commit before transation to shoup pbs

10 months ago · a6ced5c036
5 changed files with 1246 additions and 1141 deletions
--- a/src/bool/evaluator.rs
+++ b/src/bool/evaluator.rs
--- a/src/bool/keys.rs
+++ b/src/bool/keys.rs
@ -391,7 +391,7 @@ impl SeededServerKey, S> {
 }

 /// Server key in evaluation domain
 pub(crate) struct ServerKeyEvaluationDomain<M, R, N> {
 pub(crate) struct ServerKeyEvaluationDomain<M, P, R, N> {
    /// Rgsw cts of LWE secret elements
    rgsw_cts: Vec<M>,
    /// Auto keys. Key corresponding to g^{k} is at index `k`. Key corresponding
@ -399,6 +399,7 @@ pub(crate) struct ServerKeyEvaluationDomain {
    galois_keys: HashMap<usize, M>,
    /// LWE ksk to key switching LWE ciphertext from RLWE secret to LWE secret
    lwe_ksk: M,
    parameters: P,
    _phanton: PhantomData<(R, N)>,
 }

@ -406,13 +407,14 @@ pub(super) mod impl_server_key_eval_domain {
    use itertools::{izip, Itertools};

    use crate::{
        backend::Modulus,
        ntt::{Ntt, NttInit},
        pbs::PbsKey,
    };

    use super::*;

    impl<M, R, N> ServerKeyEvaluationDomain<M, R, N> {
    impl<M, Mod, R, N> ServerKeyEvaluationDomain<M, Mod, R, N> {
        pub(in super::super) fn rgsw_cts(&self) -> &[M] {
            &self.rgsw_cts
        }
@ -424,7 +426,7 @@ pub(super) mod impl_server_key_eval_domain {
                + NewWithSeed,
            N: NttInit<CiphertextModulus<M::MatElement>> + Ntt<Element = M::MatElement>,
        > From<&SeededServerKey<M, BoolParameters<M::MatElement>, R::Seed>>
        for ServerKeyEvaluationDomain<M, R, N>
        for ServerKeyEvaluationDomain<M, BoolParameters<M::MatElement>, R, N>
    where
        <M as Matrix>::R: RowMut,
        M::MatElement: Copy,
@ -542,6 +544,7 @@ pub(super) mod impl_server_key_eval_domain {
                rgsw_cts,
                galois_keys: auto_keys,
                lwe_ksk,
                parameters: parameters.clone(),
                _phanton: PhantomData,
            }
        }
@ -552,7 +555,7 @@ pub(super) mod impl_server_key_eval_domain {
            Rng: NewWithSeed,
            N: NttInit<CiphertextModulus<M::MatElement>> + Ntt<Element = M::MatElement>,
        > From<&SeededMultiPartyServerKey<M, Rng::Seed, BoolParameters<M::MatElement>>>
        for ServerKeyEvaluationDomain<M, Rng, N>
        for ServerKeyEvaluationDomain<M, BoolParameters<M::MatElement>, Rng, N>
    where
        <M as Matrix>::R: RowMut,
        Rng::Seed: Copy,
@ -640,21 +643,63 @@ pub(super) mod impl_server_key_eval_domain {
                rgsw_cts,
                galois_keys: auto_keys,
                lwe_ksk,
                parameters: value.parameters.clone(),
                _phanton: PhantomData,
            }
        }
    }

    impl<M: Matrix, R, N> PbsKey for ServerKeyEvaluationDomain<M, R, N> {
        type M = M;
        fn galois_key_for_auto(&self, k: usize) -> &Self::M {
    impl<M: Matrix, P, R, N> PbsKey for ServerKeyEvaluationDomain<M, P, R, N> {
        type AutoKey = M;
        type LweKskKey = M;
        type RgswCt = M;

        fn galois_key_for_auto(&self, k: usize) -> &Self::AutoKey {
            self.galois_keys.get(&k).unwrap()
        }
        fn rgsw_ct_lwe_si(&self, si: usize) -> &Self::RgswCt {
            &self.rgsw_cts[si]
        }

        fn lwe_ksk(&self) -> &Self::LweKskKey {
            &self.lwe_ksk
        }
    }
 }

 /// Server key in evaluation domain
 pub(crate) struct ShoupServerKeyEvaluationDomain<M, P, R, N> {
    /// Rgsw cts of LWE secret elements
    rgsw_cts: Vec<NormalAndShoup<M>>,
    /// Auto keys. Key corresponding to g^{k} is at index `k`. Key corresponding
    /// to -g is at 0
    galois_keys: HashMap<usize, NormalAndShoup<M>>,
    /// LWE ksk to key switching LWE ciphertext from RLWE secret to LWE secret
    lwe_ksk: M,
    parameters: P,
    _phanton: PhantomData<(R, N)>,
 }

 pub(crate) struct NormalAndShoup<M>(M, M);

 mod shoup_server_key_eval_domain {
    use crate::pbs::PbsKey;

    use super::*;

    impl<M: Matrix, P, R, N> PbsKey for ShoupServerKeyEvaluationDomain<M, P, R, N> {
        type AutoKey = NormalAndShoup<M>;
        type LweKskKey = M;
        type RgswCt = NormalAndShoup<M>;

        fn galois_key_for_auto(&self, k: usize) -> &Self::AutoKey {
            self.galois_keys.get(&k).unwrap()
        }
        fn rgsw_ct_lwe_si(&self, si: usize) -> &Self::M {
        fn rgsw_ct_lwe_si(&self, si: usize) -> &Self::RgswCt {
            &self.rgsw_cts[si]
        }

        fn lwe_ksk(&self) -> &Self::M {
        fn lwe_ksk(&self) -> &Self::LweKskKey {
            &self.lwe_ksk
        }
    }
--- a/src/bool/mod.rs
+++ b/src/bool/mod.rs
@ -23,7 +23,7 @@ thread_local! {

 }
 static BOOL_SERVER_KEY: OnceLock<
    ServerKeyEvaluationDomain<Vec<Vec<u64>>, DefaultSecureRng, NttBackendU64>,
    ServerKeyEvaluationDomain<Vec<Vec<u64>>, BoolParameters<u64>, DefaultSecureRng, NttBackendU64>,
 > = OnceLock::new();

 static MULTI_PARTY_CRS: OnceLock<MultiPartyCrs<[u8; 32]>> = OnceLock::new();
@ -39,7 +39,14 @@ pub fn set_mp_seed(seed: [u8; 32]) {
    )
 }

 fn set_server_key(key: ServerKeyEvaluationDomain<Vec<Vec<u64>>, DefaultSecureRng, NttBackendU64>) {
 fn set_server_key(
    key: ServerKeyEvaluationDomain<
        Vec<Vec<u64>>,
        BoolParameters<u64>,
        DefaultSecureRng,
        NttBackendU64,
    >,
 ) {
    assert!(
        BOOL_SERVER_KEY.set(key).is_ok(),
        "Attempted to set server key twice."
@ -107,6 +114,7 @@ pub fn aggregate_server_key_shares(
 impl SeededServerKey<Vec<Vec<u64>>, BoolParameters<u64>, [u8; 32]> {
    pub fn set_server_key(&self) {
        set_server_key(ServerKeyEvaluationDomain::<
            _,
            _,
            DefaultSecureRng,
            NttBackendU64,
@ -123,14 +131,22 @@ impl
 {
    pub fn set_server_key(&self) {
        set_server_key(ServerKeyEvaluationDomain::<
            Vec<Vec<u64>>,
            _,
            _,
            DefaultSecureRng,
            NttBackendU64,
        >::from(self))
    }
 }

 impl Global for ServerKeyEvaluationDomain<Vec<Vec<u64>>, DefaultSecureRng, NttBackendU64> {
 impl Global
    for ServerKeyEvaluationDomain<
        Vec<Vec<u64>>,
        BoolParameters<u64>,
        DefaultSecureRng,
        NttBackendU64,
    >
 {
    fn global() -> &'static Self {
        BOOL_SERVER_KEY.get().unwrap()
    }
--- a/src/pbs.rs
+++ b/src/pbs.rs
@ -8,18 +8,25 @@ use crate::{
    lwe::lwe_key_switch,
    ntt::Ntt,
    random::DefaultSecureRng,
    rgsw::{galois_auto, rlwe_by_rgsw, IsTrivial, RlweCiphertext},
    rgsw::{galois_auto, rlwe_by_rgsw, rlwe_by_rgsw_shoup, IsTrivial, RlweCiphertext},
    Matrix, MatrixEntity, MatrixMut, RowMut,
 };
 pub(crate) trait PbsKey {
    type M: Matrix;
    type RgswCt;
    type AutoKey;
    type LweKskKey;

    /// RGSW ciphertext of LWE secret elements
    fn rgsw_ct_lwe_si(&self, si: usize) -> &Self::M;
    fn rgsw_ct_lwe_si(&self, si: usize) -> &Self::RgswCt;
    /// Key for automorphism with g^k. For -g use k = 0
    fn galois_key_for_auto(&self, k: usize) -> &Self::M;
    fn galois_key_for_auto(&self, k: usize) -> &Self::AutoKey;
    /// LWE ksk to key switch from RLWE secret to LWE secret
    fn lwe_ksk(&self) -> &Self::M;
    fn lwe_ksk(&self) -> &Self::LweKskKey;
 }

 trait WithShoupRepr: AsRef<Self::M> {
    type M;
    fn shoup_repr(&self) -> Self::M;
 }

 pub(crate) trait PbsInfo {
@ -73,7 +80,7 @@ pub(crate) trait PbsInfo {
 pub(crate) fn pbs<
    M: MatrixMut + MatrixEntity,
    P: PbsInfo<Element = M::MatElement>,
    K: PbsKey<M = M>,
    K: PbsKey<RgswCt = M, AutoKey = M, LweKskKey = M>,
 >(
    pbs_info: &P,
    test_vec: &M::R,
@ -211,7 +218,8 @@ fn blind_rotation<
    D: Decomposer<Element = MT::MatElement>,
    NttOp: Ntt<Element = MT::MatElement>,
    ModOp: ArithmeticOps<Element = MT::MatElement> + VectorOps<Element = MT::MatElement>,
    K: PbsKey<M = Mmut>,
    MShoup: WithShoupRepr<M = Mmut>,
    K: PbsKey<RgswCt = MShoup, AutoKey = MShoup>,
    P: PbsInfo<Element = MT::MatElement>,
 >(
    trivial_rlwe_test_poly: &mut MT,
@ -241,9 +249,19 @@ fn blind_rotation<

        s_indices.iter().for_each(|s_index| {
            // let new = std::time::Instant::now();
            rlwe_by_rgsw(
            // rlwe_by_rgsw(
            // trivial_rlwe_test_poly,
            // pbs_key.rgsw_ct_lwe_si(*s_index),
            // scratch_matrix,
            // rlwe_rgsw_decomposer,
            // ntt_op,
            // mod_op,
            // );
            let ct = pbs_key.rgsw_ct_lwe_si(*s_index);
            rlwe_by_rgsw_shoup(
                trivial_rlwe_test_poly,
                pbs_key.rgsw_ct_lwe_si(*s_index),
                ct.as_ref(),
                &ct.shoup_repr(),
                scratch_matrix,
                rlwe_rgsw_decomposer,
                ntt_op,
--- a/src/utils.rs
+++ b/src/utils.rs
@ -244,4 +244,30 @@ where
 }

 #[cfg(test)]
 mod tests {}
 mod tests {

    // #[test]
    // fn gg() {
    //     let n = 1 << (11 + 1);
    //     let mut start = 1 << 55;
    //     while start < (1 << 56) {
    //         if start % n == 1 {
    //             break;
    //         }
    //         start += 1;
    //     }

    //     let mut prime = None;
    //     while start < (1 << 56) {
    //         if is_probably_prime(start) {
    //             dbg!(start);
    //             prime = Some(start);
    //             break;
    //         }
    //         dbg!(start);
    //         start += (n);
    //     }

    //     println!("{:?}", prime);
    // }
 }