2688dc5214f3c2df5a05f8df57e99fedf4d791de70c51e0ba8436dc13e097ef2838a97b987b422a962892f0e4b1ff0b7c09caa18aa9f034c83a0795ac4d818f41a18f3e33ef4377bbb9e2e98235ccc0f87b2ea16ca6914c1eed11e404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + ], + "measurement": [ + 0, + 1, + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9 + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "97327c9f1e9309dc", + "07f33b40c7957a01", + "022d254a50269d8a", + "7c5e83836d1933a7", + "0a1f28e3ed031369", + "3ba5197f177f5125", + "5ca0d90c5a64a8cd", + "0aa96c924900626b", + "88360411accaf877", + "ed2cfeceb960963b" + ], + [ + "6acd8360e06cf623", + "fb0cc4bf376a85fe", + "01d3dab5aed96275", + "88a17c7c91e6cc58", + "fbe0d71c11fcec96", + "cb5ae680e780aeda", + "ab5f26f3a49b5732", + "fe56936db5ff9d94", + "81c9fbee52350788", + "1dd30131459f69c4" + ] + ], + "prep_messages": [ + "dafcf2e9580aac389fd2640aa258ae82aead68113bec1c0bb4917e8e49e1d12d" + ], + "prep_shares": [ + [ + "ef6dc738714bfcb41318d9b9488733c2957e74e00772a42c36cbf7e66b91e03e493b3f14d8cf9d110f180d3ef69fe0b794498e56da465b8ddcf73ddafe274e3e8e8b6959ae45047ad43f900917f69cf81a01b41339810bc2ea517a9eef0e71bd975253d3b6e3f6c3fa12a26c11f1b13314eceea1e908213ab48f50db45abcf18ab8080ff24d2c455b41bf6519de83be37c6b7c3111725b85c533724923e17ffda71d4099089298082cd176f059a7607503662676d6859a5cebafdfb9b1ff4296c4db21fbe7f395bf63a7d65545e8f4c6b5e83197b707bc7dee4439935fb08f8eda962dcb24f47250b0bf605c5241d4fe40b2cc068eb7d02691557e1a1ce5392e282e1b6dd6e716d0de8d6e1a97a82c69074646440761a93eab8d2e698e0c47aba2914172683c90fa0d26ca9666dfc1eb197781d42094d7c2190c7a8ac0d2a47ce0554af34dfc53b91317b7464c2da6c9b3c5da40dfa98b1e9524c94e47ceb7343717bdb5decb63658a9e23c007a80601fb7b4b35a59183c14483dfba5f43b78990f45bc1e3cafd051cfcef2fbb82f43b17c8ae9869e4d1a48130e98bab63c52e260b9ef6c16c3121e02ba49d993ac31c35219bb4f66b4d67f07b29107db2d6ac1d8791b2ce3ad74fff11c08e43d72fd48e9e14fda05069658b76e7986372ad6e9993eb05b65316bc08a39b732f8392dad96c7e1fd1d25c350ddc356a52f2bd76", + "129238c78db4034b15d7a39754e7c8ec1ecf7301a94016b6a7cf364ba569e61405f4c4a3ee19986804dfd5e108a6cd4f63685d4bd38fc94b3a7c494e928f5b861958172e1a0b043e03d92de927205d53e67c362ac6077f38336f39e3a463c5def5a2983290856af076b3e9e9b0632f337b490f5471cce8d6220d3968bcc249a521e3e565e93f3e90a0de62174d5bf6b7c5ffcbecfa3b4c2639a344df4ac28eaf5ae2bf66f66d67f70f5ec5d2c3ae6e62d5e80b23652716be1e328a13fa045b9cdf3f271c1650b5c7277ee79f7e31b2000e79bc1393ba18c17262faf0eda5b3a3954c1cad98a5802b573773c8b26fc0436fa3453eca29e2548401c079321377ff66d0e7e883cbd8eb07732bc81ada8ac136fb9cdcc6d0417e2bcc9f40cbfd834eb48aa8dacf071ad0419eb27a82db0f28af7235da4cb7da66e83126e1a64f0e8221aab50cb103ac46983c7b05b92f68e20b4104d2aeadceba33e201464e3eb530d117c8492d614339de52c319b7a82225a9b0486d1875144c63843f7e05540f80500f2565852da67d04fccc4a2d9292f222369aad4be1eba5c3bbf9f3b22f3c624c91749e2de5b1128a2274ba045a154f3689c393198a1a48a6d6c756cce318c3be7f4d2ae5ba1b9f67b59bea811d14b50795a80dee7ae0866e5c4b317118021703345600064bc49a1e71347b3ca5b6ef7d230cb279f6000a3c861e09a260e6a6" + ] + ], + "public_share": "9993eb05b65316bc08a39b732f8392dad96c7e1fd1d25c350ddc356a52f2bd7603345600064bc49a1e71347b3ca5b6ef7d230cb279f6000a3c861e09a260e6a6", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + }, + { + "input_shares": [ + "5227d69ab76c1f05d94c9c774cb39eea4febe74e8a9a99e48f135a5c9813922c09b023df10761d495ac4f0cc1f55070ff628aace33323d70be3e78ed4c4e118f1543a7b8efb9b1f4633f1834dd83f76fdfae87342566de69ca9c77ac49a9d23e573a094ca6803848b797da24d1910017d1c99dcf3729ba77fe5e4c1bbd4c790a1e3a9a71e6641b47da44034e5e9335697dd9a3d88bc082032f76fa16de383f980a0162ae5b756f8ba2e11a276f168a895389b8692c2d4fcf7105d5ebc418ca13963e127c925b1df38d43fc8a78df6c5e6249be1f287e6c44f7f0d88d808ea758fed647d672e046e0a2a4ed86cc403aee3a633e5687c7ff3033da63361e4b29b294937148e3e194140f107767d6610c586480dbf46959f58e775c4f42f51b02c3b788e59da3e0aafedf39b2e44dc08e80e90d6a2a86c99f4e8a78ad0f460d588d2ec687298d1486eb786785268b0a89507a152bf416137776b8411f16462f1922ec18972d317af399ee5ab777a1c623f4354f917c9dc7a767e65f24ef5fe24011716929f845cb17d7b3c014ba275cd7a8674e5971b730aaed2502bc78564a2b8d17b3727218908a58d7463c7ebbbdc31203cdf7e16544f1d03c3451dff0d9ce1cdaa3ff1608e5ba7e05afdf65d9e3e190403a70d136ed050a74d092fd3b915ede9fafeabaa066c68dabe26c50a454a038d41aa4af226553826d10b0839a19552edbf5a46bbb7da4fcf25e79749ff518d99a855e10cc1731aa4f7f58614c16b0c1fd44214391cbb98264874d5d8c8ae4ef2eb66b0daf545b1855f7729a32b4a76d6c2068199f12a70ac2272245f0578b2fafbf92386191053b97ed041b8e9602b3e3a7ee934907b3d0f82421f3c0dbe0d3090f30f7b1bd67aee598034095e4582a8e61138ab4df4d6cfed341d603ab1d1f442a31fa9cf36bb1b0cce841275f764ecf85de615d04eefc6214145731b82e94adb841012ce95b1b917e6d5364a81954407b2799ea4df4d7f27934454344e13b757d6ddd05441b96465de3f90eb2052772408c8d7bb9f035c72961b89bc2b22165dc97bf37043547bf2019b5cb0307346384220ff42d5f990d2288687d183cafcdbe7fa38d2c52b0cef4703858879c8660ab0852214addf9b5dd1caead7d0f148c63655e734023a6843c03106bd41912bf1b525bcf2175b583645ebfa892920ba8c07d5cdb2a7a73abfddcc17a9f222ffa5464d39466e185a73acc5b6ff62b44f9533527dfc70b7f66562855c50030f28ec0852c3b793f4b699292dd509f54eb529abab0ca2f8063e2568b6ac35c67ad79f704acc700d5d6d4b4ccdec9eec15e535a54ff42e7427a24624fceb3c60eed6683289a831ae755229c8c503b389f24e6979c2a712988828b9dfa17d1f165f0004a863aae5c7d49fc428f4efa9f17a350e6b036fc0c3fa4ac50ea9849ad3aa75421859a27a76bf413a42d627b8c502f2f1e58690f13625db15a7df9b18b14dd75272ede774026c21ce1fa7269c6f9fe95a62545bd85140e4a44a302c41874df08f3b6f2adcf291ce99102197a6edeecf11086e52943ad55f0333dc01c2bfc55c453b9f24e5d7212391b438a93053648efe9af1149e0221b00c6a6f7f35e2a722f1e3e15e15909f925a590ee20b9fc82337658ce902126cf7d1cbe7d4cf45208b1f6fe0ce6d64ec325fa96b92605ca6dc64250654e0a1d60332e3c2eaa68e140cdaa407ce88e6de1fe96bb907e8cef121e3c7822ffbd2e6ef24a65c8064e0b8a356a22acc35e025f737a1517a3b817f9777113b6a5dde9f2a56212fbf2c1a84e79bf6e5cbcd347eaa48eeaa95bdfce912c7ca1bdde62f1269faf509ea36b2355453e9414292f9b61531444777c4972e2c98ef91074c04059190adb74110dcc07fc1266f5c2212ce29b1015241a7a90abe226e37f89a59dea98bd3e363d58c531d3c1c99d2d7b2e8c4c478bd359ff8e384bcc262a23a9b1f34c2a331f0b0cdf37ae68a9e5ace6dc7d4c6f29719b4551da4b4d88c5afc49b05b2e922ab9fd58d8ac1643df9c51cc4f8a5ca269c6b2f9d7a2934889e81f6a5e86f1d97b343057caa13f34393d977e7b8c96fa01e3038e94b5f142f9d07116be771250018168e9ece9587aa0bebb1dc0eb7979d285a05c738ed9a8a18f2f11ba2ee9d53c9684bc4cd6cb47270f26b50c95eb0eb9a99c96d86b9cbd834b320f96986207182be2599dde8ea0ff75e2d06139433a03c0dd698298a3ca5e6c4e6c1291ecb6134f31ab68ed4e5fe233e0040564ff213a9d1a9f0f3149d8da16024043a7bf8ed44d78c8536139291a7fa7536e8c832f2da42b5d206fdc7e127ab93255cca3be859ce8d8d75505a8fa0f586455714e97c5e16a67c10924932006563a20992e960ffba567ed731aa911796a734c363cdb7f4c3509677039d996e537e331823639b615f9d36e5dbaaa8f7576ea8f62136df349521c65f50f87367378f21f92bf5c69ce84224196e15d48d32ebc905d4cc470a070016cc537f95cdd3a16541f8f532f8d5c1cbd2d8a0f4a97484957d039e3e7fd3b2d5b5051e50a254ba69e8404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + ], + "measurement": [ + 1, + 1, + 1, + 1, + 1, + 1, + 1, + 1, + 1, + 1 + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "98327c9f1e9309dc", + "07f33b40c7957a01", + "012d254a50269d8a", + "7a5e83836d1933a7", + "071f28e3ed031369", + "37a5197f177f5125", + "57a0d90c5a64a8cd", + "04a96c924900626b", + "81360411accaf877", + "e52cfeceb960963b" + ], + [ + "6acd8360e06cf623", + "fb0cc4bf376a85fe", + "01d3dab5aed96275", + "88a17c7c91e6cc58", + "fbe0d71c11fcec96", + "cb5ae680e780aeda", + "ab5f26f3a49b5732", + "fe56936db5ff9d94", + "81c9fbee52350788", + "1dd30131459f69c4" + ] + ], + "prep_messages": [ + "10829cb740c8b9f7b4224d95ca9211208af39ececed7b496d18559caa7cfc742" + ], + "prep_shares": [ + [ + "ef6dc738714bfcb4d546c5e803c3a3e93ca696c30cab89d63a96b2c318b0d71c135dadad26a16012082e3bb325cb692994498e56da465b8d78d5ad212d0d6b21815936a212e7624cbc95eeaeb0e435a99852c45fb5d8834bf2370a0a964a7d61fb776bf507c2661bd7eee0265bacca299eb113eef6300eef01d4f8289bba258ab6b0eb4e1d680f1aa7892305272b83def84b67ec52ebc0d92c51eac84f4393bea71d40990892980863937ba7eccf5e628cbd3ea816c9f9c6e6850f48df85f5f0fe6032ebe4450040180da7b6e439983eb5e83197b707bc7ddf7b400ff56ac3c8ed9d599c465452426838e32b81ba175f14d1c5c3ba17898eeee532875e5385ecbb85e0e4f788f695d0750bf48ccb48f9881fb9434846b787f2d91ba4b40913573b6c3e94d2731f2f9b88e4a69833b5653cae89a89a340492be3a4b3a95395dd9e0554af34dfc53b9e7b7fe2a58a3fc80fa0eab0fab949a78a3566c4601316a8640bfe55c793950a4e100a5182ccaf504fb7b4b35a59183c1642e79f0880731c1dec685d2b49d7d9a68811d5815dde0631a253f7c73079f2eaa6d4d0b77d57fac669f09d408f7c24827a7af4021e827438d31389af603ea6208ceb0e30d6f587ca033f856be94d58831d0fd41f134dbbefcda9360ff6009c498b3dd873f5b0c262624994086382e025a177786d566b3714c8cc124c4218dbfaf0d011f68c6c35f", + "129238c78db4034bd000aa902289123c1ecf7301a94016b681b663f70679de5405f4c4a3ee1998680bccc0a256e4637e63685d4bd38fc94b44b3d85e790f84121958172e1a0b043e649d43b4be30b97be67c362ac6077f388f168e2b4d547f0ef5a2983290856af0bbeedcdc8f5277327b490f5471cce8d63f17ad1509290a7921e3e565e93f3e90d810b47f492c0b95c5ffcbecfa3b4c2639a344df4ac28eaf5ae2bf66f66d67f74449c434f47b39acd5e80b23652716be308e05d6f014e867df3f271c1650b5c7add72dac1b72fc8b0e79bc1393ba18c10bb3a9fb26c6c8d1954c1cad98a5802b81ba9042a7ffb6866fa3453eca29e2540f8ee3fba22802fe66d0e7e883cbd8eb2a7c16ba0516e27e36fb9cdcc6d0417e4e00ea9e80df2201b48aa8dacf071ad039459ca1c61d77d9af7235da4cb7da66e83126e1a64f0e8221aab50cb103ac46da0fef1e0892ea8d0b4104d2aeadceba035211cfbe5a9cd7d117c8492d614339b5a6b6960be6c857a9b0486d1875144cdf267c0aa1edd839500f2565852da67d50c843c46e9bf86322369aad4be1eba54d756a5637bc63c14c91749e2de5b112492b2349852ec05b3689c393198a1a483954751d7ac59e0bbe7f4d2ae5ba1b9f19e7e219714771db0795a80dee7ae0866e5c4b317118021703345600064bc49a1e71347b3ca5b6ef7d230cb279f6000a3c861e09a260e6a6" + ] + ], + "public_share": "2624994086382e025a177786d566b3714c8cc124c4218dbfaf0d011f68c6c35f03345600064bc49a1e71347b3ca5b6ef7d230cb279f6000a3c861e09a260e6a6", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + }, + { + "input_shares": [ + "5227d69ab76c1f05da4c9c774cb39eea50ebe74e8a9a99e490135a5c9813922c0ab023df10761d495bc4f0cc1f55070ff728aace33323d70bf3e78ed4c4e118f1543a7b8efb9b1f4643f1834dd83f76fe0ae87342566de69cb9c77ac49a9d23e583a094ca6803848b897da24d1910017d2c99dcf3729ba77ff5e4c1bbd4c790a1e3a9a71e6641b47db44034e5e9335697ed9a3d88bc082033076fa16de383f980b0162ae5b756f8ba3e11a276f168a895489b8692c2d4fcf7205d5ebc418ca13963e127c925b1df38e43fc8a78df6c5e6349be1f287e6c44f8f0d88d808ea758ffd647d672e046e0a3a4ed86cc403aee3b633e5687c7ff3034da63361e4b29b294937148e3e1941410107767d6610c586580dbf46959f58e785c4f42f51b02c3b888e59da3e0aafee039b2e44dc08e80ea0d6a2a86c99f4e8b78ad0f460d588d2ec687298d1486eb796785268b0a89507b152bf416137776b9411f16462f1922ed18972d317af399ef5ab777a1c623f4364f917c9dc7a767e75f24ef5fe24011716929f845cb17d7b4c014ba275cd7a8684e5971b730aaed2602bc78564a2b8d18b3727218908a58d8463c7ebbbdc31204cdf7e16544f1d03d3451dff0d9ce1cdaa3ff1608e5ba7e06afdf65d9e3e190413a70d136ed050a75d092fd3b915edea0afeabaa066c68dace26c50a454a038d51aa4af226553826e10b0839a19552edbf5a46bbb7da4fcf35e79749ff518d99b855e10cc1731aa507f58614c16b0c1fe44214391cbb98265874d5d8c8ae4ef2fb66b0daf545b1856f7729a32b4a76d6c2068199f12a70ac3272245f0578b2fb0bf92386191053b98ed041b8e9602b3e4a7ee934907b3d0f92421f3c0dbe0d30a0f30f7b1bd67aee698034095e4582a8e61138ab4df4d6cfed341d603ab1d1f442a31fa9cf36bb1b0cce841275f764ecf85de615d04eefc6214145731b82e94adb841012ce95b1b917e6d5364a81954407b2799ea4df4d7f27934454344e13b757d6ddd05441b96465de3f90eb2052772408c8d7bb9f035c72961b89bc2b22165dc97bf37043547bf2019b5cb0307346384220ff42d5f990d2288687d183caf23415a5f18ae9c51753c72875ff73fda5ee085cc0a7c621a78aa3f797818fec57ddc373feebfcd27ecbb2ab66ed31bac7bc051286bc4a4f37559b3ca1ab5ceee3562bb33889f6db0e82c227f92ff39d0a6928db1acd2e74fc496c60896221f2a886086084b0949e9d68bd50f7fc82cbccf19940914064731699292dd509f54ebfc17e0f43fae35c23b0f8a1bbcecc3597ac28731dfce4fb612e8a913fe53d3ac62e1811ec86798f8bce22728b0c70c53aade28cde777b71731a73745c815634159f65e53c4b494454e6eb55ab9914e4f540c5d5c96f0767fdfe694a1d37324bdc1d95f5590cb013a3c1b3dde8fe53ddd12c876bd4f1a640e13a42d627b8c502f2f1e58690f13625db15a7df9b18b14dd75272ede774026c21ce1fa7269c6f9fe95a62545bd85140e4a44a302c41874df08f3b6f2adcf291ce99102197a6edeecf11086e52943ad55f0333dc01c2bfc55c453b9f24e5d7212391b438a93053648efe9af1149e0221b00c6a6f7f35e2a722f1e3e15e15909f925a590ee20b9fc82337658ce902126cf8b5d298eec0975af0b805ace5764b0a2fb79e43bd1429a8945214f42a81b62dceba563b9ca169de07cff12a0c7cc1fa19ad89e4bd1939a62bc7d77ab7b6317517722afb424f613248fa1be6ff91a3e0989a37ec720c02a88838c47eee0139022d3165f6cb34be170f1a3b913aa5cc95f74dadbd89dc64ab82c7ca1bdde62f126926ee58d025601aeebb43853b7a139827d94f6f4d10ba2c64bb0fa3319affbdc6292b3e9ef5e10684cbe93d1e4e37922ffce3169c772e55b43e5e3f60d00b50713e6f4491fb0bc97798a2ddaf7bef2e1361e2223dcf77ba93eb1f2f1e8720bc41e76e6ad4a82a61535845e2ec05d5b087c233842595ed5b34b4d88c5afc49b05b2e922ab9fd58d8ac1643df9c51cc4f8a5ca269c6b2f9d7a2934889e81f6a5e86f1d97b343057caa13f34393d977e7b8c96fa01e3038e94b5f142f9d07116be771250018168e9ece9587aa0bebb1dc0eb7979d285a05c738ed9a8a18f2f11ba2ee9d53c9684bc4cd6cb47270f26b50c95eb0eb9a99c96d86b9cbd834b320f96986207182be2599ddd792611e6315d1be3a9b50931a6d3033e5cf4b1876b5648be410c694c71c87fbb2a15385075dc8858457910975a47861a9949606977f563e4c7f8e86ff7820ac77b8cfad4cd4fc66c2f6e2df5a7461f5a0d7837dbc3d897b297a392fd39f732a7411017cd7bc4c0b77aa0bc8810da4d2302f6a3615baf59292e960ffba567ed7420240f091bf6917bd65079eb6b9fe6da909f33ca1af90b65d1d37018b9b6578fdee53968e1120c7ecd061d4f1263ef2bb006b020134cff45b6e265bbf5689a30aef9587e08c0387db085705ee4087ddb06ff377c2f7012298b7e122d2afe51db4e982ce924e8ec9a1dcaf15674baef36738186ca463165f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + ], + "measurement": [ + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255 + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "96337c9f1e9309dc", + "05f43b40c7957a01", + "ff2d254a50269d8a", + "785f83836d1933a7", + "052028e3ed031369", + "35a6197f177f5125", + "55a1d90c5a64a8cd", + "02aa6c924900626b", + "7f370411accaf877", + "e32dfeceb960963b" + ], + [ + "6acd8360e06cf623", + "fb0cc4bf376a85fe", + "01d3dab5aed96275", + "88a17c7c91e6cc58", + "fbe0d71c11fcec96", + "cb5ae680e780aeda", + "ab5f26f3a49b5732", + "fe56936db5ff9d94", + "81c9fbee52350788", + "1dd30131459f69c4" + ] + ], + "prep_messages": [ + "1310df592ea16ec39743f1b5f8ae405c550987296bfed97eb82974af44afa24f" + ], + "prep_shares": [ + [ + "ef6dc738714bfcb492926e22cb1c4730319e206607a30e2b4d5ed67f9bad2449d1f8061718c3f7ee828bb9c596181294ae7609af53007a0889ffdc0df072332abd1ac934e63c3316c319ad0bb4f7b677a9d5b0ae03f4caddba7854487c2821cdd313e6658a39c78d7c286a8d1a28b6b75ba17e8d30af1150fb97c43fcea17275b94e9e0ca0d4ce4b33d6e9c2cb217ffeed43f18e4de3452eae8d7fe9655e03b5a71d409908929808d4e2620f8d656852577cc5214c0b4b43e6cae30c8f7d8ed404779b62ff1f92700e5e671767cf3180fc9bb31b4510df801c8bc3fce9555e3535c5d49310564a896f40ca0923036dc3d545b22a132993881cd891e2b80d954c6f559664a1e90e173315ff2ecfb0922f1198fb88b015536c7df6a905ff2b64fb9f3ec0cf624048afbcf9fbc4e26bfd30076d1022d076550e62f534960ae3bb5be0554af34dfc53b9411a75a3808ec255417c18dbf35ef2fca51c75e3a2aff0ab0701724a05a8a3b6e6a0bcd6415c7b0f196b2d950fb3ccfaf5ea3e3d5523df2c6cb0c6263cc56dcc71ac9e8fd1218c9f421f91f6997b7b7bc994d14691d6b437b4f4de4a499421534dc7a9d1b9ff77e6cf98b2545289a992c103318415b09196dd592c4f4481b538e34aab7b23b843624248012c492b614867abc0847d5dd331cfec139b1609ee1977ea136e36fd0c0a700b9c3bfa6e6b9489e35f3a332bb886", + "129238c78db4034bd004de56f8e909791ecf7301a94016b6b562ace1f41ab0e305f4c4a3ee19986866b271398911345863685d4bd38fc94ba52319bbb2108dd41958172e1a0b043ef2e8d6c7c3b9deeee67c362ac6077f388a1e2ade175e4802f5a2983290856af00d7d3058327822c17b490f5471cce8d6d4daaba88242ce0721e3e565e93f3e9091c650fcaf93668ec5ffcbecfa3b4c2639a344df4ac28eaf5ae2bf66f66d67f7290afc25bc2286c9d5e80b23652716be4631e81fac5d507cdf3f271c1650b5c7616272f6e702cbb20e79bc1393ba18c183d44cedf3f5fbf9954c1cad98a5802b3fc241619c856a9a6fa3453eca29e254c0f8bdeefc97d6af66d0e7e883cbd8ebd1c2dd74fbeb405b36fb9cdcc6d0417e5a115bc891703e6bb48aa8dacf071ad0f9121ffea0bcd213af7235da4cb7da66e83126e1a64f0e8221aab50cb103ac46544835278120d6ed0b4104d2aeadcebaa97cfde6595d92a8d117c8492d614339a8fdbe112819c78ea9b0486d1875144c73f1a7a6dc70173e500f2565852da67dc06630fb83316a8d22369aad4be1eba50693ab8bfff5d2154c91749e2de5b11283a14521bbc87af33689c393198a1a48385ab2bd1b7afe7dbe7f4d2ae5ba1b9f596f7d01c7e469be0795a80dee7ae0866e5c4b317118021703345600064bc49a1e71347b3ca5b6ef7d230cb279f6000a3c861e09a260e6a6" + ] + ], + "public_share": "cfec139b1609ee1977ea136e36fd0c0a700b9c3bfa6e6b9489e35f3a332bb88603345600064bc49a1e71347b3ca5b6ef7d230cb279f6000a3c861e09a260e6a6", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + } + ], + "shares": 2, + "verify_key": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" +} diff --git a/src/vdaf/test_vec/13/Prio3SumVecWithMultiproof_1.json b/src/vdaf/test_vec/13/Prio3SumVecWithMultiproof_1.json new file mode 100644 index 000000000..2f83781eb --- /dev/null +++ b/src/vdaf/test_vec/13/Prio3SumVecWithMultiproof_1.json @@ -0,0 +1,147 @@ +{ + "agg_param": "", + "agg_result": [ + 45328, + 76286, + 26980 + ], + "agg_shares": [ + "eb591eb94ac6187b46ca8251c9c222d3756b5acf89583cb4", + "4356b26ddbf021fcf80f75978c42dcc66001980947ad49d0", + "e40030d9d748c588c24f0917a8fa006691fc0d272dfa797b" + ], + "bits": 16, + "chunk_length": 7, + "ctx": "736f6d65206170706c69636174696f6e", + "length": 3, + "prep": [ + { + "input_shares": [ + "d03f09f0c514d33d95004165e281cb97b3feaf2126a4ad1ba85cfad00de47850ec240dbdb6a904d50629cd1953f9e91597288d590721629f439c67d398d5577bff514eb830ecb8e6a83ad7eeaf3e91a17a4090bff8c904b8952e3f30f6ca4bb31fcc4fee73b06c30b3d9b857e03aa2cffff9fd55f9094007f85f32f1b0aa077b838e53b346a52aff0af7a2c3ab82d90421cb2127847b1fa5bc9a7bf14052625b92946f50882077eef71f5d435ad8bfa719286d1fd5e566d0877c55c25993706cef85d11d17d5263c0dcdf17d6452eef2c04edd737874b84366628091b0545f24d9a752dcdb8149cff603573515ea771053493bbfe7da63163e1429e7970be770bc831147a6bbf39d8dac3a78d9c13011c8455b37fa086d87ed77530452b698e6889b8ef1035765744621065634e2c0e193ec13c6dab2e816fa7bdc03a3e7b9500a7fd005de94e5341ccf84e50612c84e260b9890d6afb9ea07403a0b49fab55a60556dd5ac76efb4650e4af7f76be4b490e19aee08a3cb07aec9cbeacc882f78fb326554b75bf36fff83d9f81e780456de9a1f2e5abd536a30916e549534af37b42d521fcd8e541ab3b7f033d9b98316c7e3a708160848cf31512414b26377758c73b0879135ab058ade83b267cf6700785671cf321e724afae537c52693713caa56cadfdb38cee8be3617e0ba0abefb1f8f7c6b918197ee3b60899b6bb02f41f403b8284ce1fcf74355452d1bc33f719f39a5c2abfbf8780e20633d21eaafc2037feefc7c1ce6047f9a7ed6cf0a08b6fdf663431cbfeb23a126730803ecee5f259e9a090139cb01a90ce2657fa1b418976525182c2fcfa25c18458a5f6cbf211ef906847e382b93541dd1fbb8c024f9019429e3549779345a75abb92e3041afdebda205e6ddf9ac6a16fa942aa521ab0a29ca336b1e329ac3d61c37341fcc99630d32aa9b7f5fe5d407d273364c2bfc1b1650880c891a521d7051f4e8104b675b35ef8fa7f4806fa20e3724c61a6e3aa53660968e5409ecba0b89bf6dc63b96e31d9b5fe0aa7aff3c7af42d2eaa8583835bba27e89b5b0d8b48a6da06332942afef91c9eb866f58744b467b099e32f5753d61a35fd22becf4cf0381019f746540ae6046a1307a51945cf87fbde0e0dfdde7922f27e2d04305aa6d289c36668e2b124fb760d62f67eb923b848994d439c771acbc1ab037080daf2f8bb38f968cda174443462665c8a4384aa48921639f26f42d2c8315eb48d9e251e01b6145ca06407154167863f3529a2d80bd1c19e171a55521b43ae00731364815319d5b67d8844cb356966f5ce22c9212b8387035a5535d17b9eeef0f2e07d0084908554872a3956885cbcb0e000273a3f275ed4a2610b0172c893079afe1a399c94cd7a0265917d4fa2de9da80c26aaa6d2ce553f1e46972cbe4f3b35e9c675e153e273eb4580a070967c2392294c1a6bf1d0a490a5757659462acb22121fe22ec7a6a8f245a2a45c420f61fcef394ba0d87fe7a8f4be8670282b482808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f", + "404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + ], + "measurement": [ + 10000, + 32000, + 9 + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "595f5fe818420829", + "c3078170ed40b69b", + "ba001e452dc8bee6" + ], + [ + "6cc790249ea560a9", + "a85a7c32846b4942", + "20ab32036de46d45" + ], + [ + "4c0010f34718972d", + "961a035d8d530022", + "3154afb76353d3d3" + ] + ], + "prep_messages": [ + "253ab3d3f1da2665b855bd75393f6475786f0420f1c1b79750ba991a845c9fad" + ], + "prep_shares": [ + [ + "a135c66447c86a0e3ab0ee34f76bb343f02efd96a47e4b61f356e347c090169db6d9acbfb69a31b7369bb6fbb218344e85cc083daab5565cc6ffcfc7010d37f689eb7f46a285abc8c0cfbdea698506bd2bfd1636cd033c7755eaa4208069d3ae1c453c529ab90430ba04fda3545a4816ec423e733d732c580bc5302433873693310bccf1ab15e93090cbf1e5c0365420e8cf957865a067d289281e1aa779fe1d937ae92394c4f7dd442cc89c67da62210df9e25f852271f1563b953804c04d8037105acc8f84d2f05fb34caf2ad9c60b79a254b7d7f0fa1c264057e93638d14ef0c95b1cbabc66bdf2ffac88a94540a4b1b8fbd6c914f476eb417916cfba3f4f77ae86d299733acdf8df41e3e1f6681366f791b04bb8c27a353207388b7ae0f82909bc3302aa36c8f43823c1ad114da47e08c65f1e08de97ce0adbf011bc451992fbe9f2addd7078c1e14f52b3c57cd0eba34a81cec3b6c29fc2ef765d71ecfa007ccd4165ec31508ec0e85d2502abfe164f958ef32f5c75832350da88a6632d0a71d499dfdd5edb2324bb8d1599c2a2b42dd1c856c1ee4adaf92244df13861f", + "dae018451dddef4ae221b2ab6a567b192e1bbdad6b89edcad539d21e9fd2aa17c86142239102b59ae5e8b4ed2ba0f623d41e588c8947ee1c51c6494f261125e0e35af773fd5e85f23ca7d6b02415b9c0244916abe9b29a275d30b3ee146fdef0a462fbc38a2d0ea2d5ed994caa93f42d9b5283759880b74ed454c673b0db3a454b542d0e95798e4456ad69976b5e8cb8847820651e12b394ab1bd0509fad8f4d2fabff0ad634287aec6e94bf0278bb6e946f93c7a2c253b5fd8b487994ee7c8bcb5fa030f8e8d04501ea8367c4e22a13f3e676bf2d79a6087e35f809b9b8d5c4b9fbccc52eab11c3f5ba8a896e2720476125ca5ec3010fd033fefb292f7dced0db1c04a188801926754d3b8d6e27b6cbee1413ddcd28e784485d8c9dcea7f58041ececd93e40e0f16194fcf5d7d4c60e2ad1c7811fe954fb18db456629ed762b4d00f22628c27675c3ad4e53f6be5661cab6d4f355f2bcd65db10b2cf0ee538a0cf1aec28ccdddc231de8438b0db087d6b882908eaf63abe961078829a94b92106ca33f6f5aabdfd97f95f06b6d8db57848ce9e193a512f2a666cf5ab0d41107", + "86e920569a5aa5a6998403b3e52bfd17609976078ef8e18b0d20a8fda913f0fdf24134dfabed57714987e42c9391016220803dfe1991f770fb3605f4221a03599358a72d84aa336b58a008b4caf89a2328844cc920c6a822d7ca4a18c5a69c4e7ab012e315fb350a0a245ac25a2423ba2ff7938d375bcf6ab3b2862a58f061d585a00600be70888a427dc60767f2f10c47df303d9f4cf2a7927bdc2e9bb1d16340ff5e4e021cc34574575f56d4d4abaadbde88105ed08f02f92e9199325c94ee9ac3beaf1d05bcc5d22c8713f672a7ece9b70d32537af0f31257bdbbd7e98bce214f0b3091645f52e33f58dd80a508e1faecfb5d95b2ea89268948f37ef31b70af34758cdc0bac0c856dc8e4adeb8b6adbe3f8daf613c6bef199cb4ac5e5d34be83be4d0b80020a2056a375de7dab36b585063cf5a7f9f05e132d189cbcb19e43eb7022abbb31255fcab471b62734a42fe68bc9a0c1d04e2349cc930443161b961c0d11bae41250ca40cd5f4f6d51ea08fd6cfe0a98803aebcb228fffabd1800fca5854520cc439e171dd9e3daf73a89645b692c244f85de4d25e6f6ff10bbb0" + ] + ], + "public_share": "0a71d499dfdd5edb2324bb8d1599c2a2b42dd1c856c1ee4adaf92244df13861f06ca33f6f5aabdfd97f95f06b6d8db57848ce9e193a512f2a666cf5ab0d41107fca5854520cc439e171dd9e3daf73a89645b692c244f85de4d25e6f6ff10bbb0", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebf" + }, + { + "input_shares": [ + "d03f09f0c514d33d96004165e281cb97b4feaf2126a4ad1ba95cfad00de47850eb240dbdb6a904d50629cd1953f9e91597288d590721629f449c67d398d5577bff514eb830ecb8e6a83ad7eeaf3e91a1794090bff8c904b8962e3f30f6ca4bb31fcc4fee73b06c30b2d9b857e03aa2cf00fafd55f9094007f85f32f1b0aa077b848e53b346a52aff0bf7a2c3ab82d90422cb2127847b1fa5bd9a7bf14052625b93946f50882077eef71f5d435ad8bfa719286d1fd5e566d0887c55c25993706cee85d11d17d5263c0dcdf17d6452eef2c04edd737874b84366628091b0545f24d8a752dcdb8149cff503573515ea771053493bbfe7da63163e1429e7970be770bc831147a6bbf39d8dac3a78d9c13011c9455b37fa086d87ec77530452b698e6899b8ef1035765744721065634e2c0e194ec13c6dab2e816fb7bdc03a3e7b9500b7fd005de94e5341dcf84e50612c84e260b9890d6afb9ea08403a0b49fab55a60556dd5ac76efb4650e4af7f76be4b490e19aee08a3cb07aec9cbeacc882f78fb326554b75bf36fff83d9f81e780456de9a1f2e5abd536a30916e549534af37b42d521fcd8e541ab3b7f033d9b98316c7e3a708160848cf31512414b26377758c73b0879135ab058ade83b267cf6700785671cf321e724afae537c52693713caa56cadfdb38cee8be3617e0ba0abefbd5c73e0e539f555670d785c1305cc9d86055c1e9c65cdc3044ef51ef633ffa6d3ba9c17fbd4b569f998692f289aa11eb44781561f530dc107f9a7ed6cf0a08b647bea1a05aa12dbc6daf76e23c4055c8b94c914886bdebc8a872d5a33625fa1bfbf5085b1adf717cd2b115d5f5ab5df9ddffdf1f06243587541dd1fbb8c024f9019429e3549779345a75abb92e3041afdebda205e6ddf9ac6a16fa942aa521ab0a29ca336b1e329ac3d61c37341fcc99630d32aa9b7f5fe5d407d273364c2bfc1b1650880c891a521d7051f4e8104b675b35ef8fa7f4806fa20e3724c61a6e3aa53660968e5409ec2c5c4d04e289d961b65955fce300111c79409a970613d214c956b51c84f0b4d14a0e5ea0da4f1958eed5f2cbc38befbaae38e7b8c65a3afe753d61a35fd22bec827f3f3c8ddbd6996c72a6a99edae33456965216e677944e98ec973a8a8d777f46e4b562c8197678ec2beeb488d1af04b1a59a46ccd7cc30c771acbc1ab037080daf2f8bb38f968cda174443462665c8a4384aa48921639f26f42d2c8315eb48d9e251e01b6145ca06407154167863f3529a2d80bd1c19e171a55521b43ae00731364815319d5b67d8844cb356966f5ce22c9212b8387035a5535d17b9eeef0f2e07d008490855480f84e093e2d401eeb352ca7cd3918c7599ef8b024a2f008f18ab1f06e478eaf465acedb2990ac49694f230f61f214b8e539fab156430ed365e9c675e153e273e1878bfdbaa5d8c5a6f436acdde016b1e97777b7a76bcdc9cb85782b6d14e573be506546625441b64bac3ce6e5b9298402d91a6c46936bbff808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f", + "404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + ], + "measurement": [ + 19342, + 19615, + 3061 + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "d7835fe818420829", + "62d78070ed40b69b", + "a60c1e452dc8bee6" + ], + [ + "6cc790249ea560a9", + "a85a7c32846b4942", + "20ab32036de46d45" + ], + [ + "4c0010f34718972d", + "961a035d8d530022", + "3154afb76353d3d3" + ] + ], + "prep_messages": [ + "a0b343dfb730d06da5b676fff658ed1e297f811f9b5a30dfb4130cc66300c1ad" + ], + "prep_shares": [ + [ + "a135c66447c86a0ec853dcd561610c252aacdd0dacf140bd4d1360c4c7d4cbcb047c2a14698b31482fb287837f2fbfd3244e5e38f856b1fe7af2571e1cd9516626c5b8e7921208767d101f09126d25c9a5b09962274ff6ba6b17769143d6ce1a47d3a793e62b62625ed11e1e03fa4193a2ae7213c834ebaad7662e29e7b0a95e310bccf1ab15e9305050dbad29fc5ded5d22996823f0313ad9bcb218c13b8d8498f5fd95ad0aa3003a2e10e77f1a6460e2ac00b0bb1d729fdb582f352273480aeabaff2de9b5d0ea7ace2f50476c01cbda9e95325b61a260b750d2f81f5f465d0c1b7f89490816508f9b9e86b942b6b2cddad54cb6f234c1a29426b7a048e22577ae86d299733acd7a736d0a72c90f5ea7ad5bb1d2f4754b32a3cb83aae75c35e233d09189055bd9a07b13ef36abc502774dcebbb32fa2f275c80667a713f1a8a18a18a14b5d66f1d54e6e100594a8d37cc2b38449c2581ad9a5de0f216b6f16ba323b21ba27f0db7f7a054e2e4658b1ff2f66da79d4a0a75b569fe267f8f4ea13923f9abec19bfae97347ea03fc289245ba9ba2f8bac5f51f7fb43d67b2a9df", + "dae018451dddef4a11f10aa31116b07b2e1bbdad6b89edcaca021efe920e6b91c86142239102b59a355bd053b69e43c5d41e588c8947ee1ce90b67e4e5dfbe67e35af773fd5e85f2cfe832c8ceddcaeb244916abe9b29a275332ca98e131770fa462fbc38a2d0ea2b1cc04536f54adba9b5283759880b74ed454c673b0db3a454b542d0e95798e44bca69a234499cdff847820651e12b3940602231d2a0460322fabff0ad634287a096d16b385603ab0946f93c7a2c253b5c31901d81c5c30c6cb5fa030f8e8d045f078a50d4177ee64f3e676bf2d79a608dfbac5259020af81b9fbccc52eab11c3ba41153102ffdc836125ca5ec3010fd033fefb292f7dced0db1c04a18880192656a6c169ebdd3c8aee1413ddcd28e784e562e018918b3d0f41ececd93e40e0f1e6426bef664cd9052ad1c7811fe954fbfb81514ca0b2a2cb4d00f22628c27675d79bc25bfd722e30cab6d4f355f2bcd6c2973623c33296640cf1aec28ccdddc27dcdbfdb57fd09386b882908eaf63abe961078829a94b92106ca33f6f5aabdfd97f95f06b6d8db57848ce9e193a512f2a666cf5ab0d41107", + "86e920569a5aa5a6896964cdec18c243609976078ef8e18bc6e3edf98be36cd5f24134dfabed5771d7cae1ca53c2475720803dfe1991f770ec1cd669bdef215f9358a72d84aa336b3232f80725fdd89628844cc920c6a8226deabc935c9703837ab012e315fb350af7964afdae9d47ad2ff7938d375bcf6ab3b2862a58f061d585a00600be70888aefd1f370b6b2a0bd47df303d9f4cf2a70b2479afb44be9c040ff5e4e021cc345e3890cb69b92ded2dbde88105ed08f025b71dc66632063069ac3beaf1d05bcc5aa53df7c7f32e15be9b70d32537af0f36ff3ea54ed3dfbcc214f0b3091645f521bbc64b4cafabf58faecfb5d95b2ea89268948f37ef31b70af34758cdc0bac0c66fa15a4ab2e7116dbe3f8daf613c6be031725c7ef1bb1bfe83be4d0b80020a2354fd843aa5f44fb585063cf5a7f9f05d4a2ef44ed39fe043eb7022abbb312555e1bca5edddb5b07fe68bc9a0c1d04e284cf3b0d337c8a7f61c0d11bae41250c62e11aee0cc203ad8fd6cfe0a98803aebcb228fffabd1800fca5854520cc439e171dd9e3daf73a89645b692c244f85de4d25e6f6ff10bbb0" + ] + ], + "public_share": "13923f9abec19bfae97347ea03fc289245ba9ba2f8bac5f51f7fb43d67b2a9df06ca33f6f5aabdfd97f95f06b6d8db57848ce9e193a512f2a666cf5ab0d41107fca5854520cc439e171dd9e3daf73a89645b692c244f85de4d25e6f6ff10bbb0", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebf" + }, + { + "input_shares": [ + "d03f09f0c514d33d96004165e281cb97b3feaf2126a4ad1ba85cfad00de47850ec240dbdb6a904d50729cd1953f9e91598288d590721629f439c67d398d5577bfe514eb830ecb8e6a83ad7eeaf3e91a17a4090bff8c904b8962e3f30f6ca4bb320cc4fee73b06c30b3d9b857e03aa2cffff9fd55f9094007f85f32f1b0aa077b848e53b346a52aff0bf7a2c3ab82d90422cb2127847b1fa5bd9a7bf14052625b93946f50882077eef71f5d435ad8bfa71a286d1fd5e566d0877c55c25993706cee85d11d17d5263c0dcdf17d6452eef2bf4edd737874b84365628091b0545f24d8a752dcdb8149cff603573515ea771053493bbfe7da63163e1429e7970be770bb831147a6bbf39d8eac3a78d9c13011c9455b37fa086d87ec77530452b698e6889b8ef1035765744721065634e2c0e194ec13c6dab2e816fa7bdc03a3e7b9500b7fd005de94e5341ccf84e50612c84e270b9890d6afb9ea08403a0b49fab55a61556dd5ac76efb4650e4af7f76be4b491e19aee08a3cb07aec9cbeacc882f78fb326554b75bf36fff83d9f81e780456de9a1f2e5abd536a30916e549534af37b42d521fcd8e541ab3b7f033d9b98316c7e3a708160848cf31512414b26377758c73b0879135ab058ade83b267cf6700785671cf321e724afae537c52693713caa56cadfdb38cee8be3617e0ba0abefb348334d659afe334021ea2420b62c8c0ea6530d69d822852c0748d776b63a185a6af3792ca524e11b0318f43bf8e06c600a591385234ea857f9a7ed6cf0a08b6e802acd853919fdddb685a61623a56e02f3c225caf979fa72ced991b2f0153048fef92480ed8790aba061984c1c7681e21d36348a9202712541dd1fbb8c024f9019429e3549779345a75abb92e3041afdebda205e6ddf9ac6a16fa942aa521ab0a29ca336b1e329ac3d61c37341fcc99630d32aa9b7f5fe5d407d273364c2bfc1b1650880c891a521d7051f4e8104b675b35ef8fa7f4806fa20e3724c61a6e3aa53660968e5409ece5d7e1d7716fcc8b88aa48f67f461e531ccb64844d1ae0a5f7687b8702c116f719b5a6f2f1db63da30089da8a2db55a602b01ac2d9b39ccd753d61a35fd22becc903ab68fdf5e36f9b21b3af0195d6fdb40b88299e7086bd6adad1cf0bbd155a783d6d10b08d2bf6aaf943d8a98149195d2e673db97e6a61c771acbc1ab037080daf2f8bb38f968cda174443462665c8a4384aa48921639f26f42d2c8315eb48d9e251e01b6145ca06407154167863f3529a2d80bd1c19e171a55521b43ae00731364815319d5b67d8844cb356966f5ce22c9212b8387035a5535d17b9eeef0f2e07d00849085548ddf2236b04174ee4a1f484dd46b64de66a639bba31f0ca6b739d84ce65a79e9a8d323aaa0c4cc031998ac68c4bd057c5e7c4b8b0b45312f65e9c675e153e273e4a097c04891b406482a1af6c6adda9adc6036cc28efb11c05d651dee4f20a395bd80076fb2021fc9b52b39d82fe38b09996b992919139640808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f", + "404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + ], + "measurement": [ + 15986, + 24671, + 23910 + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "bb765fe818420829", + "22eb8070ed40b69b", + "175e1e452dc8bee6" + ], + [ + "6cc790249ea560a9", + "a85a7c32846b4942", + "20ab32036de46d45" + ], + [ + "4c0010f34718972d", + "961a035d8d530022", + "3154afb76353d3d3" + ] + ], + "prep_messages": [ + "bff96edd78505fa432a623ae285fda3b61642eb09f4e23973a35bbc3a2abf60f" + ], + "prep_shares": [ + [ + "a135c66447c86a0e208dc012008206ada339ea7a9c9ceb3fd057b171e31d73fa1acf2df2f28e3301d52d4413b8a6af4325e6f0e6f1e86e76ba3bac547f1918ad75eacfd2a0eb6487cd35619100f37d728d1f554bd38fef955455e4c333714421d098ee210f89e4264864b8bfb508a88a69f3291dedee526642689f736d483622310bccf1ab15e93080550167a4a7cceab2b5a690a4c2264ea5e6a14f738d2c85e92ae0e191dd43668b48d1d4535701129faaba9bc5b6abd593b8a224f16684b02e661d3cdedac89bfae5a7d8c1d20c2438ec4030003efa0f87c21f4d9afa1c162a7ee061821ea91cfd0ec3ced4ff7c6d40c3936e7ce2fbb76dbdec713e800fc777ae86d299733acd66e2344b342c8a3c6a7d0e2d878a41ef60b6e682b73e0290bfb256d27e1c843c62d60392a9311744d31086f48280e81c547534547286f1f179f213c570204abdd2b659c6d4162b87ec1687703388f81625e5fe5d1887de9b0cd85516adf9bb6b926251f885eb9957b909ab96993b9fb2634d5ce01b150b8183a0bc3f869526e1daba8bc33cfa38a091dde1296ccd76c58c0ea8d3fe0791ee", + "dae018451dddef4a0838a46e6940979c2e1bbdad6b89edca0440ef8892576b23c86142239102b59aaf2ce3fb1963583dd41e588c8947ee1ccd84fffed999970ae35af773fd5e85f2cdf68998399b89be244916abe9b29a27b8e532353572892ea462fbc38a2d0ea2295d7fff828a9cd19b5283759880b74ed454c673b0db3a454b542d0e95798e44124aabd4c16ec07c847820651e12b394acc5cb4224c57e512fabff0ad634287a3129abf4bbea6efb946f93c7a2c253b547d4640618542739cb5fa030f8e8d0458a7da4eec93060a0f3e676bf2d79a608e7aecd1722c092e7b9fbccc52eab11c318706b8ea9abc6c86125ca5ec3010fd033fefb292f7dced0db1c04a1888019267cc8a5a1ce8cf3d4ee1413ddcd28e78455f16604c12235cb41ececd93e40e0f1390a799ecddaf95b2ad1c7811fe954fbd50c1420631452454d00f22628c2767551ca3622551c003ecab6d4f355f2bcd679bbce798234788d0cf1aec28ccdddc2b39f354417d203706b882908eaf63abe961078829a94b92106ca33f6f5aabdfd97f95f06b6d8db57848ce9e193a512f2a666cf5ab0d41107", + "86e920569a5aa5a632a7b61ac13631b7609976078ef8e18b635628542ac607d1f24134dfabed577100283d3dc9f4d28720803dfe1991f770357f2dd503d298009358a72d84aa336b49f530d408cb42c528844cc920c6a822cb9e22982b778e747ab012e315fb350ad6dd16ce49d84f9a2ff7938d375bcf6ab3b2862a58f061d585a00600be70888a6bf74f4dca2c39ce47df303d9f4cf2a7a161db78f3a472bc40ff5e4e021cc34545baff11e9ba92dadbde88105ed08f02eec76b604f53fef29ac3beaf1d05bcc5549e88b4c2efe32be9b70d32537af0f3e4a47613df73ac29214f0b3091645f52afacec33be32aa33faecfb5d95b2ea89268948f37ef31b70af34758cdc0bac0ce9097018739b99a4dbe3f8daf613c6be38ad8e0e752e7e83e83be4d0b80020a2a04fa79866ee8b7c585063cf5a7f9f050ef956d55701b6df3eb7022abbb312556c179c37fd9fb7a8fe68bc9a0c1d04e22bc3b91bb147350861c0d11bae41250c7cb333b62e8ceaf48fd6cfe0a98803aebcb228fffabd1800fca5854520cc439e171dd9e3daf73a89645b692c244f85de4d25e6f6ff10bbb0" + ] + ], + "public_share": "83a0bc3f869526e1daba8bc33cfa38a091dde1296ccd76c58c0ea8d3fe0791ee06ca33f6f5aabdfd97f95f06b6d8db57848ce9e193a512f2a666cf5ab0d41107fca5854520cc439e171dd9e3daf73a89645b692c244f85de4d25e6f6ff10bbb0", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebf" + } + ], + "shares": 3, + "verify_key": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" +} diff --git a/src/vdaf/test_vec/13/Prio3SumVec_0.json b/src/vdaf/test_vec/13/Prio3SumVec_0.json new file mode 100644 index 000000000..b847122df --- /dev/null +++ b/src/vdaf/test_vec/13/Prio3SumVec_0.json @@ -0,0 +1,195 @@ +{ + "agg_param": "", + "agg_result": [ + 256, + 257, + 258, + 259, + 260, + 261, + 262, + 263, + 264, + 265 + ], + "agg_shares": [ + "de30a92af16bc2ab4da894e09426019d0d3cd9897a4e0ed38a1e7cde38fed1fd78b6df5176e37263f7cecb715966820a07045939da773b834c226dfa7c324916427edcf2eebf55d4a4fd9b3897e35851827dd8ebd784d3099d17d54de4c0a71a77842e8666086c4daac340201a50386b8435787649d598d01d2b4e0dae72c58eb2096da354a19135170a7adb3dcf2ba4312a75565a4e3a2e39bfdad5f9f9099f", + "23d056d50e943d5496576b1f6bd9fe62f5c4267685b1f12c59e18321c7012e028b4a20ae891c8d9cec30348ea6997df5fdfca6c62588c47c97dd920583cdb6e9c382230d1140aa2b3f0264c7681ca7ae84832714287b2cf646e82ab21b3f58e5907cd17999f793b2393cbfdfe5afc79484cb8789b62a672fc6d4b1f2518d3a7157f7925cab5e6ecaccf58524c230d45bd9d68aa9a5b1c5d1aa40252a0606f660" + ], + "bits": 8, + "chunk_length": 9, + "ctx": "736f6d65206170706c69636174696f6e", + "length": 10, + "prep": [ + { + "input_shares": [ + "25592c04bc72803500f284c48149d3ae04827becc1530c74619388f1bb3c344f752b1e4ed693306c0a1d1f90001355d3c8727fc06c49304726df59bba46a0b4be4f4582f29855bc8df63723589d3c218ef20bad7c095a97d43abf967f81bf1fa100c59dd138c132d8be8aadb1521aa11a91463adbed40dd4051fe39bac22d9d56374166a0d709d638ab7afe476ab9a0067f3eb19b9a0c5f4313370bb94fb302020f12fbf60e297d00d5c7831258b53d6669dfb8b9a62de9228a2812abb345910c32548120b3429ea2a7294a7dd40942ee3de3ad8a918d701a656573ec43f523c9ea8a6451d190a3686c45223dc902819fd69e67daf19d544e139228844adf3aeece03b4a6ce137bf87e921e282b1200d963687bee8150815450de7a6365ed10330a17ac17dbc32ca4c3dda00c1eda43c1b3a46cc6b48389511be8996f8f275a281a83cc701ff2581db833e467e543cec113074f9ce8815b80460c5e7a0169dbccbdf37e7044ebf18c87f756de3360803398c4c68512e966132fc5d1021b348e8b04a76bcce82b55271b076c76421bb524789a5cf6a9cc17e82539a7aa9ab417e47b241db44cb7dcefbbae6227cd1ad204a53f1c3863856db4dc682fb0827b755195db4bf44991563ef4c28e15fa4432a0b1075e2b091b05cf8f6a77fa93f292d9744d3fa5f2c1bf2a4056923d4519a673b79ade7db4bf1fa35b09a5ad33a5ab3c2854dede1ad8d7b26cfd1a03c0b0a70b036ad24dcaf6ebdb5d225ab14e6270836730ad27c36a009b66c08d8f768f86197f79b6f4659d18fda078e3fa4f34e9c2aa2833c9a4e9cd890b356d9da9eabf0feed22dd69703132f2e72d60ed1ea9b073e92a47cdec7eaceee61be29796a2ee333691651d9acc121ac5e4f12ececff86a0d567741f62d23d6c8bc59c510de1660e5ce64138e8b7a66760ff100d28f1689d01fa394df1056a8ee5e308b29b1775cefaded40616270c6fcad2487f57243bc51f532b26ea1548329b4b8b6e86cbcf8e14ff20657a03fabe78dc1ac4933163c7ed1724f2e112dc097d5718bdf84ba0114ccf90d7b1a4d9c89897d2a878da614bbccd6561e6e1fee8274a4215490f6d517f516cf9f57521d7f0154d0ff00124223dc7c8e30f68cc696f048c1b473c0f3b771e4da9ab08d11fafa5c6eed3a445e2faaa5825e1273036ffc23ceb2f9422fef32d0ab3fef2a010f10d03e7b105d0eaa74b0ccfe482012fc1ef3281bd50180087becf5b6d006cea2a7aafd263d0dbe915d11c68b9d49720706264ecf948b309ad241982e5f61aced1e9d7f9709cc43fc940836202004a067c24610dacc5b99ed77366f07e75aafd69ad67e3ced52c65897eee947d9b13347043764322ff2bb866efa8fc4e8ae9c192a20196a7da1ab90fdd1c9ba2caf31a969b0ec56bcc2bfce602568dac1c35bb288426e370724e402fcbdfc3bb9867ab5af81852b4d2df064ff3321fb98f57d0abbd0938cf82ebd916a0ccbad2eef8bb16f8ef5e0f715e9df13d4d71c2f4d9f9e1475bde2751d2cd47296be913250860771e28f9ef50c9554d751dc26dd408c5f8b155df7734c2f645cfa7d4471982c36d93f617bee89c95e5f559d3a7d22a7ff3e141e94c761d7908b0789780eb505d59d87e69beca4722a940a5e37dfb8963ed4109e02199abc3775db924cf005ade382bd6da1133bb2a4ce0ffd1aeec4c61bbeac5253a97c67d00f50e2d12b87b07f84ca0702ea13dd68fb5d112193dabbf5b35b4997ce413e53ebcc7c9afb2a6e98e99f3aea33c0ba293142926ef548505dfcd29d66b43e2aaa7fe93c27c1fe909f3851571a485ebbad9e8c158bb2b64f56ae1b48bb0cab150d407a1e769c08324904718ba20b174f65e8e285624612451b7de187a464bf693603e9280d0ae64e91212e94350e046b8fa4155ee8880e0352db01fac55b4e7cdbc2fb87f5bf938b03a9d44e51e4457ea6c50d244da2a0f2d5b1ca8e532813873cc4156598f104df7da1dcdc5e25e290145a0a022c91e88eaba277bcae82a44c8678bfefe760dd3c44d9dfa81666393d70d59eb243727b38f6592614008c679eba7e20a2bfb0eba90a5982f60fc45873bbf44828731ab80494af99d59badba8344948ffbc4f2cfdd4e79248415793748e126f3ffe0de1bb4d0c87aa3d0ec9bc9f85bddb69f6924dd362589a576ce1b53e37d8de7d64396594c3a5ba927cce1d7e6530d1d941683a4f0a55513439f68841bcc23b568a017ee1aa4dada33df061d8dca19df2e3047cfa13f7a9b9a9ea1e500b533e8362765af09de80b565e7cfa259cac403afc3c87ca9aa588f9b2abd9f97c936ecc18a995b111486f679249669e462b5f142808d2d8702ba43578c5fcc7777fcf58f1aa11cd36e7356448ea2392de9c3c3cac6d2f7b6ce6b3b449844f8001be366b30743e405f840e51803656f1a8f355fb28de8142b1ac65e429a22f981495dba52804768275f50a39453a69422304831853cf2c41b87048acc6c96d09ef6493296f68149756fbffcc0d2142ba12d106fc21073786a9afe0351361063882038c176e0d78099b3ba035b6b978c299279db0298ca1e1ef992d9fd28ca31631c8fc75791ad5d4439997f59c139e06eb8459295887603836a4db2fe75360a746fcc84375e5c773adae0f7f339c73689de9e9e12eaa294a55ef638881990d90e8803c1b58c77774753e269eb99c08484a2a7ec0a84eb7a37713c9ee50e45e4ee88bd076a49d206b9cb920361887ab0e904e1f7a05d5f08efcb0ab249cef54d6fdc7498882cb5cfcbd342903913a422b86daf7522a8138497993d52bdf14ef51972c494739b749288100f5534b46675b9f1836f962765ad1163220bbf88964bc225931899a6345fae8cf56a870227fc635a48f03b93ab4d00c07d11b3f3b9404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + ], + "measurement": [ + 0, + 1, + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9 + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "4a65380efb23968ec4e286f586b75534", + "05694883d3c404f1d8b47e9fbd549b54", + "7f3cf5c57cf6d0cbf34499d01d22d658", + "5a56c8bd487dbe2b10b67953d410c35c", + "6ed49efba4ea71f136ff336832a11d1b", + "da7e9d4e9d81460377b2f1194c408db3", + "81d664d7cc02246fe3eb6ab50870bd23", + "861128d26d9cdd9ab4636f043a26972f", + "415824e1c635db11a958d3f3699a0e8c", + "6cb8d11c1e1abe64b43f9e9ca8a8588a" + ], + [ + "b79ac7f104dc69711f1d790a7948aacb", + "fd96b77c2c3bfb0e0b4b816042ab64ab", + "84c30a3a83092f34f0ba662fe2dd29a7", + "aaa93742b78241d4d34986ac2bef3ca3", + "972b61045b158e0ead00cc97cd5ee2e4", + "2c8162b1627eb9fc6c4d0ee6b3bf724c", + "86299b2833fddb900014954af78f42dc", + "82eed72d926322652f9c90fbc5d968d0", + "c8a7db1e39ca24ee3aa72c0c9665f173", + "9e472ee3e1e5419b2fc061635757a775" + ] + ], + "prep_messages": [ + "51b574601d2f7035e0c8a968e34e81cf949327f932a8fde13451f29aa7f9a2ac" + ], + "prep_shares": [ + [ + "30851472f3bdc07a4959bdfad085ddda3281c00d82d49622b634b22d1eef6d60f1ad80968db3f79ad81b0118fc88244fdebcb8c5155c84c275b9198d451faed352503eab54be0e1edc54ef2bb64e9a14076c4d7b8c45b64b08f2aef8bf0d0f14fe2b765a5af438ad81287fa54dc69a6f9090d54ef8b8326c7bb1de86da0a136ce01be313a26b3bf6f806ae40d5b8a42fa7c37fbaa057b0be8dbfaf8deb60dfe8462e47f72e56307e875305f445761211a216f0254108c6a2cf9026513be0552b8b3c93295aba7032a4e586e03a9e3032612cc0a5253c96ea0f141eed61a7955867f8d0e793e8db4418a504d33aa7f0e73705ace21ea56a0ad9ec9441f9e2b349d13349f0a6fe33ef5dbbb2e6fedf3d4697233f6c10eb723fe20565fe5f8ff759aeeb86681f49ad0ffcdee9e3a9ec2a90b365eab313a08a9e9867b26ff583e7a33dc7f458d6780bfb6e59801b3098aa5a51d4d87a0a3526a965bb01215988ac57", + "d17aeb8d0c423f859aa642052f7a2225996887bbb8c5e974168e8d32e89774afcf60c3ce65047c215a8ecd78cad6516556cdbdf20bea9d316a1662c8a2374c0f766297cf9f7c1df20768eef0302af42e566a04c54032235e7aa81cf952829e1336a7bada320159a2e224bacef11ba00aee542fe815df02579733deb63f8d321203e4190b73e2738340da8b81d7b229f999c841a5d07cd16fe4d30824dd3ead1906a4aeb88f360ec3388d7bf7835c9b4a01e087c01140e705a48902ec50684b2a5c8c3d07dcff55afc8a2a278e0993b9399e63b3729a507b636d2b777b4d09a1e381331cffcf0259930e14973f1d4795b4222b39302830134199c166cd3d020a7486c4be8d29b37fabcf73229c95d3ee7ae211b08e5e02e1c34316d92e6fafdc5698629f9db0d7ef317efcfcc20bc1c61a25ac48e8b2090ad4b965d239f3fdd4352636c2e157a7bb1671ac81f34de5805a84147336c6c2c783ad3b2bdee3d3c75" + ] + ], + "public_share": "3dc7f458d6780bfb6e59801b3098aa5a51d4d87a0a3526a965bb01215988ac5752636c2e157a7bb1671ac81f34de5805a84147336c6c2c783ad3b2bdee3d3c75", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + }, + { + "input_shares": [ + "26592c04bc72803500f284c48149d3ae04827becc1530c74619388f1bb3c344f752b1e4ed693306c0a1d1f90001355d3c8727fc06c49304726df59bba46a0b4be4f4582f29855bc8df63723589d3c218ef20bad7c095a97d43abf967f81bf1fa100c59dd138c132d8be8aadb1521aa11a91463adbed40dd4051fe39bac22d9d56374166a0d709d638ab7afe476ab9a0067f3eb19b9a0c5f4313370bb94fb302020f12fbf60e297d00d5c7831258b53d6669dfb8b9a62de9228a2812abb345910c32548120b3429ea2a7294a7dd40942ee3de3ad8a918d701a656573ec43f523c9ea8a6451d190a3686c45223dc902819fd69e67daf19d544e139228844adf3aeede03b4a6ce137bf87e921e282b1200d953687bee8150815450de7a6365ed10330a17ac17dbc32ca4c3dda00c1eda43c1b3a46cc6b48389511be8996f8f275a281a83cc701ff2581db833e467e543cec113074f9ce8815b80460c5e7a0169dbccbdf37e7044ebf18c87f756de3360803398c4c68512e966132fc5d1021b348e8b04a76bcce82b55271b076c76421bb524689a5cf6a9cc17e82539a7aa9ab417e47b241db44cb7dcefbbae6227cd1ad204a53f1c3863856db4dc682fb0827b755195db4bf44991563ef4c28e15fa4432a0b1075e2b091b05cf8f6a77fa93f292d9744d3fa5f2c1bf2a4056923d4519a673b79ade7db4bf1fa35b09a5ad33a5ab3c3854dede1ad8d7b26cfd1a03c0b0a70b036ad24dcaf6ebdb5d225ab14e6270835730ad27c36a009b66c08d8f768f86197f79b6f4659d18fda078e3fa4f34e9c2aa2833c9a4e9cd890b356d9da9eabf0feed22dd69703132f2e72d60ed1ea9b073e92a47cdec7eaceee61be29796a2ee333691651d9acc121ac5e4f12ececff86a0d567741f62d23d6c8bc59c510de1660e5ce64138e8b7a66760ff100d28f1688d01fa394df1056a8ee5e308b29b1775cefaded40616270c6fcad2487f57243bc51f532b26ea1548329b4b8b6e86cbcf8e14ff20657a03fabe78dc1ac4933163c7ed1724f2e112dc097d5718bdf84ba0114ccf90d7b1a4d9c89897d2a878da615bbccd6561e6e1fee8274a4215490f6d417f516cf9f57521d7f0154d0ff00124123dc7c8e30f68cc696f048c1b473c0f3b771e4da9ab08d11fafa5c6eed3a445e2faaa5825e1273036ffc23ceb2f9422fef32d0ab3fef2a010f10d03e7b105d0eaa74b0ccfe482012fc1ef3281bd50180087becf5b6d006cea2a7aafd263d0dbe915d11c68b9d49720706264ecf948b2f9ad241982e5f61aced1e9d7f9709cc42fc940836202004a067c24610dacc5b99ed77366f07e75aafd69ad67e3ced52c65897eee947d9b13347043764322ff2bb866efa8fc4e8ae9c192a20196a7da1ab90fdd1c9ba2caf31a969b0ec56bcc2bfce602568dac1c35bb288426e370724e502fcbdfc3bb9867ab5af81852b4d2df064ff3321fb98f57d0abbd0938cf82ebd916a0ccbad2eef8bb16f8ef5e0f715e8df13d4d71c2f4d9f9e1475bde2751d2cd47296be913250860771e28f9ef50c9554d751dc26dd408c5f8b155df7734c2f645cfa7d4471982c36d93f617bee89c95e5f559d3a7d22a7ff3e141e94c761d7908b0789780eb505d59d87e69beca4722a940a5e37dfb8963ed4109e02199abc3775db924cf005ade382bd6da1133bb1a4ce0ffd1aeec4c61bbeac5253a97c67d00f50e2d12b87b07f84ca0702ea13dd68fb5d112193dabbf5b35b4997ce413e53ebcc7c9afb2a6e98e99f3aea33c0ba293142926ef548505dfcd29d66b43e2aaa7fe93c27c1fe909f3851571a485ebbad9e8c158bb2b64f56ae1b48bb0cab150d407a1e769c08324904718ba20b174f65e8e285624612451b7de187a464bf693603e9280d0ae64e91212e94350e046b8fa4155ee8880e0352db01fac55b4e7cdbc2fb87f5bf938b03a9d44e51e4457ea6c50d244da2a0f2d5b1ca8e532813873cc4156598f104df7da1dcdc5e25e290145a0a022c91e88eaba277bcae82a44c8678bfefe760dd3c44d9dfa81666393d70d59eb243727b38f6592614008c679eba7e20a2bfb0eba90a5982f60fc45873bbf44828731ab80494af99d59badba8344948ffbc4f2cfdd4e79248415793748e126f3ffe0de1bb4d0c87aa3d0ec9bc9f85bddb69f6924dd362589a576ce1b53e37d8de7d64396594c3a5ba927cce13265f695cfd229a96012061cdcc64f574e81b3a8f5ddd47e0a9a058683f30df0aa8e7157e53d2077c499b8b02b3720dce6ede68bbb5f5341f21df5e723bc855ab19fe500ab7bc1a6c7b80cba425a63f261eed6fbc959417e3c75ba835ee07ac93c11b6d677fe7a4d48f5380b31a9203484f36ed44deca03bc94255feb435398623b6d2be2eee3982d383780dd0f82376cac99cb53a48a5b4de0618f07a8aeffb552511020de0ec9c53e1214a44a655e01d24b0db83fe4384194c651184a1ebb8a36bd5b1b5a1c9c8b9890b018752c2b8a10cb0942b350fcec86de9247d5bfbb61566449886e9cedaad77f43ab9bffca363882038c176e0d78099b3ba035b6b9731abeff028c484a462fc98cc107a78db68fd340a87e25c4625c5d7edd6999250546d11088c869846f28af1162262f4fb08873d74b10e32805026c379899d9b3c2743c362f745ecc44996fc9485c9e05a17b87a3ee31dd69296e3ace40185438db1574f86664f892b60c93aebb0937a702c7391e5af0dc3375a49e507a56fdd96c6601be68c7deaaf2c2222691d9542c47ba65aa2c4f38e43d5cab393fac7260d3dadebe2c7f4485f29e191b96c593691d1770b46cbc7d737e1630a4e74271c5466704c1aeb799a8eb8a3de250e3933747b546c481ffa8de8c3b51290eaecd984129f43c0d814d54318f365415c442d26404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + ], + "measurement": [ + 1, + 1, + 1, + 1, + 1, + 1, + 1, + 1, + 1, + 1 + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "4b65380efb23968ec4e286f586b75534", + "05694883d3c404f1d8b47e9fbd549b54", + "7e3cf5c57cf6d0cbf34499d01d22d658", + "5856c8bd487dbe2b10b67953d410c35c", + "6bd49efba4ea71f136ff336832a11d1b", + "d67e9d4e9d81460377b2f1194c408db3", + "7cd664d7cc02246fe3eb6ab50870bd23", + "801128d26d9cdd9ab4636f043a26972f", + "3a5824e1c635db11a958d3f3699a0e8c", + "64b8d11c1e1abe64b43f9e9ca8a8588a" + ], + [ + "b79ac7f104dc69711f1d790a7948aacb", + "fd96b77c2c3bfb0e0b4b816042ab64ab", + "84c30a3a83092f34f0ba662fe2dd29a7", + "aaa93742b78241d4d34986ac2bef3ca3", + "972b61045b158e0ead00cc97cd5ee2e4", + "2c8162b1627eb9fc6c4d0ee6b3bf724c", + "86299b2833fddb900014954af78f42dc", + "82eed72d926322652f9c90fbc5d968d0", + "c8a7db1e39ca24ee3aa72c0c9665f173", + "9e472ee3e1e5419b2fc061635757a775" + ] + ], + "prep_messages": [ + "742127e29a1b5e1189d4cdfda9ac8009d685c5a8c7e47c69876c5e79b22b5da8" + ], + "prep_shares": [ + [ + "30851472f3bdc07a4959bdfad085dddaabaa1bd83533d5731c3c1950389bb43e4469a50551796869287af7eca4a9c95499634bbd72fec4b858b7a272d7330838fa40ea557ef27460d92849406d429bd9bf139934d4f4eb941558b8ca631551bdfe2b765a5af438ad81287fa54dc69a6f74facac550b1882eaa28db2fd30a4ad16f05c1e6391ac3dbd009688250a28c34b4e3be87d3e293d46255d30598d73f222052b3c7b74177996498a8e52797815076c8eddd5b9111f0702f376d5cfbe852bbc1f5ef4e2318e589b808b106be3db0f1f89c7ed14a03be33bea9d592fc30c7f9530ee022aaa402651919cbc369f50e9c310b7e884c60d8f44dd4eaecbc81144661a8416f0672dbfe851e902590381cadb8227d92bc01e7e62b4e1c2a8577432c7159d74f1bf520bdf934b0bf23dadbacbc8254d5a255c0818c3e1e7190137a20e05d4f8235480af044b72b301d44e65378b4ba410d36aa85f4fcfb9deb7c39", + "d17aeb8d0c423f859aa642052f7a2225b210c9a6fdc9936ae13a7ab41bc21732cf60c3ce65047c215a8ecd78cad65165834d2bcf9ae252af25e03314f993dc77766297cf9f7c1df20768eef0302af42ee2bcda8f9b88a97bb8793101a38b149c36a7bada320159a2e224bacef11ba00a6de383887d13260c5b1600de3fd6e6a603e4190b73e2738340da8b81d7b229f98a572393e4c02dbacfca54406ec565e906a4aeb88f360ec3388d7bf7835c9b4abcdf43643287a03d41d34ad6941173155c8c3d07dcff55afc8a2a278e0993b93e2eb193b501db62fc13ce2fe4e686c50381331cffcf0259930e14973f1d4795b93548b77b345e1e5e0e6ccd85c18be86486c4be8d29b37fabcf73229c95d3ee76258b7cb151e9e50638881b31539c2f5698629f9db0d7ef317efcfcc20bc1c61a25ac48e8b2090ad4b965d239f3fdd4352636c2e157a7bb1671ac81f34de5805a84147336c6c2c783ad3b2bdee3d3c75" + ] + ], + "public_share": "20e05d4f8235480af044b72b301d44e65378b4ba410d36aa85f4fcfb9deb7c3952636c2e157a7bb1671ac81f34de5805a84147336c6c2c783ad3b2bdee3d3c75", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + }, + { + "input_shares": [ + "26592c04bc72803500f284c48149d3ae05827becc1530c74619388f1bb3c344f762b1e4ed693306c0a1d1f90001355d3c9727fc06c49304726df59bba46a0b4be5f4582f29855bc8df63723589d3c218f020bad7c095a97d43abf967f81bf1fa110c59dd138c132d8be8aadb1521aa11aa1463adbed40dd4051fe39bac22d9d56374166a0d709d638ab7afe476ab9a0068f3eb19b9a0c5f4313370bb94fb302021f12fbf60e297d00d5c7831258b53d6679dfb8b9a62de9228a2812abb345910c42548120b3429ea2a7294a7dd40942ee4de3ad8a918d701a656573ec43f523c9fa8a6451d190a3686c45223dc902819fe69e67daf19d544e139228844adf3aeede03b4a6ce137bf87e921e282b1200d963687bee8150815450de7a6365ed10331a17ac17dbc32ca4c3dda00c1eda43c1c3a46cc6b48389511be8996f8f275a282a83cc701ff2581db833e467e543cec123074f9ce8815b80460c5e7a0169dbcccdf37e7044ebf18c87f756de33608033a8c4c68512e966132fc5d1021b348e8b04a76bcce82b55271b076c76421bb524789a5cf6a9cc17e82539a7aa9ab417e48b241db44cb7dcefbbae6227cd1ad204b53f1c3863856db4dc682fb0827b7551a5db4bf44991563ef4c28e15fa4432a0c1075e2b091b05cf8f6a77fa93f292d9844d3fa5f2c1bf2a4056923d4519a673c79ade7db4bf1fa35b09a5ad33a5ab3c3854dede1ad8d7b26cfd1a03c0b0a70b136ad24dcaf6ebdb5d225ab14e6270836730ad27c36a009b66c08d8f768f86198f79b6f4659d18fda078e3fa4f34e9c2ba2833c9a4e9cd890b356d9da9eabf0ffed22dd69703132f2e72d60ed1ea9b074e92a47cdec7eaceee61be29796a2ee343691651d9acc121ac5e4f12ececff86a0d567741f62d23d6c8bc59c510de1661e5ce64138e8b7a66760ff100d28f1689d01fa394df1056a8ee5e308b29b1775defaded40616270c6fcad2487f57243bd51f532b26ea1548329b4b8b6e86cbcf9e14ff20657a03fabe78dc1ac4933163d7ed1724f2e112dc097d5718bdf84ba0214ccf90d7b1a4d9c89897d2a878da615bbccd6561e6e1fee8274a4215490f6d517f516cf9f57521d7f0154d0ff00124223dc7c8e30f68cc696f048c1b473c0f4b771e4da9ab08d11fafa5c6eed3a445f2faaa5825e1273036ffc23ceb2f94230ef32d0ab3fef2a010f10d03e7b105d0faa74b0ccfe482012fc1ef3281bd50181087becf5b6d006cea2a7aafd263d0dbe915d11c68b9d49720706264ecf948b309ad241982e5f61aced1e9d7f9709cc43fc940836202004a067c24610dacc5b9aed77366f07e75aafd69ad67e3ced52c75897eee947d9b13347043764322ff2bc866efa8fc4e8ae9c192a20196a7da1ac90fdd1c9ba2caf31a969b0ec56bcc2c0ce602568dac1c35bb288426e370724e502fcbdfc3bb9867ab5af81852b4d2df164ff3321fb98f57d0abbd0938cf82ebe916a0ccbad2eef8bb16f8ef5e0f715e9df13d4d71c2f4d9f9e1475bde2751d2dd47296be913250860771e28f9ef50c9654d751dc26dd408c5f8b155df7734c30645cfa7d4471982c36d93f617bee89ca5e5f559d3a7d22a7ff3e141e94c761d7908b0789780eb505d59d87e69beca4732a940a5e37dfb8963ed4109e02199abd3775db924cf005ade382bd6da1133bb2a4ce0ffd1aeec4c61bbeac5253a97c68d00f50e2d12b87b07f84ca0702ea13de68fb5d112193dabbf5b35b4997ce413f53ebcc7c9afb2a6e98e99f3aea33c0bb293142926ef548505dfcd29d66b43e2aaa7fe93c27c1fe909f3851571a485ebbad9e8c158bb2b64f56ae1b48bb0cab150d407a1e769c08324904718ba20b174f65e8e285624612451b7de187a464bf693603e9280d0ae64e91212e94350e046b8fa4155ee8880e0352db01fac55b4e7cdbc2fb87f5bf938b03a9d44e51e4457ea6c50d244da2a0f2d5b1ca8e532813873cc4156598f104df7da1dcdc5e25e290145a0a022c91e88eaba277bcae82a44c8678bfefe760dd3c44d9dfa81666393d70d59eb243727b38f6592614008c679eba7e20a2bfb0eba90a5982f60fc45873bbf44828731ab80494af99d59badba8344948ffbc4f2cfdd4e79248415793748e126f3ffe0de1bb4d0c87aa3d0ec9bc9f85bddb69f6924dd362589a576ce1b53e37d8de7d64396594c3a5ba927cce11a00c3eccbdb49f940fdc81b40cecc32285f00a3875226d335ee52bfc0f970d48bb36863e6c44819b3df4e50c35867d9aa1e1dcb9f5ad91374adaa984b12c65b8e769d358d5cf3a5017414a185b5dbca117ff597dfb823f65f348d69bb532c82b25714d2a62616c14b6551689e80aa73e413c0f635c9e6828a4c8910b790ad5deb477e71de50ccb035e812430cb830e3e55eba2a16af62683394c15614a6f4d50f6dc319b0bd50bc25a59a96819fab494c35753b1b4bc7c23bb083102e4c802f27bdeddcc1c58275d0d6f105c2270f738fd8b4d95336f381f93e8908ba68bb532041d1e44f126859fe72ba496e0e4d0d63882038c176e0d78099b3ba035b6b974910239a2cbb64548211d6ccac72fbff8e1fe80ff56d0bf2f9708ab499932f6c73481afc8aff6fa403455b778a40adfe44560735cd13acadce960dc961475b3b4a6c0b2e1565bac50fdbf4ad426e688267275ca2cdbef31a7324dafea41192d43b11f18a3727eeb75c59228e43bcf030cc5240c3c7307df0983fb1f5a21469bffece6f33dd1a5881cabd8733e1d5355760113d2de98cd18f803d0a2d61ac2133826539cb2417e53f731d196d2f60e027a26646e6337b54f9beffeb4eca7c87dde21e34efde55e1e1a156f820d363e6b98d886703f7f8a93493e472acaddf19e807c4b6730fec3bc5c7f79f32a7f5dcbc404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + ], + "measurement": [ + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255, + 255 + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "4966380efb23968ec4e286f586b75534", + "036a4883d3c404f1d8b47e9fbd549b54", + "7c3df5c57cf6d0cbf34499d01d22d658", + "5657c8bd487dbe2b10b67953d410c35c", + "69d59efba4ea71f136ff336832a11d1b", + "d47f9d4e9d81460377b2f1194c408db3", + "7ad764d7cc02246fe3eb6ab50870bd23", + "7e1228d26d9cdd9ab4636f043a26972f", + "385924e1c635db11a958d3f3699a0e8c", + "62b9d11c1e1abe64b43f9e9ca8a8588a" + ], + [ + "b79ac7f104dc69711f1d790a7948aacb", + "fd96b77c2c3bfb0e0b4b816042ab64ab", + "84c30a3a83092f34f0ba662fe2dd29a7", + "aaa93742b78241d4d34986ac2bef3ca3", + "972b61045b158e0ead00cc97cd5ee2e4", + "2c8162b1627eb9fc6c4d0ee6b3bf724c", + "86299b2833fddb900014954af78f42dc", + "82eed72d926322652f9c90fbc5d968d0", + "c8a7db1e39ca24ee3aa72c0c9665f173", + "9e472ee3e1e5419b2fc061635757a775" + ] + ], + "prep_messages": [ + "b872bdbca9e832071e6ab0a90939e9210fc7d681bbc3346469b97e161022217c" + ], + "prep_shares": [ + [ + "30851472f3bdc07a4959bdfad085ddda9a06b806845b7af3bb01a3f0f24f7f6567b1f70d10208b81dbc03dc1e7a7fc80e127e9791b34e34069a02b62fdcf87e025478289e580d3375ce797bb49682c39588a3fd355bae1a0f46b434218ddba63879b1b9317c93082b53f394c3fdc35122c2bd265657a91b82246f8b57b277dbe0d98bbe550ea01989330fc001fd485df81100910daf35dfa6ba05a2d4b69e0c486a4349ed7c50471159f656d4473189cc15d444072002bd1bb07aa6ccb730ae729cf8d28718aafee660c1b5f09d029dda581d449b11aacb84c107811b30f929024e72f241ba21c2aeacf0eb22472d74cd7a8299552ebeaa02fad6623117d389097ddbe8e309b7e06403312eccee0798cffe073cbab5a9ee5f4f03acac562147f4eb9abdf0ec217398c407b8402220d08a0480f806f55ffb452ffd3ae495e41f41fcda512f21c14d0d6f7ee6f3411c34a788f8d9cbd8a7b3d6b44b4ff7b1ca0ef", + "d17aeb8d0c423f859aa642052f7a2225ca5b009cd7de275c61ecee672a873134cf60c3ce65047c215a8ecd78cad6516527941d2e7706ff22a0b5b6d4e319f969766297cf9f7c1df20768eef0302af42e8256f7782ac0d2abac96e11bc359a63236a7bada320159a2e224bacef11ba00aec1d4c7d8888d1018be9b0e043105ac403e4190b73e2738340da8b81d7b229f9b78d088b9e29d2b0267727444ba7377506a4aeb88f360ec3388d7bf7835c9b4afd18c571cf85d75d10333bc86fdb830e5c8c3d07dcff55afc8a2a278e0993b93357bbac1ce5c784e5f6f92ed22fd55e8381331cffcf0259930e14973f1d4795bb2bc7c75a022a242bdba746734a2ebb9486c4be8d29b37fabcf73229c95d3ee7b7b485f702b007e23fe6ecbe295ffd86698629f9db0d7ef317efcfcc20bc1c61a25ac48e8b2090ad4b965d239f3fdd4352636c2e157a7bb1671ac81f34de5805a84147336c6c2c783ad3b2bdee3d3c75" + ] + ], + "public_share": "1fcda512f21c14d0d6f7ee6f3411c34a788f8d9cbd8a7b3d6b44b4ff7b1ca0ef52636c2e157a7bb1671ac81f34de5805a84147336c6c2c783ad3b2bdee3d3c75", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + } + ], + "shares": 2, + "verify_key": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" +} diff --git a/src/vdaf/test_vec/13/Prio3SumVec_1.json b/src/vdaf/test_vec/13/Prio3SumVec_1.json new file mode 100644 index 000000000..865c26580 --- /dev/null +++ b/src/vdaf/test_vec/13/Prio3SumVec_1.json @@ -0,0 +1,147 @@ +{ + "agg_param": "", + "agg_result": [ + 45328, + 76286, + 26980 + ], + "agg_shares": [ + "1804634db47edf168657b3954adfe41316ac15c1a9746b5e78002e5e9c25b59c790ca00130c66787bd77eb5cfff9cc42", + "21c51bfc8419ef45fbb04ca38ca00091a1461d555042156101e21121ac1c4bacdd05a734256825585d624cf21a38e606", + "d8e781b6c66731a362f7ffc628801a5b4937cee905497f404e1dc080b7bdffb60f57b9c9aad17220c925c8b0e5cd4cb6" + ], + "bits": 16, + "chunk_length": 7, + "ctx": "736f6d65206170706c69636174696f6e", + "length": 3, + "prep": [ + { + "input_shares": [ + "85d237df3416b710eaf3a8de047980d218fc28c39f5fbdc7aee7b838034e2ea98dba20fb535040a21d805c78b8322906c8466acbbcd3a641dd4fec7fab05a795dacdef8c4cb6e6d1bf77b2a2559ad3e926540dfd13e8879173995a3b17c6a6622ee49768084ab70a6e423614bee0b6780036300b36517532168778de9ba321669ca5f321fcf73afbdc9c6255ef66d37d1ce1c390dff9607aabca6a32253aa447de9cfe68ca30827938402d0394cd892bef1e4dce1bdc57534069593d91430c2c85936d12debb90b07f1d32bcc28d8567b53ea47fd94ec9b90cfde39cada3ebba6f0d309e8aee29b9634b596880de0a02e8f44feab8f1144bfb3ce4e9002d1e2611e1ca567c63786f2c062f3540a0050a17f3459e79ab568caf1a5b1c52d29220352eeecc342967ef412a96894c8dd0ea8819c00bedcc2219b5b95e21e67e5aa0edf98064dab57378adeec40ebe5982234825b2f5908a4a7efc07ef57f1187f5e64ae268bfa646ecd80b6df6fac333cc00f42d8348600bb607321323d7124b7a2fa0bacbf03f6cc690f4cf3be68868e97076828c70b0a9ab0d5e3599aa879957d3cbd7e6a59e677b3a4da26762aeeeb4c153f9241696613516f5d482f2d4246dd3944219e92bb6ba6d949af52205d6c7d9b567cf84d1fe21b3f19ebc1914904134e69146421b186095e05d395b64bbecf9bf21fee1a693853cccc0470e54001fd61fa4a5ad4be1b4f19b64e21111480b44538cbe6c5bce974ec414b8df52c839034f2fbff2ed7d67718d30778989eaf5b1c8fb01416cec455ed2c6416177e584ee49dd204f3778d1ef9ab9470c30e647eecbf80ab482bbf1ca41f6c4b00d62768ece36f6fb8a8ce3aa5e8f9207bec4e86db5cb574a5ad703c679969032234468443414ffe96ca893f500eedda1fb53ad4716099b995e120e7dc403f80ff4d814d90dcd1303a74b17aba4cc44c095d8c6b456b0a2ac415109f50290159a9a921816e85d9247a41f37f4afdaa4228312229285108a505a3981051f69430896bc9c760345d6602926413d003ad380e568f3fd365382c314b3076d34a9458cce0183ed096ab0f8259502653ba7eb6be635cf02306340bb5c0d658db16ebac3afad4d415f0fd316a153fcce9b964ac4d870a7160989de29100e87fafba45028201fe8fb1290b3de20651f31ed9dcb835d1089489f3369181a57c34c979a40d13c46c4969bd4b798e004453664618d913a7c34894ba39657863680ea27a3538cae4403847043556c67a98eadfbadc8baab039f00d7b760f8a884faee09fdd838680892ab9760212182dc94aa845c4283a3216d7b8faea7a3457ca7d25d5d9040ac222bc99731d3c8060a2d375e308d66669ac94ae5dea63d994b2a1066a22b8ed121f1d2826506cd8021805e0b8d9b0fd336f736c95f3c09ca69acf80cbc3902c82deb1aad46069966473963266d6bd940b111f6e32519adaf794df9b12ad363ce1e6fc3ff5adf4fafaa3ff9ede2fe8ef168fb4da702baf8ebddaf3fee4bc268256fca2dada5cb790e2b90c9149ebf1cdb799d83c2b7f36bd78e5604a4357f94d613ecade628f07d234d01c5fc1d6a2f92a97a90221012a0c778ddfba30030d577ab6a3cc314b60c8f1dae1010f7e1bf5c8733dffcadb3e3188dc67527433da7638d0151a9e55a7d33f676ebda360cc9910beee90adae1cd3a3f473e696a95b8dfa41a1af4dbbdbc36e3830ec21a81451030e35808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f", + "404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + ], + "measurement": [ + 10000, + 32000, + 9 + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "1398cb193c2af55c231d91dc18f5f65b", + "b3fdb195387cce74c9aa641f34b79189", + "bb8b8a001042cdd7357d4e74aaa8996b" + ], + [ + "0b975ea98108a56cfe3ac48bd98a5530", + "e16cb471c5c0b17598a0b0b58e0919e4", + "4a57e2660c780cc8157619a6b312a257" + ], + [ + "f3f7d53c42cd6536c2a7aa970d80b373", + "6e129af801c37f1566b4ea2a3d3f5592", + "051d9398e3452660980c98e5a144c43c" + ] + ], + "prep_messages": [ + "5f149db2819d9d191f3cd67607cd4caef93159eccca7b4d6e361c7600788f808" + ], + "prep_shares": [ + [ + "51ffd96b532bbf0a52b2f58afc18ea46b1bcc466517198a06a5bb42070cf1d65b68dc64cd0b7bdff12d1453c0054ec535bbd88534d772a2adf54b1591a86bef0e111287229a4312f5cab84dbc74d9eb98226ef05a212f9e1ea5e51000f58ce01ff9441e04969bfe462477158c315340247f6ab86ec35cbca52ae725052a638f93a92bffa1fb71b5df9e430cae0faaaf98a2680a08468768a63abd64a833cd957663b0692b883cf48b4842d80726ad72071fd0bb8ed32ee320abaabed6a432cb6e8844ccf827cc82d67ceaba64c90747004682cb73f9257471f56eb7cd3ad350c3d4644f2575d9b9990869c8bc6d2d4b5afcdedcb1020ce9c886fb1c9db93294cb242c3cfaa7fc6323782d2222eed6660ef11346f78130b02403982d787950aea", + "aab8956a8796a121e384dd5b9dc2e196871d3ab10076502513f46fd7a72f373d141a07a44f86f00b2cda02dd817a2f85a87766501ac368bc9f29a862143b7c1c5a3e85c1d31a279ed84cdc4d85c2d8f59005187b9df36e720282b51a0460def5198aa0dfed40b6a0773b3ce324359ebf7ae08d19b50ed5a58c41503e6a3443c20e2c33641f01626049d3db97f76f821391f766c07cbd2c46ce5c81024ce0f77aae872b1c5d6d756b9c775ac1323c62b123c770aca3a88e68953eed6d4fd76e70c2ee08eefab0858accb535da8cf86797537149a9c2e3e896542a47b359450b59e4c0a111242a58794b041e62036641582ad14b4e015b35082a9189535becf26364431e50f84337393bc357c54663ecd37a782e41bc39fc532d5e10c817752c33", + "06489029253e9fd3aec82c1966243422e4f448da422e967346db1ad2b1e3f68330ba45d7f57de164b3aa9ece4b77a8902e0f799d8d206f26f5f6e7dddfd20394f7a49102dd52135c07ef99e633b2848fb893bbaaaf0fe6a07608847875034e20795b72dfef7b53cb39a6208babe70df25ceb088e02abebc02c3a22a62e0f3e540831d61e841d524e544f908c340bd58e3ee4dd62b4d09aaf04df00ab5bd68ac2e644b746b9f82276c8f72826491ab372e7adce3e529bdccae0b827d13e4b6caac61a73afaf94c56913006bc1df239fd541b66337484cd54ede29ecb2d95bd253afc72b98fe4b97278f0eae2ba038a2d60064cd25924c14665cc237834039da18c5d05045a2b15b194640d6871bb714f4693ee2ee8d0e5861ec969310aa2bcc77" + ] + ], + "public_share": "b242c3cfaa7fc6323782d2222eed6660ef11346f78130b02403982d787950aea64431e50f84337393bc357c54663ecd37a782e41bc39fc532d5e10c817752c33c5d05045a2b15b194640d6871bb714f4693ee2ee8d0e5861ec969310aa2bcc77", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebf" + }, + { + "input_shares": [ + "85d237df3416b710eaf3a8de047980d219fc28c39f5fbdc7aee7b838034e2ea98eba20fb535040a21d805c78b8322906c9466acbbcd3a641dd4fec7fab05a795d9cdef8c4cb6e6d1bf77b2a2559ad3e926540dfd13e8879173995a3b17c6a6622ee49768084ab70a6e423614bee0b6780136300b36517532168778de9ba321669ca5f321fcf73afbdc9c6255ef66d37d1ce1c390dff9607aabca6a32253aa447dd9cfe68ca30827938402d0394cd892bf01e4dce1bdc57534069593d91430c2c85936d12debb90b07f1d32bcc28d8567b43ea47fd94ec9b90cfde39cada3ebba700d309e8aee29b9634b596880de0a02e8f44feab8f1144bfb3ce4e9002d1e2612e1ca567c63786f2c062f3540a0050a18f3459e79ab568caf1a5b1c52d29220362eeecc342967ef412a96894c8dd0ea8919c00bedcc2219b5b95e21e67e5aa0eef98064dab57378adeec40ebe5982234825b2f5908a4a7efc07ef57f1187f5e64ae268bfa646ecd80b6df6fac333cc01042d8348600bb607321323d7124b7a2f90bacbf03f6cc690f4cf3be68868e97076828c70b0a9ab0d5e3599aa879957d3cbd7e6a59e677b3a4da26762aeeeb4c153f9241696613516f5d482f2d4246dd3844219e92bb6ba6d949af52205d6c7d9a567cf84d1fe21b3f19ebc1914904134e69146421b186095e05d395b64bbecf9bf21fee1a693853cccc0470e54001fd61fa4a5ad4be1b4f19b64e21111480b44538cbe6c5bce974ec414b8df52c839035f2fbff2ed7d67718d30778989eaf5b1b8fb01416cec455ed2c6416177e584ee59dd204f3778d1ef9ab9470c30e647eedbf80ab482bbf1ca41f6c4b00d62768ede36f6fb8a8ce3aa5e8f9207bec4e86dc5cb574a5ad703c679969032234468444414ffe96ca893f500eedda1fb53ad4726099b995e120e7dc403f80ff4d814d90dcd1303a74b17aba4cc44c095d8c6b466b0a2ac415109f50290159a9a921816e85d9247a41f37f4afdaa4228312229285108a505a3981051f69430896bc9c760345d6602926413d003ad380e568f3fd365382c314b3076d34a9458cce0183ed096ab0f8259502653ba7eb6be635cf02306340bb5c0d658db16ebac3afad4d415f0fd316a153fcce9b964ac4d870a7160989de29100e87fafba45028201fe8fb1290b3de20651f31ed9dcb835d1089489f3369181a57c34c979a40d13c46c4969bd4b798e004453664618d913a7c34894ba39657863680ea27a3538cae4403847043556c67a98eadfbadc8baab039f00d7b760f8a884faee09fdd838680892ab9760212182dc94aa845c4283a3216d7b8faea7a3457ca7d25d5d9040ac222bc99731d3c8060a2d375e308d66669ac94ae5dea63d994b2a1066a22b8ed121f1dd3ae400cae0e1383886d41136d0e6071a071c5be582ad8dfc9d9102e3e1e53341bf0ca7e57c66ba20b621ff971210cee0f1349f273c8d9ba27a3d86e00f5371c61a66b6f7871d1f68b74a51e3268af1530080d8c95a17b8b2175af159619bf5389a18c7f2cf48b2496e527b5f83ea4123c2b7f36bd78e5604a4357f94d613eca33da9e67fc28d59eb60c6f408a50a6abcd442f2c50f34fcf8d22b66f45de41215c16e14a0790e2d50c1335e017b3786e5eeae3e697b7978cc6e307a2b2247ff6f7ec972c56c93977ec0deb9557bf9d8d3a16cd3fccbf53dcc306b76c79377ff000878b13285d6618e7856b51267c03fb808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f", + "404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + ], + "measurement": [ + 19342, + 19615, + 3061 + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "91bccb193c2af55c231d91dc18f5f65b", + "52cdb195387cce74c9aa641f34b79189", + "a7978a001042cdd7357d4e74aaa8996b" + ], + [ + "0b975ea98108a56cfe3ac48bd98a5530", + "e16cb471c5c0b17598a0b0b58e0919e4", + "4a57e2660c780cc8157619a6b312a257" + ], + [ + "f3f7d53c42cd6536c2a7aa970d80b373", + "6e129af801c37f1566b4ea2a3d3f5592", + "051d9398e3452660980c98e5a144c43c" + ] + ], + "prep_messages": [ + "41e9ead9a8d4e83123f351ac162baee8858e3fbcee01e3e8e13395366342b087" + ], + "prep_shares": [ + [ + "51ffd96b532bbf0a52b2f58afc18ea46a7db6073a8e4f3f865b395dc0cd1d058a4234ca38722c594b0703d09cb9459f5a22eb285bbd2b0ee4f5e3bdf2d4ae2d2512f455169be0941be0732caab35d6da9f2c9776928454e1d3fc0cd81a24eb5863d164f547fa99f707b07d7c8026e94a1377e42283ab96c6f87b1381744d9ef9ade7d4310a98df24bb1872685ecf4bbc882679a0c0362cf08d39087cb2d04e5648bdd61c75604deb6a46c7603c8f438058da54fbb71d7d7aeca16630d4fd8e4c8c8a19a2654e04e85c86318413bcad9f27214639b1ce14d2aa5a8c6b46e81a54bef63b9d274521fc0e140a4dd8c9fc3d392397dabc861a9f444bcdffe48ac0e57bbadfa788aa88120a30d451bacc73bd95c77e9064fb21ec1a6283cd6241849c", + "aab8956a8796a121e384dd5b9dc2e196802208434ffa07ff6587ccc3c1fe8b58141a07a44f86f00b2cda02dd817a2f85ae6d940e21f1c96da205eccbab7602ab5a3e85c1d31a279ed84cdc4d85c2d8f52563bd07c9e0b151b4fdcc2cd5a3d70a198aa0dfed40b6a0773b3ce324359ebf1d76b0e274e051994c1a2e52e7815c4f0e2c33641f01626049d3db97f76f8213adb74cb2a3df578f6167df6e23ec6a3eae872b1c5d6d756b9c775ac1323c62b18f008a01fecf62323f15646a128a03e1c2ee08eefab0858accb535da8cf86797c44358b7cded05599af684c58a71f9a7e4c0a111242a58794b041e62036641582ad14b4e015b35082a9189535becf26364431e50f84337393bc357c54663ecd37a782e41bc39fc532d5e10c817752c33", + "06489029253e9fd3aec82c19662434225c32244c91840c8e5c34b2c8b4a4fdda30ba45d7f57de164b3aa9ece4b77a89098e5c001b43ee1a8859f1209a558442af7a49102dd52135c07ef99e633b2848ff4fa08143e1db73c9f4e3b20dd54d500795b72dfef7b53cb39a6208babe70df241530c60fe60d633c1550d3d3abb9bb30831d61e841d524e544f908c340bd58e30de8e27e9159683932fecc6b204b185e644b746b9f82276c8f72826491ab3720d708a06b466290917f1380aee393ac0c61a73afaf94c56913006bc1df239fd5b8fdcfecff6c7df4dbefb49a8b7c77a5afc72b98fe4b97278f0eae2ba038a2d60064cd25924c14665cc237834039da18c5d05045a2b15b194640d6871bb714f4693ee2ee8d0e5861ec969310aa2bcc77" + ] + ], + "public_share": "7bbadfa788aa88120a30d451bacc73bd95c77e9064fb21ec1a6283cd6241849c64431e50f84337393bc357c54663ecd37a782e41bc39fc532d5e10c817752c33c5d05045a2b15b194640d6871bb714f4693ee2ee8d0e5861ec969310aa2bcc77", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebf" + }, + { + "input_shares": [ + "85d237df3416b710eaf3a8de047980d219fc28c39f5fbdc7aee7b838034e2ea98dba20fb535040a21d805c78b8322906c8466acbbcd3a641dd4fec7fab05a795dacdef8c4cb6e6d1bf77b2a2559ad3e927540dfd13e8879173995a3b17c6a6622fe49768084ab70a6e423614bee0b6780036300b36517532168778de9ba321669ba5f321fcf73afbdc9c6255ef66d37d1ce1c390dff9607aabca6a32253aa447de9cfe68ca30827938402d0394cd892bf01e4dce1bdc57534069593d91430c2c86936d12debb90b07f1d32bcc28d8567b53ea47fd94ec9b90cfde39cada3ebba6f0d309e8aee29b9634b596880de0a02e8f44feab8f1144bfb3ce4e9002d1e2612e1ca567c63786f2c062f3540a0050a18f3459e79ab568caf1a5b1c52d29220362eeecc342967ef412a96894c8dd0ea8919c00bedcc2219b5b95e21e67e5aa0eef98064dab57378adeec40ebe5982234825b2f5908a4a7efc07ef57f1187f5e65ae268bfa646ecd80b6df6fac333cc00f42d8348600bb607321323d7124b7a2f90bacbf03f6cc690f4cf3be68868e97076828c70b0a9ab0d5e3599aa879957d3bbd7e6a59e677b3a4da26762aeeeb4c143f9241696613516f5d482f2d4246dd3844219e92bb6ba6d949af52205d6c7d9b567cf84d1fe21b3f19ebc1914904134e69146421b186095e05d395b64bbecf9bf21fee1a693853cccc0470e54001fd60fa4a5ad4be1b4f19b64e21111480b44638cbe6c5bce974ec414b8df52c839035f2fbff2ed7d67718d30778989eaf5b1b8fb01416cec455ed2c6416177e584ee49dd204f3778d1ef9ab9470c30e647eedbf80ab482bbf1ca41f6c4b00d62768ede36f6fb8a8ce3aa5e8f9207bec4e86db5cb574a5ad703c679969032234468444414ffe96ca893f500eedda1fb53ad4716099b995e120e7dc403f80ff4d814d91dcd1303a74b17aba4cc44c095d8c6b466b0a2ac415109f50290159a9a921816f85d9247a41f37f4afdaa4228312229285108a505a3981051f69430896bc9c761345d6602926413d003ad380e568f3fd365382c314b3076d34a9458cce0183ed096ab0f8259502653ba7eb6be635cf02306340bb5c0d658db16ebac3afad4d415f0fd316a153fcce9b964ac4d870a7160989de29100e87fafba45028201fe8fb1290b3de20651f31ed9dcb835d1089489f3369181a57c34c979a40d13c46c4969bd4b798e004453664618d913a7c34894ba39657863680ea27a3538cae4403847043556c67a98eadfbadc8baab039f00d7b760f8a884faee09fdd838680892ab9760212182dc94aa845c4283a3216d7b8faea7a3457ca7d25d5d9040ac222bc99731d3c8060a2d375e308d66669ac94ae5dea63d994b2a1066a22b8ed121f1d3d88e532ff5ad471ce5611e1cef203e86db1315be762648ecb578a09df60921c2192a42ba72f618d3ff11ec21dfb5400b6a1797b6878b0f676e414da6d5daeb53abb0efb3e9ee48da608dcc3a87b27cb86fd833c034ade3db7cdb647b2b3d32996abb215aa7ca129b68c82477c96aa6c3c2b7f36bd78e5604a4357f94d613ecac900fa40abdc13b070239f72286c02350005c38fc1bac3208ca43c94a49b02395574079eb726edeaf48335176cd92f5cb75bb35da307c15077a2cb3645bc085d1fd8f4a08f9c26e0b579b4f0e0ab25d8e320568f5e17f1294aaeaf3a5d9d6a1af37c657daad45013c7de10bfa224fda0808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f", + "404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" + ], + "measurement": [ + 15986, + 24671, + 23910 + ], + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "75afcb193c2af55c231d91dc18f5f65b", + "12e1b195387cce74c9aa641f34b79189", + "18e98a001042cdd7357d4e74aaa8996b" + ], + [ + "0b975ea98108a56cfe3ac48bd98a5530", + "e16cb471c5c0b17598a0b0b58e0919e4", + "4a57e2660c780cc8157619a6b312a257" + ], + [ + "f3f7d53c42cd6536c2a7aa970d80b373", + "6e129af801c37f1566b4ea2a3d3f5592", + "051d9398e3452660980c98e5a144c43c" + ] + ], + "prep_messages": [ + "9cccd419e212147f7e2caed91fbf740e30f2c0b9f644a87d0fc821fbd4d1aa5e" + ], + "prep_shares": [ + [ + "51ffd96b532bbf0a52b2f58afc18ea46e5ce4000200771e413f4cb24396df1a980e32429d5a7424669b4f6f382953063689d00cfef825fdb7baaf88dc5cb203fb5ab15bbd59114354436f75364cfbbd5ff35161ad479308b2ff312c74571caadc27c4bd0934dea828e194d75e35d58411e7a622a90facb38774ac5379205a898eb63d8e9e3a2210d7c22866b61c87eec8cf85dd11a18dfc671bccd58013f06ecdf15d75776293b80fd5fce226f579e6c3bab427d7bfd99e140be2fa1b2e244545a027d22dc1ed7418d9713512eafe0b3d73ab915ae58a08fea6ec80335cc6b1437e2c0dc3bf389b85fee46921ce28851a4fdb3535e345d369838f07ebcf08cdc8f4a5eed4b1e0e0ebaab6a40b65d4241a95c71dfb8f60fcb6bd19f45194478af", + "aab8956a8796a121e384dd5b9dc2e1960ce03fd2e16533a01365b236961d2415141a07a44f86f00b2cda02dd817a2f8537c237958110c96d2102807b0548e9ff5a3e85c1d31a279ed84cdc4d85c2d8f56fd7e1a0188accc8a4776d94782f2431198aa0dfed40b6a0773b3ce324359ebfd5816fc12f785be11f10952ae7129e680e2c33641f01626049d3db97f76f821397efa1f9703b923a4abd8a57ded162ffae872b1c5d6d756b9c775ac1323c62b167c309d1516223a712dfecf56eaef3d5c2ee08eefab0858accb535da8cf867971796f7cbf8bb8b6a03cde19192a18518e4c0a111242a58794b041e62036641582ad14b4e015b35082a9189535becf26364431e50f84337393bc357c54663ecd37a782e41bc39fc532d5e10c817752c33", + "06489029253e9fd3aec82c196624342279049ceb3f21fd8c7d73c37d120de61530ba45d7f57de164b3aa9ece4b77a8904082bda778407df26d1241d8e5cf2e9cf7a49102dd52135c07ef99e633b2848f81d3bbb9d291e6ea6a7652efb15f189d795b72dfef7b53cb39a6208babe70df2a6dd97f9a9c0cb4a5db69df5229872ac0831d61e841d524e544f908c340bd58e500a50c4a2217580795f4d353dee2d34e644b746b9f82276c8f72826491ab372301ad37817bed53aa717e639f8418b63c61a73afaf94c56913006bc1df239fd5d944e2c21c01e3278b1699df9c4290bdafc72b98fe4b97278f0eae2ba038a2d60064cd25924c14665cc237834039da18c5d05045a2b15b194640d6871bb714f4693ee2ee8d0e5861ec969310aa2bcc77" + ] + ], + "public_share": "8f4a5eed4b1e0e0ebaab6a40b65d4241a95c71dfb8f60fcb6bd19f45194478af64431e50f84337393bc357c54663ecd37a782e41bc39fc532d5e10c817752c33c5d05045a2b15b194640d6871bb714f4693ee2ee8d0e5861ec969310aa2bcc77", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebf" + } + ], + "shares": 3, + "verify_key": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" +} diff --git a/src/vdaf/test_vec/13/Prio3Sum_0.json b/src/vdaf/test_vec/13/Prio3Sum_0.json new file mode 100644 index 000000000..dea8ec7c0 --- /dev/null +++ b/src/vdaf/test_vec/13/Prio3Sum_0.json @@ -0,0 +1,41 @@ +{ + "agg_param": "", + "agg_result": 100, + "agg_shares": [ + "21d79fba22fcea2e", + "44296045dc0315d1" + ], + "ctx": "736f6d65206170706c69636174696f6e", + "max_measurement": 255, + "prep": [ + { + "input_shares": [ + "43126178225dca30c56c892f4cef3ca6f627cae360f77d4b2994ee7fbe779a5892f97897b3c5ff28eb1156127a87cb71feca3aa67f3f66472914077ef4bb37488245444045a2293f2c51f6d5d497646aa2ab3bdc62c1db973fabd7f72169d6d5dbe73437837c1c0662bb24addf7e07e6ae56db956b47ccc755b7c35912f67fb1b50659e637f1034ee3214ff4916ea9d1298a119d0e44c922bd17cc333224c31e67dc3282b61b9aab42ca71062aea44000cf3d13d667e8223477604725e654230e2a7fe703f610869e9f65d5a00203af41da5120d8850de22994a3f5de88910257bf11730c7721c63d712f309ff1a16961a6870876f89b7aece0a7aae9726c957a3bbde29775ad0e4159e2cdfaa741f3f8562468e879f0f4e50829d16ade458e32e321f2b7ab80348c4fcd23a2aeb3921b4b6c297d0e0e10ba6ac3839d9be19018012dfcce38bfb12d0caefc81b0bf2901638317c0a708b0d73f45b43aaf7cc1f7eb7ea6bd7f8e1248ef49224f1735c8112e1f740fc7020d3185ed3c588611aa6aed0f49ac90d908e28213b754fc64e330998b132579ea55c4d5be49e026fcb6e962377d3d540fa2d45116efa46182b7175e29f95499362aa5b631a4b504c7289a7cbf673f2f9d0f0e224f37a862ae822b5359c93de1a40e52e142897dcf25ee5bfaf4132019c1ad28f128186fd48b49eeca0ba9c31e25a025e2d5999e2654a02b6d1bd07d2a2095045cbd367a00a2d34976dc10effb80228afb1c3a7f05943053d65bd900b7a4bfd3833a93f1e0c3c0ecc469d10fbc05ac7881c68f0e3229efdc0e7d15d08a63d9c6de25377f4e01bdc64748dcfc1381977f323cce3c0d453c6a97df87718f54f386228fa70b978c331be3c4af998645e68b00d1f95bb7fedd7", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" + ], + "measurement": 100, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "21d79fba22fcea2e" + ], + [ + "44296045dc0315d1" + ] + ], + "prep_messages": [ + "" + ], + "prep_shares": [ + [ + "3930d34b74e6676f0158033969b58f5f113b356a799287a5", + "c8cf2cb48a199890ca5a3a856a34c034919f038dd5483648" + ] + ], + "public_share": "", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + } + ], + "shares": 2, + "verify_key": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" +} diff --git a/src/vdaf/test_vec/13/Prio3Sum_1.json b/src/vdaf/test_vec/13/Prio3Sum_1.json new file mode 100644 index 000000000..130166210 --- /dev/null +++ b/src/vdaf/test_vec/13/Prio3Sum_1.json @@ -0,0 +1,47 @@ +{ + "agg_param": "", + "agg_result": 100, + "agg_shares": [ + "0838d7ed77cd6687", + "44296045dc0315d1", + "1a9fc8cca92e84a7" + ], + "ctx": "736f6d65206170706c69636174696f6e", + "max_measurement": 255, + "prep": [ + { + "input_shares": [ + "c7fb0bdef5bfe20176af571fbc49515389eaadd4df90c3529f06e993f24e7938e710c770d2dbd06f9b2523f00213f7baaa65475354cb73e7a5d9f889974b2e776e8b996484aeb62b04576947b5a96b0a72189f03c37c2a8309fee95bc15681c9115ee8147e871e4f1edb0ec1e56b68ad083182c17baa213f17a8d8624f21213c55a404746658fb100e1cb0a086315bbcba60c6e3ed3018ed8e7e837f2033bb8284a440d0822e5aaf2cc0dc43c6fc7f78a9a9b2471a4db243f8de37a30b6bcc6c8369f1c6d0c80cc096d25fff0aee3a6e2f9d6da165b01cfe2d7141caa00439e110b68fdd94556d1506ef1499cd969438d98b641f9c132ed547da7eab49dff9c0545f57abbf971f52ccd2e993781cd0cd2c8788b5279e5f70339731ac86ed9195cd3c60836b6dd9698fd1e4ad7050a698df611eee9c5ba98f10e6b64485d7c82bf48968aacfabf982c4b8d98196e25c276dd5e31ee61144266c66d2d2889047cf0b509d0e447e378c179bbd18386eb389c10cfc815ce724b01e47aafef1bb8e52753548f77626a0af40b75036ad6518e293284f82ccb28b4baa512c45276c2986908c87cc69c53f9ac7e0d6850ee756cd430745239b545552c8776d6bd3e2573415e89d96f6b4064456d4cdeb577f87eff828e008e6b1ec0b5943abef717959c0816e12f771fe4feac12ebf5eebb6a268182d25e08027a8dc01a81fbfff43b5604d034cb8d0ba775899a9b6e02bb5542e7ccbeaedf230cedfadf50a541b51281b4d85f67b6c8cfbe1b5e77f95b70053553d7686ee34f5bc6462a0121af4d61057bdea117ebc86fb37f8ac45955a6b73d7dfa2a193033b4524a106de810ac96c754ffc1e46b09c6310564f3a58cfcc123f9fc6d9a530bd16fcbfe45a0dd91b929f", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f", + "202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + ], + "measurement": 100, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "0838d7ed77cd6687" + ], + [ + "44296045dc0315d1" + ], + [ + "1a9fc8cca92e84a7" + ] + ], + "prep_messages": [ + "" + ], + "prep_shares": [ + [ + "bc2b0bbf09338766f8abb2e591e5b779587a4647599932a2", + "c8cf2cb48a199890ca5a3a856a34c034919f038dd5483648", + "7d04c88c6ab3e008f1ee26ce020902b52a880fe76f72d29a" + ] + ], + "public_share": "", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f" + } + ], + "shares": 3, + "verify_key": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" +} diff --git a/src/vdaf/test_vec/13/Prio3Sum_2.json b/src/vdaf/test_vec/13/Prio3Sum_2.json new file mode 100644 index 000000000..e98afe5c2 --- /dev/null +++ b/src/vdaf/test_vec/13/Prio3Sum_2.json @@ -0,0 +1,230 @@ +{ + "agg_param": "", + "agg_result": 1521, + "agg_shares": [ + "3d90b1d19acf1386", + "b5754e2e6430ec79" + ], + "ctx": "736f6d65206170706c69636174696f6e", + "max_measurement": 1337, + "prep": [ + { + "input_shares": [ + "43126178225dca30c56c892f4cef3ca6f527cae360f77d4b2994ee7fbe779a5892f97897b3c5ff28ea1156127a87cb71fdca3aa67f3f66472914077ef4bb37488245444045a2293f2c51f6d5d497646aa1ab3bdc62c1db973fabd7f72169d6d5dce73437837c1c0662bb24addf7e07e6ad56db956b47ccc755b7c35912f67fb18ef8f9f52712c3080f914b74f00382004b165013481acf8be8175a22a882aa0eb80e78e0de28541108838a52471413dfb50659e637f1034e1f16577d02c362b788f2ba75655f48c3de2deca86d4c16dcb7ad16ee9be9abefb92edfc5ff3f936fb870dfe8d010e933b3d757755f70869463b12f0fee4391df94d8c3eaea71cb9eb448cebdcf1a9389aaffdf0add9c1ba4a3395ee3552988f68f846abd0d4c21d80797b31b3c093280a6dab8f6eb620cc224271c24a8e837b46c41d7448f92e8544b91b9258da94f10f9cc0c289acc1ca98e4921970f4645da92de8c4f01ceed91f67287a63c48f0efe31870630655eb8e771eae674a07d9208c92248153875c1a173ec6d0dbac7277d81f7d42fe00695163970bd22113a1fe897d45d0ae3ecd9232fc2f27cfe06c208fc152c37ff03f7daed0f49ac90d908eec2c33ecde71954dab2f085aff8226bc2d45c429c64678b147529367ef72e8e9ceac003b71c2dc01c96492eade00fc99ef01c7474f412e2526c2c5d54317487a37438dea9bd856781e92e0e296508b7e1d5f87e9e7df53669767fb7e72e5ae3ed7a009d3ee17a95cff7177086562e030875d1a518d2907983566800da114a280ee272902bcec631ed13e4e77f9aec2650667549603727f3fdd4dbb2476ec096b6b51ef2a4629889d8b8ad8018e594ce34bb030c6b68ccc6fc9db02c3a12a608eb01a1fbfbd64b152636ef87af0fb310d8ef8aae46ccbb794c59dd711cdda905e679f47c5fbad52209d211213c7f4111b38aa9f97c5f0c700", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" + ], + "measurement": 0, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "4a3136daf279c290" + ], + [ + "b7cec9250c863d6f" + ] + ], + "prep_messages": [ + "" + ], + "prep_shares": [ + [ + "fc4370f72d35fb2151811ef413c956ff342b7195eb58731e", + "05bc8f08d1ca04de00af93b17bde18cbad698b7a7dd6d58d" + ] + ], + "public_share": "", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + }, + { + "input_shares": [ + "44126178225dca30c56c892f4cef3ca6f527cae360f77d4b2994ee7fbe779a5892f97897b3c5ff28ea1156127a87cb71fdca3aa67f3f66472914077ef4bb37488245444045a2293f2c51f6d5d497646aa1ab3bdc62c1db9740abd7f72169d6d5dce73437837c1c0662bb24addf7e07e6ad56db956b47ccc755b7c35912f67fb18ef8f9f52712c3080f914b74f00382004b165013481acf8be8175a22a882aa0eb80e78e0de28541108838a52471413dfb50659e637f1034ea72dc76b211a70eb7fe9fdf23cf0bcce943e3cf677b2b53094dcd6fb6ac97ec4a05af004e87f92c6b406483756e68cb6325ddf6eb8da274f53ad4ca0581ebd88f82e66c767a58d0db89ff54c7319f5a2375a9f0d03890626247e02d2b5d3052be84c40b561eb5dbff61791c03271b92aef7f8973c1b2dd8bfd71a06e7d20198578a0d8ff103a4daae2f7ef838ba428d310c7e6f08dc4251b9ee657be8ff079b8ee17832393d334fc3f5254aec43a035d6944ba57c76d7ac9e02595222da66e469ad2edf1793434b1603d183b8fbb1d2699cf69935df52598abe65d9a0db52afbd1f1fc495705efe608118cda6d9e946349c54f32cea15eb2aed0f49ac90d908e6415c3fdbf1a8819b438c5dc27f2b1b0763474dcbce0d85c6923d35921931515e880effb8782ddaacdce299c592b5817707c3f4ef6d68c6a36c6a844d93c1cd1d2ecea0d20a594091a3bb953f35129659004c8e6c1f368e415235790133b310a7ed833db9a786c7510f199636efa58863eb849d4b7d935ce5c1bfcc2cbdcc0afe3c827473945ffc83bd81719fab3e9a2ef6c7acd0f7a76cdcdb084fdf541d58c0f18f956b423413341ab0bfa06673976c584e6d1f5733d3560d41b08bf8bca68a3da554e96b7d9bb1a6fa6103ded865ecd48be930dd7fa4d7d4e8549e1380762202b904b52e730ccc80cb65f2737ead77fa6a228763fa9cb", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" + ], + "measurement": 1, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "4b3136daf279c290" + ], + [ + "b7cec9250c863d6f" + ] + ], + "prep_messages": [ + "" + ], + "prep_shares": [ + [ + "fc4370f72d35fb211eb662209e58e2405d1a1b206c9f3fc5", + "05bc8f08d1ca04de00af93b17bde18cbad698b7a7dd6d58d" + ] + ], + "public_share": "", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + }, + { + "input_shares": [ + "44126178225dca30c56c892f4cef3ca6f527cae360f77d4b2a94ee7fbe779a5893f97897b3c5ff28eb1156127a87cb71fdca3aa67f3f66472914077ef4bb37488345444045a2293f2c51f6d5d497646aa2ab3bdc62c1db9740abd7f72169d6d5dce73437837c1c0662bb24addf7e07e6ae56db956b47ccc756b7c35912f67fb18ff8f9f52712c3080f914b74f00382004b165013481acf8be9175a22a882aa0eb80e78e0de28541109838a52471413dfb50659e637f1034e4ea3f731bdcdb2d15cde40b82ae8b2f958cf9926b84d1f101b2aacba2766ca4f0211a744f01ad937622bca186d7448311074990955f2f6cdde5c72c7790e6c1950807b95f52c6638327753e1ffa6a80bcf15500c8d5dcee16ad2d9a8374b9dbbf4eb9fe829c7607f5301f9b7e4aace4447dc7eb670e39324605c593843aa1ca2a846e48361529f2ac54ff9e68652a1b4b5e81d20835332fc2f405d2586293bb2266a5659025590a010a73442884f49010e7f6f3a71dfc5936fe02415e08651a00f20b7f6ecdda5921f2c3d4a2c5fb6529036b0e54c25f2c52e13d722c7e29d2ec197666a44f8fea894e4bb0d47c340e5778ac90f3d6d5709aed0f49ac90d908ebd9f923724674533d74382173afabb85b2a316ac7c456f7de2d5fd9a64f6c98985ca38bc80e796391faaa7ba429d9c9c936585b358bfbdebaa16831db94c6d407b9bd53f911dbcdea0635bbf66c475fcf84817e8371fa128d0ce7fb990c399797239d4a7d29c69b5b307326cbcc0436ce55b549109a97f35f93043f90553bd92b2221cc3e92cad4858800eb6fe0571c14b4b439e19eb69ec3c577f96ff081493d7c5252145a2e58e70562b664352f3d1204a31ef4b02f26ad1198c150cabe70e2e8d8c49230e68da5b808101a049ee31d6e177411ea72e20f9210cc1280b942e2f85262b66f4200a3c39862c4e123e5650e1284b0874b074", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" + ], + "measurement": 1337, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "833636daf279c290" + ], + [ + "b7cec9250c863d6f" + ] + ], + "prep_messages": [ + "" + ], + "prep_shares": [ + [ + "fc4370f72d35fb21d1a2b4da13818ff19ae1da2daa52e440", + "05bc8f08d1ca04de00af93b17bde18cbad698b7a7dd6d58d" + ] + ], + "public_share": "", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + }, + { + "input_shares": [ + "44126178225dca30c66c892f4cef3ca6f527cae360f77d4b2994ee7fbe779a5892f97897b3c5ff28eb1156127a87cb71feca3aa67f3f66472914077ef4bb37488245444045a2293f2c51f6d5d497646aa1ab3bdc62c1db9740abd7f72169d6d5dbe73437837c1c0661bb24addf7e07e6ae56db956b47ccc755b7c35912f67fb18ff8f9f52712c3080e914b74f00382004a165013481acf8be9175a22a882aa0eb80e78e0de28541108838a52471413dfb50659e637f1034e2e45375c41717d1d236e9d21e14c017ce572e18159e66d4eb3dbc784f8d5abc618c775703bf481a0599570c8ceb21ce9d4ab6c6d423578fa1198c7d8a5c499db443c9d9bf0d159bd25689231e5676d85e579ce0c032e9418bcd1daf6f248e470b12101afcbee6af953382fe0e8ed45b45730df5fe92bebb2e5fe76d958ecb1ec6af571ab2275371c13488a57f0e44966f75bf52dbc97383a702a187d53f95aa7273000c599ab06bba08836d40c710a2d140f38ae642a38bbab722dfd95b361dbd10373448b601da441085f7fa5afe5eabe4ce2e4f921dddcf6311a3afb1c7f671a819380aa3aaff841b6e05d27348a3396e9a69fa7f02e9daed0f49ac90d908eddfd520da0c37ae70fb425ae84956d032500cf50dbac203f4a24e2d09386e81270146a90340eeed02940010be05ec8e4cf2db24f6b7c3cbf78db2d0c8c963f7e87dfb3399678c859ad721c6f8103b182e2e498e7c14edbf17ecf7e6bd5c552c4b50373e130755f3bb4d0fb43b77dccfcd607f4e78f6028a7748e2558f0102848f0738e9b280a155709887d459673c80f08d86b90e1a663aefb6cc43e3239f49dd6ff7bb5ad4b6f74e07429d4be3032a61aba687b58b77f439687832d557ed7d36ca9d0fb848bf0c83aa45fcc25f9be99a8cb454271aa43093203c9a9f3d0b2f5d79bf914ffb170ba8e6761dc6ea1f40732824bbb9cf0d8e0", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" + ], + "measurement": 99, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "ad3136daf279c290" + ], + [ + "b7cec9250c863d6f" + ] + ], + "prep_messages": [ + "" + ], + "prep_shares": [ + [ + "fc4370f72d35fb21738306b80716f2e4c51acbcc0158dd8a", + "05bc8f08d1ca04de00af93b17bde18cbad698b7a7dd6d58d" + ] + ], + "public_share": "", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + }, + { + "input_shares": [ + "43126178225dca30c66c892f4cef3ca6f527cae360f77d4b2a94ee7fbe779a5892f97897b3c5ff28eb1156127a87cb71fdca3aa67f3f66472914077ef4bb37488245444045a2293f2c51f6d5d497646aa1ab3bdc62c1db973fabd7f72169d6d5dbe73437837c1c0661bb24addf7e07e6ad56db956b47ccc756b7c35912f67fb18ff8f9f52712c3080f914b74f00382004b165013481acf8be8175a22a882aa0eb80e78e0de28541108838a52471413dfb50659e637f1034e6a39bfe3b1c5b6044408bc17a9684a3c18667bebbb630aa6fef4ccb832bd20d3c926cd7027dad49c10591913ff0ed8c3b77648981e143b75c377f97ca7ad0df4552fecfc97236770bb0a78e08c3aadd08948040da9f2180727ac0999c3b05f11766438b2bf602a6f17d9a978b17667a56daba815bfb4e1978db9ec3a1c118b311eb30dd8572d7015bcfcffe27b6643b377d38d5bf15eb72ab23051b008a16062bf867d586cd07168a115b887ba9970fe7fbf34858ac4c6e967cc9e2c72cdf43f5f4ca960e60585bce5f1ccf5073e49fafddc6cdb16573e9453415cbcdcbaed30c85793400e4962c27e27482776a443fde4e6ca5e373f7dbaaed0f49ac90d908ea009cb85306f4100ee1907b8bc792443f30c35e7772f84e7ff0add9c599f7306bfb4129048289bd4717c58c0b0020d0aeb62d624909d7944c6fbfb678aadcb6576ec64d8ee26bba617d036c0d93071373d1663e71c8a560312f54fc9055ed723f0c03bde3c03a0c5ef2f81abeff4aa0bc08c2a32bad731c2cbd3aff62dec4e033cb6f26ef351dc5d61d307ba09f2cec28860d362acdfe4bdb9668b0b7d91eee23ea9fe21db2604c7e0e7a7201008ccd4af096ca4321df114d92d12fe7964446fde609adf29e688b096baf155c36a5b8a693bbb4b5475e251d4f386271333442c29c5f9549ba3bdf052f6f9121f313b3ee48427fc0ca28ac3", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" + ], + "measurement": 42, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "743136daf279c290" + ], + [ + "b7cec9250c863d6f" + ] + ], + "prep_messages": [ + "" + ], + "prep_shares": [ + [ + "fc4370f72d35fb2167e02e21452d6637328672ffd0423630", + "05bc8f08d1ca04de00af93b17bde18cbad698b7a7dd6d58d" + ] + ], + "public_share": "", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + }, + { + "input_shares": [ + "43126178225dca30c56c892f4cef3ca6f527cae360f77d4b2994ee7fbe779a5892f97897b3c5ff28ea1156127a87cb71fdca3aa67f3f66472914077ef4bb37488245444045a2293f2c51f6d5d497646aa1ab3bdc62c1db973fabd7f72169d6d5dce73437837c1c0662bb24addf7e07e6ad56db956b47ccc755b7c35912f67fb18ef8f9f52712c3080f914b74f00382004b165013481acf8be8175a22a882aa0eb80e78e0de28541108838a52471413dfb50659e637f1034e1f16577d02c362b788f2ba75655f48c3de2deca86d4c16dcb7ad16ee9be9abefb92edfc5ff3f936fb870dfe8d010e933b3d757755f70869463b12f0fee4391df94d8c3eaea71cb9eb448cebdcf1a9389aaffdf0add9c1ba4a3395ee3552988f68f846abd0d4c21d80797b31b3c093280a6dab8f6eb620cc224271c24a8e837b46c41d7448f92e8544b91b9258da94f10f9cc0c289acc1ca98e4921970f4645da92de8c4f01ceed91f67287a63c48f0efe31870630655eb8e771eae674a07d9208c92248153875c1a173ec6d0dbac7277d81f7d42fe00695163970bd22113a1fe897d45d0ae3ecd9232fc2f27cfe06c208fc152c37ff03f7daed0f49ac90d908eec2c33ecde71954dab2f085aff8226bc2d45c429c64678b147529367ef72e8e9ceac003b71c2dc01c96492eade00fc99ef01c7474f412e2526c2c5d54317487a37438dea9bd856781e92e0e296508b7e1d5f87e9e7df53669767fb7e72e5ae3ed7a009d3ee17a95cff7177086562e030875d1a518d2907983566800da114a280ee272902bcec631ed13e4e77f9aec2650667549603727f3fdd4dbb2476ec096b6b51ef2a4629889d8b8ad8018e594ce34bb030c6b68ccc6fc9db02c3a12a608eb01a1fbfbd64b152636ef87af0fb310d8ef8aae46ccbb794c59dd711cdda905e679f47c5fbad52209d211213c7f4111b38aa9f97c5f0c700", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" + ], + "measurement": 0, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "4a3136daf279c290" + ], + [ + "b7cec9250c863d6f" + ] + ], + "prep_messages": [ + "" + ], + "prep_shares": [ + [ + "fc4370f72d35fb2151811ef413c956ff342b7195eb58731e", + "05bc8f08d1ca04de00af93b17bde18cbad698b7a7dd6d58d" + ] + ], + "public_share": "", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + }, + { + "input_shares": [ + "43126178225dca30c56c892f4cef3ca6f527cae360f77d4b2994ee7fbe779a5892f97897b3c5ff28ea1156127a87cb71fdca3aa67f3f66472914077ef4bb37488245444045a2293f2c51f6d5d497646aa1ab3bdc62c1db973fabd7f72169d6d5dce73437837c1c0662bb24addf7e07e6ad56db956b47ccc755b7c35912f67fb18ef8f9f52712c3080f914b74f00382004b165013481acf8be8175a22a882aa0eb80e78e0de28541108838a52471413dfb50659e637f1034e1f16577d02c362b788f2ba75655f48c3de2deca86d4c16dcb7ad16ee9be9abefb92edfc5ff3f936fb870dfe8d010e933b3d757755f70869463b12f0fee4391df94d8c3eaea71cb9eb448cebdcf1a9389aaffdf0add9c1ba4a3395ee3552988f68f846abd0d4c21d80797b31b3c093280a6dab8f6eb620cc224271c24a8e837b46c41d7448f92e8544b91b9258da94f10f9cc0c289acc1ca98e4921970f4645da92de8c4f01ceed91f67287a63c48f0efe31870630655eb8e771eae674a07d9208c92248153875c1a173ec6d0dbac7277d81f7d42fe00695163970bd22113a1fe897d45d0ae3ecd9232fc2f27cfe06c208fc152c37ff03f7daed0f49ac90d908eec2c33ecde71954dab2f085aff8226bc2d45c429c64678b147529367ef72e8e9ceac003b71c2dc01c96492eade00fc99ef01c7474f412e2526c2c5d54317487a37438dea9bd856781e92e0e296508b7e1d5f87e9e7df53669767fb7e72e5ae3ed7a009d3ee17a95cff7177086562e030875d1a518d2907983566800da114a280ee272902bcec631ed13e4e77f9aec2650667549603727f3fdd4dbb2476ec096b6b51ef2a4629889d8b8ad8018e594ce34bb030c6b68ccc6fc9db02c3a12a608eb01a1fbfbd64b152636ef87af0fb310d8ef8aae46ccbb794c59dd711cdda905e679f47c5fbad52209d211213c7f4111b38aa9f97c5f0c700", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" + ], + "measurement": 0, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "4a3136daf279c290" + ], + [ + "b7cec9250c863d6f" + ] + ], + "prep_messages": [ + "" + ], + "prep_shares": [ + [ + "fc4370f72d35fb2151811ef413c956ff342b7195eb58731e", + "05bc8f08d1ca04de00af93b17bde18cbad698b7a7dd6d58d" + ] + ], + "public_share": "", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + }, + { + "input_shares": [ + "43126178225dca30c66c892f4cef3ca6f527cae360f77d4b2a94ee7fbe779a5892f97897b3c5ff28eb1156127a87cb71fdca3aa67f3f66472914077ef4bb37488245444045a2293f2c51f6d5d497646aa1ab3bdc62c1db973fabd7f72169d6d5dbe73437837c1c0661bb24addf7e07e6ad56db956b47ccc756b7c35912f67fb18ff8f9f52712c3080f914b74f00382004b165013481acf8be8175a22a882aa0eb80e78e0de28541108838a52471413dfb50659e637f1034e6a39bfe3b1c5b6044408bc17a9684a3c18667bebbb630aa6fef4ccb832bd20d3c926cd7027dad49c10591913ff0ed8c3b77648981e143b75c377f97ca7ad0df4552fecfc97236770bb0a78e08c3aadd08948040da9f2180727ac0999c3b05f11766438b2bf602a6f17d9a978b17667a56daba815bfb4e1978db9ec3a1c118b311eb30dd8572d7015bcfcffe27b6643b377d38d5bf15eb72ab23051b008a16062bf867d586cd07168a115b887ba9970fe7fbf34858ac4c6e967cc9e2c72cdf43f5f4ca960e60585bce5f1ccf5073e49fafddc6cdb16573e9453415cbcdcbaed30c85793400e4962c27e27482776a443fde4e6ca5e373f7dbaaed0f49ac90d908ea009cb85306f4100ee1907b8bc792443f30c35e7772f84e7ff0add9c599f7306bfb4129048289bd4717c58c0b0020d0aeb62d624909d7944c6fbfb678aadcb6576ec64d8ee26bba617d036c0d93071373d1663e71c8a560312f54fc9055ed723f0c03bde3c03a0c5ef2f81abeff4aa0bc08c2a32bad731c2cbd3aff62dec4e033cb6f26ef351dc5d61d307ba09f2cec28860d362acdfe4bdb9668b0b7d91eee23ea9fe21db2604c7e0e7a7201008ccd4af096ca4321df114d92d12fe7964446fde609adf29e688b096baf155c36a5b8a693bbb4b5475e251d4f386271333442c29c5f9549ba3bdf052f6f9121f313b3ee48427fc0ca28ac3", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" + ], + "measurement": 42, + "nonce": "000102030405060708090a0b0c0d0e0f", + "out_shares": [ + [ + "743136daf279c290" + ], + [ + "b7cec9250c863d6f" + ] + ], + "prep_messages": [ + "" + ], + "prep_shares": [ + [ + "fc4370f72d35fb2167e02e21452d6637328672ffd0423630", + "05bc8f08d1ca04de00af93b17bde18cbad698b7a7dd6d58d" + ] + ], + "public_share": "", + "rand": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" + } + ], + "shares": 2, + "verify_key": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" +} diff --git a/src/vdaf/test_vec/13/XofFixedKeyAes128.json b/src/vdaf/test_vec/13/XofFixedKeyAes128.json new file mode 100644 index 000000000..f8de9c8f4 --- /dev/null +++ b/src/vdaf/test_vec/13/XofFixedKeyAes128.json @@ -0,0 +1,8 @@ +{ + "binder": "62696e64657220737472696e67", + "derived_seed": "ca97b6736483188fbf6d52a9063ab3e2", + "dst": "646f6d61696e2073657061726174696f6e20746167", + "expanded_vec_field128": "ca97b6736483188fbf6d52a9063ab3e2cd3d2a390443defd69ef29b85a905d166f01b109411930cb0379474684ec70fa412fdb6e05686eeb4351b5970cfcc497ecea23f53c257fe0b5909ca8502ab3dc701c10343fc1ba7fad7691272f741ab0258097d957ae571114e8059f5cfb901c75107e6394c2920f34a52548770d9b6253f22790b66e3a0a4229f332007276723755c5e3111549bba1d7586fd274feadf7e4aca60357db9b12ccb6d56265a20265c13167135d56d56c97bc344cf6f2634c614e63c490e0761739dcfb9075e99aea74c52bacd200944e882ec3f90e7c41e0c3098151afd2b94f9d31ca0e53a080a24933cadae8a28afad638e78bd24e1502b5cc68fb3b01f6a9877c70cbebcc6051e5d1e534f751dda147584740ba1d5de08b5b32a8d77b50887715c0bcf7547be0943a9cfffe6020ce01d752a49493a9be34903dc3a296b267a896b9f3ea1fa00241c334e7627d1f3bbc83164875aa7c3459cd1eac02573835e30538124a1e34b6ae4782c8df2cf1f2c82ccd5325d91919773b148280d64c8823d7bf4866c1a46b5cc709fa74059c4af4aec7c5d16eaedc13405c54a94834f8ad4475b6478ebf3572fc74201e7e4d51e978b7ddc3db1ded8852f3383259b3f8ea982288c0bd34b7f8b4b8a2f6ab599caf49d6648bf294eb7d5cafd2c5e201da5bd13a344cfb0d8fdf03b986ceaaeb80a05d50dd639aaa66a2d3bb7874033062620c96df2608900eed014ee00019cce9b3f54bd0217502c18777508957e8b052875ec0b96502123ca5925099be25c58ce70b712ac00baac08052db362b955ffb1467b73711eabbd3ddf00518d19c8081583613f09523d5a5144ac0aeefe78e5cac16d3fcabfd370029c76f471fffad24fe384c23dd315a", + "length": 40, + "seed": "000102030405060708090a0b0c0d0e0f" +} diff --git a/src/vdaf/test_vec/13/XofTurboShake128.json b/src/vdaf/test_vec/13/XofTurboShake128.json new file mode 100644 index 000000000..bfd78ffeb --- /dev/null +++ b/src/vdaf/test_vec/13/XofTurboShake128.json @@ -0,0 +1,8 @@ +{ + "binder": "62696e64657220737472696e67", + "derived_seed": "b62ef0a2778190792d4d42d8c167ba20e0c37a3f319ba79645829c427d70eea5", + "dst": "646f6d61696e2073657061726174696f6e20746167", + "expanded_vec_field128": "b62ef0a2778190792d4d42d8c167ba20e0c37a3f319ba79645829c427d70eea56d92fef65a07b17a0438e25452cdc7f15f63caf0e8a2a3c72ac69524729e64e03c7ec3a3afa7eb21cb6da6abf0a3b73630a91a5fa05dcbd33da3476f1c8bf4fd66fe5a80dd04bc95f0f02cb8fc9035b9e16e3a5c373bf81c820af513e0c832ca672c66dcc3b302fb8b27a48f09e0a843f5caf87b3c6c1c4b6765b5923e1d152c2e695601abbc69dbe810860fb30e871a2549861110672335ce50ee632264cbb21f62595298d1d1ad9303b84664801e52112989dfce93f0f9dc833ee0f4a0672ffe47cb0a13f80f9e9b7a2e267db7f7890ccd064bf2458cd4e27162d13e60dbc1b6cae71635a3e603f2c15d1c64a12d4e8235f7bf0a8efe6bb15f3e2adae06f7dd1c4d63ac6cecae731250f73c063c6e59aef630a7b6f4bc64bddadc8b8a479bfdb64ea31e6ab44540a52a8d3399d64a060d50190d66cac1335d739e5f8d508201058a2e0cc1ed90e23cfdc7a253f24710ef3b1604688606386dcc4c90e8476be9daac3271ac51301868df71a719a5f32184145d70fec31b4693d527f53875a2ea013523d3daa33bc49c22f66c9ae70dd7f06f227f50515ea9ab1fbe0162cf761e596d8999809cf672cd2d82b22231f841c36e494d7e44f7c6f07e29758b1b73ce95b202325116f04067a54aa767eab2e00ce55b3abcd5c3d5b05040a6bf5d4ba8a61267004bb82b12d43b08fed8f9aced3e833a58fc01004526631b0f4192d8754a397e1096511ee23761a29fcd6511ad2e5020683ca877e4075fe6bc5907f7df1ed4b6c97e0f897d781e850da0cf584842c124cdb6011fe8660e3b8c354cd659985332ea158ffcba83253d39803fa7efb9fcd02cea38089f239f68404814973", + "length": 40, + "seed": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" +} diff --git a/src/vdaf/xof.rs b/src/vdaf/xof.rs index 9635784b0..2fef21083 100644 --- a/src/vdaf/xof.rs +++ b/src/vdaf/xof.rs @@ -553,10 +553,11 @@ mod tests { assert_eq!(got, want); } + #[ignore = "seed size needs to be updated for VDAF draft-13"] #[test] fn xof_turboshake128() { let t: XofTestVector = - serde_json::from_str(include_str!("test_vec/08/XofTurboShake128.json")).unwrap(); + serde_json::from_str(include_str!("test_vec/13/XofTurboShake128.json")).unwrap(); let mut xof = XofTurboShake128::init(&t.seed.try_into().unwrap(), &t.dst); xof.update(&t.binder); @@ -600,12 +601,11 @@ mod tests { test_xof::(); } - #[ignore] #[cfg(feature = "experimental")] #[test] fn xof_fixed_key_aes128() { let t: XofTestVector = - serde_json::from_str(include_str!("test_vec/08/XofFixedKeyAes128.json")).unwrap(); + serde_json::from_str(include_str!("test_vec/13/XofFixedKeyAes128.json")).unwrap(); let mut xof = XofFixedKeyAes128::init(&t.seed.try_into().unwrap(), &t.dst); xof.update(&t.binder); From 8de33db0ef521e69e9a049a359ae03a0c509a18f Mon Sep 17 00:00:00 2001 From: Ameer Ghani Date: Mon, 16 Dec 2024 10:37:38 -0600 Subject: [PATCH 09/20] cargo-vet: audit zlib-rs 0.4.1 (#1160) --- supply-chain/audits.toml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/supply-chain/audits.toml b/supply-chain/audits.toml index cd8aecfac..d869ef03b 100644 --- a/supply-chain/audits.toml +++ b/supply-chain/audits.toml @@ -408,6 +408,11 @@ This crate uses unsafe since it's for C to Rust FFI. I have reviewed and fuzzed The only dependency is zlib-rs, which is maintained by the same maintainers as this crate. """ +[[audits.libz-rs-sys]] +who = "Ameer Ghani " +criteria = "safe-to-deploy" +delta = "0.4.0 -> 0.4.1" + [[audits.linux-raw-sys]] who = "Brandon Pitman " criteria = "safe-to-run" @@ -859,6 +864,11 @@ zlib-rs uses unsafe Rust for invoking compiler intrinsics (i.e. SIMD), eschewing zlib-rs does not require any external dependencies. """ +[[audits.zlib-rs]] +who = "Ameer Ghani " +criteria = "safe-to-deploy" +delta = "0.4.0 -> 0.4.1" + [[trusted.byteorder]] criteria = "safe-to-deploy" user-id = 189 # Andrew Gallant (BurntSushi) From 053ad53d31685acefab893b1b71a07d13c62f65f Mon Sep 17 00:00:00 2001 From: hannahdaviscrypto <92389026+hannahdaviscrypto@users.noreply.github.com> Date: Mon, 16 Dec 2024 16:21:57 -0600 Subject: [PATCH 10/20] Mastic aggregator and collector implementation (#1107) * Updating SZK module for compatibility with Mastic * Create Mastic module with server implementation Implements aggregator and collector functionality for the Mastic protocol for weighted heavy-hitters and attribute-based metrics. --------- Co-authored-by: Hannah Davis Co-authored-by: David Cook --- benches/speed_tests.rs | 6 +- src/bt.rs | 12 +- src/flp/szk.rs | 337 ++++++++++-------- src/vdaf/mastic.rs | 763 ++++++++++++++++++++++++++++++++++++++--- src/vidpf.rs | 443 +++++++++++++++++------- 5 files changed, 1244 insertions(+), 317 deletions(-) diff --git a/benches/speed_tests.rs b/benches/speed_tests.rs index 94dd5d183..f6949b103 100644 --- a/benches/speed_tests.rs +++ b/benches/speed_tests.rs @@ -17,6 +17,8 @@ use prio::dp::distributions::DiscreteGaussian; use prio::idpf::test_utils::generate_zipf_distributed_batch; #[cfg(feature = "experimental")] use prio::vdaf::prio2::Prio2; +#[cfg(feature = "experimental")] +use prio::vidpf::VidpfServerId; use prio::{ benchmarked::*, field::{random_vector, Field128 as F, FieldElement}, @@ -878,7 +880,9 @@ fn vidpf(c: &mut Criterion) { let (public, keys) = vidpf.gen(&input, &weight, NONCE).unwrap(); b.iter(|| { - let _ = vidpf.eval(&keys[0], &public, &input, NONCE).unwrap(); + let _ = vidpf + .eval(VidpfServerId::S0, &keys[0], &public, &input, NONCE) + .unwrap(); }); }); } diff --git a/src/bt.rs b/src/bt.rs index 1bb0cb64d..6a884dd93 100644 --- a/src/bt.rs +++ b/src/bt.rs @@ -50,8 +50,6 @@ // TODO(#947): Remove these lines once the module gets used by Mastic implementation. #![allow(dead_code)] -#![allow(unused_variables)] - use core::fmt::Debug; use std::io::Cursor; @@ -78,13 +76,13 @@ type SubTree = Option>>; /// Represents a node of a binary tree. pub struct Node { - value: V, - left: SubTree, - right: SubTree, + pub(crate) value: V, + pub(crate) left: SubTree, + pub(crate) right: SubTree, } impl Node { - fn new(value: V) -> Self { + pub(crate) fn new(value: V) -> Self { Self { value, left: None, @@ -181,7 +179,7 @@ impl Node { /// Represents an append-only binary tree. pub struct BinaryTree { - root: SubTree, + pub(crate) root: SubTree, } impl BinaryTree { diff --git a/src/flp/szk.rs b/src/flp/szk.rs index 4531d3bf9..3023675cd 100644 --- a/src/flp/szk.rs +++ b/src/flp/szk.rs @@ -18,7 +18,6 @@ use crate::{ prng::{Prng, PrngError}, vdaf::xof::{IntoFieldVec, Seed, Xof, XofTurboShake128}, }; -#[cfg(test)] use std::borrow::Cow; use std::ops::BitAnd; use std::{io::Cursor, marker::PhantomData}; @@ -27,7 +26,6 @@ use subtle::{Choice, ConstantTimeEq}; // Domain separation tags const DST_PROVE_RANDOMNESS: u16 = 0; const DST_PROOF_SHARE: u16 = 1; -#[allow(dead_code)] const DST_QUERY_RANDOMNESS: u16 = 2; const DST_JOINT_RAND_SEED: u16 = 3; const DST_JOINT_RAND_PART: u16 = 4; @@ -39,12 +37,12 @@ const MASTIC_VERSION: u8 = 0; #[derive(Debug, thiserror::Error)] #[non_exhaustive] pub enum SzkError { - #[error("Szk decide error: {0}")] /// Returned for errors in Szk verification step + #[error("Szk decide error: {0}")] Decide(String), - #[error("Szk query error: {0}")] /// Returned for errors in query evaluation + #[error("Szk query error: {0}")] Query(String), /// Returned if an FLP operation encountered an error. @@ -209,65 +207,26 @@ impl ParameterizedDecode<(bool } /// A tuple containing the state and messages produced by an SZK query. -#[cfg(test)] #[derive(Clone, Debug)] pub struct SzkQueryShare { joint_rand_part_opt: Option>, - flp_verifier: Vec, -} - -/// The state that needs to be stored by an Szk verifier between query() and decide() -pub type SzkQueryState = Option>; - -#[cfg(test)] -impl SzkQueryShare { - pub(crate) fn merge_verifiers( - mut leader_share: SzkQueryShare, - helper_share: SzkQueryShare, - ) -> SzkVerifier { - for (x, y) in leader_share - .flp_verifier - .iter_mut() - .zip(helper_share.flp_verifier) - { - *x += y; - } - SzkVerifier { - flp_verifier: leader_share.flp_verifier, - leader_joint_rand_part_opt: leader_share.joint_rand_part_opt, - helper_joint_rand_part_opt: helper_share.joint_rand_part_opt, - } - } + pub(crate) flp_verifier: Vec, } -/// Verifier type for the SZK proof. -#[derive(Clone, Debug, Eq, PartialEq)] -pub struct SzkVerifier { - flp_verifier: Vec, - leader_joint_rand_part_opt: Option>, - helper_joint_rand_part_opt: Option>, -} - -impl Encode for SzkVerifier { +impl Encode for SzkQueryShare { fn encode(&self, bytes: &mut Vec) -> Result<(), CodecError> { - encode_fieldvec(&self.flp_verifier, bytes)?; - if let Some(ref part) = self.leader_joint_rand_part_opt { - part.encode(bytes)? - }; - if let Some(ref part) = self.helper_joint_rand_part_opt { - part.encode(bytes)? + if let Some(ref part) = self.joint_rand_part_opt { + part.encode(bytes)?; }; + + encode_fieldvec(&self.flp_verifier, bytes)?; Ok(()) } fn encoded_len(&self) -> Option { Some( self.flp_verifier.len() * F::ENCODED_SIZE - + match self.leader_joint_rand_part_opt { - Some(ref part) => part.encoded_len()?, - None => 0, - } - + match self.helper_joint_rand_part_opt { + + match self.joint_rand_part_opt { Some(ref part) => part.encoded_len()?, None => 0, }, @@ -276,24 +235,64 @@ impl Encode for SzkVerifier ParameterizedDecode<(bool, usize)> - for SzkVerifier + for SzkQueryShare { fn decode_with_param( (requires_joint_rand, verifier_len): &(bool, usize), bytes: &mut Cursor<&[u8]>, + ) -> Result { + Ok(SzkQueryShare { + joint_rand_part_opt: (*requires_joint_rand) + .then(|| Seed::::decode(bytes)) + .transpose()?, + flp_verifier: decode_fieldvec(*verifier_len, bytes)?, + }) + } +} + +/// Szk query state. +/// +/// The state that needs to be stored by an Szk verifier between query() and decide(). +pub(crate) type SzkQueryState = Option>; + +/// Joint share type for the SZK proof. +/// +/// This is produced as the result of combining two query shares. +/// It contains the re-computed joint randomness seed, if applicable. It is consumed by [`Szk::decide`]. +#[derive(Clone, Debug, Eq, PartialEq)] +pub struct SzkJointShare(Option>); + +impl SzkJointShare { + pub(crate) fn none() -> SzkJointShare { + SzkJointShare(None) + } +} + +impl Encode for SzkJointShare { + fn encode(&self, bytes: &mut Vec) -> Result<(), CodecError> { + if let Some(ref expected_seed) = self.0 { + expected_seed.encode(bytes)?; + }; + Ok(()) + } + + fn encoded_len(&self) -> Option { + Some(match self.0 { + Some(ref seed) => seed.encoded_len()?, + None => 0, + }) + } +} + +impl ParameterizedDecode for SzkJointShare { + fn decode_with_param( + requires_joint_rand: &bool, + bytes: &mut Cursor<&[u8]>, ) -> Result { if *requires_joint_rand { - Ok(SzkVerifier { - flp_verifier: decode_fieldvec(*verifier_len, bytes)?, - leader_joint_rand_part_opt: Some(Seed::::decode(bytes)?), - helper_joint_rand_part_opt: Some(Seed::::decode(bytes)?), - }) + Ok(SzkJointShare(Some(Seed::::decode(bytes)?))) } else { - Ok(SzkVerifier { - flp_verifier: decode_fieldvec(*verifier_len, bytes)?, - leader_joint_rand_part_opt: None, - helper_joint_rand_part_opt: None, - }) + Ok(SzkJointShare(None)) } } } @@ -418,7 +417,6 @@ where .collect() } - #[cfg(test)] fn derive_query_rand(&self, verify_key: &[u8; SEED_SIZE], nonce: &[u8; 16]) -> Vec { let mut xof = P::init( verify_key, @@ -429,7 +427,7 @@ where .into_field_vec(self.typ.query_rand_len()) } - pub(crate) fn has_joint_rand(&self) -> bool { + pub(crate) fn requires_joint_rand(&self) -> bool { self.typ.joint_rand_len() > 0 } @@ -498,11 +496,10 @@ where Ok([leader_proof_share, helper_proof_share]) } - #[cfg(test)] pub(crate) fn query( &self, input_share: &[T::Field], - proof_share: SzkProofShare, + proof_share: &SzkProofShare, verify_key: &[u8; SEED_SIZE], nonce: &[u8; 16], ) -> Result<(SzkQueryShare, SzkQueryState), SzkError> { @@ -518,18 +515,18 @@ where } => Cow::Owned(self.derive_helper_proof_share(proof_share_seed_and_blind)), }; - let (joint_rand, joint_rand_seed, joint_rand_part) = if self.has_joint_rand() { + let (joint_rand, joint_rand_seed, joint_rand_part) = if self.requires_joint_rand() { let ((joint_rand_seed, joint_rand), host_joint_rand_part) = match proof_share { SzkProofShare::Leader { uncompressed_proof_share: _, leader_blind_and_helper_joint_rand_part_opt, } => match leader_blind_and_helper_joint_rand_part_opt { Some((seed, helper_joint_rand_part)) => { - match self.derive_joint_rand_part(&seed, input_share, nonce) { + match self.derive_joint_rand_part(seed, input_share, nonce) { Ok(leader_joint_rand_part) => ( self.derive_joint_rand_and_seed( &leader_joint_rand_part, - &helper_joint_rand_part, + helper_joint_rand_part, ), leader_joint_rand_part, ), @@ -547,13 +544,13 @@ where leader_joint_rand_part_opt, } => match leader_joint_rand_part_opt { Some(leader_joint_rand_part) => match self.derive_joint_rand_part( - &proof_share_seed_and_blind, + proof_share_seed_and_blind, input_share, nonce, ) { Ok(helper_joint_rand_part) => ( self.derive_joint_rand_and_seed( - &leader_joint_rand_part, + leader_joint_rand_part, &helper_joint_rand_part, ), helper_joint_rand_part, @@ -591,33 +588,60 @@ where )) } - /// Returns true if the verifier message indicates that the input from which - /// it was generated is valid. + pub(crate) fn merge_query_shares( + &self, + mut leader_share: SzkQueryShare, + helper_share: SzkQueryShare, + ) -> Result, SzkError> { + for (x, y) in leader_share + .flp_verifier + .iter_mut() + .zip(helper_share.flp_verifier) + { + *x += y; + } + if self.typ.decide(&leader_share.flp_verifier)? { + match ( + leader_share.joint_rand_part_opt, + helper_share.joint_rand_part_opt, + ) { + (Some(ref leader_part), Some(ref helper_part)) => Ok(SzkJointShare(Some( + self.derive_joint_rand_seed(leader_part, helper_part), + ))), + (None, None) => Ok(SzkJointShare(None)), + _ => Err(SzkError::Decide( + "at least one of the joint randomness parts is missing".to_string(), + )), + } + } else { + Err(SzkError::Decide("failed to verify FLP proof".to_string())) + } + } + + /// Returns true if the joint randomness seed used during the query phase + /// was correctly computed from both aggregators' parts. pub fn decide( &self, - verifier: SzkVerifier, query_state: SzkQueryState, - ) -> Result { - // Check if underlying FLP proof validates - let check_flp_proof = self.typ.decide(&verifier.flp_verifier)?; - if !check_flp_proof { - return Ok(false); - } + joint_share: SzkJointShare, + ) -> Result<(), SzkError> { // Check that joint randomness was properly derived from both // aggregators' parts - match ( - query_state, - verifier.leader_joint_rand_part_opt, - verifier.helper_joint_rand_part_opt, - ) { - (Some(joint_rand_seed), Some(leader_joint_rand_part), Some(helper_joint_rand_part)) => { - let expected_joint_rand_seed = - self.derive_joint_rand_seed(&leader_joint_rand_part, &helper_joint_rand_part); - Ok(joint_rand_seed == expected_joint_rand_seed) + match (query_state, joint_share) { + (Some(joint_rand_seed), SzkJointShare(Some(expected_joint_rand_seed))) => { + if joint_rand_seed == expected_joint_rand_seed { + Ok(()) + } else { + Err(SzkError::Decide( + "Aggregators failed to compute identical joint randomness seeds" + .to_string(), + )) + } } - (None, None, None) => Ok(true), - (_, _, _) => Err(SzkError::Decide( - "at least one of the input seeds is missing".to_string(), + + (None, SzkJointShare(None)) => Ok(()), + _ => Err(SzkError::Decide( + "Either computed or stored joint randomness seed is missing".to_string(), )), } } @@ -673,7 +697,7 @@ mod tests { thread_rng().fill(&mut nonce[..]); let prove_rand_seed = Seed::<16>::generate().unwrap(); let helper_seed = Seed::<16>::generate().unwrap(); - let leader_seed_opt = if szk_typ.has_joint_rand() { + let leader_seed_opt = if szk_typ.requires_joint_rand() { Some(Seed::<16>::generate().unwrap()) } else { None @@ -693,56 +717,74 @@ mod tests { &nonce, ); - let [l_proof_share, h_proof_share] = proof_shares.unwrap(); - let (l_query_share, l_query_state) = szk_typ + let [leader_proof_share, helper_proof_share] = proof_shares.unwrap(); + let (leader_query_share, leader_query_state) = szk_typ .query( &leader_input_share, - l_proof_share.clone(), + &leader_proof_share, &verify_key, &nonce, ) .unwrap(); - let (h_query_share, h_query_state) = szk_typ - .query(&helper_input_share, h_proof_share, &verify_key, &nonce) + let (helper_query_share, helper_query_state) = szk_typ + .query( + &helper_input_share, + &helper_proof_share, + &verify_key, + &nonce, + ) .unwrap(); - let verifier = SzkQueryShare::merge_verifiers(l_query_share.clone(), h_query_share.clone()); - if let Ok(leader_decision) = szk_typ.decide(verifier.clone(), l_query_state.clone()) { - assert_eq!( - leader_decision, valid, - "Leader incorrectly determined validity", - ); - } else { - panic!("Leader failed during decision"); - }; - if let Ok(helper_decision) = szk_typ.decide(verifier.clone(), h_query_state.clone()) { - assert_eq!( - helper_decision, valid, - "Helper incorrectly determined validity", - ); - } else { - panic!("Helper failed during decision"); + let joint_share_result = + szk_typ.merge_query_shares(leader_query_share.clone(), helper_query_share.clone()); + let joint_share = match joint_share_result { + Ok(joint_share) => { + let leader_decision = szk_typ + .decide(leader_query_state.clone(), joint_share.clone()) + .is_ok(); + assert_eq!( + leader_decision, valid, + "Leader incorrectly determined validity", + ); + let helper_decision = szk_typ + .decide(helper_query_state.clone(), joint_share.clone()) + .is_ok(); + assert_eq!( + helper_decision, valid, + "Helper incorrectly determined validity", + ); + joint_share + } + Err(_) => { + assert!(!valid, "Aggregator incorrectly determined validity"); + SzkJointShare(None) + } }; //test mutated jr seed - if szk_typ.has_joint_rand() { + if szk_typ.requires_joint_rand() { let joint_rand_seed_opt = Some(Seed::<16>::generate().unwrap()); - if let Ok(leader_decision) = szk_typ.decide(verifier, joint_rand_seed_opt.clone()) { - assert!(!leader_decision, "Leader accepted wrong jr seed"); + if let Ok(()) = szk_typ.decide(joint_rand_seed_opt.clone(), joint_share) { + panic!("Leader accepted wrong jr seed"); }; }; // test mutated verifier - let mut mutated_query_share = l_query_share.clone(); + let mut mutated_query_share = leader_query_share.clone(); for x in mutated_query_share.flp_verifier.iter_mut() { *x += T::Field::from( ::Integer::try_from(7).unwrap(), ); } - let verifier = SzkQueryShare::merge_verifiers(mutated_query_share, h_query_share.clone()); - - let leader_decision = szk_typ.decide(verifier, l_query_state.clone()).unwrap(); + let joint_share_res = + szk_typ.merge_query_shares(mutated_query_share, helper_query_share.clone()); + let leader_decision = match joint_share_res { + Ok(joint_share) => szk_typ + .decide(leader_query_state.clone(), joint_share) + .is_ok(), + Err(_) => false, + }; assert!(!leader_decision, "Leader validated after proof mutation"); // test mutated input share @@ -750,45 +792,54 @@ mod tests { mutated_input[0] *= T::Field::from(::Integer::try_from(23).unwrap()); let (mutated_query_share, mutated_query_state) = szk_typ - .query(&mutated_input, l_proof_share.clone(), &verify_key, &nonce) + .query(&mutated_input, &leader_proof_share, &verify_key, &nonce) .unwrap(); - let verifier = SzkQueryShare::merge_verifiers(mutated_query_share, h_query_share.clone()); + let joint_share_res = + szk_typ.merge_query_shares(mutated_query_share, helper_query_share.clone()); - if let Ok(leader_decision) = szk_typ.decide(verifier, mutated_query_state) { - assert!(!leader_decision, "Leader validated after input mutation"); + let leader_decision = match joint_share_res { + Ok(joint_share) => szk_typ.decide(mutated_query_state, joint_share).is_ok(), + Err(_) => false, }; + assert!(!leader_decision, "Leader validated after input mutation"); // test mutated proof share - let (mut mutated_proof, leader_blind_and_helper_joint_rand_part_opt) = match l_proof_share { - SzkProofShare::Leader { - uncompressed_proof_share, - leader_blind_and_helper_joint_rand_part_opt, - } => ( - uncompressed_proof_share.clone(), - leader_blind_and_helper_joint_rand_part_opt, - ), - _ => (vec![], None), - }; + let (mut mutated_proof, leader_blind_and_helper_joint_rand_part_opt) = + match leader_proof_share { + SzkProofShare::Leader { + uncompressed_proof_share, + leader_blind_and_helper_joint_rand_part_opt, + } => ( + uncompressed_proof_share, + leader_blind_and_helper_joint_rand_part_opt, + ), + _ => (vec![], None), + }; mutated_proof[0] *= T::Field::from(::Integer::try_from(23).unwrap()); let mutated_proof_share = SzkProofShare::Leader { uncompressed_proof_share: mutated_proof, leader_blind_and_helper_joint_rand_part_opt, }; - let (l_query_share, l_query_state) = szk_typ + let (leader_query_share, leader_query_state) = szk_typ .query( &leader_input_share, - mutated_proof_share, + &mutated_proof_share, &verify_key, &nonce, ) .unwrap(); - let verifier = SzkQueryShare::merge_verifiers(l_query_share, h_query_share.clone()); - - if let Ok(leader_decision) = szk_typ.decide(verifier, l_query_state) { - assert!(!leader_decision, "Leader validated after proof mutation"); + let joint_share_res = + szk_typ.merge_query_shares(leader_query_share, helper_query_share.clone()); + + let leader_decision = match joint_share_res { + Ok(joint_share) => szk_typ + .decide(leader_query_state.clone(), joint_share) + .is_ok(), + Err(_) => false, }; + assert!(!leader_decision, "Leader validated after proof mutation"); } #[test] @@ -809,7 +860,7 @@ mod tests { *x -= *y; } - let [l_proof_share, _] = szk_typ + let [leader_proof_share, _] = szk_typ .prove( &leader_input_share, &helper_input_share, @@ -821,8 +872,8 @@ mod tests { .unwrap(); assert_eq!( - l_proof_share.encoded_len().unwrap(), - l_proof_share.get_encoded().unwrap().len() + leader_proof_share.encoded_len().unwrap(), + leader_proof_share.get_encoded().unwrap().len() ); } diff --git a/src/vdaf/mastic.rs b/src/vdaf/mastic.rs index 6e3426b5f..7fb7ba48d 100644 --- a/src/vdaf/mastic.rs +++ b/src/vdaf/mastic.rs @@ -5,27 +5,34 @@ //! [draft-mouris-cfrg-mastic-01]: https://www.ietf.org/archive/id/draft-mouris-cfrg-mastic-01.html use crate::{ + bt::BinaryTree, codec::{CodecError, Decode, Encode, ParameterizedDecode}, field::{decode_fieldvec, FieldElement}, flp::{ - szk::{Szk, SzkProofShare}, - Type, + szk::{Szk, SzkJointShare, SzkProofShare, SzkQueryShare, SzkQueryState}, + FlpError, Type, }, vdaf::{ - poplar1::Poplar1AggregationParam, + poplar1::{Poplar1, Poplar1AggregationParam}, xof::{Seed, Xof}, - AggregateShare, Client, OutputShare, Vdaf, VdafError, + Aggregatable, AggregateShare, Aggregator, Client, Collector, OutputShare, + PrepareTransition, Vdaf, VdafError, }, vidpf::{ - Vidpf, VidpfError, VidpfInput, VidpfKey, VidpfPublicShare, VidpfServerId, VidpfWeight, + Vidpf, VidpfError, VidpfEvalCache, VidpfInput, VidpfKey, VidpfPublicShare, VidpfServerId, + VidpfWeight, }, }; use std::fmt::Debug; use std::io::{Cursor, Read}; use std::ops::BitAnd; +use std::slice::from_ref; use subtle::{Choice, ConstantTimeEq}; +const DST_PATH_CHECK_BATCH: u16 = 6; +const NONCE_SIZE: usize = 16; + /// The main struct implementing the Mastic VDAF. /// Composed of a shared zero knowledge proof system and a verifiable incremental /// distributed point function. @@ -66,20 +73,30 @@ where /// Mastic aggregation parameter. /// /// This includes the VIDPF tree level under evaluation and a set of prefixes to evaluate at that level. -#[derive(Clone, Debug)] +#[derive(Clone, Debug, PartialEq)] pub struct MasticAggregationParam { /// aggregation parameter inherited from [`Poplar1`]: contains the level (attribute length) and a vector of attribute prefixes (IdpfInputs) level_and_prefixes: Poplar1AggregationParam, /// Flag indicating whether the VIDPF weight needs to be validated using SZK. /// This flag must be set the first time any report is aggregated; however this may happen at any level of the tree. - require_check_flag: bool, + require_weight_check: bool, +} + +#[cfg(test)] +impl MasticAggregationParam { + fn new(prefixes: Vec, require_weight_check: bool) -> Result { + Ok(Self { + level_and_prefixes: Poplar1AggregationParam::try_from_prefixes(prefixes)?, + require_weight_check, + }) + } } impl Encode for MasticAggregationParam { fn encode(&self, bytes: &mut Vec) -> Result<(), CodecError> { self.level_and_prefixes.encode(bytes)?; - let require_check = if self.require_check_flag { 1u8 } else { 0u8 }; - require_check.encode(bytes)?; + let require_weight_check = if self.require_weight_check { 1u8 } else { 0u8 }; + require_weight_check.encode(bytes)?; Ok(()) } @@ -91,11 +108,11 @@ impl Encode for MasticAggregationParam { impl Decode for MasticAggregationParam { fn decode(bytes: &mut Cursor<&[u8]>) -> Result { let level_and_prefixes = Poplar1AggregationParam::decode(bytes)?; - let require_check = u8::decode(bytes)?; - let require_check_flag = require_check != 0; + let require_weight_check_u8 = u8::decode(bytes)?; + let require_weight_check = require_weight_check_u8 != 0; Ok(Self { level_and_prefixes, - require_check_flag, + require_weight_check, }) } } @@ -122,7 +139,7 @@ where } } -/// Mastic input share +/// Mastic input share. /// /// Message sent by the [`Client`] to each Aggregator during the Sharding phase. #[derive(Clone, Debug)] @@ -136,7 +153,7 @@ pub struct MasticInputShare { impl Encode for MasticInputShare { fn encode(&self, bytes: &mut Vec) -> Result<(), CodecError> { - bytes.extend_from_slice(&self.vidpf_key.value[..]); + bytes.extend_from_slice(&self.vidpf_key.0[..]); self.proof_share.encode(bytes)?; Ok(()) } @@ -161,15 +178,7 @@ where } let mut value = [0; 16]; bytes.read_exact(&mut value)?; - let vidpf_key = VidpfKey::new( - if *agg_id == 0 { - VidpfServerId::S0 - } else { - VidpfServerId::S1 - }, - value, - ); - + let vidpf_key = VidpfKey::from_bytes(value); let proof_share = SzkProofShare::::decode_with_param( &( *agg_id == 0, @@ -185,7 +194,6 @@ where } } -#[cfg(test)] impl PartialEq for MasticInputShare { fn eq(&self, other: &MasticInputShare) -> bool { self.ct_eq(other).into() @@ -260,7 +268,7 @@ where P: Xof, { type Measurement = (VidpfInput, T::Measurement); - type AggregateResult = T::AggregateResult; + type AggregateResult = Vec; type AggregationParam = MasticAggregationParam; type PublicShare = MasticPublicShare>; type InputShare = MasticInputShare; @@ -275,7 +283,6 @@ where 2 } } - impl Mastic where T: Type, @@ -300,9 +307,11 @@ where )?; let leader_measurement_share = - self.vidpf.eval_root(&vidpf_keys[0], &public_share, nonce)?; + self.vidpf + .eval_root(VidpfServerId::S0, &vidpf_keys[0], &public_share, nonce)?; let helper_measurement_share = - self.vidpf.eval_root(&vidpf_keys[1], &public_share, nonce)?; + self.vidpf + .eval_root(VidpfServerId::S1, &vidpf_keys[1], &public_share, nonce)?; let [leader_szk_proof_share, helper_szk_proof_share] = self.szk.prove( leader_measurement_share.as_ref(), @@ -349,19 +358,13 @@ where return Err(VdafError::Vidpf(VidpfError::InvalidAttributeLength)); } - let vidpf_keys = [ - VidpfKey::gen(VidpfServerId::S0)?, - VidpfKey::gen(VidpfServerId::S1)?, - ]; - let joint_random_opt = if self.szk.has_joint_rand() { + let vidpf_keys = [VidpfKey::generate()?, VidpfKey::generate()?]; + let joint_random_opt = if self.szk.requires_joint_rand() { Some(Seed::::generate()?) } else { None }; - let szk_random = [ - Seed::::generate()?, - Seed::::generate()?, - ]; + let szk_random = [Seed::generate()?, Seed::generate()?]; let encoded_measurement = self.encode_measurement(weight)?; if encoded_measurement.as_ref().len() != self.vidpf.weight_parameter { @@ -380,19 +383,335 @@ where } } +/// Mastic preparation state. +/// +/// State held by an aggregator waiting for a message during Mastic preparation. Includes intermediate +/// state for [`Szk`] verification, the output shares currently being validated, and +/// parameters of Mastic used for encoding. +#[derive(Clone, Debug, Eq, PartialEq)] +pub struct MasticPrepareState { + /// Includes output shares for eventual aggregation. + output_shares: MasticOutputShare, + /// If [`Szk`]` verification is being performed, we also store the relevant state for that operation. + szk_query_state: SzkQueryState, + verifier_len: Option, +} + +/// Mastic preparation share. +/// +/// Broadcast message from an aggregator preparing Mastic output shares. Includes the +/// [`Vidpf`] evaluation proof covering every prefix in the aggregation parameter, and optionally +/// the verification message for Szk. +#[derive(Clone, Debug)] +pub struct MasticPrepareShare { + /// [`Vidpf`] evaluation proof, which guarantees one-hotness and payload consistency. + vidpf_proof: Seed, + + /// If [`Szk`]` verification of the root weight is needed, a verification message. + szk_query_share_opt: Option>, +} + +impl Encode for MasticPrepareShare { + fn encode(&self, bytes: &mut Vec) -> Result<(), CodecError> { + self.vidpf_proof.encode(bytes)?; + match &self.szk_query_share_opt { + Some(query_share) => query_share.encode(bytes), + None => Ok(()), + } + } + + fn encoded_len(&self) -> Option { + Some( + self.vidpf_proof.encoded_len()? + + match &self.szk_query_share_opt { + Some(query_share) => query_share.encoded_len()?, + None => 0, + }, + ) + } +} + +impl ParameterizedDecode> + for MasticPrepareShare +{ + fn decode_with_param( + prep_state: &MasticPrepareState, + bytes: &mut Cursor<&[u8]>, + ) -> Result { + let vidpf_proof = Seed::decode(bytes)?; + let requires_joint_rand = prep_state.szk_query_state.is_some(); + let szk_query_share_opt = prep_state + .verifier_len + .map(|verifier_len| { + SzkQueryShare::::decode_with_param( + &(requires_joint_rand, verifier_len), + bytes, + ) + }) + .transpose()?; + Ok(Self { + vidpf_proof, + szk_query_share_opt, + }) + } +} + +/// Mastic preparation message. +/// +/// Result of preprocessing the broadcast messages of both aggregators during the +/// preparation phase. +pub type MasticPrepareMessage = SzkJointShare; + +impl ParameterizedDecode> + for MasticPrepareMessage +{ + fn decode_with_param( + prep_state: &MasticPrepareState, + bytes: &mut Cursor<&[u8]>, + ) -> Result { + match prep_state.szk_query_state { + Some(_) => SzkJointShare::::decode_with_param(&true, bytes), + None => SzkJointShare::::decode_with_param(&false, bytes), + } + } +} + +impl Aggregator for Mastic +where + T: Type, + P: Xof, +{ + type PrepareState = MasticPrepareState; + type PrepareShare = MasticPrepareShare; + type PrepareMessage = MasticPrepareMessage; + + fn is_agg_param_valid(cur: &MasticAggregationParam, prev: &[MasticAggregationParam]) -> bool { + // First agg param should be the only one that requires weight check. + if cur.require_weight_check != prev.is_empty() { + return false; + }; + + if prev.is_empty() { + return true; + } + // Unpack this agg param and the last one in the list + let cur_poplar_agg_param = &cur.level_and_prefixes; + let prev_poplar_agg_param = from_ref(&prev.last().as_ref().unwrap().level_and_prefixes); + Poplar1::::is_agg_param_valid(cur_poplar_agg_param, prev_poplar_agg_param) + } + + fn prepare_init( + &self, + verify_key: &[u8; SEED_SIZE], + ctx: &[u8], + agg_id: usize, + agg_param: &MasticAggregationParam, + nonce: &[u8; NONCE_SIZE], + public_share: &MasticPublicShare>, + input_share: &MasticInputShare, + ) -> Result< + ( + MasticPrepareState, + MasticPrepareShare, + ), + VdafError, + > { + let id = match agg_id { + 0 => Ok(VidpfServerId::S0), + 1 => Ok(VidpfServerId::S1), + _ => Err(VdafError::Uncategorized( + "Invalid aggregator ID".to_string(), + )), + }?; + let mut eval_proof = P::init( + verify_key, + &self.domain_separation_tag(DST_PATH_CHECK_BATCH, ctx), + ); + let mut output_shares = Vec::::with_capacity( + self.vidpf.weight_parameter * agg_param.level_and_prefixes.prefixes().len(), + ); + let mut cache_tree = BinaryTree::>>::default(); + for prefix in agg_param.level_and_prefixes.prefixes() { + let mut value_share = self.vidpf.eval_with_cache( + id, + &input_share.vidpf_key, + public_share, + prefix, + &mut cache_tree, + nonce, + )?; + eval_proof.update(&value_share.proof); + output_shares.append(&mut value_share.share.0); + } + + Ok(if agg_param.require_weight_check { + let MasticInputShare { + vidpf_key, + proof_share, + } = input_share; + let root_share = self.vidpf.get_root_weight_share( + id, + vidpf_key, + public_share, + &mut cache_tree, + nonce, + )?; + let (szk_query_share, szk_query_state) = + self.szk + .query(root_share.as_ref(), proof_share, verify_key, nonce)?; + let verifier_len = szk_query_share.flp_verifier.len(); + ( + MasticPrepareState { + output_shares: MasticOutputShare::::from(output_shares), + szk_query_state, + verifier_len: Some(verifier_len), + }, + MasticPrepareShare { + vidpf_proof: eval_proof.into_seed(), + szk_query_share_opt: Some(szk_query_share), + }, + ) + } else { + ( + MasticPrepareState { + output_shares: MasticOutputShare::::from(output_shares), + szk_query_state: None, + verifier_len: None, + }, + MasticPrepareShare { + vidpf_proof: eval_proof.into_seed(), + szk_query_share_opt: None, + }, + ) + }) + } + + fn prepare_shares_to_prepare_message< + M: IntoIterator>, + >( + &self, + _ctx: &[u8], + _agg_param: &MasticAggregationParam, + inputs: M, + ) -> Result, VdafError> { + let mut inputs_iter = inputs.into_iter(); + let leader_share = inputs_iter.next().ok_or(VdafError::Uncategorized( + "No leader share received".to_string(), + ))?; + let helper_share = inputs_iter.next().ok_or(VdafError::Uncategorized( + "No helper share received".to_string(), + ))?; + if inputs_iter.next().is_some() { + return Err(VdafError::Uncategorized( + "Received more than two prepare shares".to_string(), + )); + }; + if leader_share.vidpf_proof != helper_share.vidpf_proof { + return Err(VdafError::Uncategorized( + "Vidpf proof verification failed".to_string(), + )); + }; + match ( + leader_share.szk_query_share_opt, + helper_share.szk_query_share_opt, + ) { + // The SZK is only used once, during the first round of aggregation. + (Some(leader_query_share), Some(helper_query_share)) => Ok(self + .szk + .merge_query_shares(leader_query_share, helper_query_share)?), + (None, None) => Ok(SzkJointShare::none()), + (_, _) => Err(VdafError::Uncategorized( + "Only one of leader and helper query shares is present".to_string(), + )), + } + } + + fn prepare_next( + &self, + _ctx: &[u8], + state: MasticPrepareState, + input: MasticPrepareMessage, + ) -> Result, VdafError> { + let MasticPrepareState { + output_shares, + szk_query_state, + verifier_len: _, + } = state; + self.szk.decide(szk_query_state, input)?; + Ok(PrepareTransition::Finish(output_shares)) + } + + fn aggregate>>( + &self, + agg_param: &MasticAggregationParam, + output_shares: M, + ) -> Result, VdafError> { + let mut agg_share = MasticAggregateShare::::from(vec![ + T::Field::zero(); + self.vidpf.weight_parameter + * agg_param + .level_and_prefixes + .prefixes() + .len() + ]); + for output_share in output_shares.into_iter() { + agg_share.accumulate(&output_share)?; + } + Ok(agg_share) + } +} + +impl Collector for Mastic +where + T: Type, + P: Xof, +{ + fn unshard>( + &self, + agg_param: &MasticAggregationParam, + agg_shares: M, + _num_measurements: usize, + ) -> Result { + let num_prefixes = agg_param.level_and_prefixes.prefixes().len(); + let mut agg_final = MasticAggregateShare::::from(vec![ + T::Field::zero(); + self.vidpf.weight_parameter + * num_prefixes + ]); + for agg_share in agg_shares.into_iter() { + agg_final.merge(&agg_share)?; + } + let mut iter = agg_final + .0 + .chunks(self.vidpf.weight_parameter) + .take(num_prefixes); + let mut result = Vec::::with_capacity(num_prefixes); + iter.try_for_each(|encoded_result| -> Result<(), FlpError> { + result.push( + self.szk + .typ + .decode_result(&self.szk.typ.truncate(encoded_result.to_vec())?[..], 1)?, + ); + Ok(()) + })?; + Ok(result) + } +} + #[cfg(test)] mod tests { use super::*; use crate::field::Field128; use crate::flp::gadgets::{Mul, ParallelSum}; use crate::flp::types::{Count, Sum, SumVec}; + use crate::vdaf::test_utils::run_vdaf; use rand::{thread_rng, Rng}; const TEST_NONCE_SIZE: usize = 16; const CTX_STR: &[u8] = b"mastic ctx"; #[test] - fn test_mastic_shard_sum() { + fn test_mastic_sum() { let algorithm_id = 6; let max_measurement = 29; let sum_typ = Sum::::new(max_measurement).unwrap(); @@ -406,12 +725,74 @@ mod tests { thread_rng().fill(&mut verify_key[..]); thread_rng().fill(&mut nonce[..]); - let first_input = VidpfInput::from_bytes(&[15u8, 0u8, 1u8, 4u8][..]); + let inputs = [ + VidpfInput::from_bytes(&[240u8, 0u8, 1u8, 4u8][..]), + VidpfInput::from_bytes(&[112u8, 0u8, 1u8, 4u8][..]), + VidpfInput::from_bytes(&[48u8, 0u8, 1u8, 4u8][..]), + VidpfInput::from_bytes(&[32u8, 0u8, 1u8, 4u8][..]), + VidpfInput::from_bytes(&[0u8, 0u8, 1u8, 4u8][..]), + ]; + let three_prefixes = vec![VidpfInput::from_bools(&[false, false, true])]; + let individual_prefixes = vec![ + VidpfInput::from_bools(&[false]), + VidpfInput::from_bools(&[true]), + ]; let mastic = Mastic::new(algorithm_id, sum_szk, sum_vidpf, 32); - let (_public, _input_shares) = mastic - .shard(CTX_STR, &(first_input, 24u128), &nonce) - .unwrap(); + let first_agg_param = MasticAggregationParam::new(three_prefixes.clone(), true).unwrap(); + let second_agg_param = MasticAggregationParam::new(individual_prefixes, true).unwrap(); + let third_agg_param = MasticAggregationParam::new(three_prefixes, false).unwrap(); + + assert_eq!( + run_vdaf( + CTX_STR, + &mastic, + &first_agg_param, + [ + (inputs[0].clone(), 24), + (inputs[1].clone(), 0), + (inputs[2].clone(), 0), + (inputs[3].clone(), 3), + (inputs[4].clone(), 28) + ] + ) + .unwrap(), + vec![3] + ); + + assert_eq!( + run_vdaf( + CTX_STR, + &mastic, + &second_agg_param, + [ + (inputs[0].clone(), 24), + (inputs[1].clone(), 0), + (inputs[2].clone(), 0), + (inputs[3].clone(), 3), + (inputs[4].clone(), 28) + ] + ) + .unwrap(), + vec![31, 24] + ); + + assert_eq!( + run_vdaf( + CTX_STR, + &mastic, + &third_agg_param, + [ + (inputs[0].clone(), 24), + (inputs[1].clone(), 0), + (inputs[2].clone(), 0), + (inputs[3].clone(), 3), + (inputs[4].clone(), 28) + ] + ) + .unwrap(), + vec![3] + ); } #[test] @@ -448,7 +829,161 @@ mod tests { } #[test] - fn test_mastic_shard_count() { + fn test_agg_param_roundtrip() { + let three_prefixes = vec![VidpfInput::from_bools(&[false, false, true])]; + let individual_prefixes = vec![ + VidpfInput::from_bools(&[false]), + VidpfInput::from_bools(&[true]), + ]; + let agg_params = [ + MasticAggregationParam::new(three_prefixes.clone(), true).unwrap(), + MasticAggregationParam::new(individual_prefixes, true).unwrap(), + MasticAggregationParam::new(three_prefixes, false).unwrap(), + ]; + + let encoded_agg_params = agg_params + .iter() + .map(|agg_param| agg_param.get_encoded().unwrap()); + let decoded_agg_params = encoded_agg_params + .map(|encoded_ap| MasticAggregationParam::get_decoded(&encoded_ap).unwrap()); + agg_params + .iter() + .zip(decoded_agg_params) + .for_each(|(agg_param, decoded_agg_param)| assert_eq!(*agg_param, decoded_agg_param)); + } + + #[test] + fn test_public_share_roundtrip_sum() { + let algorithm_id = 6; + let max_measurement = 29; + let sum_typ = Sum::::new(max_measurement).unwrap(); + let encoded_meas_len = sum_typ.input_len(); + let sum_szk = Szk::new_turboshake128(sum_typ, algorithm_id); + let sum_vidpf = Vidpf::, TEST_NONCE_SIZE>::new(encoded_meas_len); + + let mut nonce = [0u8; 16]; + let mut verify_key = [0u8; 16]; + thread_rng().fill(&mut verify_key[..]); + thread_rng().fill(&mut nonce[..]); + + let first_input = VidpfInput::from_bytes(&[15u8, 0u8, 1u8, 4u8][..]); + + let mastic = Mastic::new(algorithm_id, sum_szk, sum_vidpf, 32); + let (public, _) = mastic + .shard(CTX_STR, &(first_input, 4u128), &nonce) + .unwrap(); + + let encoded_public = public.get_encoded().unwrap(); + let decoded_public = + MasticPublicShare::get_decoded_with_param(&mastic, &encoded_public[..]).unwrap(); + assert_eq!(public, decoded_public); + } + + #[test] + fn test_mastic_count() { + let algorithm_id = 6; + let count = Count::::new(); + let szk = Szk::new_turboshake128(count, algorithm_id); + let sum_vidpf = Vidpf::, TEST_NONCE_SIZE>::new(1); + + let mut nonce = [0u8; 16]; + let mut verify_key = [0u8; 16]; + thread_rng().fill(&mut verify_key[..]); + thread_rng().fill(&mut nonce[..]); + + let inputs = [ + VidpfInput::from_bytes(&[240u8, 0u8, 1u8, 4u8][..]), + VidpfInput::from_bytes(&[112u8, 0u8, 1u8, 4u8][..]), + VidpfInput::from_bytes(&[48u8, 0u8, 1u8, 4u8][..]), + VidpfInput::from_bytes(&[32u8, 0u8, 1u8, 4u8][..]), + VidpfInput::from_bytes(&[0u8, 0u8, 1u8, 4u8][..]), + ]; + let three_prefixes = vec![VidpfInput::from_bools(&[false, false, true])]; + let individual_prefixes = vec![ + VidpfInput::from_bools(&[false]), + VidpfInput::from_bools(&[true]), + ]; + let mastic = Mastic::new(algorithm_id, szk, sum_vidpf, 32); + let first_agg_param = MasticAggregationParam::new(three_prefixes.clone(), true).unwrap(); + let second_agg_param = MasticAggregationParam::new(individual_prefixes, true).unwrap(); + let third_agg_param = MasticAggregationParam::new(three_prefixes, false).unwrap(); + + assert_eq!( + run_vdaf( + CTX_STR, + &mastic, + &first_agg_param, + [ + (inputs[0].clone(), true), + (inputs[1].clone(), false), + (inputs[2].clone(), false), + (inputs[3].clone(), true), + (inputs[4].clone(), true) + ] + ) + .unwrap(), + vec![1] + ); + + assert_eq!( + run_vdaf( + CTX_STR, + &mastic, + &second_agg_param, + [ + (inputs[0].clone(), true), + (inputs[1].clone(), false), + (inputs[2].clone(), false), + (inputs[3].clone(), true), + (inputs[4].clone(), true) + ] + ) + .unwrap(), + vec![2, 1] + ); + + assert_eq!( + run_vdaf( + CTX_STR, + &mastic, + &third_agg_param, + [ + (inputs[0].clone(), true), + (inputs[1].clone(), false), + (inputs[2].clone(), false), + (inputs[3].clone(), true), + (inputs[4].clone(), true) + ] + ) + .unwrap(), + vec![1] + ); + } + + #[test] + fn test_public_share_encoded_len() { + let algorithm_id = 6; + let count = Count::::new(); + let szk = Szk::new_turboshake128(count, algorithm_id); + let sum_vidpf = Vidpf::, TEST_NONCE_SIZE>::new(1); + + let mut nonce = [0u8; 16]; + let mut verify_key = [0u8; 16]; + thread_rng().fill(&mut verify_key[..]); + thread_rng().fill(&mut nonce[..]); + let first_input = VidpfInput::from_bytes(&[15u8, 0u8, 1u8, 4u8][..]); + + let mastic = Mastic::new(algorithm_id, szk, sum_vidpf, 32); + let (public, _) = mastic.shard(CTX_STR, &(first_input, true), &nonce).unwrap(); + + assert_eq!( + public.encoded_len().unwrap(), + public.get_encoded().unwrap().len() + ); + } + + #[test] + fn test_public_share_roundtrip_count() { let algorithm_id = 6; let count = Count::::new(); let szk = Szk::new_turboshake128(count, algorithm_id); @@ -462,15 +997,19 @@ mod tests { let first_input = VidpfInput::from_bytes(&[15u8, 0u8, 1u8, 4u8][..]); let mastic = Mastic::new(algorithm_id, szk, sum_vidpf, 32); - let (_public, _input_shares) = mastic.shard(CTX_STR, &(first_input, true), &nonce).unwrap(); + let (public, _) = mastic.shard(CTX_STR, &(first_input, true), &nonce).unwrap(); + + let encoded_public = public.get_encoded().unwrap(); + let decoded_public = + MasticPublicShare::get_decoded_with_param(&mastic, &encoded_public[..]).unwrap(); + assert_eq!(public, decoded_public); } #[test] - fn test_mastic_shard_sumvec() { + fn test_mastic_sumvec() { let algorithm_id = 6; let sumvec = SumVec::>>::new(5, 3, 3).unwrap(); - let measurement = vec![1, 16, 0]; let szk = Szk::new_turboshake128(sumvec, algorithm_id); let sum_vidpf = Vidpf::, TEST_NONCE_SIZE>::new(15); @@ -479,12 +1018,82 @@ mod tests { thread_rng().fill(&mut verify_key[..]); thread_rng().fill(&mut nonce[..]); - let first_input = VidpfInput::from_bytes(&[15u8, 0u8, 1u8, 4u8][..]); + let inputs = [ + VidpfInput::from_bytes(&[240u8, 0u8, 1u8, 4u8][..]), + VidpfInput::from_bytes(&[112u8, 0u8, 1u8, 4u8][..]), + VidpfInput::from_bytes(&[48u8, 0u8, 1u8, 4u8][..]), + VidpfInput::from_bytes(&[32u8, 0u8, 1u8, 4u8][..]), + VidpfInput::from_bytes(&[0u8, 0u8, 1u8, 4u8][..]), + ]; + + let measurements = [ + vec![1u128, 16u128, 0u128], + vec![0u128, 0u128, 0u128], + vec![0u128, 0u128, 0u128], + vec![1u128, 17u128, 31u128], + vec![6u128, 4u128, 11u128], + ]; + let three_prefixes = vec![VidpfInput::from_bools(&[false, false, true])]; + let individual_prefixes = vec![ + VidpfInput::from_bools(&[false]), + VidpfInput::from_bools(&[true]), + ]; + let first_agg_param = MasticAggregationParam::new(three_prefixes.clone(), true).unwrap(); + let second_agg_param = MasticAggregationParam::new(individual_prefixes, true).unwrap(); let mastic = Mastic::new(algorithm_id, szk, sum_vidpf, 32); - let (_public, _input_shares) = mastic - .shard(CTX_STR, &(first_input, measurement), &nonce) - .unwrap(); + let third_agg_param = MasticAggregationParam::new(three_prefixes, false).unwrap(); + + assert_eq!( + run_vdaf( + CTX_STR, + &mastic, + &first_agg_param, + [ + (inputs[0].clone(), measurements[0].clone()), + (inputs[1].clone(), measurements[1].clone()), + (inputs[2].clone(), measurements[2].clone()), + (inputs[3].clone(), measurements[3].clone()), + (inputs[4].clone(), measurements[4].clone()), + ] + ) + .unwrap(), + vec![vec![1, 17, 31]] + ); + + assert_eq!( + run_vdaf( + CTX_STR, + &mastic, + &second_agg_param, + [ + (inputs[0].clone(), measurements[0].clone()), + (inputs[1].clone(), measurements[1].clone()), + (inputs[2].clone(), measurements[2].clone()), + (inputs[3].clone(), measurements[3].clone()), + (inputs[4].clone(), measurements[4].clone()), + ] + ) + .unwrap(), + vec![vec![7, 21, 42], vec![1, 16, 0]] + ); + + assert_eq!( + run_vdaf( + CTX_STR, + &mastic, + &third_agg_param, + [ + (inputs[0].clone(), measurements[0].clone()), + (inputs[1].clone(), measurements[1].clone()), + (inputs[2].clone(), measurements[2].clone()), + (inputs[3].clone(), measurements[3].clone()), + (inputs[4].clone(), measurements[4].clone()), + ] + ) + .unwrap(), + vec![vec![1, 17, 31]] + ); } #[test] @@ -554,4 +1163,58 @@ mod tests { .unwrap(); assert_eq!(helper_input_share, &decoded_helper_input_share); } + + #[test] + fn test_public_share_encode_sumvec() { + let algorithm_id = 6; + let sumvec = + SumVec::>>::new(5, 3, 3).unwrap(); + let measurement = vec![1, 16, 0]; + let szk = Szk::new_turboshake128(sumvec, algorithm_id); + let sum_vidpf = Vidpf::, TEST_NONCE_SIZE>::new(15); + + let mut nonce = [0u8; 16]; + let mut verify_key = [0u8; 16]; + thread_rng().fill(&mut verify_key[..]); + thread_rng().fill(&mut nonce[..]); + + let first_input = VidpfInput::from_bytes(&[15u8, 0u8, 1u8, 4u8][..]); + + let mastic = Mastic::new(algorithm_id, szk, sum_vidpf, 32); + let (public, _) = mastic + .shard(CTX_STR, &(first_input, measurement), &nonce) + .unwrap(); + + assert_eq!( + public.encoded_len().unwrap(), + public.get_encoded().unwrap().len() + ); + } + + #[test] + fn test_public_share_roundtrip_sumvec() { + let algorithm_id = 6; + let sumvec = + SumVec::>>::new(5, 3, 3).unwrap(); + let measurement = vec![1, 16, 0]; + let szk = Szk::new_turboshake128(sumvec, algorithm_id); + let sum_vidpf = Vidpf::, TEST_NONCE_SIZE>::new(15); + + let mut nonce = [0u8; 16]; + let mut verify_key = [0u8; 16]; + thread_rng().fill(&mut verify_key[..]); + thread_rng().fill(&mut nonce[..]); + + let first_input = VidpfInput::from_bytes(&[15u8, 0u8, 1u8, 4u8][..]); + + let mastic = Mastic::new(algorithm_id, szk, sum_vidpf, 32); + let (public, _) = mastic + .shard(CTX_STR, &(first_input, measurement), &nonce) + .unwrap(); + + let encoded_public_share = public.get_encoded().unwrap(); + let decoded_public_share = + MasticPublicShare::get_decoded_with_param(&mastic, &encoded_public_share[..]).unwrap(); + assert_eq!(public, decoded_public_share); + } } diff --git a/src/vidpf.rs b/src/vidpf.rs index 3ec8d1347..f760bd0d6 100644 --- a/src/vidpf.rs +++ b/src/vidpf.rs @@ -15,13 +15,15 @@ use core::{ }; use bitvec::field::BitField; +use bitvec::prelude::{BitVec, Lsb0}; use rand_core::RngCore; use std::fmt::Debug; -use std::io::Cursor; +use std::io::{Cursor, Read}; use subtle::{Choice, ConditionallyNegatable, ConditionallySelectable, ConstantTimeEq}; use crate::{ - codec::{CodecError, Encode, ParameterizedDecode}, + bt::{BinaryTree, Node}, + codec::{CodecError, Decode, Encode, ParameterizedDecode}, field::FieldElement, idpf::{ conditional_select_seed, conditional_swap_seed, conditional_xor_seeds, xor_seeds, @@ -83,7 +85,7 @@ impl Vidpf { Self { weight_parameter } } - /// The [`Vidpf::gen`] method splits an incremental point function `F` into two private keys + /// Splits an incremental point function `F` into two private keys /// used by the aggregation servers, and a common public share. /// /// The incremental point function is defined as `F`: [`VidpfInput`] --> [`VidpfValue`] @@ -105,15 +107,12 @@ impl Vidpf { weight: &W, nonce: &[u8; NONCE_SIZE], ) -> Result<(VidpfPublicShare, [VidpfKey; 2]), VidpfError> { - let keys = [ - VidpfKey::gen(VidpfServerId::S0)?, - VidpfKey::gen(VidpfServerId::S1)?, - ]; + let keys = [VidpfKey::generate()?, VidpfKey::generate()?]; let public = self.gen_with_keys(&keys, input, weight, nonce)?; Ok((public, keys)) } - /// [`Vidpf::gen_with_keys`] works as the [`Vidpf::gen`] method, except that two different + /// Works as the [`Vidpf::gen`] method, except that two different /// keys must be provided. pub(crate) fn gen_with_keys( &self, @@ -122,12 +121,11 @@ impl Vidpf { weight: &W, nonce: &[u8; NONCE_SIZE], ) -> Result, VidpfError> { - if keys[0].id == keys[1].id { - return Err(VidpfError::SameKeyId); - } - - let mut s_i = [keys[0].value, keys[1].value]; - let mut t_i = [Choice::from(keys[0].id), Choice::from(keys[1].id)]; + let mut s_i = [keys[0].0, keys[1].0]; + let mut t_i = [ + Choice::from(VidpfServerId::S0), + Choice::from(VidpfServerId::S1), + ]; let n = input.len(); let mut cw = Vec::with_capacity(n); @@ -200,16 +198,17 @@ impl Vidpf { Ok(VidpfPublicShare { cw, cs }) } - /// [`Vidpf::eval`] evaluates the entire `input` and produces a share of the + /// Evaluates the entire `input` and produces a share of the /// input's weight. pub fn eval( &self, + id: VidpfServerId, key: &VidpfKey, public: &VidpfPublicShare, input: &VidpfInput, nonce: &[u8; NONCE_SIZE], ) -> Result, VidpfError> { - let mut state = VidpfEvalState::init_from_key(key); + let mut state = VidpfEvalState::init_from_key(id, key); let mut share = W::zero(&self.weight_parameter); let n = input.len(); @@ -217,7 +216,7 @@ impl Vidpf { return Err(VidpfError::InvalidAttributeLength); } for level in 0..n { - (state, share) = self.eval_next(key.id, public, input, level, &state, nonce)?; + (state, share) = self.eval_next(id, public, input, level, &state, nonce)?; } Ok(VidpfValueShare { @@ -226,7 +225,57 @@ impl Vidpf { }) } - /// [`Vidpf::eval_next`] evaluates the `input` at the given level using the provided initial + /// Evaluates the entire `input` and produces a share of the + /// input's weight. It reuses computation from previous levels available in the + /// cache. + pub(crate) fn eval_with_cache( + &self, + id: VidpfServerId, + key: &VidpfKey, + public: &VidpfPublicShare, + input: &VidpfInput, + cache_tree: &mut BinaryTree>, + nonce: &[u8; NONCE_SIZE], + ) -> Result, VidpfError> { + let n = input.len(); + if n > public.cw.len() { + return Err(VidpfError::InvalidAttributeLength); + } + + let mut sub_tree = cache_tree.root.get_or_insert_with(|| { + Box::new(Node::new(VidpfEvalCache { + state: VidpfEvalState::init_from_key(id, key), + share: W::zero(&self.weight_parameter), // not used + })) + }); + + for (level, bit) in input.iter().enumerate() { + sub_tree = if !bit { + if sub_tree.left.is_none() { + let (new_state, new_share) = + self.eval_next(id, public, input, level, &sub_tree.value.state, nonce)?; + sub_tree.left = Some(Box::new(Node::new(VidpfEvalCache { + state: new_state, + share: new_share, + }))); + } + sub_tree.left.as_mut().expect("right child was visited") + } else { + if sub_tree.right.is_none() { + let (new_state, new_share) = + self.eval_next(id, public, input, level, &sub_tree.value.state, nonce)?; + sub_tree.right = Some(Box::new(Node::new(VidpfEvalCache { + state: new_state, + share: new_share, + }))); + } + sub_tree.right.as_mut().expect("right child was visited") + } + } + Ok(sub_tree.value.to_share()) + } + + /// Evaluates the `input` at the given level using the provided initial /// state, and returns a new state and a share of the input's weight at that level. fn eval_next( &self, @@ -276,17 +325,60 @@ impl Vidpf { Ok((next_state, y)) } + pub(crate) fn get_root_weight_share( + &self, + id: VidpfServerId, + key: &VidpfKey, + public_share: &VidpfPublicShare, + cache_tree: &mut BinaryTree>, + nonce: &[u8; NONCE_SIZE], + ) -> Result { + Ok(self + .eval_with_cache( + id, + key, + public_share, + &VidpfInput::from_bools(&[false]), + cache_tree, + nonce, + )? + .share + + self + .eval_with_cache( + id, + key, + public_share, + &VidpfInput::from_bools(&[true]), + cache_tree, + nonce, + )? + .share) + } + pub(crate) fn eval_root( &self, + id: VidpfServerId, key: &VidpfKey, public_share: &VidpfPublicShare, nonce: &[u8; NONCE_SIZE], ) -> Result { Ok(self - .eval(key, public_share, &VidpfInput::from_bools(&[false]), nonce)? + .eval( + id, + key, + public_share, + &VidpfInput::from_bools(&[false]), + nonce, + )? .share + self - .eval(key, public_share, &VidpfInput::from_bools(&[true]), nonce)? + .eval( + id, + key, + public_share, + &VidpfInput::from_bools(&[true]), + nonce, + )? .share) } @@ -374,52 +466,16 @@ impl VidpfDomainSepTag { const NODE_PROOF_ADJUST: &'static [u8] = b"NodeProofAdjust"; } -#[derive(Clone, Debug)] -/// Vidpf key +/// Vidpf key. /// /// Private key of an aggregation server. -pub struct VidpfKey { - id: VidpfServerId, - pub(crate) value: [u8; 16], -} +pub type VidpfKey = Seed; -impl VidpfKey { - /// Generates a key at random. - /// - /// # Errors - /// Triggers an error if the random generator fails. - pub(crate) fn gen(id: VidpfServerId) -> Result { - let mut value = [0; 16]; - getrandom::getrandom(&mut value)?; - Ok(Self { id, value }) - } - - pub(crate) fn new(id: VidpfServerId, value: [u8; 16]) -> Self { - Self { id, value } - } -} - -impl ConstantTimeEq for VidpfKey { - fn ct_eq(&self, other: &VidpfKey) -> Choice { - if self.id != other.id { - Choice::from(0) - } else { - self.value.ct_eq(&other.value) - } - } -} - -impl PartialEq for VidpfKey { - fn eq(&self, other: &VidpfKey) -> bool { - bool::from(self.ct_eq(other)) - } -} - -/// Vidpf server ID +/// Vidpf server ID. /// /// Identifies the two aggregation servers. #[derive(Clone, Copy, Debug, PartialEq, Eq)] -pub(crate) enum VidpfServerId { +pub enum VidpfServerId { /// S0 is the first server. S0, /// S1 is the second server. @@ -435,7 +491,7 @@ impl From for Choice { } } -/// Vidpf correction word +/// Vidpf correction word. /// /// Adjusts values of shares during the VIDPF evaluation. #[derive(Clone, Debug)] @@ -464,25 +520,6 @@ where } } -impl Encode for VidpfCorrectionWord { - fn encode(&self, _bytes: &mut Vec) -> Result<(), CodecError> { - todo!(); - } - - fn encoded_len(&self) -> Option { - todo!(); - } -} - -impl ParameterizedDecode for VidpfCorrectionWord { - fn decode_with_param( - _decoding_parameter: &W::ValueParameter, - _bytes: &mut Cursor<&[u8]>, - ) -> Result { - todo!(); - } -} - /// Vidpf public share /// /// Common public information used by aggregation servers. @@ -493,27 +530,83 @@ pub struct VidpfPublicShare { } impl Encode for VidpfPublicShare { - fn encode(&self, _bytes: &mut Vec) -> Result<(), CodecError> { - todo!() + fn encode(&self, bytes: &mut Vec) -> Result<(), CodecError> { + // Control bits need to be written within each byte in LSB-to-MSB order, and assigned into + // bytes in big-endian order. Thus, the first four levels will have their control bits + // encoded in the last byte, and the last levels will have their control bits encoded in the + // first byte. + let mut control_bits: BitVec = BitVec::with_capacity(self.cw.len() * 2); + for correction_words in self.cw.iter() { + control_bits.extend( + [ + bool::from(correction_words.left_control_bit), + bool::from(correction_words.right_control_bit), + ] + .iter(), + ); + } + control_bits.set_uninitialized(false); + let mut packed_control = control_bits.into_vec(); + bytes.append(&mut packed_control); + + for correction_words in self.cw.iter() { + Seed(correction_words.seed).encode(bytes)?; + correction_words.weight.encode(bytes)?; + } + + for proof in &self.cs { + bytes.extend_from_slice(proof); + } + Ok(()) } fn encoded_len(&self) -> Option { - todo!() + let control_bits_count = (self.cw.len()) * 2; + let mut len = (control_bits_count + 7) / 8 + (self.cw.len()) * 16; + for correction_words in self.cw.iter() { + len += correction_words.weight.encoded_len()?; + } + len += self.cs.len() * VIDPF_PROOF_SIZE; + Some(len) } } impl ParameterizedDecode<(usize, W::ValueParameter)> for VidpfPublicShare { fn decode_with_param( - (_bits, _weight_parameter): &(usize, W::ValueParameter), - _bytes: &mut Cursor<&[u8]>, + (bits, weight_parameter): &(usize, W::ValueParameter), + bytes: &mut Cursor<&[u8]>, ) -> Result { - todo!() + let packed_control_len = (bits + 3) / 4; + let mut packed = vec![0u8; packed_control_len]; + bytes.read_exact(&mut packed)?; + let unpacked_control_bits: BitVec = BitVec::from_vec(packed); + + let mut cw = Vec::>::with_capacity(*bits); + for chunk in unpacked_control_bits[0..(bits) * 2].chunks(2) { + let left_control_bit = (chunk[0] as u8).into(); + let right_control_bit = (chunk[1] as u8).into(); + let seed = Seed::decode(bytes)?.0; + cw.push(VidpfCorrectionWord { + seed, + left_control_bit, + right_control_bit, + weight: W::decode_with_param(weight_parameter, bytes)?, + }) + } + let mut cs = Vec::::with_capacity(*bits); + for _ in 0..*bits { + let mut proof = [0u8; VIDPF_PROOF_SIZE]; + bytes.read_exact(&mut proof)?; + cs.push(proof); + } + Ok(Self { cw, cs }) } } /// Vidpf evaluation state /// /// Contains the values produced during input evaluation at a given level. +#[derive(Debug)] pub struct VidpfEvalState { seed: VidpfSeed, control_bit: Choice, @@ -521,15 +614,33 @@ pub struct VidpfEvalState { } impl VidpfEvalState { - fn init_from_key(key: &VidpfKey) -> Self { + fn init_from_key(id: VidpfServerId, key: &VidpfKey) -> Self { Self { - seed: key.value, - control_bit: Choice::from(key.id), + seed: key.0, + control_bit: Choice::from(id), proof: VidpfProof::default(), } } } +/// Vidpf evaluation cache +/// +/// Contains the values produced during input evaluation at a given level. +#[derive(Debug)] +pub struct VidpfEvalCache { + state: VidpfEvalState, + share: W, +} + +impl VidpfEvalCache { + fn to_share(&self) -> VidpfValueShare { + VidpfValueShare:: { + share: self.share.clone(), + proof: self.state.proof, + } + } +} + /// Contains a share of the input's weight together with a proof for verification. pub struct VidpfValueShare { /// Secret share of the input's weight. @@ -540,6 +651,7 @@ pub struct VidpfValueShare { /// Proof size in bytes. const VIDPF_PROOF_SIZE: usize = 32; +const VIDPF_SEED_SIZE: usize = 16; /// Allows to validate user input and shares after evaluation. type VidpfProof = [u8; VIDPF_PROOF_SIZE]; @@ -555,7 +667,7 @@ fn conditional_xor_proof(mut lhs: VidpfProof, rhs: &VidpfProof, choice: Choice) } /// Feeds a pseudorandom generator during evaluation. -type VidpfSeed = [u8; 16]; +type VidpfSeed = [u8; VIDPF_SEED_SIZE]; /// Contains the seeds and control bits produced by [`Vidpf::prg`]. struct VidpfPrgOutput { @@ -703,6 +815,7 @@ impl ParameterizedDecode<::ValueParameter> f #[cfg(test)] mod tests { + use crate::field::Field128; use super::VidpfWeight; @@ -714,15 +827,34 @@ mod tests { mod vidpf { use crate::{ + bt::BinaryTree, + codec::{Encode, ParameterizedDecode}, idpf::IdpfValue, vidpf::{ - Vidpf, VidpfError, VidpfEvalState, VidpfInput, VidpfKey, VidpfPublicShare, + Vidpf, VidpfEvalCache, VidpfEvalState, VidpfInput, VidpfKey, VidpfPublicShare, VidpfServerId, }, }; use super::{TestWeight, TEST_NONCE, TEST_NONCE_SIZE, TEST_WEIGHT_LEN}; + #[test] + fn roundtrip_codec() { + let input = VidpfInput::from_bytes(&[0xFF]); + let weight = TestWeight::from(vec![21.into(), 22.into(), 23.into()]); + let (_, public, _, _) = vidpf_gen_setup(&input, &weight); + + let bytes = public.get_encoded().unwrap(); + assert_eq!(public.encoded_len().unwrap(), bytes.len()); + + let decoded = VidpfPublicShare::::get_decoded_with_param( + &(8, TEST_WEIGHT_LEN), + &bytes, + ) + .unwrap(); + assert_eq!(public, decoded); + } + fn vidpf_gen_setup( input: &VidpfInput, weight: &TestWeight, @@ -737,31 +869,18 @@ mod tests { (vidpf, public, keys, *TEST_NONCE) } - #[test] - fn gen_with_keys() { - let input = VidpfInput::from_bytes(&[0xFF]); - let weight = TestWeight::from(vec![21.into(), 22.into(), 23.into()]); - let vidpf = Vidpf::new(TEST_WEIGHT_LEN); - let keys_with_same_id = [ - VidpfKey::gen(VidpfServerId::S0).unwrap(), - VidpfKey::gen(VidpfServerId::S0).unwrap(), - ]; - - let err = vidpf - .gen_with_keys(&keys_with_same_id, &input, &weight, TEST_NONCE) - .unwrap_err(); - - assert_eq!(err.to_string(), VidpfError::SameKeyId.to_string()); - } - #[test] fn correctness_at_last_level() { let input = VidpfInput::from_bytes(&[0xFF]); let weight = TestWeight::from(vec![21.into(), 22.into(), 23.into()]); let (vidpf, public, [key_0, key_1], nonce) = vidpf_gen_setup(&input, &weight); - let value_share_0 = vidpf.eval(&key_0, &public, &input, &nonce).unwrap(); - let value_share_1 = vidpf.eval(&key_1, &public, &input, &nonce).unwrap(); + let value_share_0 = vidpf + .eval(VidpfServerId::S0, &key_0, &public, &input, &nonce) + .unwrap(); + let value_share_1 = vidpf + .eval(VidpfServerId::S1, &key_1, &public, &input, &nonce) + .unwrap(); assert_eq!( value_share_0.share + value_share_1.share, @@ -776,8 +895,12 @@ mod tests { let bad_input = VidpfInput::from_bytes(&[0x00]); let zero = TestWeight::zero(&TEST_WEIGHT_LEN); - let value_share_0 = vidpf.eval(&key_0, &public, &bad_input, &nonce).unwrap(); - let value_share_1 = vidpf.eval(&key_1, &public, &bad_input, &nonce).unwrap(); + let value_share_0 = vidpf + .eval(VidpfServerId::S0, &key_0, &public, &bad_input, &nonce) + .unwrap(); + let value_share_1 = vidpf + .eval(VidpfServerId::S1, &key_1, &public, &bad_input, &nonce) + .unwrap(); assert_eq!( value_share_0.share + value_share_1.share, @@ -813,18 +936,18 @@ mod tests { weight: &TestWeight, nonce: &[u8; TEST_NONCE_SIZE], ) { - let mut state_0 = VidpfEvalState::init_from_key(key_0); - let mut state_1 = VidpfEvalState::init_from_key(key_1); + let mut state_0 = VidpfEvalState::init_from_key(VidpfServerId::S0, key_0); + let mut state_1 = VidpfEvalState::init_from_key(VidpfServerId::S1, key_1); let n = input.len(); for level in 0..n { let share_0; let share_1; (state_0, share_0) = vidpf - .eval_next(key_0.id, public, input, level, &state_0, nonce) + .eval_next(VidpfServerId::S0, public, input, level, &state_0, nonce) .unwrap(); (state_1, share_1) = vidpf - .eval_next(key_1.id, public, input, level, &state_1, nonce) + .eval_next(VidpfServerId::S1, public, input, level, &state_1, nonce) .unwrap(); assert_eq!( @@ -841,6 +964,94 @@ mod tests { ); } } + + #[test] + fn caching_at_each_level() { + let input = VidpfInput::from_bytes(&[0xFF]); + let weight = TestWeight::from(vec![21.into(), 22.into(), 23.into()]); + let (vidpf, public, keys, nonce) = vidpf_gen_setup(&input, &weight); + + test_equivalence_of_eval_with_caching(&vidpf, &keys, &public, &input, &nonce); + } + + /// Ensures that VIDPF outputs match regardless of whether the path to + /// each node is recomputed or cached during evaluation. + fn test_equivalence_of_eval_with_caching( + vidpf: &Vidpf, + [key_0, key_1]: &[VidpfKey; 2], + public: &VidpfPublicShare, + input: &VidpfInput, + nonce: &[u8; TEST_NONCE_SIZE], + ) { + let mut cache_tree_0 = BinaryTree::>::default(); + let mut cache_tree_1 = BinaryTree::>::default(); + + let n = input.len(); + for level in 0..n { + let val_share_0 = vidpf + .eval( + VidpfServerId::S0, + key_0, + public, + &input.prefix(level), + nonce, + ) + .unwrap(); + let val_share_1 = vidpf + .eval( + VidpfServerId::S1, + key_1, + public, + &input.prefix(level), + nonce, + ) + .unwrap(); + let val_share_0_cached = vidpf + .eval_with_cache( + VidpfServerId::S0, + key_0, + public, + &input.prefix(level), + &mut cache_tree_0, + nonce, + ) + .unwrap(); + let val_share_1_cached = vidpf + .eval_with_cache( + VidpfServerId::S1, + key_1, + public, + &input.prefix(level), + &mut cache_tree_1, + nonce, + ) + .unwrap(); + + assert_eq!( + val_share_0.share, val_share_0_cached.share, + "shares must be computed equally with or without caching: {:?}", + level + ); + + assert_eq!( + val_share_1.share, val_share_1_cached.share, + "shares must be computed equally with or without caching: {:?}", + level + ); + + assert_eq!( + val_share_0.proof, val_share_0_cached.proof, + "proofs must be equal with or without caching: {:?}", + level + ); + + assert_eq!( + val_share_1.proof, val_share_1_cached.proof, + "proofs must be equal with or without caching: {:?}", + level + ); + } + } } mod weight { From 3ad1230421064f078e1811b9c857f31ca9b29cb7 Mon Sep 17 00:00:00 2001 From: Christopher Patton Date: Mon, 16 Dec 2024 16:02:27 -0800 Subject: [PATCH 11/20] Align XofTurboShake128 with VDAF-13 (#1165) * Bump seed size for XofTurboShake128 to 32 bytes * Allow variable length seeds for compatibility with IDPF. * Make the dst length prefix 2 bytes --- benches/cycle_counts.rs | 10 +- benches/speed_tests.rs | 38 +++---- src/dp/distributions.rs | 20 ++-- src/flp/szk.rs | 64 ++++++----- src/flp/types/dp.rs | 50 ++++----- src/flp/types/fixedpoint_l2.rs | 16 +-- src/idpf.rs | 4 +- src/prng.rs | 11 +- src/vdaf/poplar1.rs | 21 ++-- src/vdaf/prio3.rs | 34 +++--- src/vdaf/prio3_test.rs | 4 +- src/vdaf/xof.rs | 34 ++++-- src/vidpf.rs | 2 +- tests/discrete_gauss.rs | 2 +- tests/test_vectors/discrete_gauss_100.json | 94 ++++++++-------- tests/test_vectors/discrete_gauss_2.342.json | 54 +++++----- tests/test_vectors/discrete_gauss_3.json | 62 +++++------ .../test_vectors/discrete_gauss_41293847.json | 100 +++++++++--------- tests/test_vectors/discrete_gauss_9.json | 80 +++++++------- ...discrete_gauss_9999999999999999999999.json | 100 +++++++++--------- 20 files changed, 411 insertions(+), 389 deletions(-) diff --git a/benches/cycle_counts.rs b/benches/cycle_counts.rs index a4598bed1..99bc86ba6 100644 --- a/benches/cycle_counts.rs +++ b/benches/cycle_counts.rs @@ -105,7 +105,7 @@ fn prio2_shard_and_prepare_1000() -> Prio2PrepareShare { prio2_shard_and_prepare(1000) } -fn prio3_client_count() -> Vec> { +fn prio3_client_count() -> Vec> { let prio3 = Prio3::new_count(2).unwrap(); let measurement = true; let nonce = [0; 16]; @@ -115,7 +115,7 @@ fn prio3_client_count() -> Vec> { .1 } -fn prio3_client_histogram_10() -> Vec> { +fn prio3_client_histogram_10() -> Vec> { let prio3 = Prio3::new_histogram(2, 10, 3).unwrap(); let measurement = 9; let nonce = [0; 16]; @@ -125,7 +125,7 @@ fn prio3_client_histogram_10() -> Vec> { .1 } -fn prio3_client_sum_32() -> Vec> { +fn prio3_client_sum_32() -> Vec> { let bits = 16; let prio3 = Prio3::new_sum(2, (1 << bits) - 1).unwrap(); let measurement = 1337; @@ -136,7 +136,7 @@ fn prio3_client_sum_32() -> Vec> { .1 } -fn prio3_client_count_vec_1000() -> Vec> { +fn prio3_client_count_vec_1000() -> Vec> { let len = 1000; let prio3 = Prio3::new_sum_vec(2, 1, len, 31).unwrap(); let measurement = vec![0; len]; @@ -148,7 +148,7 @@ fn prio3_client_count_vec_1000() -> Vec> { } #[cfg(feature = "multithreaded")] -fn prio3_client_count_vec_multithreaded_1000() -> Vec> { +fn prio3_client_count_vec_multithreaded_1000() -> Vec> { let len = 1000; let prio3 = Prio3::new_sum_vec_multithreaded(2, 1, len, 31).unwrap(); let measurement = vec![0; len]; diff --git a/benches/speed_tests.rs b/benches/speed_tests.rs index f6949b103..068ff830f 100644 --- a/benches/speed_tests.rs +++ b/benches/speed_tests.rs @@ -181,7 +181,7 @@ fn prio3(c: &mut Criterion) { let vdaf = Prio3::new_count(num_shares).unwrap(); let measurement = black_box(true); let nonce = black_box([0u8; 16]); - let verify_key = black_box([0u8; 16]); + let verify_key = black_box([0u8; 32]); let (public_share, input_shares) = vdaf.shard(b"", &measurement, &nonce).unwrap(); b.iter(|| { vdaf.prepare_init( @@ -217,7 +217,7 @@ fn prio3(c: &mut Criterion) { let vdaf = Prio3::new_sum(num_shares, max_measurement).unwrap(); let measurement = max_measurement; let nonce = black_box([0u8; 16]); - let verify_key = black_box([0u8; 16]); + let verify_key = black_box([0u8; 32]); let (public_share, input_shares) = vdaf.shard(b"", &measurement, &nonce).unwrap(); b.iter(|| { vdaf.prepare_init( @@ -287,7 +287,7 @@ fn prio3(c: &mut Criterion) { .map(|i| i & 1) .collect::>(); let nonce = black_box([0u8; 16]); - let verify_key = black_box([0u8; 16]); + let verify_key = black_box([0u8; 32]); let (public_share, input_shares) = vdaf.shard(b"", &measurement, &nonce).unwrap(); b.iter(|| { vdaf.prepare_init( @@ -323,7 +323,7 @@ fn prio3(c: &mut Criterion) { .map(|i| i & 1) .collect::>(); let nonce = black_box([0u8; 16]); - let verify_key = black_box([0u8; 16]); + let verify_key = black_box([0u8; 32]); let (public_share, input_shares) = vdaf.shard(b"", &measurement, &nonce).unwrap(); b.iter(|| { @@ -416,7 +416,7 @@ fn prio3(c: &mut Criterion) { let vdaf = Prio3::new_histogram(num_shares, *input_length, *chunk_length).unwrap(); let measurement = black_box(0); let nonce = black_box([0u8; 16]); - let verify_key = black_box([0u8; 16]); + let verify_key = black_box([0u8; 32]); let (public_share, input_shares) = vdaf.shard(b"", &measurement, &nonce).unwrap(); b.iter(|| { vdaf.prepare_init( @@ -458,7 +458,7 @@ fn prio3(c: &mut Criterion) { .unwrap(); let measurement = black_box(0); let nonce = black_box([0u8; 16]); - let verify_key = black_box([0u8; 16]); + let verify_key = black_box([0u8; 32]); let (public_share, input_shares) = vdaf.shard(b"", &measurement, &nonce).unwrap(); b.iter(|| { @@ -492,7 +492,7 @@ fn prio3(c: &mut Criterion) { BenchmarkId::new("serial", dimension), &dimension, |b, dimension| { - let vdaf: Prio3, _, 16> = + let vdaf: Prio3, _, 32> = Prio3::new_fixedpoint_boundedl2_vec_sum(num_shares, *dimension).unwrap(); let mut measurement = vec![FP16_ZERO; *dimension]; measurement[0] = FP16_HALF; @@ -509,7 +509,7 @@ fn prio3(c: &mut Criterion) { BenchmarkId::new("parallel", dimension), &dimension, |b, dimension| { - let vdaf: Prio3, _, 16> = + let vdaf: Prio3, _, 32> = Prio3::new_fixedpoint_boundedl2_vec_sum_multithreaded( num_shares, *dimension, ) @@ -530,12 +530,12 @@ fn prio3(c: &mut Criterion) { BenchmarkId::new("series", dimension), &dimension, |b, dimension| { - let vdaf: Prio3, _, 16> = + let vdaf: Prio3, _, 32> = Prio3::new_fixedpoint_boundedl2_vec_sum(num_shares, *dimension).unwrap(); let mut measurement = vec![FP16_ZERO; *dimension]; measurement[0] = FP16_HALF; let nonce = black_box([0u8; 16]); - let verify_key = black_box([0u8; 16]); + let verify_key = black_box([0u8; 32]); let (public_share, input_shares) = vdaf.shard(b"", &measurement, &nonce).unwrap(); b.iter(|| { @@ -561,7 +561,7 @@ fn prio3(c: &mut Criterion) { BenchmarkId::new("parallel", dimension), &dimension, |b, dimension| { - let vdaf: Prio3, _, 16> = + let vdaf: Prio3, _, 32> = Prio3::new_fixedpoint_boundedl2_vec_sum_multithreaded( num_shares, *dimension, ) @@ -569,7 +569,7 @@ fn prio3(c: &mut Criterion) { let mut measurement = vec![FP16_ZERO; *dimension]; measurement[0] = FP16_HALF; let nonce = black_box([0u8; 16]); - let verify_key = black_box([0u8; 16]); + let verify_key = black_box([0u8; 32]); let (public_share, input_shares) = vdaf.shard(b"", &measurement, &nonce).unwrap(); b.iter(|| { @@ -596,7 +596,7 @@ fn prio3(c: &mut Criterion) { BenchmarkId::new("serial", dimension), &dimension, |b, dimension| { - let vdaf: Prio3, _, 16> = + let vdaf: Prio3, _, 32> = Prio3::new_fixedpoint_boundedl2_vec_sum(num_shares, *dimension).unwrap(); let mut measurement = vec![FP32_ZERO; *dimension]; measurement[0] = FP32_HALF; @@ -613,7 +613,7 @@ fn prio3(c: &mut Criterion) { BenchmarkId::new("parallel", dimension), &dimension, |b, dimension| { - let vdaf: Prio3, _, 16> = + let vdaf: Prio3, _, 32> = Prio3::new_fixedpoint_boundedl2_vec_sum_multithreaded( num_shares, *dimension, ) @@ -634,12 +634,12 @@ fn prio3(c: &mut Criterion) { BenchmarkId::new("series", dimension), &dimension, |b, dimension| { - let vdaf: Prio3, _, 16> = + let vdaf: Prio3, _, 32> = Prio3::new_fixedpoint_boundedl2_vec_sum(num_shares, *dimension).unwrap(); let mut measurement = vec![FP32_ZERO; *dimension]; measurement[0] = FP32_HALF; let nonce = black_box([0u8; 16]); - let verify_key = black_box([0u8; 16]); + let verify_key = black_box([0u8; 32]); let (public_share, input_shares) = vdaf.shard(b"", &measurement, &nonce).unwrap(); b.iter(|| { @@ -665,7 +665,7 @@ fn prio3(c: &mut Criterion) { BenchmarkId::new("parallel", dimension), &dimension, |b, dimension| { - let vdaf: Prio3, _, 16> = + let vdaf: Prio3, _, 32> = Prio3::new_fixedpoint_boundedl2_vec_sum_multithreaded( num_shares, *dimension, ) @@ -673,7 +673,7 @@ fn prio3(c: &mut Criterion) { let mut measurement = vec![FP32_ZERO; *dimension]; measurement[0] = FP32_HALF; let nonce = black_box([0u8; 16]); - let verify_key = black_box([0u8; 16]); + let verify_key = black_box([0u8; 32]); let (public_share, input_shares) = vdaf.shard(b"", &measurement, &nonce).unwrap(); b.iter(|| { @@ -799,7 +799,7 @@ fn poplar1(c: &mut Criterion) { group.bench_with_input(BenchmarkId::from_parameter(size), size, |b, &size| { let vdaf = Poplar1::new_turboshake128(size); let mut rng = StdRng::seed_from_u64(RNG_SEED); - let verify_key: [u8; 16] = rng.gen(); + let verify_key: [u8; 32] = rng.gen(); let nonce: [u8; 16] = rng.gen(); // Parameters are chosen to match Chris Wood's experimental setup: diff --git a/src/dp/distributions.rs b/src/dp/distributions.rs index b963be22c..4f0c9906e 100644 --- a/src/dp/distributions.rs +++ b/src/dp/distributions.rs @@ -391,15 +391,15 @@ mod tests { DiscreteGaussian::new(Ratio::::from_integer(BigUint::from(5u8))).unwrap(); // check samples are consistent - let mut rng = SeedStreamTurboShake128::from_seed([0u8; 16]); + let mut rng = SeedStreamTurboShake128::from_seed([0u8; 32]); let samples: Vec = (0..10) .map(|_| i8::try_from(sampler.sample(&mut rng)).unwrap()) .collect(); let samples1: Vec = (0..10) .map(|_| i8::try_from(sampler.sample(&mut rng)).unwrap()) .collect(); - assert_eq!(samples, vec![0, -3, -2, 3, 2, -1, -5, 4, -7, -5]); - assert_eq!(samples1, vec![2, 7, -8, -3, 1, -3, -3, 6, -3, -1]); + assert_eq!(samples, [10, 7, 2, 1, -1, -2, -1, 3, -3, -1]); + assert_eq!(samples1, [3, 6, 3, -7, -8, -1, 2, -4, -11, -4]); } #[test] @@ -410,7 +410,7 @@ mod tests { // sample from a manually created distribution let sampler1 = DiscreteGaussian::new(Ratio::::from_integer(BigUint::from(4u8))).unwrap(); - let mut rng = SeedStreamTurboShake128::from_seed([0u8; 16]); + let mut rng = SeedStreamTurboShake128::from_seed([0u8; 32]); let samples1: Vec = (0..10) .map(|_| i8::try_from(sampler1.sample(&mut rng)).unwrap()) .collect(); @@ -422,7 +422,7 @@ mod tests { let sampler2 = zcdp .create_distribution(Ratio::::from_integer(1u8.into())) .unwrap(); - let mut rng2 = SeedStreamTurboShake128::from_seed([0u8; 16]); + let mut rng2 = SeedStreamTurboShake128::from_seed([0u8; 32]); let samples2: Vec = (0..10) .map(|_| i8::try_from(sampler2.sample(&mut rng2)).unwrap()) .collect(); @@ -570,7 +570,7 @@ mod tests { .unwrap(); // collect that number of samples - let mut rng = SeedStreamTurboShake128::from_seed([0u8; 16]); + let mut rng = SeedStreamTurboShake128::from_seed([1u8; 32]); let samples: Vec = (1..n_samples) .map(|_| { sample_discrete_gaussian(&Ratio::::from_integer(sigma.clone()), &mut rng) @@ -604,7 +604,7 @@ mod tests { #[test] fn empirical_test_gauss() { [100, 2000, 20000].iter().for_each(|p| { - let mut rng = SeedStreamTurboShake128::from_seed([0u8; 16]); + let mut rng = SeedStreamTurboShake128::from_seed([0u8; 32]); let sampler = || { sample_discrete_gaussian( &Ratio::::from_integer((*p).to_biguint().unwrap()), @@ -626,7 +626,7 @@ mod tests { #[test] fn empirical_test_bernoulli_mean() { [2u8, 5u8, 7u8, 9u8].iter().for_each(|p| { - let mut rng = SeedStreamTurboShake128::from_seed([0u8; 16]); + let mut rng = SeedStreamTurboShake128::from_seed([0u8; 32]); let sampler = || { if sample_bernoulli( &Ratio::::new(BigUint::one(), (*p).into()), @@ -650,7 +650,7 @@ mod tests { #[test] fn empirical_test_geometric_mean() { [2u8, 5u8, 7u8, 9u8].iter().for_each(|p| { - let mut rng = SeedStreamTurboShake128::from_seed([0u8; 16]); + let mut rng = SeedStreamTurboShake128::from_seed([0u8; 32]); let sampler = || { sample_geometric_exp( &Ratio::::new(BigUint::one(), (*p).into()), @@ -673,7 +673,7 @@ mod tests { #[test] fn empirical_test_laplace_mean() { [2u8, 5u8, 7u8, 9u8].iter().for_each(|p| { - let mut rng = SeedStreamTurboShake128::from_seed([0u8; 16]); + let mut rng = SeedStreamTurboShake128::from_seed([0u8; 32]); let sampler = || { sample_discrete_laplace( &Ratio::::new(BigUint::one(), (*p).into()), diff --git a/src/flp/szk.rs b/src/flp/szk.rs index 3023675cd..39dcbf1a8 100644 --- a/src/flp/szk.rs +++ b/src/flp/szk.rs @@ -312,7 +312,7 @@ where phantom: PhantomData

, } -impl Szk { +impl Szk { /// Create an instance of [`Szk`] using [`XofTurboShake128`]. pub fn new_turboshake128(typ: T, algorithm_id: u32) -> Self { Szk::new(typ, algorithm_id) @@ -690,18 +690,16 @@ mod tests { fn generic_szk_test(typ: T, encoded_measurement: &[T::Field], valid: bool) { let mut nonce = [0u8; 16]; - let mut verify_key = [0u8; 16]; + let mut verify_key = [0u8; 32]; let algorithm_id = 5; let szk_typ = Szk::new_turboshake128(typ.clone(), algorithm_id); thread_rng().fill(&mut verify_key[..]); thread_rng().fill(&mut nonce[..]); - let prove_rand_seed = Seed::<16>::generate().unwrap(); - let helper_seed = Seed::<16>::generate().unwrap(); - let leader_seed_opt = if szk_typ.requires_joint_rand() { - Some(Seed::<16>::generate().unwrap()) - } else { - None - }; + let prove_rand_seed = Seed::generate().unwrap(); + let helper_seed = Seed::generate().unwrap(); + let leader_seed_opt = szk_typ + .requires_joint_rand() + .then(|| Seed::generate().unwrap()); let helper_input_share: Vec = random_vector(szk_typ.typ.input_len()).unwrap(); let mut leader_input_share = encoded_measurement.to_owned(); for (x, y) in leader_input_share.iter_mut().zip(&helper_input_share) { @@ -763,7 +761,7 @@ mod tests { //test mutated jr seed if szk_typ.requires_joint_rand() { - let joint_rand_seed_opt = Some(Seed::<16>::generate().unwrap()); + let joint_rand_seed_opt = Some(Seed::generate().unwrap()); if let Ok(()) = szk_typ.decide(joint_rand_seed_opt.clone(), joint_share) { panic!("Leader accepted wrong jr seed"); }; @@ -851,9 +849,9 @@ mod tests { let encoded_measurement = sum.encode_measurement(&9).unwrap(); let algorithm_id = 5; let szk_typ = Szk::new_turboshake128(sum, algorithm_id); - let prove_rand_seed = Seed::<16>::generate().unwrap(); - let helper_seed = Seed::<16>::generate().unwrap(); - let leader_seed_opt = Some(Seed::<16>::generate().unwrap()); + let prove_rand_seed = Seed::generate().unwrap(); + let helper_seed = Seed::generate().unwrap(); + let leader_seed_opt = Some(Seed::generate().unwrap()); let helper_input_share = random_vector(szk_typ.typ.input_len()).unwrap(); let mut leader_input_share = encoded_measurement.clone().to_owned(); for (x, y) in leader_input_share.iter_mut().zip(&helper_input_share) { @@ -886,9 +884,9 @@ mod tests { let encoded_measurement = sumvec.encode_measurement(&vec![1, 16, 0]).unwrap(); let algorithm_id = 5; let szk_typ = Szk::new_turboshake128(sumvec, algorithm_id); - let prove_rand_seed = Seed::<16>::generate().unwrap(); - let helper_seed = Seed::<16>::generate().unwrap(); - let leader_seed_opt = Some(Seed::<16>::generate().unwrap()); + let prove_rand_seed = Seed::generate().unwrap(); + let helper_seed = Seed::generate().unwrap(); + let leader_seed_opt = Some(Seed::generate().unwrap()); let helper_input_share = random_vector(szk_typ.typ.input_len()).unwrap(); let mut leader_input_share = encoded_measurement.clone().to_owned(); for (x, y) in leader_input_share.iter_mut().zip(&helper_input_share) { @@ -920,9 +918,9 @@ mod tests { let encoded_measurement = count.encode_measurement(&true).unwrap(); let algorithm_id = 5; let szk_typ = Szk::new_turboshake128(count, algorithm_id); - let prove_rand_seed = Seed::<16>::generate().unwrap(); - let helper_seed = Seed::<16>::generate().unwrap(); - let leader_seed_opt = Some(Seed::<16>::generate().unwrap()); + let prove_rand_seed = Seed::generate().unwrap(); + let helper_seed = Seed::generate().unwrap(); + let leader_seed_opt = Some(Seed::generate().unwrap()); let helper_input_share = random_vector(szk_typ.typ.input_len()).unwrap(); let mut leader_input_share = encoded_measurement.clone().to_owned(); for (x, y) in leader_input_share.iter_mut().zip(&helper_input_share) { @@ -955,8 +953,8 @@ mod tests { let encoded_measurement = sum.encode_measurement(&9).unwrap(); let algorithm_id = 5; let szk_typ = Szk::new_turboshake128(sum, algorithm_id); - let prove_rand_seed = Seed::<16>::generate().unwrap(); - let helper_seed = Seed::<16>::generate().unwrap(); + let prove_rand_seed = Seed::generate().unwrap(); + let helper_seed = Seed::generate().unwrap(); let leader_seed_opt = None; let helper_input_share = random_vector(szk_typ.typ.input_len()).unwrap(); let mut leader_input_share = encoded_measurement.clone().to_owned(); @@ -996,8 +994,8 @@ mod tests { let encoded_measurement = sum.encode_measurement(&9).unwrap(); let algorithm_id = 5; let szk_typ = Szk::new_turboshake128(sum, algorithm_id); - let prove_rand_seed = Seed::<16>::generate().unwrap(); - let helper_seed = Seed::<16>::generate().unwrap(); + let prove_rand_seed = Seed::generate().unwrap(); + let helper_seed = Seed::generate().unwrap(); let leader_seed_opt = None; let helper_input_share = random_vector(szk_typ.typ.input_len()).unwrap(); let mut leader_input_share = encoded_measurement.clone().to_owned(); @@ -1036,8 +1034,8 @@ mod tests { let encoded_measurement = count.encode_measurement(&true).unwrap(); let algorithm_id = 5; let szk_typ = Szk::new_turboshake128(count, algorithm_id); - let prove_rand_seed = Seed::<16>::generate().unwrap(); - let helper_seed = Seed::<16>::generate().unwrap(); + let prove_rand_seed = Seed::generate().unwrap(); + let helper_seed = Seed::generate().unwrap(); let leader_seed_opt = None; let helper_input_share = random_vector(szk_typ.typ.input_len()).unwrap(); let mut leader_input_share = encoded_measurement.clone().to_owned(); @@ -1076,8 +1074,8 @@ mod tests { let encoded_measurement = count.encode_measurement(&true).unwrap(); let algorithm_id = 5; let szk_typ = Szk::new_turboshake128(count, algorithm_id); - let prove_rand_seed = Seed::<16>::generate().unwrap(); - let helper_seed = Seed::<16>::generate().unwrap(); + let prove_rand_seed = Seed::generate().unwrap(); + let helper_seed = Seed::generate().unwrap(); let leader_seed_opt = None; let helper_input_share = random_vector(szk_typ.typ.input_len()).unwrap(); let mut leader_input_share = encoded_measurement.clone().to_owned(); @@ -1117,9 +1115,9 @@ mod tests { let encoded_measurement = sumvec.encode_measurement(&vec![1, 16, 0]).unwrap(); let algorithm_id = 5; let szk_typ = Szk::new_turboshake128(sumvec, algorithm_id); - let prove_rand_seed = Seed::<16>::generate().unwrap(); - let helper_seed = Seed::<16>::generate().unwrap(); - let leader_seed_opt = Some(Seed::<16>::generate().unwrap()); + let prove_rand_seed = Seed::generate().unwrap(); + let helper_seed = Seed::generate().unwrap(); + let leader_seed_opt = Some(Seed::generate().unwrap()); let helper_input_share = random_vector(szk_typ.typ.input_len()).unwrap(); let mut leader_input_share = encoded_measurement.clone().to_owned(); for (x, y) in leader_input_share.iter_mut().zip(&helper_input_share) { @@ -1158,9 +1156,9 @@ mod tests { let encoded_measurement = sumvec.encode_measurement(&vec![1, 16, 0]).unwrap(); let algorithm_id = 5; let szk_typ = Szk::new_turboshake128(sumvec, algorithm_id); - let prove_rand_seed = Seed::<16>::generate().unwrap(); - let helper_seed = Seed::<16>::generate().unwrap(); - let leader_seed_opt = Some(Seed::<16>::generate().unwrap()); + let prove_rand_seed = Seed::generate().unwrap(); + let helper_seed = Seed::generate().unwrap(); + let leader_seed_opt = Some(Seed::generate().unwrap()); let helper_input_share = random_vector(szk_typ.typ.input_len()).unwrap(); let mut leader_input_share = encoded_measurement.clone().to_owned(); for (x, y) in leader_input_share.iter_mut().zip(&helper_input_share) { diff --git a/src/flp/types/dp.rs b/src/flp/types/dp.rs index 8d5fe00b2..fc092b662 100644 --- a/src/flp/types/dp.rs +++ b/src/flp/types/dp.rs @@ -219,7 +219,7 @@ mod tests { const SIZE: usize = 10; { - let mut rng = XofTurboShake128::init(&[0; 16], &[]).into_seed_stream(); + let mut rng = XofTurboShake128::init(&[0; 32], &[]).into_seed_stream(); let [mut share1, mut share2]: [Vec; 2] = split_vector(&[Field128::zero(); SIZE], 2) .unwrap() @@ -240,22 +240,22 @@ mod tests { assert_eq!( aggregate_result, [ - -Field128::from(7), + Field128::from(9), + Field128::from(5), + Field128::from(15), Field128::from(3), - -Field128::from(9), - -Field128::from(17), - -Field128::from(1), - -Field128::from(7), - -Field128::from(9), + Field128::from(5), Field128::from(0), - -Field128::from(6), - -Field128::from(4), + -Field128::from(3), + -Field128::from(30), + Field128::from(2), + -Field128::from(7), ] ); } { - let mut rng = XofTurboShake128::init(&[1; 16], &[]).into_seed_stream(); + let mut rng = XofTurboShake128::init(&[1; 32], &[]).into_seed_stream(); let [mut share1, mut share2]: [Vec; 2] = split_vector(&[Field128::zero(); SIZE], 2) .unwrap() @@ -276,16 +276,16 @@ mod tests { assert_eq!( aggregate_result, [ - Field128::from(81), - Field128::from(33), - -Field128::from(26), - Field128::from(19), - Field128::from(18), - -Field128::from(1), - -Field128::from(28), - Field128::from(31), - Field128::from(40), - Field128::from(38), + -Field128::from(36), + -Field128::from(8), + Field128::from(24), + Field128::from(32), + Field128::from(9), + -Field128::from(7), + -Field128::from(4), + Field128::from(9), + -Field128::from(8), + -Field128::from(14), ] ); } @@ -298,7 +298,7 @@ mod tests { ); const SIZE: usize = 10; - let mut rng = XofTurboShake128::init(&[2; 16], &[]).into_seed_stream(); + let mut rng = XofTurboShake128::init(&[2; 32], &[]).into_seed_stream(); let [mut share1, mut share2]: [Vec; 2] = split_vector(&[Field128::zero(); SIZE], 2) .unwrap() @@ -321,14 +321,14 @@ mod tests { [ Field128::from(2), Field128::from(1), - Field128::from(0), - -Field128::from(1), -Field128::from(1), + Field128::from(1), Field128::from(3), Field128::from(1), - -Field128::from(1), + Field128::from(0), + Field128::from(4), + Field128::from(3), -Field128::from(2), - Field128::from(1), ] ); } diff --git a/src/flp/types/fixedpoint_l2.rs b/src/flp/types/fixedpoint_l2.rs index f17559875..254db0d22 100644 --- a/src/flp/types/fixedpoint_l2.rs +++ b/src/flp/types/fixedpoint_l2.rs @@ -753,19 +753,23 @@ mod tests { vsum.add_noise( &strategy, &mut v, - &mut SeedStreamTurboShake128::from_seed([0u8; 16]), + &mut SeedStreamTurboShake128::from_seed([0u8; 32]), ) .unwrap(); assert_eq!( vsum.decode_result(&v, 1).unwrap(), match n { // sensitivity depends on encoding so the noise differs - 16 => vec![0.288970947265625, 0.168853759765625, 0.085662841796875], - 32 => vec![0.257810294162482, 0.10634658299386501, 0.10149003705009818], + 16 => vec![0.344757080078125, 0.02886962890625, 0.065277099609375], + 32 => vec![ + 0.3447443675249815, + 0.028876747004687786, + 0.06527946796268225 + ], 64 => vec![ - 0.37697368351762867, - -0.02388947667663828, - 0.19813152630930916 + 0.28790505349445616, + 0.11632535574718131, + 0.10735485151738995 ], _ => panic!("unsupported bitsize"), } diff --git a/src/idpf.rs b/src/idpf.rs index 0c205695d..2a11535bb 100644 --- a/src/idpf.rs +++ b/src/idpf.rs @@ -251,7 +251,7 @@ fn extend(seed: &[u8; 16], xof_mode: &XofMode<'_>) -> ([[u8; 16]; 2], [Choice; 2 let mut dst = Vec::with_capacity(EXTEND_DOMAIN_SEP.len() + ctx.len()); dst.extend(EXTEND_DOMAIN_SEP); dst.extend(*ctx); - let mut xof = XofTurboShake128::init(seed, &dst); + let mut xof = XofTurboShake128::from_seed_slice(seed, &dst); xof.update(nonce); let mut seed_stream = xof.into_seed_stream(); seed_stream.fill_bytes(&mut seeds[0]); @@ -287,7 +287,7 @@ where let mut dst = Vec::with_capacity(CONVERT_DOMAIN_SEP.len() + ctx.len()); dst.extend(CONVERT_DOMAIN_SEP); dst.extend(*ctx); - let mut xof = XofTurboShake128::init(seed, &dst); + let mut xof = XofTurboShake128::from_seed_slice(seed, &dst); xof.update(nonce); let mut seed_stream = xof.into_seed_stream(); seed_stream.fill_bytes(&mut next_seed); diff --git a/src/prng.rs b/src/prng.rs index 2c3f5b664..d6009a00b 100644 --- a/src/prng.rs +++ b/src/prng.rs @@ -227,22 +227,23 @@ mod tests { // These constants were found in a brute-force search, and they test that the XOF performs // rejection sampling correctly when the raw output exceeds the prime modulus. let seed = Seed::get_decoded(&[ - 0xd5, 0x3f, 0xff, 0x5d, 0x88, 0x8c, 0x60, 0x4e, 0x9f, 0x24, 0x16, 0xe1, 0xa2, 0x0a, - 0x62, 0x34, + 0x44, 0x34, 0x1d, 0xc5, 0x2d, 0x71, 0xa2, 0xff, 0x2e, 0x4c, 0x30, 0x5e, 0x93, 0x35, + 0xda, 0x9b, 0x19, 0xaf, 0xc6, 0x8e, 0x10, 0xb8, 0xb5, 0x43, 0x69, 0x0d, 0xad, 0x9d, + 0x3b, 0xbb, 0x46, 0xba, ]) .unwrap(); - let expected = Field64::from(3401316594827516850); + let expected = Field64::from(4857131209231097247); let seed_stream = XofTurboShake128::seed_stream(&seed, b"", b""); let mut prng = Prng::::from_seed_stream(seed_stream); - let actual = prng.nth(662).unwrap(); + let actual = prng.nth(13882).unwrap(); assert_eq!(actual, expected); #[cfg(all(feature = "crypto-dependencies", feature = "experimental"))] { let mut seed_stream = XofTurboShake128::seed_stream(&seed, b"", b""); let mut actual = ::zero(); - for _ in 0..=662 { + for _ in 0..=13882 { actual = ::generate(&mut seed_stream, &()); } assert_eq!(actual, expected); diff --git a/src/vdaf/poplar1.rs b/src/vdaf/poplar1.rs index 98b8c9d29..de48238ec 100644 --- a/src/vdaf/poplar1.rs +++ b/src/vdaf/poplar1.rs @@ -46,7 +46,7 @@ impl Poplar1 { } } -impl Poplar1 { +impl Poplar1 { /// Create an instance of [`Poplar1`] using [`XofTurboShake128`]. The caller provides the bit length of /// each measurement (`BITS` as defined in [[draft-irtf-cfrg-vdaf-08]]). /// @@ -2044,7 +2044,7 @@ mod tests { #[test] fn agg_param_validity() { // The actual Poplar instance doesn't matter for the parameter validity tests - type V = Poplar1; + type V = Poplar1; // Helper function for making aggregation params fn make_agg_param(bitstrings: &[&[u8]]) -> Result { @@ -2146,13 +2146,20 @@ mod tests { let verify_key = test_vector.verify_key.as_ref().try_into().unwrap(); let nonce = prep.nonce.as_ref().try_into().unwrap(); + let (idpf_random_bytes, poplar_random_bytes) = prep.rand.as_ref().split_at(16 * 2); + let mut idpf_random = [[0u8; 16]; 2]; - let mut poplar_random = [[0u8; 16]; 3]; - for (input, output) in prep - .rand - .as_ref() + for (input, output) in idpf_random_bytes .chunks_exact(16) - .zip(idpf_random.iter_mut().chain(poplar_random.iter_mut())) + .zip(idpf_random.iter_mut()) + { + output.copy_from_slice(input); + } + + let mut poplar_random = [[0u8; 32]; 3]; + for (input, output) in poplar_random_bytes + .chunks_exact(32) + .zip(poplar_random.iter_mut()) { output.copy_from_slice(input); } diff --git a/src/vdaf/prio3.rs b/src/vdaf/prio3.rs index eab2ec235..9d0d65b89 100644 --- a/src/vdaf/prio3.rs +++ b/src/vdaf/prio3.rs @@ -75,7 +75,7 @@ const DST_JOINT_RAND_SEED: u16 = 6; const DST_JOINT_RAND_PART: u16 = 7; /// The count type. Each measurement is an integer in `[0,2)` and the aggregate result is the sum. -pub type Prio3Count = Prio3, XofTurboShake128, 16>; +pub type Prio3Count = Prio3, XofTurboShake128, 32>; impl Prio3Count { /// Construct an instance of Prio3Count with the given number of aggregators. @@ -87,7 +87,7 @@ impl Prio3Count { /// The count-vector type. Each measurement is a vector of integers in `[0,2^bits)` and the /// aggregate is the element-wise sum. pub type Prio3SumVec = - Prio3>>, XofTurboShake128, 16>; + Prio3>>, XofTurboShake128, 32>; impl Prio3SumVec { /// Construct an instance of Prio3SumVec with the given number of aggregators. `bits` defines @@ -115,7 +115,7 @@ impl Prio3SumVec { pub type Prio3SumVecMultithreaded = Prio3< SumVec>>, XofTurboShake128, - 16, + 32, >; #[cfg(feature = "multithreaded")] @@ -140,7 +140,7 @@ impl Prio3SumVecMultithreaded { /// The sum type. Each measurement is an integer in `[0,2^bits)` for some `0 < bits < 64` and the /// aggregate is the sum. -pub type Prio3Sum = Prio3, XofTurboShake128, 16>; +pub type Prio3Sum = Prio3, XofTurboShake128, 32>; impl Prio3Sum { /// Construct an instance of `Prio3Sum` with the given number of aggregators, where each summand @@ -174,7 +174,7 @@ pub type Prio3FixedPointBoundedL2VecSum = Prio3< ParallelSum>, >, XofTurboShake128, - 16, + 32, >; #[cfg(feature = "experimental")] @@ -210,7 +210,7 @@ pub type Prio3FixedPointBoundedL2VecSumMultithreaded = Prio3< ParallelSumMultithreaded>, >, XofTurboShake128, - 16, + 32, >; #[cfg(all(feature = "experimental", feature = "multithreaded"))] @@ -234,7 +234,7 @@ impl Prio3FixedPointBoundedL2VecSumMultithreaded>>, XofTurboShake128, 16>; + Prio3>>, XofTurboShake128, 32>; impl Prio3Histogram { /// Constructs an instance of Prio3Histogram with the given number of aggregators, @@ -260,7 +260,7 @@ impl Prio3Histogram { pub type Prio3HistogramMultithreaded = Prio3< Histogram>>, XofTurboShake128, - 16, + 32, >; #[cfg(feature = "multithreaded")] @@ -285,7 +285,7 @@ impl Prio3HistogramMultithreaded { /// at most `max_weight` true values, and the aggregate is a histogram counting the number of true /// values at each position across all measurements. pub type Prio3MultihotCountVec = - Prio3>>, XofTurboShake128, 16>; + Prio3>>, XofTurboShake128, 32>; impl Prio3MultihotCountVec { /// Constructs an instance of Prio3MultihotCountVec with the given number of aggregators, number @@ -312,7 +312,7 @@ impl Prio3MultihotCountVec { pub type Prio3MultihotCountVecMultithreaded = Prio3< MultihotCountVec>>, XofTurboShake128, - 16, + 32, >; #[cfg(feature = "multithreaded")] @@ -336,7 +336,7 @@ impl Prio3MultihotCountVecMultithreaded { /// The average type. Each measurement is an integer in `[0,2^bits)` for some `0 < bits < 64` and /// the aggregate is the arithmetic average. -pub type Prio3Average = Prio3, XofTurboShake128, 16>; +pub type Prio3Average = Prio3, XofTurboShake128, 32>; impl Prio3Average { /// Construct an instance of `Prio3Average` with the given number of aggregators, where each @@ -1651,7 +1651,7 @@ mod tests { ); let mut nonce = [0; 16]; - let mut verify_key = [0; 16]; + let mut verify_key = [0; 32]; thread_rng().fill(&mut verify_key[..]); thread_rng().fill(&mut nonce[..]); @@ -1705,7 +1705,7 @@ mod tests { max_measurement + 2, ); - let mut verify_key = [0; 16]; + let mut verify_key = [0; 32]; thread_rng().fill(&mut verify_key[..]); let nonce = [0; 16]; @@ -1766,7 +1766,7 @@ mod tests { let prio3 = Prio3::< SumVec>>, XofTurboShake128, - 16, + 32, >::new(2, 2, 0xFFFF0000, SumVec::new(2, 20, 4).unwrap()) .unwrap(); @@ -1836,7 +1836,7 @@ mod tests { fn test_fixed_vec( fp_0: Fx, - prio3: Prio3, XofTurboShake128, 16>, + prio3: Prio3, XofTurboShake128, 32>, ) where Fx: Fixed + CompatibleFloat + std::ops::Neg, PE: Eq + ParallelSumGadget> + Clone + 'static, @@ -1929,7 +1929,7 @@ mod tests { fp_4_inv: Fx, fp_8_inv: Fx, fp_16_inv: Fx, - prio3: Prio3, XofTurboShake128, 16>, + prio3: Prio3, XofTurboShake128, 32>, ) where Fx: Fixed + CompatibleFloat + std::ops::Neg, PE: Eq + ParallelSumGadget> + Clone + 'static, @@ -1965,7 +1965,7 @@ mod tests { vec!(0.5, 0.0, 0.0), ); - let mut verify_key = [0; 16]; + let mut verify_key = [0; 32]; let mut nonce = [0; 16]; thread_rng().fill(&mut verify_key); thread_rng().fill(&mut nonce); diff --git a/src/vdaf/prio3_test.rs b/src/vdaf/prio3_test.rs index 01c238fe9..3dcfeae99 100644 --- a/src/vdaf/prio3_test.rs +++ b/src/vdaf/prio3_test.rs @@ -276,7 +276,7 @@ mod tests { include_str!("test_vec/13/Prio3Count_1.json"), include_str!("test_vec/13/Prio3Count_2.json"), ] { - check_test_vec_custom_de::( + check_test_vec_custom_de::( test_vector_str, |_json_params, num_shares| Prio3::new_count(num_shares).unwrap(), ); @@ -319,7 +319,7 @@ mod tests { #[test] fn test_vec_prio3_sum_vec_multiproof() { type Prio3SumVecField64Multiproof = - Prio3>>, XofTurboShake128, 16>; + Prio3>>, XofTurboShake128, 32>; for test_vector_str in [ include_str!("test_vec/13/Prio3SumVecWithMultiproof_0.json"), include_str!("test_vec/13/Prio3SumVecWithMultiproof_1.json"), diff --git a/src/vdaf/xof.rs b/src/vdaf/xof.rs index 2fef21083..775445f71 100644 --- a/src/vdaf/xof.rs +++ b/src/vdaf/xof.rs @@ -206,21 +206,34 @@ impl Debug for SeedStreamAes128 { #[derive(Clone, Debug)] pub struct XofTurboShake128(TurboShake128); -impl Xof<16> for XofTurboShake128 { - type SeedStream = SeedStreamTurboShake128; - - fn init(seed_bytes: &[u8; 16], dst: &[u8]) -> Self { +impl XofTurboShake128 { + pub(crate) fn from_seed_slice(seed_bytes: &[u8], dst: &[u8]) -> Self { let mut xof = Self(TurboShake128::from_core(TurboShake128Core::new( XOF_TURBO_SHAKE_128_DOMAIN_SEPARATION, ))); - Update::update( - &mut xof.0, - &[dst.len().try_into().expect("dst must be at most 255 bytes")], - ); + + let Ok(dst_len) = u16::try_from(dst.len()) else { + panic!("dst must not exceed 65535 bytes"); + }; + + let Ok(seed_len) = u8::try_from(seed_bytes.len()) else { + panic!("seed must not exceed 255 bytes"); + }; + + Update::update(&mut xof.0, &dst_len.to_le_bytes()); Update::update(&mut xof.0, dst); + Update::update(&mut xof.0, &seed_len.to_le_bytes()); Update::update(&mut xof.0, seed_bytes); xof } +} + +impl Xof<32> for XofTurboShake128 { + type SeedStream = SeedStreamTurboShake128; + + fn init(seed_bytes: &[u8; 32], dst: &[u8]) -> Self { + Self::from_seed_slice(&seed_bytes[..], dst) + } fn update(&mut self, data: &[u8]) { Update::update(&mut self.0, data); @@ -262,7 +275,7 @@ impl RngCore for SeedStreamTurboShake128 { /// A `rand`-compatible interface to construct XofTurboShake128 seed streams, with the domain /// separation tag and binder string both fixed as the empty string. impl SeedableRng for SeedStreamTurboShake128 { - type Seed = [u8; 16]; + type Seed = [u8; 32]; fn from_seed(seed: Self::Seed) -> Self { XofTurboShake128::init(&seed, b"").into_seed_stream() @@ -553,7 +566,6 @@ mod tests { assert_eq!(got, want); } - #[ignore = "seed size needs to be updated for VDAF draft-13"] #[test] fn xof_turboshake128() { let t: XofTestVector = @@ -574,7 +586,7 @@ mod tests { let got: Vec = xof.clone().into_seed_stream().into_field_vec(t.length); assert_eq!(got, want); - test_xof::(); + test_xof::(); } #[test] diff --git a/src/vidpf.rs b/src/vidpf.rs index f760bd0d6..192104b61 100644 --- a/src/vidpf.rs +++ b/src/vidpf.rs @@ -421,7 +421,7 @@ impl Vidpf { level: usize, seed: &VidpfSeed, ) -> Result { - let mut shake = XofTurboShake128::init(seed, VidpfDomainSepTag::NODE_PROOF); + let mut shake = XofTurboShake128::from_seed_slice(&seed[..], VidpfDomainSepTag::NODE_PROOF); for chunk128 in input .index(..=level) .chunks(128) diff --git a/tests/discrete_gauss.rs b/tests/discrete_gauss.rs index d72138b64..2402d9394 100644 --- a/tests/discrete_gauss.rs +++ b/tests/discrete_gauss.rs @@ -20,7 +20,7 @@ use serde::Deserialize; #[derive(Debug, Eq, PartialEq, Deserialize)] pub struct DiscreteGaussTestVector { #[serde(with = "hex")] - seed: [u8; 16], + seed: [u8; 32], std_num: u128, std_denom: u128, samples: Vec, diff --git a/tests/test_vectors/discrete_gauss_100.json b/tests/test_vectors/discrete_gauss_100.json index 84425db75..7c152bf08 100644 --- a/tests/test_vectors/discrete_gauss_100.json +++ b/tests/test_vectors/discrete_gauss_100.json @@ -1,56 +1,56 @@ { "samples": [ - -54, - 61, - -113, - -98, - 21, - -91, - 72, - 112, - -29, - 68, - 84, - -27, - -109, - -20, - -24, - -69, - -168, - 199, - -122, - 59, - 35, - 282, - 113, - 4, - -91, -61, - -28, - 137, - 57, - 109, - 2, - 17, + 0, + -55, + 5, + -152, + 10, + -134, + -160, + -82, + 132, + -65, + 101, + -126, + 254, + 39, + -131, + 24, + 36, + -148, + 46, -20, + 14, + -205, + 100, 38, - -16, - 18, - -63, - 1, - -20, - -30, - -147, - -73, - -28, - -16, - -31, - 10, - -229, - -56, - -254 + -24, + -161, + 138, + -24, + 100, + -140, + 55, + 32, + -11, + 149, + 100, + -81, + 13, + 76, + -83, + 87, + -17, + -60, + 6, + 84, + -34, + 12, + 105, + -14 ], - "seed": "000102030405060708090a0b0c0d0e0f", + "seed": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f", "std_denom": 1, "std_num": 100 } diff --git a/tests/test_vectors/discrete_gauss_2.342.json b/tests/test_vectors/discrete_gauss_2.342.json index c70e3b06e..0d57cb060 100644 --- a/tests/test_vectors/discrete_gauss_2.342.json +++ b/tests/test_vectors/discrete_gauss_2.342.json @@ -1,56 +1,56 @@ { "samples": [ -1, - 1, - 6, - 2, - -4, -1, -2, - 2, -2, + 0, -3, 0, -2, - -1, + -4, + 0, + 0, + 1, 3, + -1, + 5, + -1, + 5, + -2, 2, + 4, + -3, + 0, 1, + -1, + 4, + 2, + -1, + 3, 2, - -7, -1, 0, - 4, 1, - -1, 0, 1, + -1, -2, - 0, + -3, + -4, + 2, + 1, 1, 2, - 0, - 6, -2, - 2, - 0, -2, - 2, - 6, - 1, - 0, - -4, - -3, - -1, + 3, -1, - 2, - 0, - 0, -2, - 0, - 2 + 2, + 4 ], - "seed": "000102030405060708090a0b0c0d0e0f", + "seed": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f", "std_denom": 500, "std_num": 1171 } diff --git a/tests/test_vectors/discrete_gauss_3.json b/tests/test_vectors/discrete_gauss_3.json index 363c136eb..31d6dd386 100644 --- a/tests/test_vectors/discrete_gauss_3.json +++ b/tests/test_vectors/discrete_gauss_3.json @@ -1,56 +1,56 @@ { "samples": [ - -3, + 2, -1, - -2, - 1, - 7, -1, - -2, - 1, - -5, 1, - -3, - 3, 2, - -5, - -2, - 5, + -6, + 1, + 1, + 0, + -4, -2, - 5, - -1, - -3, 2, + 4, + 1, + 1, + 0, -2, - -1, - -2, - -2, + 6, + 3, + 0, + 0, + 3, -1, 0, - 1, -1, - 2, + 1, + -3, + 3, + 0, + -5, + 4, -3, - 2, -6, + -5, + 7, -4, -2, - -2, - -6, + 3, + 0, -1, - 4, + 0, -1, 2, - -3, - 1, - -7, - -1, - 6, + -2, + 3, + -2, + -2, 2, - -3, 5 ], - "seed": "000102030405060708090a0b0c0d0e0f", + "seed": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f", "std_denom": 1, "std_num": 3 } diff --git a/tests/test_vectors/discrete_gauss_41293847.json b/tests/test_vectors/discrete_gauss_41293847.json index 247b2c245..b2d9ab1e2 100644 --- a/tests/test_vectors/discrete_gauss_41293847.json +++ b/tests/test_vectors/discrete_gauss_41293847.json @@ -1,56 +1,56 @@ { "samples": [ - -28705712, - 12839166, - 68574447, - 1993202, - 17416465, - 32526761, - 1212638, - -44876888, - 16502539, - -57954542, - -54567452, - -17421605, - 7569207, - 13482762, - -24573436, - 73067636, - -58069630, - -24924404, - 51409721, - -18659663, - -12752706, - 4308454, - -49095581, - -69009203, - -22975883, - 46983148, - 47341228, - -1860382, - 26901791, - -5079023, - -57635595, - -38560402, - 59065470, - 100046871, - -144954761, - -22089238, - -43816191, - -47986043, - 34106023, - 74194716, - -37681692, - 3946618, - 18344461, - -45770607, - -654004, - 31284526, - -50259979, - 28037461, - 2734567 + -29211877, + 13885941, + -26354644, + -48418559, + -8391923, + 54237942, + -25148220, + 1675993, + 44966387, + -110046432, + 20148169, + 327811, + -27031115, + 30599974, + 16533979, + -12283223, + -48504848, + -64120506, + 7303731, + 24149065, + 29613904, + -41704378, + 61013399, + 40578648, + -17622744, + -40388011, + 27071947, + -11043862, + -10883878, + 27201304, + -13727383, + 44904436, + 104247835, + -23800983, + -13398260, + 11833298, + 1833735, + 24223364, + -5695878, + 27694837, + 15033075, + 16531826, + 58475092, + -20243894, + 12027884, + 77606948, + 47836656, + 46250173, + -26359952 ], - "seed": "000102030405060708090a0b0c0d0e0f", + "seed": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f", "std_denom": 1, "std_num": 41293847 } diff --git a/tests/test_vectors/discrete_gauss_9.json b/tests/test_vectors/discrete_gauss_9.json index b5df20d18..a5417ba74 100644 --- a/tests/test_vectors/discrete_gauss_9.json +++ b/tests/test_vectors/discrete_gauss_9.json @@ -1,56 +1,56 @@ { "samples": [ - -6, - 7, - -3, - -7, - -14, + -16, 4, + -2, + 14, + -14, + -17, + 6, + -13, + -7, + 2, 11, - -22, + -13, + 0, -1, + -5, + 7, + -3, + 4, 8, + -1, + 23, + 4, + 6, -9, - 12, - -9, - 20, - -16, -10, - -8, - -15, - 6, - -8, + 3, + 0, 7, - 12, - 1, - 4, - -3, - -7, - 20, - 2, - 13, + 9, + -17, + 6, -4, - -5, 1, - 2, - -2, - 4, - -6, - 2, - -5, - -6, - 2, - 2, - -5, - -10, - -9, - -15, - -2, + 5, + -4, + 8, + -4, + -7, + 18, + -12, + -1, -3, - 1, - -13 + -3, + -20, + 10, + -6, + 5, + 4, + -10 ], - "seed": "000102030405060708090a0b0c0d0e0f", + "seed": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f", "std_denom": 1, "std_num": 9 } diff --git a/tests/test_vectors/discrete_gauss_9999999999999999999999.json b/tests/test_vectors/discrete_gauss_9999999999999999999999.json index 1b43f758b..c47511c6f 100644 --- a/tests/test_vectors/discrete_gauss_9999999999999999999999.json +++ b/tests/test_vectors/discrete_gauss_9999999999999999999999.json @@ -1,56 +1,56 @@ { "samples": [ - -7678632936135800555201, - -9832864446958915374632, - 3796223649719723548306, - -10458306547534276720045, - -9593524715689396783652, - -2184509652523057908030, - -6469904065015921866985, - 8555843521262785582921, - -3275061234860213279391, - -1712551617443682313245, - -4176263950279049852314, - -1041488124720108532833, - 2422891656983904955539, - -5406575579403973625234, - 4031989610743156091985, - -15897376981820943559856, - -9495308497775799052592, - -10542231739931574778478, - -811195020079942319200, - -6168725392123782999911, - 3572639345203916100181, - 9572138148079890711898, - 12973597810318272581841, - -10417671747756128178069, - -4499306785200793424437, - 24392853538076877246695, - 490509578119404728479, - -3153758591414179213424, - -2953031165864251687043, - 7687220020362800379045, - -2894825604535601473288, - -2484898457763802405625, - 2506976850588238983075, - -317271622218426183645, - 3771644622097191550823, - 14048201376263257821999, - 1011626374739477364716, - -7985335097085684878144, - -9834946916794550716888, - -7808156770298839154888, - -10888303506419120919014, - 20441738459254393472434, - -1142146934147582936699, - -380992974206599694131, - 14719724965924743443097, - 2738534455216435603182, - 16889459715609520924993, - 8450917371339563018232, - 3461026365290831355984 + 6571686461112348932021, + 10469021878600252053981, + -7722285440713534307729, + 11870565100762527965437, + -5291093234121159401880, + -2031977856184747883269, + 13914446930797680834741, + 16720035311914682323171, + -18128455256342352438773, + -11733161455218417441111, + 3103618797549383195046, + 1622778437705323033594, + -4015788808286663886204, + -8728301684509196511507, + 5507298993554921255186, + 16693852716129234295582, + -22582023376209828757113, + 3042798200541144073179, + -17933329778215699012412, + -14225516181010525150720, + 1587022377888226818062, + 12701928631746840243528, + 9268919524438212339128, + 12852591435018119157690, + 8808383631868840284261, + 2052046293165096154736, + -6199242416253559991736, + -2573286212398599249287, + 1205543571430332177048, + -14253274968184868951038, + 370407174682756521638, + 984690697068802230794, + -10726963802489723125170, + -925765537946783372554, + 1981882975078974373389, + 1701046215195362573259, + 17241787433076674485863, + 2006091061295933252527, + -1067414557522179657939, + -7570311068308305708786, + -5339101877499495658230, + -6498191309484586152231, + 493694519633895717630, + 1032788451876258976455, + -5053252832056872745830, + 2547632740968692286440, + 1406514419115575726432, + 10548137729862655453616, + 7548808378391753549608 ], - "seed": "000102030405060708090a0b0c0d0e0f", + "seed": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f", "std_denom": 1, "std_num": 9999999999999999999999 } From e95b4caca1b09b53787f2fd238baa323c6ab43ae Mon Sep 17 00:00:00 2001 From: Ameer Ghani Date: Tue, 17 Dec 2024 15:55:03 -0600 Subject: [PATCH 12/20] cargo-vet: audit libbz2-rs-sys (#1166) * cargo-vet: audit libbz2-rs-sys * Update supply-chain/audits.toml Co-authored-by: David Cook --------- Co-authored-by: David Cook --- supply-chain/audits.toml | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/supply-chain/audits.toml b/supply-chain/audits.toml index d869ef03b..48e194cad 100644 --- a/supply-chain/audits.toml +++ b/supply-chain/audits.toml @@ -388,6 +388,20 @@ who = "Brandon Pitman " criteria = "safe-to-deploy" delta = "0.1.3 -> 0.1.4" +[[audits.libbz2-rs-sys]] +who = "Ameer Ghani " +criteria = "safe-to-deploy" +version = "0.1.1" +notes = """ +libbz2-rs-sys mainly uses unsafe around the C FFI boundary, for libc interop, +and for custom allocation support. Most end-user-facing decompression logic +is in safe Rust. I have fuzzed and reviewed its code, and to the best of my +ability I believe it's free of any serious security vulnerabilities. + +libbz2-rs-sys only depends on the libc crate, which is widely used and +maintained by the Rust project. +""" + [[audits.libc]] who = "Brandon Pitman " criteria = "safe-to-deploy" From c50bb9a47b396ad6a08a3fec36b98bcc2d9217a1 Mon Sep 17 00:00:00 2001 From: Christopher Patton Date: Wed, 18 Dec 2024 11:20:54 -0800 Subject: [PATCH 13/20] Align IDPF public share encoding with VDAF-13 (#1168) To simplify the spec, we've coalesced the seeds and payloads into continuous chunks. --- src/idpf.rs | 88 ++++++++++++++++++++++++++++++++++------------------- 1 file changed, 56 insertions(+), 32 deletions(-) diff --git a/src/idpf.rs b/src/idpf.rs index 2a11535bb..df0e1217f 100644 --- a/src/idpf.rs +++ b/src/idpf.rs @@ -690,10 +690,16 @@ where VL: Encode, { fn encode(&self, bytes: &mut Vec) -> Result<(), CodecError> { - // Control bits need to be written within each byte in LSB-to-MSB order, and assigned into - // bytes in big-endian order. Thus, the first four levels will have their control bits - // encoded in the last byte, and the last levels will have their control bits encoded in the - // first byte. + // draft-irtf-cfrg-vdaf-13, Section 8.2.6.1: + // + // struct { + // opaque packed_control_bits[packed_len]; + // opaque seed[poplar1.idpf.KEY_SIZE*B]; + // Poplar1FieldInner payload_inner[Fi*poplar1.idpf.VALUE_LEN*(B-1)]; + // Poplar1FieldLeaf payload_leaf[Fl*poplar1.idpf.VALUE_LEN]; + // } Poplar1PublicShare; + // + // Control bits let mut control_bits: BitVec = BitVec::with_capacity(self.inner_correction_words.len() * 2 + 2); for correction_words in self.inner_correction_words.iter() { @@ -709,11 +715,18 @@ where let mut packed_control = control_bits.into_vec(); bytes.append(&mut packed_control); + // Seeds for correction_words in self.inner_correction_words.iter() { Seed(correction_words.seed).encode(bytes)?; - correction_words.value.encode(bytes)?; } Seed(self.leaf_correction_word.seed).encode(bytes)?; + + // Inner payloads + for correction_words in self.inner_correction_words.iter() { + correction_words.value.encode(bytes)?; + } + + // Leaf payload self.leaf_correction_word.value.encode(bytes) } @@ -735,39 +748,50 @@ where { fn decode_with_param(bits: &usize, bytes: &mut Cursor<&[u8]>) -> Result { let packed_control_len = (bits + 3) / 4; - let mut packed = vec![0u8; packed_control_len]; - bytes.read_exact(&mut packed)?; - let unpacked_control_bits: BitVec = BitVec::from_vec(packed); + let mut packed_control_bits = vec![0u8; packed_control_len]; + bytes.read_exact(&mut packed_control_bits)?; + let unpacked_control_bits: BitVec = BitVec::from_vec(packed_control_bits); - let mut inner_correction_words = Vec::with_capacity(bits - 1); - for chunk in unpacked_control_bits[0..(bits - 1) * 2].chunks(2) { - let control_bits = [(chunk[0] as u8).into(), (chunk[1] as u8).into()]; - let seed = Seed::decode(bytes)?.0; - let value = VI::decode(bytes)?; - inner_correction_words.push(IdpfCorrectionWord { - seed, - control_bits, - value, - }) + // Control bits + let mut control_bits = Vec::with_capacity(*bits); + for chunk in unpacked_control_bits[0..bits * 2].chunks(2) { + control_bits.push([(chunk[0] as u8).into(), (chunk[1] as u8).into()]); } - let control_bits = [ - (unpacked_control_bits[(bits - 1) * 2] as u8).into(), - (unpacked_control_bits[bits * 2 - 1] as u8).into(), - ]; - let seed = Seed::decode(bytes)?.0; - let value = VL::decode(bytes)?; - let leaf_correction_word = IdpfCorrectionWord { - seed, - control_bits, - value, - }; - // Check that unused packed bits are zero. if unpacked_control_bits[bits * 2..].any() { return Err(CodecError::UnexpectedValue); } + // Seeds + let mut seeds = std::iter::repeat_with(|| Seed::decode(bytes).map(|seed| seed.0)) + .take(*bits) + .collect::, _>>()?; + + // Inner payloads + let inner_payloads = std::iter::repeat_with(|| VI::decode(bytes)) + .take(bits - 1) + .collect::, _>>()?; + + // Outer payload + let leaf_paylaod = VL::decode(bytes)?; + + let leaf_correction_word = IdpfCorrectionWord { + seed: seeds.pop().unwrap(), // *bits == 0 + control_bits: control_bits.pop().unwrap(), // *bits == 0 + value: leaf_paylaod, + }; + + let inner_correction_words = seeds + .into_iter() + .zip(control_bits.into_iter().zip(inner_payloads)) + .map(|(seed, (control_bits, payload))| IdpfCorrectionWord { + seed, + control_bits, + value: payload, + }) + .collect::>(); + Ok(IdpfPublicShare { inner_correction_words, leaf_correction_word, @@ -1748,12 +1772,12 @@ mod tests { let message = hex::decode(concat!( "39", // packed control bit correction words (0b00111001) "abababababababababababababababab", // seed correction word, first level + "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd", // seed correction word, second level + "ffffffffffffffffffffffffffffffff", // seed correction word, third level "3d45010000000000", // field element correction word "e7e8010000000000", // field element correction word, continued - "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd", // seed correction word, second level "28c50c0100000000", // field element correction word "c250000000000000", // field element correction word, continued - "ffffffffffffffffffffffffffffffff", // seed correction word, third level "0100000000000000000000000000000000000000000000000000000000000000", // field element correction word, leaf field "f0debc9a78563412f0debc9a78563412f0debc9a78563412f0debc9a78563412", // field element correction word, continued )) From 0a9a934c3823b56ff3f63f8e684e3df3cb8ccd40 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 19 Dec 2024 19:51:44 +0000 Subject: [PATCH 14/20] build(deps): Bump thiserror from 2.0.3 to 2.0.7 (#1161) --- Cargo.lock | 8 ++++---- supply-chain/imports.lock | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 2850a5d45..2dc8f99dd 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -983,18 +983,18 @@ checksum = "55937e1799185b12863d447f42597ed69d9928686b8d88a1df17376a097d8369" [[package]] name = "thiserror" -version = "2.0.3" +version = "2.0.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c006c85c7651b3cf2ada4584faa36773bd07bac24acfb39f3c431b36d7e667aa" +checksum = "93605438cbd668185516ab499d589afb7ee1859ea3d5fc8f6b0755e1c7443767" dependencies = [ "thiserror-impl", ] [[package]] name = "thiserror-impl" -version = "2.0.3" +version = "2.0.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f077553d607adc1caf65430528a576c757a71ed73944b66ebb58ef2bbd243568" +checksum = "e1d8749b4531af2117677a5fcd12b1348a3fe2b81e36e61ffeac5c4aa3273e36" dependencies = [ "proc-macro2", "quote", diff --git a/supply-chain/imports.lock b/supply-chain/imports.lock index 36aaa0e2f..f01a53550 100644 --- a/supply-chain/imports.lock +++ b/supply-chain/imports.lock @@ -142,15 +142,15 @@ user-login = "dtolnay" user-name = "David Tolnay" [[publisher.thiserror]] -version = "2.0.3" -when = "2024-11-10" +version = "2.0.7" +when = "2024-12-13" user-id = 3618 user-login = "dtolnay" user-name = "David Tolnay" [[publisher.thiserror-impl]] -version = "2.0.3" -when = "2024-11-10" +version = "2.0.7" +when = "2024-12-13" user-id = 3618 user-login = "dtolnay" user-name = "David Tolnay" From f9d4f876b9c4b3baeae0bcdbb1d369ccf5f1a6b2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 19 Dec 2024 19:52:23 +0000 Subject: [PATCH 15/20] build(deps): Bump serde from 1.0.215 to 1.0.216 (#1162) --- Cargo.lock | 8 ++++---- supply-chain/imports.lock | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 2dc8f99dd..f53929dd3 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -871,18 +871,18 @@ dependencies = [ [[package]] name = "serde" -version = "1.0.215" +version = "1.0.216" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6513c1ad0b11a9376da888e3e0baa0077f1aed55c17f50e7b2397136129fb88f" +checksum = "0b9781016e935a97e8beecf0c933758c97a5520d32930e460142b4cd80c6338e" dependencies = [ "serde_derive", ] [[package]] name = "serde_derive" -version = "1.0.215" +version = "1.0.216" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ad1e866f866923f252f05c889987993144fb74e722403468a4ebd70c3cd756c0" +checksum = "46f859dbbf73865c6627ed570e78961cd3ac92407a2d117204c49232485da55e" dependencies = [ "proc-macro2", "quote", diff --git a/supply-chain/imports.lock b/supply-chain/imports.lock index f01a53550..c4233fec8 100644 --- a/supply-chain/imports.lock +++ b/supply-chain/imports.lock @@ -107,15 +107,15 @@ user-login = "dtolnay" user-name = "David Tolnay" [[publisher.serde]] -version = "1.0.215" -when = "2024-11-11" +version = "1.0.216" +when = "2024-12-11" user-id = 3618 user-login = "dtolnay" user-name = "David Tolnay" [[publisher.serde_derive]] -version = "1.0.215" -when = "2024-11-11" +version = "1.0.216" +when = "2024-12-11" user-id = 3618 user-login = "dtolnay" user-name = "David Tolnay" From 94d77ce1727b768d96cd8d338c3e97f00b6a659a Mon Sep 17 00:00:00 2001 From: Christopher Patton Date: Thu, 19 Dec 2024 12:26:33 -0800 Subject: [PATCH 16/20] Align agg param encoding for Poplar1 with VDAF-13 (#1171) The encoding of the prefixes has been simplified by avoiding splitting a prefix across a byte boundary. Each prefix is now zero-padded to the next byte. Also, re-enable test vectors for Poplar1 and IDPF. --- src/idpf.rs | 22 ++-- src/vdaf/poplar1.rs | 239 +++++++++++++++++++++++++++----------------- 2 files changed, 155 insertions(+), 106 deletions(-) diff --git a/src/idpf.rs b/src/idpf.rs index df0e1217f..c38b36d92 100644 --- a/src/idpf.rs +++ b/src/idpf.rs @@ -1122,7 +1122,6 @@ mod tests { convert::TryInto, io::Cursor, ops::{Add, AddAssign, Sub}, - str::FromStr, sync::Mutex, }; @@ -1133,7 +1132,6 @@ mod tests { bitbox, prelude::{BitBox, Lsb0}, slice::BitSlice, - vec::BitVec, }; use num_bigint::BigUint; use rand::random; @@ -2011,14 +2009,15 @@ mod tests { .try_into() .unwrap(); - let alpha_str = test_vec_obj.get("alpha").unwrap().as_str().unwrap(); - let alpha_bignum = BigUint::from_str(alpha_str).unwrap(); - let zero_bignum = BigUint::from(0u8); - let one_bignum = BigUint::from(1u8); - let alpha_bits = (0..bits) - .map(|level| (&alpha_bignum >> (bits - level - 1)) & &one_bignum != zero_bignum) - .collect::(); - let alpha = alpha_bits.into(); + let alpha_bools = test_vec_obj + .get("alpha") + .unwrap() + .as_array() + .unwrap() + .iter() + .map(|value| value.as_bool().unwrap()) + .collect::>(); + let alpha = IdpfInput::from_bools(&alpha_bools); let beta_inner_level_array = test_vec_obj.get("beta_inner").unwrap().as_array().unwrap(); let beta_inner = beta_inner_level_array @@ -2067,7 +2066,7 @@ mod tests { let ctx_hex = test_vec_obj.get("ctx").unwrap(); let ctx = hex::decode(ctx_hex.as_str().unwrap()).unwrap(); - let nonce_hex = test_vec_obj.get("binder").unwrap(); + let nonce_hex = test_vec_obj.get("nonce").unwrap(); let nonce = hex::decode(nonce_hex.as_str().unwrap()).unwrap(); IdpfTestVector { @@ -2082,7 +2081,6 @@ mod tests { } } - #[ignore] #[test] fn idpf_bbcggi21_generate_test_vector() { let test_vector = load_idpfbbcggi21_test_vector(); diff --git a/src/vdaf/poplar1.rs b/src/vdaf/poplar1.rs index de48238ec..b67c850c5 100644 --- a/src/vdaf/poplar1.rs +++ b/src/vdaf/poplar1.rs @@ -14,7 +14,6 @@ use crate::{ Aggregatable, Aggregator, Client, Collector, PrepareTransition, Vdaf, VdafError, }, }; -use bitvec::{prelude::Lsb0, vec::BitVec}; use rand_core::RngCore; use std::{ collections::BTreeSet, @@ -776,69 +775,68 @@ impl Poplar1AggregationParam { impl Encode for Poplar1AggregationParam { fn encode(&self, bytes: &mut Vec) -> Result<(), CodecError> { - // Okay to unwrap because `try_from_prefixes()` checks this conversion succeeds. - let prefix_count = u32::try_from(self.prefixes.len()).unwrap(); + // draft-irtf-cfrg-vdaf-13, Section 8.2.6.6: + // + // struct { + // uint16_t level; + // uint32_t num_prefixes; + // opaque encoded_prefixes[prefixes_len]; + // } Poplar1AggParam; + // + // Level self.level.encode(bytes)?; - prefix_count.encode(bytes)?; - - // The encoding of the prefixes is defined by treating the IDPF indices as integers, - // shifting and ORing them together, and encoding the resulting arbitrary precision integer - // in big endian byte order. Thus, the first prefix will appear in the last encoded byte, - // aligned to its least significant bit. The last prefix will appear in the first encoded - // byte, not necessarily aligned to a byte boundary. If the highest bits in the first byte - // are unused, they will be set to zero. - - // When an IDPF index is treated as an integer, the first bit is the integer's most - // significant bit, and bits are subsequently processed in order of decreasing significance. - // Thus, setting aside the order of bytes, bits within each byte are ordered with the - // [`Msb0`](bitvec::prelude::Msb0) convention, not [`Lsb0`](bitvec::prelude::Msb0). Yet, - // the entire integer is aligned to the least significant bit of the last byte, so we - // could not use `Msb0` directly without padding adjustments. Instead, we use `Lsb0` - // throughout and reverse the bit order of each prefix. - - let mut packed = self - .prefixes - .iter() - .flat_map(|input| input.iter().rev()) - .collect::>(); - packed.set_uninitialized(false); - let mut packed = packed.into_vec(); - packed.reverse(); - bytes.append(&mut packed); + + // Number of prefixes + let num_prefixes = + u32::try_from(self.prefixes.len()).map_err(|e| CodecError::Other(e.into()))?; + num_prefixes.encode(bytes)?; + + // Encoded prefixes + for prefix in self.prefixes.iter() { + bytes.append(&mut prefix.to_bytes()); + } + Ok(()) } fn encoded_len(&self) -> Option { - let packed_bit_count = (usize::from(self.level) + 1) * self.prefixes.len(); + let encoded_prefixes_len = (((self.level + 1) as usize + 7) / 8) * self.prefixes.len(); // 4 bytes for the number of prefixes, 2 bytes for the level, and a variable number of bytes - // for the packed prefixes themselves. - Some(6 + (packed_bit_count + 7) / 8) + // for the encoded prefixes themselves. + Some(6 + encoded_prefixes_len) } } impl Decode for Poplar1AggregationParam { fn decode(bytes: &mut Cursor<&[u8]>) -> Result { + // Level let level = u16::decode(bytes)?; - let prefix_count = + + // Number of prefixes + let num_prefixes = usize::try_from(u32::decode(bytes)?).map_err(|e| CodecError::Other(e.into()))?; - let packed_bit_count = (usize::from(level) + 1) * prefix_count; - let mut packed = vec![0u8; (packed_bit_count + 7) / 8]; - bytes.read_exact(&mut packed)?; - if packed_bit_count % 8 != 0 { - let unused_bits = packed[0] >> (packed_bit_count % 8); - if unused_bits != 0 { + // Encoded prefixes + let mut prefixes = Vec::with_capacity(num_prefixes); + let mut buf = vec![0; ((level + 1) as usize + 7) / 8]; + let last_byte_mask = match (level + 1) % 8 { + 0 => 0, + num_bits => { + let mut mask = 0; + for bit_position in 8 - num_bits..8 { + mask |= 1 << bit_position; + } + mask ^ 255 + } + }; + for _ in 0..num_prefixes { + bytes.read_exact(&mut buf)?; + // Ensure there are no trailing bits in the encoded prefix. + if buf.last().unwrap() & last_byte_mask > 0 { return Err(CodecError::UnexpectedValue); } + prefixes.push(IdpfInput::from_bytes(&buf).prefix(level as usize)); } - packed.reverse(); - let bits = BitVec::::from_vec(packed); - - let prefixes = bits - .chunks_exact(usize::from(level) + 1) - .take(prefix_count) - .map(|chunk| IdpfInput::from(chunk.iter().rev().collect::())) - .collect::>(); Poplar1AggregationParam::try_from_prefixes(prefixes) .map_err(|e| CodecError::Other(e.into())) @@ -1942,29 +1940,37 @@ mod tests { #[test] fn round_trip_agg_param() { - // These test cases were generated using the reference Sage implementation. - // (https://github.com/cfrg/draft-irtf-cfrg-vdaf/tree/main/poc) Sage statements used to + // These test cases were generated using the reference implementation + // (https://github.com/cfrg/draft-irtf-cfrg-vdaf/tree/main/poc). Python code used to // generate each test case are given in comments. for (prefixes, reference_encoding) in [ - // poplar.encode_agg_param(0, [0]) + // from vdaf_poc.vdaf_poplar1 import Poplar1 + // vdaf = Poplar1(256) + // + // print(list(vdaf.encode_agg_param((0, ((False,),),)))) ( Vec::from([IdpfInput::from_bools(&[false])]), [0, 0, 0, 0, 0, 1, 0].as_slice(), ), - // poplar.encode_agg_param(0, [1]) + // print(list(vdaf.encode_agg_param((0, ((True,),),)))) ( Vec::from([IdpfInput::from_bools(&[true])]), - [0, 0, 0, 0, 0, 1, 1].as_slice(), + [0, 0, 0, 0, 0, 1, 128].as_slice(), ), - // poplar.encode_agg_param(0, [0, 1]) + // print(list(vdaf.encode_agg_param((0, ((False,), (True,),),)))) ( Vec::from([ IdpfInput::from_bools(&[false]), IdpfInput::from_bools(&[true]), ]), - [0, 0, 0, 0, 0, 2, 2].as_slice(), + [0, 0, 0, 0, 0, 2, 0, 128].as_slice(), ), - // poplar.encode_agg_param(1, [0b00, 0b01, 0b10, 0b11]) + // print(list(vdaf.encode_agg_param((1, ( + // (False, False), + // (False, True), + // (True, False), + // (True, True), + // ))))) ( Vec::from([ IdpfInput::from_bools(&[false, false]), @@ -1972,18 +1978,31 @@ mod tests { IdpfInput::from_bools(&[true, false]), IdpfInput::from_bools(&[true, true]), ]), - [0, 1, 0, 0, 0, 4, 0xe4].as_slice(), + [0, 1, 0, 0, 0, 4, 0, 64, 128, 192].as_slice(), ), - // poplar.encode_agg_param(1, [0b00, 0b10, 0b11]) + // print(list(vdaf.encode_agg_param((1, ( + // (False, False), + // (True, False), + // (True, True), + // ))))) ( Vec::from([ IdpfInput::from_bools(&[false, false]), IdpfInput::from_bools(&[true, false]), IdpfInput::from_bools(&[true, true]), ]), - [0, 1, 0, 0, 0, 3, 0x38].as_slice(), + [0, 1, 0, 0, 0, 3, 0, 128, 192].as_slice(), ), - // poplar.encode_agg_param(2, [0b000, 0b001, 0b010, 0b011, 0b100, 0b101, 0b110, 0b111]) + // print(list(vdaf.encode_agg_param((2, ( + // (False, False, False), + // (False, False, True), + // (False, True, False), + // (False, True, True), + // (True, False, False), + // (True, False, True), + // (True, True, False), + // (True, True, True), + // ))))) ( Vec::from([ IdpfInput::from_bools(&[false, false, false]), @@ -1995,9 +2014,12 @@ mod tests { IdpfInput::from_bools(&[true, true, false]), IdpfInput::from_bools(&[true, true, true]), ]), - [0, 2, 0, 0, 0, 8, 0xfa, 0xc6, 0x88].as_slice(), + [0, 2, 0, 0, 0, 8, 0, 32, 64, 96, 128, 160, 192, 224].as_slice(), ), - // poplar.encode_agg_param(9, [0b01_1011_0010, 0b10_1101_1010]) + // print(list(vdaf.encode_agg_param((9, ( + // (False, True, True, False, True, True, False, False, True, False), + // (True, False, True, True, False, True, True, False, True, False), + // ))))) ( Vec::from([ IdpfInput::from_bools(&[ @@ -2007,12 +2029,17 @@ mod tests { true, false, true, true, false, true, true, false, true, false, ]), ]), - [0, 9, 0, 0, 0, 2, 0x0b, 0x69, 0xb2].as_slice(), + [0, 9, 0, 0, 0, 2, 108, 128, 182, 128].as_slice(), ), - // poplar.encode_agg_param(15, [0xcafe]) + // print(list(vdaf.encode_agg_param((15, ( + // ( + // True, True, False, False, True, False, True, False, True, True, True, + // True, True, True, True, False, + // ), + // ))))) ( Vec::from([IdpfInput::from_bytes(b"\xca\xfe")]), - [0, 15, 0, 0, 0, 1, 0xca, 0xfe].as_slice(), + [0, 15, 0, 0, 0, 1, 202, 254].as_slice(), ), ] { let agg_param = Poplar1AggregationParam::try_from_prefixes(prefixes).unwrap(); @@ -2024,18 +2051,63 @@ mod tests { } #[test] - fn agg_param_wrong_unused_bit() { - let err = Poplar1AggregationParam::get_decoded(&[0, 0, 0, 0, 0, 1, 2]).unwrap_err(); + fn agg_param_prefix_with_trailing_bits() { + let encoded = [ + 0, 0, // level + 0, 0, 0, 1, // number of prefixes + 2, // encoded prefix with a trailing bit + ]; + let err = Poplar1AggregationParam::get_decoded(&encoded).unwrap_err(); + assert_matches!(err, CodecError::UnexpectedValue); + + let encoded = [ + 0, 11, // level + 0, 0, 0, 1, // number of prefixes + 1, 7, // encoded prefix with trailing bits + ]; + let err = Poplar1AggregationParam::get_decoded(&encoded).unwrap_err(); assert_matches!(err, CodecError::UnexpectedValue); } #[test] fn agg_param_ordering() { - let err = Poplar1AggregationParam::get_decoded(&[0, 0, 0, 0, 0, 2, 1]).unwrap_err(); + // Prefixes are out of order. + let encoded = Poplar1AggregationParam { + level: 0, + prefixes: vec![ + IdpfInput::from_bools(&[true]), + IdpfInput::from_bools(&[false]), + ], + } + .get_encoded() + .unwrap(); + let err = Poplar1AggregationParam::get_decoded(&encoded).unwrap_err(); assert_matches!(err, CodecError::Other(_)); - let err = Poplar1AggregationParam::get_decoded(&[0, 0, 0, 0, 0, 2, 0]).unwrap_err(); + + // Prefixes repeat. + let encoded = Poplar1AggregationParam { + level: 0, + prefixes: vec![ + IdpfInput::from_bools(&[false]), + IdpfInput::from_bools(&[false]), + ], + } + .get_encoded() + .unwrap(); + let err = Poplar1AggregationParam::get_decoded(&encoded).unwrap_err(); assert_matches!(err, CodecError::Other(_)); - let err = Poplar1AggregationParam::get_decoded(&[0, 0, 0, 0, 0, 2, 3]).unwrap_err(); + + // Prefixes repeat. + let encoded = Poplar1AggregationParam { + level: 0, + prefixes: vec![ + IdpfInput::from_bools(&[true]), + IdpfInput::from_bools(&[true]), + ], + } + .get_encoded() + .unwrap(); + let err = Poplar1AggregationParam::get_decoded(&encoded).unwrap_err(); assert_matches!(err, CodecError::Other(_)); } @@ -2101,7 +2173,7 @@ mod tests { #[derive(Debug, Deserialize)] struct PoplarTestVector { - agg_param: (usize, Vec), + agg_param: HexEncoded, agg_result: Vec, agg_shares: Vec, bits: usize, @@ -2113,7 +2185,7 @@ mod tests { #[derive(Debug, Deserialize)] struct PreparationTestVector { input_shares: Vec, - measurement: u64, + measurement: Vec, nonce: HexEncoded, out_shares: Vec>, prep_messages: Vec, @@ -2126,23 +2198,8 @@ mod tests { let test_vector: PoplarTestVector = serde_json::from_str(input).unwrap(); assert_eq!(test_vector.prep.len(), 1); let prep = &test_vector.prep[0]; - let measurement_bits = (0..test_vector.bits) - .rev() - .map(|i| (prep.measurement >> i) & 1 != 0) - .collect::(); - let measurement = IdpfInput::from(measurement_bits); - let (agg_param_level, agg_param_prefixes_int) = test_vector.agg_param; - let agg_param_prefixes = agg_param_prefixes_int - .iter() - .map(|int| { - let bits = (0..=agg_param_level) - .rev() - .map(|i| (*int >> i) & 1 != 0) - .collect::(); - bits.into() - }) - .collect::>(); - let agg_param = Poplar1AggregationParam::try_from_prefixes(agg_param_prefixes).unwrap(); + let measurement = IdpfInput::from_bools(&prep.measurement); + let agg_param = Poplar1AggregationParam::get_decoded(&test_vector.agg_param.0).unwrap(); let verify_key = test_vector.verify_key.as_ref().try_into().unwrap(); let nonce = prep.nonce.as_ref().try_into().unwrap(); @@ -2410,37 +2467,31 @@ mod tests { assert_eq!(agg_result, test_vector.agg_result); } - #[ignore] #[test] fn test_vec_poplar1_0() { check_test_vec(include_str!("test_vec/13/Poplar1_0.json")); } - #[ignore] #[test] fn test_vec_poplar1_1() { check_test_vec(include_str!("test_vec/13/Poplar1_1.json")); } - #[ignore] #[test] fn test_vec_poplar1_2() { check_test_vec(include_str!("test_vec/13/Poplar1_2.json")); } - #[ignore] #[test] fn test_vec_poplar1_3() { check_test_vec(include_str!("test_vec/13/Poplar1_3.json")); } - #[ignore] #[test] fn test_vec_poplar1_4() { check_test_vec(include_str!("test_vec/13/Poplar1_4.json")); } - #[ignore] #[test] fn test_vec_poplar1_5() { check_test_vec(include_str!("test_vec/13/Poplar1_5.json")); From b4a71a8993b6e461bca38ec6acaf6196869e45ab Mon Sep 17 00:00:00 2001 From: Christopher Patton Date: Fri, 3 Jan 2025 07:19:56 -0800 Subject: [PATCH 17/20] Various improvements to VIDPF (#1177) * vidpf: Align terminology with spec * vidpf: Merge "cs" into correction word The "cs" field is merely a correction word for the node proof. * vidpf: Clean up API documentation Clean up comments a bit and move a couple of things out of the public API. * vidpf: Remove `NONCE_SIZE` parameter This simplifies the API a bit and improves parity with the idpf module. * vidpf: Improve control flow Create an iterator over a `VidpfInput` that consolidates some error handling common to VIDPF generation and evaluation. This allows us to reduce the amount of error handling necessary and improve control flow in a few places. * vidpf: Move onehot proof computation out of `eval_next()` We're currently computing the onehot proof via the following tree traversal: for each prefix, visit each node along the path from the root to the node labeled by the prefix. The Mastic spec calls for a breadth-first traversal of the sub-tree composed of the nodes of the prefixes. This commit makes three improvements towards aligning Mastic with the spec. First, de-couple the onehot proof computation from `eval_next()` completely. At the moment, the "latest onehot proof" is stored in the evaluation state, a value that is dependent on the tree traversal. This forces us to handle Mastic-specific details in VIDPF. Instead we store the node proof in the evaluation state, which is independent of the traversal. Second, modify `eval()` and `eval_cache()` to return a onehot proof for the single prefix they traverse. Third, consolidate the `eval_root()` APIs into a single function. * vidpf: Encapsulate output of `eval_next()` Rename `VidpfEvalCache` to `VidpfEvalResult` and have `eval_enxt()` output it. * vidpf: Defer negation of weight until after `eval_next()` This is needed in order to properly compute the path and payload checks. --- benches/speed_tests.rs | 4 +- src/vdaf/mastic.rs | 82 ++--- src/vidpf.rs | 664 +++++++++++++++++++---------------------- 3 files changed, 350 insertions(+), 400 deletions(-) diff --git a/benches/speed_tests.rs b/benches/speed_tests.rs index 068ff830f..b2356f561 100644 --- a/benches/speed_tests.rs +++ b/benches/speed_tests.rs @@ -859,7 +859,7 @@ fn vidpf(c: &mut Criterion) { let input = VidpfInput::from_bools(&bits); let weight = VidpfWeight::from(vec![Field255::one(), Field255::one()]); - let vidpf = Vidpf::, NONCE_SIZE>::new(2); + let vidpf = Vidpf::>::new(2); b.iter(|| { let _ = vidpf.gen(&input, &weight, NONCE).unwrap(); @@ -875,7 +875,7 @@ fn vidpf(c: &mut Criterion) { let bits = iter::repeat_with(random).take(size).collect::>(); let input = VidpfInput::from_bools(&bits); let weight = VidpfWeight::from(vec![Field255::one(), Field255::one()]); - let vidpf = Vidpf::, NONCE_SIZE>::new(2); + let vidpf = Vidpf::>::new(2); let (public, keys) = vidpf.gen(&input, &weight, NONCE).unwrap(); diff --git a/src/vdaf/mastic.rs b/src/vdaf/mastic.rs index 7fb7ba48d..11ce4918c 100644 --- a/src/vdaf/mastic.rs +++ b/src/vdaf/mastic.rs @@ -19,7 +19,7 @@ use crate::{ PrepareTransition, Vdaf, VdafError, }, vidpf::{ - Vidpf, VidpfError, VidpfEvalCache, VidpfInput, VidpfKey, VidpfPublicShare, VidpfServerId, + Vidpf, VidpfError, VidpfEvalResult, VidpfInput, VidpfKey, VidpfPublicShare, VidpfServerId, VidpfWeight, }, }; @@ -44,7 +44,7 @@ where { algorithm_id: u32, szk: Szk, - pub(crate) vidpf: Vidpf, 16>, + pub(crate) vidpf: Vidpf>, /// The length of the private attribute associated with any input. pub(crate) bits: usize, } @@ -58,7 +58,7 @@ where pub fn new( algorithm_id: u32, szk: Szk, - vidpf: Vidpf, 16>, + vidpf: Vidpf>, bits: usize, ) -> Self { Self { @@ -306,12 +306,20 @@ where nonce, )?; - let leader_measurement_share = - self.vidpf - .eval_root(VidpfServerId::S0, &vidpf_keys[0], &public_share, nonce)?; - let helper_measurement_share = - self.vidpf - .eval_root(VidpfServerId::S1, &vidpf_keys[1], &public_share, nonce)?; + let leader_measurement_share = self.vidpf.eval_root( + VidpfServerId::S0, + &vidpf_keys[0], + &public_share, + &mut BinaryTree::default(), + nonce, + )?; + let helper_measurement_share = self.vidpf.eval_root( + VidpfServerId::S1, + &vidpf_keys[1], + &public_share, + &mut BinaryTree::default(), + nonce, + )?; let [leader_szk_proof_share, helper_szk_proof_share] = self.szk.prove( leader_measurement_share.as_ref(), @@ -530,18 +538,19 @@ where let mut output_shares = Vec::::with_capacity( self.vidpf.weight_parameter * agg_param.level_and_prefixes.prefixes().len(), ); - let mut cache_tree = BinaryTree::>>::default(); + let mut cache_tree = BinaryTree::>>::default(); for prefix in agg_param.level_and_prefixes.prefixes() { - let mut value_share = self.vidpf.eval_with_cache( - id, - &input_share.vidpf_key, - public_share, - prefix, - &mut cache_tree, - nonce, - )?; - eval_proof.update(&value_share.proof); - output_shares.append(&mut value_share.share.0); + let (VidpfWeight(mut weight_share), onehot_proof_for_prefix) = + self.vidpf.eval_with_cache( + id, + &input_share.vidpf_key, + public_share, + prefix, + &mut cache_tree, + nonce, + )?; + eval_proof.update(&onehot_proof_for_prefix); + output_shares.append(&mut weight_share); } Ok(if agg_param.require_weight_check { @@ -549,13 +558,9 @@ where vidpf_key, proof_share, } = input_share; - let root_share = self.vidpf.get_root_weight_share( - id, - vidpf_key, - public_share, - &mut cache_tree, - nonce, - )?; + let root_share = + self.vidpf + .eval_root(id, vidpf_key, public_share, &mut cache_tree, nonce)?; let (szk_query_share, szk_query_state) = self.szk .query(root_share.as_ref(), proof_share, verify_key, nonce)?; @@ -707,7 +712,6 @@ mod tests { use crate::vdaf::test_utils::run_vdaf; use rand::{thread_rng, Rng}; - const TEST_NONCE_SIZE: usize = 16; const CTX_STR: &[u8] = b"mastic ctx"; #[test] @@ -718,7 +722,7 @@ mod tests { let encoded_meas_len = sum_typ.input_len(); let sum_szk = Szk::new_turboshake128(sum_typ, algorithm_id); - let sum_vidpf = Vidpf::, TEST_NONCE_SIZE>::new(encoded_meas_len); + let sum_vidpf = Vidpf::>::new(encoded_meas_len); let mut nonce = [0u8; 16]; let mut verify_key = [0u8; 16]; @@ -803,7 +807,7 @@ mod tests { let encoded_meas_len = sum_typ.input_len(); let sum_szk = Szk::new_turboshake128(sum_typ, algorithm_id); - let sum_vidpf = Vidpf::, TEST_NONCE_SIZE>::new(encoded_meas_len); + let sum_vidpf = Vidpf::>::new(encoded_meas_len); let mut nonce = [0u8; 16]; let mut verify_key = [0u8; 16]; @@ -859,7 +863,7 @@ mod tests { let sum_typ = Sum::::new(max_measurement).unwrap(); let encoded_meas_len = sum_typ.input_len(); let sum_szk = Szk::new_turboshake128(sum_typ, algorithm_id); - let sum_vidpf = Vidpf::, TEST_NONCE_SIZE>::new(encoded_meas_len); + let sum_vidpf = Vidpf::>::new(encoded_meas_len); let mut nonce = [0u8; 16]; let mut verify_key = [0u8; 16]; @@ -884,7 +888,7 @@ mod tests { let algorithm_id = 6; let count = Count::::new(); let szk = Szk::new_turboshake128(count, algorithm_id); - let sum_vidpf = Vidpf::, TEST_NONCE_SIZE>::new(1); + let sum_vidpf = Vidpf::>::new(1); let mut nonce = [0u8; 16]; let mut verify_key = [0u8; 16]; @@ -965,7 +969,7 @@ mod tests { let algorithm_id = 6; let count = Count::::new(); let szk = Szk::new_turboshake128(count, algorithm_id); - let sum_vidpf = Vidpf::, TEST_NONCE_SIZE>::new(1); + let sum_vidpf = Vidpf::>::new(1); let mut nonce = [0u8; 16]; let mut verify_key = [0u8; 16]; @@ -987,7 +991,7 @@ mod tests { let algorithm_id = 6; let count = Count::::new(); let szk = Szk::new_turboshake128(count, algorithm_id); - let sum_vidpf = Vidpf::, TEST_NONCE_SIZE>::new(1); + let sum_vidpf = Vidpf::>::new(1); let mut nonce = [0u8; 16]; let mut verify_key = [0u8; 16]; @@ -1011,7 +1015,7 @@ mod tests { let sumvec = SumVec::>>::new(5, 3, 3).unwrap(); let szk = Szk::new_turboshake128(sumvec, algorithm_id); - let sum_vidpf = Vidpf::, TEST_NONCE_SIZE>::new(15); + let sum_vidpf = Vidpf::>::new(15); let mut nonce = [0u8; 16]; let mut verify_key = [0u8; 16]; @@ -1103,7 +1107,7 @@ mod tests { SumVec::>>::new(5, 3, 3).unwrap(); let measurement = vec![1, 16, 0]; let szk = Szk::new_turboshake128(sumvec, algorithm_id); - let sum_vidpf = Vidpf::, TEST_NONCE_SIZE>::new(15); + let sum_vidpf = Vidpf::>::new(15); let mut nonce = [0u8; 16]; let mut verify_key = [0u8; 16]; @@ -1136,7 +1140,7 @@ mod tests { SumVec::>>::new(5, 3, 3).unwrap(); let measurement = vec![1, 16, 0]; let szk = Szk::new_turboshake128(sumvec, algorithm_id); - let sum_vidpf = Vidpf::, TEST_NONCE_SIZE>::new(15); + let sum_vidpf = Vidpf::>::new(15); let mut nonce = [0u8; 16]; let mut verify_key = [0u8; 16]; @@ -1171,7 +1175,7 @@ mod tests { SumVec::>>::new(5, 3, 3).unwrap(); let measurement = vec![1, 16, 0]; let szk = Szk::new_turboshake128(sumvec, algorithm_id); - let sum_vidpf = Vidpf::, TEST_NONCE_SIZE>::new(15); + let sum_vidpf = Vidpf::>::new(15); let mut nonce = [0u8; 16]; let mut verify_key = [0u8; 16]; @@ -1198,7 +1202,7 @@ mod tests { SumVec::>>::new(5, 3, 3).unwrap(); let measurement = vec![1, 16, 0]; let szk = Szk::new_turboshake128(sumvec, algorithm_id); - let sum_vidpf = Vidpf::, TEST_NONCE_SIZE>::new(15); + let sum_vidpf = Vidpf::>::new(15); let mut nonce = [0u8; 16]; let mut verify_key = [0u8; 16]; diff --git a/src/vidpf.rs b/src/vidpf.rs index 192104b61..540b85c08 100644 --- a/src/vidpf.rs +++ b/src/vidpf.rs @@ -25,28 +25,22 @@ use crate::{ bt::{BinaryTree, Node}, codec::{CodecError, Decode, Encode, ParameterizedDecode}, field::FieldElement, - idpf::{ - conditional_select_seed, conditional_swap_seed, conditional_xor_seeds, xor_seeds, - IdpfInput, IdpfValue, - }, + idpf::{conditional_swap_seed, conditional_xor_seeds, xor_seeds, IdpfInput, IdpfValue}, vdaf::xof::{Seed, Xof, XofFixedKeyAes128, XofTurboShake128}, }; -/// VIDPF-related errors. +const ONEHOT_PROOF_INIT: [u8; VIDPF_PROOF_SIZE] = [ + 186, 76, 128, 104, 116, 50, 149, 133, 2, 164, 82, 118, 128, 155, 163, 239, 117, 95, 162, 196, + 173, 31, 244, 180, 171, 86, 176, 209, 12, 221, 28, 204, +]; + +/// VIDPF errors. #[derive(Debug, thiserror::Error)] #[non_exhaustive] pub enum VidpfError { - /// Error when key's identifier are equal. - #[error("key's identifier should be different")] - SameKeyId, - - /// Error when level does not fit in a 32-bit number. - #[error("level is not representable as a 32-bit integer")] - LevelTooBig, - - /// Error during VIDPF evaluation: tried to access a level index out of bounds. - #[error("level index out of bounds")] - IndexLevel, + /// Input is too long to be represented. + #[error("input too long")] + InputTooLong, /// Error when input attribute has too few or many bits to be a path in an initialized /// VIDPF tree. @@ -69,13 +63,13 @@ pub type VidpfInput = IdpfInput; pub trait VidpfValue: IdpfValue + Clone + Debug + PartialEq + ConstantTimeEq {} #[derive(Clone, Debug)] -/// A VIDPF instance. -pub struct Vidpf { +/// An instance of the VIDPF. +pub struct Vidpf { /// Any parameters required to instantiate a weight value. pub(crate) weight_parameter: W::ValueParameter, } -impl Vidpf { +impl Vidpf { /// Creates a VIDPF instance. /// /// # Arguments @@ -100,129 +94,119 @@ impl Vidpf { /// /// * `input`, determines the input of the function. /// * `weight`, determines the input's weight of the function. - /// * `nonce`, used to cryptographically bind some information. + /// * `nonce`, a nonce, typically the same value provided to the + /// [`Client`](crate::vdaf::Client) and [`Aggregator`](crate::vdaf::Aggregator). + /// APIs. pub fn gen( &self, input: &VidpfInput, weight: &W, - nonce: &[u8; NONCE_SIZE], + nonce: &[u8], ) -> Result<(VidpfPublicShare, [VidpfKey; 2]), VidpfError> { let keys = [VidpfKey::generate()?, VidpfKey::generate()?]; let public = self.gen_with_keys(&keys, input, weight, nonce)?; Ok((public, keys)) } - /// Works as the [`Vidpf::gen`] method, except that two different - /// keys must be provided. + /// Produce the public share for the given keys, input, and weight. pub(crate) fn gen_with_keys( &self, keys: &[VidpfKey; 2], input: &VidpfInput, weight: &W, - nonce: &[u8; NONCE_SIZE], + nonce: &[u8], ) -> Result, VidpfError> { - let mut s_i = [keys[0].0, keys[1].0]; - let mut t_i = [ + let mut seed = [keys[0].0, keys[1].0]; + let mut ctrl = [ Choice::from(VidpfServerId::S0), Choice::from(VidpfServerId::S1), ]; - let n = input.len(); - let mut cw = Vec::with_capacity(n); - let mut cs = Vec::with_capacity(n); - - for level in 0..n { - let alpha_i = Choice::from(u8::from(input.get(level).ok_or(VidpfError::IndexLevel)?)); - - // If alpha_i == 0 then - // (same_seed, diff_seed) = (right_seed, left_seed) - // else - // (same_seed, diff_seed) = (left_seed, right_seed) - let seq_0 = Self::prg(&s_i[0], nonce); - let (same_seed_0, diff_seed_0) = &mut (seq_0.right_seed, seq_0.left_seed); - conditional_swap_seed(same_seed_0, diff_seed_0, alpha_i); - - let seq_1 = Self::prg(&s_i[1], nonce); - let (same_seed_1, diff_seed_1) = &mut (seq_1.right_seed, seq_1.left_seed); - conditional_swap_seed(same_seed_1, diff_seed_1, alpha_i); - - // If alpha_i == 0 then - // diff_control_bit = left_control_bit - // else - // diff_control_bit = right_control_bit - let diff_control_bit_0 = Choice::conditional_select( - &seq_0.left_control_bit, - &seq_0.right_control_bit, - alpha_i, + let mut cw = Vec::with_capacity(input.len()); + for VidpfEvalIndex { bit, input, level } in input.index_iter()? { + // Extend. + let e = [Self::extend(&seed[0], nonce), Self::extend(&seed[1], nonce)]; + + // Select the seed and control bit. + let (seed_keep_0, seed_lose_0) = &mut (e[0].seed_right, e[0].seed_left); + conditional_swap_seed(seed_keep_0, seed_lose_0, !bit); + let (seed_keep_1, seed_lose_1) = &mut (e[1].seed_right, e[1].seed_left); + conditional_swap_seed(seed_keep_1, seed_lose_1, !bit); + let ctrl_keep_0 = Choice::conditional_select(&e[0].ctrl_left, &e[0].ctrl_right, bit); + let ctrl_keep_1 = Choice::conditional_select(&e[1].ctrl_left, &e[1].ctrl_right, bit); + + // Compute the correction word seed and control bit. + let cw_seed = xor_seeds(seed_lose_0, seed_lose_1); + let cw_ctrl_left = e[0].ctrl_left ^ e[1].ctrl_left ^ bit ^ Choice::from(1); + let cw_ctrl_right = e[0].ctrl_right ^ e[1].ctrl_right ^ bit; + + // Correct the seed and control bit. + let seed_keep_0 = conditional_xor_seeds(seed_keep_0, &cw_seed, ctrl[0]); + let seed_keep_1 = conditional_xor_seeds(seed_keep_1, &cw_seed, ctrl[1]); + let cw_ctrl_keep = Choice::conditional_select(&cw_ctrl_left, &cw_ctrl_right, bit); + let ctrl_keep_0 = ctrl_keep_0 ^ (ctrl[0] & cw_ctrl_keep); + let ctrl_keep_1 = ctrl_keep_1 ^ (ctrl[1] & cw_ctrl_keep); + + // Convert. + let weight_0; + let weight_1; + (seed[0], weight_0) = self.convert(seed_keep_0, nonce); + (seed[1], weight_1) = self.convert(seed_keep_1, nonce); + ctrl[0] = ctrl_keep_0; + ctrl[1] = ctrl_keep_1; + + // Compute the correction word payload. + let mut cw_weight = weight_1 - weight_0 + weight.clone(); + cw_weight.conditional_negate(ctrl[1]); + + // Compute the correction word node proof. + let cw_proof = xor_proof( + Self::node_proof(input, level, &seed[0]), + &Self::node_proof(input, level, &seed[1]), ); - let diff_control_bit_1 = Choice::conditional_select( - &seq_1.left_control_bit, - &seq_1.right_control_bit, - alpha_i, - ); - - let s_cw = xor_seeds(same_seed_0, same_seed_1); - let t_cw_l = - seq_0.left_control_bit ^ seq_1.left_control_bit ^ alpha_i ^ Choice::from(1); - let t_cw_r = seq_0.right_control_bit ^ seq_1.right_control_bit ^ alpha_i; - let t_cw_diff = Choice::conditional_select(&t_cw_l, &t_cw_r, alpha_i); - let s_tilde_i_0 = conditional_xor_seeds(diff_seed_0, &s_cw, t_i[0]); - let s_tilde_i_1 = conditional_xor_seeds(diff_seed_1, &s_cw, t_i[1]); - - t_i[0] = diff_control_bit_0 ^ (t_i[0] & t_cw_diff); - t_i[1] = diff_control_bit_1 ^ (t_i[1] & t_cw_diff); - - let w_i_0; - let w_i_1; - (s_i[0], w_i_0) = self.convert(s_tilde_i_0, nonce); - (s_i[1], w_i_1) = self.convert(s_tilde_i_1, nonce); - - let mut w_cw = w_i_1 - w_i_0 + weight.clone(); - w_cw.conditional_negate(t_i[1]); - - let cw_i = VidpfCorrectionWord { - seed: s_cw, - left_control_bit: t_cw_l, - right_control_bit: t_cw_r, - weight: w_cw, - }; - cw.push(cw_i); - - let pi_tilde_0 = Self::node_proof(input, level, &s_i[0])?; - let pi_tilde_1 = Self::node_proof(input, level, &s_i[1])?; - let cs_i = xor_proof(pi_tilde_0, &pi_tilde_1); - cs.push(cs_i); + cw.push(VidpfCorrectionWord { + seed: cw_seed, + ctrl_left: cw_ctrl_left, + ctrl_right: cw_ctrl_right, + weight: cw_weight, + proof: cw_proof, + }); } - Ok(VidpfPublicShare { cw, cs }) + Ok(VidpfPublicShare { cw }) } - /// Evaluates the entire `input` and produces a share of the - /// input's weight. + /// Evaluate a given VIDPF (comprised of the key and public share) at a given input. pub fn eval( &self, id: VidpfServerId, key: &VidpfKey, public: &VidpfPublicShare, input: &VidpfInput, - nonce: &[u8; NONCE_SIZE], - ) -> Result, VidpfError> { - let mut state = VidpfEvalState::init_from_key(id, key); - let mut share = W::zero(&self.weight_parameter); + nonce: &[u8], + ) -> Result<(W, VidpfProof), VidpfError> { + let mut r = VidpfEvalResult { + state: VidpfEvalState::init_from_key(id, key), + share: W::zero(&self.weight_parameter), // not used + }; - let n = input.len(); - if n > public.cw.len() { + if input.len() > public.cw.len() { return Err(VidpfError::InvalidAttributeLength); } - for level in 0..n { - (state, share) = self.eval_next(id, public, input, level, &state, nonce)?; + + let mut onehot_proof = ONEHOT_PROOF_INIT; + for (idx, cw) in input.index_iter()?.zip(public.cw.iter()) { + r = self.eval_next(cw, idx, &r.state, nonce); + onehot_proof = xor_proof( + onehot_proof, + &Self::hash_proof(xor_proof(onehot_proof, &r.state.node_proof)), + ); } - Ok(VidpfValueShare { - share, - proof: state.proof, - }) + let mut weight = r.share; + weight.conditional_negate(Choice::from(id)); + Ok((weight, onehot_proof)) } /// Evaluates the entire `input` and produces a share of the @@ -234,125 +218,100 @@ impl Vidpf { key: &VidpfKey, public: &VidpfPublicShare, input: &VidpfInput, - cache_tree: &mut BinaryTree>, - nonce: &[u8; NONCE_SIZE], - ) -> Result, VidpfError> { - let n = input.len(); - if n > public.cw.len() { + cache_tree: &mut BinaryTree>, + nonce: &[u8], + ) -> Result<(W, VidpfProof), VidpfError> { + if input.len() > public.cw.len() { return Err(VidpfError::InvalidAttributeLength); } let mut sub_tree = cache_tree.root.get_or_insert_with(|| { - Box::new(Node::new(VidpfEvalCache { + Box::new(Node::new(VidpfEvalResult { state: VidpfEvalState::init_from_key(id, key), share: W::zero(&self.weight_parameter), // not used })) }); - for (level, bit) in input.iter().enumerate() { - sub_tree = if !bit { - if sub_tree.left.is_none() { - let (new_state, new_share) = - self.eval_next(id, public, input, level, &sub_tree.value.state, nonce)?; - sub_tree.left = Some(Box::new(Node::new(VidpfEvalCache { - state: new_state, - share: new_share, - }))); - } - sub_tree.left.as_mut().expect("right child was visited") + let mut onehot_proof = ONEHOT_PROOF_INIT; + for (idx, cw) in input.index_iter()?.zip(public.cw.iter()) { + sub_tree = if idx.bit.unwrap_u8() == 0 { + sub_tree.left.get_or_insert_with(|| { + Box::new(Node::new(self.eval_next( + cw, + idx, + &sub_tree.value.state, + nonce, + ))) + }) } else { - if sub_tree.right.is_none() { - let (new_state, new_share) = - self.eval_next(id, public, input, level, &sub_tree.value.state, nonce)?; - sub_tree.right = Some(Box::new(Node::new(VidpfEvalCache { - state: new_state, - share: new_share, - }))); - } - sub_tree.right.as_mut().expect("right child was visited") - } + sub_tree.right.get_or_insert_with(|| { + Box::new(Node::new(self.eval_next( + cw, + idx, + &sub_tree.value.state, + nonce, + ))) + }) + }; + onehot_proof = xor_proof( + onehot_proof, + &Self::hash_proof(xor_proof(onehot_proof, &sub_tree.value.state.node_proof)), + ); } - Ok(sub_tree.value.to_share()) + + let mut weight = sub_tree.value.to_share(); + weight.conditional_negate(Choice::from(id)); + Ok((weight, onehot_proof)) } /// Evaluates the `input` at the given level using the provided initial /// state, and returns a new state and a share of the input's weight at that level. fn eval_next( &self, - id: VidpfServerId, - public: &VidpfPublicShare, - input: &VidpfInput, - level: usize, + cw: &VidpfCorrectionWord, + VidpfEvalIndex { bit, input, level }: VidpfEvalIndex<'_>, state: &VidpfEvalState, - nonce: &[u8; NONCE_SIZE], - ) -> Result<(VidpfEvalState, W), VidpfError> { - let cw = public.cw.get(level).ok_or(VidpfError::IndexLevel)?; - - let seq_tilde = Self::prg(&state.seed, nonce); - - let t_i = state.control_bit; - let sl = conditional_xor_seeds(&seq_tilde.left_seed, &cw.seed, t_i); - let sr = conditional_xor_seeds(&seq_tilde.right_seed, &cw.seed, t_i); - let tl = seq_tilde.left_control_bit ^ (t_i & cw.left_control_bit); - let tr = seq_tilde.right_control_bit ^ (t_i & cw.right_control_bit); - - let x_i = Choice::from(u8::from(input.get(level).ok_or(VidpfError::IndexLevel)?)); - let s_tilde_i = conditional_select_seed(x_i, &[sl, sr]); - - let next_control_bit = Choice::conditional_select(&tl, &tr, x_i); - let (next_seed, w_i) = self.convert(s_tilde_i, nonce); - - let zero = ::zero(&self.weight_parameter); - let mut y = ::conditional_select(&zero, &cw.weight, next_control_bit); - y += w_i; - y.conditional_negate(Choice::from(id)); - - let pi_i = &state.proof; - let cs_i = public.cs.get(level).ok_or(VidpfError::IndexLevel)?; - let pi_tilde = Self::node_proof(input, level, &next_seed)?; - let h2_input = xor_proof( - conditional_xor_proof(pi_tilde, cs_i, next_control_bit), - pi_i, + nonce: &[u8], + ) -> VidpfEvalResult { + // Extend. + let e = Self::extend(&state.seed, nonce); + + // Select the seed and control bit. + let (seed_keep, seed_lose) = &mut (e.seed_right, e.seed_left); + conditional_swap_seed(seed_keep, seed_lose, !bit); + let ctrl_keep = Choice::conditional_select(&e.ctrl_left, &e.ctrl_right, bit); + + // Correct the seed and control bit. + let seed_keep = conditional_xor_seeds(seed_keep, &cw.seed, state.control_bit); + let cw_ctrl_keep = Choice::conditional_select(&cw.ctrl_left, &cw.ctrl_right, bit); + let next_ctrl = ctrl_keep ^ (state.control_bit & cw_ctrl_keep); + + // Convert and correct the payload. + let (next_seed, w) = self.convert(seed_keep, nonce); + let mut weight = ::conditional_select( + &::zero(&self.weight_parameter), + &cw.weight, + next_ctrl, + ); + weight += w; + + // Compute and correct the node proof. + let node_proof = conditional_xor_proof( + Self::node_proof(input, level, &next_seed), + &cw.proof, + next_ctrl, ); - let next_proof = xor_proof(Self::node_proof_adjustment(h2_input), pi_i); let next_state = VidpfEvalState { seed: next_seed, - control_bit: next_control_bit, - proof: next_proof, + control_bit: next_ctrl, + node_proof, }; - Ok((next_state, y)) - } - - pub(crate) fn get_root_weight_share( - &self, - id: VidpfServerId, - key: &VidpfKey, - public_share: &VidpfPublicShare, - cache_tree: &mut BinaryTree>, - nonce: &[u8; NONCE_SIZE], - ) -> Result { - Ok(self - .eval_with_cache( - id, - key, - public_share, - &VidpfInput::from_bools(&[false]), - cache_tree, - nonce, - )? - .share - + self - .eval_with_cache( - id, - key, - public_share, - &VidpfInput::from_bools(&[true]), - cache_tree, - nonce, - )? - .share) + VidpfEvalResult { + state: next_state, + share: weight, + } } pub(crate) fn eval_root( @@ -360,52 +319,54 @@ impl Vidpf { id: VidpfServerId, key: &VidpfKey, public_share: &VidpfPublicShare, - nonce: &[u8; NONCE_SIZE], + cache_tree: &mut BinaryTree>, + nonce: &[u8], ) -> Result { - Ok(self - .eval( - id, - key, - public_share, - &VidpfInput::from_bools(&[false]), - nonce, - )? - .share - + self - .eval( - id, - key, - public_share, - &VidpfInput::from_bools(&[true]), - nonce, - )? - .share) + let (weight_share_left, _onehot_proof_left) = self.eval_with_cache( + id, + key, + public_share, + &VidpfInput::from_bools(&[false]), + cache_tree, + nonce, + )?; + + let (weight_share_right, _onehot_proof_right) = self.eval_with_cache( + id, + key, + public_share, + &VidpfInput::from_bools(&[true]), + cache_tree, + nonce, + )?; + + Ok(weight_share_left + weight_share_right) } - fn prg(seed: &VidpfSeed, nonce: &[u8]) -> VidpfPrgOutput { + fn extend(seed: &VidpfSeed, nonce: &[u8]) -> ExtendedSeed { let mut rng = XofFixedKeyAes128::seed_stream(&Seed(*seed), VidpfDomainSepTag::PRG, nonce); - let mut left_seed = VidpfSeed::default(); - let mut right_seed = VidpfSeed::default(); - rng.fill_bytes(&mut left_seed); - rng.fill_bytes(&mut right_seed); + let mut seed_left = VidpfSeed::default(); + let mut seed_right = VidpfSeed::default(); + rng.fill_bytes(&mut seed_left); + rng.fill_bytes(&mut seed_right); // Use the LSB of seeds as control bits, and clears the bit, // i.e., seeds produced by `prg` always have their LSB = 0. // This ensures `prg` costs two AES calls only. - let left_control_bit = Choice::from(left_seed[0] & 0x01); - let right_control_bit = Choice::from(right_seed[0] & 0x01); - left_seed[0] &= 0xFE; - right_seed[0] &= 0xFE; - - VidpfPrgOutput { - left_seed, - left_control_bit, - right_seed, - right_control_bit, + let ctrl_left = Choice::from(seed_left[0] & 0x01); + let ctrl_right = Choice::from(seed_right[0] & 0x01); + seed_left[0] &= 0xFE; + seed_right[0] &= 0xFE; + + ExtendedSeed { + seed_left, + ctrl_left, + seed_right, + ctrl_right, } } - fn convert(&self, seed: VidpfSeed, nonce: &[u8; NONCE_SIZE]) -> (VidpfSeed, W) { + fn convert(&self, seed: VidpfSeed, nonce: &[u8]) -> (VidpfSeed, W) { let mut rng = XofFixedKeyAes128::seed_stream(&Seed(seed), VidpfDomainSepTag::CONVERT, nonce); @@ -416,34 +377,26 @@ impl Vidpf { (out_seed, value) } - fn node_proof( - input: &VidpfInput, - level: usize, - seed: &VidpfSeed, - ) -> Result { + fn node_proof(input: &VidpfInput, level: u16, seed: &VidpfSeed) -> VidpfProof { let mut shake = XofTurboShake128::from_seed_slice(&seed[..], VidpfDomainSepTag::NODE_PROOF); for chunk128 in input - .index(..=level) + .index(..=usize::from(level)) .chunks(128) .map(BitField::load_le::) .map(u128::to_le_bytes) { shake.update(&chunk128); } - shake.update( - &u16::try_from(level) - .map_err(|_e| VidpfError::LevelTooBig)? - .to_le_bytes(), - ); + shake.update(&level.to_le_bytes()); let mut rng = shake.into_seed_stream(); let mut proof = VidpfProof::default(); rng.fill_bytes(&mut proof); - Ok(proof) + proof } - fn node_proof_adjustment(mut proof: VidpfProof) -> VidpfProof { + fn hash_proof(mut proof: VidpfProof) -> VidpfProof { let mut rng = XofTurboShake128::seed_stream( &Seed(Default::default()), VidpfDomainSepTag::NODE_PROOF_ADJUST, @@ -455,7 +408,7 @@ impl Vidpf { } } -/// Vidpf domain separation tag +/// VIDPF domain separation tag. /// /// Contains the domain separation tags for invoking different oracles. struct VidpfDomainSepTag; @@ -466,12 +419,12 @@ impl VidpfDomainSepTag { const NODE_PROOF_ADJUST: &'static [u8] = b"NodeProofAdjust"; } -/// Vidpf key. +/// VIDPF key. /// /// Private key of an aggregation server. pub type VidpfKey = Seed; -/// Vidpf server ID. +/// VIDPF server ID. /// /// Identifies the two aggregation servers. #[derive(Clone, Copy, Debug, PartialEq, Eq)] @@ -491,23 +444,23 @@ impl From for Choice { } } -/// Vidpf correction word. -/// -/// Adjusts values of shares during the VIDPF evaluation. +/// VIDPF correction word. #[derive(Clone, Debug)] struct VidpfCorrectionWord { seed: VidpfSeed, - left_control_bit: Choice, - right_control_bit: Choice, + ctrl_left: Choice, + ctrl_right: Choice, weight: W, + proof: VidpfProof, } impl ConstantTimeEq for VidpfCorrectionWord { fn ct_eq(&self, other: &Self) -> Choice { self.seed.ct_eq(&other.seed) - & self.left_control_bit.ct_eq(&other.left_control_bit) - & self.right_control_bit.ct_eq(&other.right_control_bit) + & self.ctrl_left.ct_eq(&other.ctrl_left) + & self.ctrl_right.ct_eq(&other.ctrl_right) & self.weight.ct_eq(&other.weight) + & self.proof.ct_eq(&other.proof) } } @@ -520,13 +473,10 @@ where } } -/// Vidpf public share -/// -/// Common public information used by aggregation servers. +/// VIDPF public share. #[derive(Clone, Debug, PartialEq)] pub struct VidpfPublicShare { cw: Vec>, - cs: Vec, } impl Encode for VidpfPublicShare { @@ -539,8 +489,8 @@ impl Encode for VidpfPublicShare { for correction_words in self.cw.iter() { control_bits.extend( [ - bool::from(correction_words.left_control_bit), - bool::from(correction_words.right_control_bit), + bool::from(correction_words.ctrl_left), + bool::from(correction_words.ctrl_right), ] .iter(), ); @@ -549,24 +499,30 @@ impl Encode for VidpfPublicShare { let mut packed_control = control_bits.into_vec(); bytes.append(&mut packed_control); - for correction_words in self.cw.iter() { - Seed(correction_words.seed).encode(bytes)?; - correction_words.weight.encode(bytes)?; - } - - for proof in &self.cs { + for VidpfCorrectionWord { + seed, + ctrl_left: _, + ctrl_right: _, + weight, + proof, + } in self.cw.iter() + { + bytes.extend_from_slice(seed); + weight.encode(bytes)?; bytes.extend_from_slice(proof); } + Ok(()) } fn encoded_len(&self) -> Option { let control_bits_count = (self.cw.len()) * 2; - let mut len = (control_bits_count + 7) / 8 + (self.cw.len()) * 16; - for correction_words in self.cw.iter() { - len += correction_words.weight.encoded_len()?; - } - len += self.cs.len() * VIDPF_PROOF_SIZE; + let mut len = 0; + len += (control_bits_count + 7) / 8; // control bits + let cw_encoded_len = VIDPF_SEED_SIZE + + VIDPF_PROOF_SIZE + + self.cw.first().and_then(|cw| cw.weight.encoded_len())?; + len += self.cw.len() * cw_encoded_len; Some(len) } } @@ -581,36 +537,32 @@ impl ParameterizedDecode<(usize, W::ValueParameter)> for VidpfPub bytes.read_exact(&mut packed)?; let unpacked_control_bits: BitVec = BitVec::from_vec(packed); - let mut cw = Vec::>::with_capacity(*bits); + let mut cw = Vec::with_capacity(*bits); for chunk in unpacked_control_bits[0..(bits) * 2].chunks(2) { - let left_control_bit = (chunk[0] as u8).into(); - let right_control_bit = (chunk[1] as u8).into(); + let ctrl_left = (chunk[0] as u8).into(); + let ctrl_right = (chunk[1] as u8).into(); let seed = Seed::decode(bytes)?.0; + let weight = W::decode_with_param(weight_parameter, bytes)?; + let mut proof = [0u8; VIDPF_PROOF_SIZE]; + bytes.read_exact(&mut proof)?; cw.push(VidpfCorrectionWord { seed, - left_control_bit, - right_control_bit, - weight: W::decode_with_param(weight_parameter, bytes)?, + ctrl_left, + ctrl_right, + weight, + proof, }) } - let mut cs = Vec::::with_capacity(*bits); - for _ in 0..*bits { - let mut proof = [0u8; VIDPF_PROOF_SIZE]; - bytes.read_exact(&mut proof)?; - cs.push(proof); - } - Ok(Self { cw, cs }) + Ok(Self { cw }) } } -/// Vidpf evaluation state -/// -/// Contains the values produced during input evaluation at a given level. +/// VIDPF evaluation state. #[derive(Debug)] -pub struct VidpfEvalState { +pub(crate) struct VidpfEvalState { seed: VidpfSeed, control_bit: Choice, - proof: VidpfProof, + node_proof: VidpfProof, } impl VidpfEvalState { @@ -618,38 +570,24 @@ impl VidpfEvalState { Self { seed: key.0, control_bit: Choice::from(id), - proof: VidpfProof::default(), + node_proof: VidpfProof::default(), } } } -/// Vidpf evaluation cache -/// -/// Contains the values produced during input evaluation at a given level. +/// Result of VIDPF evaluation. #[derive(Debug)] -pub struct VidpfEvalCache { +pub(crate) struct VidpfEvalResult { state: VidpfEvalState, share: W, } -impl VidpfEvalCache { - fn to_share(&self) -> VidpfValueShare { - VidpfValueShare:: { - share: self.share.clone(), - proof: self.state.proof, - } +impl VidpfEvalResult { + fn to_share(&self) -> W { + self.share.clone() } } -/// Contains a share of the input's weight together with a proof for verification. -pub struct VidpfValueShare { - /// Secret share of the input's weight. - pub share: W, - /// Proof used to verify the share. - pub proof: VidpfProof, -} - -/// Proof size in bytes. const VIDPF_PROOF_SIZE: usize = 32; const VIDPF_SEED_SIZE: usize = 16; @@ -669,12 +607,12 @@ fn conditional_xor_proof(mut lhs: VidpfProof, rhs: &VidpfProof, choice: Choice) /// Feeds a pseudorandom generator during evaluation. type VidpfSeed = [u8; VIDPF_SEED_SIZE]; -/// Contains the seeds and control bits produced by [`Vidpf::prg`]. -struct VidpfPrgOutput { - left_seed: VidpfSeed, - left_control_bit: Choice, - right_seed: VidpfSeed, - right_control_bit: Choice, +/// Output of [`extend()`](Vidpf::extend). +struct ExtendedSeed { + seed_left: VidpfSeed, + ctrl_left: Choice, + seed_right: VidpfSeed, + ctrl_right: Choice, } /// Represents an array of field elements that implements the [`VidpfValue`] trait. @@ -813,6 +751,24 @@ impl ParameterizedDecode<::ValueParameter> f } } +#[derive(Copy, Clone)] +struct VidpfEvalIndex<'a> { + bit: Choice, + input: &'a VidpfInput, + level: u16, +} + +impl VidpfInput { + fn index_iter(&self) -> Result>, VidpfError> { + let n = u16::try_from(self.len()).map_err(|_| VidpfError::InputTooLong)?; + Ok((0..n).zip(self.iter()).map(|(level, bit)| VidpfEvalIndex { + bit: Choice::from(u8::from(bit)), + input: self, + level, + })) + } +} + #[cfg(test)] mod tests { @@ -831,7 +787,7 @@ mod tests { codec::{Encode, ParameterizedDecode}, idpf::IdpfValue, vidpf::{ - Vidpf, VidpfEvalCache, VidpfEvalState, VidpfInput, VidpfKey, VidpfPublicShare, + Vidpf, VidpfEvalResult, VidpfEvalState, VidpfInput, VidpfKey, VidpfPublicShare, VidpfServerId, }, }; @@ -859,7 +815,7 @@ mod tests { input: &VidpfInput, weight: &TestWeight, ) -> ( - Vidpf, + Vidpf, VidpfPublicShare, [VidpfKey; 2], [u8; TEST_NONCE_SIZE], @@ -875,43 +831,37 @@ mod tests { let weight = TestWeight::from(vec![21.into(), 22.into(), 23.into()]); let (vidpf, public, [key_0, key_1], nonce) = vidpf_gen_setup(&input, &weight); - let value_share_0 = vidpf + let (value_share_0, onehot_proof_0) = vidpf .eval(VidpfServerId::S0, &key_0, &public, &input, &nonce) .unwrap(); - let value_share_1 = vidpf + let (value_share_1, onehot_proof_1) = vidpf .eval(VidpfServerId::S1, &key_1, &public, &input, &nonce) .unwrap(); assert_eq!( - value_share_0.share + value_share_1.share, + value_share_0 + value_share_1, weight, "shares must add up to the expected weight", ); - assert_eq!( - value_share_0.proof, value_share_1.proof, - "proofs must be equal" - ); + assert_eq!(onehot_proof_0, onehot_proof_1, "proofs must be equal"); let bad_input = VidpfInput::from_bytes(&[0x00]); let zero = TestWeight::zero(&TEST_WEIGHT_LEN); - let value_share_0 = vidpf + let (value_share_0, onehot_proof_0) = vidpf .eval(VidpfServerId::S0, &key_0, &public, &bad_input, &nonce) .unwrap(); - let value_share_1 = vidpf + let (value_share_1, onehot_proof_1) = vidpf .eval(VidpfServerId::S1, &key_1, &public, &bad_input, &nonce) .unwrap(); assert_eq!( - value_share_0.share + value_share_1.share, + value_share_0 + value_share_1, zero, "shares must add up to zero", ); - assert_eq!( - value_share_0.proof, value_share_1.proof, - "proofs must be equal" - ); + assert_eq!(onehot_proof_0, onehot_proof_1, "proofs must be equal"); } #[test] @@ -929,39 +879,35 @@ mod tests { } fn assert_eval_at_each_level( - vidpf: &Vidpf, + vidpf: &Vidpf, [key_0, key_1]: &[VidpfKey; 2], public: &VidpfPublicShare, input: &VidpfInput, weight: &TestWeight, - nonce: &[u8; TEST_NONCE_SIZE], + nonce: &[u8], ) { let mut state_0 = VidpfEvalState::init_from_key(VidpfServerId::S0, key_0); let mut state_1 = VidpfEvalState::init_from_key(VidpfServerId::S1, key_1); - let n = input.len(); - for level in 0..n { - let share_0; - let share_1; - (state_0, share_0) = vidpf - .eval_next(VidpfServerId::S0, public, input, level, &state_0, nonce) - .unwrap(); - (state_1, share_1) = vidpf - .eval_next(VidpfServerId::S1, public, input, level, &state_1, nonce) - .unwrap(); + for (idx, cw) in input.index_iter().unwrap().zip(public.cw.iter()) { + let r0 = vidpf.eval_next(cw, idx, &state_0, nonce); + let r1 = vidpf.eval_next(cw, idx, &state_1, nonce); assert_eq!( - share_0 + share_1, + r0.share - r1.share, *weight, "shares must add up to the expected weight at the current level: {:?}", - level + idx.level ); assert_eq!( - state_0.proof, state_1.proof, + r0.state.node_proof, r1.state.node_proof, "proofs must be equal at the current level: {:?}", - level + idx.level ); + + state_0 = r0.state; + state_1 = r1.state; } } @@ -977,14 +923,14 @@ mod tests { /// Ensures that VIDPF outputs match regardless of whether the path to /// each node is recomputed or cached during evaluation. fn test_equivalence_of_eval_with_caching( - vidpf: &Vidpf, + vidpf: &Vidpf, [key_0, key_1]: &[VidpfKey; 2], public: &VidpfPublicShare, input: &VidpfInput, - nonce: &[u8; TEST_NONCE_SIZE], + nonce: &[u8], ) { - let mut cache_tree_0 = BinaryTree::>::default(); - let mut cache_tree_1 = BinaryTree::>::default(); + let mut cache_tree_0 = BinaryTree::>::default(); + let mut cache_tree_1 = BinaryTree::>::default(); let n = input.len(); for level in 0..n { @@ -1028,25 +974,25 @@ mod tests { .unwrap(); assert_eq!( - val_share_0.share, val_share_0_cached.share, + val_share_0, val_share_0_cached, "shares must be computed equally with or without caching: {:?}", level ); assert_eq!( - val_share_1.share, val_share_1_cached.share, + val_share_1, val_share_1_cached, "shares must be computed equally with or without caching: {:?}", level ); assert_eq!( - val_share_0.proof, val_share_0_cached.proof, + val_share_0, val_share_0_cached, "proofs must be equal with or without caching: {:?}", level ); assert_eq!( - val_share_1.proof, val_share_1_cached.proof, + val_share_1, val_share_1_cached, "proofs must be equal with or without caching: {:?}", level ); From bc7448982192ceb640fd82fef724c49f75b8bbed Mon Sep 17 00:00:00 2001 From: Christopher Patton Date: Fri, 3 Jan 2025 07:34:04 -0800 Subject: [PATCH 18/20] Make Mastic feature complete (#1178) * mastic: Fix onehot check, add payload check Compute the onehot proof following a breadth-first traversal of the prefix tree. While at it, piggy-back the payload check computation on the same traversal. * mastic: Add prefix counter Add a counter to the output programmed by the VIDPF so that we can pass the right value to `decode_result()` during unsharding. Add the counter check to preparation. While at it, align some terminology with the spec. * mastic: Construct `Mastic` with a `Type` The current constructor takes an `Szk` and a `Vidpf`, which may have incompatible parameters. To Fix this, pass `Type` to the constructor and construct `Szk` and `Vidpf` ourselves. * vidpf: Remove `eval_with_cache()`, modify `eval()` Mastic uses `eval_prefix_tree_with_siblings()`. This method caches the prefix tree just like `eval_with_cache()` does, but it doesn't try to compute the onehot proof. It also concatenates the weight shares into the output shares for us. The only other use case for `eval_with_cache()` is for computing the shares of beta during sharding. Replace this code with a simpler implementation and remove `eval_with_cache()`. Finally, `eval()` can't be used to correctly compute the onehot check for Mastic. Instead, simply hash the node proofs together so that the user can check that the DPF invariant holds. This is useful primarily for testing. --- src/vdaf/mastic.rs | 338 +++++++++++++++++++++------------------- src/vidpf.rs | 375 +++++++++++++++++++-------------------------- 2 files changed, 336 insertions(+), 377 deletions(-) diff --git a/src/vdaf/mastic.rs b/src/vdaf/mastic.rs index 11ce4918c..218a4458f 100644 --- a/src/vdaf/mastic.rs +++ b/src/vdaf/mastic.rs @@ -7,10 +7,10 @@ use crate::{ bt::BinaryTree, codec::{CodecError, Decode, Encode, ParameterizedDecode}, - field::{decode_fieldvec, FieldElement}, + field::{decode_fieldvec, FieldElement, FieldElementWithInteger}, flp::{ szk::{Szk, SzkJointShare, SzkProofShare, SzkQueryShare, SzkQueryState}, - FlpError, Type, + Type, }, vdaf::{ poplar1::{Poplar1, Poplar1AggregationParam}, @@ -19,18 +19,17 @@ use crate::{ PrepareTransition, Vdaf, VdafError, }, vidpf::{ - Vidpf, VidpfError, VidpfEvalResult, VidpfInput, VidpfKey, VidpfPublicShare, VidpfServerId, - VidpfWeight, + xor_proof, Vidpf, VidpfError, VidpfInput, VidpfKey, VidpfPublicShare, VidpfServerId, + VidpfWeight, ONEHOT_PROOF_INIT, }, }; -use std::fmt::Debug; use std::io::{Cursor, Read}; use std::ops::BitAnd; use std::slice::from_ref; +use std::{collections::VecDeque, fmt::Debug}; use subtle::{Choice, ConstantTimeEq}; -const DST_PATH_CHECK_BATCH: u16 = 6; const NONCE_SIZE: usize = 16; /// The main struct implementing the Mastic VDAF. @@ -43,7 +42,7 @@ where P: Xof, { algorithm_id: u32, - szk: Szk, + pub(crate) szk: Szk, pub(crate) vidpf: Vidpf>, /// The length of the private attribute associated with any input. pub(crate) bits: usize, @@ -55,12 +54,9 @@ where P: Xof, { /// Creates a new instance of Mastic, with a specific attribute length and weight type. - pub fn new( - algorithm_id: u32, - szk: Szk, - vidpf: Vidpf>, - bits: usize, - ) -> Self { + pub fn new(algorithm_id: u32, typ: T, bits: usize) -> Self { + let vidpf = Vidpf::new(typ.input_len() + 1); + let szk = Szk::new(typ, algorithm_id); Self { algorithm_id, szk, @@ -290,41 +286,32 @@ where { fn shard_with_random( &self, - measurement_attribute: &VidpfInput, - measurement_weight: &VidpfWeight, + alpha: &VidpfInput, + weight: &T::Measurement, nonce: &[u8; 16], vidpf_keys: [VidpfKey; 2], szk_random: [Seed; 2], joint_random_opt: Option>, ) -> Result<(::PublicShare, Vec<::InputShare>), VdafError> { + // The output with which we program the VIDPF is a counter and the encoded measurement. + let mut beta = VidpfWeight(self.szk.typ.encode_measurement(weight)?); + beta.0.insert(0, T::Field::one()); + // Compute the measurement shares for each aggregator by generating VIDPF // keys for the measurement and evaluating each of them. - let public_share = self.vidpf.gen_with_keys( - &vidpf_keys, - measurement_attribute, - measurement_weight, - nonce, - )?; + let public_share = self.vidpf.gen_with_keys(&vidpf_keys, alpha, &beta, nonce)?; - let leader_measurement_share = self.vidpf.eval_root( - VidpfServerId::S0, - &vidpf_keys[0], - &public_share, - &mut BinaryTree::default(), - nonce, - )?; - let helper_measurement_share = self.vidpf.eval_root( - VidpfServerId::S1, - &vidpf_keys[1], - &public_share, - &mut BinaryTree::default(), - nonce, - )?; + let leader_beta_share = + self.vidpf + .get_beta_share(VidpfServerId::S0, &public_share, &vidpf_keys[0], nonce)?; + let helper_beta_share = + self.vidpf + .get_beta_share(VidpfServerId::S1, &public_share, &vidpf_keys[1], nonce)?; let [leader_szk_proof_share, helper_szk_proof_share] = self.szk.prove( - leader_measurement_share.as_ref(), - helper_measurement_share.as_ref(), - measurement_weight.as_ref(), + &leader_beta_share.as_ref()[1..], + &helper_beta_share.as_ref()[1..], + &beta.as_ref()[1..], szk_random, joint_random_opt, nonce, @@ -340,15 +327,6 @@ where }; Ok((public_share, vec![leader_share, helper_share])) } - - fn encode_measurement( - &self, - measurement: &T::Measurement, - ) -> Result, VdafError> { - Ok(VidpfWeight::::from( - self.szk.typ.encode_measurement(measurement)?, - )) - } } impl Client<16> for Mastic @@ -359,10 +337,10 @@ where fn shard( &self, _ctx: &[u8], - (attribute, weight): &(VidpfInput, T::Measurement), + (input, weight): &(VidpfInput, T::Measurement), nonce: &[u8; 16], ) -> Result<(Self::PublicShare, Vec), VdafError> { - if attribute.len() != self.bits { + if input.len() != self.bits { return Err(VdafError::Vidpf(VidpfError::InvalidAttributeLength)); } @@ -374,15 +352,9 @@ where }; let szk_random = [Seed::generate()?, Seed::generate()?]; - let encoded_measurement = self.encode_measurement(weight)?; - if encoded_measurement.as_ref().len() != self.vidpf.weight_parameter { - return Err(VdafError::Uncategorized( - "encoded_measurement is the wrong length".to_string(), - )); - } self.shard_with_random( - attribute, - &encoded_measurement, + input, + weight, nonce, vidpf_keys, szk_random, @@ -413,7 +385,7 @@ pub struct MasticPrepareState { #[derive(Clone, Debug)] pub struct MasticPrepareShare { /// [`Vidpf`] evaluation proof, which guarantees one-hotness and payload consistency. - vidpf_proof: Seed, + eval_proof: Seed, /// If [`Szk`]` verification of the root weight is needed, a verification message. szk_query_share_opt: Option>, @@ -421,7 +393,7 @@ pub struct MasticPrepareShare { impl Encode for MasticPrepareShare { fn encode(&self, bytes: &mut Vec) -> Result<(), CodecError> { - self.vidpf_proof.encode(bytes)?; + self.eval_proof.encode(bytes)?; match &self.szk_query_share_opt { Some(query_share) => query_share.encode(bytes), None => Ok(()), @@ -430,7 +402,7 @@ impl Encode for MasticPrepareShare Option { Some( - self.vidpf_proof.encoded_len()? + self.eval_proof.encoded_len()? + match &self.szk_query_share_opt { Some(query_share) => query_share.encoded_len()?, None => 0, @@ -446,7 +418,7 @@ impl ParameterizedDecode, bytes: &mut Cursor<&[u8]>, ) -> Result { - let vidpf_proof = Seed::decode(bytes)?; + let eval_proof = Seed::decode(bytes)?; let requires_joint_rand = prep_state.szk_query_state.is_some(); let szk_query_share_opt = prep_state .verifier_len @@ -458,7 +430,7 @@ impl ParameterizedDecode::with_capacity( - self.vidpf.weight_parameter * agg_param.level_and_prefixes.prefixes().len(), - ); - let mut cache_tree = BinaryTree::>>::default(); - for prefix in agg_param.level_and_prefixes.prefixes() { - let (VidpfWeight(mut weight_share), onehot_proof_for_prefix) = - self.vidpf.eval_with_cache( - id, - &input_share.vidpf_key, - public_share, - prefix, - &mut cache_tree, - nonce, - )?; - eval_proof.update(&onehot_proof_for_prefix); - output_shares.append(&mut weight_share); - } + let prefixes = agg_param.level_and_prefixes.prefixes(); + + let mut prefix_tree = BinaryTree::default(); + let out_shares = self.vidpf.eval_prefix_tree_with_siblings( + id, + public_share, + &input_share.vidpf_key, + nonce, + prefixes, + &mut prefix_tree, + )?; + + let root = prefix_tree.root.as_ref().unwrap(); + + // Onehot and payload checks + let (payload_check, onehot_proof) = { + let mut payload_check_xof = P::init(&[0; SEED_SIZE], b""); + let mut payload_check_buf = Vec::with_capacity(T::Field::ENCODED_SIZE); + let mut onehot_proof = ONEHOT_PROOF_INIT; + + // Traverse the prefix tree breadth-first. + // + // TODO spec: Adjust the onehot proof computation accordingly so that we always + // traverse the left node then the right node. Currently we visit the on-path child + // then its sibling. + let mut q = VecDeque::with_capacity(100); + q.push_back(root.left.as_ref().unwrap()); + q.push_back(root.right.as_ref().unwrap()); + while let Some(node) = q.pop_front() { + // Update onehot proof. + onehot_proof = xor_proof( + onehot_proof, + &Vidpf::>::hash_proof(xor_proof( + onehot_proof, + &node.value.state.node_proof, + )), + ); + + // Update payload check. + if let (Some(left), Some(right)) = (node.left.as_ref(), node.right.as_ref()) { + for (w, (w_left, w_right)) in node + .value + .share + .0 + .iter() + .zip(left.value.share.0.iter().zip(right.value.share.0.iter())) + { + (*w - (*w_left + *w_right)) + .encode(&mut payload_check_buf) + .unwrap(); + payload_check_xof.update(&payload_check_buf); + payload_check_buf.clear(); + } + + q.push_back(left); + q.push_back(right); + } + } + + // TODO spec: Pre-hash the payload check. + let payload_check = payload_check_xof.into_seed().0; + + (payload_check, onehot_proof) + }; + + // Counter check. + let counter_check = { + let c_left = &root.left.as_ref().unwrap().value.share.0[0]; + let c_right = &root.right.as_ref().unwrap().value.share.0[0]; + let mut c = *c_left + *c_right; + if id == VidpfServerId::S1 { + c += T::Field::one(); + } + c.get_encoded().unwrap() + }; + + let eval_proof = { + let mut eval_proof_xof = P::init(&[0; SEED_SIZE], b""); + eval_proof_xof.update(&onehot_proof); + eval_proof_xof.update(&payload_check); + eval_proof_xof.update(&counter_check); + eval_proof_xof.into_seed() + }; Ok(if agg_param.require_weight_check { - let MasticInputShare { - vidpf_key, - proof_share, - } = input_share; - let root_share = + // Range check. + let VidpfWeight(beta_share) = self.vidpf - .eval_root(id, vidpf_key, public_share, &mut cache_tree, nonce)?; - let (szk_query_share, szk_query_state) = - self.szk - .query(root_share.as_ref(), proof_share, verify_key, nonce)?; + .get_beta_share(id, public_share, &input_share.vidpf_key, nonce)?; + let (szk_query_share, szk_query_state) = self.szk.query( + &beta_share[1..], + &input_share.proof_share, + verify_key, + nonce, + )?; + let verifier_len = szk_query_share.flp_verifier.len(); ( MasticPrepareState { - output_shares: MasticOutputShare::::from(output_shares), + output_shares: MasticOutputShare::from(out_shares), szk_query_state, verifier_len: Some(verifier_len), }, MasticPrepareShare { - vidpf_proof: eval_proof.into_seed(), + eval_proof, szk_query_share_opt: Some(szk_query_share), }, ) } else { ( MasticPrepareState { - output_shares: MasticOutputShare::::from(output_shares), + output_shares: MasticOutputShare::from(out_shares), szk_query_state: None, verifier_len: None, }, MasticPrepareShare { - vidpf_proof: eval_proof.into_seed(), + eval_proof, szk_query_share_opt: None, }, ) @@ -611,7 +646,7 @@ where "Received more than two prepare shares".to_string(), )); }; - if leader_share.vidpf_proof != helper_share.vidpf_proof { + if leader_share.eval_proof != helper_share.eval_proof { return Err(VdafError::Uncategorized( "Vidpf proof verification failed".to_string(), )); @@ -678,27 +713,38 @@ where _num_measurements: usize, ) -> Result { let num_prefixes = agg_param.level_and_prefixes.prefixes().len(); - let mut agg_final = MasticAggregateShare::::from(vec![ - T::Field::zero(); - self.vidpf.weight_parameter - * num_prefixes - ]); - for agg_share in agg_shares.into_iter() { - agg_final.merge(&agg_share)?; + + let AggregateShare(agg) = agg_shares.into_iter().try_fold( + AggregateShare(vec![ + T::Field::zero(); + num_prefixes * self.vidpf.weight_parameter + ]), + |mut agg, agg_share| { + agg.merge(&agg_share)?; + Result::<_, VdafError>::Ok(agg) + }, + )?; + + let mut result = Vec::with_capacity(num_prefixes); + for agg_for_prefix in agg.chunks(self.vidpf.weight_parameter) { + let encoded_agg_result = agg_for_prefix[1..].to_vec(); + let num_measurements = agg_for_prefix[0]; + let num_measurements = + ::Integer::from(num_measurements); + let num_measurements: u64 = num_measurements.try_into().map_err(|e| { + VdafError::Uncategorized(format!("failed to convert num_measurements to u64: {e}")) + })?; + let num_measurements = usize::try_from(num_measurements).map_err(|e| { + VdafError::Uncategorized(format!( + "failed to convert num_measurements to usize: {e}" + )) + })?; + result.push(self.szk.typ.decode_result( + &self.szk.typ.truncate(encoded_agg_result)?, + num_measurements, + )?); } - let mut iter = agg_final - .0 - .chunks(self.vidpf.weight_parameter) - .take(num_prefixes); - let mut result = Vec::::with_capacity(num_prefixes); - iter.try_for_each(|encoded_result| -> Result<(), FlpError> { - result.push( - self.szk - .typ - .decode_result(&self.szk.typ.truncate(encoded_result.to_vec())?[..], 1)?, - ); - Ok(()) - })?; + Ok(result) } } @@ -706,10 +752,11 @@ where #[cfg(test)] mod tests { use super::*; - use crate::field::Field128; + use crate::field::{Field128, Field64}; use crate::flp::gadgets::{Mul, ParallelSum}; use crate::flp::types::{Count, Sum, SumVec}; use crate::vdaf::test_utils::run_vdaf; + use crate::vdaf::xof::XofTurboShake128; use rand::{thread_rng, Rng}; const CTX_STR: &[u8] = b"mastic ctx"; @@ -719,10 +766,7 @@ mod tests { let algorithm_id = 6; let max_measurement = 29; let sum_typ = Sum::::new(max_measurement).unwrap(); - let encoded_meas_len = sum_typ.input_len(); - - let sum_szk = Szk::new_turboshake128(sum_typ, algorithm_id); - let sum_vidpf = Vidpf::>::new(encoded_meas_len); + let mastic = Mastic::<_, XofTurboShake128, 32>::new(algorithm_id, sum_typ, 32); let mut nonce = [0u8; 16]; let mut verify_key = [0u8; 16]; @@ -742,7 +786,6 @@ mod tests { VidpfInput::from_bools(&[true]), ]; - let mastic = Mastic::new(algorithm_id, sum_szk, sum_vidpf, 32); let first_agg_param = MasticAggregationParam::new(three_prefixes.clone(), true).unwrap(); let second_agg_param = MasticAggregationParam::new(individual_prefixes, true).unwrap(); let third_agg_param = MasticAggregationParam::new(three_prefixes, false).unwrap(); @@ -804,10 +847,7 @@ mod tests { let algorithm_id = 6; let max_measurement = 29; let sum_typ = Sum::::new(max_measurement).unwrap(); - let encoded_meas_len = sum_typ.input_len(); - - let sum_szk = Szk::new_turboshake128(sum_typ, algorithm_id); - let sum_vidpf = Vidpf::>::new(encoded_meas_len); + let mastic = Mastic::<_, XofTurboShake128, 32>::new(algorithm_id, sum_typ, 32); let mut nonce = [0u8; 16]; let mut verify_key = [0u8; 16]; @@ -816,7 +856,6 @@ mod tests { let first_input = VidpfInput::from_bytes(&[15u8, 0u8, 1u8, 4u8][..]); - let mastic = Mastic::new(algorithm_id, sum_szk, sum_vidpf, 32); let (_, input_shares) = mastic .shard(CTX_STR, &(first_input, 26u128), &nonce) .unwrap(); @@ -861,9 +900,7 @@ mod tests { let algorithm_id = 6; let max_measurement = 29; let sum_typ = Sum::::new(max_measurement).unwrap(); - let encoded_meas_len = sum_typ.input_len(); - let sum_szk = Szk::new_turboshake128(sum_typ, algorithm_id); - let sum_vidpf = Vidpf::>::new(encoded_meas_len); + let mastic = Mastic::<_, XofTurboShake128, 32>::new(algorithm_id, sum_typ, 32); let mut nonce = [0u8; 16]; let mut verify_key = [0u8; 16]; @@ -872,7 +909,6 @@ mod tests { let first_input = VidpfInput::from_bytes(&[15u8, 0u8, 1u8, 4u8][..]); - let mastic = Mastic::new(algorithm_id, sum_szk, sum_vidpf, 32); let (public, _) = mastic .shard(CTX_STR, &(first_input, 4u128), &nonce) .unwrap(); @@ -887,8 +923,7 @@ mod tests { fn test_mastic_count() { let algorithm_id = 6; let count = Count::::new(); - let szk = Szk::new_turboshake128(count, algorithm_id); - let sum_vidpf = Vidpf::>::new(1); + let mastic = Mastic::<_, XofTurboShake128, 32>::new(algorithm_id, count, 32); let mut nonce = [0u8; 16]; let mut verify_key = [0u8; 16]; @@ -907,7 +942,6 @@ mod tests { VidpfInput::from_bools(&[false]), VidpfInput::from_bools(&[true]), ]; - let mastic = Mastic::new(algorithm_id, szk, sum_vidpf, 32); let first_agg_param = MasticAggregationParam::new(three_prefixes.clone(), true).unwrap(); let second_agg_param = MasticAggregationParam::new(individual_prefixes, true).unwrap(); let third_agg_param = MasticAggregationParam::new(three_prefixes, false).unwrap(); @@ -967,9 +1001,8 @@ mod tests { #[test] fn test_public_share_encoded_len() { let algorithm_id = 6; - let count = Count::::new(); - let szk = Szk::new_turboshake128(count, algorithm_id); - let sum_vidpf = Vidpf::>::new(1); + let count = Count::::new(); + let mastic = Mastic::<_, XofTurboShake128, 32>::new(algorithm_id, count, 32); let mut nonce = [0u8; 16]; let mut verify_key = [0u8; 16]; @@ -977,7 +1010,6 @@ mod tests { thread_rng().fill(&mut nonce[..]); let first_input = VidpfInput::from_bytes(&[15u8, 0u8, 1u8, 4u8][..]); - let mastic = Mastic::new(algorithm_id, szk, sum_vidpf, 32); let (public, _) = mastic.shard(CTX_STR, &(first_input, true), &nonce).unwrap(); assert_eq!( @@ -989,9 +1021,8 @@ mod tests { #[test] fn test_public_share_roundtrip_count() { let algorithm_id = 6; - let count = Count::::new(); - let szk = Szk::new_turboshake128(count, algorithm_id); - let sum_vidpf = Vidpf::>::new(1); + let count = Count::::new(); + let mastic = Mastic::<_, XofTurboShake128, 32>::new(algorithm_id, count, 32); let mut nonce = [0u8; 16]; let mut verify_key = [0u8; 16]; @@ -1000,7 +1031,6 @@ mod tests { let first_input = VidpfInput::from_bytes(&[15u8, 0u8, 1u8, 4u8][..]); - let mastic = Mastic::new(algorithm_id, szk, sum_vidpf, 32); let (public, _) = mastic.shard(CTX_STR, &(first_input, true), &nonce).unwrap(); let encoded_public = public.get_encoded().unwrap(); @@ -1014,8 +1044,7 @@ mod tests { let algorithm_id = 6; let sumvec = SumVec::>>::new(5, 3, 3).unwrap(); - let szk = Szk::new_turboshake128(sumvec, algorithm_id); - let sum_vidpf = Vidpf::>::new(15); + let mastic = Mastic::<_, XofTurboShake128, 32>::new(algorithm_id, sumvec, 32); let mut nonce = [0u8; 16]; let mut verify_key = [0u8; 16]; @@ -1045,7 +1074,6 @@ mod tests { ]; let first_agg_param = MasticAggregationParam::new(three_prefixes.clone(), true).unwrap(); let second_agg_param = MasticAggregationParam::new(individual_prefixes, true).unwrap(); - let mastic = Mastic::new(algorithm_id, szk, sum_vidpf, 32); let third_agg_param = MasticAggregationParam::new(three_prefixes, false).unwrap(); assert_eq!( @@ -1106,8 +1134,7 @@ mod tests { let sumvec = SumVec::>>::new(5, 3, 3).unwrap(); let measurement = vec![1, 16, 0]; - let szk = Szk::new_turboshake128(sumvec, algorithm_id); - let sum_vidpf = Vidpf::>::new(15); + let mastic = Mastic::<_, XofTurboShake128, 32>::new(algorithm_id, sumvec, 32); let mut nonce = [0u8; 16]; let mut verify_key = [0u8; 16]; @@ -1116,7 +1143,6 @@ mod tests { let first_input = VidpfInput::from_bytes(&[15u8, 0u8, 1u8, 4u8][..]); - let mastic = Mastic::new(algorithm_id, szk, sum_vidpf, 32); let (_public, input_shares) = mastic .shard(CTX_STR, &(first_input, measurement), &nonce) .unwrap(); @@ -1139,8 +1165,7 @@ mod tests { let sumvec = SumVec::>>::new(5, 3, 3).unwrap(); let measurement = vec![1, 16, 0]; - let szk = Szk::new_turboshake128(sumvec, algorithm_id); - let sum_vidpf = Vidpf::>::new(15); + let mastic = Mastic::<_, XofTurboShake128, 32>::new(algorithm_id, sumvec, 32); let mut nonce = [0u8; 16]; let mut verify_key = [0u8; 16]; @@ -1149,7 +1174,6 @@ mod tests { let first_input = VidpfInput::from_bytes(&[15u8, 0u8, 1u8, 4u8][..]); - let mastic = Mastic::new(algorithm_id, szk, sum_vidpf, 32); let (_public, input_shares) = mastic .shard(CTX_STR, &(first_input, measurement), &nonce) .unwrap(); @@ -1174,8 +1198,7 @@ mod tests { let sumvec = SumVec::>>::new(5, 3, 3).unwrap(); let measurement = vec![1, 16, 0]; - let szk = Szk::new_turboshake128(sumvec, algorithm_id); - let sum_vidpf = Vidpf::>::new(15); + let mastic = Mastic::<_, XofTurboShake128, 32>::new(algorithm_id, sumvec, 32); let mut nonce = [0u8; 16]; let mut verify_key = [0u8; 16]; @@ -1184,7 +1207,6 @@ mod tests { let first_input = VidpfInput::from_bytes(&[15u8, 0u8, 1u8, 4u8][..]); - let mastic = Mastic::new(algorithm_id, szk, sum_vidpf, 32); let (public, _) = mastic .shard(CTX_STR, &(first_input, measurement), &nonce) .unwrap(); @@ -1201,8 +1223,7 @@ mod tests { let sumvec = SumVec::>>::new(5, 3, 3).unwrap(); let measurement = vec![1, 16, 0]; - let szk = Szk::new_turboshake128(sumvec, algorithm_id); - let sum_vidpf = Vidpf::>::new(15); + let mastic = Mastic::<_, XofTurboShake128, 32>::new(algorithm_id, sumvec, 32); let mut nonce = [0u8; 16]; let mut verify_key = [0u8; 16]; @@ -1211,7 +1232,6 @@ mod tests { let first_input = VidpfInput::from_bytes(&[15u8, 0u8, 1u8, 4u8][..]); - let mastic = Mastic::new(algorithm_id, szk, sum_vidpf, 32); let (public, _) = mastic .shard(CTX_STR, &(first_input, measurement), &nonce) .unwrap(); diff --git a/src/vidpf.rs b/src/vidpf.rs index 540b85c08..7ffc5165e 100644 --- a/src/vidpf.rs +++ b/src/vidpf.rs @@ -29,7 +29,7 @@ use crate::{ vdaf::xof::{Seed, Xof, XofFixedKeyAes128, XofTurboShake128}, }; -const ONEHOT_PROOF_INIT: [u8; VIDPF_PROOF_SIZE] = [ +pub(crate) const ONEHOT_PROOF_INIT: [u8; VIDPF_PROOF_SIZE] = [ 186, 76, 128, 104, 116, 50, 149, 133, 2, 164, 82, 118, 128, 155, 163, 239, 117, 95, 162, 196, 173, 31, 244, 180, 171, 86, 176, 209, 12, 221, 28, 204, ]; @@ -123,7 +123,9 @@ impl Vidpf { ]; let mut cw = Vec::with_capacity(input.len()); - for VidpfEvalIndex { bit, input, level } in input.index_iter()? { + for idx in input.index_iter()? { + let bit = idx.bit; + // Extend. let e = [Self::extend(&seed[0], nonce), Self::extend(&seed[1], nonce)]; @@ -160,10 +162,7 @@ impl Vidpf { cw_weight.conditional_negate(ctrl[1]); // Compute the correction word node proof. - let cw_proof = xor_proof( - Self::node_proof(input, level, &seed[0]), - &Self::node_proof(input, level, &seed[1]), - ); + let cw_proof = xor_proof(idx.node_proof(&seed[0]), &idx.node_proof(&seed[1])); cw.push(VidpfCorrectionWord { seed: cw_seed, @@ -177,7 +176,9 @@ impl Vidpf { Ok(VidpfPublicShare { cw }) } - /// Evaluate a given VIDPF (comprised of the key and public share) at a given input. + /// Evaluate a given VIDPF (comprised of the key and public share) at a given prefix. Return + /// the weight for that prefix along with a hash of the node proofs along the path from the + /// root to the prefix. pub fn eval( &self, id: VidpfServerId, @@ -186,6 +187,8 @@ impl Vidpf { input: &VidpfInput, nonce: &[u8], ) -> Result<(W, VidpfProof), VidpfError> { + use sha3::{Digest, Sha3_256}; + let mut r = VidpfEvalResult { state: VidpfEvalState::init_from_key(id, key), share: W::zero(&self.weight_parameter), // not used @@ -195,73 +198,15 @@ impl Vidpf { return Err(VidpfError::InvalidAttributeLength); } - let mut onehot_proof = ONEHOT_PROOF_INIT; + let mut hash = Sha3_256::new(); for (idx, cw) in input.index_iter()?.zip(public.cw.iter()) { r = self.eval_next(cw, idx, &r.state, nonce); - onehot_proof = xor_proof( - onehot_proof, - &Self::hash_proof(xor_proof(onehot_proof, &r.state.node_proof)), - ); + hash.update(r.state.node_proof); } let mut weight = r.share; weight.conditional_negate(Choice::from(id)); - Ok((weight, onehot_proof)) - } - - /// Evaluates the entire `input` and produces a share of the - /// input's weight. It reuses computation from previous levels available in the - /// cache. - pub(crate) fn eval_with_cache( - &self, - id: VidpfServerId, - key: &VidpfKey, - public: &VidpfPublicShare, - input: &VidpfInput, - cache_tree: &mut BinaryTree>, - nonce: &[u8], - ) -> Result<(W, VidpfProof), VidpfError> { - if input.len() > public.cw.len() { - return Err(VidpfError::InvalidAttributeLength); - } - - let mut sub_tree = cache_tree.root.get_or_insert_with(|| { - Box::new(Node::new(VidpfEvalResult { - state: VidpfEvalState::init_from_key(id, key), - share: W::zero(&self.weight_parameter), // not used - })) - }); - - let mut onehot_proof = ONEHOT_PROOF_INIT; - for (idx, cw) in input.index_iter()?.zip(public.cw.iter()) { - sub_tree = if idx.bit.unwrap_u8() == 0 { - sub_tree.left.get_or_insert_with(|| { - Box::new(Node::new(self.eval_next( - cw, - idx, - &sub_tree.value.state, - nonce, - ))) - }) - } else { - sub_tree.right.get_or_insert_with(|| { - Box::new(Node::new(self.eval_next( - cw, - idx, - &sub_tree.value.state, - nonce, - ))) - }) - }; - onehot_proof = xor_proof( - onehot_proof, - &Self::hash_proof(xor_proof(onehot_proof, &sub_tree.value.state.node_proof)), - ); - } - - let mut weight = sub_tree.value.to_share(); - weight.conditional_negate(Choice::from(id)); - Ok((weight, onehot_proof)) + Ok((weight, hash.finalize().into())) } /// Evaluates the `input` at the given level using the provided initial @@ -269,10 +214,12 @@ impl Vidpf { fn eval_next( &self, cw: &VidpfCorrectionWord, - VidpfEvalIndex { bit, input, level }: VidpfEvalIndex<'_>, + idx: VidpfEvalIndex<'_>, state: &VidpfEvalState, nonce: &[u8], ) -> VidpfEvalResult { + let bit = idx.bit; + // Extend. let e = Self::extend(&state.seed, nonce); @@ -296,11 +243,7 @@ impl Vidpf { weight += w; // Compute and correct the node proof. - let node_proof = conditional_xor_proof( - Self::node_proof(input, level, &next_seed), - &cw.proof, - next_ctrl, - ); + let node_proof = conditional_xor_proof(idx.node_proof(&next_seed), &cw.proof, next_ctrl); let next_state = VidpfEvalState { seed: next_seed, @@ -314,32 +257,31 @@ impl Vidpf { } } - pub(crate) fn eval_root( + pub(crate) fn get_beta_share( &self, id: VidpfServerId, + public: &VidpfPublicShare, key: &VidpfKey, - public_share: &VidpfPublicShare, - cache_tree: &mut BinaryTree>, nonce: &[u8], ) -> Result { - let (weight_share_left, _onehot_proof_left) = self.eval_with_cache( - id, - key, - public_share, - &VidpfInput::from_bools(&[false]), - cache_tree, - nonce, - )?; - - let (weight_share_right, _onehot_proof_right) = self.eval_with_cache( - id, - key, - public_share, - &VidpfInput::from_bools(&[true]), - cache_tree, - nonce, - )?; + let cw = public.cw.first().ok_or(VidpfError::InputTooLong)?; + + let state = VidpfEvalState::init_from_key(id, key); + let input_left = VidpfInput::from_bools(&[false]); + let idx_left = VidpfEvalIndex::try_from_input(&input_left)?; + + let VidpfEvalResult { + state: _, + share: mut weight_share_left, + } = self.eval_next(cw, idx_left, &state, nonce); + + let VidpfEvalResult { + state: _, + share: mut weight_share_right, + } = self.eval_next(cw, idx_left.right_sibling(), &state, nonce); + weight_share_left.conditional_negate(Choice::from(id)); + weight_share_right.conditional_negate(Choice::from(id)); Ok(weight_share_left + weight_share_right) } @@ -377,26 +319,7 @@ impl Vidpf { (out_seed, value) } - fn node_proof(input: &VidpfInput, level: u16, seed: &VidpfSeed) -> VidpfProof { - let mut shake = XofTurboShake128::from_seed_slice(&seed[..], VidpfDomainSepTag::NODE_PROOF); - for chunk128 in input - .index(..=usize::from(level)) - .chunks(128) - .map(BitField::load_le::) - .map(u128::to_le_bytes) - { - shake.update(&chunk128); - } - shake.update(&level.to_le_bytes()); - let mut rng = shake.into_seed_stream(); - - let mut proof = VidpfProof::default(); - rng.fill_bytes(&mut proof); - - proof - } - - fn hash_proof(mut proof: VidpfProof) -> VidpfProof { + pub(crate) fn hash_proof(mut proof: VidpfProof) -> VidpfProof { let mut rng = XofTurboShake128::seed_stream( &Seed(Default::default()), VidpfDomainSepTag::NODE_PROOF_ADJUST, @@ -408,6 +331,70 @@ impl Vidpf { } } +impl Vidpf> { + /// Ensure `prefix_tree` contains the prefix tree for `prefixes`, as well as the sibling of + /// each node in the prefix tree. The return value is the weights for the prefixes + /// concatenated together. + pub(crate) fn eval_prefix_tree_with_siblings( + &self, + id: VidpfServerId, + public: &VidpfPublicShare>, + key: &VidpfKey, + nonce: &[u8], + prefixes: &[VidpfInput], + prefix_tree: &mut BinaryTree>>, + ) -> Result, VidpfError> { + let mut out_shares = Vec::with_capacity(self.weight_parameter * prefixes.len()); + + for prefix in prefixes { + if prefix.len() > public.cw.len() { + return Err(VidpfError::InvalidAttributeLength); + } + + let mut sub_tree = prefix_tree.root.get_or_insert_with(|| { + Box::new(Node::new(VidpfEvalResult { + state: VidpfEvalState::init_from_key(id, key), + share: VidpfWeight::zero(&self.weight_parameter), // not used + })) + }); + + for (idx, cw) in prefix.index_iter()?.zip(public.cw.iter()) { + let left = sub_tree.left.get_or_insert_with(|| { + Box::new(Node::new(self.eval_next( + cw, + idx.left_sibling(), + &sub_tree.value.state, + nonce, + ))) + }); + let right = sub_tree.right.get_or_insert_with(|| { + Box::new(Node::new(self.eval_next( + cw, + idx.right_sibling(), + &sub_tree.value.state, + nonce, + ))) + }); + + sub_tree = if idx.bit.unwrap_u8() == 0 { + left + } else { + right + }; + } + + out_shares.extend_from_slice(&sub_tree.value.share.0); + } + + if id == VidpfServerId::S1 { + for o in out_shares.iter_mut() { + *o = -*o; + } + } + Ok(out_shares) + } +} + /// VIDPF domain separation tag. /// /// Contains the domain separation tags for invoking different oracles. @@ -562,7 +549,7 @@ impl ParameterizedDecode<(usize, W::ValueParameter)> for VidpfPub pub(crate) struct VidpfEvalState { seed: VidpfSeed, control_bit: Choice, - node_proof: VidpfProof, + pub(crate) node_proof: VidpfProof, } impl VidpfEvalState { @@ -570,7 +557,7 @@ impl VidpfEvalState { Self { seed: key.0, control_bit: Choice::from(id), - node_proof: VidpfProof::default(), + node_proof: VidpfProof::default(), // not used } } } @@ -578,14 +565,8 @@ impl VidpfEvalState { /// Result of VIDPF evaluation. #[derive(Debug)] pub(crate) struct VidpfEvalResult { - state: VidpfEvalState, - share: W, -} - -impl VidpfEvalResult { - fn to_share(&self) -> W { - self.share.clone() - } + pub(crate) state: VidpfEvalState, + pub(crate) share: W, } const VIDPF_PROOF_SIZE: usize = 32; @@ -594,7 +575,7 @@ const VIDPF_SEED_SIZE: usize = 16; /// Allows to validate user input and shares after evaluation. type VidpfProof = [u8; VIDPF_PROOF_SIZE]; -fn xor_proof(mut lhs: VidpfProof, rhs: &VidpfProof) -> VidpfProof { +pub(crate) fn xor_proof(mut lhs: VidpfProof, rhs: &VidpfProof) -> VidpfProof { zip(&mut lhs, rhs).for_each(|(a, b)| a.bitxor_assign(b)); lhs } @@ -758,6 +739,56 @@ struct VidpfEvalIndex<'a> { level: u16, } +impl<'a> VidpfEvalIndex<'a> { + fn try_from_input(input: &'a VidpfInput) -> Result { + let level = u16::try_from(input.len()).map_err(|_| VidpfError::InputTooLong)? - 1; + let bit = Choice::from(u8::from(input.get(usize::from(level)).unwrap())); + Ok(Self { bit, input, level }) + } + + fn left_sibling(&self) -> Self { + Self { + bit: Choice::from(0), + input: self.input, + level: self.level, + } + } + + fn right_sibling(&self) -> Self { + Self { + bit: Choice::from(1), + input: self.input, + level: self.level, + } + } + + fn node_proof(&self, seed: &VidpfSeed) -> VidpfProof { + let mut xof = XofTurboShake128::from_seed_slice(&seed[..], VidpfDomainSepTag::NODE_PROOF); + xof.update(&self.level.to_le_bytes()); + + for byte in self + .input + .index(..=usize::from(self.level)) + .chunks(8) + .map(BitField::load_le::) + .enumerate() + .map(|(byte_index, mut byte)| { + // Typically `input[level] == bit` , but `bit` may be overwritten by either + // `left_sibling()` or `right_sibling()`. Adjust its value accordingly. + if byte_index == usize::from(self.level) / 8 { + let bit_index = self.level % 8; + let m = 1 << bit_index; + byte = u8::conditional_select(&(byte & !m), &(byte | m), self.bit); + } + byte + }) + { + xof.update(&[byte]); + } + xof.into_seed().0 + } +} + impl VidpfInput { fn index_iter(&self) -> Result>, VidpfError> { let n = u16::try_from(self.len()).map_err(|_| VidpfError::InputTooLong)?; @@ -783,13 +814,9 @@ mod tests { mod vidpf { use crate::{ - bt::BinaryTree, codec::{Encode, ParameterizedDecode}, idpf::IdpfValue, - vidpf::{ - Vidpf, VidpfEvalResult, VidpfEvalState, VidpfInput, VidpfKey, VidpfPublicShare, - VidpfServerId, - }, + vidpf::{Vidpf, VidpfEvalState, VidpfInput, VidpfKey, VidpfPublicShare, VidpfServerId}, }; use super::{TestWeight, TEST_NONCE, TEST_NONCE_SIZE, TEST_WEIGHT_LEN}; @@ -910,94 +937,6 @@ mod tests { state_1 = r1.state; } } - - #[test] - fn caching_at_each_level() { - let input = VidpfInput::from_bytes(&[0xFF]); - let weight = TestWeight::from(vec![21.into(), 22.into(), 23.into()]); - let (vidpf, public, keys, nonce) = vidpf_gen_setup(&input, &weight); - - test_equivalence_of_eval_with_caching(&vidpf, &keys, &public, &input, &nonce); - } - - /// Ensures that VIDPF outputs match regardless of whether the path to - /// each node is recomputed or cached during evaluation. - fn test_equivalence_of_eval_with_caching( - vidpf: &Vidpf, - [key_0, key_1]: &[VidpfKey; 2], - public: &VidpfPublicShare, - input: &VidpfInput, - nonce: &[u8], - ) { - let mut cache_tree_0 = BinaryTree::>::default(); - let mut cache_tree_1 = BinaryTree::>::default(); - - let n = input.len(); - for level in 0..n { - let val_share_0 = vidpf - .eval( - VidpfServerId::S0, - key_0, - public, - &input.prefix(level), - nonce, - ) - .unwrap(); - let val_share_1 = vidpf - .eval( - VidpfServerId::S1, - key_1, - public, - &input.prefix(level), - nonce, - ) - .unwrap(); - let val_share_0_cached = vidpf - .eval_with_cache( - VidpfServerId::S0, - key_0, - public, - &input.prefix(level), - &mut cache_tree_0, - nonce, - ) - .unwrap(); - let val_share_1_cached = vidpf - .eval_with_cache( - VidpfServerId::S1, - key_1, - public, - &input.prefix(level), - &mut cache_tree_1, - nonce, - ) - .unwrap(); - - assert_eq!( - val_share_0, val_share_0_cached, - "shares must be computed equally with or without caching: {:?}", - level - ); - - assert_eq!( - val_share_1, val_share_1_cached, - "shares must be computed equally with or without caching: {:?}", - level - ); - - assert_eq!( - val_share_0, val_share_0_cached, - "proofs must be equal with or without caching: {:?}", - level - ); - - assert_eq!( - val_share_1, val_share_1_cached, - "proofs must be equal with or without caching: {:?}", - level - ); - } - } } mod weight { From 30d4302a624129553bd4bc81c5c1af84db0562ad Mon Sep 17 00:00:00 2001 From: Christopher Patton Date: Fri, 3 Jan 2025 07:50:12 -0800 Subject: [PATCH 19/20] xof: Pass domain separation tag in parts (#1181) Modify the `Xof` trait by allowing the user to pass the domain separation tag in parts. This saves us from allocating a `Vec` in many cases. --- src/flp/szk.rs | 12 +++---- src/idpf.rs | 10 ++---- src/prng.rs | 10 +++--- src/vdaf.rs | 15 ++++----- src/vdaf/mastic.rs | 4 +-- src/vdaf/poplar1.rs | 2 +- src/vdaf/prio3.rs | 40 ++++++++++++----------- src/vdaf/xof.rs | 79 +++++++++++++++++++++++++++++---------------- src/vidpf.rs | 12 ++++--- 9 files changed, 102 insertions(+), 82 deletions(-) diff --git a/src/flp/szk.rs b/src/flp/szk.rs index 39dcbf1a8..ee3633d36 100644 --- a/src/flp/szk.rs +++ b/src/flp/szk.rs @@ -348,7 +348,7 @@ where fn derive_prove_rand(&self, prove_rand_seed: &Seed) -> Vec { P::seed_stream( prove_rand_seed, - &self.domain_separation_tag(DST_PROVE_RANDOMNESS), + &[&self.domain_separation_tag(DST_PROVE_RANDOMNESS)], &[], ) .into_field_vec(self.typ.prove_rand_len()) @@ -362,7 +362,7 @@ where ) -> Result, SzkError> { let mut xof = P::init( aggregator_blind.as_ref(), - &self.domain_separation_tag(DST_JOINT_RAND_PART), + &[&self.domain_separation_tag(DST_JOINT_RAND_PART)], ); xof.update(nonce); // Encode measurement_share (currently an array of field elements) into @@ -383,7 +383,7 @@ where ) -> Seed { let mut xof = P::init( &[0; SEED_SIZE], - &self.domain_separation_tag(DST_JOINT_RAND_SEED), + &[&self.domain_separation_tag(DST_JOINT_RAND_SEED)], ); xof.update(&leader_joint_rand_part.0); xof.update(&helper_joint_rand_part.0); @@ -399,7 +399,7 @@ where self.derive_joint_rand_seed(leader_joint_rand_part, helper_joint_rand_part); let joint_rand = P::seed_stream( &joint_rand_seed, - &self.domain_separation_tag(DST_JOINT_RANDOMNESS), + &[&self.domain_separation_tag(DST_JOINT_RANDOMNESS)], &[], ) .into_field_vec(self.typ.joint_rand_len()); @@ -410,7 +410,7 @@ where fn derive_helper_proof_share(&self, proof_share_seed: &Seed) -> Vec { Prng::from_seed_stream(P::seed_stream( proof_share_seed, - &self.domain_separation_tag(DST_PROOF_SHARE), + &[&self.domain_separation_tag(DST_PROOF_SHARE)], &[], )) .take(self.typ.proof_len()) @@ -420,7 +420,7 @@ where fn derive_query_rand(&self, verify_key: &[u8; SEED_SIZE], nonce: &[u8; 16]) -> Vec { let mut xof = P::init( verify_key, - &self.domain_separation_tag(DST_QUERY_RANDOMNESS), + &[&self.domain_separation_tag(DST_QUERY_RANDOMNESS)], ); xof.update(nonce); xof.into_seed_stream() diff --git a/src/idpf.rs b/src/idpf.rs index c38b36d92..9351df3c2 100644 --- a/src/idpf.rs +++ b/src/idpf.rs @@ -248,10 +248,7 @@ fn extend(seed: &[u8; 16], xof_mode: &XofMode<'_>) -> ([[u8; 16]; 2], [Choice; 2 seed_stream.fill_bytes(&mut seeds[1]); } XofMode::Leaf(ctx, nonce) => { - let mut dst = Vec::with_capacity(EXTEND_DOMAIN_SEP.len() + ctx.len()); - dst.extend(EXTEND_DOMAIN_SEP); - dst.extend(*ctx); - let mut xof = XofTurboShake128::from_seed_slice(seed, &dst); + let mut xof = XofTurboShake128::from_seed_slice(seed, &[EXTEND_DOMAIN_SEP, ctx]); xof.update(nonce); let mut seed_stream = xof.into_seed_stream(); seed_stream.fill_bytes(&mut seeds[0]); @@ -284,10 +281,7 @@ where (next_seed, V::generate(&mut seed_stream, parameter)) } XofMode::Leaf(ctx, nonce) => { - let mut dst = Vec::with_capacity(CONVERT_DOMAIN_SEP.len() + ctx.len()); - dst.extend(CONVERT_DOMAIN_SEP); - dst.extend(*ctx); - let mut xof = XofTurboShake128::from_seed_slice(seed, &dst); + let mut xof = XofTurboShake128::from_seed_slice(seed, &[CONVERT_DOMAIN_SEP, ctx]); xof.update(nonce); let mut seed_stream = xof.into_seed_stream(); seed_stream.fill_bytes(&mut next_seed); diff --git a/src/prng.rs b/src/prng.rs index d6009a00b..77c41657d 100644 --- a/src/prng.rs +++ b/src/prng.rs @@ -234,14 +234,14 @@ mod tests { .unwrap(); let expected = Field64::from(4857131209231097247); - let seed_stream = XofTurboShake128::seed_stream(&seed, b"", b""); + let seed_stream = XofTurboShake128::seed_stream(&seed, &[], &[]); let mut prng = Prng::::from_seed_stream(seed_stream); let actual = prng.nth(13882).unwrap(); assert_eq!(actual, expected); #[cfg(all(feature = "crypto-dependencies", feature = "experimental"))] { - let mut seed_stream = XofTurboShake128::seed_stream(&seed, b"", b""); + let mut seed_stream = XofTurboShake128::seed_stream(&seed, &[], &[]); let mut actual = ::zero(); for _ in 0..=13882 { actual = ::generate(&mut seed_stream, &()); @@ -257,11 +257,11 @@ mod tests { let seed = Seed::generate().unwrap(); let mut prng: Prng = - Prng::from_seed_stream(XofTurboShake128::seed_stream(&seed, b"", b"")); + Prng::from_seed_stream(XofTurboShake128::seed_stream(&seed, &[], &[])); // Construct a `Prng` with a longer-than-usual buffer. let mut prng_weird_buffer_size: Prng = - Prng::from_seed_stream(XofTurboShake128::seed_stream(&seed, b"", b"")); + Prng::from_seed_stream(XofTurboShake128::seed_stream(&seed, &[], &[])); let mut extra = [0; 7]; prng_weird_buffer_size.seed_stream.fill_bytes(&mut extra); prng_weird_buffer_size.buffer.extend_from_slice(&extra); @@ -278,7 +278,7 @@ mod tests { fn into_different_field() { let seed = Seed::generate().unwrap(); let want: Prng = - Prng::from_seed_stream(XofTurboShake128::seed_stream(&seed, b"", b"")); + Prng::from_seed_stream(XofTurboShake128::seed_stream(&seed, &[], &[])); let want_buffer = want.buffer.clone(); let got: Prng = want.into_new_field(); diff --git a/src/vdaf.rs b/src/vdaf.rs index 035ef4254..8ea17b71b 100644 --- a/src/vdaf.rs +++ b/src/vdaf.rs @@ -200,16 +200,13 @@ pub trait Vdaf: Clone + Debug { /// Generate the domain separation tag for this VDAF. The output is used for domain separation /// by the XOF. - fn domain_separation_tag(&self, usage: u16, ctx: &[u8]) -> Vec { + fn domain_separation_tag(&self, usage: u16) -> [u8; 8] { // Prefix is 8 bytes and defined by the spec. Copy these values in - let mut dst = Vec::with_capacity(ctx.len() + 8); - dst.push(VERSION); - dst.push(0); // algorithm class - dst.extend_from_slice(self.algorithm_id().to_be_bytes().as_slice()); - dst.extend_from_slice(usage.to_be_bytes().as_slice()); - // Finally, append user-chosen `ctx` - dst.extend_from_slice(ctx); - + let mut dst = [0; 8]; + dst[0] = VERSION; + dst[1] = 0; // algorithm class + dst[2..6].clone_from_slice(self.algorithm_id().to_be_bytes().as_slice()); + dst[6..8].clone_from_slice(usage.to_be_bytes().as_slice()); dst } } diff --git a/src/vdaf/mastic.rs b/src/vdaf/mastic.rs index 218a4458f..fd0fca91f 100644 --- a/src/vdaf/mastic.rs +++ b/src/vdaf/mastic.rs @@ -519,7 +519,7 @@ where // Onehot and payload checks let (payload_check, onehot_proof) = { - let mut payload_check_xof = P::init(&[0; SEED_SIZE], b""); + let mut payload_check_xof = P::init(&[0; SEED_SIZE], &[]); let mut payload_check_buf = Vec::with_capacity(T::Field::ENCODED_SIZE); let mut onehot_proof = ONEHOT_PROOF_INIT; @@ -580,7 +580,7 @@ where }; let eval_proof = { - let mut eval_proof_xof = P::init(&[0; SEED_SIZE], b""); + let mut eval_proof_xof = P::init(&[0; SEED_SIZE], &[]); eval_proof_xof.update(&onehot_proof); eval_proof_xof.update(&payload_check); eval_proof_xof.update(&counter_check); diff --git a/src/vdaf/poplar1.rs b/src/vdaf/poplar1.rs index b67c850c5..5a54eabd3 100644 --- a/src/vdaf/poplar1.rs +++ b/src/vdaf/poplar1.rs @@ -77,7 +77,7 @@ impl, const SEED_SIZE: usize> Poplar1 { P: Xof, F: FieldElement, { - let mut xof = P::init(seed, &self.domain_separation_tag(usage, ctx)); + let mut xof = P::init(seed, &[&self.domain_separation_tag(usage), ctx]); for binder_chunk in binder_chunks.into_iter() { xof.update(binder_chunk.as_ref()); } diff --git a/src/vdaf/prio3.rs b/src/vdaf/prio3.rs index 9d0d65b89..0cd9973ad 100644 --- a/src/vdaf/prio3.rs +++ b/src/vdaf/prio3.rs @@ -482,8 +482,8 @@ where fn derive_prove_rands(&self, ctx: &[u8], prove_rand_seed: &Seed) -> Vec { P::seed_stream( prove_rand_seed, - &self.domain_separation_tag(DST_PROVE_RANDOMNESS, ctx), - &[self.num_proofs], + &[&self.domain_separation_tag(DST_PROVE_RANDOMNESS), ctx], + &[&[self.num_proofs]], ) .into_field_vec(self.typ.prove_rand_len() * self.num_proofs()) } @@ -495,7 +495,7 @@ where ) -> Seed { let mut xof = P::init( &[0; SEED_SIZE], - &self.domain_separation_tag(DST_JOINT_RAND_SEED, ctx), + &[&self.domain_separation_tag(DST_JOINT_RAND_SEED), ctx], ); for part in joint_rand_parts { xof.update(part.as_ref()); @@ -511,8 +511,8 @@ where let joint_rand_seed = self.derive_joint_rand_seed(ctx, joint_rand_parts); let joint_rands = P::seed_stream( &joint_rand_seed, - &self.domain_separation_tag(DST_JOINT_RANDOMNESS, ctx), - &[self.num_proofs], + &[&self.domain_separation_tag(DST_JOINT_RANDOMNESS), ctx], + &[&[self.num_proofs]], ) .into_field_vec(self.typ.joint_rand_len() * self.num_proofs()); @@ -527,8 +527,8 @@ where ) -> Prng { Prng::from_seed_stream(P::seed_stream( proofs_share_seed, - &self.domain_separation_tag(DST_PROOF_SHARE, ctx), - &[self.num_proofs, agg_id], + &[&self.domain_separation_tag(DST_PROOF_SHARE), ctx], + &[&[self.num_proofs, agg_id]], )) } @@ -540,7 +540,7 @@ where ) -> Vec { let mut xof = P::init( verify_key, - &self.domain_separation_tag(DST_QUERY_RANDOMNESS, ctx), + &[&self.domain_separation_tag(DST_QUERY_RANDOMNESS), ctx], ); xof.update(&[self.num_proofs]); xof.update(nonce); @@ -605,8 +605,8 @@ where let proof_share_seed = random_seeds.next().unwrap().try_into().unwrap(); let measurement_share_prng: Prng = Prng::from_seed_stream(P::seed_stream( &Seed(measurement_share_seed), - &self.domain_separation_tag(DST_MEASUREMENT_SHARE, ctx), - &[agg_id], + &[&self.domain_separation_tag(DST_MEASUREMENT_SHARE), ctx], + &[&[agg_id]], )); let joint_rand_blind = if let Some(helper_joint_rand_parts) = helper_joint_rand_parts.as_mut() @@ -614,7 +614,7 @@ where let joint_rand_blind = random_seeds.next().unwrap().try_into().unwrap(); let mut joint_rand_part_xof = P::init( &joint_rand_blind, - &self.domain_separation_tag(DST_JOINT_RAND_PART, ctx), + &[&self.domain_separation_tag(DST_JOINT_RAND_PART), ctx], ); joint_rand_part_xof.update(&[agg_id]); // Aggregator ID joint_rand_part_xof.update(nonce); @@ -660,7 +660,7 @@ where let mut joint_rand_part_xof = P::init( leader_blind.as_ref(), - &self.domain_separation_tag(DST_JOINT_RAND_PART, ctx), + &[&self.domain_separation_tag(DST_JOINT_RAND_PART), ctx], ); joint_rand_part_xof.update(&[0]); // Aggregator ID joint_rand_part_xof.update(nonce); @@ -1242,8 +1242,8 @@ where Share::Helper(ref seed) => Cow::Owned( P::seed_stream( seed, - &self.domain_separation_tag(DST_MEASUREMENT_SHARE, ctx), - &[agg_id], + &[&self.domain_separation_tag(DST_MEASUREMENT_SHARE), ctx], + &[&[agg_id]], ) .into_field_vec(self.typ.input_len()), ), @@ -1262,7 +1262,7 @@ where let (joint_rand_seed, joint_rand_part, joint_rands) = if self.typ.joint_rand_len() > 0 { let mut joint_rand_part_xof = P::init( msg.joint_rand_blind.as_ref().unwrap().as_ref(), - &self.domain_separation_tag(DST_JOINT_RAND_PART, ctx), + &[&self.domain_separation_tag(DST_JOINT_RAND_PART), ctx], ); joint_rand_part_xof.update(&[agg_id]); joint_rand_part_xof.update(nonce); @@ -1424,10 +1424,12 @@ where // Compute the output share. let measurement_share = match step.measurement_share { Share::Leader(data) => data, - Share::Helper(seed) => { - let dst = self.domain_separation_tag(DST_MEASUREMENT_SHARE, ctx); - P::seed_stream(&seed, &dst, &[step.agg_id]).into_field_vec(self.typ.input_len()) - } + Share::Helper(seed) => P::seed_stream( + &seed, + &[&self.domain_separation_tag(DST_MEASUREMENT_SHARE), ctx], + &[&[step.agg_id]], + ) + .into_field_vec(self.typ.input_len()), }; let output_share = match self.typ.truncate(measurement_share) { diff --git a/src/vdaf/xof.rs b/src/vdaf/xof.rs index 775445f71..5ed1f0fed 100644 --- a/src/vdaf/xof.rs +++ b/src/vdaf/xof.rs @@ -124,11 +124,11 @@ pub trait Xof: Clone + Debug { type SeedStream: RngCore + Sized; /// Construct an instance of [`Xof`] with the given seed. - fn init(seed_bytes: &[u8; SEED_SIZE], dst: &[u8]) -> Self; + fn init(seed_bytes: &[u8; SEED_SIZE], dst_parts: &[&[u8]]) -> Self; /// Update the XOF state by passing in the next fragment of the info string. The final info /// string is assembled from the concatenation of sequence of fragments passed to this method. - fn update(&mut self, data: &[u8]); + fn update(&mut self, binder_part: &[u8]); /// Finalize the XOF state, producing a seed stream. fn into_seed_stream(self) -> Self::SeedStream; @@ -142,9 +142,15 @@ pub trait Xof: Clone + Debug { } /// Construct a seed stream from the given seed and info string. - fn seed_stream(seed: &Seed, dst: &[u8], binder: &[u8]) -> Self::SeedStream { - let mut xof = Self::init(seed.as_ref(), dst); - xof.update(binder); + fn seed_stream( + seed: &Seed, + dst_parts: &[&[u8]], + binder_parts: &[&[u8]], + ) -> Self::SeedStream { + let mut xof = Self::init(seed.as_ref(), dst_parts); + for binder_part in binder_parts { + xof.update(binder_part); + } xof.into_seed_stream() } } @@ -207,12 +213,16 @@ impl Debug for SeedStreamAes128 { pub struct XofTurboShake128(TurboShake128); impl XofTurboShake128 { - pub(crate) fn from_seed_slice(seed_bytes: &[u8], dst: &[u8]) -> Self { + pub(crate) fn from_seed_slice(seed_bytes: &[u8], dst_parts: &[&[u8]]) -> Self { let mut xof = Self(TurboShake128::from_core(TurboShake128Core::new( XOF_TURBO_SHAKE_128_DOMAIN_SEPARATION, ))); - let Ok(dst_len) = u16::try_from(dst.len()) else { + let dst_len = dst_parts + .iter() + .map(|dst_part| dst_part.len()) + .sum::(); + let Ok(dst_len) = u16::try_from(dst_len) else { panic!("dst must not exceed 65535 bytes"); }; @@ -221,7 +231,9 @@ impl XofTurboShake128 { }; Update::update(&mut xof.0, &dst_len.to_le_bytes()); - Update::update(&mut xof.0, dst); + for dst_part in dst_parts { + Update::update(&mut xof.0, dst_part); + } Update::update(&mut xof.0, &seed_len.to_le_bytes()); Update::update(&mut xof.0, seed_bytes); xof @@ -231,8 +243,8 @@ impl XofTurboShake128 { impl Xof<32> for XofTurboShake128 { type SeedStream = SeedStreamTurboShake128; - fn init(seed_bytes: &[u8; 32], dst: &[u8]) -> Self { - Self::from_seed_slice(&seed_bytes[..], dst) + fn init(seed_bytes: &[u8; 32], dst_parts: &[&[u8]]) -> Self { + Self::from_seed_slice(&seed_bytes[..], dst_parts) } fn update(&mut self, data: &[u8]) { @@ -278,7 +290,7 @@ impl SeedableRng for SeedStreamTurboShake128 { type Seed = [u8; 32]; fn from_seed(seed: Self::Seed) -> Self { - XofTurboShake128::init(&seed, b"").into_seed_stream() + XofTurboShake128::init(&seed, &[]).into_seed_stream() } } @@ -370,16 +382,22 @@ pub struct XofFixedKeyAes128 { impl Xof<16> for XofFixedKeyAes128 { type SeedStream = SeedStreamFixedKeyAes128; - fn init(seed_bytes: &[u8; 16], dst: &[u8]) -> Self { + fn init(seed_bytes: &[u8; 16], dst_parts: &[&[u8]]) -> Self { let mut fixed_key_deriver = TurboShake128::from_core(TurboShake128Core::new(2u8)); + let dst_len = dst_parts + .iter() + .map(|dst_part| dst_part.len()) + .sum::(); Update::update( &mut fixed_key_deriver, - u16::try_from(dst.len()) + u16::try_from(dst_len) .expect("dst must be at most 65535 bytes") .to_le_bytes() .as_slice(), ); - Update::update(&mut fixed_key_deriver, dst); + for dst_part in dst_parts { + Update::update(&mut fixed_key_deriver, dst_part); + } Self { fixed_key_deriver, base_block: (*seed_bytes).into(), @@ -499,13 +517,19 @@ pub struct XofHmacSha256Aes128(Hmac); impl Xof<32> for XofHmacSha256Aes128 { type SeedStream = SeedStreamAes128; - fn init(seed_bytes: &[u8; 32], dst: &[u8]) -> Self { + fn init(seed_bytes: &[u8; 32], dst_parts: &[&[u8]]) -> Self { let mut mac = as Mac>::new_from_slice(seed_bytes).unwrap(); + let dst_len = dst_parts + .iter() + .map(|dst_part| dst_part.len()) + .sum::(); Mac::update( &mut mac, - &[dst.len().try_into().expect("dst must be at most 255 bytes")], + &[dst_len.try_into().expect("dst must be at most 255 bytes")], ); - Mac::update(&mut mac, dst); + for dst_part in dst_parts { + Mac::update(&mut mac, dst_part); + } Self(mac) } @@ -551,7 +575,7 @@ mod tests { let dst = b"algorithm and usage"; let binder = b"bind to artifact"; - let mut xof = P::init(seed.as_ref(), dst); + let mut xof = P::init(seed.as_ref(), &[dst]); xof.update(binder); let mut want = Seed([0; SEED_SIZE]); @@ -562,7 +586,7 @@ mod tests { let mut want = [0; 45]; xof.clone().into_seed_stream().fill_bytes(&mut want); let mut got = [0; 45]; - P::seed_stream(&seed, dst, binder).fill_bytes(&mut got); + P::seed_stream(&seed, &[dst], &[binder]).fill_bytes(&mut got); assert_eq!(got, want); } @@ -570,7 +594,7 @@ mod tests { fn xof_turboshake128() { let t: XofTestVector = serde_json::from_str(include_str!("test_vec/13/XofTurboShake128.json")).unwrap(); - let mut xof = XofTurboShake128::init(&t.seed.try_into().unwrap(), &t.dst); + let mut xof = XofTurboShake128::init(&t.seed.try_into().unwrap(), &[&t.dst]); xof.update(&t.binder); assert_eq!( @@ -594,7 +618,7 @@ mod tests { let t: XofTestVector = serde_json::from_str(include_str!("test_vec/XofHmacSha256Aes128.json")).unwrap(); - let mut xof = XofHmacSha256Aes128::init(&t.seed.try_into().unwrap(), &t.dst); + let mut xof = XofHmacSha256Aes128::init(&t.seed.try_into().unwrap(), &[&t.dst]); xof.update(&t.binder); assert_eq!( @@ -618,7 +642,7 @@ mod tests { fn xof_fixed_key_aes128() { let t: XofTestVector = serde_json::from_str(include_str!("test_vec/13/XofFixedKeyAes128.json")).unwrap(); - let mut xof = XofFixedKeyAes128::init(&t.seed.try_into().unwrap(), &t.dst); + let mut xof = XofFixedKeyAes128::init(&t.seed.try_into().unwrap(), &[&t.dst]); xof.update(&t.binder); assert_eq!( @@ -642,11 +666,11 @@ mod tests { fn xof_fixed_key_aes128_incomplete_block() { let seed = Seed::generate().unwrap(); let mut expected = [0; 32]; - XofFixedKeyAes128::seed_stream(&seed, b"dst", b"binder").fill(&mut expected); + XofFixedKeyAes128::seed_stream(&seed, &[b"dst"], &[b"binder"]).fill(&mut expected); for len in 0..=32 { let mut buf = vec![0; len]; - XofFixedKeyAes128::seed_stream(&seed, b"dst", b"binder").fill(&mut buf); + XofFixedKeyAes128::seed_stream(&seed, &[b"dst"], &[b"binder"]).fill(&mut buf); assert_eq!(buf, &expected[..len]); } } @@ -656,15 +680,16 @@ mod tests { fn xof_fixed_key_aes128_alternate_apis() { let fixed_dst = b"domain separation tag"; let ctx = b"context string"; - let full_dst = [fixed_dst.as_slice(), ctx.as_slice()].concat(); let binder = b"AAAAAAAAAAAAAAAAAAAAAAAA"; let seed_1 = Seed::generate().unwrap(); let seed_2 = Seed::generate().unwrap(); - let mut stream_1_trait_api = XofFixedKeyAes128::seed_stream(&seed_1, &full_dst, binder); + let mut stream_1_trait_api = + XofFixedKeyAes128::seed_stream(&seed_1, &[fixed_dst, ctx], &[binder]); let mut output_1_trait_api = [0u8; 32]; stream_1_trait_api.fill(&mut output_1_trait_api); - let mut stream_2_trait_api = XofFixedKeyAes128::seed_stream(&seed_2, &full_dst, binder); + let mut stream_2_trait_api = + XofFixedKeyAes128::seed_stream(&seed_2, &[fixed_dst, ctx], &[binder]); let mut output_2_trait_api = [0u8; 32]; stream_2_trait_api.fill(&mut output_2_trait_api); diff --git a/src/vidpf.rs b/src/vidpf.rs index 7ffc5165e..500bb8559 100644 --- a/src/vidpf.rs +++ b/src/vidpf.rs @@ -286,7 +286,8 @@ impl Vidpf { } fn extend(seed: &VidpfSeed, nonce: &[u8]) -> ExtendedSeed { - let mut rng = XofFixedKeyAes128::seed_stream(&Seed(*seed), VidpfDomainSepTag::PRG, nonce); + let mut rng = + XofFixedKeyAes128::seed_stream(&Seed(*seed), &[VidpfDomainSepTag::PRG], &[nonce]); let mut seed_left = VidpfSeed::default(); let mut seed_right = VidpfSeed::default(); @@ -310,7 +311,7 @@ impl Vidpf { fn convert(&self, seed: VidpfSeed, nonce: &[u8]) -> (VidpfSeed, W) { let mut rng = - XofFixedKeyAes128::seed_stream(&Seed(seed), VidpfDomainSepTag::CONVERT, nonce); + XofFixedKeyAes128::seed_stream(&Seed(seed), &[VidpfDomainSepTag::CONVERT], &[nonce]); let mut out_seed = VidpfSeed::default(); rng.fill_bytes(&mut out_seed); @@ -322,8 +323,8 @@ impl Vidpf { pub(crate) fn hash_proof(mut proof: VidpfProof) -> VidpfProof { let mut rng = XofTurboShake128::seed_stream( &Seed(Default::default()), - VidpfDomainSepTag::NODE_PROOF_ADJUST, - &proof, + &[VidpfDomainSepTag::NODE_PROOF_ADJUST], + &[&proof], ); rng.fill_bytes(&mut proof); @@ -763,7 +764,8 @@ impl<'a> VidpfEvalIndex<'a> { } fn node_proof(&self, seed: &VidpfSeed) -> VidpfProof { - let mut xof = XofTurboShake128::from_seed_slice(&seed[..], VidpfDomainSepTag::NODE_PROOF); + let mut xof = + XofTurboShake128::from_seed_slice(&seed[..], &[VidpfDomainSepTag::NODE_PROOF]); xof.update(&self.level.to_le_bytes()); for byte in self From 6a7a91672ac80c5d7b345cc2307bd3c332873c53 Mon Sep 17 00:00:00 2001 From: Christopher Patton Date: Fri, 3 Jan 2025 08:08:29 -0800 Subject: [PATCH 20/20] mastic: Align XOF computations with the spec (#1182) --- benches/speed_tests.rs | 21 +++- src/flp/szk.rs | 159 ++++++++++++++++------------- src/vdaf/mastic.rs | 146 ++++++++++++++++++--------- src/vidpf.rs | 220 +++++++++++++++++++++++------------------ 4 files changed, 330 insertions(+), 216 deletions(-) diff --git a/benches/speed_tests.rs b/benches/speed_tests.rs index b2356f561..f36e6e7ed 100644 --- a/benches/speed_tests.rs +++ b/benches/speed_tests.rs @@ -859,10 +859,12 @@ fn vidpf(c: &mut Criterion) { let input = VidpfInput::from_bools(&bits); let weight = VidpfWeight::from(vec![Field255::one(), Field255::one()]); - let vidpf = Vidpf::>::new(2); + let vidpf = Vidpf::>::new(bits.len(), 2).unwrap(); b.iter(|| { - let _ = vidpf.gen(&input, &weight, NONCE).unwrap(); + let _ = vidpf + .gen(b"some application", &input, &weight, NONCE) + .unwrap(); }); }); } @@ -875,13 +877,22 @@ fn vidpf(c: &mut Criterion) { let bits = iter::repeat_with(random).take(size).collect::>(); let input = VidpfInput::from_bools(&bits); let weight = VidpfWeight::from(vec![Field255::one(), Field255::one()]); - let vidpf = Vidpf::>::new(2); + let vidpf = Vidpf::>::new(bits.len(), 2).unwrap(); - let (public, keys) = vidpf.gen(&input, &weight, NONCE).unwrap(); + let (public, keys) = vidpf + .gen(b"some application", &input, &weight, NONCE) + .unwrap(); b.iter(|| { let _ = vidpf - .eval(VidpfServerId::S0, &keys[0], &public, &input, NONCE) + .eval( + b"some application", + VidpfServerId::S0, + &keys[0], + &public, + &input, + NONCE, + ) .unwrap(); }); }); diff --git a/src/flp/szk.rs b/src/flp/szk.rs index ee3633d36..9c49f5a5a 100644 --- a/src/flp/szk.rs +++ b/src/flp/szk.rs @@ -16,7 +16,10 @@ use crate::{ field::{decode_fieldvec, encode_fieldvec, FieldElement}, flp::{FlpError, Type}, prng::{Prng, PrngError}, - vdaf::xof::{IntoFieldVec, Seed, Xof, XofTurboShake128}, + vdaf::{ + mastic::{self, USAGE_PROOF_SHARE}, + xof::{IntoFieldVec, Seed, Xof, XofTurboShake128}, + }, }; use std::borrow::Cow; use std::ops::BitAnd; @@ -24,14 +27,6 @@ use std::{io::Cursor, marker::PhantomData}; use subtle::{Choice, ConstantTimeEq}; // Domain separation tags -const DST_PROVE_RANDOMNESS: u16 = 0; -const DST_PROOF_SHARE: u16 = 1; -const DST_QUERY_RANDOMNESS: u16 = 2; -const DST_JOINT_RAND_SEED: u16 = 3; -const DST_JOINT_RAND_PART: u16 = 4; -const DST_JOINT_RANDOMNESS: u16 = 5; - -const MASTIC_VERSION: u8 = 0; /// Errors propagated by methods in this module. #[derive(Debug, thiserror::Error)] @@ -308,14 +303,13 @@ where { /// The Type representing the specific FLP system used to prove validity of an input. pub(crate) typ: T, - algorithm_id: u32, phantom: PhantomData

, } impl Szk { /// Create an instance of [`Szk`] using [`XofTurboShake128`]. - pub fn new_turboshake128(typ: T, algorithm_id: u32) -> Self { - Szk::new(typ, algorithm_id) + pub fn new_turboshake128(typ: T) -> Self { + Szk::new(typ) } } @@ -326,29 +320,19 @@ where { /// Construct an instance of this sharedZK proof system with the underlying /// FLP. - pub fn new(typ: T, algorithm_id: u32) -> Self { + pub fn new(typ: T) -> Self { Self { typ, - algorithm_id, phantom: PhantomData, } } - fn domain_separation_tag(&self, usage: u16) -> [u8; 8] { - let mut dst = [0u8; 8]; - dst[0] = MASTIC_VERSION; - dst[1] = 0; // algorithm class - dst[2..6].copy_from_slice(&(self.algorithm_id).to_be_bytes()); - dst[6..8].copy_from_slice(&usage.to_be_bytes()); - dst - } - /// Derive a vector of random field elements for consumption by the FLP /// prover. - fn derive_prove_rand(&self, prove_rand_seed: &Seed) -> Vec { + fn derive_prove_rand(&self, prove_rand_seed: &Seed, ctx: &[u8]) -> Vec { P::seed_stream( prove_rand_seed, - &[&self.domain_separation_tag(DST_PROVE_RANDOMNESS)], + &[&mastic::dst_usage(mastic::USAGE_PROVE_RAND), ctx], &[], ) .into_field_vec(self.typ.prove_rand_len()) @@ -359,10 +343,11 @@ where aggregator_blind: &Seed, measurement_share: &[T::Field], nonce: &[u8; 16], + ctx: &[u8], ) -> Result, SzkError> { let mut xof = P::init( aggregator_blind.as_ref(), - &[&self.domain_separation_tag(DST_JOINT_RAND_PART)], + &[&mastic::dst_usage(mastic::USAGE_JOINT_RAND_PART), ctx], ); xof.update(nonce); // Encode measurement_share (currently an array of field elements) into @@ -380,10 +365,11 @@ where &self, leader_joint_rand_part: &Seed, helper_joint_rand_part: &Seed, + ctx: &[u8], ) -> Seed { let mut xof = P::init( &[0; SEED_SIZE], - &[&self.domain_separation_tag(DST_JOINT_RAND_SEED)], + &[&mastic::dst_usage(mastic::USAGE_JOINT_RAND_SEED), ctx], ); xof.update(&leader_joint_rand_part.0); xof.update(&helper_joint_rand_part.0); @@ -394,12 +380,13 @@ where &self, leader_joint_rand_part: &Seed, helper_joint_rand_part: &Seed, + ctx: &[u8], ) -> (Seed, Vec) { let joint_rand_seed = - self.derive_joint_rand_seed(leader_joint_rand_part, helper_joint_rand_part); + self.derive_joint_rand_seed(leader_joint_rand_part, helper_joint_rand_part, ctx); let joint_rand = P::seed_stream( &joint_rand_seed, - &[&self.domain_separation_tag(DST_JOINT_RANDOMNESS)], + &[&mastic::dst_usage(mastic::USAGE_JOINT_RAND), ctx], &[], ) .into_field_vec(self.typ.joint_rand_len()); @@ -407,22 +394,33 @@ where (joint_rand_seed, joint_rand) } - fn derive_helper_proof_share(&self, proof_share_seed: &Seed) -> Vec { + fn derive_helper_proof_share( + &self, + proof_share_seed: &Seed, + ctx: &[u8], + ) -> Vec { Prng::from_seed_stream(P::seed_stream( proof_share_seed, - &[&self.domain_separation_tag(DST_PROOF_SHARE)], + &[&mastic::dst_usage(USAGE_PROOF_SHARE), ctx], &[], )) .take(self.typ.proof_len()) .collect() } - fn derive_query_rand(&self, verify_key: &[u8; SEED_SIZE], nonce: &[u8; 16]) -> Vec { + fn derive_query_rand( + &self, + verify_key: &[u8; SEED_SIZE], + nonce: &[u8; 16], + level: u16, + ctx: &[u8], + ) -> Vec { let mut xof = P::init( verify_key, - &[&self.domain_separation_tag(DST_QUERY_RANDOMNESS)], + &[&mastic::dst_usage(mastic::USAGE_QUERY_RAND), ctx], ); xof.update(nonce); + xof.update(&level.to_le_bytes()); xof.into_seed_stream() .into_field_vec(self.typ.query_rand_len()) } @@ -439,8 +437,10 @@ where /// joint randomness. /// In this case, the helper uses the same seed to derive its proof share and /// joint randomness. + #[allow(clippy::too_many_arguments)] pub(crate) fn prove( &self, + ctx: &[u8], leader_input_share: &[T::Field], helper_input_share: &[T::Field], encoded_measurement: &[T::Field], @@ -457,11 +457,14 @@ where let (leader_blind_and_helper_joint_rand_part_opt, leader_joint_rand_part_opt, joint_rand) = if let Some(leader_seed) = leader_seed_opt { let leader_joint_rand_part = - self.derive_joint_rand_part(&leader_seed, leader_input_share, nonce)?; + self.derive_joint_rand_part(&leader_seed, leader_input_share, nonce, ctx)?; let helper_joint_rand_part = - self.derive_joint_rand_part(&helper_seed, helper_input_share, nonce)?; - let (_joint_rand_seed, joint_rand) = self - .derive_joint_rand_and_seed(&leader_joint_rand_part, &helper_joint_rand_part); + self.derive_joint_rand_part(&helper_seed, helper_input_share, nonce, ctx)?; + let (_joint_rand_seed, joint_rand) = self.derive_joint_rand_and_seed( + &leader_joint_rand_part, + &helper_joint_rand_part, + ctx, + ); ( Some((leader_seed, helper_joint_rand_part)), Some(leader_joint_rand_part), @@ -471,7 +474,7 @@ where (None, None, Vec::new()) }; - let prove_rand = self.derive_prove_rand(&prove_rand_seed); + let prove_rand = self.derive_prove_rand(&prove_rand_seed, ctx); let mut leader_proof_share = self.typ .prove(encoded_measurement, &prove_rand, &joint_rand)?; @@ -479,7 +482,7 @@ where // Generate the proof shares. for (x, y) in leader_proof_share .iter_mut() - .zip(self.derive_helper_proof_share(&helper_seed)) + .zip(self.derive_helper_proof_share(&helper_seed, ctx)) { *x -= y; } @@ -498,12 +501,14 @@ where pub(crate) fn query( &self, + ctx: &[u8], + level: u16, // level of the prefix tree input_share: &[T::Field], proof_share: &SzkProofShare, verify_key: &[u8; SEED_SIZE], nonce: &[u8; 16], ) -> Result<(SzkQueryShare, SzkQueryState), SzkError> { - let query_rand = self.derive_query_rand(verify_key, nonce); + let query_rand = self.derive_query_rand(verify_key, nonce, level, ctx); let flp_proof_share = match proof_share { SzkProofShare::Leader { ref uncompressed_proof_share, @@ -512,7 +517,7 @@ where SzkProofShare::Helper { ref proof_share_seed_and_blind, .. - } => Cow::Owned(self.derive_helper_proof_share(proof_share_seed_and_blind)), + } => Cow::Owned(self.derive_helper_proof_share(proof_share_seed_and_blind, ctx)), }; let (joint_rand, joint_rand_seed, joint_rand_part) = if self.requires_joint_rand() { @@ -522,11 +527,12 @@ where leader_blind_and_helper_joint_rand_part_opt, } => match leader_blind_and_helper_joint_rand_part_opt { Some((seed, helper_joint_rand_part)) => { - match self.derive_joint_rand_part(seed, input_share, nonce) { + match self.derive_joint_rand_part(seed, input_share, nonce, ctx) { Ok(leader_joint_rand_part) => ( self.derive_joint_rand_and_seed( &leader_joint_rand_part, helper_joint_rand_part, + ctx, ), leader_joint_rand_part, ), @@ -547,11 +553,13 @@ where proof_share_seed_and_blind, input_share, nonce, + ctx, ) { Ok(helper_joint_rand_part) => ( self.derive_joint_rand_and_seed( leader_joint_rand_part, &helper_joint_rand_part, + ctx, ), helper_joint_rand_part, ), @@ -590,6 +598,7 @@ where pub(crate) fn merge_query_shares( &self, + ctx: &[u8], mut leader_share: SzkQueryShare, helper_share: SzkQueryShare, ) -> Result, SzkError> { @@ -606,7 +615,7 @@ where helper_share.joint_rand_part_opt, ) { (Some(ref leader_part), Some(ref helper_part)) => Ok(SzkJointShare(Some( - self.derive_joint_rand_seed(leader_part, helper_part), + self.derive_joint_rand_seed(leader_part, helper_part, ctx), ))), (None, None) => Ok(SzkJointShare(None)), _ => Err(SzkError::Decide( @@ -689,10 +698,10 @@ mod tests { use rand::{thread_rng, Rng}; fn generic_szk_test(typ: T, encoded_measurement: &[T::Field], valid: bool) { + let ctx = b"some application context"; let mut nonce = [0u8; 16]; let mut verify_key = [0u8; 32]; - let algorithm_id = 5; - let szk_typ = Szk::new_turboshake128(typ.clone(), algorithm_id); + let szk_typ = Szk::new_turboshake128(typ.clone()); thread_rng().fill(&mut verify_key[..]); thread_rng().fill(&mut nonce[..]); let prove_rand_seed = Seed::generate().unwrap(); @@ -707,6 +716,7 @@ mod tests { } let proof_shares = szk_typ.prove( + ctx, &leader_input_share, &helper_input_share, encoded_measurement, @@ -718,6 +728,8 @@ mod tests { let [leader_proof_share, helper_proof_share] = proof_shares.unwrap(); let (leader_query_share, leader_query_state) = szk_typ .query( + ctx, + 0, &leader_input_share, &leader_proof_share, &verify_key, @@ -726,6 +738,8 @@ mod tests { .unwrap(); let (helper_query_share, helper_query_state) = szk_typ .query( + ctx, + 0, &helper_input_share, &helper_proof_share, &verify_key, @@ -734,7 +748,7 @@ mod tests { .unwrap(); let joint_share_result = - szk_typ.merge_query_shares(leader_query_share.clone(), helper_query_share.clone()); + szk_typ.merge_query_shares(ctx, leader_query_share.clone(), helper_query_share.clone()); let joint_share = match joint_share_result { Ok(joint_share) => { let leader_decision = szk_typ @@ -776,7 +790,7 @@ mod tests { } let joint_share_res = - szk_typ.merge_query_shares(mutated_query_share, helper_query_share.clone()); + szk_typ.merge_query_shares(ctx, mutated_query_share, helper_query_share.clone()); let leader_decision = match joint_share_res { Ok(joint_share) => szk_typ .decide(leader_query_state.clone(), joint_share) @@ -790,11 +804,18 @@ mod tests { mutated_input[0] *= T::Field::from(::Integer::try_from(23).unwrap()); let (mutated_query_share, mutated_query_state) = szk_typ - .query(&mutated_input, &leader_proof_share, &verify_key, &nonce) + .query( + ctx, + 0, + &mutated_input, + &leader_proof_share, + &verify_key, + &nonce, + ) .unwrap(); let joint_share_res = - szk_typ.merge_query_shares(mutated_query_share, helper_query_share.clone()); + szk_typ.merge_query_shares(ctx, mutated_query_share, helper_query_share.clone()); let leader_decision = match joint_share_res { Ok(joint_share) => szk_typ.decide(mutated_query_state, joint_share).is_ok(), @@ -822,6 +843,8 @@ mod tests { }; let (leader_query_share, leader_query_state) = szk_typ .query( + ctx, + 0, &leader_input_share, &mutated_proof_share, &verify_key, @@ -829,7 +852,7 @@ mod tests { ) .unwrap(); let joint_share_res = - szk_typ.merge_query_shares(leader_query_share, helper_query_share.clone()); + szk_typ.merge_query_shares(ctx, leader_query_share, helper_query_share.clone()); let leader_decision = match joint_share_res { Ok(joint_share) => szk_typ @@ -847,8 +870,7 @@ mod tests { thread_rng().fill(&mut nonce[..]); let sum = Sum::::new(max_measurement).unwrap(); let encoded_measurement = sum.encode_measurement(&9).unwrap(); - let algorithm_id = 5; - let szk_typ = Szk::new_turboshake128(sum, algorithm_id); + let szk_typ = Szk::new_turboshake128(sum); let prove_rand_seed = Seed::generate().unwrap(); let helper_seed = Seed::generate().unwrap(); let leader_seed_opt = Some(Seed::generate().unwrap()); @@ -860,6 +882,7 @@ mod tests { let [leader_proof_share, _] = szk_typ .prove( + b"some application", &leader_input_share, &helper_input_share, &encoded_measurement[..], @@ -882,8 +905,7 @@ mod tests { let sumvec = SumVec::>>::new(5, 3, 3).unwrap(); let encoded_measurement = sumvec.encode_measurement(&vec![1, 16, 0]).unwrap(); - let algorithm_id = 5; - let szk_typ = Szk::new_turboshake128(sumvec, algorithm_id); + let szk_typ = Szk::new_turboshake128(sumvec); let prove_rand_seed = Seed::generate().unwrap(); let helper_seed = Seed::generate().unwrap(); let leader_seed_opt = Some(Seed::generate().unwrap()); @@ -895,6 +917,7 @@ mod tests { let [l_proof_share, _] = szk_typ .prove( + b"some application", &leader_input_share, &helper_input_share, &encoded_measurement[..], @@ -916,8 +939,7 @@ mod tests { thread_rng().fill(&mut nonce[..]); let count = Count::::new(); let encoded_measurement = count.encode_measurement(&true).unwrap(); - let algorithm_id = 5; - let szk_typ = Szk::new_turboshake128(count, algorithm_id); + let szk_typ = Szk::new_turboshake128(count); let prove_rand_seed = Seed::generate().unwrap(); let helper_seed = Seed::generate().unwrap(); let leader_seed_opt = Some(Seed::generate().unwrap()); @@ -929,6 +951,7 @@ mod tests { let [l_proof_share, _] = szk_typ .prove( + b"some application", &leader_input_share, &helper_input_share, &encoded_measurement[..], @@ -951,8 +974,7 @@ mod tests { thread_rng().fill(&mut nonce[..]); let sum = Sum::::new(max_measurement).unwrap(); let encoded_measurement = sum.encode_measurement(&9).unwrap(); - let algorithm_id = 5; - let szk_typ = Szk::new_turboshake128(sum, algorithm_id); + let szk_typ = Szk::new_turboshake128(sum); let prove_rand_seed = Seed::generate().unwrap(); let helper_seed = Seed::generate().unwrap(); let leader_seed_opt = None; @@ -964,6 +986,7 @@ mod tests { let [l_proof_share, _] = szk_typ .prove( + b"some application", &leader_input_share, &helper_input_share, &encoded_measurement[..], @@ -992,8 +1015,7 @@ mod tests { thread_rng().fill(&mut nonce[..]); let sum = Sum::::new(max_measurement).unwrap(); let encoded_measurement = sum.encode_measurement(&9).unwrap(); - let algorithm_id = 5; - let szk_typ = Szk::new_turboshake128(sum, algorithm_id); + let szk_typ = Szk::new_turboshake128(sum); let prove_rand_seed = Seed::generate().unwrap(); let helper_seed = Seed::generate().unwrap(); let leader_seed_opt = None; @@ -1005,6 +1027,7 @@ mod tests { let [_, h_proof_share] = szk_typ .prove( + b"some application", &leader_input_share, &helper_input_share, &encoded_measurement[..], @@ -1032,8 +1055,7 @@ mod tests { thread_rng().fill(&mut nonce[..]); let count = Count::::new(); let encoded_measurement = count.encode_measurement(&true).unwrap(); - let algorithm_id = 5; - let szk_typ = Szk::new_turboshake128(count, algorithm_id); + let szk_typ = Szk::new_turboshake128(count); let prove_rand_seed = Seed::generate().unwrap(); let helper_seed = Seed::generate().unwrap(); let leader_seed_opt = None; @@ -1045,6 +1067,7 @@ mod tests { let [l_proof_share, _] = szk_typ .prove( + b"some application", &leader_input_share, &helper_input_share, &encoded_measurement[..], @@ -1072,8 +1095,7 @@ mod tests { thread_rng().fill(&mut nonce[..]); let count = Count::::new(); let encoded_measurement = count.encode_measurement(&true).unwrap(); - let algorithm_id = 5; - let szk_typ = Szk::new_turboshake128(count, algorithm_id); + let szk_typ = Szk::new_turboshake128(count); let prove_rand_seed = Seed::generate().unwrap(); let helper_seed = Seed::generate().unwrap(); let leader_seed_opt = None; @@ -1085,6 +1107,7 @@ mod tests { let [_, h_proof_share] = szk_typ .prove( + b"some application", &leader_input_share, &helper_input_share, &encoded_measurement[..], @@ -1113,8 +1136,7 @@ mod tests { let sumvec = SumVec::>>::new(5, 3, 3).unwrap(); let encoded_measurement = sumvec.encode_measurement(&vec![1, 16, 0]).unwrap(); - let algorithm_id = 5; - let szk_typ = Szk::new_turboshake128(sumvec, algorithm_id); + let szk_typ = Szk::new_turboshake128(sumvec); let prove_rand_seed = Seed::generate().unwrap(); let helper_seed = Seed::generate().unwrap(); let leader_seed_opt = Some(Seed::generate().unwrap()); @@ -1126,6 +1148,7 @@ mod tests { let [l_proof_share, _] = szk_typ .prove( + b"some application", &leader_input_share, &helper_input_share, &encoded_measurement[..], @@ -1154,8 +1177,7 @@ mod tests { let sumvec = SumVec::>>::new(5, 3, 3).unwrap(); let encoded_measurement = sumvec.encode_measurement(&vec![1, 16, 0]).unwrap(); - let algorithm_id = 5; - let szk_typ = Szk::new_turboshake128(sumvec, algorithm_id); + let szk_typ = Szk::new_turboshake128(sumvec); let prove_rand_seed = Seed::generate().unwrap(); let helper_seed = Seed::generate().unwrap(); let leader_seed_opt = Some(Seed::generate().unwrap()); @@ -1167,6 +1189,7 @@ mod tests { let [_, h_proof_share] = szk_typ .prove( + b"some applicqation", &leader_input_share, &helper_input_share, &encoded_measurement[..], diff --git a/src/vdaf/mastic.rs b/src/vdaf/mastic.rs index fd0fca91f..d16fbb094 100644 --- a/src/vdaf/mastic.rs +++ b/src/vdaf/mastic.rs @@ -19,19 +19,48 @@ use crate::{ PrepareTransition, Vdaf, VdafError, }, vidpf::{ - xor_proof, Vidpf, VidpfError, VidpfInput, VidpfKey, VidpfPublicShare, VidpfServerId, - VidpfWeight, ONEHOT_PROOF_INIT, + xor_proof, Vidpf, VidpfError, VidpfInput, VidpfKey, VidpfProof, VidpfPublicShare, + VidpfServerId, VidpfWeight, }, }; +use rand::RngCore; use std::io::{Cursor, Read}; use std::ops::BitAnd; use std::slice::from_ref; use std::{collections::VecDeque, fmt::Debug}; use subtle::{Choice, ConstantTimeEq}; +use super::xof::XofTurboShake128; + const NONCE_SIZE: usize = 16; +// draft-jimouris-cfrg-mastic: +// +// ONEHOT_PROOF_INIT = XofTurboShake128(zeros(XofTurboShake128.SEED_SIZE), +// dst(b'', USAGE_ONEHOT_PROOF_INIT), +// b'').next(PROOF_SIZE) +pub(crate) const ONEHOT_PROOF_INIT: [u8; 32] = [ + 186, 76, 128, 104, 116, 50, 149, 133, 2, 164, 82, 118, 128, 155, 163, 239, 117, 95, 162, 196, + 173, 31, 244, 180, 171, 86, 176, 209, 12, 221, 28, 204, +]; + +pub(crate) const USAGE_PROVE_RAND: u8 = 0; +pub(crate) const USAGE_PROOF_SHARE: u8 = 1; +pub(crate) const USAGE_QUERY_RAND: u8 = 2; +pub(crate) const USAGE_JOINT_RAND_SEED: u8 = 3; +pub(crate) const USAGE_JOINT_RAND_PART: u8 = 4; +pub(crate) const USAGE_JOINT_RAND: u8 = 5; +pub(crate) const USAGE_ONEHOT_PROOF_HASH: u8 = 7; +pub(crate) const USAGE_NODE_PROOF: u8 = 8; +pub(crate) const USAGE_EVAL_PROOF: u8 = 9; +pub(crate) const USAGE_EXTEND: u8 = 10; +pub(crate) const USAGE_CONVERT: u8 = 11; + +pub(crate) fn dst_usage(usage: u8) -> [u8; 11] { + [b'm', b'a', b's', b't', b'i', b'c', 0, 0, 0, 0, usage] +} + /// The main struct implementing the Mastic VDAF. /// Composed of a shared zero knowledge proof system and a verifiable incremental /// distributed point function. @@ -54,15 +83,15 @@ where P: Xof, { /// Creates a new instance of Mastic, with a specific attribute length and weight type. - pub fn new(algorithm_id: u32, typ: T, bits: usize) -> Self { - let vidpf = Vidpf::new(typ.input_len() + 1); - let szk = Szk::new(typ, algorithm_id); - Self { + pub fn new(algorithm_id: u32, typ: T, bits: usize) -> Result { + let vidpf = Vidpf::new(bits, typ.input_len() + 1)?; + let szk = Szk::new(typ); + Ok(Self { algorithm_id, szk, vidpf, bits, - } + }) } } @@ -286,29 +315,44 @@ where { fn shard_with_random( &self, - alpha: &VidpfInput, - weight: &T::Measurement, + ctx: &[u8], + (alpha, weight): &(VidpfInput, T::Measurement), nonce: &[u8; 16], vidpf_keys: [VidpfKey; 2], szk_random: [Seed; 2], joint_random_opt: Option>, ) -> Result<(::PublicShare, Vec<::InputShare>), VdafError> { + if alpha.len() != self.bits { + return Err(VdafError::Vidpf(VidpfError::InvalidInputLength)); + } + // The output with which we program the VIDPF is a counter and the encoded measurement. let mut beta = VidpfWeight(self.szk.typ.encode_measurement(weight)?); beta.0.insert(0, T::Field::one()); // Compute the measurement shares for each aggregator by generating VIDPF // keys for the measurement and evaluating each of them. - let public_share = self.vidpf.gen_with_keys(&vidpf_keys, alpha, &beta, nonce)?; + let public_share = self + .vidpf + .gen_with_keys(ctx, &vidpf_keys, alpha, &beta, nonce)?; - let leader_beta_share = - self.vidpf - .get_beta_share(VidpfServerId::S0, &public_share, &vidpf_keys[0], nonce)?; - let helper_beta_share = - self.vidpf - .get_beta_share(VidpfServerId::S1, &public_share, &vidpf_keys[1], nonce)?; + let leader_beta_share = self.vidpf.get_beta_share( + ctx, + VidpfServerId::S0, + &public_share, + &vidpf_keys[0], + nonce, + )?; + let helper_beta_share = self.vidpf.get_beta_share( + ctx, + VidpfServerId::S1, + &public_share, + &vidpf_keys[1], + nonce, + )?; let [leader_szk_proof_share, helper_szk_proof_share] = self.szk.prove( + ctx, &leader_beta_share.as_ref()[1..], &helper_beta_share.as_ref()[1..], &beta.as_ref()[1..], @@ -336,14 +380,10 @@ where { fn shard( &self, - _ctx: &[u8], - (input, weight): &(VidpfInput, T::Measurement), + ctx: &[u8], + measurement: &(VidpfInput, T::Measurement), nonce: &[u8; 16], ) -> Result<(Self::PublicShare, Vec), VdafError> { - if input.len() != self.bits { - return Err(VdafError::Vidpf(VidpfError::InvalidAttributeLength)); - } - let vidpf_keys = [VidpfKey::generate()?, VidpfKey::generate()?]; let joint_random_opt = if self.szk.requires_joint_rand() { Some(Seed::::generate()?) @@ -353,8 +393,8 @@ where let szk_random = [Seed::generate()?, Seed::generate()?]; self.shard_with_random( - input, - weight, + ctx, + measurement, nonce, vidpf_keys, szk_random, @@ -483,7 +523,7 @@ where fn prepare_init( &self, verify_key: &[u8; SEED_SIZE], - _ctx: &[u8], + ctx: &[u8], agg_id: usize, agg_param: &MasticAggregationParam, nonce: &[u8; NONCE_SIZE], @@ -507,6 +547,7 @@ where let mut prefix_tree = BinaryTree::default(); let out_shares = self.vidpf.eval_prefix_tree_with_siblings( + ctx, id, public_share, &input_share.vidpf_key, @@ -525,9 +566,8 @@ where // Traverse the prefix tree breadth-first. // - // TODO spec: Adjust the onehot proof computation accordingly so that we always - // traverse the left node then the right node. Currently we visit the on-path child - // then its sibling. + // TODO spec: Adjust the onehot and payload checks accordingly. For the onehot check, + // we need to make sure to always visit the left node before the right. let mut q = VecDeque::with_capacity(100); q.push_back(root.left.as_ref().unwrap()); q.push_back(root.right.as_ref().unwrap()); @@ -535,10 +575,7 @@ where // Update onehot proof. onehot_proof = xor_proof( onehot_proof, - &Vidpf::>::hash_proof(xor_proof( - onehot_proof, - &node.value.state.node_proof, - )), + &hash_proof(xor_proof(onehot_proof, &node.value.state.node_proof), ctx), ); // Update payload check. @@ -580,7 +617,8 @@ where }; let eval_proof = { - let mut eval_proof_xof = P::init(&[0; SEED_SIZE], &[]); + // TODO spec: Use a zero seed. + let mut eval_proof_xof = P::init(&[0; SEED_SIZE], &[&dst_usage(USAGE_EVAL_PROOF), ctx]); eval_proof_xof.update(&onehot_proof); eval_proof_xof.update(&payload_check); eval_proof_xof.update(&counter_check); @@ -591,8 +629,14 @@ where // Range check. let VidpfWeight(beta_share) = self.vidpf - .get_beta_share(id, public_share, &input_share.vidpf_key, nonce)?; + .get_beta_share(ctx, id, public_share, &input_share.vidpf_key, nonce)?; let (szk_query_share, szk_query_state) = self.szk.query( + ctx, + agg_param + .level_and_prefixes + .level() + .try_into() + .map_err(|_| VdafError::Vidpf(VidpfError::InvalidInputLength))?, &beta_share[1..], &input_share.proof_share, verify_key, @@ -630,7 +674,7 @@ where M: IntoIterator>, >( &self, - _ctx: &[u8], + ctx: &[u8], _agg_param: &MasticAggregationParam, inputs: M, ) -> Result, VdafError> { @@ -658,7 +702,7 @@ where // The SZK is only used once, during the first round of aggregation. (Some(leader_query_share), Some(helper_query_share)) => Ok(self .szk - .merge_query_shares(leader_query_share, helper_query_share)?), + .merge_query_shares(ctx, leader_query_share, helper_query_share)?), (None, None) => Ok(SzkJointShare::none()), (_, _) => Err(VdafError::Uncategorized( "Only one of leader and helper query shares is present".to_string(), @@ -749,6 +793,14 @@ where } } +fn hash_proof(mut proof: VidpfProof, ctx: &[u8]) -> VidpfProof { + let mut xof = + XofTurboShake128::from_seed_slice(&[], &[&dst_usage(USAGE_ONEHOT_PROOF_HASH), ctx]); + xof.update(&proof); + xof.into_seed_stream().fill_bytes(&mut proof); + proof +} + #[cfg(test)] mod tests { use super::*; @@ -766,7 +818,7 @@ mod tests { let algorithm_id = 6; let max_measurement = 29; let sum_typ = Sum::::new(max_measurement).unwrap(); - let mastic = Mastic::<_, XofTurboShake128, 32>::new(algorithm_id, sum_typ, 32); + let mastic = Mastic::<_, XofTurboShake128, 32>::new(algorithm_id, sum_typ, 32).unwrap(); let mut nonce = [0u8; 16]; let mut verify_key = [0u8; 16]; @@ -847,7 +899,7 @@ mod tests { let algorithm_id = 6; let max_measurement = 29; let sum_typ = Sum::::new(max_measurement).unwrap(); - let mastic = Mastic::<_, XofTurboShake128, 32>::new(algorithm_id, sum_typ, 32); + let mastic = Mastic::<_, XofTurboShake128, 32>::new(algorithm_id, sum_typ, 32).unwrap(); let mut nonce = [0u8; 16]; let mut verify_key = [0u8; 16]; @@ -900,7 +952,7 @@ mod tests { let algorithm_id = 6; let max_measurement = 29; let sum_typ = Sum::::new(max_measurement).unwrap(); - let mastic = Mastic::<_, XofTurboShake128, 32>::new(algorithm_id, sum_typ, 32); + let mastic = Mastic::<_, XofTurboShake128, 32>::new(algorithm_id, sum_typ, 32).unwrap(); let mut nonce = [0u8; 16]; let mut verify_key = [0u8; 16]; @@ -923,7 +975,7 @@ mod tests { fn test_mastic_count() { let algorithm_id = 6; let count = Count::::new(); - let mastic = Mastic::<_, XofTurboShake128, 32>::new(algorithm_id, count, 32); + let mastic = Mastic::<_, XofTurboShake128, 32>::new(algorithm_id, count, 32).unwrap(); let mut nonce = [0u8; 16]; let mut verify_key = [0u8; 16]; @@ -1002,7 +1054,7 @@ mod tests { fn test_public_share_encoded_len() { let algorithm_id = 6; let count = Count::::new(); - let mastic = Mastic::<_, XofTurboShake128, 32>::new(algorithm_id, count, 32); + let mastic = Mastic::<_, XofTurboShake128, 32>::new(algorithm_id, count, 32).unwrap(); let mut nonce = [0u8; 16]; let mut verify_key = [0u8; 16]; @@ -1022,7 +1074,7 @@ mod tests { fn test_public_share_roundtrip_count() { let algorithm_id = 6; let count = Count::::new(); - let mastic = Mastic::<_, XofTurboShake128, 32>::new(algorithm_id, count, 32); + let mastic = Mastic::<_, XofTurboShake128, 32>::new(algorithm_id, count, 32).unwrap(); let mut nonce = [0u8; 16]; let mut verify_key = [0u8; 16]; @@ -1044,7 +1096,7 @@ mod tests { let algorithm_id = 6; let sumvec = SumVec::>>::new(5, 3, 3).unwrap(); - let mastic = Mastic::<_, XofTurboShake128, 32>::new(algorithm_id, sumvec, 32); + let mastic = Mastic::<_, XofTurboShake128, 32>::new(algorithm_id, sumvec, 32).unwrap(); let mut nonce = [0u8; 16]; let mut verify_key = [0u8; 16]; @@ -1134,7 +1186,7 @@ mod tests { let sumvec = SumVec::>>::new(5, 3, 3).unwrap(); let measurement = vec![1, 16, 0]; - let mastic = Mastic::<_, XofTurboShake128, 32>::new(algorithm_id, sumvec, 32); + let mastic = Mastic::<_, XofTurboShake128, 32>::new(algorithm_id, sumvec, 32).unwrap(); let mut nonce = [0u8; 16]; let mut verify_key = [0u8; 16]; @@ -1165,7 +1217,7 @@ mod tests { let sumvec = SumVec::>>::new(5, 3, 3).unwrap(); let measurement = vec![1, 16, 0]; - let mastic = Mastic::<_, XofTurboShake128, 32>::new(algorithm_id, sumvec, 32); + let mastic = Mastic::<_, XofTurboShake128, 32>::new(algorithm_id, sumvec, 32).unwrap(); let mut nonce = [0u8; 16]; let mut verify_key = [0u8; 16]; @@ -1198,7 +1250,7 @@ mod tests { let sumvec = SumVec::>>::new(5, 3, 3).unwrap(); let measurement = vec![1, 16, 0]; - let mastic = Mastic::<_, XofTurboShake128, 32>::new(algorithm_id, sumvec, 32); + let mastic = Mastic::<_, XofTurboShake128, 32>::new(algorithm_id, sumvec, 32).unwrap(); let mut nonce = [0u8; 16]; let mut verify_key = [0u8; 16]; @@ -1223,7 +1275,7 @@ mod tests { let sumvec = SumVec::>>::new(5, 3, 3).unwrap(); let measurement = vec![1, 16, 0]; - let mastic = Mastic::<_, XofTurboShake128, 32>::new(algorithm_id, sumvec, 32); + let mastic = Mastic::<_, XofTurboShake128, 32>::new(algorithm_id, sumvec, 32).unwrap(); let mut nonce = [0u8; 16]; let mut verify_key = [0u8; 16]; diff --git a/src/vidpf.rs b/src/vidpf.rs index 500bb8559..9693387fd 100644 --- a/src/vidpf.rs +++ b/src/vidpf.rs @@ -26,28 +26,25 @@ use crate::{ codec::{CodecError, Decode, Encode, ParameterizedDecode}, field::FieldElement, idpf::{conditional_swap_seed, conditional_xor_seeds, xor_seeds, IdpfInput, IdpfValue}, - vdaf::xof::{Seed, Xof, XofFixedKeyAes128, XofTurboShake128}, + vdaf::{ + mastic, + xof::{Seed, Xof, XofFixedKeyAes128, XofTurboShake128}, + }, }; -pub(crate) const ONEHOT_PROOF_INIT: [u8; VIDPF_PROOF_SIZE] = [ - 186, 76, 128, 104, 116, 50, 149, 133, 2, 164, 82, 118, 128, 155, 163, 239, 117, 95, 162, 196, - 173, 31, 244, 180, 171, 86, 176, 209, 12, 221, 28, 204, -]; - /// VIDPF errors. #[derive(Debug, thiserror::Error)] #[non_exhaustive] pub enum VidpfError { /// Input is too long to be represented. - #[error("input too long")] - InputTooLong, + #[error("bit length too long")] + BitLengthTooLong, - /// Error when input attribute has too few or many bits to be a path in an initialized - /// VIDPF tree. - #[error("invalid attribute length")] - InvalidAttributeLength, + /// Error when an input has an unexpected bit length. + #[error("invalid input length")] + InvalidInputLength, - /// Error when weight's length mismatches the length in weight's parameter. + /// Error when a weight has an unexpected length. #[error("invalid weight length")] InvalidWeightLength, @@ -65,7 +62,7 @@ pub trait VidpfValue: IdpfValue + Clone + Debug + PartialEq + ConstantTimeEq {} #[derive(Clone, Debug)] /// An instance of the VIDPF. pub struct Vidpf { - /// Any parameters required to instantiate a weight value. + pub(crate) bits: u16, pub(crate) weight_parameter: W::ValueParameter, } @@ -74,9 +71,14 @@ impl Vidpf { /// /// # Arguments /// - /// * `weight_parameter`, any parameters required to instantiate a weight value. - pub const fn new(weight_parameter: W::ValueParameter) -> Self { - Self { weight_parameter } + /// * `bits`, the length of the input in bits. + /// * `weight_parameter`, the length of the weight in number of field elements. + pub fn new(bits: usize, weight_parameter: W::ValueParameter) -> Result { + let bits = u16::try_from(bits).map_err(|_| VidpfError::BitLengthTooLong)?; + Ok(Self { + bits, + weight_parameter, + }) } /// Splits an incremental point function `F` into two private keys @@ -99,18 +101,20 @@ impl Vidpf { /// APIs. pub fn gen( &self, + ctx: &[u8], input: &VidpfInput, weight: &W, nonce: &[u8], ) -> Result<(VidpfPublicShare, [VidpfKey; 2]), VidpfError> { let keys = [VidpfKey::generate()?, VidpfKey::generate()?]; - let public = self.gen_with_keys(&keys, input, weight, nonce)?; + let public = self.gen_with_keys(ctx, &keys, input, weight, nonce)?; Ok((public, keys)) } /// Produce the public share for the given keys, input, and weight. pub(crate) fn gen_with_keys( &self, + ctx: &[u8], keys: &[VidpfKey; 2], input: &VidpfInput, weight: &W, @@ -123,11 +127,14 @@ impl Vidpf { ]; let mut cw = Vec::with_capacity(input.len()); - for idx in input.index_iter()? { + for idx in self.index_iter(input)? { let bit = idx.bit; // Extend. - let e = [Self::extend(&seed[0], nonce), Self::extend(&seed[1], nonce)]; + let e = [ + Self::extend(seed[0], ctx, nonce), + Self::extend(seed[1], ctx, nonce), + ]; // Select the seed and control bit. let (seed_keep_0, seed_lose_0) = &mut (e[0].seed_right, e[0].seed_left); @@ -152,8 +159,8 @@ impl Vidpf { // Convert. let weight_0; let weight_1; - (seed[0], weight_0) = self.convert(seed_keep_0, nonce); - (seed[1], weight_1) = self.convert(seed_keep_1, nonce); + (seed[0], weight_0) = self.convert(seed_keep_0, ctx, nonce); + (seed[1], weight_1) = self.convert(seed_keep_1, ctx, nonce); ctrl[0] = ctrl_keep_0; ctrl[1] = ctrl_keep_1; @@ -162,7 +169,10 @@ impl Vidpf { cw_weight.conditional_negate(ctrl[1]); // Compute the correction word node proof. - let cw_proof = xor_proof(idx.node_proof(&seed[0]), &idx.node_proof(&seed[1])); + let cw_proof = xor_proof( + idx.node_proof(&seed[0], ctx), + &idx.node_proof(&seed[1], ctx), + ); cw.push(VidpfCorrectionWord { seed: cw_seed, @@ -181,6 +191,7 @@ impl Vidpf { /// root to the prefix. pub fn eval( &self, + ctx: &[u8], id: VidpfServerId, key: &VidpfKey, public: &VidpfPublicShare, @@ -195,12 +206,12 @@ impl Vidpf { }; if input.len() > public.cw.len() { - return Err(VidpfError::InvalidAttributeLength); + return Err(VidpfError::InvalidInputLength); } let mut hash = Sha3_256::new(); - for (idx, cw) in input.index_iter()?.zip(public.cw.iter()) { - r = self.eval_next(cw, idx, &r.state, nonce); + for (idx, cw) in self.index_iter(input)?.zip(public.cw.iter()) { + r = self.eval_next(ctx, cw, idx, &r.state, nonce); hash.update(r.state.node_proof); } @@ -213,6 +224,7 @@ impl Vidpf { /// state, and returns a new state and a share of the input's weight at that level. fn eval_next( &self, + ctx: &[u8], cw: &VidpfCorrectionWord, idx: VidpfEvalIndex<'_>, state: &VidpfEvalState, @@ -221,7 +233,7 @@ impl Vidpf { let bit = idx.bit; // Extend. - let e = Self::extend(&state.seed, nonce); + let e = Self::extend(state.seed, ctx, nonce); // Select the seed and control bit. let (seed_keep, seed_lose) = &mut (e.seed_right, e.seed_left); @@ -234,7 +246,7 @@ impl Vidpf { let next_ctrl = ctrl_keep ^ (state.control_bit & cw_ctrl_keep); // Convert and correct the payload. - let (next_seed, w) = self.convert(seed_keep, nonce); + let (next_seed, w) = self.convert(seed_keep, ctx, nonce); let mut weight = ::conditional_select( &::zero(&self.weight_parameter), &cw.weight, @@ -243,7 +255,8 @@ impl Vidpf { weight += w; // Compute and correct the node proof. - let node_proof = conditional_xor_proof(idx.node_proof(&next_seed), &cw.proof, next_ctrl); + let node_proof = + conditional_xor_proof(idx.node_proof(&next_seed, ctx), &cw.proof, next_ctrl); let next_state = VidpfEvalState { seed: next_seed, @@ -259,35 +272,39 @@ impl Vidpf { pub(crate) fn get_beta_share( &self, + ctx: &[u8], id: VidpfServerId, public: &VidpfPublicShare, key: &VidpfKey, nonce: &[u8], ) -> Result { - let cw = public.cw.first().ok_or(VidpfError::InputTooLong)?; + let cw = public.cw.first().ok_or(VidpfError::InvalidInputLength)?; let state = VidpfEvalState::init_from_key(id, key); let input_left = VidpfInput::from_bools(&[false]); - let idx_left = VidpfEvalIndex::try_from_input(&input_left)?; + let idx_left = self.index(&input_left)?; let VidpfEvalResult { state: _, share: mut weight_share_left, - } = self.eval_next(cw, idx_left, &state, nonce); + } = self.eval_next(ctx, cw, idx_left, &state, nonce); let VidpfEvalResult { state: _, share: mut weight_share_right, - } = self.eval_next(cw, idx_left.right_sibling(), &state, nonce); + } = self.eval_next(ctx, cw, idx_left.right_sibling(), &state, nonce); weight_share_left.conditional_negate(Choice::from(id)); weight_share_right.conditional_negate(Choice::from(id)); Ok(weight_share_left + weight_share_right) } - fn extend(seed: &VidpfSeed, nonce: &[u8]) -> ExtendedSeed { - let mut rng = - XofFixedKeyAes128::seed_stream(&Seed(*seed), &[VidpfDomainSepTag::PRG], &[nonce]); + fn extend(seed: VidpfSeed, ctx: &[u8], nonce: &[u8]) -> ExtendedSeed { + let mut rng = XofFixedKeyAes128::seed_stream( + &Seed(seed), + &[&mastic::dst_usage(mastic::USAGE_EXTEND), ctx], + &[nonce], + ); let mut seed_left = VidpfSeed::default(); let mut seed_right = VidpfSeed::default(); @@ -309,9 +326,12 @@ impl Vidpf { } } - fn convert(&self, seed: VidpfSeed, nonce: &[u8]) -> (VidpfSeed, W) { - let mut rng = - XofFixedKeyAes128::seed_stream(&Seed(seed), &[VidpfDomainSepTag::CONVERT], &[nonce]); + fn convert(&self, seed: VidpfSeed, ctx: &[u8], nonce: &[u8]) -> (VidpfSeed, W) { + let mut rng = XofFixedKeyAes128::seed_stream( + &Seed(seed), + &[&mastic::dst_usage(mastic::USAGE_CONVERT), ctx], + &[nonce], + ); let mut out_seed = VidpfSeed::default(); rng.fill_bytes(&mut out_seed); @@ -320,15 +340,36 @@ impl Vidpf { (out_seed, value) } - pub(crate) fn hash_proof(mut proof: VidpfProof) -> VidpfProof { - let mut rng = XofTurboShake128::seed_stream( - &Seed(Default::default()), - &[VidpfDomainSepTag::NODE_PROOF_ADJUST], - &[&proof], - ); - rng.fill_bytes(&mut proof); + fn index_iter<'a>( + &'a self, + input: &'a VidpfInput, + ) -> Result>, VidpfError> { + let n = u16::try_from(input.len()).map_err(|_| VidpfError::InvalidInputLength)?; + if n > self.bits { + return Err(VidpfError::InvalidInputLength); + } + Ok(Box::new((0..n).zip(input.iter()).map( + move |(level, bit)| VidpfEvalIndex { + bit: Choice::from(u8::from(bit)), + input, + level, + bits: self.bits, + }, + ))) + } - proof + fn index<'a>(&self, input: &'a VidpfInput) -> Result, VidpfError> { + let level = u16::try_from(input.len()).map_err(|_| VidpfError::InvalidInputLength)? - 1; + if level >= self.bits { + return Err(VidpfError::InvalidInputLength); + } + let bit = Choice::from(u8::from(input.get(usize::from(level)).unwrap())); + Ok(VidpfEvalIndex { + bit, + input, + level, + bits: self.bits, + }) } } @@ -336,8 +377,10 @@ impl Vidpf> { /// Ensure `prefix_tree` contains the prefix tree for `prefixes`, as well as the sibling of /// each node in the prefix tree. The return value is the weights for the prefixes /// concatenated together. + #[allow(clippy::too_many_arguments)] pub(crate) fn eval_prefix_tree_with_siblings( &self, + ctx: &[u8], id: VidpfServerId, public: &VidpfPublicShare>, key: &VidpfKey, @@ -349,7 +392,7 @@ impl Vidpf> { for prefix in prefixes { if prefix.len() > public.cw.len() { - return Err(VidpfError::InvalidAttributeLength); + return Err(VidpfError::InvalidInputLength); } let mut sub_tree = prefix_tree.root.get_or_insert_with(|| { @@ -359,9 +402,10 @@ impl Vidpf> { })) }); - for (idx, cw) in prefix.index_iter()?.zip(public.cw.iter()) { + for (idx, cw) in self.index_iter(prefix)?.zip(public.cw.iter()) { let left = sub_tree.left.get_or_insert_with(|| { Box::new(Node::new(self.eval_next( + ctx, cw, idx.left_sibling(), &sub_tree.value.state, @@ -370,6 +414,7 @@ impl Vidpf> { }); let right = sub_tree.right.get_or_insert_with(|| { Box::new(Node::new(self.eval_next( + ctx, cw, idx.right_sibling(), &sub_tree.value.state, @@ -396,17 +441,6 @@ impl Vidpf> { } } -/// VIDPF domain separation tag. -/// -/// Contains the domain separation tags for invoking different oracles. -struct VidpfDomainSepTag; -impl VidpfDomainSepTag { - const PRG: &'static [u8] = b"Prg"; - const CONVERT: &'static [u8] = b"Convert"; - const NODE_PROOF: &'static [u8] = b"NodeProof"; - const NODE_PROOF_ADJUST: &'static [u8] = b"NodeProofAdjust"; -} - /// VIDPF key. /// /// Private key of an aggregation server. @@ -574,7 +608,7 @@ const VIDPF_PROOF_SIZE: usize = 32; const VIDPF_SEED_SIZE: usize = 16; /// Allows to validate user input and shares after evaluation. -type VidpfProof = [u8; VIDPF_PROOF_SIZE]; +pub(crate) type VidpfProof = [u8; VIDPF_PROOF_SIZE]; pub(crate) fn xor_proof(mut lhs: VidpfProof, rhs: &VidpfProof) -> VidpfProof { zip(&mut lhs, rhs).for_each(|(a, b)| a.bitxor_assign(b)); @@ -738,20 +772,16 @@ struct VidpfEvalIndex<'a> { bit: Choice, input: &'a VidpfInput, level: u16, + bits: u16, } -impl<'a> VidpfEvalIndex<'a> { - fn try_from_input(input: &'a VidpfInput) -> Result { - let level = u16::try_from(input.len()).map_err(|_| VidpfError::InputTooLong)? - 1; - let bit = Choice::from(u8::from(input.get(usize::from(level)).unwrap())); - Ok(Self { bit, input, level }) - } - +impl VidpfEvalIndex<'_> { fn left_sibling(&self) -> Self { Self { bit: Choice::from(0), input: self.input, level: self.level, + bits: self.bits, } } @@ -760,12 +790,16 @@ impl<'a> VidpfEvalIndex<'a> { bit: Choice::from(1), input: self.input, level: self.level, + bits: self.bits, } } - fn node_proof(&self, seed: &VidpfSeed) -> VidpfProof { - let mut xof = - XofTurboShake128::from_seed_slice(&seed[..], &[VidpfDomainSepTag::NODE_PROOF]); + fn node_proof(&self, seed: &VidpfSeed, ctx: &[u8]) -> VidpfProof { + let mut xof = XofTurboShake128::from_seed_slice( + &seed[..], + &[&mastic::dst_usage(mastic::USAGE_NODE_PROOF), ctx], + ); + xof.update(&self.bits.to_le_bytes()); xof.update(&self.level.to_le_bytes()); for byte in self @@ -791,17 +825,6 @@ impl<'a> VidpfEvalIndex<'a> { } } -impl VidpfInput { - fn index_iter(&self) -> Result>, VidpfError> { - let n = u16::try_from(self.len()).map_err(|_| VidpfError::InputTooLong)?; - Ok((0..n).zip(self.iter()).map(|(level, bit)| VidpfEvalIndex { - bit: Choice::from(u8::from(bit)), - input: self, - level, - })) - } -} - #[cfg(test)] mod tests { @@ -825,9 +848,10 @@ mod tests { #[test] fn roundtrip_codec() { + let ctx = b"appliction context"; let input = VidpfInput::from_bytes(&[0xFF]); let weight = TestWeight::from(vec![21.into(), 22.into(), 23.into()]); - let (_, public, _, _) = vidpf_gen_setup(&input, &weight); + let (_, public, _, _) = vidpf_gen_setup(ctx, &input, &weight); let bytes = public.get_encoded().unwrap(); assert_eq!(public.encoded_len().unwrap(), bytes.len()); @@ -841,6 +865,7 @@ mod tests { } fn vidpf_gen_setup( + ctx: &[u8], input: &VidpfInput, weight: &TestWeight, ) -> ( @@ -849,22 +874,23 @@ mod tests { [VidpfKey; 2], [u8; TEST_NONCE_SIZE], ) { - let vidpf = Vidpf::new(TEST_WEIGHT_LEN); - let (public, keys) = vidpf.gen(input, weight, TEST_NONCE).unwrap(); + let vidpf = Vidpf::new(input.len(), TEST_WEIGHT_LEN).unwrap(); + let (public, keys) = vidpf.gen(ctx, input, weight, TEST_NONCE).unwrap(); (vidpf, public, keys, *TEST_NONCE) } #[test] fn correctness_at_last_level() { + let ctx = b"some application"; let input = VidpfInput::from_bytes(&[0xFF]); let weight = TestWeight::from(vec![21.into(), 22.into(), 23.into()]); - let (vidpf, public, [key_0, key_1], nonce) = vidpf_gen_setup(&input, &weight); + let (vidpf, public, [key_0, key_1], nonce) = vidpf_gen_setup(ctx, &input, &weight); let (value_share_0, onehot_proof_0) = vidpf - .eval(VidpfServerId::S0, &key_0, &public, &input, &nonce) + .eval(ctx, VidpfServerId::S0, &key_0, &public, &input, &nonce) .unwrap(); let (value_share_1, onehot_proof_1) = vidpf - .eval(VidpfServerId::S1, &key_1, &public, &input, &nonce) + .eval(ctx, VidpfServerId::S1, &key_1, &public, &input, &nonce) .unwrap(); assert_eq!( @@ -878,10 +904,10 @@ mod tests { let bad_input = VidpfInput::from_bytes(&[0x00]); let zero = TestWeight::zero(&TEST_WEIGHT_LEN); let (value_share_0, onehot_proof_0) = vidpf - .eval(VidpfServerId::S0, &key_0, &public, &bad_input, &nonce) + .eval(ctx, VidpfServerId::S0, &key_0, &public, &bad_input, &nonce) .unwrap(); let (value_share_1, onehot_proof_1) = vidpf - .eval(VidpfServerId::S1, &key_1, &public, &bad_input, &nonce) + .eval(ctx, VidpfServerId::S1, &key_1, &public, &bad_input, &nonce) .unwrap(); assert_eq!( @@ -895,20 +921,22 @@ mod tests { #[test] fn correctness_at_each_level() { + let ctx = b"application context"; let input = VidpfInput::from_bytes(&[0xFF]); let weight = TestWeight::from(vec![21.into(), 22.into(), 23.into()]); - let (vidpf, public, keys, nonce) = vidpf_gen_setup(&input, &weight); + let (vidpf, public, keys, nonce) = vidpf_gen_setup(ctx, &input, &weight); - assert_eval_at_each_level(&vidpf, &keys, &public, &input, &weight, &nonce); + assert_eval_at_each_level(&vidpf, ctx, &keys, &public, &input, &weight, &nonce); let bad_input = VidpfInput::from_bytes(&[0x00]); let zero = TestWeight::zero(&TEST_WEIGHT_LEN); - assert_eval_at_each_level(&vidpf, &keys, &public, &bad_input, &zero, &nonce); + assert_eval_at_each_level(&vidpf, ctx, &keys, &public, &bad_input, &zero, &nonce); } fn assert_eval_at_each_level( vidpf: &Vidpf, + ctx: &[u8], [key_0, key_1]: &[VidpfKey; 2], public: &VidpfPublicShare, input: &VidpfInput, @@ -918,9 +946,9 @@ mod tests { let mut state_0 = VidpfEvalState::init_from_key(VidpfServerId::S0, key_0); let mut state_1 = VidpfEvalState::init_from_key(VidpfServerId::S1, key_1); - for (idx, cw) in input.index_iter().unwrap().zip(public.cw.iter()) { - let r0 = vidpf.eval_next(cw, idx, &state_0, nonce); - let r1 = vidpf.eval_next(cw, idx, &state_1, nonce); + for (idx, cw) in vidpf.index_iter(input).unwrap().zip(public.cw.iter()) { + let r0 = vidpf.eval_next(ctx, cw, idx, &state_0, nonce); + let r1 = vidpf.eval_next(ctx, cw, idx, &state_1, nonce); assert_eq!( r0.share - r1.share,