ABY

A Framework for Efficient Mixed-Protocol Secure Two-Party Computation

By Daniel Demmler, Thomas Schneider and Michael Zohner (ENCRYPTO, TU Darmstadt)
in Network and Distributed System Security Symposium (NDSS'15). Paper available here.

Features

ABY efficiently combines secure computation schemes based on Arithmetic sharing, Boolean sharing, and Yao’s garbled circuits and makes available best-practice solutions in secure two-party computation. It allows to pre-compute almost all cryptographic operations and provides novel, highly efficient conversions between secure computation schemes based on pre-computed oblivious transfer extensions. ABY supports several standard operations and provides example applications.

This code is provided as a experimental implementation for testing purposes and should not be used in a productive environment. We cannot guarantee security and correctness.

Requirements

A Linux distribution of your choice (ABY was developed and tested with recent versions of Debian and Ubuntu).
Required packages for ABY:
Install these packages with your favorite package manager, e.g, sudo apt-get install <package-name>.
Optional packages: doxygen and graphviz to create your own Doxygen documentation of the code.

ABY Sourcecode

File System Structure

/bin/ - Executables.
/src/ - Source code.
src/abycore/ - Source of the internal ABY functions.
src/examples/ - Example applications. Each application has a /common directory that holds the functionality (circuit). The idea is to re-use this circuit even outside of the application. The application's root directory contains a .cpp file with main method that runs the circuit and is used to verify correctness.
src/test/ - Currently one application to test internal ABY functions as well as example applications and print debug information.

Building the ABY Framework

Clone a copy of the main ABY git repository and its submodules by running:
```
git clone --recursive git://github.com/encryptogroup/ABY
```
Enter the Framework directory: cd ABY/
Call make in the root directory of ABY to compile all dependencies, tests, and examples and create the corresponding executables.

Makefile Options

Building ABY

In most cases you should be fine with simply running make in the ABY root directory. This will invoke make all, which will obviously build everything and is called by default. There are several options you can pass to make to build parts of ABY.

make miracl - build the Miracl library, which is included as submodule according to their build instructions
make core - build only the core files of ABY, requires Miracl
make examples - build all examples and create executables for them, requires core
make test - build the tests and create an executable, requires core

Testing ABY

make runtest - executes the test binary for both roles in 1 terminal

Cleaning ABY

make clean - cleans all binaries plus example and test object files
make cleanmore - same as make clean plus ABY core object files
make cleanall - same as make cleanmore plus Miracl library objects

Doxygen Documentation

See the online doxygen documentation of ABY for further information and comments on the code.

ABY Applications

Included Example Applications

The Millionaire's Problem was proposed by Yao in 1982. Two parties want to find out who is richer, without revealing their actual wealth. This simple example can be used as starting point for your own ABY application.
Secure computation AES, where one party inputs the key and the other party inputs a message to collaboratively encrypt.
The Euclidean Distance for two 2-dimensional coordinates.
The Minimum Euclidean Distance for finding the closest match between one d-dimensional element and a database of n d-dimensional elements.
The Arithmetic Inner Product that multiplies N values component-wise and then adds all multiplication results (modulo 16 Bit in this case).
Further example applications will be added soon.

Running Applications

Make sure you have called make and the application's binary was created in bin/.
To locally execute an application, run the created executable from two different terminals and pass all required parameters accordingly.
By default applications are tested locally (via sockets on localhost). You can run them on two different machines by specifying IP addresses and ports as parameters.
Example: The Millionaire's problem requires to specify the role of the executing party. All other parameters will use default values if they are not set. You execute it locally with: ./millionaire_prob.exe -r 0 and ./millionaire_prob.exe -r 1, each in a separate terminal.
You should get some debug output for you to verify the correctness of the computation.
Performance statistics can be turned on by uncommenting //#define PRINT_PERFORMANCE_STATS in src/abycore/aby/abyparty.h in line 46.

Creating and Building your own ABY Application

Create a copy of the folder millionaire_prob inside the examples/ directory and give it a meaningful name, e.g. my_application:

cd src/examples/
cp -r millionaire_prob/ my_application/

We now work in this newly created folder, e.g. cd my_application/.
You can rename the file names inside your folder, just make sure to reference them correctly within each other. The included Makefile is generic and should be left unchanged.
Follow the comments in the included .cpp files to get an idea how to create an ABY example.
The common/ directory should contain a description of the circuit (its functionality) and ideally a function to test this circuit. The root .cpp should contain a main() method that calls this test function and passes the correct parameters.
When ready to build, simply execute make in your example's directory or in the ABY root directory.
On successful build an executable with the name my_application.exe is created in bin/ (this depends on the directory name you chose).

m4n1c22/ABY

ABY