You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Ideally we would hide the details of the shuffle from the caller. The caller just specifies the context which is either SH or Malicious. When invoking shuffle, the context would determine which shuffle protocol is executed.
The high level idea is that shuffle runs the following subroutines:
Upgrade Inputs
Shuffle Protocol on Upgraded Inputs
Downgrade Shuffle Protocol Output
In the semi-honest setting, Upgrade and Downgrade do nothing and the Shuffle Protocol Output only consists of the output shares.
In the malicious setting, Upgrade generates a set of key. For each input row, we use this set of keys (which are secret shared) to compute a MAC tag and append it to the row. During the Downgrade, the tag is verified using the keys (which are revealed in MPC) and the Shuffle Protocol Output. The Shuffle Protocol Output contains the output shares together with the messages sent between the Helpers during the shuffle protocol which need to be verified as well.
The text was updated successfully, but these errors were encountered:
Ideally we would hide the details of the shuffle from the caller. The caller just specifies the context which is either SH or Malicious. When invoking shuffle, the context would determine which shuffle protocol is executed.
The high level idea is that shuffle runs the following subroutines:
In the semi-honest setting, Upgrade and Downgrade do nothing and the Shuffle Protocol Output only consists of the output shares.
In the malicious setting, Upgrade generates a set of key. For each input row, we use this set of keys (which are secret shared) to compute a MAC tag and append it to the row. During the Downgrade, the tag is verified using the keys (which are revealed in MPC) and the Shuffle Protocol Output. The Shuffle Protocol Output contains the output shares together with the messages sent between the Helpers during the shuffle protocol which need to be verified as well.
The text was updated successfully, but these errors were encountered: