Documentation ¶
Overview ¶
Package ring implements RNS-accelerated modular arithmetic operations for polynomials, including: RNS basis extension; RNS rescaling; number theoretic transform (NTT); uniform, Gaussian and ternary sampling.
Index ¶
- Constants
- Variables
- func BRed(x, y, q uint64, u []uint64) (r uint64)
- func BRedAdd(a, q uint64, u []uint64) (r uint64)
- func BRedAddConstant(x, q uint64, u []uint64) uint64
- func BRedConstant(x, y, q uint64, u []uint64) (r uint64)
- func BRedParams(q uint64) (params []uint64)
- func CRed(a, q uint64) uint64
- func Copy(p0, p1 *Poly)
- func CopyLvl(level int, p0, p1 *Poly)
- func CopyValues(p0, p1 *Poly)
- func CopyValuesLvl(level int, p0, p1 *Poly)
- func Cos(x *big.Float) (cosx *big.Float)
- func DecodeCoeffs(pointer, N, numberModuli int, coeffs [][]uint64, data []byte) (int, error)
- func DecodeCoeffsNew(pointer, N, numberModuli int, coeffs [][]uint64, data []byte) (int, error)
- func DecodeCoeffsNew32(pointer, N, numberModuli int, coeffs [][]uint64, data []byte) (int, error)
- func DivRound(a, b, i *big.Int)
- func GenGaloisParams(n, gen uint64) (galElRotCol []uint64)
- func GenerateNTTPrimes(logQ, NthRoot, n int) (primes []uint64)
- func GenerateNTTPrimesP(logP, NthRoot, n int) (primes []uint64)
- func GenerateNTTPrimesQ(logQ, NthRoot, levels int) (primes []uint64)
- func InvMForm(a, q, qInv uint64) (r uint64)
- func InvMFormConstant(a, q, qInv uint64) (r uint64)
- func InvNTT(coeffsIn, coeffsOut []uint64, N int, nttPsiInv []uint64, ...)
- func InvNTTBarrett(coeffsIn, coeffsOut []uint64, N int, nttPsiInv []uint64, nttNInv, Q uint64, ...)
- func InvNTTLazy(coeffsIn, coeffsOut []uint64, N int, nttPsiInv []uint64, ...)
- func IsPrime(x uint64) bool
- func MForm(a, q uint64, u []uint64) (r uint64)
- func MFormConstant(a, q uint64, u []uint64) (r uint64)
- func MRed(x, y, q, qInv uint64) (r uint64)
- func MRedConstant(x, y, q, qInv uint64) (r uint64)
- func MRedParams(q uint64) (qInv uint64)
- func Min(x, y int) int
- func ModExp(x uint64, e int, p uint64) (result uint64)
- func NTT(coeffsIn, coeffsOut []uint64, N int, nttPsi []uint64, Q, mredParams uint64, ...)
- func NTTBarrett(coeffsIn, coeffsOut []uint64, N int, nttPsi []uint64, Q uint64, ...)
- func NTTLazy(coeffsIn, coeffsOut []uint64, N int, nttPsi []uint64, Q, QInv uint64, ...)
- func NewFloat(x float64, logPrecision int) (y *big.Float)
- func NewInt(v int64) *big.Int
- func NewIntFromString(s string) *big.Int
- func NewUint(v uint64) *big.Int
- func NextNTTPrime(q uint64, NthRoot int) (qNext uint64, err error)
- func PermuteNTT(polIn *Poly, gen uint64, polOut *Poly)
- func PermuteNTTIndex(galEl, N uint64) (index []uint64)
- func PermuteNTTLvl(level int, polIn *Poly, gen uint64, polOut *Poly)
- func PermuteNTTWithIndexAndAddNoModLvl(level int, polIn *Poly, index []uint64, polOut *Poly)
- func PermuteNTTWithIndexLvl(level int, polIn *Poly, index []uint64, polOut *Poly)
- func PowerOf2(x uint64, n int, q, qInv uint64) (r uint64)
- func PreviousNTTPrime(q uint64, NthRoot int) (qPrev uint64, err error)
- func RandInt(max *big.Int) (n *big.Int)
- func RandUniform(prng utils.PRNG, v uint64, mask uint64) (randomInt uint64)
- func WriteCoeffsTo(pointer, N, numberModuli int, coeffs [][]uint64, data []byte) (int, error)
- func WriteCoeffsTo32(pointer, N, numberModuli int, coeffs [][]uint64, data []byte) (int, error)
- type Complex
- type ComplexMultiplier
- type Decomposer
- type FastBasisExtender
- func (basisextender *FastBasisExtender) ModDownNTTPQ(level int, p1, p2 *Poly)
- func (basisextender *FastBasisExtender) ModDownPQ(level int, p1, p2 *Poly)
- func (basisextender *FastBasisExtender) ModDownSplitNTTPQ(level int, p1Q, p1P, p2 *Poly)
- func (basisextender *FastBasisExtender) ModDownSplitPQ(level int, p1Q, p1P, p2 *Poly)
- func (basisextender *FastBasisExtender) ModDownSplitQP(levelQ, levelP int, p1Q, p1P, p2 *Poly)
- func (basisextender *FastBasisExtender) ModUpSplitPQ(level int, p1, p2 *Poly)
- func (basisextender *FastBasisExtender) ModUpSplitQP(level int, p1, p2 *Poly)
- func (basisextender *FastBasisExtender) ShallowCopy() *FastBasisExtender
- type GaussianSampler
- func (gaussianSampler *GaussianSampler) Read(pol *Poly)
- func (gaussianSampler *GaussianSampler) ReadAndAddFromDistLvl(level int, pol *Poly, ring *Ring, sigma float64, bound int)
- func (gaussianSampler *GaussianSampler) ReadAndAddLvl(level int, pol *Poly)
- func (gaussianSampler *GaussianSampler) ReadFromDistLvl(level int, pol *Poly, ring *Ring, sigma float64, bound int)
- func (gaussianSampler *GaussianSampler) ReadLvl(level int, pol *Poly)
- func (gaussianSampler *GaussianSampler) ReadLvlNew(level int) (pol *Poly)
- func (gaussianSampler *GaussianSampler) ReadNew() (pol *Poly)
- type Parameters
- type Poly
- func (pol *Poly) Copy(p1 *Poly)
- func (pol *Poly) CopyNew() (p1 *Poly)
- func (pol *Poly) CopyValues(p1 *Poly)
- func (pol *Poly) DecodePolyNew(data []byte) (pointer int, err error)
- func (pol *Poly) DecodePolyNew32(data []byte) (pointer int, err error)
- func (pol *Poly) Degree() int
- func (pol *Poly) Equals(other *Poly) bool
- func (pol *Poly) GetCoefficients() (coeffs [][]uint64)
- func (pol *Poly) GetDataLen(WithMetadata bool) (cnt int)
- func (pol *Poly) GetDataLen32(WithMetadata bool) (cnt int)
- func (pol *Poly) LenModuli() int
- func (pol *Poly) Level() int
- func (pol *Poly) MarshalBinary() (data []byte, err error)
- func (pol *Poly) SetCoefficients(coeffs [][]uint64)
- func (pol *Poly) UnmarshalBinary(data []byte) (err error)
- func (pol *Poly) WriteCoeffs(data []byte) (int, error)
- func (pol *Poly) WriteTo(data []byte) (int, error)
- func (pol *Poly) WriteTo32(data []byte) (int, error)
- func (pol *Poly) Zero()
- type RNSScaler
- type Ring
- func (r *Ring) Add(p1, p2, p3 *Poly)
- func (r *Ring) AddLvl(level int, p1, p2, p3 *Poly)
- func (r *Ring) AddNoMod(p1, p2, p3 *Poly)
- func (r *Ring) AddNoModLvl(level int, p1, p2, p3 *Poly)
- func (r *Ring) AddScalar(p1 *Poly, scalar uint64, p2 *Poly)
- func (r *Ring) AddScalarBigint(p1 *Poly, scalar *big.Int, p2 *Poly)
- func (r *Ring) BitReverse(p1, p2 *Poly)
- func (r *Ring) DivFloorByLastModulus(p0, p1 *Poly)
- func (r *Ring) DivFloorByLastModulusMany(p0, p1 *Poly, nbRescales int)
- func (r *Ring) DivFloorByLastModulusManyNTT(p0, p1 *Poly, nbRescales int)
- func (r *Ring) DivFloorByLastModulusNTT(p0, p1 *Poly)
- func (r *Ring) DivRoundByLastModulus(p0, p1 *Poly)
- func (r *Ring) DivRoundByLastModulusMany(p0, p1 *Poly, nbRescales int)
- func (r *Ring) DivRoundByLastModulusManyNTT(p0, p1 *Poly, nbRescales int)
- func (r *Ring) DivRoundByLastModulusNTT(p0, p1 *Poly)
- func (r *Ring) Equal(p1, p2 *Poly) bool
- func (r *Ring) EqualLvl(level int, p1, p2 *Poly) bool
- func (r *Ring) InvMForm(p1, p2 *Poly)
- func (r *Ring) InvMFormLvl(level int, p1, p2 *Poly)
- func (r *Ring) InvNTT(p1, p2 *Poly)
- func (r *Ring) InvNTTBarrett(p1, p2 *Poly)
- func (r *Ring) InvNTTLazy(p1, p2 *Poly)
- func (r *Ring) InvNTTLazyLvl(level int, p1, p2 *Poly)
- func (r *Ring) InvNTTLvl(level int, p1, p2 *Poly)
- func (r *Ring) MForm(p1, p2 *Poly)
- func (r *Ring) MFormLvl(level int, p1, p2 *Poly)
- func (r *Ring) MarshalBinary() ([]byte, error)
- func (r *Ring) Mod(p1 *Poly, m uint64, p2 *Poly)
- func (r *Ring) MulByPow2(p1 *Poly, pow2 int, p2 *Poly)
- func (r *Ring) MulByPow2Lvl(level int, p1 *Poly, pow2 int, p2 *Poly)
- func (r *Ring) MulByPow2New(p1 *Poly, pow2 int) (p2 *Poly)
- func (r *Ring) MulByVectorMontgomery(p1 *Poly, vector []uint64, p2 *Poly)
- func (r *Ring) MulByVectorMontgomeryAndAddNoMod(p1 *Poly, vector []uint64, p2 *Poly)
- func (r *Ring) MulCoeffs(p1, p2, p3 *Poly)
- func (r *Ring) MulCoeffsAndAdd(p1, p2, p3 *Poly)
- func (r *Ring) MulCoeffsAndAddNoMod(p1, p2, p3 *Poly)
- func (r *Ring) MulCoeffsConstant(p1, p2, p3 *Poly)
- func (r *Ring) MulCoeffsMontgomery(p1, p2, p3 *Poly)
- func (r *Ring) MulCoeffsMontgomeryAndAdd(p1, p2, p3 *Poly)
- func (r *Ring) MulCoeffsMontgomeryAndAddLvl(level int, p1, p2, p3 *Poly)
- func (r *Ring) MulCoeffsMontgomeryAndAddNoMod(p1, p2, p3 *Poly)
- func (r *Ring) MulCoeffsMontgomeryAndAddNoModLvl(level int, p1, p2, p3 *Poly)
- func (r *Ring) MulCoeffsMontgomeryAndSub(p1, p2, p3 *Poly)
- func (r *Ring) MulCoeffsMontgomeryAndSubLvl(level int, p1, p2, p3 *Poly)
- func (r *Ring) MulCoeffsMontgomeryAndSubNoMod(p1, p2, p3 *Poly)
- func (r *Ring) MulCoeffsMontgomeryConstant(p1, p2, p3 *Poly)
- func (r *Ring) MulCoeffsMontgomeryConstantAndAddNoMod(p1, p2, p3 *Poly)
- func (r *Ring) MulCoeffsMontgomeryConstantAndAddNoModLvl(level int, p1, p2, p3 *Poly)
- func (r *Ring) MulCoeffsMontgomeryConstantLvl(level int, p1, p2, p3 *Poly)
- func (r *Ring) MulCoeffsMontgomeryLvl(level int, p1, p2, p3 *Poly)
- func (r *Ring) MulScalar(p1 *Poly, scalar uint64, p2 *Poly)
- func (r *Ring) MulScalarBigint(p1 *Poly, scalar *big.Int, p2 *Poly)
- func (r *Ring) MulScalarBigintLvl(level int, p1 *Poly, scalar *big.Int, p2 *Poly)
- func (r *Ring) MulScalarLvl(level int, p1 *Poly, scalar uint64, p2 *Poly)
- func (r *Ring) MultByMonomial(p1 *Poly, monomialDeg int, p2 *Poly)
- func (r *Ring) MultByMonomialNew(p1 *Poly, monomialDeg int) (p2 *Poly)
- func (r *Ring) NTT(p1, p2 *Poly)
- func (r *Ring) NTTBarrett(p1, p2 *Poly)
- func (r *Ring) NTTLazy(p1, p2 *Poly)
- func (r *Ring) NTTLazyLvl(level int, p1, p2 *Poly)
- func (r *Ring) NTTLvl(level int, p1, p2 *Poly)
- func (r *Ring) Neg(p1, p2 *Poly)
- func (r *Ring) NegLvl(level int, p1, p2 *Poly)
- func (r *Ring) NewPoly() *Poly
- func (r *Ring) NewPolyLvl(level int) *Poly
- func (r *Ring) Permute(polIn *Poly, gen uint64, polOut *Poly)
- func (r *Ring) PolyToBigint(p1 *Poly, coeffsBigint []*big.Int)
- func (r *Ring) PolyToBigintCenteredLvl(level int, p1 *Poly, coeffsBigint []*big.Int)
- func (r *Ring) PolyToBigintLvl(level int, p1 *Poly, coeffsBigint []*big.Int)
- func (r *Ring) PolyToString(p1 *Poly) []string
- func (r *Ring) Reduce(p1, p2 *Poly)
- func (r *Ring) ReduceConstant(p1, p2 *Poly)
- func (r *Ring) ReduceConstantLvl(level int, p1, p2 *Poly)
- func (r *Ring) ReduceLvl(level int, p1, p2 *Poly)
- func (r *Ring) Rotate(p1 *Poly, n int, p2 *Poly)
- func (r *Ring) SetCoefficientsBigint(coeffs []*big.Int, p1 *Poly)
- func (r *Ring) SetCoefficientsBigintLvl(level int, coeffs []*big.Int, p1 *Poly)
- func (r *Ring) SetCoefficientsInt64(coeffs []int64, p1 *Poly)
- func (r *Ring) SetCoefficientsString(coeffs []string, p1 *Poly)
- func (r *Ring) SetCoefficientsUint64(coeffs []uint64, p1 *Poly)
- func (r *Ring) Shift(p1 *Poly, n int, p2 *Poly)
- func (r *Ring) Sub(p1, p2, p3 *Poly)
- func (r *Ring) SubLvl(level int, p1, p2, p3 *Poly)
- func (r *Ring) SubNoMod(p1, p2, p3 *Poly)
- func (r *Ring) SubNoModLvl(level int, p1, p2, p3 *Poly)
- func (r *Ring) SubScalar(p1 *Poly, scalar uint64, p2 *Poly)
- func (r *Ring) SubScalarBigint(p1 *Poly, scalar *big.Int, p2 *Poly)
- func (r *Ring) UnmarshalBinary(data []byte) error
- type Scaler
- type SimpleScaler
- type TernarySampler
- type UniformSampler
Constants ¶
const SimpleScalerFloatPrecision = 80
SimpleScalerFloatPrecision is the precision in bits for the big.Float in the scaling by t/Q.
Variables ¶
var DefaultParams = []Parameters{ {12, Qi60[len(Qi60)-2:], Pi60[len(Pi60)-2:]}, {13, Qi60[len(Qi60)-4:], Pi60[len(Pi60)-4:]}, {14, Qi60[len(Qi60)-7:], Pi60[len(Pi60)-7:]}, {15, Qi60[len(Qi60)-14:], Pi60[len(Pi60)-14:]}, {16, Qi60[len(Qi60)-29:], Pi60[len(Pi60)-29:]}, }
DefaultParams is a struct storing default test parameters of the Qi and Pi moduli for the package Ring.
var Pi60 = []uint64{0x1ffffffff6c80001, 0x1ffffffff6140001, 0x1ffffffff5f40001, 0x1ffffffff5700001,
0x1ffffffff4bc0001, 0x1ffffffff4380001, 0x1ffffffff3240001, 0x1ffffffff2dc0001,
0x1ffffffff1a40001, 0x1ffffffff11c0001, 0x1ffffffff0fc0001, 0x1ffffffff0d80001,
0x1ffffffff0c80001, 0x1ffffffff08c0001, 0x1fffffffefd00001, 0x1fffffffef9c0001,
0x1fffffffef600001, 0x1fffffffeef40001, 0x1fffffffeed40001, 0x1fffffffeed00001,
0x1fffffffeebc0001, 0x1fffffffed540001, 0x1fffffffed440001, 0x1fffffffed2c0001,
0x1fffffffed200001, 0x1fffffffec940001, 0x1fffffffec6c0001, 0x1fffffffebe80001,
0x1fffffffebac0001, 0x1fffffffeba40001, 0x1fffffffeb4c0001, 0x1fffffffeb280001}
Pi60 are the next [32:64] 61-bit close to 2^{62} NTT-friendly primes for N up to 2^{17}
var Qi60 = []uint64{0x1fffffffffe00001, 0x1fffffffffc80001, 0x1fffffffffb40001, 0x1fffffffff500001,
0x1fffffffff380001, 0x1fffffffff000001, 0x1ffffffffef00001, 0x1ffffffffee80001,
0x1ffffffffeb40001, 0x1ffffffffe780001, 0x1ffffffffe600001, 0x1ffffffffe4c0001,
0x1ffffffffdf40001, 0x1ffffffffdac0001, 0x1ffffffffda40001, 0x1ffffffffc680001,
0x1ffffffffc000001, 0x1ffffffffb880001, 0x1ffffffffb7c0001, 0x1ffffffffb300001,
0x1ffffffffb1c0001, 0x1ffffffffadc0001, 0x1ffffffffa400001, 0x1ffffffffa140001,
0x1ffffffff9d80001, 0x1ffffffff9140001, 0x1ffffffff8ac0001, 0x1ffffffff8a80001,
0x1ffffffff81c0001, 0x1ffffffff7800001, 0x1ffffffff7680001, 0x1ffffffff7080001}
Qi60 are the first [0:32] 61-bit close to 2^{62} NTT-friendly primes for N up to 2^{17}
Functions ¶
func BRedAddConstant ¶
BRedAddConstant computes a mod q in constant time. The result is between 0 and 2*q-1.
func BRedConstant ¶
BRedConstant computes x*y mod q in constant time. The result is between 0 and 2*q-1.
func BRedParams ¶
BRedParams computes the parameters for the BRed algorithm. Returns ((2^128)/q)/(2^64) and (2^128)/q mod 2^64.
func Copy ¶
func Copy(p0, p1 *Poly)
Copy copies the coefficients of p0 on p1 within the given Ring. It requires p1 to be at least as big p0. Expects the degree of both polynomials to be identical. Transfers the IsNTT and IsMForm flags.
func CopyLvl ¶
CopyLvl copies the coefficients of p0 on p1 within the given Ring for the moduli from 0 to level. Expects the degree of both polynomials to be identical. Transfers the IsNTT and IsMForm flags.
func CopyValues ¶
func CopyValues(p0, p1 *Poly)
CopyValues copies the coefficients of p0 on p1 within the given Ring. It requires p1 to be at least as big p0. Expects the degree of both polynomials to be identical. Does not transfer the IsNTT and IsMForm flags.
func CopyValuesLvl ¶
CopyValuesLvl copies the coefficients of p0 on p1 within the given Ring for the moduli from 0 to level. Expects the degree of both polynomials to be identical. Does not transfer the IsNTT and IsMForm flags.
func Cos ¶
Cos implements the arbitrary precision computation of Cos(x) Iterative process with an error of ~10^{−0.60206*k} after k iterations. ref: Johansson, B. Tomas, An elementary algorithm to evaluate trigonometric functions to high precision, 2018
func DecodeCoeffs ¶
DecodeCoeffs converts a byte array to a matrix of coefficients.
func DecodeCoeffsNew ¶
DecodeCoeffsNew converts a byte array to a matrix of coefficients.
func DecodeCoeffsNew32 ¶
DecodeCoeffsNew32 converts a byte array to a matrix of coefficients.
func GenGaloisParams ¶
GenGaloisParams generates the generators for the Galois endomorphisms.
func GenerateNTTPrimes ¶
GenerateNTTPrimes generates n NthRoot NTT friendly primes given logQ = size of the primes. It will return all the appropriate primes, up to the number of n, with the best available deviation from the base power of 2 for the given n.
func GenerateNTTPrimesP ¶
GenerateNTTPrimesP generates "levels" different NthRoot NTT-friendly primes starting from 2**LogP and downward. Special case were primes close to 2^{LogP} but with a smaller bit-size than LogP are sought.
func GenerateNTTPrimesQ ¶
GenerateNTTPrimesQ generates "levels" different NthRoot NTT-friendly primes starting from 2**LogQ and alternating between upward and downward.
func InvMForm ¶
InvMForm switches a from the Montgomery domain back to the standard domain by computing a*(1/2^64) mod q.
func InvMFormConstant ¶
InvMFormConstant switches a from the Montgomery domain back to the standard domain by computing a*(1/2^64) mod q in constant time. The result is between 0 and 2*q-1.
func InvNTT ¶
InvNTT computes the InvNTT transformation on the input coefficients using the input parameters.
func InvNTTBarrett ¶
func InvNTTBarrett(coeffsIn, coeffsOut []uint64, N int, nttPsiInv []uint64, nttNInv, Q uint64, bredParams []uint64)
InvNTTBarrett computes the Inverse NTT using Barrett reduction. For benchmark purposes only.
func InvNTTLazy ¶
func InvNTTLazy(coeffsIn, coeffsOut []uint64, N int, nttPsiInv []uint64, nttNInv, Q, mredParams uint64)
InvNTTLazy computes the InvNTT transformation on the input coefficients using the input parameters with output values in the range [0, 2q-1].
func MFormConstant ¶
MFormConstant switches a to the Montgomery domain by computing a*2^64 mod q in constant time. The result is between 0 and 2*q-1.
func MRedConstant ¶
MRedConstant computes x * y * (1/2^64) mod q in constant time. The result is between 0 and 2*q-1.
func MRedParams ¶
MRedParams computes the parameter qInv = (q^-1) mod 2^64, required for MRed.
func ModExp ¶
ModExp performs the modular exponentiation x^e mod p, x and p are required to be at most 64 bits to avoid an overflow.
func NTT ¶
func NTT(coeffsIn, coeffsOut []uint64, N int, nttPsi []uint64, Q, mredParams uint64, bredParams []uint64)
NTT computes the NTT on the input coefficients using the input parameters.
func NTTBarrett ¶
func NTTBarrett(coeffsIn, coeffsOut []uint64, N int, nttPsi []uint64, Q uint64, bredParams []uint64)
NTTBarrett computes the NTT using Barrett reduction. For benchmark purposes only.
func NTTLazy ¶
func NTTLazy(coeffsIn, coeffsOut []uint64, N int, nttPsi []uint64, Q, QInv uint64, bredParams []uint64)
NTTLazy computes the NTT on the input coefficients using the input parameters with output values in the range [0, 2q-1].
func NewIntFromString ¶
NewIntFromString creates a new Int from a string. A prefix of “0x” or “0X” selects base 16; the “0” prefix selects base 8, and a “0b” or “0B” prefix selects base 2. Otherwise, the selected base is 10.
func NextNTTPrime ¶
NextNTTPrime returns the next NthRoot NTT prime after q. The input q must be itself an NTT prime for the given NthRoot.
func PermuteNTT ¶
PermuteNTT applies the Galois transform on a polynomial in the NTT domain. It maps the coefficients x^i to x^(gen*i) It must be noted that the result cannot be in-place.
func PermuteNTTIndex ¶
PermuteNTTIndex computes the index table for PermuteNTT.
func PermuteNTTLvl ¶
PermuteNTTLvl applies the Galois transform on a polynomial in the NTT domain, up to a given level. It maps the coefficients x^i to x^(gen*i) It must be noted that the result cannot be in-place.
func PermuteNTTWithIndexAndAddNoModLvl ¶
PermuteNTTWithIndexAndAddNoModLvl applies the Galois transform on a polynomial in the NTT domain, up to a given level, and adds the result to the output polynomial without modular reduction. It maps the coefficients x^i to x^(gen*i) using the PermuteNTTIndex table. It must be noted that the result cannot be in-place.
func PermuteNTTWithIndexLvl ¶
PermuteNTTWithIndexLvl applies the Galois transform on a polynomial in the NTT domain, up to a given level. It maps the coefficients x^i to x^(gen*i) using the PermuteNTTIndex table. It must be noted that the result cannot be in-place.
func PreviousNTTPrime ¶
PreviousNTTPrime returns the previous NthRoot NTT prime after q. The input q must be itself an NTT prime for the given NthRoot.
func RandUniform ¶
RandUniform samples a uniform randomInt variable in the range [0, mask] until randomInt is in the range [0, v-1]. mask needs to be of the form 2^n -1.
func WriteCoeffsTo ¶
WriteCoeffsTo converts a matrix of coefficients to a byte array.
Types ¶
type Complex ¶
Complex is a type for arbitrary precision complex number
func NewComplex ¶
NewComplex creates a new arbitrary precision complex number
func (*Complex) Float64 ¶
func (c *Complex) Float64() complex128
Float64 returns the arbitrary precision complex number as a complex128
type ComplexMultiplier ¶
type ComplexMultiplier struct {
// contains filtered or unexported fields
}
ComplexMultiplier is a struct for the multiplication or division of two arbitrary precision complex numbers
func NewComplexMultiplier ¶
func NewComplexMultiplier() (cEval *ComplexMultiplier)
NewComplexMultiplier creates a new ComplexMultiplier
func (*ComplexMultiplier) Div ¶
func (cEval *ComplexMultiplier) Div(a, b, c *Complex)
Div divides two arbitrary precision complex numbers together
func (*ComplexMultiplier) Mul ¶
func (cEval *ComplexMultiplier) Mul(a, b, c *Complex)
Mul multiplies two arbitrary precision complex numbers together
type Decomposer ¶
Decomposer is a structure that stores the parameters of the arbitrary decomposer. This decomposer takes a p(x)_Q (in basis Q) and returns p(x) mod qi in basis QP, where qi = prod(Q_i) for 0<=i<=L, where L is the number of factors in P.
func NewDecomposer ¶
func NewDecomposer(Q, P []uint64) (decomposer *Decomposer)
NewDecomposer creates a new Decomposer.
func (*Decomposer) DecomposeAndSplit ¶
func (decomposer *Decomposer) DecomposeAndSplit(level, crtDecompLevel int, p0, p1Q, p1P *Poly)
DecomposeAndSplit decomposes a polynomial p(x) in basis Q, reduces it modulo qi, and returns the result in basis QP separately.
func (*Decomposer) Xalpha ¶
func (decomposer *Decomposer) Xalpha() (xalpha []int)
Xalpha returns a slice that contains all the values of #Qi/#Pi.
type FastBasisExtender ¶
type FastBasisExtender struct {
// contains filtered or unexported fields
}
FastBasisExtender stores the necessary parameters for RNS basis extension. The used algorithm is from https://eprint.iacr.org/2018/117.pdf.
func NewFastBasisExtender ¶
func NewFastBasisExtender(ringQ, ringP *Ring) *FastBasisExtender
NewFastBasisExtender creates a new FastBasisExtender, enabling RNS basis extension from Q to P and P to Q.
func (*FastBasisExtender) ModDownNTTPQ ¶
func (basisextender *FastBasisExtender) ModDownNTTPQ(level int, p1, p2 *Poly)
ModDownNTTPQ reduces the basis RNS of a polynomial in the NTT domain from QP to Q and divides its coefficients by P. Given a polynomial with coefficients in basis {Q0,Q1....Qlevel,P0,P1...Pj}, it reduces its basis from {Q0,Q1....Qlevel,P0,P1...Pj} to {Q0,Q1....Qlevel} and performs a rounded integer division of the result by P. Inputs must be in the NTT domain.
func (*FastBasisExtender) ModDownPQ ¶
func (basisextender *FastBasisExtender) ModDownPQ(level int, p1, p2 *Poly)
ModDownPQ reduces the basis of a polynomial. Given a polynomial with coefficients in basis {Q0,Q1....Qlevel,P0,P1...Pj}, it reduces its basis from {Q0,Q1....Qlevel,P0,P1...Pj} to {Q0,Q1....Qlevel} and does a rounded integer division of the result by P.
func (*FastBasisExtender) ModDownSplitNTTPQ ¶
func (basisextender *FastBasisExtender) ModDownSplitNTTPQ(level int, p1Q, p1P, p2 *Poly)
ModDownSplitNTTPQ reduces the basis of a polynomial. Given a polynomial with coefficients in basis {Q0,Q1....Qi} and {P0,P1...Pj}, it reduces its basis from {Q0,Q1....Qi} and {P0,P1...Pj} to {Q0,Q1....Qi} and does a rounded integer division of the result by P. Inputs must be in the NTT domain.
func (*FastBasisExtender) ModDownSplitPQ ¶
func (basisextender *FastBasisExtender) ModDownSplitPQ(level int, p1Q, p1P, p2 *Poly)
ModDownSplitPQ reduces the basis of a polynomial. Given a polynomial with coefficients in basis {Q0,Q1....Qlevel} and {P0,P1...Pj}, it reduces its basis from {Q0,Q1....Qlevel} and {P0,P1...Pj} to {Q0,Q1....Qlevel} and does a rounded integer division of the result by P.
func (*FastBasisExtender) ModDownSplitQP ¶
func (basisextender *FastBasisExtender) ModDownSplitQP(levelQ, levelP int, p1Q, p1P, p2 *Poly)
ModDownSplitQP reduces the basis of a polynomial. Given a polynomial with coefficients in basis {Q0,Q1....QlevelQ} and {P0,P1...PlevelP}, it reduces its basis from {Q0,Q1....QlevelQ} and {P0,P1...PlevelP} to {P0,P1...PlevelP} and does a floored integer division of the result by Q.
func (*FastBasisExtender) ModUpSplitPQ ¶
func (basisextender *FastBasisExtender) ModUpSplitPQ(level int, p1, p2 *Poly)
ModUpSplitPQ extends the RNS basis of a polynomial from P to PQ. Given a polynomial with coefficients in basis {P0,P1....Plevel}, it extends its basis from {P0,P1....Plevel} to {Q0,Q1...Qj}
func (*FastBasisExtender) ModUpSplitQP ¶
func (basisextender *FastBasisExtender) ModUpSplitQP(level int, p1, p2 *Poly)
ModUpSplitQP extends the RNS basis of a polynomial from Q to QP. Given a polynomial with coefficients in basis {Q0,Q1....Qlevel}, it extends its basis from {Q0,Q1....Qlevel} to {Q0,Q1....Qlevel,P0,P1...Pj}
func (*FastBasisExtender) ShallowCopy ¶
func (basisextender *FastBasisExtender) ShallowCopy() *FastBasisExtender
ShallowCopy creates a shallow copy of this basis extender in which the read-only data-structures are shared with the receiver.
type GaussianSampler ¶
type GaussianSampler struct {
// contains filtered or unexported fields
}
GaussianSampler keeps the state of a truncated Gaussian polynomial sampler.
func NewGaussianSampler ¶
NewGaussianSampler creates a new instance of GaussianSampler from a PRNG, a ring definition and the truncated Gaussian distribution parameters. Sigma is the desired standard deviation and bound is the maximum coefficient norm in absolute value.
func (*GaussianSampler) Read ¶
func (gaussianSampler *GaussianSampler) Read(pol *Poly)
Read samples a truncated Gaussian polynomial on "pol" at the maximum level in the default ring, standard deviation and bound.
func (*GaussianSampler) ReadAndAddFromDistLvl ¶
func (gaussianSampler *GaussianSampler) ReadAndAddFromDistLvl(level int, pol *Poly, ring *Ring, sigma float64, bound int)
ReadAndAddFromDistLvl samples a truncated Gaussian polynomial at the given level in the provided ring, standard deviation and bound and adds it on "pol".
func (*GaussianSampler) ReadAndAddLvl ¶
func (gaussianSampler *GaussianSampler) ReadAndAddLvl(level int, pol *Poly)
ReadAndAddLvl samples a truncated Gaussian polynomial at the given level for the receiver's default standard deviation and bound and adds it on "pol".
func (*GaussianSampler) ReadFromDistLvl ¶
func (gaussianSampler *GaussianSampler) ReadFromDistLvl(level int, pol *Poly, ring *Ring, sigma float64, bound int)
ReadFromDistLvl samples a truncated Gaussian polynomial at the given level in the provided ring, standard deviation and bound.
func (*GaussianSampler) ReadLvl ¶
func (gaussianSampler *GaussianSampler) ReadLvl(level int, pol *Poly)
ReadLvl samples a truncated Gaussian polynomial at the provided level, in the default ring, standard deviation and bound.
func (*GaussianSampler) ReadLvlNew ¶
func (gaussianSampler *GaussianSampler) ReadLvlNew(level int) (pol *Poly)
ReadLvlNew samples a new truncated Gaussian polynomial at the provided level, in the default ring, standard deviation and bound.
func (*GaussianSampler) ReadNew ¶
func (gaussianSampler *GaussianSampler) ReadNew() (pol *Poly)
ReadNew samples a new truncated Gaussian polynomial at the maximum level in the default ring, standard deviation and bound.
type Parameters ¶
type Parameters struct {
// contains filtered or unexported fields
}
Parameters is a struct storing test parameters for the package Ring.
type Poly ¶
type Poly struct { Coeffs [][]uint64 // Coefficients in CRT representation IsNTT bool IsMForm bool }
Poly is the structure that contains the coefficients of a polynomial.
func NewPoly ¶
NewPoly creates a new polynomial with N coefficients set to zero and nbModuli moduli.
func (*Poly) Copy ¶
Copy copies the coefficients of p1 on the target polynomial. Onyl copies minLevel(pol, p1) levels. Transfers the IsNTT and IsMForm flags.
func (*Poly) CopyValues ¶
CopyValues copies the coefficients of p1 on the target polynomial. Onyl copies minLevel(pol, p1) levels. Expects the degree of both polynomials to be identical. Does not transfer the IsNTT and IsMForm flags.
func (*Poly) DecodePolyNew ¶
DecodePolyNew decodes a slice of bytes in the target polynomial returns the number of bytes decoded.
func (*Poly) DecodePolyNew32 ¶
DecodePolyNew32 decodes a slice of bytes in the target polynomial returns the number of bytes decoded.
func (*Poly) Degree ¶
Degree returns the number of coefficients of the polynomial, which equals the degree of the Ring cyclotomic polynomial.
func (*Poly) Equals ¶
Equals returns true if the receiver Poly is equal to the provided other Poly. This function checks for strict equality between the polynomial coefficients (i.e., it does not consider congruence as equality within the ring like `Ring.Equals` does). Will not check if IsNTT and IsMForm flags are equal
func (*Poly) GetCoefficients ¶
GetCoefficients returns a new double slice that contains the coefficients of the polynomial.
func (*Poly) GetDataLen ¶
GetDataLen returns the number of bytes the polynomial will take when written to data. It can take into account meta data if necessary.
func (*Poly) GetDataLen32 ¶
GetDataLen32 returns the number of bytes the polynomial will take when written to data. It can take into account meta data if necessary.
func (*Poly) MarshalBinary ¶
MarshalBinary encodes the target polynomial on a slice of bytes.
func (*Poly) SetCoefficients ¶
SetCoefficients sets the coefficients of the polynomial directly from a CRT format (double slice).
func (*Poly) UnmarshalBinary ¶
UnmarshalBinary decodes a slice of byte on the target polynomial.
func (*Poly) WriteCoeffs ¶
WriteCoeffs writes the coefficients to the given data array. It fails if the data array is not big enough to contain the ring.Poly
func (*Poly) WriteTo ¶
WriteTo writes the given poly to the data array. It returns the number of written bytes, and the corresponding error, if it occurred.
type RNSScaler ¶
type RNSScaler struct {
// contains filtered or unexported fields
}
RNSScaler implements the Scaler interface by performing a scaling by t/Q in the RNS domain. This implementation of the Scaler interface is preferred over the SimpleScaler implementation.
func NewRNSScaler ¶
NewRNSScaler creates a new SimpleScaler from t, the modulus under which the reconstruction is returned, the Ring in which the polynomial to reconstruct is represented.
func (*RNSScaler) DivByQOverTRounded ¶
DivByQOverTRounded returns p1 scaled by a factor t/Q and mod t on the receiver p2.
type Ring ¶
type Ring struct { // Polynomial nb.Coefficients N int // Moduli Modulus []uint64 // 2^bit_length(Qi) - 1 Mask []uint64 // Indicates whether NTT can be used with the current ring. AllowsNTT bool // Product of the Moduli ModulusBigint *big.Int // Fast reduction parameters BredParams [][]uint64 MredParams []uint64 RescaleParams [][]uint64 //NTT Parameters PsiMont []uint64 //2N-th primitive root in Montgomery form PsiInvMont []uint64 //2N-th inverse primitive root in Montgomery form NttPsi [][]uint64 //powers of the inverse of the 2N-th primitive root in Montgomery form (in bit-reversed order) NttPsiInv [][]uint64 //powers of the inverse of the 2N-th primitive root in Montgomery form (in bit-reversed order) NttNInv []uint64 //[N^-1] mod Qi in Montgomery form }
Ring is a structure that keeps all the variables required to operate on a polynomial represented in this ring.
func NewRing ¶
NewRing creates a new RNS Ring with degree N and coefficient moduli Moduli. N must be a power of two larger than 8. Moduli should be a non-empty []uint64 with distinct prime elements. For the Ring instance to support NTT operation, these elements must also be equal to 1 modulo 2*N. Non-nil r and error are returned in the case of non NTT-enabling parameters.
func (*Ring) AddLvl ¶
AddLvl adds p1 to p2 coefficient-wise for the moduli from q_0 up to q_level and writes the result on p3.
func (*Ring) AddNoMod ¶
AddNoMod adds p1 to p2 coefficient-wise without modular reduction and writes the result on p3.
func (*Ring) AddNoModLvl ¶
AddNoModLvl adds p1 to p2 coefficient-wise without modular reduction for the moduli from q_0 up to q_level and writes the result on p3.
func (*Ring) AddScalar ¶
AddScalar adds a scalar to each coefficient of p1 and writes the result on p2.
func (*Ring) AddScalarBigint ¶
AddScalarBigint adds a big.Int scalar to each coefficient of p1 and writes the result on p2.
func (*Ring) BitReverse ¶
BitReverse applies a bit reverse permutation on the coefficients of p1 and writes the result on p2. In can safely be used for in-place permutation.
func (*Ring) DivFloorByLastModulus ¶
DivFloorByLastModulus divides (floored) the polynomial by its last modulus. Output poly level must be equal or one less than input level.
func (*Ring) DivFloorByLastModulusMany ¶
DivFloorByLastModulusMany divides (floored) sequentially nbRescales times the polynomial by its last modulus. Output poly level must be equal or nbRescales less than input level.
func (*Ring) DivFloorByLastModulusManyNTT ¶
DivFloorByLastModulusManyNTT divides (floored) sequentially nbRescales times the polynomial by its last modulus. Input must be in the NTT domain. Output poly level must be equal or nbRescales less than input level.
func (*Ring) DivFloorByLastModulusNTT ¶
DivFloorByLastModulusNTT divides (floored) the polynomial by its last modulus. The input must be in the NTT domain. Output poly level must be equal or one less than input level.
func (*Ring) DivRoundByLastModulus ¶
DivRoundByLastModulus divides (rounded) the polynomial by its last modulus. The input must be in the NTT domain. Output poly level must be equal or one less than input level.
func (*Ring) DivRoundByLastModulusMany ¶
DivRoundByLastModulusMany divides (rounded) sequentially nbRescales times the polynomial by its last modulus. Output poly level must be equal or nbRescales less than input level.
func (*Ring) DivRoundByLastModulusManyNTT ¶
DivRoundByLastModulusManyNTT divides (rounded) sequentially nbRescales times the polynomial by its last modulus. The input must be in the NTT domain. Output poly level must be equal or nbRescales less than input level.
func (*Ring) DivRoundByLastModulusNTT ¶
DivRoundByLastModulusNTT divides (rounded) the polynomial by its last modulus. The input must be in the NTT domain. Output poly level must be equal or one less than input level.
func (*Ring) InvMForm ¶
InvMForm switches back p1 from the Montgomery domain to the conventional domain and writes the result on p2.
func (*Ring) InvMFormLvl ¶
InvMFormLvl switches back p1 from the Montgomery domain to the conventional domain and writes the result on p2.
func (*Ring) InvNTTBarrett ¶
InvNTTBarrett performs the inverse NTT operation using Barrett reduction. For benchmark purposes only.
func (*Ring) InvNTTLazy ¶
InvNTTLazy computes the inverse-NTT of p1 and returns the result on p2. Output values are in the range [0, 2q-1]
func (*Ring) InvNTTLazyLvl ¶
InvNTTLazyLvl computes the inverse-NTT of p1 and returns the result on p2. The value level defines the number of moduli of the input polynomials. Output values are in the range [0, 2q-1]
func (*Ring) InvNTTLvl ¶
InvNTTLvl computes the inverse-NTT of p1 and returns the result on p2. The value level defines the number of moduli of the input polynomials.
func (*Ring) MFormLvl ¶
MFormLvl switches p1 to the Montgomery domain for the moduli from q_0 up to q_level and writes the result on p2.
func (*Ring) MarshalBinary ¶
MarshalBinary encodes the target ring on a slice of bytes.
func (*Ring) Mod ¶
Mod applies a modular reduction by m on the coefficients of p1 and writes the result on p2.
func (*Ring) MulByPow2Lvl ¶
MulByPow2Lvl multiplies p1 by 2^pow2 for the moduli from q_0 up to q_level and writes the result on p2.
func (*Ring) MulByPow2New ¶
MulByPow2New multiplies p1 by 2^pow2 and returns the result in a new polynomial p2.
func (*Ring) MulByVectorMontgomery ¶
MulByVectorMontgomery multiplies p1 by a vector of uint64 coefficients and writes the result on p2.
func (*Ring) MulByVectorMontgomeryAndAddNoMod ¶
MulByVectorMontgomeryAndAddNoMod multiplies p1 by a vector of uint64 coefficients and adds the result on p2 without modular reduction.
func (*Ring) MulCoeffs ¶
MulCoeffs multiplies p1 by p2 coefficient-wise, performs a Barrett modular reduction and writes the result on p3.
func (*Ring) MulCoeffsAndAdd ¶
MulCoeffsAndAdd multiplies p1 by p2 coefficient-wise with a Barret modular reduction and adds the result to p3.
func (*Ring) MulCoeffsAndAddNoMod ¶
MulCoeffsAndAddNoMod multiplies p1 by p2 coefficient-wise with a Barrett modular reduction and adds the result to p3 without modular reduction.
func (*Ring) MulCoeffsConstant ¶
MulCoeffsConstant multiplies p1 by p2 coefficient-wise with a constant-time Barrett modular reduction and writes the result on p3.
func (*Ring) MulCoeffsMontgomery ¶
MulCoeffsMontgomery multiplies p1 by p2 coefficient-wise with a Montgomery modular reduction and returns the result on p3.
func (*Ring) MulCoeffsMontgomeryAndAdd ¶
MulCoeffsMontgomeryAndAdd multiplies p1 by p2 coefficient-wise with a Montgomery modular reduction and adds the result to p3.
func (*Ring) MulCoeffsMontgomeryAndAddLvl ¶
MulCoeffsMontgomeryAndAddLvl multiplies p1 by p2 coefficient-wise with a Montgomery modular reduction for the moduli from q_0 up to q_level and adds the result to p3.
func (*Ring) MulCoeffsMontgomeryAndAddNoMod ¶
MulCoeffsMontgomeryAndAddNoMod multiplies p1 by p2 coefficient-wise with a Montgomery modular reduction and adds the result to p3 without modular reduction.
func (*Ring) MulCoeffsMontgomeryAndAddNoModLvl ¶
MulCoeffsMontgomeryAndAddNoModLvl multiplies p1 by p2 coefficient-wise with a Montgomery modular reduction for the moduli from q_0 up to q_level and adds the result to p3 without modular reduction.
func (*Ring) MulCoeffsMontgomeryAndSub ¶
MulCoeffsMontgomeryAndSub multiplies p1 by p2 coefficient-wise with a Montgomery modular reduction and subtracts the result from p3.
func (*Ring) MulCoeffsMontgomeryAndSubLvl ¶
MulCoeffsMontgomeryAndSubLvl multiplies p1 by p2 coefficient-wise with a Montgomery modular reduction and subtracts the result from p3.
func (*Ring) MulCoeffsMontgomeryAndSubNoMod ¶
MulCoeffsMontgomeryAndSubNoMod multiplies p1 by p2 coefficient-wise with a Montgomery modular reduction and subtracts the result from p3 without modular reduction.
func (*Ring) MulCoeffsMontgomeryConstant ¶
MulCoeffsMontgomeryConstant multiplies p1 by p2 coefficient-wise with a constant-time Montgomery modular reduction and writes the result on p3.
func (*Ring) MulCoeffsMontgomeryConstantAndAddNoMod ¶
MulCoeffsMontgomeryConstantAndAddNoMod multiplies p1 by p2 coefficient-wise with a Montgomery modular reduction and adds the result to p3 without modular reduction. Return values in [0, 3q-1]
func (*Ring) MulCoeffsMontgomeryConstantAndAddNoModLvl ¶
MulCoeffsMontgomeryConstantAndAddNoModLvl multiplies p1 by p2 coefficient-wise with a constant-time Montgomery modular reduction for the moduli from q_0 up to q_level and adds the result to p3 without modular reduction. Return values in [0, 3q-1]
func (*Ring) MulCoeffsMontgomeryConstantLvl ¶
MulCoeffsMontgomeryConstantLvl multiplies p1 by p2 coefficient-wise with a Montgomery modular reduction for the moduli from q_0 up to q_level and returns the result on p3.
func (*Ring) MulCoeffsMontgomeryLvl ¶
MulCoeffsMontgomeryLvl multiplies p1 by p2 coefficient-wise with a Montgomery modular reduction for the moduli from q_0 up to q_level and returns the result on p3.
func (*Ring) MulScalar ¶
MulScalar multiplies each coefficient of p1 by a scalar and writes the result on p2.
func (*Ring) MulScalarBigint ¶
MulScalarBigint multiplies each coefficient of p1 by a big.Int scalar and writes the result on p2.
func (*Ring) MulScalarBigintLvl ¶
MulScalarBigintLvl multiplies each coefficient of p1 by a big.Int scalar for the moduli from q_0 up to q_level and writes the result on p2.
func (*Ring) MulScalarLvl ¶
MulScalarLvl multiplies each coefficient of p1 by a scalar for the moduli from q_0 up to q_level and writes the result on p2.
func (*Ring) MultByMonomial ¶
MultByMonomial multiplies p1 by x^monomialDeg and writes the result on p2.
func (*Ring) MultByMonomialNew ¶
MultByMonomialNew multiplies p1 by x^monomialDeg and writes the result on a new polynomial p2.
func (*Ring) NTTBarrett ¶
NTTBarrett performs the NTT operation using Barrett reduction. For benchmark purposes only.
func (*Ring) NTTLazy ¶
NTTLazy computes the NTT of p1 and returns the result on p2. Output values are in the range [0, 2q-1]
func (*Ring) NTTLazyLvl ¶
NTTLazyLvl computes the NTT of p1 and returns the result on p2. The value level defines the number of moduli of the input polynomials. Output values are in the range [0, 2q-1]
func (*Ring) NTTLvl ¶
NTTLvl computes the NTT of p1 and returns the result on p2. The value level defines the number of moduli of the input polynomials.
func (*Ring) Neg ¶
Neg sets all coefficients of p1 to their additive inverse and writes the result on p2.
func (*Ring) NegLvl ¶
NegLvl sets the coefficients of p1 to their additive inverse for the moduli from q_0 up to q_level and writes the result on p2.
func (*Ring) NewPolyLvl ¶
NewPolyLvl creates a new polynomial with all coefficients set to 0.
func (*Ring) Permute ¶
Permute applies the Galois transform on a polynomial outside of the NTT domain. It maps the coefficients x^i to x^(gen*i) It must be noted that the result cannot be in-place.
func (*Ring) PolyToBigint ¶
PolyToBigint reconstructs p1 and returns the result in an array of Int.
func (*Ring) PolyToBigintCenteredLvl ¶
PolyToBigintCenteredLvl reconstructs p1 and returns the result in an array of Int. Coefficients are centered around Q/2
func (*Ring) PolyToBigintLvl ¶
PolyToBigintLvl reconstructs p1 and returns the result in an array of Int.
func (*Ring) PolyToString ¶
PolyToString reconstructs p1 and returns the result in an array of string.
func (*Ring) Reduce ¶
Reduce applies a modular reduction on the coefficients of p1 and writes the result on p2.
func (*Ring) ReduceConstant ¶
ReduceConstant applies a modular reduction on the coefficients of p1 and writes the result on p2. Return values in [0, 2q-1]
func (*Ring) ReduceConstantLvl ¶
ReduceConstantLvl applies a modular reduction on the coefficients of p1 for the moduli from q_0 up to q_level and writes the result on p2. Return values in [0, 2q-1]
func (*Ring) ReduceLvl ¶
ReduceLvl applies a modular reduction on the coefficients of p1 for the moduli from q_0 up to q_level and writes the result on p2.
func (*Ring) Rotate ¶
Rotate applies a Galois automorphism on p1 in NTT form, rotating the coefficients to the right by n positions, and writes the result on p2. It requires the data to be permuted in bit-reversal order before applying the NTT.
func (*Ring) SetCoefficientsBigint ¶
SetCoefficientsBigint sets the coefficients of p1 from an array of Int variables.
func (*Ring) SetCoefficientsBigintLvl ¶
SetCoefficientsBigintLvl sets the coefficients of p1 from an array of Int variables.
func (*Ring) SetCoefficientsInt64 ¶
SetCoefficientsInt64 sets the coefficients of p1 from an int64 array.
func (*Ring) SetCoefficientsString ¶
SetCoefficientsString parses an array of string as Int variables, and sets the coefficients of p1 with these Int variables.
func (*Ring) SetCoefficientsUint64 ¶
SetCoefficientsUint64 sets the coefficients of p1 from an uint64 array.
func (*Ring) Shift ¶
Shift circulary shifts the coefficients of the polynomial p1 by n positions to the left and writes the result on p2.
func (*Ring) SubNoMod ¶
SubNoMod subtracts p2 to p1 coefficient-wise without modular reduction and returns the result on p3.
func (*Ring) SubNoModLvl ¶
SubNoModLvl subtracts p2 to p1 coefficient-wise without modular reduction for the moduli from q_0 up to q_level and writes the result on p3.
func (*Ring) SubScalar ¶
SubScalar subtracts a scalar from each coefficient of p1 and writes the result on p2.
func (*Ring) SubScalarBigint ¶
SubScalarBigint subtracts a big.Int scalar from each coefficient of p1 and writes the result on p2.
func (*Ring) UnmarshalBinary ¶
UnmarshalBinary decodes a slice of bytes on the target Ring.
type Scaler ¶
type Scaler interface { // DivByQOverTRounded returns p1 scaled by a factor t/Q and mod t on the receiver p2. DivByQOverTRounded(p1, p2 *Poly) }
Scaler is an interface that rescales polynomial coefficients by a fraction t/Q.
type SimpleScaler ¶
type SimpleScaler struct {
// contains filtered or unexported fields
}
SimpleScaler implements the Scaler interface by performing an RNS reconstruction and scaling by t/Q. This implementation of the Scaler interface is less efficient than the RNSScaler, but uses simple multi-precision arithmetic of the math/big package.
func NewSimpleScaler ¶
func NewSimpleScaler(t uint64, ringQ *Ring) (ss *SimpleScaler)
NewSimpleScaler creates a new SimpleScaler from t, the modulus under which the reconstruction is returned, and ringQ, the Ring in which the polynomial to reconstruct is represented.
func (*SimpleScaler) DivByQOverTRounded ¶
func (ss *SimpleScaler) DivByQOverTRounded(p1, p2 *Poly)
DivByQOverTRounded returns p1 scaled by a factor t/Q and mod t on the receiver p2.
type TernarySampler ¶
type TernarySampler struct {
// contains filtered or unexported fields
}
TernarySampler keeps the state of a polynomial sampler in the ternary distribution.
func NewTernarySampler ¶
NewTernarySampler creates a new instance of TernarySampler from a PRNG, the ring definition and the distribution parameters: p is the probability of a coefficient being 0, (1-p)/2 is the probability of 1 and -1. If "montgomery" is set to true, polynomials read from this sampler are in Montgomery form.
func NewTernarySamplerSparse ¶
func NewTernarySamplerSparse(prng utils.PRNG, baseRing *Ring, hw int, montgomery bool) *TernarySampler
NewTernarySamplerSparse creates a new instance of a fixed-hamming-weight TernarySampler from a PRNG, the ring definition and the desired hamming weight for the output polynomials. If "montgomery" is set to true, polynomials read from this sampler are in Montgomery form.
func (*TernarySampler) Read ¶
func (ts *TernarySampler) Read(pol *Poly)
Read samples a polynomial into pol.
func (*TernarySampler) ReadLvl ¶
func (ts *TernarySampler) ReadLvl(lvl int, pol *Poly)
ReadLvl samples a polynomial into pol at the speciefied level.
func (*TernarySampler) ReadLvlNew ¶
func (ts *TernarySampler) ReadLvlNew(lvl int) (pol *Poly)
ReadLvlNew allocates and samples a polynomial at the speficied level.
func (*TernarySampler) ReadNew ¶
func (ts *TernarySampler) ReadNew() (pol *Poly)
ReadNew allocates and samples a polynomial at the max level.
type UniformSampler ¶
type UniformSampler struct {
// contains filtered or unexported fields
}
UniformSampler wraps a util.PRNG and represents the state of a sampler of uniform polynomials.
func NewUniformSampler ¶
func NewUniformSampler(prng utils.PRNG, baseRing *Ring) *UniformSampler
NewUniformSampler creates a new instance of UniformSampler from a PRNG and ring definition.
func (*UniformSampler) Read ¶
func (uniformSampler *UniformSampler) Read(Pol *Poly)
Read generates a new polynomial with coefficients following a uniform distribution over [0, Qi-1].
func (*UniformSampler) ReadLvl ¶
func (uniformSampler *UniformSampler) ReadLvl(level int, Pol *Poly)
ReadLvl generates a new polynomial with coefficients following a uniform distribution over [0, Qi-1].
func (*UniformSampler) ReadLvlNew ¶
func (uniformSampler *UniformSampler) ReadLvlNew(level int) (Pol *Poly)
ReadLvlNew generates a new polynomial with coefficients following a uniform distribution over [0, Qi-1]. Polynomial is created at the specified level.
func (*UniformSampler) ReadNew ¶
func (uniformSampler *UniformSampler) ReadNew() (Pol *Poly)
ReadNew generates a new polynomial with coefficients following a uniform distribution over [0, Qi-1]. Polynomial is created at the max level.