add non-interactive key setup

2026-01-08 23:21:29 +01:00 · 2024-06-16 19:19:09 +05:30
parent 80856cc850
commit 6226995179
4 changed files with 982 additions and 106 deletions
--- a/src/bool/evaluator.rs
+++ b/src/bool/evaluator.rs
--- a/src/bool/keys.rs
+++ b/src/bool/keys.rs
@@ -32,12 +32,6 @@ mod impl_ck {

    // Client key
    impl ClientKey {
-        pub(in super::super) fn random() -> Self {
-            let sk_rlwe = RlweSecret::random(0, 0);
-            let sk_lwe = LweSecret::random(0, 0);
-            Self { sk_rlwe, sk_lwe }
-        }
-
        pub(in super::super) fn new(sk_rlwe: RlweSecret, sk_lwe: LweSecret) -> Self {
            Self { sk_rlwe, sk_lwe }
        }
@@ -53,17 +47,6 @@ mod impl_ck {

    // Client key
    impl NonInteractiveClientKey {
-        pub(in super::super) fn random() -> Self {
-            let sk_rlwe = RlweSecret::random(0, 0);
-            let sk_u_rlwe = RlweSecret::random(0, 0);
-            let sk_lwe = LweSecret::random(0, 0);
-            Self {
-                sk_rlwe,
-                sk_u_rlwe,
-                sk_lwe,
-            }
-        }
-
        pub(in super::super) fn new(
            sk_rlwe: RlweSecret,
            sk_u_rlwe: RlweSecret,
--- a/src/bool/parameters.rs
+++ b/src/bool/parameters.rs
@@ -2,7 +2,7 @@ use num_traits::{ConstZero, FromPrimitive, PrimInt};

 use crate::{backend::Modulus, decomposer::Decomposer};

-trait DoubleDecomposerParams {
+pub(super) trait DoubleDecomposerParams {
    type Base;
    type Count;

@@ -100,12 +100,14 @@ pub struct BoolParameters<El> {
        DecompostionLogBase,
        (DecompositionCount, DecompositionCount),
    ),
+    auto_decomposer_params: (DecompostionLogBase, DecompositionCount),
    /// RGSW x RGSW decomposition count for (part A, part B)
    rgrg_decomposer_params: Option<(
        DecompostionLogBase,
        (DecompositionCount, DecompositionCount),
    )>,
-    auto_decomposer_params: (DecompostionLogBase, DecompositionCount),
+    non_interactive_ui_to_s_key_switch_decomposer:
+        Option<(DecompostionLogBase, DecompositionCount)>,
    g: usize,
    w: usize,
    variant: ParameterVariant,
@@ -140,6 +142,27 @@ impl<El> BoolParameters<El> {
        self.w
    }

+    pub(crate) fn rlwe_by_rgsw_decomposition_params(
+        &self,
+    ) -> (
+        DecompostionLogBase,
+        (DecompositionCount, DecompositionCount),
+    ) {
+        self.rlrg_decomposer_params
+    }
+
+    pub(crate) fn rgsw_by_rgsw_decomposition_params(
+        &self,
+    ) -> (
+        DecompostionLogBase,
+        (DecompositionCount, DecompositionCount),
+    ) {
+        self.rgrg_decomposer_params.expect(&format!(
+            "Parameter variant {:?} does not support RGSWxRGSW",
+            self.variant
+        ))
+    }
+
    pub(crate) fn rlwe_rgsw_decomposition_base(&self) -> DecompostionLogBase {
        self.rlrg_decomposer_params.0
    }
@@ -172,6 +195,18 @@ impl<El> BoolParameters<El> {
        self.lwe_decomposer_params.decomposition_count()
    }

+    pub(crate) fn non_interactive_ui_to_s_key_switch_decomposition_count(
+        &self,
+    ) -> DecompositionCount {
+        let params = self
+            .non_interactive_ui_to_s_key_switch_decomposer
+            .expect(&format!(
+                "Parameter variant {:?} does not support non-interactive",
+                self.variant
+            ));
+        params.decomposition_count()
+    }
+
    pub(crate) fn rgsw_rgsw_decomposer<D: Decomposer<Element = El>>(&self) -> (D, D)
    where
        El: Copy,
@@ -238,6 +273,25 @@ impl<El> BoolParameters<El> {
        )
    }

+    pub(crate) fn non_interactive_ui_to_s_key_switch_decomposer<D: Decomposer<Element = El>>(
+        &self,
+    ) -> D
+    where
+        El: Copy,
+    {
+        let params = self
+            .non_interactive_ui_to_s_key_switch_decomposer
+            .expect(&format!(
+                "Parameter variant {:?} does not support non-interactive",
+                self.variant
+            ));
+        D::new(
+            self.rlwe_q.0,
+            params.decomposition_base().0,
+            params.decomposition_count().0,
+        )
+    }
+
    /// Returns dlogs of `g` for which auto keys are required as
    /// per the parameter. Given that autos are required for [-g, g, g^2, ...,
    /// g^w] function returns the following [0, 1, 2, ..., w] where `w` is
@@ -397,6 +451,7 @@ pub(crate) const SP_BOOL_PARAMS: BoolParameters<u64> = BoolParameters::<u64> {
    ),
    rgrg_decomposer_params: None,
    auto_decomposer_params: (DecompostionLogBase(7), DecompositionCount(4)),
+    non_interactive_ui_to_s_key_switch_decomposer: None,
    g: 5,
    w: 5,
    variant: ParameterVariant::SingleParty,
@@ -418,6 +473,7 @@ pub(crate) const MP_BOOL_PARAMS: BoolParameters<u64> = BoolParameters::<u64> {
        (DecompositionCount(5), DecompositionCount(5)),
    )),
    auto_decomposer_params: (DecompostionLogBase(12), DecompositionCount(5)),
+    non_interactive_ui_to_s_key_switch_decomposer: None,
    g: 5,
    w: 10,
    variant: ParameterVariant::MultiParty,
@@ -439,19 +495,44 @@ pub(crate) const SMALL_MP_BOOL_PARAMS: BoolParameters<u64> = BoolParameters::<u6
        (DecompositionCount(5), DecompositionCount(4)),
    )),
    auto_decomposer_params: (DecompostionLogBase(11), DecompositionCount(2)),
+    non_interactive_ui_to_s_key_switch_decomposer: None,
    g: 5,
    w: 10,
    variant: ParameterVariant::MultiParty,
 };

+pub(crate) const NON_INTERACTIVE_SMALL_MP_BOOL_PARAMS: BoolParameters<u64> = BoolParameters::<u64> {
+    rlwe_q: CiphertextModulus::new_non_native(36028797018820609),
+    lwe_q: CiphertextModulus::new_non_native(1 << 20),
+    br_q: 1 << 11,
+    rlwe_n: PolynomialSize(1 << 11),
+    lwe_n: LweDimension(10),
+    lwe_decomposer_params: (DecompostionLogBase(4), DecompositionCount(5)),
+    rlrg_decomposer_params: (
+        DecompostionLogBase(11),
+        (DecompositionCount(2), DecompositionCount(1)),
+    ),
+    rgrg_decomposer_params: Some((
+        DecompostionLogBase(11),
+        (DecompositionCount(5), DecompositionCount(4)),
+    )),
+    auto_decomposer_params: (DecompostionLogBase(11), DecompositionCount(2)),
+    non_interactive_ui_to_s_key_switch_decomposer: Some((
+        DecompostionLogBase(1),
+        DecompositionCount(55),
+    )),
+    g: 5,
+    w: 10,
+    variant: ParameterVariant::NonInteractiveMultiParty,
+};
 #[cfg(test)]
 mod tests {
    use crate::utils::generate_prime;

    #[test]
    fn find_prime() {
-        let bits = 55;
-        let ring_size = 1 << 15;
+        let bits = 60;
+        let ring_size = 1 << 11;
        let prime = generate_prime(bits, ring_size * 2, 1 << bits).unwrap();
        dbg!(prime);
    }
--- a/src/multi_party.rs
+++ b/src/multi_party.rs
@@ -48,7 +48,7 @@ pub(crate) fn public_key_share<
    modop.elwise_add_mut(share_out.as_mut(), s.as_ref()); // s*e + e
 }

-fn non_interactive_rgsw_ct<
+pub(crate) fn non_interactive_rgsw_ct<
    M: MatrixMut + MatrixEntity,
    S,
    PRng: RandomFillUniformInModulus<[M::MatElement], ModOp::M>,
@@ -140,7 +140,8 @@ pub(crate) fn non_interactive_ksk_gen<
    rng: &mut Rng,
    nttop: &NttOp,
    modop: &ModOp,
-) where
+) -> M
+where
    <M as Matrix>::R: RowMut + TryConvertFrom1<[S], ModOp::M> + RowEntity,
    M::MatElement: Copy,
 {
@@ -153,7 +154,6 @@ pub(crate) fn non_interactive_ksk_gen<
    let mut s_poly_eval = M::R::try_convert_from(s, q);
    nttop.forward(s_poly_eval.as_mut());
    let u_poly = M::R::try_convert_from(u, q);
-
    // a_i * s + \beta u + e
    let mut ksk = M::zeros(d, ring_size);

@@ -176,6 +176,8 @@ pub(crate) fn non_interactive_ksk_gen<
        // a_i * s + e + \beta * u
        modop.elwise_add_mut(e_ksk.as_mut(), scratch_space.as_ref());
    });
+
+    ksk
 }

 pub(crate) fn non_interactive_ksk_zero_encryptions_for_other_party_i<