he

package
v5.0.0-...-72ea290 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 15, 2023 License: Apache-2.0 Imports: 12 Imported by: 0

Documentation

Overview

Package he implements scheme agnostic functionalities for RLWE-based Homomorphic Encryption schemes implemented in Lattice.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func BSGSIndex

func BSGSIndex(nonZeroDiags []int, slots, N1 int) (index map[int][]int, rotN1, rotN2 []int)

BSGSIndex returns the index map and needed rotation for the BSGS matrix-vector multiplication algorithm.

func EncodeLinearTransformation

func EncodeLinearTransformation[T any](encoder Encoder[T, ringqp.Poly], diagonals Diagonals[T], allocated LinearTransformation) (err error)

EncodeLinearTransformation encodes on a pre-allocated LinearTransformation a set of non-zero diagonaes of a matrix representing a linear transformation.

func EvaluateGianStep

func EvaluateGianStep(i int, giantSteps []int, babySteps []*BabyStep, eval Evaluator, pb PowerBasis) (err error)

EvaluateGianStep evaluates a giant-step of the PatersonStockmeyer polynomial evaluation algorithm, which consists in combining the baby-steps <[1, T, T^2, ..., T^{n-1}], [ci0, ci1, ci2, ..., ci{n-1}]> together with powers T^{2^k}.

func EvaluateLinearTranformationSequential

func EvaluateLinearTranformationSequential(evalLT EvaluatorForLinearTransformation, evalDiag EvaluatorForDiagonalMatrix, ctIn *rlwe.Ciphertext, linearTransformations []LinearTransformation, opOut *rlwe.Ciphertext) (err error)

EvaluateLinearTranformationSequential takes as input a ciphertext ctIn and a list of linear transformations [M0, M1, M2, ...] and evaluates opOut:...M2(M1(M0(ctIn))

func EvaluateLinearTransformationsMany

func EvaluateLinearTransformationsMany(evalLT EvaluatorForLinearTransformation, evalDiag EvaluatorForDiagonalMatrix, ctIn *rlwe.Ciphertext, linearTransformations []LinearTransformation, opOut []*rlwe.Ciphertext) (err error)

EvaluateLinearTransformationsMany takes as input a ciphertext ctIn, a list of linear transformations [M0, M1, M2, ...] and a list of pre-allocated receiver opOut and evaluates opOut: [M0(ctIn), M1(ctIn), M2(ctIn), ...]

func EvaluateMonomial

func EvaluateMonomial(a, b, xpow *rlwe.Ciphertext, eval Evaluator) (err error)

EvaluateMonomial evaluates a monomial of the form a + b * X^{pow} and writes the results in b.

func EvaluatePatersonStockmeyerPolynomialVector

func EvaluatePatersonStockmeyerPolynomialVector[T any](eval Evaluator, poly PatersonStockmeyerPolynomialVector, cg CoefficientGetter[T], pb PowerBasis) (res *rlwe.Ciphertext, err error)

EvaluatePatersonStockmeyerPolynomialVector evaluates a pre-decomposed PatersonStockmeyerPolynomialVector on a pre-computed power basis [1, X^{1}, X^{2}, ..., X^{2^{n}}, X^{2^{n+1}}, ..., X^{2^{m}}]

func EvaluatePolynomial

func EvaluatePolynomial(eval EvaluatorForPolynomial, input interface{}, p interface{}, targetScale rlwe.Scale, levelsConsumedPerRescaling int, SimEval SimEvaluator) (opOut *rlwe.Ciphertext, err error)

EvaluatePolynomial is a generic and scheme agnostic method to evaluate polynomials on rlwe.Ciphertexts.

func EvaluatePolynomialVectorFromPowerBasis

func EvaluatePolynomialVectorFromPowerBasis[T any](eval Evaluator, targetLevel int, pol PolynomialVector, cg CoefficientGetter[T], pb PowerBasis, targetScale rlwe.Scale) (res *rlwe.Ciphertext, err error)

EvaluatePolynomialVectorFromPowerBasis a method that complies to the interface he.PolynomialVectorEvaluator. This method evaluates P(ct) = sum c_i * ct^{i}.

func FindBestBSGSRatio

func FindBestBSGSRatio(nonZeroDiags []int, maxN int, logMaxRatio int) (minN int)

FindBestBSGSRatio finds the best N1*N2 = N for the baby-step giant-step algorithm for matrix multiplication.

func GaloisElementsForLinearTransformation

func GaloisElementsForLinearTransformation(params rlwe.ParameterProvider, diags []int, slots, logBabyStepGianStepRatio int) (galEls []uint64)

GaloisElementsForLinearTransformation returns the list of Galois elements needed for the evaluation of a linear transformation given the index of its non-zero diagonals, the number of slots in the plaintext and the LogBabyStepGianStepRatio (see LinearTransformationParameters).

func GetPreRotatedCiphertextForDiagonalMatrixMultiplication

func GetPreRotatedCiphertextForDiagonalMatrixMultiplication(levelQ int, eval EvaluatorForLinearTransformation, ctIn *rlwe.Ciphertext, BuffDecompQP []ringqp.Poly, rots []int, ctPreRot map[int]*rlwe.Element[ringqp.Poly]) (err error)

GetPreRotatedCiphertextForDiagonalMatrixMultiplication populates ctPreRot with the pre-rotated ciphertext for the rotations rots and deletes rotated ciphertexts that are not in rots.

func MultiplyByDiagMatrix

func MultiplyByDiagMatrix(eval EvaluatorForLinearTransformation, ctIn *rlwe.Ciphertext, matrix LinearTransformation, BuffDecompQP []ringqp.Poly, opOut *rlwe.Ciphertext) (err error)

MultiplyByDiagMatrix multiplies the Ciphertext "ctIn" by the plaintext matrix "matrix" and returns the result on the Ciphertext "opOut". Memory buffers for the decomposed ciphertext BuffDecompQP, BuffDecompQP must be provided, those are list of poly of ringQ and ringP respectively, each of size params.Beta(). The naive approach is used (single hoisting and no baby-step giant-step), which is faster than MultiplyByDiagMatrixBSGS for matrix of only a few non-zero diagonals but uses more keys.

func MultiplyByDiagMatrixBSGS

func MultiplyByDiagMatrixBSGS(eval EvaluatorForLinearTransformation, ctIn *rlwe.Ciphertext, matrix LinearTransformation, ctInPreRot map[int]*rlwe.Element[ringqp.Poly], opOut *rlwe.Ciphertext) (err error)

MultiplyByDiagMatrixBSGS multiplies the Ciphertext "ctIn" by the plaintext matrix "matrix" and returns the result on the Ciphertext "opOut". ctInPreRotated can be obtained with GetPreRotatedCiphertextForDiagonalMatrixMultiplication. The BSGS approach is used (double hoisting with baby-step giant-step), which is faster than MultiplyByDiagMatrix for matrix with more than a few non-zero diagonals and uses significantly less keys.

func SplitDegree

func SplitDegree(n int) (a, b int)

SplitDegree returns a * b = n such that |a-b| is minimized with a and/or b odd if possible.

Types

type BabyStep

type BabyStep struct {
	Degree int
	Value  *rlwe.Ciphertext
}

BabyStep is a struct storing the result of a baby-step of the Paterson-Stockmeyer polynomial evaluation algorithm.

func EvaluateBabyStep

func EvaluateBabyStep[T any](i int, eval Evaluator, poly PatersonStockmeyerPolynomialVector, cg CoefficientGetter[T], pb PowerBasis) (ct *BabyStep, err error)

EvaluateBabyStep evaluates a baby-step of the PatersonStockmeyer polynomial evaluation algorithm, i.e. the inner-product between the precomputed powers [1, T, T^2, ..., T^{n-1}] and the coefficients [ci0, ci1, ci2, ..., ci{n-1}].

type Bootstrapper

type Bootstrapper[CiphertextType any] interface {

	// Bootstrap defines a method that takes a single Ciphertext as input and applies
	// an in place scheme-specific bootstrapping. The result is also returned.
	// An error should notably be returned if ct.Level() < Bootstrapper.MinimumInputLevel().
	Bootstrap(ct *CiphertextType) (*CiphertextType, error)

	// BootstrapMany defines a method that takes a slice of Ciphertexts as input and applies an
	// in place scheme-specific bootstrapping to each Ciphertext. The result is also returned.
	// An error should notably be returned if cts[i].Level() < Bootstrapper.MinimumInputLevel().
	BootstrapMany(cts []CiphertextType) ([]CiphertextType, error)

	// Depth is the number of levels consumed by the bootstrapping circuit.
	// This value is equivalent to params.MaxLevel() - OutputLevel().
	Depth() int

	// MinimumInputLevel defines the minimum level that the ciphertext
	// must be at when given to the bootstrapper.
	// For the centralized bootstrapping this value is usually zero.
	// For the collective bootstrapping it is given by the user-defined
	// security parameters
	MinimumInputLevel() int

	// OutputLevel defines the level that the ciphertext will be at
	// after the bootstrapping.
	// For the centralized bootstrapping this value is the maximum
	// level minus the depth of the bootstrapping circuit.
	// For the collective bootstrapping this value is usually the
	// maximum level.
	OutputLevel() int
}

Bootstrapper is a scheme-independent generic interface to handle bootstrapping.

type CoefficientGetter

type CoefficientGetter[T any] interface {

	// GetVectorCoefficient should return a slice []T containing the k-th coefficient
	// of each polynomial of PolynomialVector indexed by its Mapping.
	// See PolynomialVector for additional information about the Mapping.
	GetVectorCoefficient(pol PolynomialVector, k int) (values []T)

	// GetSingleCoefficient should return the k-th coefficient of Polynomial as the type T.
	GetSingleCoefficient(pol Polynomial, k int) (value T)

	// ShallowCopy should return a thread-safe copy of the original CoefficientGetter.
	ShallowCopy() CoefficientGetter[T]
}

CoefficientGetter defines an interface to get the coefficients of a Polynomial.

type Diagonals

type Diagonals[T any] map[int][]T

func (Diagonals[T]) At

func (m Diagonals[T]) At(i, slots int) ([]T, error)

At returns the i-th non-zero diagonal. Method accepts negative values with the equivalency -i = n - i.

func (Diagonals[T]) DiagonalsIndexList

func (m Diagonals[T]) DiagonalsIndexList() (indexes []int)

DiagonalsIndexList returns the list of the non-zero diagonals of the square matrix. A non zero diagonals is a diagonal with a least one non-zero element.

type Encoder

type Encoder[T any, U *ring.Poly | ringqp.Poly | *rlwe.Plaintext] interface {
	Encode(values []T, metaData *rlwe.MetaData, output U) (err error)
}

Encoder defines a set of common and scheme agnostic method provided by an Encoder struct.

type Evaluator

type Evaluator interface {
	rlwe.ParameterProvider
	Add(op0 *rlwe.Ciphertext, op1 rlwe.Operand, opOut *rlwe.Ciphertext) (err error)
	AddNew(op0 *rlwe.Ciphertext, op1 rlwe.Operand) (opOut *rlwe.Ciphertext, err error)
	Sub(op0 *rlwe.Ciphertext, op1 rlwe.Operand, opOut *rlwe.Ciphertext) (err error)
	SubNew(op0 *rlwe.Ciphertext, op1 rlwe.Operand) (opOut *rlwe.Ciphertext, err error)
	Mul(op0 *rlwe.Ciphertext, op1 rlwe.Operand, opOut *rlwe.Ciphertext) (err error)
	MulNew(op0 *rlwe.Ciphertext, op1 rlwe.Operand) (opOut *rlwe.Ciphertext, err error)
	MulRelin(op0 *rlwe.Ciphertext, op1 rlwe.Operand, opOut *rlwe.Ciphertext) (err error)
	MulRelinNew(op0 *rlwe.Ciphertext, op1 rlwe.Operand) (opOut *rlwe.Ciphertext, err error)
	MulThenAdd(op0 *rlwe.Ciphertext, op1 rlwe.Operand, opOut *rlwe.Ciphertext) (err error)
	Relinearize(op0, op1 *rlwe.Ciphertext) (err error)
	Rescale(op0, op1 *rlwe.Ciphertext) (err error)
	GetEvaluatorBuffer() *rlwe.EvaluatorBuffers // TODO extract
}

Evaluator defines a set of common and scheme agnostic method provided by an Evaluator struct.

type EvaluatorForDiagonalMatrix

type EvaluatorForDiagonalMatrix interface {
	Decompose(levelQ int, ctIn *rlwe.Ciphertext, BuffDecompQP []ringqp.Poly)
	GetPreRotatedCiphertextForDiagonalMatrixMultiplication(levelQ int, ctIn *rlwe.Ciphertext, BuffDecompQP []ringqp.Poly, rots []int, ctPreRot map[int]*rlwe.Element[ringqp.Poly]) (err error)
	MultiplyByDiagMatrix(ctIn *rlwe.Ciphertext, matrix LinearTransformation, BuffDecompQP []ringqp.Poly, opOut *rlwe.Ciphertext) (err error)
	MultiplyByDiagMatrixBSGS(ctIn *rlwe.Ciphertext, matrix LinearTransformation, ctInPreRot map[int]*rlwe.Element[ringqp.Poly], opOut *rlwe.Ciphertext) (err error)
}

type EvaluatorForLinearTransformation

type EvaluatorForLinearTransformation interface {
	rlwe.ParameterProvider
	Rescale(op1, op2 *rlwe.Ciphertext) (err error)
	GetBuffQP() [6]ringqp.Poly
	GetBuffCt() *rlwe.Ciphertext
	GetBuffDecompQP() []ringqp.Poly
	DecomposeNTT(level, levelP, pCount int, c1 ring.Poly, isNTT bool, BuffDecompQP []ringqp.Poly)
	CheckAndGetGaloisKey(galEl uint64) (evk *rlwe.GaloisKey, err error)
	GadgetProductLazy(levelQ int, cx ring.Poly, gadgetCt *rlwe.GadgetCiphertext, ct *rlwe.Element[ringqp.Poly])
	GadgetProductHoistedLazy(levelQ int, BuffQPDecompQP []ringqp.Poly, gadgetCt *rlwe.GadgetCiphertext, ct *rlwe.Element[ringqp.Poly])
	AutomorphismHoistedLazy(levelQ int, ctIn *rlwe.Ciphertext, c1DecompQP []ringqp.Poly, galEl uint64, ctQP *rlwe.Element[ringqp.Poly]) (err error)
	ModDownQPtoQNTT(levelQ, levelP int, p1Q, p1P, p2Q ring.Poly)
	AutomorphismIndex(uint64) []uint64
}

EvaluatorForLinearTransformation defines a set of common and scheme agnostic method necessary to instantiate an LinearTransformationEvaluator.

type EvaluatorForPolynomial

type EvaluatorForPolynomial interface {
	Evaluator
	EvaluatePatersonStockmeyerPolynomialVector(poly PatersonStockmeyerPolynomialVector, pb PowerBasis) (res *rlwe.Ciphertext, err error)
}

EvaluatorForPolynomial defines a set of common and scheme agnostic method that are necessary to instantiate a PolynomialVectorEvaluator.

type LinearTransformation

type LinearTransformation struct {
	*rlwe.MetaData
	LogBabyStepGianStepRatio int
	N1                       int
	Level                    int
	Vec                      map[int]ringqp.Poly
}

LinearTransformation is a type for linear transformations on ciphertexts. It stores a plaintext matrix in diagonal form and can be evaluated on a ciphertext using a LinearTransformationEvaluator.

func NewLinearTransformation

func NewLinearTransformation(params rlwe.ParameterProvider, ltparams LinearTransformationParameters) LinearTransformation

NewLinearTransformation allocates a new LinearTransformation with zero values according to the parameters specified by the LinearTransformationParameters.

func (LinearTransformation) BSGSIndex

func (lt LinearTransformation) BSGSIndex() (index map[int][]int, n1, n2 []int)

BSGSIndex returns the BSGSIndex of the target linear transformation.

func (LinearTransformation) GaloisElements

func (lt LinearTransformation) GaloisElements(params rlwe.ParameterProvider) (galEls []uint64)

GaloisElements returns the list of Galois elements needed for the evaluation of the linear transformation.

type LinearTransformationParameters

type LinearTransformationParameters struct {
	// DiagonalsIndexList is the list of the non-zero diagonals of the square matrix.
	// A non zero diagonals is a diagonal with a least one non-zero element.
	DiagonalsIndexList []int

	// Level is the level at which to encode the linear transformation.
	Level int

	// Scale is the plaintext scale at which to encode the linear transformation.
	Scale rlwe.Scale

	// LogDimensions is the log2 dimensions of the matrix that can be SIMD packed
	// in a single plaintext polynomial.
	// This method is equivalent to params.PlaintextDimensions().
	// Note that the linear transformation is evaluated independently on each rows of
	// the SIMD packed matrix.
	LogDimensions ring.Dimensions

	// LogBabyStepGianStepRatio is the log2 of the ratio n1/n2 for n = n1 * n2 and
	// n is the dimension of the linear transformation. The number of Galois keys required
	// is minimized when this value is 0 but the overall complexity of the homomorphic evaluation
	// can be reduced by increasing the ratio (at the expanse of increasing the number of keys required).
	// If the value returned is negative, then the baby-step giant-step algorithm is not used
	// and the evaluation complexity (as well as the number of keys) becomes O(n) instead of O(sqrt(n)).
	LogBabyStepGianStepRatio int
}

LinearTransformationParameters is a struct storing the parameterization of a linear transformation.

A homomorphic linear transformations on a ciphertext acts as evaluating:

Ciphertext([1 x n] vector) <- Ciphertext([1 x n] vector) x Plaintext([n x n] matrix)

where n is the number of plaintext slots.

The diagonal representation of a linear transformations is defined by first expressing the linear transformation through its nxn matrix and then traversing the matrix diagonally.

For example, the following nxn for n=4 matrix:

0 1 2 3 (diagonal index) | 1 2 3 0 | | 0 1 2 3 | | 3 0 1 2 | | 2 3 0 1 |

its diagonal traversal representation is comprised of 3 non-zero diagonals at indexes [0, 1, 2]: 0: [1, 1, 1, 1] 1: [2, 2, 2, 2] 2: [3, 3, 3, 3] 3: [0, 0, 0, 0] -> this diagonal is omitted as it is composed only of zero values.

Note that negative indexes can be used and will be interpreted modulo the matrix dimension.

The diagonal representation is well suited for two reasons:

  1. It is the effective format used during the homomorphic evaluation.
  2. It enables on average a more compact and efficient representation of linear transformations than their matrix representation by being able to only store the non-zero diagonals.

Finally, some metrics about the time and storage complexity of homomorphic linear transformations:

  • Storage: #diagonals polynomials mod Q_level * P
  • Evaluation: #diagonals multiplications and 2sqrt(#diagonals) ciphertexts rotations.

type PatersonStockmeyerPolynomial

type PatersonStockmeyerPolynomial struct {
	Degree int
	Base   int
	Level  int
	Scale  rlwe.Scale
	Value  []Polynomial
}

PatersonStockmeyerPolynomial is a struct that stores the Paterson Stockmeyer decomposition of a polynomial. The decomposition of P(X) is given as sum pi(X) * X^{2^{n}} where degree(pi(X)) =~ sqrt(degree(P(X)))

type PatersonStockmeyerPolynomialVector

type PatersonStockmeyerPolynomialVector struct {
	Value   []PatersonStockmeyerPolynomial
	Mapping map[int][]int
}

PatersonStockmeyerPolynomialVector is a struct implementing the Paterson Stockmeyer decomposition of a PolynomialVector. See PatersonStockmeyerPolynomial for additional information.

type Polynomial

type Polynomial struct {
	bignum.Polynomial
	MaxDeg int        // Always set to len(Coeffs)-1
	Lead   bool       // Always set to true
	Lazy   bool       // Flag for lazy-relinearization
	Level  int        // Metadata for BSGS polynomial evaluation
	Scale  rlwe.Scale // Metadata for BSGS polynomial evaluation
}

Polynomial is a struct for representing plaintext polynomials for their homomorphic evaluation in an encrypted point. The type wraps a bignum.Polynomial along with several evaluation- related parameters.

func NewPolynomial

func NewPolynomial(poly bignum.Polynomial) Polynomial

NewPolynomial returns an instantiated Polynomial for the provided bignum.Polynomial.

func (Polynomial) Factorize

func (p Polynomial) Factorize(n int) (pq, pr Polynomial)

Factorize factorizes p as X^{n} * pq + pr.

func (Polynomial) GetPatersonStockmeyerPolynomial

func (p Polynomial) GetPatersonStockmeyerPolynomial(params rlwe.ParameterProvider, inputLevel int, inputScale, outputScale rlwe.Scale, eval SimEvaluator) PatersonStockmeyerPolynomial

GetPatersonStockmeyerPolynomial returns the Paterson Stockmeyer polynomial decomposition of the target polynomial. The decomposition is done with the power of two basis.

type PolynomialVector

type PolynomialVector struct {
	Value   []Polynomial
	Mapping map[int][]int
}

PolynomialVector is a struct storing a set of polynomials and a mapping that indicates on which slot each polynomial has to be independently evaluated. For example, if we are given two polynomials P0(X) and P1(X) and the folling mapping: map[int][]int{0:[0, 1, 2], 1:[3, 4, 5]}, then the polynomial evaluation on a vector [a, b, c, d, e, f, g, h] will evaluate to [P0(a), P0(b), P0(c), P1(d), P1(e), P1(f), 0, 0]

func NewPolynomialVector

func NewPolynomialVector(polys []bignum.Polynomial, mapping map[int][]int) (PolynomialVector, error)

NewPolynomialVector instantiates a new PolynomialVector from a set of bignum.Polynomial and a mapping indicating which polynomial has to be evaluated on which slot. For example, if we are given two polynomials P0(X) and P1(X) and the folling mapping: map[int][]int{0:[0, 1, 2], 1:[3, 4, 5]}, then the polynomial evaluation on a vector [a, b, c, d, e, f, g, h] will evaluate to [P0(a), P0(b), P0(c), P1(d), P1(e), P1(f), 0, 0]

func (PolynomialVector) Factorize

func (p PolynomialVector) Factorize(n int) (polyq, polyr PolynomialVector)

Factorize factorizes the underlying Polynomial vector p into p = polyq * X^{n} + polyr.

func (PolynomialVector) GetPatersonStockmeyerPolynomial

func (p PolynomialVector) GetPatersonStockmeyerPolynomial(params rlwe.Parameters, inputLevel int, inputScale, outputScale rlwe.Scale, eval SimEvaluator) PatersonStockmeyerPolynomialVector

GetPatersonStockmeyerPolynomial returns the Paterson Stockmeyer polynomial decomposition of the target PolynomialVector. The decomposition is done with the power of two basis

func (PolynomialVector) IsEven

func (p PolynomialVector) IsEven() (even bool)

IsEven returns true if all underlying polynomials are even, i.e. all odd powers are zero.

func (PolynomialVector) IsOdd

func (p PolynomialVector) IsOdd() (odd bool)

IsOdd returns true if all underlying polynomials are odd, i.e. all even powers are zero.

type PowerBasis

type PowerBasis struct {
	bignum.Basis
	Value structs.Map[int, rlwe.Ciphertext]
}

PowerBasis is a struct storing powers of a ciphertext.

func NewPowerBasis

func NewPowerBasis(ct *rlwe.Ciphertext, basis bignum.Basis) (p PowerBasis)

NewPowerBasis creates a new PowerBasis. It takes as input a ciphertext and a basis type. The struct treats the input ciphertext as a monomial X and can be used to generates power of this monomial X^{n} in the given BasisType.

func (PowerBasis) BinarySize

func (p PowerBasis) BinarySize() (size int)

BinarySize returns the serialized size of the object in bytes.

func (*PowerBasis) GenPower

func (p *PowerBasis) GenPower(n int, lazy bool, eval Evaluator) (err error)

GenPower recursively computes X^{n}. If lazy = true, the final X^{n} will not be relinearized. Previous non-relinearized X^{n} that are required to compute the target X^{n} are automatically relinearized.

func (PowerBasis) MarshalBinary

func (p PowerBasis) MarshalBinary() (data []byte, err error)

MarshalBinary encodes the object into a binary form on a newly allocated slice of bytes.

func (*PowerBasis) ReadFrom

func (p *PowerBasis) ReadFrom(r io.Reader) (n int64, err error)

ReadFrom reads on the object from an io.Writer. It implements the io.ReaderFrom interface.

Unless r implements the buffer.Reader interface (see see lattice/utils/buffer/reader.go), it will be wrapped into a bufio.Reader. Since this requires allocation, it is preferable to pass a buffer.Reader directly:

  • When reading multiple values from a io.Reader, it is preferable to first first wrap io.Reader in a pre-allocated bufio.Reader.
  • When reading from a var b []byte, it is preferable to pass a buffer.NewBuffer(b) as w (see lattice/utils/buffer/buffer.go).

func (*PowerBasis) UnmarshalBinary

func (p *PowerBasis) UnmarshalBinary(data []byte) (err error)

UnmarshalBinary decodes a slice of bytes generated by MarshalBinary or WriteTo on the object.

func (PowerBasis) WriteTo

func (p PowerBasis) WriteTo(w io.Writer) (n int64, err error)

WriteTo writes the object on an io.Writer. It implements the io.WriterTo interface, and will write exactly object.BinarySize() bytes on w.

Unless w implements the buffer.Writer interface (see lattice/utils/buffer/writer.go), it will be wrapped into a bufio.Writer. Since this requires allocations, it is preferable to pass a buffer.Writer directly:

  • When writing multiple times to a io.Writer, it is preferable to first wrap the io.Writer in a pre-allocated bufio.Writer.
  • When writing to a pre-allocated var b []byte, it is preferable to pass buffer.NewBuffer(b) as w (see lattice/utils/buffer/buffer.go).

type SimEvaluator

type SimEvaluator interface {
	MulNew(op0, op1 *SimOperand) *SimOperand
	Rescale(op0 *SimOperand)
	PolynomialDepth(degree int) int
	UpdateLevelAndScaleGiantStep(lead bool, tLevelOld int, tScaleOld, xPowScale rlwe.Scale) (tLevelNew int, tScaleNew rlwe.Scale)
	UpdateLevelAndScaleBabyStep(lead bool, tLevelOld int, tScaleOld rlwe.Scale) (tLevelNew int, tScaleNew rlwe.Scale)
}

SimEvaluator defines a set of method on SimOperands.

type SimOperand

type SimOperand struct {
	Level int
	Scale rlwe.Scale
}

SimOperand is a dummy operand that only stores its level and scale.

type SimPowerBasis

type SimPowerBasis map[int]*SimOperand

SimPowerBasis is a map storing powers of SimOperands indexed by their power.

func (SimPowerBasis) GenPower

func (d SimPowerBasis) GenPower(params rlwe.ParameterProvider, n int, eval SimEvaluator)

GenPower populates the target SimPowerBasis with the nth power.

Directories

Path Synopsis
Package hebin implements blind rotations evaluation for RLWE schemes.
Package hebin implements blind rotations evaluation for RLWE schemes.
Package hefloat implements Homomorphic Encryption with fixed-point approximate arithmetic over the complex or real numbers.
Package hefloat implements Homomorphic Encryption with fixed-point approximate arithmetic over the complex or real numbers.
bootstrapping
Package bootstrapping implements bootstrapping for fixed-point encrypted approximate homomorphic encryption over the complex/real numbers.
Package bootstrapping implements bootstrapping for fixed-point encrypted approximate homomorphic encryption over the complex/real numbers.
cosine
Package cosine method is the Go implementation of the polynomial-approximation algorithm by Han and Ki in
Package cosine method is the Go implementation of the polynomial-approximation algorithm by Han and Ki in
Package heint implements Homomorphic Encryption for encrypted modular arithmetic over the integers.
Package heint implements Homomorphic Encryption for encrypted modular arithmetic over the integers.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL