Documentation
Rate This Document
Findability
Accuracy
Completeness
Readability
SubmitClose

Using KCAL

Description

KCAL includes arithmetic operators, private set intersection (PSI) operators, and private information retrieval (PIR) operators, and supports only two-party calculations.

  • The arithmetic operators include the cryptographic multiplication, comparison, division, sorting, summation, and averaging operators. These operators are used with the secret sharing and revealing features. The cryptographic multiplication, comparison, and division operators are two-variable operators that require input data shares of two parties for calculations. The cryptographic sorting, summation, and averaging operators are one-variable operators that perform operations on data shares in the single-vector format.
  • The PSI operator does not require the use of the secret sharing and revealing features. It returns either intersecting string data or the indices of the intersecting string data within the original datasets.
  • The PIR operator does not require the use of the secret sharing and revealing features. It involves a server (compute node 0) and a client (compute node 1). The server provides the query feature for the client. The server first performs offline calculations, and then collaborates with the client in the online phase to return the query output.

Enabling KCAL

Add the path to the dynamic library to the GCC compilation option, for example, -I /usr/local/include -L /usr/local/lib, to link this file.

Calling an arithmetic operator

The arithmetic operator performs calculation on two parties: compute nodes 0 and 1.

  1. Configure KCAL settings, such as communication APIs and node information, through DataGuard APIs.
  2. Initialize the function group for the arithmetic operator. This function group includes all the public APIs for the arithmetic operator.
  3. Apply the settings to KCAL during initialization.
  4. Set the information about all nodes.
  5. Exchange seed information.
  6. Select the appropriate compute node and call its corresponding API.
    • Compute node 0:
      1. Call the secret sharing API twice: once for receiving data shares of compute node 1, and again for splitting data of compute node 0 itself into shares and sending to compute node 1 the share size of compute node 0.
      2. Concatenate the data shares of both nodes in a specific order as input parameters for the calculate API.
      3. Call the calculate API to perform calculation based on the input operator type.
      4. Call the reveal API to obtain the final calculation output.
    • Compute node 1:
      1. Call the secret sharing API twice: once for splitting data of compute node 1 itself into shares and sending the data shares to compute node 0, and again for receiving the share size of compute node 0.
      2. Use all the data shares as the input parameters of the calculate API.
      3. Call the calculate API to perform calculation based on the input operator type.
      4. Call the reveal API to obtain the final calculation output.

Calling the PSI operator

  1. Configure KCAL settings, such as communication APIs and node IDs, through DataGuard APIs.
  2. Initialize the function group for the PSI operator. This function group includes all the public APIs for the PSI operator.
  3. Apply the settings to KCAL during initialization.
  4. Set the information about all nodes.
  5. Call the calculate API to calculate based on the PSI operator and obtain the final output.

Calling the PIR operator

  1. Configure KCAL settings, such as communication APIs and node IDs (node 0: server, and node 1: client), through DataGuard APIs.
  2. Initialize the function group for the PIR operator. This function group includes all the public APIs for the PIR operator.
  3. Apply the settings to KCAL.
  4. Set the information about all nodes.
  5. Select the appropriate compute node and call its corresponding API.
    • Compute node 0 (server)
      1. Call the offlineCalculate function API to construct bucket data, which is used for query on the client in the online phase.
      2. Call the serverCalculate function API to respond to a query from the client and return a queried value.
    • Compute node 1 (client)
      1. Once the offline calculation on the server is complete, call the clientCalculate function API and enter a key for query.
      2. Obtain the value corresponding to the key.

If either node (compute node 0 or compute node 1) returns an error code when calling an API, the node encountering the error needs to use a task scheduling mechanism to notify the other node to terminate the business process. For example, if compute node 1 returns an error code when calling the makeShare API and compute node 0 is waiting to receive shares, compute node 1, instead of the Software Development Kit (SDK) itself, needs to notify compute node 0 to stop receiving.

Integrating KCAL

KCAL is integrated into UNIX-like platforms as a linked library.

Parent topic: KCAL Installation