New submission from Martin Geisler <[EMAIL PROTECTED]>: The multiplication in prss_share_random cannot be a local multiplication. Tomas writes the following in:
http://article.gmane.org/gmane.comp.cryptography.viff.devel/241 [...] looking at this lead Mikkel and me to look at prss_share_random in runtime.py, and there seems to be either a bug (information leak) /or/ a possibility of optimisation when sharing a bit in Zp. The problem is the following: result = self.open(Share(self, field, share*share), threshold=2*self.threshold) Is the "*" in "share*share" a multiplication protocol or a multiplication of actual values? If it is actual values, then we *cannot* simply call it shares and open it, as the polynomial is not uniformly random (this can also be done with PRSS and no communication). If on the other hand it is an invoation of the multiplication protocol, then it is secure but can be optimised with the PRSS version mentioned above. ---------- keyword: active-security messages: 108 nosy: mg, mk, t.toft priority: bug status: unread title: Information leak in prss_share_random ____________________________________ VIFF Issue Tracker <[EMAIL PROTECTED]> <http://tracker.viff.dk/issue42> ____________________________________ _______________________________________________ viff-devel mailing list (http://viff.dk/) viff-devel@viff.dk http://lists.viff.dk/listinfo.cgi/viff-devel-viff.dk