MPC implementation of AES (Rijndael). This module can be used to securely compute a secret shared AES encrypted ciphertext of a (possibly) secret shared plaintext with a (possibly) secret shared key. The inputs have to be given either as a list of shares over GF256 (byte-wise) or as a string. The runtime has to be able to handle shares over GF256. Decryption is not implemented yet.
The implementation is based on the fact that AES has arithmetic properties which makes its computation by arithmetic circuits relatively fast.
AES instantiation.
This class is used together with a Runtime object:
aes = AES(runtime, 192)
cleartext = [Share(runtime, GF256, GF256(0)) for i in range(128/8)]
key = [runtime.prss_share_random(GF256) for i in range(192/8)]
ciphertext = aes.encrypt("abcdefghijklmnop", key)
ciphertext = aes.encrypt(cleartext, "keykeykeykeykeykeykeykey")
ciphertext = aes.encrypt(cleartext, key)
In every case ciphertext will be a list of shares over GF256.
Rijndael AddRoundKey.
State should be a list of 4 rows and round_key a list of 4-byte columns (words).
ByteSub operation of Rijndael.
The first argument should be a matrix consisting of elements of GF(2^8).
Rijndael encryption.
Cleartext and key should be either a string or a list of bytes (possibly shared as elements of GF256).
Rijndael key expansion.
Input and output are lists of 4-byte columns (words). new_length is the round for which the key should be expanded. If ommitted, the key is expanded for all rounds.
Rijndael MixColumn.
Input should be a list of 4 rows.
Rijndael ShiftRow.
State should be a list of 4 rows.
Bit decomposition for GF256 shares.