dckks

package
v0.0.0-...-36c1e98 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 9, 2022 License: Apache-2.0 Imports: 8 Imported by: 0

Documentation

Overview

Package dckks implements a distributed (or threshold) version of the CKKS scheme that enables secure multiparty computation solutions with secret-shared secret keys.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GetMinimumLevelForBootstrapping 

func GetMinimumLevelForBootstrapping(lambda int, scale float64, nParties int, moduli []uint64) (minLevel, logBound int, ok bool)

GetMinimumLevelForBootstrapping takes the security parameter lambda, the ciphertext scale, the number of parties and the moduli chain and returns the minimum level at which the collective refresh can be called with a security of at least 128-bits. It returns 3 parameters : minLevel : the minimum level at which the collective refresh must be called to ensure correctness logBound : the bit length of the masks to be sampled to mask the plaintext and ensure 128-bits of statistical indistinguishability ok : a boolean flag, which is set to false if no such instance exist

Types

type CKGProtocol 

type CKGProtocol struct {
	drlwe.CKGProtocol
}

CKGProtocol is the structure storing the parameters and state for a party in the collective key generation protocol.

func NewCKGProtocol 

func NewCKGProtocol(params ckks.Parameters) *CKGProtocol

NewCKGProtocol creates a new CKGProtocol instance

type CKSProtocol 

type CKSProtocol struct {
	drlwe.CKSProtocol
}

CKSProtocol is a structure storing the parameters for the collective key-switching protocol.

func NewCKSProtocol 

func NewCKSProtocol(params ckks.Parameters, sigmaSmudging float64) (cks *CKSProtocol)

NewCKSProtocol creates a new CKSProtocol that will be used to operate a collective key-switching on a ciphertext encrypted under a collective public-key, whose secret-shares are distributed among j parties, re-encrypting the ciphertext under another public-key, whose secret-shares are also known to the parties.

func (*CKSProtocol) KeySwitchCKKS 

func (cks *CKSProtocol) KeySwitchCKKS(combined *drlwe.CKSShare, ct *ckks.Ciphertext, ctOut *ckks.Ciphertext)

KeySwitchCKKS performs the actual keyswitching operation on a ciphertext ct and put the result in ctOut

type E2SProtocol 

type E2SProtocol struct {
	CKSProtocol
	// contains filtered or unexported fields
}

E2SProtocol is the structure storing the parameters and temporary buffers required by the encryption-to-shares protocol.

func NewE2SProtocol 

func NewE2SProtocol(params ckks.Parameters, sigmaSmudging float64) *E2SProtocol

NewE2SProtocol creates a new E2SProtocol struct from the passed CKKS parameters.

func (E2SProtocol) AllocateShare 

func (e2s E2SProtocol) AllocateShare(level int) (share *drlwe.CKSShare)

AllocateShare allocates a share of the E2S protocol

func (*E2SProtocol) GenShare 

func (e2s *E2SProtocol) GenShare(sk *rlwe.SecretKey, logBound, logSlots int, ct *ckks.Ciphertext, secretShareOut *rlwe.AdditiveShareBigint, publicShareOut *drlwe.CKSShare)

GenShare generates a party's share in the encryption-to-shares protocol. This share consist in the additive secret-share of the party which is written in secretShareOut and in the public masked-decryption share written in publicShareOut. This protocol requires additional inputs which are : logBound : the bit length of the masks logSlots : the bit length of the number of slots

The method "GetMinimumLevelForBootstrapping" should be used to get the minimum level at which E2S can be called while still ensure 128-bits of security, as well as the value for logBound.

func (*E2SProtocol) GetShare 

func (e2s *E2SProtocol) GetShare(secretShare *rlwe.AdditiveShareBigint, aggregatePublicShare *drlwe.CKSShare, ct *ckks.Ciphertext, secretShareOut *rlwe.AdditiveShareBigint)

GetShare is the final step of the encryption-to-share protocol. It performs the masked decryption of the target ciphertext followed by a the removal of the caller's secretShare as generated in the GenShare method. If the caller is not secret-key-share holder (i.e., didn't generate a decryption share), `secretShare` can be set to nil. Therefore, in order to obtain an additive sharing of the message, only one party should call this method, and the other parties should use the secretShareOut output of the GenShare method.

type MaskedTransformFunc 

type MaskedTransformFunc func(coeffsIn, coeffsOut []*ring.Complex)

MaskedTransformFunc is a method template for linear transforms that can be evaluated on a ciphertext during its collective refresh

type MaskedTransformProtocol 

type MaskedTransformProtocol struct {
	// contains filtered or unexported fields
}

MaskedTransformProtocol is a struct storing the parameters for the MaskedTransformProtocol protocol.

func NewMaskedTransformProtocol 

func NewMaskedTransformProtocol(params ckks.Parameters, precision int, sigmaSmudging float64) (rfp *MaskedTransformProtocol)

NewMaskedTransformProtocol creates a new instance of the PermuteProtocol.

func (*MaskedTransformProtocol) Aggregate 

func (rfp *MaskedTransformProtocol) Aggregate(share1, share2, shareOut *MaskedTransformShare)

Aggregate sums share1 and share2 on shareOut.

func (*MaskedTransformProtocol) AllocateShare 

func (rfp *MaskedTransformProtocol) AllocateShare(levelDecrypt, levelRecrypt int) *MaskedTransformShare

AllocateShare allocates the shares of the PermuteProtocol

func (*MaskedTransformProtocol) GenShares 

func (rfp *MaskedTransformProtocol) GenShares(sk *rlwe.SecretKey, logBound, logSlots int, ct *ckks.Ciphertext, crs *ring.Poly, transform MaskedTransformFunc, shareOut *MaskedTransformShare)

GenShares generates the shares of the PermuteProtocol This protocol requires additional inputs which are : logBound : the bit length of the masks logSlots : the bit length of the number of slots

The method "GetMinimumLevelForBootstrapping" should be used to get the minimum level at which the masked transform can be called while still ensure 128-bits of security, as well as the value for logBound.

func (*MaskedTransformProtocol) Transform 

func (rfp *MaskedTransformProtocol) Transform(ct *ckks.Ciphertext, logSlots int, transform MaskedTransformFunc, crs *ring.Poly, share *MaskedTransformShare, ciphertextOut *ckks.Ciphertext)

Transform applies Decrypt, Recode and Recrypt on the input ciphertext.

type MaskedTransformShare 

type MaskedTransformShare struct {
	// contains filtered or unexported fields
}

MaskedTransformShare is a struct storing the decryption and recryption shares.

func (*MaskedTransformShare) MarshalBinary 

func (share *MaskedTransformShare) MarshalBinary() (data []byte, err error)

MarshalBinary encodes a RefreshShare on a slice of bytes.

func (*MaskedTransformShare) UnmarshalBinary 

func (share *MaskedTransformShare) UnmarshalBinary(data []byte) error

UnmarshalBinary decodes a marshaled RefreshShare on the target RefreshShare.

type PCKSProtocol 

type PCKSProtocol struct {
	drlwe.PCKSProtocol
}

PCKSProtocol is the structure storing the parameters for the collective public key-switching.

func NewPCKSProtocol 

func NewPCKSProtocol(params ckks.Parameters, sigmaSmudging float64) *PCKSProtocol

NewPCKSProtocol creates a new PCKSProtocol object and will be used to re-encrypt a ciphertext ctx encrypted under a secret-shared key mong j parties under a new collective public-key.

func (*PCKSProtocol) KeySwitchCKKS 

func (pcks *PCKSProtocol) KeySwitchCKKS(combined *drlwe.PCKSShare, ct, ctOut *ckks.Ciphertext)

KeySwitchCKKS performs the actual keyswitching operation on a ciphertext ct and put the result in ctOut

type RKGProtocol 

type RKGProtocol struct {
	drlwe.RKGProtocol
}

RKGProtocol is the structure storing the parameters and state for a party in the collective relinearization key generation protocol.

func NewRKGProtocol 

func NewRKGProtocol(params ckks.Parameters) *RKGProtocol

NewRKGProtocol creates a new RKGProtocol object that will be used to generate a collective evaluation-key among j parties in the given context with the given bit-decomposition.

type RTGProtocol 

type RTGProtocol struct {
	drlwe.RTGProtocol
}

RTGProtocol is the structure storing the parameters for the collective rotation-keys generation.

func NewRotKGProtocol 

func NewRotKGProtocol(params ckks.Parameters) (rtg *RTGProtocol)

NewRotKGProtocol creates a new rotkg object and will be used to generate collective rotation-keys from a shared secret-key among j parties.

type RefreshProtocol 

type RefreshProtocol struct {
	MaskedTransformProtocol
}

RefreshProtocol is a struct storing the relevant parameters for the Refresh protocol.

func NewRefreshProtocol 

func NewRefreshProtocol(params ckks.Parameters, precision int, sigmaSmudging float64) (rfp *RefreshProtocol)

NewRefreshProtocol creates a new Refresh protocol instance.

func (*RefreshProtocol) Aggregate 

func (rfp *RefreshProtocol) Aggregate(share1, share2, shareOut *RefreshShare)

Aggregate aggregates two parties' shares in the Refresh protocol.

func (*RefreshProtocol) AllocateShare 

func (rfp *RefreshProtocol) AllocateShare(minLevel, maxLevel int) *RefreshShare

AllocateShare allocates the shares of the PermuteProtocol

func (*RefreshProtocol) Finalize 

func (rfp *RefreshProtocol) Finalize(ciphertext *ckks.Ciphertext, logSlots int, crs *ring.Poly, share *RefreshShare, ciphertextOut *ckks.Ciphertext)

Finalize applies Decrypt, Recode and Recrypt on the input ciphertext.

func (*RefreshProtocol) GenShares 

func (rfp *RefreshProtocol) GenShares(sk *rlwe.SecretKey, logBound, logSlots int, ciphertext *ckks.Ciphertext, crs *ring.Poly, shareOut *RefreshShare)

GenShares generates a share for the Refresh protocol. This protocol requires additional inputs which are : logBound : the bit length of the masks logSlots : the bit length of the number of slots

The method "GetMinimumLevelForBootstrapping" should be used to get the minimum level at which the refresh can be called while still ensure 128-bits of security, as well as the value for logBound.

type RefreshShare 

type RefreshShare struct {
	MaskedTransformShare
}

RefreshShare is a struct storing a party's share in the Refresh protocol.

type S2EProtocol 

type S2EProtocol struct {
	CKSProtocol
	// contains filtered or unexported fields
}

S2EProtocol is the structure storing the parameters and temporary buffers required by the shares-to-encryption protocol.

func NewS2EProtocol 

func NewS2EProtocol(params ckks.Parameters, sigmaSmudging float64) *S2EProtocol

NewS2EProtocol creates a new S2EProtocol struct from the passed CKKS parameters.

func (S2EProtocol) AllocateShare 

func (s2e S2EProtocol) AllocateShare(level int) (share *drlwe.CKSShare)

AllocateShare allocates a share of the S2E protocol

func (*S2EProtocol) GenShare 

func (s2e *S2EProtocol) GenShare(sk *rlwe.SecretKey, c1 *ring.Poly, secretShare *rlwe.AdditiveShareBigint, c0ShareOut *drlwe.CKSShare)

GenShare generates a party's in the shares-to-encryption protocol given the party's secret-key share `sk`, a common polynomial sampled from the CRS `c1` and the party's secret share of the message.

func (*S2EProtocol) GetEncryption 

func (s2e *S2EProtocol) GetEncryption(c0Agg *drlwe.CKSShare, c1 *ring.Poly, ctOut *ckks.Ciphertext)

GetEncryption computes the final encryption of the secret-shared message when provided with the aggregation `c0Agg` of the parties' share in the protocol and with the common, CRS-sampled polynomial `c1`.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.