This is the paper artifacts (implementation and raw benchmark results) for the Dora paper. The implementation is based on swanky a Rust library for MPC and OT-based zero-knowledge proofs created by Galois. Part of the implementation was understaken while interning at Galois in the summer of 2023.

The relevant parts of swanky for the Dora paper recide in diet-mac-and-cheese which is a single threaded implementation of QuickSilver, see this directory for more information about how to reproduce the results of the paper.

swanky provides a suite of rust libraries for doing secure computation.

• bristol-fashion: A parser for Bristol Fashion circuits.
• fancy-garbling: Boolean and arithmetic garbled circuits.
  • twopac: Two-party garbled-circuit-based secure computation.
• humidor: Implementation of the Ligero zero knowledge proof system.
• keyed_arena: Bump allocator which allows for random access to its allocations.
• inferno: An implementation of the Limbo zero-knowledge proof system.
• ocelot: Oblivious transfer and oblivious PRFs.
• popsicle: Private-set intersection.
• scuttlebutt: Core primitives used by other swanky crates.
• simple-arith-circuit: Simple flat arithmetic circuit representation.
• swanky-field: Definitions of the core FiniteField and FiniteRing traits
• swanky-field-binary: Binary (extension) finite fields
• swanky-field-f61p: The finite field for the 61-bit mersenne prime
• swanky-field-ff-primes: Arithmetic fields of prime order larger than 64
• swanky-field-fft: Utilities for performing FFTs on fields
• swanky-field-test: Utilities for testing that finite field implementations are correct
• swanky-generic-array: Utilities to make it easier to use generic arrays from the generic-array crate
• swanky-serialization: Traits and utilities for compact serialization into a canonical byte representation

swanky is currently considered prototype software. Do not deploy it in production, or trust it with sensitive data.

The preferred way to use swanky is to fork this monorepo, and add your code to your fork. This approach makes it easy for your code to inherit the configuration of the swanky repo.

It is also possible to use swanky as traditional Rust crates. The downside of this approach is that you won't automatically get the configuration of the swanky repo. swanky is only tested against the pinned rust version in the repository and the pinned dependency versions.

To use a swanky crate in your project, add the following line to the [dependencies] entry in Cargo.toml:

<crate-name> = { git = "https://github.com/GaloisInc/swanky", rev = "xxxxxx" }

where <crate-name> is one of the crates listed above and rev is the particular revision to use.

Note: As swanky is currently considered prototype software, it is best to pin a particular revision of swanky, as there is no guarantee that future versions of swanky will maintain backwards compatibility.

It is also advisable to copy over swanky's .cargo/config file, and to enable LTO in your release builds (lto = true in your Cargo.toml file).

If you use swanky in your academic paper, please cite it as follows:

@misc{swanky,
    author = {{Galois, Inc.}},
    title = {{swanky}: A suite of rust libraries for secure computation},
    howpublished = {\url{https://github.com/GaloisInc/swanky}},
    year = 2019,
}

To generate documentation, please use etc/rustdoc.py in lieu of cargo doc.

MIT License

You can contact the swanky team at [email protected].

• Brent Carmer
• Ben Hamlin
• Alex J. Malozemoff
• Benoit Razet
• Marc Rosen

This material is based upon work supported in part by ARO, SSC Pacific, IARPA and DARPA under Contract Nos. W911NF-15-C-0227, N66001-15-C-4070, 2019-1902070006, and HR001120C0085.

Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the ARO, SSC Pacific, IARPA and DARPA. Distribution Statement ``A'' (Approved for Public Release, Distribution Unlimited).

Copyright © 2019-2022 Galois, Inc.