Documentation ¶
Overview ¶
Package he implements scheme agnostic functionalities for RLWE-based Homomorphic Encryption schemes implemented in Lattice.
Index ¶
- func BSGSIndex(nonZeroDiags []int, slots, N1 int) (index map[int][]int, rotN1, rotN2 []int)
- func EncodeLinearTransformation[T any](encoder Encoder[T, ringqp.Poly], diagonals Diagonals[T], ...) (err error)
- func EvaluateGianStep(i int, giantSteps []int, babySteps []*BabyStep, eval Evaluator, pb PowerBasis) (err error)
- func EvaluateLinearTranformationSequential(evalLT EvaluatorForLinearTransformation, evalDiag EvaluatorForDiagonalMatrix, ...) (err error)
- func EvaluateLinearTransformationsMany(evalLT EvaluatorForLinearTransformation, evalDiag EvaluatorForDiagonalMatrix, ...) (err error)
- func EvaluateMonomial(a, b, xpow *rlwe.Ciphertext, eval Evaluator) (err error)
- func EvaluatePatersonStockmeyerPolynomialVector[T any](eval Evaluator, poly PatersonStockmeyerPolynomialVector, ...) (res *rlwe.Ciphertext, err error)
- func EvaluatePolynomial(eval EvaluatorForPolynomial, input interface{}, p interface{}, ...) (opOut *rlwe.Ciphertext, err error)
- func EvaluatePolynomialVectorFromPowerBasis[T any](eval Evaluator, targetLevel int, pol PolynomialVector, cg CoefficientGetter[T], ...) (res *rlwe.Ciphertext, err error)
- func FindBestBSGSRatio(nonZeroDiags []int, maxN int, logMaxRatio int) (minN int)
- func GaloisElementsForLinearTransformation(params rlwe.ParameterProvider, diags []int, ...) (galEls []uint64)
- func GetPreRotatedCiphertextForDiagonalMatrixMultiplication(levelQ int, eval EvaluatorForLinearTransformation, ctIn *rlwe.Ciphertext, ...) (err error)
- func MultiplyByDiagMatrix(eval EvaluatorForLinearTransformation, ctIn *rlwe.Ciphertext, ...) (err error)
- func MultiplyByDiagMatrixBSGS(eval EvaluatorForLinearTransformation, ctIn *rlwe.Ciphertext, ...) (err error)
- func SplitDegree(n int) (a, b int)
- type BabyStep
- type Bootstrapper
- type CoefficientGetter
- type Diagonals
- type Encoder
- type Evaluator
- type EvaluatorForDiagonalMatrix
- type EvaluatorForLinearTransformation
- type EvaluatorForPolynomial
- type LinearTransformation
- type LinearTransformationParameters
- type PatersonStockmeyerPolynomial
- type PatersonStockmeyerPolynomialVector
- type Polynomial
- type PolynomialVector
- func (p PolynomialVector) Factorize(n int) (polyq, polyr PolynomialVector)
- func (p PolynomialVector) GetPatersonStockmeyerPolynomial(params rlwe.Parameters, inputLevel int, inputScale, outputScale rlwe.Scale, ...) PatersonStockmeyerPolynomialVector
- func (p PolynomialVector) IsEven() (even bool)
- func (p PolynomialVector) IsOdd() (odd bool)
- type PowerBasis
- func (p PowerBasis) BinarySize() (size int)
- func (p *PowerBasis) GenPower(n int, lazy bool, eval Evaluator) (err error)
- func (p PowerBasis) MarshalBinary() (data []byte, err error)
- func (p *PowerBasis) ReadFrom(r io.Reader) (n int64, err error)
- func (p *PowerBasis) UnmarshalBinary(data []byte) (err error)
- func (p PowerBasis) WriteTo(w io.Writer) (n int64, err error)
- type SimEvaluator
- type SimOperand
- type SimPowerBasis
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func BSGSIndex ¶
BSGSIndex returns the index map and needed rotation for the BSGS matrix-vector multiplication algorithm.
func EncodeLinearTransformation ¶
func EncodeLinearTransformation[T any](encoder Encoder[T, ringqp.Poly], diagonals Diagonals[T], allocated LinearTransformation) (err error)
EncodeLinearTransformation encodes on a pre-allocated LinearTransformation a set of non-zero diagonaes of a matrix representing a linear transformation.
func EvaluateGianStep ¶
func EvaluateGianStep(i int, giantSteps []int, babySteps []*BabyStep, eval Evaluator, pb PowerBasis) (err error)
EvaluateGianStep evaluates a giant-step of the PatersonStockmeyer polynomial evaluation algorithm, which consists in combining the baby-steps <[1, T, T^2, ..., T^{n-1}], [ci0, ci1, ci2, ..., ci{n-1}]> together with powers T^{2^k}.
func EvaluateLinearTranformationSequential ¶
func EvaluateLinearTranformationSequential(evalLT EvaluatorForLinearTransformation, evalDiag EvaluatorForDiagonalMatrix, ctIn *rlwe.Ciphertext, linearTransformations []LinearTransformation, opOut *rlwe.Ciphertext) (err error)
EvaluateLinearTranformationSequential takes as input a ciphertext ctIn and a list of linear transformations [M0, M1, M2, ...] and evaluates opOut:...M2(M1(M0(ctIn))
func EvaluateLinearTransformationsMany ¶
func EvaluateLinearTransformationsMany(evalLT EvaluatorForLinearTransformation, evalDiag EvaluatorForDiagonalMatrix, ctIn *rlwe.Ciphertext, linearTransformations []LinearTransformation, opOut []*rlwe.Ciphertext) (err error)
EvaluateLinearTransformationsMany takes as input a ciphertext ctIn, a list of linear transformations [M0, M1, M2, ...] and a list of pre-allocated receiver opOut and evaluates opOut: [M0(ctIn), M1(ctIn), M2(ctIn), ...]
func EvaluateMonomial ¶
func EvaluateMonomial(a, b, xpow *rlwe.Ciphertext, eval Evaluator) (err error)
EvaluateMonomial evaluates a monomial of the form a + b * X^{pow} and writes the results in b.
func EvaluatePatersonStockmeyerPolynomialVector ¶
func EvaluatePatersonStockmeyerPolynomialVector[T any](eval Evaluator, poly PatersonStockmeyerPolynomialVector, cg CoefficientGetter[T], pb PowerBasis) (res *rlwe.Ciphertext, err error)
EvaluatePatersonStockmeyerPolynomialVector evaluates a pre-decomposed PatersonStockmeyerPolynomialVector on a pre-computed power basis [1, X^{1}, X^{2}, ..., X^{2^{n}}, X^{2^{n+1}}, ..., X^{2^{m}}]
func EvaluatePolynomial ¶
func EvaluatePolynomial(eval EvaluatorForPolynomial, input interface{}, p interface{}, targetScale rlwe.Scale, levelsConsumedPerRescaling int, SimEval SimEvaluator) (opOut *rlwe.Ciphertext, err error)
EvaluatePolynomial is a generic and scheme agnostic method to evaluate polynomials on rlwe.Ciphertexts.
func EvaluatePolynomialVectorFromPowerBasis ¶
func EvaluatePolynomialVectorFromPowerBasis[T any](eval Evaluator, targetLevel int, pol PolynomialVector, cg CoefficientGetter[T], pb PowerBasis, targetScale rlwe.Scale) (res *rlwe.Ciphertext, err error)
EvaluatePolynomialVectorFromPowerBasis a method that complies to the interface he.PolynomialVectorEvaluator. This method evaluates P(ct) = sum c_i * ct^{i}.
func FindBestBSGSRatio ¶
FindBestBSGSRatio finds the best N1*N2 = N for the baby-step giant-step algorithm for matrix multiplication.
func GaloisElementsForLinearTransformation ¶
func GaloisElementsForLinearTransformation(params rlwe.ParameterProvider, diags []int, slots, logBabyStepGianStepRatio int) (galEls []uint64)
GaloisElementsForLinearTransformation returns the list of Galois elements needed for the evaluation of a linear transformation given the index of its non-zero diagonals, the number of slots in the plaintext and the LogBabyStepGianStepRatio (see LinearTransformationParameters).
func GetPreRotatedCiphertextForDiagonalMatrixMultiplication ¶
func GetPreRotatedCiphertextForDiagonalMatrixMultiplication(levelQ int, eval EvaluatorForLinearTransformation, ctIn *rlwe.Ciphertext, BuffDecompQP []ringqp.Poly, rots []int, ctPreRot map[int]*rlwe.Element[ringqp.Poly]) (err error)
GetPreRotatedCiphertextForDiagonalMatrixMultiplication populates ctPreRot with the pre-rotated ciphertext for the rotations rots and deletes rotated ciphertexts that are not in rots.
func MultiplyByDiagMatrix ¶
func MultiplyByDiagMatrix(eval EvaluatorForLinearTransformation, ctIn *rlwe.Ciphertext, matrix LinearTransformation, BuffDecompQP []ringqp.Poly, opOut *rlwe.Ciphertext) (err error)
MultiplyByDiagMatrix multiplies the Ciphertext "ctIn" by the plaintext matrix "matrix" and returns the result on the Ciphertext "opOut". Memory buffers for the decomposed ciphertext BuffDecompQP, BuffDecompQP must be provided, those are list of poly of ringQ and ringP respectively, each of size params.Beta(). The naive approach is used (single hoisting and no baby-step giant-step), which is faster than MultiplyByDiagMatrixBSGS for matrix of only a few non-zero diagonals but uses more keys.
func MultiplyByDiagMatrixBSGS ¶
func MultiplyByDiagMatrixBSGS(eval EvaluatorForLinearTransformation, ctIn *rlwe.Ciphertext, matrix LinearTransformation, ctInPreRot map[int]*rlwe.Element[ringqp.Poly], opOut *rlwe.Ciphertext) (err error)
MultiplyByDiagMatrixBSGS multiplies the Ciphertext "ctIn" by the plaintext matrix "matrix" and returns the result on the Ciphertext "opOut". ctInPreRotated can be obtained with GetPreRotatedCiphertextForDiagonalMatrixMultiplication. The BSGS approach is used (double hoisting with baby-step giant-step), which is faster than MultiplyByDiagMatrix for matrix with more than a few non-zero diagonals and uses significantly less keys.
func SplitDegree ¶
SplitDegree returns a * b = n such that |a-b| is minimized with a and/or b odd if possible.
Types ¶
type BabyStep ¶
type BabyStep struct { Degree int Value *rlwe.Ciphertext }
BabyStep is a struct storing the result of a baby-step of the Paterson-Stockmeyer polynomial evaluation algorithm.
func EvaluateBabyStep ¶
func EvaluateBabyStep[T any](i int, eval Evaluator, poly PatersonStockmeyerPolynomialVector, cg CoefficientGetter[T], pb PowerBasis) (ct *BabyStep, err error)
EvaluateBabyStep evaluates a baby-step of the PatersonStockmeyer polynomial evaluation algorithm, i.e. the inner-product between the precomputed powers [1, T, T^2, ..., T^{n-1}] and the coefficients [ci0, ci1, ci2, ..., ci{n-1}].
type Bootstrapper ¶
type Bootstrapper[CiphertextType any] interface { // Bootstrap defines a method that takes a single Ciphertext as input and applies // an in place scheme-specific bootstrapping. The result is also returned. // An error should notably be returned if ct.Level() < Bootstrapper.MinimumInputLevel(). Bootstrap(ct *CiphertextType) (*CiphertextType, error) // BootstrapMany defines a method that takes a slice of Ciphertexts as input and applies an // in place scheme-specific bootstrapping to each Ciphertext. The result is also returned. // An error should notably be returned if cts[i].Level() < Bootstrapper.MinimumInputLevel(). BootstrapMany(cts []CiphertextType) ([]CiphertextType, error) // Depth is the number of levels consumed by the bootstrapping circuit. // This value is equivalent to params.MaxLevel() - OutputLevel(). Depth() int // MinimumInputLevel defines the minimum level that the ciphertext // must be at when given to the bootstrapper. // For the centralized bootstrapping this value is usually zero. // For the collective bootstrapping it is given by the user-defined // security parameters MinimumInputLevel() int // OutputLevel defines the level that the ciphertext will be at // after the bootstrapping. // For the centralized bootstrapping this value is the maximum // level minus the depth of the bootstrapping circuit. // For the collective bootstrapping this value is usually the // maximum level. OutputLevel() int }
Bootstrapper is a scheme-independent generic interface to handle bootstrapping.
type CoefficientGetter ¶
type CoefficientGetter[T any] interface { // GetVectorCoefficient should return a slice []T containing the k-th coefficient // of each polynomial of PolynomialVector indexed by its Mapping. // See PolynomialVector for additional information about the Mapping. GetVectorCoefficient(pol PolynomialVector, k int) (values []T) // GetSingleCoefficient should return the k-th coefficient of Polynomial as the type T. GetSingleCoefficient(pol Polynomial, k int) (value T) // ShallowCopy should return a thread-safe copy of the original CoefficientGetter. ShallowCopy() CoefficientGetter[T] }
CoefficientGetter defines an interface to get the coefficients of a Polynomial.
type Diagonals ¶
func (Diagonals[T]) At ¶
At returns the i-th non-zero diagonal. Method accepts negative values with the equivalency -i = n - i.
func (Diagonals[T]) DiagonalsIndexList ¶
DiagonalsIndexList returns the list of the non-zero diagonals of the square matrix. A non zero diagonals is a diagonal with a least one non-zero element.
type Encoder ¶
type Encoder[T any, U *ring.Poly | ringqp.Poly | *rlwe.Plaintext] interface { Encode(values []T, metaData *rlwe.MetaData, output U) (err error) }
Encoder defines a set of common and scheme agnostic method provided by an Encoder struct.
type Evaluator ¶
type Evaluator interface { rlwe.ParameterProvider Add(op0 *rlwe.Ciphertext, op1 rlwe.Operand, opOut *rlwe.Ciphertext) (err error) AddNew(op0 *rlwe.Ciphertext, op1 rlwe.Operand) (opOut *rlwe.Ciphertext, err error) Sub(op0 *rlwe.Ciphertext, op1 rlwe.Operand, opOut *rlwe.Ciphertext) (err error) SubNew(op0 *rlwe.Ciphertext, op1 rlwe.Operand) (opOut *rlwe.Ciphertext, err error) Mul(op0 *rlwe.Ciphertext, op1 rlwe.Operand, opOut *rlwe.Ciphertext) (err error) MulNew(op0 *rlwe.Ciphertext, op1 rlwe.Operand) (opOut *rlwe.Ciphertext, err error) MulRelin(op0 *rlwe.Ciphertext, op1 rlwe.Operand, opOut *rlwe.Ciphertext) (err error) MulRelinNew(op0 *rlwe.Ciphertext, op1 rlwe.Operand) (opOut *rlwe.Ciphertext, err error) MulThenAdd(op0 *rlwe.Ciphertext, op1 rlwe.Operand, opOut *rlwe.Ciphertext) (err error) Relinearize(op0, op1 *rlwe.Ciphertext) (err error) Rescale(op0, op1 *rlwe.Ciphertext) (err error) GetEvaluatorBuffer() *rlwe.EvaluatorBuffers // TODO extract }
Evaluator defines a set of common and scheme agnostic method provided by an Evaluator struct.
type EvaluatorForDiagonalMatrix ¶
type EvaluatorForDiagonalMatrix interface { Decompose(levelQ int, ctIn *rlwe.Ciphertext, BuffDecompQP []ringqp.Poly) GetPreRotatedCiphertextForDiagonalMatrixMultiplication(levelQ int, ctIn *rlwe.Ciphertext, BuffDecompQP []ringqp.Poly, rots []int, ctPreRot map[int]*rlwe.Element[ringqp.Poly]) (err error) MultiplyByDiagMatrix(ctIn *rlwe.Ciphertext, matrix LinearTransformation, BuffDecompQP []ringqp.Poly, opOut *rlwe.Ciphertext) (err error) MultiplyByDiagMatrixBSGS(ctIn *rlwe.Ciphertext, matrix LinearTransformation, ctInPreRot map[int]*rlwe.Element[ringqp.Poly], opOut *rlwe.Ciphertext) (err error) }
type EvaluatorForLinearTransformation ¶
type EvaluatorForLinearTransformation interface { rlwe.ParameterProvider Rescale(op1, op2 *rlwe.Ciphertext) (err error) GetBuffQP() [6]ringqp.Poly GetBuffCt() *rlwe.Ciphertext GetBuffDecompQP() []ringqp.Poly DecomposeNTT(level, levelP, pCount int, c1 ring.Poly, isNTT bool, BuffDecompQP []ringqp.Poly) CheckAndGetGaloisKey(galEl uint64) (evk *rlwe.GaloisKey, err error) GadgetProductLazy(levelQ int, cx ring.Poly, gadgetCt *rlwe.GadgetCiphertext, ct *rlwe.Element[ringqp.Poly]) GadgetProductHoistedLazy(levelQ int, BuffQPDecompQP []ringqp.Poly, gadgetCt *rlwe.GadgetCiphertext, ct *rlwe.Element[ringqp.Poly]) AutomorphismHoistedLazy(levelQ int, ctIn *rlwe.Ciphertext, c1DecompQP []ringqp.Poly, galEl uint64, ctQP *rlwe.Element[ringqp.Poly]) (err error) ModDownQPtoQNTT(levelQ, levelP int, p1Q, p1P, p2Q ring.Poly) AutomorphismIndex(uint64) []uint64 }
EvaluatorForLinearTransformation defines a set of common and scheme agnostic method necessary to instantiate an LinearTransformationEvaluator.
type EvaluatorForPolynomial ¶
type EvaluatorForPolynomial interface { Evaluator EvaluatePatersonStockmeyerPolynomialVector(poly PatersonStockmeyerPolynomialVector, pb PowerBasis) (res *rlwe.Ciphertext, err error) }
EvaluatorForPolynomial defines a set of common and scheme agnostic method that are necessary to instantiate a PolynomialVectorEvaluator.
type LinearTransformation ¶
type LinearTransformation struct { *rlwe.MetaData LogBabyStepGianStepRatio int N1 int Level int Vec map[int]ringqp.Poly }
LinearTransformation is a type for linear transformations on ciphertexts. It stores a plaintext matrix in diagonal form and can be evaluated on a ciphertext using a LinearTransformationEvaluator.
func NewLinearTransformation ¶
func NewLinearTransformation(params rlwe.ParameterProvider, ltparams LinearTransformationParameters) LinearTransformation
NewLinearTransformation allocates a new LinearTransformation with zero values according to the parameters specified by the LinearTransformationParameters.
func (LinearTransformation) BSGSIndex ¶
func (lt LinearTransformation) BSGSIndex() (index map[int][]int, n1, n2 []int)
BSGSIndex returns the BSGSIndex of the target linear transformation.
func (LinearTransformation) GaloisElements ¶
func (lt LinearTransformation) GaloisElements(params rlwe.ParameterProvider) (galEls []uint64)
GaloisElements returns the list of Galois elements needed for the evaluation of the linear transformation.
type LinearTransformationParameters ¶
type LinearTransformationParameters struct { // DiagonalsIndexList is the list of the non-zero diagonals of the square matrix. // A non zero diagonals is a diagonal with a least one non-zero element. DiagonalsIndexList []int // Level is the level at which to encode the linear transformation. Level int // Scale is the plaintext scale at which to encode the linear transformation. Scale rlwe.Scale // LogDimensions is the log2 dimensions of the matrix that can be SIMD packed // in a single plaintext polynomial. // This method is equivalent to params.PlaintextDimensions(). // Note that the linear transformation is evaluated independently on each rows of // the SIMD packed matrix. LogDimensions ring.Dimensions // LogBabyStepGianStepRatio is the log2 of the ratio n1/n2 for n = n1 * n2 and // n is the dimension of the linear transformation. The number of Galois keys required // is minimized when this value is 0 but the overall complexity of the homomorphic evaluation // can be reduced by increasing the ratio (at the expanse of increasing the number of keys required). // If the value returned is negative, then the baby-step giant-step algorithm is not used // and the evaluation complexity (as well as the number of keys) becomes O(n) instead of O(sqrt(n)). LogBabyStepGianStepRatio int }
LinearTransformationParameters is a struct storing the parameterization of a linear transformation.
A homomorphic linear transformations on a ciphertext acts as evaluating:
Ciphertext([1 x n] vector) <- Ciphertext([1 x n] vector) x Plaintext([n x n] matrix)
where n is the number of plaintext slots.
The diagonal representation of a linear transformations is defined by first expressing the linear transformation through its nxn matrix and then traversing the matrix diagonally.
For example, the following nxn for n=4 matrix:
0 1 2 3 (diagonal index) | 1 2 3 0 | | 0 1 2 3 | | 3 0 1 2 | | 2 3 0 1 |
its diagonal traversal representation is comprised of 3 non-zero diagonals at indexes [0, 1, 2]: 0: [1, 1, 1, 1] 1: [2, 2, 2, 2] 2: [3, 3, 3, 3] 3: [0, 0, 0, 0] -> this diagonal is omitted as it is composed only of zero values.
Note that negative indexes can be used and will be interpreted modulo the matrix dimension.
The diagonal representation is well suited for two reasons:
- It is the effective format used during the homomorphic evaluation.
- It enables on average a more compact and efficient representation of linear transformations than their matrix representation by being able to only store the non-zero diagonals.
Finally, some metrics about the time and storage complexity of homomorphic linear transformations:
- Storage: #diagonals polynomials mod Q_level * P
- Evaluation: #diagonals multiplications and 2sqrt(#diagonals) ciphertexts rotations.
type PatersonStockmeyerPolynomial ¶
type PatersonStockmeyerPolynomial struct { Degree int Base int Level int Scale rlwe.Scale Value []Polynomial }
PatersonStockmeyerPolynomial is a struct that stores the Paterson Stockmeyer decomposition of a polynomial. The decomposition of P(X) is given as sum pi(X) * X^{2^{n}} where degree(pi(X)) =~ sqrt(degree(P(X)))
type PatersonStockmeyerPolynomialVector ¶
type PatersonStockmeyerPolynomialVector struct { Value []PatersonStockmeyerPolynomial Mapping map[int][]int }
PatersonStockmeyerPolynomialVector is a struct implementing the Paterson Stockmeyer decomposition of a PolynomialVector. See PatersonStockmeyerPolynomial for additional information.
type Polynomial ¶
type Polynomial struct { bignum.Polynomial MaxDeg int // Always set to len(Coeffs)-1 Lead bool // Always set to true Lazy bool // Flag for lazy-relinearization Level int // Metadata for BSGS polynomial evaluation Scale rlwe.Scale // Metadata for BSGS polynomial evaluation }
Polynomial is a struct for representing plaintext polynomials for their homomorphic evaluation in an encrypted point. The type wraps a bignum.Polynomial along with several evaluation- related parameters.
func NewPolynomial ¶
func NewPolynomial(poly bignum.Polynomial) Polynomial
NewPolynomial returns an instantiated Polynomial for the provided bignum.Polynomial.
func (Polynomial) Factorize ¶
func (p Polynomial) Factorize(n int) (pq, pr Polynomial)
Factorize factorizes p as X^{n} * pq + pr.
func (Polynomial) GetPatersonStockmeyerPolynomial ¶
func (p Polynomial) GetPatersonStockmeyerPolynomial(params rlwe.ParameterProvider, inputLevel int, inputScale, outputScale rlwe.Scale, eval SimEvaluator) PatersonStockmeyerPolynomial
GetPatersonStockmeyerPolynomial returns the Paterson Stockmeyer polynomial decomposition of the target polynomial. The decomposition is done with the power of two basis.
type PolynomialVector ¶
type PolynomialVector struct { Value []Polynomial Mapping map[int][]int }
PolynomialVector is a struct storing a set of polynomials and a mapping that indicates on which slot each polynomial has to be independently evaluated. For example, if we are given two polynomials P0(X) and P1(X) and the folling mapping: map[int][]int{0:[0, 1, 2], 1:[3, 4, 5]}, then the polynomial evaluation on a vector [a, b, c, d, e, f, g, h] will evaluate to [P0(a), P0(b), P0(c), P1(d), P1(e), P1(f), 0, 0]
func NewPolynomialVector ¶
func NewPolynomialVector(polys []bignum.Polynomial, mapping map[int][]int) (PolynomialVector, error)
NewPolynomialVector instantiates a new PolynomialVector from a set of bignum.Polynomial and a mapping indicating which polynomial has to be evaluated on which slot. For example, if we are given two polynomials P0(X) and P1(X) and the folling mapping: map[int][]int{0:[0, 1, 2], 1:[3, 4, 5]}, then the polynomial evaluation on a vector [a, b, c, d, e, f, g, h] will evaluate to [P0(a), P0(b), P0(c), P1(d), P1(e), P1(f), 0, 0]
func (PolynomialVector) Factorize ¶
func (p PolynomialVector) Factorize(n int) (polyq, polyr PolynomialVector)
Factorize factorizes the underlying Polynomial vector p into p = polyq * X^{n} + polyr.
func (PolynomialVector) GetPatersonStockmeyerPolynomial ¶
func (p PolynomialVector) GetPatersonStockmeyerPolynomial(params rlwe.Parameters, inputLevel int, inputScale, outputScale rlwe.Scale, eval SimEvaluator) PatersonStockmeyerPolynomialVector
GetPatersonStockmeyerPolynomial returns the Paterson Stockmeyer polynomial decomposition of the target PolynomialVector. The decomposition is done with the power of two basis
func (PolynomialVector) IsEven ¶
func (p PolynomialVector) IsEven() (even bool)
IsEven returns true if all underlying polynomials are even, i.e. all odd powers are zero.
func (PolynomialVector) IsOdd ¶
func (p PolynomialVector) IsOdd() (odd bool)
IsOdd returns true if all underlying polynomials are odd, i.e. all even powers are zero.
type PowerBasis ¶
PowerBasis is a struct storing powers of a ciphertext.
func NewPowerBasis ¶
func NewPowerBasis(ct *rlwe.Ciphertext, basis bignum.Basis) (p PowerBasis)
NewPowerBasis creates a new PowerBasis. It takes as input a ciphertext and a basis type. The struct treats the input ciphertext as a monomial X and can be used to generates power of this monomial X^{n} in the given BasisType.
func (PowerBasis) BinarySize ¶
func (p PowerBasis) BinarySize() (size int)
BinarySize returns the serialized size of the object in bytes.
func (*PowerBasis) GenPower ¶
func (p *PowerBasis) GenPower(n int, lazy bool, eval Evaluator) (err error)
GenPower recursively computes X^{n}. If lazy = true, the final X^{n} will not be relinearized. Previous non-relinearized X^{n} that are required to compute the target X^{n} are automatically relinearized.
func (PowerBasis) MarshalBinary ¶
func (p PowerBasis) MarshalBinary() (data []byte, err error)
MarshalBinary encodes the object into a binary form on a newly allocated slice of bytes.
func (*PowerBasis) ReadFrom ¶
func (p *PowerBasis) ReadFrom(r io.Reader) (n int64, err error)
ReadFrom reads on the object from an io.Writer. It implements the io.ReaderFrom interface.
Unless r implements the buffer.Reader interface (see see lattice/utils/buffer/reader.go), it will be wrapped into a bufio.Reader. Since this requires allocation, it is preferable to pass a buffer.Reader directly:
- When reading multiple values from a io.Reader, it is preferable to first first wrap io.Reader in a pre-allocated bufio.Reader.
- When reading from a var b []byte, it is preferable to pass a buffer.NewBuffer(b) as w (see lattice/utils/buffer/buffer.go).
func (*PowerBasis) UnmarshalBinary ¶
func (p *PowerBasis) UnmarshalBinary(data []byte) (err error)
UnmarshalBinary decodes a slice of bytes generated by MarshalBinary or WriteTo on the object.
func (PowerBasis) WriteTo ¶
func (p PowerBasis) WriteTo(w io.Writer) (n int64, err error)
WriteTo writes the object on an io.Writer. It implements the io.WriterTo interface, and will write exactly object.BinarySize() bytes on w.
Unless w implements the buffer.Writer interface (see lattice/utils/buffer/writer.go), it will be wrapped into a bufio.Writer. Since this requires allocations, it is preferable to pass a buffer.Writer directly:
- When writing multiple times to a io.Writer, it is preferable to first wrap the io.Writer in a pre-allocated bufio.Writer.
- When writing to a pre-allocated var b []byte, it is preferable to pass buffer.NewBuffer(b) as w (see lattice/utils/buffer/buffer.go).
type SimEvaluator ¶
type SimEvaluator interface { MulNew(op0, op1 *SimOperand) *SimOperand Rescale(op0 *SimOperand) PolynomialDepth(degree int) int UpdateLevelAndScaleGiantStep(lead bool, tLevelOld int, tScaleOld, xPowScale rlwe.Scale) (tLevelNew int, tScaleNew rlwe.Scale) UpdateLevelAndScaleBabyStep(lead bool, tLevelOld int, tScaleOld rlwe.Scale) (tLevelNew int, tScaleNew rlwe.Scale) }
SimEvaluator defines a set of method on SimOperands.
type SimOperand ¶
SimOperand is a dummy operand that only stores its level and scale.
type SimPowerBasis ¶
type SimPowerBasis map[int]*SimOperand
SimPowerBasis is a map storing powers of SimOperands indexed by their power.
func (SimPowerBasis) GenPower ¶
func (d SimPowerBasis) GenPower(params rlwe.ParameterProvider, n int, eval SimEvaluator)
GenPower populates the target SimPowerBasis with the nth power.
Source Files ¶
Directories ¶
Path | Synopsis |
---|---|
Package hebin implements blind rotations evaluation for RLWE schemes.
|
Package hebin implements blind rotations evaluation for RLWE schemes. |
Package hefloat implements Homomorphic Encryption with fixed-point approximate arithmetic over the complex or real numbers.
|
Package hefloat implements Homomorphic Encryption with fixed-point approximate arithmetic over the complex or real numbers. |
bootstrapping
Package bootstrapping implements bootstrapping for fixed-point encrypted approximate homomorphic encryption over the complex/real numbers.
|
Package bootstrapping implements bootstrapping for fixed-point encrypted approximate homomorphic encryption over the complex/real numbers. |
cosine
Package cosine method is the Go implementation of the polynomial-approximation algorithm by Han and Ki in
|
Package cosine method is the Go implementation of the polynomial-approximation algorithm by Han and Ki in |
Package heint implements Homomorphic Encryption for encrypted modular arithmetic over the integers.
|
Package heint implements Homomorphic Encryption for encrypted modular arithmetic over the integers. |