HElib/keys_8h_source.html

/* Copyright (C) 2012-2020 IBM Corp.

 * This program is Licensed under the Apache License, Version 2.0

 * (the "License"); you may not use this file except in compliance

 * with the License. You may obtain a copy of the License at

 *   http://www.apache.org/licenses/LICENSE-2.0

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License. See accompanying LICENSE file.

 */


#ifndef HELIB_KEYS_H

#define HELIB_KEYS_H


#include <helib/keySwitching.h>


namespace helib {


#define HELIB_KSS_UNKNOWN (0)

// unknown KS strategy


#define HELIB_KSS_FULL (1)

// all KS matrices


#define HELIB_KSS_BSGS (2)

// baby step/giant step strategy


#define HELIB_KSS_MIN (3)

// minimal strategy (for g_i, and for g_i^{-ord_i} for bad dims)


void writePubKeyBinary(std::ostream& str, const PubKey& pk);

void readPubKeyBinary(std::istream& str, PubKey& pk);


class PubKey

{                         // The public key

  const Context& context; // The context


private:

  Ctxt pubEncrKey;


  std::vector<double> skBounds;

  // High-probability bounds on L-infty norm of secret keys


  std::vector<KeySwitch> keySwitching; // The key-switching matrices


  // The keySwitchMap structure contains pointers to key-switching matrices

  // for re-linearizing automorphisms. The entry keySwitchMap[i][n] contains

  // the index j such that keySwitching[j] is the first matrix one needs to

  // use when re-linearizing s_i(X^n).

  std::vector<std::vector<long>> keySwitchMap;


  NTL::Vec<long> KS_strategy; // NTL Vec's support I/O, which is more convenient


  // bootstrapping data


  long recryptKeyID; // index of the bootstrapping key

  Ctxt recryptEkey;  // the key itself, encrypted under key #0


public:

  PubKey();


  explicit PubKey(const Context& _context);


  PubKey(const PubKey& other);


  virtual ~PubKey() = default;


  virtual void clear();


  bool operator==(const PubKey& other) const;

  bool operator!=(const PubKey& other) const;


  // Access methods

  const Context& getContext() const;

  long getPtxtSpace() const;

  bool keyExists(long keyID) const;


  double getSKeyBound(long keyID = 0) const;


  const std::vector<KeySwitch>& keySWlist() const;


  const KeySwitch& getKeySWmatrix(const SKHandle& from, long toID = 0) const;

  const KeySwitch& getKeySWmatrix(long fromSPower,

                                  long fromXPower,

                                  long fromID = 0,

                                  long toID = 0) const;


  bool haveKeySWmatrix(const SKHandle& from, long toID = 0) const;


  bool haveKeySWmatrix(long fromSPower,

                       long fromXPower,

                       long fromID = 0,

                       long toID = 0) const;


  const KeySwitch& getAnyKeySWmatrix(const SKHandle& from) const;

  bool haveAnyKeySWmatrix(const SKHandle& from) const;


  const KeySwitch& getNextKSWmatrix(long fromXPower, long fromID = 0) const;


  bool isReachable(long k, long keyID = 0) const;


  void setKeySwitchMap(long keyId = 0); // Computes the keySwitchMap pointers


  long getKSStrategy(long dim) const;


  void setKSStrategy(long dim, int val);


  long Encrypt(Ctxt& ciphertxt,

               const NTL::ZZX& plaintxt,

               long ptxtSpace,

               bool highNoise) const;

  long Encrypt(Ctxt& ciphertxt,

               const zzX& plaintxt,

               long ptxtSpace,

               bool highNoise) const;


  void CKKSencrypt(Ctxt& ciphertxt,

                   const NTL::ZZX& plaintxt,

                   double ptxtSize = 1.0,

                   double scaling = 0.0) const;

  void CKKSencrypt(Ctxt& ciphertxt,

                   const zzX& plaintxt,

                   double ptxtSize = 1.0,

                   double scaling = 0.0) const;


  // These methods are overridden by secret-key Encrypt

  virtual long Encrypt(Ctxt& ciphertxt,

                       const NTL::ZZX& plaintxt,

                       long ptxtSpace = 0) const;

  virtual long Encrypt(Ctxt& ciphertxt,

                       const zzX& plaintxt,

                       long ptxtSpace = 0) const;


  template <typename Scheme>

  long Encrypt(Ctxt& ciphertxt,

               const Ptxt<Scheme>& plaintxt,

               long ptxtSpace = 0) const;


  double securityLevel() const

  {

    if (isBootstrappable())

      return context.securityLevel(context.rcData.skHwt); // a sparse key

    else

      return context.securityLevel(); // security level of a "dense" key

  }


  bool isCKKS() const;

  // NOTE: Is taking the alMod from the context the right thing to do?


  bool isBootstrappable() const;

  void reCrypt(Ctxt& ctxt) const;     // bootstrap a ciphertext to reduce noise

  void thinReCrypt(Ctxt& ctxt) const; // bootstrap a "thin" ciphertext, where

  // slots are assumed to contain constants


  friend class SecKey;

  friend std::ostream& operator<<(std::ostream& str, const PubKey& pk);

  friend std::istream& operator>>(std::istream& str, PubKey& pk);

  friend void ::helib::writePubKeyBinary(std::ostream& str, const PubKey& pk);

  friend void ::helib::readPubKeyBinary(std::istream& str, PubKey& pk);


  // defines plaintext space for the bootstrapping encrypted secret key

  static long ePlusR(long p);


  // A hack to increase the plaintext space, you'd better

  // know what you are doing when using it.

  void hackPtxtSpace(long p2r) { pubEncrKey.ptxtSpace = p2r; }

};


void writeSecKeyBinary(std::ostream& str, const SecKey& sk);

void readSecKeyBinary(std::istream& str, SecKey& sk);


class SecKey : public PubKey

{ // The secret key

public:

  std::vector<DoubleCRT> sKeys; // The secret key(s) themselves


public:

  // Disable default constructor

  SecKey() = delete;


  // Default destructor

  ~SecKey() override = default;


  // Constructors just call the ones for the base class

  explicit SecKey(const Context& _context);


  bool operator==(const SecKey& other) const;

  bool operator!=(const SecKey& other) const;


  void clear() override;


  long ImportSecKey(const DoubleCRT& sKey,

                    double bound,

                    long ptxtSpace = 0,

                    long maxDegKswitch = 3);


  long GenSecKey(long hwt = 0, long ptxtSpace = 0, long maxDegKswitch = 3);


  void GenKeySWmatrix(long fromSPower,

                      long fromXPower,

                      long fromKeyIdx = 0,

                      long toKeyIdx = 0,

                      long ptxtSpace = 0);


  // Decryption

  void Decrypt(NTL::ZZX& plaintxt, const Ctxt& ciphertxt) const;


  template <typename Scheme>

  void Decrypt(Ptxt<Scheme>& plaintxt, const Ctxt& ciphertxt) const;


  void Decrypt(NTL::ZZX& plaintxt, const Ctxt& ciphertxt, NTL::ZZX& f) const;


  long skEncrypt(Ctxt& ctxt,

                 const NTL::ZZX& ptxt,

                 long ptxtSpace,

                 long skIdx) const;

  long skEncrypt(Ctxt& ctxt, const zzX& ptxt, long ptxtSpace, long skIdx) const;


  // These methods override the public-key Encrypt methods

  long Encrypt(Ctxt& ciphertxt,

               const NTL::ZZX& plaintxt,

               long ptxtSpace = 0) const override;

  long Encrypt(Ctxt& ciphertxt,

               const zzX& plaintxt,

               long ptxtSpace = 0) const override;


  long genRecryptData();


  friend std::ostream& operator<<(std::ostream& str, const SecKey& sk);

  friend std::istream& operator>>(std::istream& str, SecKey& sk);

  friend void ::helib::writeSecKeyBinary(std::ostream& str, const SecKey& sk);

  friend void ::helib::readSecKeyBinary(std::istream& str, SecKey& sk);

};


double RLWE(DoubleCRT& c0,

            DoubleCRT& c1,

            const DoubleCRT& s,

            long p,

            NTL::ZZ* prgSeed = nullptr);


double RLWE1(DoubleCRT& c0, const DoubleCRT& c1, const DoubleCRT& s, long p);


} // namespace helib


#endif // HELIB_KEYS_H