/amphora

Carbyne Stack secret sharing distributed object store

Primary LanguageJavaApache License 2.0Apache-2.0

Carbyne Stack Amphora Secret Share Store

codecov Codacy Badge Conventional Commits Known Vulnerabilities pre-commit Contributor Covenant

Amphora is an open source object store for secret shared data and part of Carbyne Stack.

DISCLAIMER: Carbyne Stack Amphora is alpha software. The software is not ready for production use. It has neither been developed nor tested for a specific use case.

Please have a look at the underlying modules for more information on how to run an Amphora service or how to interact with it using the Java client:

  • Amphora Common - A shared library of commonly used functionality.
  • Amphora Service - The microservice implementing the object store for secret shared data.
  • Amphora Java Client - A Java Client library to interact with Amphora service(s). The module provides client implementations to communicate with
    • the Amphora service from within the Virtual Cloud Provider
    • other Amphora services participating in the Virtual Cloud
    • all Amphora services participating in the Virtual Cloud to share secret or recombine secret shared data.

Namesake

As of wikipedia an amphora (from Greek amphoras) is a type of container of a characteristic shape and size. Amphorae were used in vast numbers for the transport and storage of various products, both liquid and dry, but mostly for wine.

Secure Secret Sharing and Recombination

The Amphora client and service use an additive secret sharing scheme and implement the Input Supply and Output Delivery Protocol [1] of Damgard et al. to provide secure secret sharing and recombination methods in the client/server model of MPC. Therefore, sharing a secret will consume three Input Masks as well as two Multiplication Triples for each word (BigInteger) to be shared, and two InputMasks as well as two Multiplication Triples for each secret word to be retrieved.

By this, providing and retrieving a secret comes at high cost in terms of tuple consumption, but will reveal if any of the MPC parties behaves malicious when providing shared data. The DefaultAmphoraClient will throw an exception in case the verification fails according to the Output Delivery Protocol.

License

Carbyne Stack Amphora Secret Sharing Object Store is open-sourced under the Apache License 2.0. See the LICENSE file for details.

3rd Party Licenses

For information on how license obligations for 3rd party OSS dependencies are fulfilled see the README file of the Carbyne Stack repository.

Contributing

Please see the Carbyne Stack Contributor's Guide .

References

  1. Ivan Damgård, Kasper Damgård, Kurt Nielsen, Peter Sebastian Nordholt, Tomas Toft: Confidential Benchmarking based on Multiparty Computation. IACR Cryptology ePrint Archive 2015: 1006 (2015) https://eprint.iacr.org/2015/1006