Module prio::vdaf

(NOTE: This module is experimental. Applications should not use it yet.) This module implements the prio3 Verifiable Distributed Aggregation Function specified in [VDAF]. It is constructed from a Value.

Modules

suite

This module implements the cryptographic dependencies for our VDAF implementation. This includes a stream cipher (here we call it a KeyStream) and a pseudorandom function whose output size is the same as the key size (we call this a KeyDeriver).

Structs

InputShareMessage

The message sent by the client to each aggregator. This includes the client’s input share and the initial message of the input-validation protocol.

VerifyMessage

The message sent by an aggregator to every other aggregator. This is the final message of the input-validation protocol.

VerifyParam

The verification parameter used by each aggregator to evaluate the VDAF.

VerifyState

The state of each aggregator.

Enums

Share

A share of an input or proof for Prio.

VdafError

Errors emitted by this module.

Functions

prio3_finish

The verify-finish algorithm of the VDAF. Run by each aggregator, this consumes the VerifyMessage messages broadcast by all of the aggregators and produces the aggregator’s input share.

prio3_input

The input-distribution algorithm of the VDAF. Run by the client, this generates the sequence of InputShareMessage messages to send to the aggregators. Note that this particular VDAF does not have a public parameter.

prio3_start

The verify-start algorithm of the VDAF. Run by each aggregator, this consumes the InputShareMessage message sent from the client and produces the VerifyMessage message that will be broadcast to the other aggregators. This VDAF does not involve an aggregation parameter.