Python: module mpyc.secpols

mpyc.secpols

index
github.com/lschoe/mpyc/blob/v0.11/mpyc/secpols.py

This module supports secure (univariate) polynomial arithmetic.

A secure polynomial can be viewed as a sequence of secret-shared coefficients.
The length of the sequence is public, but the leading coefficient is not required
to be nonzero. This way only an upper bound on the degree is revealed.

The sequence of coefficients is implemented as a secure (NumPy) array.
A polynomial a_0 + a_1 X + ... + a_d X^d is represented by an array of length n >= d+1
of the form [a_0 a_1 ... a_d 0 ... 0], where the number of trailing zeros may vary.

Currently, only polynomials over prime fields GF(p) are supported, as secure counterpart
to MPyC's gfpx module. (Secure polynomials over integers and fixed-point numbers will be
considered later.) Moreover, for certain operations, p must be sufficiently large, in
particular compared to (the public upper bound on) the degree of a given polynomial.

The operators +,-,*,<<,>>,**,//,%, and function divmod are overloaded, providing secure
polynomial arithmetic, while hiding the exact degree of the results throughout.
The operators <,<=,>,>=,==,!= are overloaded as well, using the
lexicographic order for polynomials (zero polynomial is the smallest).
Evaluation of a polynomial at a public or secret point is supported as well.

A couple more advanced secure operations such as GCD, extended GCD, modular inverse,
and modular powers are also supported as well as a simple irreducibility test.

Current implementation is relatively basic, not yet fully optimized.

Modules

mpyc.numpy

operator

Classes

mpyc.asyncoro.SecureObject(builtins.object)

secpoly

class secpoly(mpyc.asyncoro.SecureObject)

secpoly(value=None, sectype=None, shape=None)

Secure polynomials of secret degree and with secret coefficients.

Method resolution order:: secpoly; mpyc.asyncoro.SecureObject; builtins.object

Methods defined here:

__add__(self, other): Add polynomials of secret degree.

__call__(self, x): Evaluate polynomial at given x.

__divmod__(self, other)

__eq__(self, other): Secure equality test.

__floordiv__(self, other)

__ge__(self, other): Secure greater-than or equal comparison.

__getitem__(self, key)

__gt__(self, other): Secure strictly greater-than comparison.

__init__(self, value=None, sectype=None, shape=None): Initialize a secure polynomial to the given value, where value is a GFpX polynomial,
a 1D int array, or a 1D secure (finite field) array.

If value is None (default), sectype must be given and shape must be a 1D shape.
Also, if value is an int array, sectype must be given.

If sectype is None, it is inferred from the given value.

__le__(self, other): Secure less-than or equal comparison.

__lshift__(self, n): Multiply polynomial by X^n.

__lt__(self, other): Secure strictly less-than comparison.

__mod__(self, other)

__mul__(self, other)

__ne__(self, other): Secure negated equality test.

__neg__(self)

__pos__(self)

__pow__(self, other)

__radd__ = __add__(self, other)

__rdivmod__(self, other)

__rfloordiv__(self, other)

__rmod__(self, other)

__rmul__ = __mul__(self, other)

__rshift__(self, n): Quotient of polynomial divided by X^n.

__rsub__(self, other)

__sub__(self, other)

copy(self): Copy of polynomial.

degree(self): Degree of polynomial.

Degree of zero polynomial is -1.

monic(self): Monic version of polynomial

Zero polynomial remains unchanged.

reverse(self, d=None): Reverse of polynomial by specified degree d.

Basically, coefficients are put in reverse order. For example,
reverse of x + 2x^2 + 3x^3 is 3 + 2x + x^2.

If d is None (default), d is set to the (secret) degree of the given poynomial.
Otherwise, the given polynomial is first padded with zeros or truncated
to attain the given degree d, d>=-1, before it is reversed.
If d is secret, then -1 <= d <= len(a) -1 is assumed, where a is the
secure array holding the secret-shared coefficients.

set_share(self, value): Set share to the given value.

The share is set directly (or recursively, for a composite SecureObject),
using callbacks if value contains Futures that are not yet done.

truncate(self, n): Truncate polynomial modulo X^n, for nonnegative n.

Static methods defined here:

add(a, b): Add polynomials a and b of secret degree.

gcd(a, b): Greatest common divisor of polynomials a and b.

gcdext(a, b): Extended GCD of polynomials a and b.

if_else(c, a, b): Secure selection based on binary condition c between polynomials a and b.

Condition c must be of a secure number type compatible with a and b
and its value should be 0 or 1.

if_swap(c, a, b): Secure swap between polynomials a and b based on binary condition c.

Condition c must be of a secure number type compatible with a and b
and its value should be 0 or 1.

invert(a, b): "Inverse of polynomial a modulo b.

Inverse is assumed to exist.

is_irreducible(a): Test polynomial a for irreducibility.

mod(a, b): Reduce polynomial a modulo polynomial b, for nonzero b.

mul(a, b): Multiply polynomials a and b of secret degree.

powmod(a, n, b): Polynomial a to the power of n modulo polynomial b, for nonzero b.

Public n, for now.

sub(a, b): Subtract polynomials a and b of secret degree.

Readonly properties defined here:

sectype: Secure type of coefficients.

Data and other attributes defined here:

__hash__ = None

Methods inherited from mpyc.asyncoro.SecureObject:

__array_function__(self, func, types, args, kwargs) from mpyc.sectypes: Redirect __array_function__ call to array class, if any.

To support calls like np.block([[secint(9), -1], [1, secint(7)]]).

__array_ufunc__(self, ufunc, method, *inputs, **kwargs) from mpyc.sectypes: Delegate __array_ufunc__ call to corresponding operator call.

Provisional support for calls like np.less(secint(9), 10).

__bool__(self): Use of secret-shared objects in Boolean expressions makes no sense.

__deepcopy__(self, memo): Let SecureObjects behave as immutable objects.

Introduced for github.com/meilof/oblif.

Data descriptors inherited from mpyc.asyncoro.SecureObject:

share

Data
		runtime = None