Re: [viff-devel] VIFF and random numbers

[Ivan Bjerre Damgård]

It is not good to use the wrong kind of PRG, it should
be fixed as soon as possible. But do we know that 
os.urandom will be OK on any platform, or is this
OS -dependent at the end of the day?

- Ivan

On 06/07/2010, at 15.22, Thomas P Jakobsen wrote:

 VIFF itself as well as most protocols implemented in VIFF uses the
 viff.util package for random number generation. This package in turn
 uses the random package in the Python standard library. This means
 that random numbers are generated using a Mersenne twister.
 
 As far as I can see, this is a problem, since Mersenne twister PRNGs
 are generally not suited for cryptographic usage. E.g. it is not known
 to pass the next-bit test and withstand the state compromise
 extensions, see
 http://en.wikipedia.org/wiki/Cryptographically_secure_pseudorandom_number_generator.
 
 One solution would be to use the os.urandom() function instead. This
 has specifically been designed to produce cryptographically secure
 random numbers.
 
 (We should probably keep the old random generator, too. It is probably
 faster and not all random numbers used in VIFF and VIFF programs need
 to be cryptographically secure.)
 
 
 Let me know what you think about this.
 
 Kind regards,
 Thomas
 ___
 viff-devel mailing list (http://viff.dk/)
 viff-devel@viff.dk
 http://lists.viff.dk/listinfo.cgi/viff-devel-viff.dk

___
viff-devel mailing list (http://viff.dk/)
viff-devel@viff.dk
http://lists.viff.dk/listinfo.cgi/viff-devel-viff.dk

Re: [viff-devel] [issue80] Broadcast

[Ivan Bjerre Damgård]

Quoting Janus Dam Nielsen j...@cs.au.dk:

In the simple case I want to shout out a number to everybody, even  
somebody who is eavesdropping.


But secrecy of what you shout is not the real problem. The problem is  
to make sure everyone agrees on what was said. This is not obvious in  
the case where people may not follow the protocol. For instance, if  
you want a solution that does not depend on computational assumptions,  
then if a third or more of the players are corrupt, then there is NO  
solution.


Think of 3 players A,B and C, where A wants to broadcast a message,  
say 0 or 1. One player may be corrupt. So A is supposed to send a bit  
b to both B and C. Say B hears 0 from A. He doesn't know if A said the  
same to C. He can ask C what he heard, but if C says A said 1 to me,  
there is no way to tell if A or C is lying..


regards, Ivan




--
Janus


Den 10/03/2009 kl. 12.23 skrev Ivan Bjerre Damgård:

It can definitely be useful to have a broadcast method, for  
instance to complete the implementation of the asynchronous  
maliciously secure protocol, we will need broadcast.


But one needs to be careful about what kind of security we want.  
There is a whole jungle of protocols, depending on whether it is  
unconditional or computational security, synchronous or  
asynchronous network, and what number of players you assume can be  
corrupt. I think a protocol of Bracha has in fact already been  
implemented in VIFF


regards, Ivan

Quoting Janus Dam Nielsen trac...@viff.dk:



New submission from Janus Dam Nielsen janus.niel...@alexandra.dk:

I would like to see a broadcast method in the Runtime class. The
purpose of the broadcast method should be to distribute a public value
among all parties (or some subset of parties).

A case: All parties in a computation needs to read a value from
standard in, and it is a different value for each party. We want to
tell the value to everybody else.

An example use could be like the input method:
a,b,c = runtime.broadcast([1,2,3], value)

Similarly, broadcast can be used in a conditional if only some subset
of parties wants to distribute a value.

--
assignedto: mg
messages: 310
nosy: jdn, mas, mg
status: chatting
title: Broadcast
type: wish


VIFF Issue Tracker trac...@viff.dk
http://tracker.viff.dk/issue80

___
viff-devel mailing list (http://viff.dk/)
viff-devel@viff.dk
http://lists.viff.dk/listinfo.cgi/viff-devel-viff.dk



___
viff-devel mailing list (http://viff.dk/)
viff-devel@viff.dk
http://lists.viff.dk/listinfo.cgi/viff-devel-viff.dk


___
viff-devel mailing list (http://viff.dk/)
viff-devel@viff.dk
http://lists.viff.dk/listinfo.cgi/viff-devel-viff.dk



___
viff-devel mailing list (http://viff.dk/)
viff-devel@viff.dk
http://lists.viff.dk/listinfo.cgi/viff-devel-viff.dk