Maintenance

• Disassembler
• Run-time parameter for probabilistic truncation error
• Probabilistic truncation for some protocols computing modulo a prime
• Simplified C++ interface
• Comparison as in ACCO
• More general scalar-vector multiplication
• Complete memory support for clear bits
• Extended clear bit functionality with Yao's garbled circuits
• Allow preprocessing information to be supplied via named pipes
• In-place operations for containers

Maintenance

• Tested on Apple laptop with ARM chip
• Restore trusted client interface
• Directly accessible softmax function
• Signature in preprocessing files to reduce confusing errors
• Improved error messages for connection issues
• Documentation of low-level share types and protocol pairs

Optimized matrix multiplication in Hemi

• Optimized matrix multiplication in Hemi
• Improved client communication
• Private integer division as per Veugen and Abspoel
• Compiler option to translate some Python control flow instructions
  to run-time instructions
• Functionality to break out of run-time loops
• Run-time range check of data structure accesses
• Improved documentation of network infrastructure

ATLAS

• ATLAS
• Keras-like interface
• Iterative linear solution approximation
• Binary output
• HighGear/LowGear key generation for wider range of parameters by default
• Dabit generation for smaller primes and malicious security
• More consistent type model
• Improved local computation
• Optimized GF(2^8) for CCD
• NTL only needed for computation with GF(2^40)
• Virtual machines suggest compile-time optimizations
• Improved documentation of types

Training of convolutional neural networks

• Training of convolutional neural networks
• Bit decomposition using edaBits
• Ability to force MAC checks from high-level code
• Ability to close client connection from high-level code
• Binary operators for comparison results
• Faster compilation for emulation
• More documentation
• Fixed bug in dense layer back-propagation
• Fixed security bug: insufficient LowGear secret key randomness
• Fixed security bug: skewed random bit generation

ARM support

• ARM support
• Base OTs optionally without SimpleOT/AVX
• Use OpenSSL instead of Crypto++ for elliptic curves
• Post-sacrifice binary computation with replicated secret sharing similar
  to Araki et al.
• More flexible multithreading

Distributed key generation for homomorphic encryption with active security

• Distributed key generation for homomorphic encryption with active security similar to Rotaru et al.
• Homomorphic encryption parameters more similar to SCALE-MAMBA
• Fixed security bug: all-zero secret keys in homomorphic encryption
• Fixed security bug: missing check in binary Rep4
• Fixed security bug: insufficient "blaming" (covert security) in CowGear and ChaiGear due to low default security parameter

Maintenance

• Infrastructure for random element generation
• Programs generating as much preprocessing data as required by a particular high-level program
• Smaller binaries
• Cleaning up code
• Removing unused virtual machine instructions
• Fixed security bug: wrong MAC check in SPDZ2k input tuple generation

Various improvements

• Virtual machines automatically use the modulus used during compilation
• Non-linear computation modulo a prime without large gap in bit length
• Fewer communication rounds in several protocols

Rep4, SPDZ-wise, MNIST training

• Rep4: honest-majority four-party computation with malicious security
• SY/SPDZ-wise: honest-majority computation with malicious security based on replicated or Shamir secret sharing
• Training with a sequence of dense layers
• Training and inference for multi-class classification
• Local share conversion for semi-honest protocols based on additive secret sharing modulo a power of two
• edaBit generation based on local share conversion
• Optimize exponentiation with local share conversion
• Optimize Shamir pseudo-random secret sharing using a hyper-invertible matrix
• Mathematical functions (exponentiation, logarithm, square root, and trigonometric functions) with binary circuits
• Direct construction of fixed-point values from any type, breaking sfix(x) where x is the integer representation of a fixed-point number. Use sfix._new(x) instead.
• Optimized dot product for sfix
• Matrix multiplication via operator overloading uses VM-optimized multiplication.
• Fake preprocessing for daBits and edaBits
• Fixed security bug: insufficient randomness in SemiBin random bit generation.
• Fixed security bug: insufficient randomization of FKOS15 inputs.
• Fixed security bug in binary computation with SPDZ(2k).