add non-interactive key setup

10 months ago · 6226995179
4 changed files with 982 additions and 106 deletions
--- a/src/bool/evaluator.rs
+++ b/src/bool/evaluator.rs
--- a/src/bool/keys.rs
+++ b/src/bool/keys.rs
@ -32,12 +32,6 @@ mod impl_ck {

    // Client key
    impl ClientKey {
        pub(in super::super) fn random() -> Self {
            let sk_rlwe = RlweSecret::random(0, 0);
            let sk_lwe = LweSecret::random(0, 0);
            Self { sk_rlwe, sk_lwe }
        }

        pub(in super::super) fn new(sk_rlwe: RlweSecret, sk_lwe: LweSecret) -> Self {
            Self { sk_rlwe, sk_lwe }
        }
@ -53,17 +47,6 @@ mod impl_ck {

    // Client key
    impl NonInteractiveClientKey {
        pub(in super::super) fn random() -> Self {
            let sk_rlwe = RlweSecret::random(0, 0);
            let sk_u_rlwe = RlweSecret::random(0, 0);
            let sk_lwe = LweSecret::random(0, 0);
            Self {
                sk_rlwe,
                sk_u_rlwe,
                sk_lwe,
            }
        }

        pub(in super::super) fn new(
            sk_rlwe: RlweSecret,
            sk_u_rlwe: RlweSecret,
--- a/src/bool/parameters.rs
+++ b/src/bool/parameters.rs
@ -2,7 +2,7 @@ use num_traits::{ConstZero, FromPrimitive, PrimInt};

 use crate::{backend::Modulus, decomposer::Decomposer};

 trait DoubleDecomposerParams {
 pub(super) trait DoubleDecomposerParams {
    type Base;
    type Count;

@ -100,12 +100,14 @@ pub struct BoolParameters {
        DecompostionLogBase,
        (DecompositionCount, DecompositionCount),
    ),
    auto_decomposer_params: (DecompostionLogBase, DecompositionCount),
    /// RGSW x RGSW decomposition count for (part A, part B)
    rgrg_decomposer_params: Option<(
        DecompostionLogBase,
        (DecompositionCount, DecompositionCount),
    )>,
    auto_decomposer_params: (DecompostionLogBase, DecompositionCount),
    non_interactive_ui_to_s_key_switch_decomposer:
        Option<(DecompostionLogBase, DecompositionCount)>,
    g: usize,
    w: usize,
    variant: ParameterVariant,
@ -140,6 +142,27 @@ impl BoolParameters {
        self.w
    }

    pub(crate) fn rlwe_by_rgsw_decomposition_params(
        &self,
    ) -> (
        DecompostionLogBase,
        (DecompositionCount, DecompositionCount),
    ) {
        self.rlrg_decomposer_params
    }

    pub(crate) fn rgsw_by_rgsw_decomposition_params(
        &self,
    ) -> (
        DecompostionLogBase,
        (DecompositionCount, DecompositionCount),
    ) {
        self.rgrg_decomposer_params.expect(&format!(
            "Parameter variant {:?} does not support RGSWxRGSW",
            self.variant
        ))
    }

    pub(crate) fn rlwe_rgsw_decomposition_base(&self) -> DecompostionLogBase {
        self.rlrg_decomposer_params.0
    }
@ -172,6 +195,18 @@ impl BoolParameters {
        self.lwe_decomposer_params.decomposition_count()
    }

    pub(crate) fn non_interactive_ui_to_s_key_switch_decomposition_count(
        &self,
    ) -> DecompositionCount {
        let params = self
            .non_interactive_ui_to_s_key_switch_decomposer
            .expect(&format!(
                "Parameter variant {:?} does not support non-interactive",
                self.variant
            ));
        params.decomposition_count()
    }

    pub(crate) fn rgsw_rgsw_decomposer<D: Decomposer<Element = El>>(&self) -> (D, D)
    where
        El: Copy,
@ -238,6 +273,25 @@ impl BoolParameters {
        )
    }

    pub(crate) fn non_interactive_ui_to_s_key_switch_decomposer<D: Decomposer<Element = El>>(
        &self,
    ) -> D
    where
        El: Copy,
    {
        let params = self
            .non_interactive_ui_to_s_key_switch_decomposer
            .expect(&format!(
                "Parameter variant {:?} does not support non-interactive",
                self.variant
            ));
        D::new(
            self.rlwe_q.0,
            params.decomposition_base().0,
            params.decomposition_count().0,
        )
    }

    /// Returns dlogs of `g` for which auto keys are required as
    /// per the parameter. Given that autos are required for [-g, g, g^2, ...,
    /// g^w] function returns the following [0, 1, 2, ..., w] where `w` is
@ -397,6 +451,7 @@ pub(crate) const SP_BOOL_PARAMS: BoolParameters = BoolParameters:: {
    ),
    rgrg_decomposer_params: None,
    auto_decomposer_params: (DecompostionLogBase(7), DecompositionCount(4)),
    non_interactive_ui_to_s_key_switch_decomposer: None,
    g: 5,
    w: 5,
    variant: ParameterVariant::SingleParty,
@ -418,6 +473,7 @@ pub(crate) const MP_BOOL_PARAMS: BoolParameters = BoolParameters:: {
        (DecompositionCount(5), DecompositionCount(5)),
    )),
    auto_decomposer_params: (DecompostionLogBase(12), DecompositionCount(5)),
    non_interactive_ui_to_s_key_switch_decomposer: None,
    g: 5,
    w: 10,
    variant: ParameterVariant::MultiParty,
@ -439,19 +495,44 @@ pub(crate) const SMALL_MP_BOOL_PARAMS: BoolParameters = BoolParameters::
        (DecompositionCount(5), DecompositionCount(4)),
    )),
    auto_decomposer_params: (DecompostionLogBase(11), DecompositionCount(2)),
    non_interactive_ui_to_s_key_switch_decomposer: None,
    g: 5,
    w: 10,
    variant: ParameterVariant::MultiParty,
 };

 pub(crate) const NON_INTERACTIVE_SMALL_MP_BOOL_PARAMS: BoolParameters<u64> = BoolParameters::<u64> {
    rlwe_q: CiphertextModulus::new_non_native(36028797018820609),
    lwe_q: CiphertextModulus::new_non_native(1 << 20),
    br_q: 1 << 11,
    rlwe_n: PolynomialSize(1 << 11),
    lwe_n: LweDimension(10),
    lwe_decomposer_params: (DecompostionLogBase(4), DecompositionCount(5)),
    rlrg_decomposer_params: (
        DecompostionLogBase(11),
        (DecompositionCount(2), DecompositionCount(1)),
    ),
    rgrg_decomposer_params: Some((
        DecompostionLogBase(11),
        (DecompositionCount(5), DecompositionCount(4)),
    )),
    auto_decomposer_params: (DecompostionLogBase(11), DecompositionCount(2)),
    non_interactive_ui_to_s_key_switch_decomposer: Some((
        DecompostionLogBase(1),
        DecompositionCount(55),
    )),
    g: 5,
    w: 10,
    variant: ParameterVariant::NonInteractiveMultiParty,
 };
 #[cfg(test)]
 mod tests {
    use crate::utils::generate_prime;

    #[test]
    fn find_prime() {
        let bits = 55;
        let ring_size = 1 << 15;
        let bits = 60;
        let ring_size = 1 << 11;
        let prime = generate_prime(bits, ring_size * 2, 1 << bits).unwrap();
        dbg!(prime);
    }
--- a/src/multi_party.rs
+++ b/src/multi_party.rs
@ -48,7 +48,7 @@ pub(crate) fn public_key_share<
    modop.elwise_add_mut(share_out.as_mut(), s.as_ref()); // s*e + e
 }

 fn non_interactive_rgsw_ct<
 pub(crate) fn non_interactive_rgsw_ct<
    M: MatrixMut + MatrixEntity,
    S,
    PRng: RandomFillUniformInModulus<[M::MatElement], ModOp::M>,
@ -140,7 +140,8 @@ pub(crate) fn non_interactive_ksk_gen<
    rng: &mut Rng,
    nttop: &NttOp,
    modop: &ModOp,
 ) where
 ) -> M
 where
    <M as Matrix>::R: RowMut + TryConvertFrom1<[S], ModOp::M> + RowEntity,
    M::MatElement: Copy,
 {
@ -153,7 +154,6 @@ pub(crate) fn non_interactive_ksk_gen<
    let mut s_poly_eval = M::R::try_convert_from(s, q);
    nttop.forward(s_poly_eval.as_mut());
    let u_poly = M::R::try_convert_from(u, q);

    // a_i * s + \beta u + e
    let mut ksk = M::zeros(d, ring_size);

@ -176,6 +176,8 @@ pub(crate) fn non_interactive_ksk_gen<
        // a_i * s + e + \beta * u
        modop.elwise_add_mut(e_ksk.as_mut(), scratch_space.as_ref());
    });

    ksk
 }

 pub(crate) fn non_interactive_ksk_zero_encryptions_for_other_party_i<