mirror of
https://github.com/arnaucube/poulpy.git
synced 2026-02-10 13:16:44 +01:00
Add Hardware Abstraction Layer (#56)
This commit is contained in:
Jean-Philippe Bossuat
committed by
GitHub
GitHub
parent
833520b163
commit
0e0745065e
@@ -11,6 +11,7 @@ backend = {path="../backend"}
|
||||
sampling = {path="../sampling"}
|
||||
rand_distr = {workspace = true}
|
||||
itertools = {workspace = true}
|
||||
byteorder = {workspace = true}
|
||||
|
||||
[[bench]]
|
||||
name = "external_product_glwe_fft64"
|
||||
|
||||
@@ -1,8 +1,15 @@
|
||||
use backend::{FFT64, Module, ScalarZnx, ScalarZnxAlloc, ScratchOwned};
|
||||
use core::{FourierGLWESecret, GGSWCiphertext, GLWECiphertext, GLWESecret, Infos};
|
||||
use core::{GGSWCiphertext, GGSWCiphertextExec, GLWECiphertext, GLWESecret, GLWESecretExec, Infos};
|
||||
use std::hint::black_box;
|
||||
|
||||
use backend::{
|
||||
hal::{
|
||||
api::{ModuleNew, ScalarZnxAlloc, ScratchOwnedAlloc, ScratchOwnedBorrow},
|
||||
layouts::{Module, ScalarZnx, ScratchOwned},
|
||||
},
|
||||
implementation::cpu_spqlios::FFT64,
|
||||
};
|
||||
use criterion::{BenchmarkId, Criterion, criterion_group, criterion_main};
|
||||
use sampling::source::Source;
|
||||
use std::hint::black_box;
|
||||
|
||||
fn bench_external_product_glwe_fft64(c: &mut Criterion) {
|
||||
let mut group = c.benchmark_group("external_product_glwe_fft64");
|
||||
@@ -26,15 +33,15 @@ fn bench_external_product_glwe_fft64(c: &mut Criterion) {
|
||||
let rank: usize = p.rank;
|
||||
let digits: usize = 1;
|
||||
|
||||
let rows: usize = 1; //(p.k_ct_in + p.basek - 1) / p.basek;
|
||||
let rows: usize = 1; //(p.k_ct_in.div_ceil(p.basek);
|
||||
let sigma: f64 = 3.2;
|
||||
|
||||
let mut ct_ggsw: GGSWCiphertext<Vec<u8>, FFT64> = GGSWCiphertext::alloc(&module, basek, k_ggsw, rows, digits, rank);
|
||||
let mut ct_ggsw: GGSWCiphertext<Vec<u8>> = GGSWCiphertext::alloc(&module, basek, k_ggsw, rows, digits, rank);
|
||||
let mut ct_glwe_in: GLWECiphertext<Vec<u8>> = GLWECiphertext::alloc(&module, basek, k_ct_in, rank);
|
||||
let mut ct_glwe_out: GLWECiphertext<Vec<u8>> = GLWECiphertext::alloc(&module, basek, k_ct_out, rank);
|
||||
let pt_rgsw: ScalarZnx<Vec<u8>> = module.new_scalar_znx(1);
|
||||
let pt_rgsw: ScalarZnx<Vec<u8>> = module.scalar_znx_alloc(1);
|
||||
|
||||
let mut scratch = ScratchOwned::new(
|
||||
let mut scratch: ScratchOwned<FFT64> = ScratchOwned::alloc(
|
||||
GGSWCiphertext::encrypt_sk_scratch_space(&module, basek, ct_ggsw.k(), rank)
|
||||
| GLWECiphertext::encrypt_sk_scratch_space(&module, basek, ct_glwe_in.k())
|
||||
| GLWECiphertext::external_product_scratch_space(
|
||||
@@ -54,7 +61,7 @@ fn bench_external_product_glwe_fft64(c: &mut Criterion) {
|
||||
|
||||
let mut sk: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank);
|
||||
sk.fill_ternary_prob(0.5, &mut source_xs);
|
||||
let sk_dft: FourierGLWESecret<Vec<u8>, FFT64> = FourierGLWESecret::from(&module, &sk);
|
||||
let sk_dft: GLWESecretExec<Vec<u8>, FFT64> = GLWESecretExec::from(&module, &sk);
|
||||
|
||||
ct_ggsw.encrypt_sk(
|
||||
&module,
|
||||
@@ -75,8 +82,10 @@ fn bench_external_product_glwe_fft64(c: &mut Criterion) {
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
let ggsw_exec: GGSWCiphertextExec<Vec<u8>, FFT64> = GGSWCiphertextExec::from(&module, &ct_ggsw, scratch.borrow());
|
||||
|
||||
move || {
|
||||
black_box(ct_glwe_out.external_product(&module, &ct_glwe_in, &ct_ggsw, scratch.borrow()));
|
||||
black_box(ct_glwe_out.external_product(&module, &ct_glwe_in, &ggsw_exec, scratch.borrow()));
|
||||
}
|
||||
}
|
||||
|
||||
@@ -118,14 +127,14 @@ fn bench_external_product_glwe_inplace_fft64(c: &mut Criterion) {
|
||||
let rank: usize = p.rank;
|
||||
let digits: usize = 1;
|
||||
|
||||
let rows: usize = (p.k_ct + p.basek - 1) / p.basek;
|
||||
let rows: usize = p.k_ct.div_ceil(p.basek);
|
||||
let sigma: f64 = 3.2;
|
||||
|
||||
let mut ct_ggsw: GGSWCiphertext<Vec<u8>, FFT64> = GGSWCiphertext::alloc(&module, basek, k_ggsw, rows, digits, rank);
|
||||
let mut ct_ggsw: GGSWCiphertext<Vec<u8>> = GGSWCiphertext::alloc(&module, basek, k_ggsw, rows, digits, rank);
|
||||
let mut ct_glwe: GLWECiphertext<Vec<u8>> = GLWECiphertext::alloc(&module, basek, k_glwe, rank);
|
||||
let pt_rgsw: ScalarZnx<Vec<u8>> = module.new_scalar_znx(1);
|
||||
let pt_rgsw: ScalarZnx<Vec<u8>> = module.scalar_znx_alloc(1);
|
||||
|
||||
let mut scratch = ScratchOwned::new(
|
||||
let mut scratch: ScratchOwned<FFT64> = ScratchOwned::alloc(
|
||||
GGSWCiphertext::encrypt_sk_scratch_space(&module, basek, ct_ggsw.k(), rank)
|
||||
| GLWECiphertext::encrypt_sk_scratch_space(&module, basek, ct_glwe.k())
|
||||
| GLWECiphertext::external_product_inplace_scratch_space(&module, basek, ct_glwe.k(), ct_ggsw.k(), digits, rank),
|
||||
@@ -137,7 +146,7 @@ fn bench_external_product_glwe_inplace_fft64(c: &mut Criterion) {
|
||||
|
||||
let mut sk: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank);
|
||||
sk.fill_ternary_prob(0.5, &mut source_xs);
|
||||
let sk_dft: FourierGLWESecret<Vec<u8>, FFT64> = FourierGLWESecret::from(&module, &sk);
|
||||
let sk_dft: GLWESecretExec<Vec<u8>, FFT64> = GLWESecretExec::from(&module, &sk);
|
||||
|
||||
ct_ggsw.encrypt_sk(
|
||||
&module,
|
||||
@@ -158,9 +167,11 @@ fn bench_external_product_glwe_inplace_fft64(c: &mut Criterion) {
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
let ggsw_exec: GGSWCiphertextExec<Vec<u8>, FFT64> = GGSWCiphertextExec::from(&module, &ct_ggsw, scratch.borrow());
|
||||
|
||||
move || {
|
||||
let scratch_borrow = scratch.borrow();
|
||||
black_box(ct_glwe.external_product_inplace(&module, &ct_ggsw, scratch_borrow));
|
||||
black_box(ct_glwe.external_product_inplace(&module, &ggsw_exec, scratch_borrow));
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -1,8 +1,18 @@
|
||||
use backend::{FFT64, Module, ScratchOwned};
|
||||
use core::{FourierGLWESecret, GLWEAutomorphismKey, GLWECiphertext, GLWESecret, GLWESwitchingKey, Infos};
|
||||
use core::{
|
||||
AutomorphismKey, AutomorphismKeyExec, GLWECiphertext, GLWESecret, GLWESecretExec, GLWESwitchingKey, GLWESwitchingKeyExec,
|
||||
Infos,
|
||||
};
|
||||
use std::{hint::black_box, time::Duration};
|
||||
|
||||
use backend::{
|
||||
hal::{
|
||||
api::{ModuleNew, ScratchOwnedAlloc, ScratchOwnedBorrow},
|
||||
layouts::{Module, ScratchOwned},
|
||||
},
|
||||
implementation::cpu_spqlios::FFT64,
|
||||
};
|
||||
use criterion::{BenchmarkId, Criterion, criterion_group, criterion_main};
|
||||
use sampling::source::Source;
|
||||
use std::{hint::black_box, time::Duration};
|
||||
|
||||
fn bench_keyswitch_glwe_fft64(c: &mut Criterion) {
|
||||
let mut group = c.benchmark_group("keyswitch_glwe_fft64");
|
||||
@@ -29,15 +39,14 @@ fn bench_keyswitch_glwe_fft64(c: &mut Criterion) {
|
||||
let rank_out: usize = p.rank_out;
|
||||
let digits: usize = p.digits;
|
||||
|
||||
let rows: usize = (p.k_ct_in + (p.basek * digits) - 1) / (p.basek * digits);
|
||||
let rows: usize = p.k_ct_in.div_ceil(p.basek * digits);
|
||||
let sigma: f64 = 3.2;
|
||||
|
||||
let mut ksk: GLWEAutomorphismKey<Vec<u8>, FFT64> =
|
||||
GLWEAutomorphismKey::alloc(&module, basek, k_grlwe, rows, digits, rank_out);
|
||||
let mut ksk: AutomorphismKey<Vec<u8>> = AutomorphismKey::alloc(&module, basek, k_grlwe, rows, digits, rank_out);
|
||||
let mut ct_in: GLWECiphertext<Vec<u8>> = GLWECiphertext::alloc(&module, basek, k_rlwe_in, rank_in);
|
||||
let mut ct_out: GLWECiphertext<Vec<u8>> = GLWECiphertext::alloc(&module, basek, k_rlwe_out, rank_out);
|
||||
|
||||
let mut scratch = ScratchOwned::new(
|
||||
let mut scratch: ScratchOwned<FFT64> = ScratchOwned::alloc(
|
||||
GLWESwitchingKey::encrypt_sk_scratch_space(&module, basek, ksk.k(), rank_in, rank_out)
|
||||
| GLWECiphertext::encrypt_sk_scratch_space(&module, basek, ct_in.k())
|
||||
| GLWECiphertext::keyswitch_scratch_space(
|
||||
@@ -58,7 +67,7 @@ fn bench_keyswitch_glwe_fft64(c: &mut Criterion) {
|
||||
|
||||
let mut sk_in: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank_in);
|
||||
sk_in.fill_ternary_prob(0.5, &mut source_xs);
|
||||
let sk_in_dft: FourierGLWESecret<Vec<u8>, FFT64> = FourierGLWESecret::from(&module, &sk_in);
|
||||
let sk_in_dft: GLWESecretExec<Vec<u8>, FFT64> = GLWESecretExec::from(&module, &sk_in);
|
||||
|
||||
let mut sk_out: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank_out);
|
||||
sk_out.fill_ternary_prob(0.5, &mut source_xs);
|
||||
@@ -82,8 +91,10 @@ fn bench_keyswitch_glwe_fft64(c: &mut Criterion) {
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
let ksk_exec: AutomorphismKeyExec<Vec<u8>, _> = AutomorphismKeyExec::from(&module, &ksk, scratch.borrow());
|
||||
|
||||
move || {
|
||||
black_box(ct_out.automorphism(&module, &ct_in, &ksk, scratch.borrow()));
|
||||
black_box(ct_out.automorphism(&module, &ct_in, &ksk_exec, scratch.borrow()));
|
||||
}
|
||||
}
|
||||
|
||||
@@ -132,13 +143,13 @@ fn bench_keyswitch_glwe_inplace_fft64(c: &mut Criterion) {
|
||||
let rank: usize = p.rank;
|
||||
let digits: usize = 1;
|
||||
|
||||
let rows: usize = (p.k_ct + p.basek - 1) / p.basek;
|
||||
let rows: usize = p.k_ct.div_ceil(p.basek);
|
||||
let sigma: f64 = 3.2;
|
||||
|
||||
let mut ksk: GLWESwitchingKey<Vec<u8>, FFT64> = GLWESwitchingKey::alloc(&module, basek, k_ksk, rows, digits, rank, rank);
|
||||
let mut ksk: GLWESwitchingKey<Vec<u8>> = GLWESwitchingKey::alloc(&module, basek, k_ksk, rows, digits, rank, rank);
|
||||
let mut ct: GLWECiphertext<Vec<u8>> = GLWECiphertext::alloc(&module, basek, k_ct, rank);
|
||||
|
||||
let mut scratch = ScratchOwned::new(
|
||||
let mut scratch: ScratchOwned<FFT64> = ScratchOwned::alloc(
|
||||
GLWESwitchingKey::encrypt_sk_scratch_space(&module, basek, ksk.k(), rank, rank)
|
||||
| GLWECiphertext::encrypt_sk_scratch_space(&module, basek, ct.k())
|
||||
| GLWECiphertext::keyswitch_inplace_scratch_space(&module, basek, ct.k(), ksk.k(), digits, rank),
|
||||
@@ -150,16 +161,15 @@ fn bench_keyswitch_glwe_inplace_fft64(c: &mut Criterion) {
|
||||
|
||||
let mut sk_in: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank);
|
||||
sk_in.fill_ternary_prob(0.5, &mut source_xs);
|
||||
let sk_in_dft: FourierGLWESecret<Vec<u8>, FFT64> = FourierGLWESecret::from(&module, &sk_in);
|
||||
let sk_in_dft: GLWESecretExec<Vec<u8>, FFT64> = GLWESecretExec::from(&module, &sk_in);
|
||||
|
||||
let mut sk_out: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank);
|
||||
sk_out.fill_ternary_prob(0.5, &mut source_xs);
|
||||
let sk_out_dft: FourierGLWESecret<Vec<u8>, FFT64> = FourierGLWESecret::from(&module, &sk_out);
|
||||
|
||||
ksk.encrypt_sk(
|
||||
&module,
|
||||
&sk_in,
|
||||
&sk_out_dft,
|
||||
&sk_out,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
@@ -175,8 +185,10 @@ fn bench_keyswitch_glwe_inplace_fft64(c: &mut Criterion) {
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
let ksk_exec: GLWESwitchingKeyExec<Vec<u8>, FFT64> = GLWESwitchingKeyExec::from(&module, &ksk, scratch.borrow());
|
||||
|
||||
move || {
|
||||
black_box(ct.keyswitch_inplace(&module, &ksk, scratch.borrow()));
|
||||
black_box(ct.keyswitch_inplace(&module, &ksk_exec, scratch.borrow()));
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -1,375 +0,0 @@
|
||||
use backend::{Backend, FFT64, MatZnxDft, MatZnxDftOps, Module, ScalarZnxOps, Scratch, VecZnx, VecZnxDftOps, VecZnxOps, ZnxZero};
|
||||
use sampling::source::Source;
|
||||
|
||||
use crate::{
|
||||
FourierGLWECiphertext, GGLWECiphertext, GGSWCiphertext, GLWECiphertext, GLWESecret, GLWESwitchingKey, GetRow, Infos,
|
||||
ScratchCore, SetRow,
|
||||
};
|
||||
|
||||
pub struct AutomorphismKey<Data, B: Backend> {
|
||||
pub(crate) key: GLWESwitchingKey<Data, B>,
|
||||
pub(crate) p: i64,
|
||||
}
|
||||
|
||||
impl AutomorphismKey<Vec<u8>, FFT64> {
|
||||
pub fn alloc(module: &Module<FFT64>, basek: usize, k: usize, rows: usize, digits: usize, rank: usize) -> Self {
|
||||
AutomorphismKey {
|
||||
key: GLWESwitchingKey::alloc(module, basek, k, rows, digits, rank, rank),
|
||||
p: 0,
|
||||
}
|
||||
}
|
||||
|
||||
pub fn bytes_of(module: &Module<FFT64>, basek: usize, k: usize, rows: usize, digits: usize, rank: usize) -> usize {
|
||||
GLWESwitchingKey::<Vec<u8>, FFT64>::bytes_of(module, basek, k, rows, digits, rank, rank)
|
||||
}
|
||||
}
|
||||
|
||||
impl<T, B: Backend> Infos for AutomorphismKey<T, B> {
|
||||
type Inner = MatZnxDft<T, B>;
|
||||
|
||||
fn inner(&self) -> &Self::Inner {
|
||||
&self.key.inner()
|
||||
}
|
||||
|
||||
fn basek(&self) -> usize {
|
||||
self.key.basek()
|
||||
}
|
||||
|
||||
fn k(&self) -> usize {
|
||||
self.key.k()
|
||||
}
|
||||
}
|
||||
|
||||
impl<T, B: Backend> AutomorphismKey<T, B> {
|
||||
pub fn p(&self) -> i64 {
|
||||
self.p
|
||||
}
|
||||
|
||||
pub fn digits(&self) -> usize {
|
||||
self.key.digits()
|
||||
}
|
||||
|
||||
pub fn rank(&self) -> usize {
|
||||
self.key.rank()
|
||||
}
|
||||
|
||||
pub fn rank_in(&self) -> usize {
|
||||
self.key.rank_in()
|
||||
}
|
||||
|
||||
pub fn rank_out(&self) -> usize {
|
||||
self.key.rank_out()
|
||||
}
|
||||
}
|
||||
|
||||
impl<C: AsRef<[u8]>> GetRow<FFT64> for AutomorphismKey<C, FFT64> {
|
||||
fn get_row<R: AsMut<[u8]> + AsRef<[u8]>>(
|
||||
&self,
|
||||
module: &Module<FFT64>,
|
||||
row_i: usize,
|
||||
col_j: usize,
|
||||
res: &mut FourierGLWECiphertext<R, FFT64>,
|
||||
) {
|
||||
module.mat_znx_dft_get_row(&mut res.data, &self.key.0.data, row_i, col_j);
|
||||
}
|
||||
}
|
||||
|
||||
impl<C: AsMut<[u8]> + AsRef<[u8]>> SetRow<FFT64> for AutomorphismKey<C, FFT64> {
|
||||
fn set_row<R: AsRef<[u8]>>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
row_i: usize,
|
||||
col_j: usize,
|
||||
a: &FourierGLWECiphertext<R, FFT64>,
|
||||
) {
|
||||
module.mat_znx_dft_set_row(&mut self.key.0.data, row_i, col_j, &a.data);
|
||||
}
|
||||
}
|
||||
|
||||
impl AutomorphismKey<Vec<u8>, FFT64> {
|
||||
pub fn generate_from_sk_scratch_space(module: &Module<FFT64>, basek: usize, k: usize, rank: usize) -> usize {
|
||||
GGLWECiphertext::generate_from_sk_scratch_space(module, basek, k, rank) + GLWESecret::bytes_of(module, rank)
|
||||
}
|
||||
|
||||
pub fn generate_from_pk_scratch_space(module: &Module<FFT64>, _basek: usize, _k: usize, _rank: usize) -> usize {
|
||||
GGLWECiphertext::generate_from_pk_scratch_space(module, _basek, _k, _rank)
|
||||
}
|
||||
|
||||
pub fn keyswitch_scratch_space(
|
||||
module: &Module<FFT64>,
|
||||
basek: usize,
|
||||
k_out: usize,
|
||||
k_in: usize,
|
||||
k_ksk: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> usize {
|
||||
GLWESwitchingKey::keyswitch_scratch_space(module, basek, k_out, k_in, k_ksk, digits, rank, rank)
|
||||
}
|
||||
|
||||
pub fn keyswitch_inplace_scratch_space(
|
||||
module: &Module<FFT64>,
|
||||
basek: usize,
|
||||
k_out: usize,
|
||||
k_ksk: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> usize {
|
||||
GLWESwitchingKey::keyswitch_inplace_scratch_space(module, basek, k_out, k_ksk, digits, rank)
|
||||
}
|
||||
|
||||
pub fn automorphism_scratch_space(
|
||||
module: &Module<FFT64>,
|
||||
basek: usize,
|
||||
k_out: usize,
|
||||
k_in: usize,
|
||||
k_ksk: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> usize {
|
||||
let tmp_dft: usize = FourierGLWECiphertext::bytes_of(module, basek, k_in, rank);
|
||||
let tmp_idft: usize = FourierGLWECiphertext::bytes_of(module, basek, k_out, rank);
|
||||
let idft: usize = module.vec_znx_idft_tmp_bytes();
|
||||
let keyswitch: usize = GLWECiphertext::keyswitch_inplace_scratch_space(module, basek, k_out, k_ksk, digits, rank);
|
||||
tmp_dft + tmp_idft + idft + keyswitch
|
||||
}
|
||||
|
||||
pub fn automorphism_inplace_scratch_space(
|
||||
module: &Module<FFT64>,
|
||||
basek: usize,
|
||||
k_out: usize,
|
||||
k_ksk: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> usize {
|
||||
AutomorphismKey::automorphism_scratch_space(module, basek, k_out, k_out, k_ksk, digits, rank)
|
||||
}
|
||||
|
||||
pub fn external_product_scratch_space(
|
||||
module: &Module<FFT64>,
|
||||
basek: usize,
|
||||
k_out: usize,
|
||||
k_in: usize,
|
||||
ggsw_k: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> usize {
|
||||
GLWESwitchingKey::external_product_scratch_space(module, basek, k_out, k_in, ggsw_k, digits, rank)
|
||||
}
|
||||
|
||||
pub fn external_product_inplace_scratch_space(
|
||||
module: &Module<FFT64>,
|
||||
basek: usize,
|
||||
k_out: usize,
|
||||
ggsw_k: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> usize {
|
||||
GLWESwitchingKey::external_product_inplace_scratch_space(module, basek, k_out, ggsw_k, digits, rank)
|
||||
}
|
||||
}
|
||||
|
||||
impl<DataSelf: AsMut<[u8]> + AsRef<[u8]>> AutomorphismKey<DataSelf, FFT64> {
|
||||
pub fn generate_from_sk<DataSk: AsRef<[u8]>>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
p: i64,
|
||||
sk: &GLWESecret<DataSk, FFT64>,
|
||||
source_xa: &mut Source,
|
||||
source_xe: &mut Source,
|
||||
sigma: f64,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
assert_eq!(self.n(), module.n());
|
||||
assert_eq!(sk.n(), module.n());
|
||||
assert_eq!(self.rank_out(), self.rank_in());
|
||||
assert_eq!(sk.rank(), self.rank());
|
||||
assert!(
|
||||
scratch.available()
|
||||
>= AutomorphismKey::generate_from_sk_scratch_space(module, self.basek(), self.k(), self.rank()),
|
||||
"scratch.available(): {} < AutomorphismKey::generate_from_sk_scratch_space(module, self.rank()={}, \
|
||||
self.size()={}): {}",
|
||||
scratch.available(),
|
||||
self.rank(),
|
||||
self.size(),
|
||||
AutomorphismKey::generate_from_sk_scratch_space(module, self.basek(), self.k(), self.rank())
|
||||
)
|
||||
}
|
||||
|
||||
let (mut sk_out, scratch_1) = scratch.tmp_sk(module, sk.rank());
|
||||
(0..self.rank()).for_each(|i| {
|
||||
module.scalar_znx_automorphism(
|
||||
module.galois_element_inv(p),
|
||||
&mut sk_out.data,
|
||||
i,
|
||||
&sk.data,
|
||||
i,
|
||||
);
|
||||
});
|
||||
|
||||
sk_out.prep_fourier(module);
|
||||
|
||||
self.key
|
||||
.generate_from_sk(module, &sk, &sk_out, source_xa, source_xe, sigma, scratch_1);
|
||||
|
||||
self.p = p;
|
||||
}
|
||||
}
|
||||
|
||||
impl<DataSelf: AsMut<[u8]> + AsRef<[u8]>> AutomorphismKey<DataSelf, FFT64> {
|
||||
pub fn automorphism<DataLhs: AsRef<[u8]>, DataRhs: AsRef<[u8]>>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
lhs: &AutomorphismKey<DataLhs, FFT64>,
|
||||
rhs: &AutomorphismKey<DataRhs, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
assert_eq!(
|
||||
self.rank_in(),
|
||||
lhs.rank_in(),
|
||||
"ksk_out input rank: {} != ksk_in input rank: {}",
|
||||
self.rank_in(),
|
||||
lhs.rank_in()
|
||||
);
|
||||
assert_eq!(
|
||||
lhs.rank_out(),
|
||||
rhs.rank_in(),
|
||||
"ksk_in output rank: {} != ksk_apply input rank: {}",
|
||||
self.rank_out(),
|
||||
rhs.rank_in()
|
||||
);
|
||||
assert_eq!(
|
||||
self.rank_out(),
|
||||
rhs.rank_out(),
|
||||
"ksk_out output rank: {} != ksk_apply output rank: {}",
|
||||
self.rank_out(),
|
||||
rhs.rank_out()
|
||||
);
|
||||
assert!(
|
||||
self.k() <= lhs.k(),
|
||||
"output k={} cannot be greater than input k={}",
|
||||
self.k(),
|
||||
lhs.k()
|
||||
)
|
||||
}
|
||||
|
||||
let cols_out: usize = rhs.rank_out() + 1;
|
||||
|
||||
(0..self.rank_in()).for_each(|col_i| {
|
||||
(0..self.rows()).for_each(|row_j| {
|
||||
let (mut tmp_idft_data, scratct1) = scratch.tmp_vec_znx_big(module, cols_out, self.size());
|
||||
|
||||
{
|
||||
let (mut tmp_dft, scratch2) = scratct1.tmp_glwe_fourier(module, lhs.basek(), lhs.k(), lhs.rank());
|
||||
|
||||
// Extracts relevant row
|
||||
lhs.get_row(module, row_j, col_i, &mut tmp_dft);
|
||||
|
||||
// Get a VecZnxBig from scratch space
|
||||
|
||||
// Switches input outside of DFT
|
||||
(0..cols_out).for_each(|i| {
|
||||
module.vec_znx_idft(&mut tmp_idft_data, i, &tmp_dft.data, i, scratch2);
|
||||
});
|
||||
}
|
||||
|
||||
// Consumes to small vec znx
|
||||
let mut tmp_idft_small_data: VecZnx<&mut [u8]> = tmp_idft_data.to_vec_znx_small();
|
||||
|
||||
// Reverts the automorphis key from (-pi^{-1}_{k}(s)a + s, a) to (-sa + pi_{k}(s), a)
|
||||
(0..cols_out).for_each(|i| {
|
||||
module.vec_znx_automorphism_inplace(lhs.p(), &mut tmp_idft_small_data, i);
|
||||
});
|
||||
|
||||
// Wraps into ciphertext
|
||||
let mut tmp_idft: GLWECiphertext<&mut [u8]> = GLWECiphertext::<&mut [u8]> {
|
||||
data: tmp_idft_small_data,
|
||||
basek: self.basek(),
|
||||
k: self.k(),
|
||||
};
|
||||
|
||||
// Key-switch (-sa + pi_{k}(s), a) to (-pi^{-1}_{k'}(s)a + pi_{k}(s), a)
|
||||
tmp_idft.keyswitch_inplace(module, &rhs.key, scratct1);
|
||||
|
||||
{
|
||||
let (mut tmp_dft, _) = scratct1.tmp_glwe_fourier(module, self.basek(), self.k(), self.rank());
|
||||
|
||||
// Applies back the automorphism X^{k}: (-pi^{-1}_{k'}(s)a + pi_{k}(s), a) -> (-pi^{-1}_{k'+k}(s)a + s, a)
|
||||
// and switches back to DFT domain
|
||||
(0..self.rank_out() + 1).for_each(|i| {
|
||||
module.vec_znx_automorphism_inplace(lhs.p(), &mut tmp_idft.data, i);
|
||||
module.vec_znx_dft(1, 0, &mut tmp_dft.data, i, &tmp_idft.data, i);
|
||||
});
|
||||
|
||||
// Sets back the relevant row
|
||||
self.set_row(module, row_j, col_i, &tmp_dft);
|
||||
}
|
||||
});
|
||||
});
|
||||
|
||||
let (mut tmp_dft, _) = scratch.tmp_glwe_fourier(module, self.basek(), self.k(), self.rank());
|
||||
tmp_dft.data.zero();
|
||||
|
||||
(self.rows().min(lhs.rows())..self.rows()).for_each(|row_i| {
|
||||
(0..self.rank_in()).for_each(|col_j| {
|
||||
self.set_row(module, row_i, col_j, &tmp_dft);
|
||||
});
|
||||
});
|
||||
|
||||
self.p = (lhs.p * rhs.p) % (module.cyclotomic_order() as i64);
|
||||
}
|
||||
|
||||
pub fn automorphism_inplace<DataRhs: AsRef<[u8]>>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
rhs: &AutomorphismKey<DataRhs, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
unsafe {
|
||||
let self_ptr: *mut AutomorphismKey<DataSelf, FFT64> = self as *mut AutomorphismKey<DataSelf, FFT64>;
|
||||
self.automorphism(&module, &*self_ptr, rhs, scratch);
|
||||
}
|
||||
}
|
||||
|
||||
pub fn keyswitch<DataLhs: AsRef<[u8]>, DataRhs: AsRef<[u8]>>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
lhs: &AutomorphismKey<DataLhs, FFT64>,
|
||||
rhs: &GLWESwitchingKey<DataRhs, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
self.key.keyswitch(module, &lhs.key, rhs, scratch);
|
||||
}
|
||||
|
||||
pub fn keyswitch_inplace<DataRhs: AsRef<[u8]>>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
rhs: &AutomorphismKey<DataRhs, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
self.key.keyswitch_inplace(module, &rhs.key, scratch);
|
||||
}
|
||||
|
||||
pub fn external_product<DataLhs: AsRef<[u8]>, DataRhs: AsRef<[u8]>>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
lhs: &AutomorphismKey<DataLhs, FFT64>,
|
||||
rhs: &GGSWCiphertext<DataRhs, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
self.key.external_product(module, &lhs.key, rhs, scratch);
|
||||
}
|
||||
|
||||
pub fn external_product_inplace<DataRhs: AsRef<[u8]>>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
rhs: &GGSWCiphertext<DataRhs, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
self.key.external_product_inplace(module, rhs, scratch);
|
||||
}
|
||||
}
|
||||
@@ -1,18 +1,47 @@
|
||||
use backend::{
|
||||
FFT64, MatZnxDftOps, MatZnxDftScratch, Module, ScalarZnxDft, ScalarZnxDftAlloc, ScalarZnxDftOps, Scratch, VecZnxAlloc,
|
||||
VecZnxBigAlloc, VecZnxBigOps, VecZnxBigScratch, VecZnxDftAlloc, VecZnxDftOps, VecZnxOps, ZnxView, ZnxViewMut, ZnxZero,
|
||||
use backend::hal::{
|
||||
api::{
|
||||
ScratchAvailable, SvpApply, SvpPPolAllocBytes, TakeVecZnx, TakeVecZnxBig, TakeVecZnxDft, TakeVecZnxDftSlice,
|
||||
TakeVecZnxSlice, VecZnxAddInplace, VecZnxAllocBytes, VecZnxBigAddSmallInplace, VecZnxBigAllocBytes,
|
||||
VecZnxBigNormalizeTmpBytes, VecZnxCopy, VecZnxDftAdd, VecZnxDftAddInplace, VecZnxDftAllocBytes, VecZnxDftFromVecZnx,
|
||||
VecZnxDftSubABInplace, VecZnxDftToVecZnxBig, VecZnxDftToVecZnxBigTmpBytes, VecZnxDftZero, VecZnxMulXpMinusOneInplace,
|
||||
VecZnxNormalize, VecZnxNormalizeInplace, VecZnxRotate, VecZnxSubABInplace, VmpApplyTmpBytes, ZnxView, ZnxZero,
|
||||
},
|
||||
layouts::{Backend, DataMut, DataRef, Module, Scratch, SvpPPol},
|
||||
};
|
||||
use itertools::izip;
|
||||
|
||||
use crate::{
|
||||
GLWECiphertext, GLWECiphertextToMut, GLWEOps, Infos, LWECiphertext, ScratchCore,
|
||||
blind_rotation::{key::BlindRotationKeyCGGI, lut::LookUpTable},
|
||||
GLWECiphertext, GLWECiphertextToMut, GLWEExternalProductFamily, GLWEOps, Infos, LWECiphertext, TakeGLWECt,
|
||||
blind_rotation::{key::BlindRotationKeyCGGIExec, lut::LookUpTable},
|
||||
dist::Distribution,
|
||||
lwe::ciphertext::LWECiphertextToRef,
|
||||
};
|
||||
|
||||
pub fn cggi_blind_rotate_scratch_space(
|
||||
module: &Module<FFT64>,
|
||||
pub trait CCGIBlindRotationFamily<B: Backend> = VecZnxBigAllocBytes
|
||||
+ VecZnxDftAllocBytes
|
||||
+ SvpPPolAllocBytes
|
||||
+ VmpApplyTmpBytes
|
||||
+ VecZnxBigNormalizeTmpBytes
|
||||
+ VecZnxDftToVecZnxBigTmpBytes
|
||||
+ VecZnxDftToVecZnxBig<B>
|
||||
+ VecZnxDftAdd<B>
|
||||
+ VecZnxDftAddInplace<B>
|
||||
+ VecZnxDftFromVecZnx<B>
|
||||
+ VecZnxDftZero<B>
|
||||
+ SvpApply<B>
|
||||
+ VecZnxDftSubABInplace<B>
|
||||
+ VecZnxBigAddSmallInplace<B>
|
||||
+ GLWEExternalProductFamily<B>
|
||||
+ VecZnxRotate
|
||||
+ VecZnxAddInplace
|
||||
+ VecZnxSubABInplace
|
||||
+ VecZnxNormalize<B>
|
||||
+ VecZnxNormalizeInplace<B>
|
||||
+ VecZnxCopy
|
||||
+ VecZnxMulXpMinusOneInplace;
|
||||
|
||||
pub fn cggi_blind_rotate_scratch_space<B: Backend>(
|
||||
module: &Module<B>,
|
||||
block_size: usize,
|
||||
extension_factor: usize,
|
||||
basek: usize,
|
||||
@@ -20,22 +49,24 @@ pub fn cggi_blind_rotate_scratch_space(
|
||||
k_brk: usize,
|
||||
rows: usize,
|
||||
rank: usize,
|
||||
) -> usize {
|
||||
) -> usize
|
||||
where
|
||||
Module<B>: CCGIBlindRotationFamily<B> + VecZnxAllocBytes,
|
||||
{
|
||||
let brk_size: usize = k_brk.div_ceil(basek);
|
||||
|
||||
if block_size > 1 {
|
||||
let cols: usize = rank + 1;
|
||||
let acc_dft: usize = module.bytes_of_vec_znx_dft(cols, rows) * extension_factor;
|
||||
let acc_big: usize = module.bytes_of_vec_znx_big(1, brk_size);
|
||||
let vmp_res: usize = module.bytes_of_vec_znx_dft(cols, brk_size) * extension_factor;
|
||||
let acc_dft: usize = module.vec_znx_dft_alloc_bytes(cols, rows) * extension_factor;
|
||||
let acc_big: usize = module.vec_znx_big_alloc_bytes(1, brk_size);
|
||||
let vmp_res: usize = module.vec_znx_dft_alloc_bytes(cols, brk_size) * extension_factor;
|
||||
let vmp_xai: usize = module.vec_znx_dft_alloc_bytes(1, brk_size);
|
||||
let acc_dft_add: usize = vmp_res;
|
||||
let xai_plus_y: usize = module.bytes_of_scalar_znx_dft(1);
|
||||
let xai_plus_y_dft: usize = module.bytes_of_scalar_znx_dft(1);
|
||||
let vmp: usize = module.vmp_apply_tmp_bytes(brk_size, rows, rows, 2, 2, brk_size); // GGSW product: (1 x 2) x (2 x 2)
|
||||
|
||||
let acc: usize;
|
||||
if extension_factor > 1 {
|
||||
acc = module.bytes_of_vec_znx(cols, k_res.div_ceil(basek)) * extension_factor;
|
||||
acc = module.vec_znx_alloc_bytes(cols, k_res.div_ceil(basek)) * extension_factor;
|
||||
} else {
|
||||
acc = 0;
|
||||
}
|
||||
@@ -44,26 +75,30 @@ pub fn cggi_blind_rotate_scratch_space(
|
||||
+ acc_dft
|
||||
+ acc_dft_add
|
||||
+ vmp_res
|
||||
+ xai_plus_y
|
||||
+ xai_plus_y_dft
|
||||
+ (vmp | (acc_big + (module.vec_znx_big_normalize_tmp_bytes() | module.vec_znx_idft_tmp_bytes())));
|
||||
+ vmp_xai
|
||||
+ (vmp
|
||||
| (acc_big
|
||||
+ (module.vec_znx_big_normalize_tmp_bytes(module.n()) | module.vec_znx_dft_to_vec_znx_big_tmp_bytes())));
|
||||
} else {
|
||||
2 * GLWECiphertext::bytes_of(module, basek, k_res, rank)
|
||||
GLWECiphertext::bytes_of(module, basek, k_res, rank)
|
||||
+ GLWECiphertext::external_product_scratch_space(module, basek, k_res, k_res, k_brk, 1, rank)
|
||||
}
|
||||
}
|
||||
|
||||
pub fn cggi_blind_rotate<DataRes, DataIn, DataBrk>(
|
||||
module: &Module<FFT64>,
|
||||
pub fn cggi_blind_rotate<DataRes, DataIn, DataBrk, B: Backend>(
|
||||
module: &Module<B>,
|
||||
res: &mut GLWECiphertext<DataRes>,
|
||||
lwe: &LWECiphertext<DataIn>,
|
||||
lut: &LookUpTable,
|
||||
brk: &BlindRotationKeyCGGI<DataBrk, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
brk: &BlindRotationKeyCGGIExec<DataBrk, B>,
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
DataRes: AsRef<[u8]> + AsMut<[u8]>,
|
||||
DataIn: AsRef<[u8]>,
|
||||
DataBrk: AsRef<[u8]>,
|
||||
DataRes: DataMut,
|
||||
DataIn: DataRef,
|
||||
DataBrk: DataRef,
|
||||
Module<B>: CCGIBlindRotationFamily<B>,
|
||||
Scratch<B>:
|
||||
TakeVecZnxDftSlice<B> + TakeVecZnxDft<B> + TakeVecZnxBig<B> + TakeVecZnx<B> + ScratchAvailable + TakeVecZnxSlice<B>,
|
||||
{
|
||||
match brk.dist {
|
||||
Distribution::BinaryBlock(_) | Distribution::BinaryFixed(_) | Distribution::BinaryProb(_) | Distribution::ZERO => {
|
||||
@@ -82,37 +117,36 @@ pub fn cggi_blind_rotate<DataRes, DataIn, DataBrk>(
|
||||
}
|
||||
}
|
||||
|
||||
pub(crate) fn cggi_blind_rotate_block_binary_extended<DataRes, DataIn, DataBrk>(
|
||||
module: &Module<FFT64>,
|
||||
pub(crate) fn cggi_blind_rotate_block_binary_extended<DataRes, DataIn, DataBrk, B: Backend>(
|
||||
module: &Module<B>,
|
||||
res: &mut GLWECiphertext<DataRes>,
|
||||
lwe: &LWECiphertext<DataIn>,
|
||||
lut: &LookUpTable,
|
||||
brk: &BlindRotationKeyCGGI<DataBrk, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
brk: &BlindRotationKeyCGGIExec<DataBrk, B>,
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
DataRes: AsRef<[u8]> + AsMut<[u8]>,
|
||||
DataIn: AsRef<[u8]>,
|
||||
DataBrk: AsRef<[u8]>,
|
||||
DataRes: DataMut,
|
||||
DataIn: DataRef,
|
||||
DataBrk: DataRef,
|
||||
Module<B>: CCGIBlindRotationFamily<B>,
|
||||
Scratch<B>: TakeVecZnxDftSlice<B> + TakeVecZnxDft<B> + TakeVecZnxBig<B> + TakeVecZnxSlice<B>,
|
||||
{
|
||||
let extension_factor: usize = lut.extension_factor();
|
||||
let basek: usize = res.basek();
|
||||
let rows: usize = brk.rows();
|
||||
let cols: usize = res.rank() + 1;
|
||||
|
||||
let (mut acc, scratch1) = scratch.tmp_slice_vec_znx(extension_factor, module, cols, res.size());
|
||||
let (mut acc_dft, scratch2) = scratch1.tmp_slice_vec_znx_dft(extension_factor, module, cols, rows);
|
||||
let (mut vmp_res, scratch3) = scratch2.tmp_slice_vec_znx_dft(extension_factor, module, cols, brk.size());
|
||||
let (mut acc_add_dft, scratch4) = scratch3.tmp_slice_vec_znx_dft(extension_factor, module, cols, brk.size());
|
||||
let (mut minus_one, scratch5) = scratch4.tmp_scalar_znx_dft(module, 1);
|
||||
let (mut xai_plus_y_dft, scratch6) = scratch5.tmp_scalar_znx_dft(module, 1);
|
||||
|
||||
minus_one.raw_mut()[..module.n() >> 1].fill(-1.0);
|
||||
let (mut acc, scratch1) = scratch.take_vec_znx_slice(extension_factor, module, cols, res.size());
|
||||
let (mut acc_dft, scratch2) = scratch1.take_vec_znx_dft_slice(extension_factor, module, cols, rows);
|
||||
let (mut vmp_res, scratch3) = scratch2.take_vec_znx_dft_slice(extension_factor, module, cols, brk.size());
|
||||
let (mut acc_add_dft, scratch4) = scratch3.take_vec_znx_dft_slice(extension_factor, module, cols, brk.size());
|
||||
let (mut vmp_xai, scratch5) = scratch4.take_vec_znx_dft(module, 1, brk.size());
|
||||
|
||||
(0..extension_factor).for_each(|i| {
|
||||
acc[i].zero();
|
||||
});
|
||||
|
||||
let x_pow_a: &Vec<ScalarZnxDft<Vec<u8>, FFT64>>;
|
||||
let x_pow_a: &Vec<SvpPPol<Vec<u8>, B>>;
|
||||
if let Some(b) = &brk.x_pow_a {
|
||||
x_pow_a = b
|
||||
} else {
|
||||
@@ -149,9 +183,9 @@ pub(crate) fn cggi_blind_rotate_block_binary_extended<DataRes, DataIn, DataBrk>(
|
||||
.for_each(|(ai, ski)| {
|
||||
(0..extension_factor).for_each(|i| {
|
||||
(0..cols).for_each(|j| {
|
||||
module.vec_znx_dft(1, 0, &mut acc_dft[i], j, &acc[i], j);
|
||||
module.vec_znx_dft_from_vec_znx(1, 0, &mut acc_dft[i], j, &acc[i], j);
|
||||
});
|
||||
acc_add_dft[i].zero();
|
||||
module.vec_znx_dft_zero(&mut acc_add_dft[i])
|
||||
});
|
||||
|
||||
// TODO: first & last iterations can be optimized
|
||||
@@ -162,19 +196,19 @@ pub(crate) fn cggi_blind_rotate_block_binary_extended<DataRes, DataIn, DataBrk>(
|
||||
|
||||
// vmp_res = DFT(acc) * BRK[i]
|
||||
(0..extension_factor).for_each(|i| {
|
||||
module.vmp_apply(&mut vmp_res[i], &acc_dft[i], &skii.data, scratch6);
|
||||
module.vmp_apply(&mut vmp_res[i], &acc_dft[i], &skii.data, scratch5);
|
||||
});
|
||||
|
||||
// Trivial case: no rotation between polynomials, we can directly multiply with (X^{-ai} - 1)
|
||||
if ai_lo == 0 {
|
||||
// Sets acc_add_dft[i] = (acc[i] * sk) * (X^{-ai} - 1)
|
||||
// Sets acc_add_dft[i] = (acc[i] * sk) * X^{-ai} - (acc[i] * sk)
|
||||
if ai_hi != 0 {
|
||||
// DFT X^{-ai}
|
||||
module.vec_znx_dft_add(&mut xai_plus_y_dft, 0, &x_pow_a[ai_hi], 0, &minus_one, 0);
|
||||
(0..extension_factor).for_each(|j| {
|
||||
(0..cols).for_each(|i| {
|
||||
module.svp_apply_inplace(&mut vmp_res[j], i, &xai_plus_y_dft, 0);
|
||||
module.vec_znx_dft_add_inplace(&mut acc_add_dft[j], i, &vmp_res[j], i);
|
||||
module.svp_apply(&mut vmp_xai, 0, &x_pow_a[ai_hi], 0, &vmp_res[j], i);
|
||||
module.vec_znx_dft_add_inplace(&mut acc_add_dft[j], i, &vmp_xai, 0);
|
||||
module.vec_znx_dft_sub_ab_inplace(&mut acc_add_dft[j], i, &vmp_res[j], i);
|
||||
});
|
||||
});
|
||||
}
|
||||
@@ -184,32 +218,13 @@ pub(crate) fn cggi_blind_rotate_block_binary_extended<DataRes, DataIn, DataBrk>(
|
||||
// ring homomorphism R^{N} -> prod R^{N/extension_factor}, so we split the
|
||||
// computation in two steps: acc_add_dft = (acc * sk) * (-1) + (acc * sk) * X^{-ai}
|
||||
} else {
|
||||
// Sets acc_add_dft[i] = acc[i] * sk
|
||||
|
||||
// Sets acc_add_dft[0..ai_lo] -= acc[..ai_lo] * sk
|
||||
if (ai_hi + 1) & (two_n - 1) != 0 {
|
||||
for i in 0..ai_lo {
|
||||
(0..cols).for_each(|k| {
|
||||
module.vec_znx_dft_sub_ab_inplace(&mut acc_add_dft[i], k, &vmp_res[i], k);
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
// Sets acc_add_dft[ai_lo..extension_factor] -= acc[ai_lo..extension_factor] * sk
|
||||
if ai_hi != 0 {
|
||||
for i in ai_lo..extension_factor {
|
||||
(0..cols).for_each(|k: usize| {
|
||||
module.vec_znx_dft_sub_ab_inplace(&mut acc_add_dft[i], k, &vmp_res[i], k);
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
// Sets acc_add_dft[0..ai_lo] += (acc[extension_factor - ai_lo..extension_factor] * sk) * X^{-ai+1}
|
||||
if (ai_hi + 1) & (two_n - 1) != 0 {
|
||||
for (i, j) in (0..ai_lo).zip(extension_factor - ai_lo..extension_factor) {
|
||||
(0..cols).for_each(|k| {
|
||||
module.svp_apply_inplace(&mut vmp_res[j], k, &x_pow_a[ai_hi + 1], 0);
|
||||
module.vec_znx_dft_add_inplace(&mut acc_add_dft[i], k, &vmp_res[j], k);
|
||||
module.svp_apply(&mut vmp_xai, 0, &x_pow_a[ai_hi + 1], 0, &vmp_res[j], k);
|
||||
module.vec_znx_dft_add_inplace(&mut acc_add_dft[i], k, &vmp_xai, 0);
|
||||
module.vec_znx_dft_sub_ab_inplace(&mut acc_add_dft[i], k, &vmp_res[i], k);
|
||||
});
|
||||
}
|
||||
}
|
||||
@@ -219,8 +234,9 @@ pub(crate) fn cggi_blind_rotate_block_binary_extended<DataRes, DataIn, DataBrk>(
|
||||
// Sets acc_add_dft[ai_lo..extension_factor] += (acc[0..extension_factor - ai_lo] * sk) * X^{-ai}
|
||||
for (i, j) in (ai_lo..extension_factor).zip(0..extension_factor - ai_lo) {
|
||||
(0..cols).for_each(|k| {
|
||||
module.svp_apply_inplace(&mut vmp_res[j], k, &x_pow_a[ai_hi], 0);
|
||||
module.vec_znx_dft_add_inplace(&mut acc_add_dft[i], k, &vmp_res[j], k);
|
||||
module.svp_apply(&mut vmp_xai, 0, &x_pow_a[ai_hi], 0, &vmp_res[j], k);
|
||||
module.vec_znx_dft_add_inplace(&mut acc_add_dft[i], k, &vmp_xai, 0);
|
||||
module.vec_znx_dft_sub_ab_inplace(&mut acc_add_dft[i], k, &vmp_res[i], k);
|
||||
});
|
||||
}
|
||||
}
|
||||
@@ -228,11 +244,11 @@ pub(crate) fn cggi_blind_rotate_block_binary_extended<DataRes, DataIn, DataBrk>(
|
||||
});
|
||||
|
||||
{
|
||||
let (mut acc_add_big, scratch7) = scratch6.tmp_vec_znx_big(module, 1, brk.size());
|
||||
let (mut acc_add_big, scratch7) = scratch5.take_vec_znx_big(module, 1, brk.size());
|
||||
|
||||
(0..extension_factor).for_each(|j| {
|
||||
(0..cols).for_each(|i| {
|
||||
module.vec_znx_idft(&mut acc_add_big, 0, &acc_add_dft[j], i, scratch7);
|
||||
module.vec_znx_dft_to_vec_znx_big(&mut acc_add_big, 0, &acc_add_dft[j], i, scratch7);
|
||||
module.vec_znx_big_add_small_inplace(&mut acc_add_big, 0, &acc[j], i);
|
||||
module.vec_znx_big_normalize(basek, &mut acc[j], i, &acc_add_big, 0, scratch7);
|
||||
});
|
||||
@@ -245,17 +261,19 @@ pub(crate) fn cggi_blind_rotate_block_binary_extended<DataRes, DataIn, DataBrk>(
|
||||
});
|
||||
}
|
||||
|
||||
pub(crate) fn cggi_blind_rotate_block_binary<DataRes, DataIn, DataBrk>(
|
||||
module: &Module<FFT64>,
|
||||
pub(crate) fn cggi_blind_rotate_block_binary<DataRes, DataIn, DataBrk, B: Backend>(
|
||||
module: &Module<B>,
|
||||
res: &mut GLWECiphertext<DataRes>,
|
||||
lwe: &LWECiphertext<DataIn>,
|
||||
lut: &LookUpTable,
|
||||
brk: &BlindRotationKeyCGGI<DataBrk, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
brk: &BlindRotationKeyCGGIExec<DataBrk, B>,
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
DataRes: AsRef<[u8]> + AsMut<[u8]>,
|
||||
DataIn: AsRef<[u8]>,
|
||||
DataBrk: AsRef<[u8]>,
|
||||
DataRes: DataMut,
|
||||
DataIn: DataRef,
|
||||
DataBrk: DataRef,
|
||||
Module<B>: CCGIBlindRotationFamily<B>,
|
||||
Scratch<B>: TakeVecZnxDft<B> + TakeVecZnxBig<B>,
|
||||
{
|
||||
let mut lwe_2n: Vec<i64> = vec![0i64; lwe.n() + 1]; // TODO: from scratch space
|
||||
let mut out_mut: GLWECiphertext<&mut [u8]> = res.to_mut();
|
||||
@@ -280,15 +298,12 @@ pub(crate) fn cggi_blind_rotate_block_binary<DataRes, DataIn, DataBrk>(
|
||||
|
||||
// ACC + [sum DFT(X^ai -1) * (DFT(ACC) x BRKi)]
|
||||
|
||||
let (mut acc_dft, scratch1) = scratch.tmp_vec_znx_dft(module, cols, rows);
|
||||
let (mut vmp_res, scratch2) = scratch1.tmp_vec_znx_dft(module, cols, brk.size());
|
||||
let (mut acc_add_dft, scratch3) = scratch2.tmp_vec_znx_dft(module, cols, brk.size());
|
||||
let (mut minus_one, scratch4) = scratch3.tmp_scalar_znx_dft(module, 1);
|
||||
let (mut xai_plus_y_dft, scratch5) = scratch4.tmp_scalar_znx_dft(module, 1);
|
||||
let (mut acc_dft, scratch1) = scratch.take_vec_znx_dft(module, cols, rows);
|
||||
let (mut vmp_res, scratch2) = scratch1.take_vec_znx_dft(module, cols, brk.size());
|
||||
let (mut acc_add_dft, scratch3) = scratch2.take_vec_znx_dft(module, cols, brk.size());
|
||||
let (mut vmp_xai, scratch4) = scratch3.take_vec_znx_dft(module, 1, brk.size());
|
||||
|
||||
minus_one.raw_mut()[..module.n() >> 1].fill(-1.0);
|
||||
|
||||
let x_pow_a: &Vec<ScalarZnxDft<Vec<u8>, FFT64>>;
|
||||
let x_pow_a: &Vec<SvpPPol<Vec<u8>, B>>;
|
||||
if let Some(b) = &brk.x_pow_a {
|
||||
x_pow_a = b
|
||||
} else {
|
||||
@@ -301,50 +316,50 @@ pub(crate) fn cggi_blind_rotate_block_binary<DataRes, DataIn, DataBrk>(
|
||||
)
|
||||
.for_each(|(ai, ski)| {
|
||||
(0..cols).for_each(|j| {
|
||||
module.vec_znx_dft(1, 0, &mut acc_dft, j, &out_mut.data, j);
|
||||
module.vec_znx_dft_from_vec_znx(1, 0, &mut acc_dft, j, &out_mut.data, j);
|
||||
});
|
||||
|
||||
acc_add_dft.zero();
|
||||
module.vec_znx_dft_zero(&mut acc_add_dft);
|
||||
|
||||
izip!(ai.iter(), ski.iter()).for_each(|(aii, skii)| {
|
||||
let ai_pos: usize = ((aii + two_n as i64) & (two_n - 1) as i64) as usize;
|
||||
|
||||
// vmp_res = DFT(acc) * BRK[i]
|
||||
module.vmp_apply(&mut vmp_res, &acc_dft, &skii.data, scratch5);
|
||||
|
||||
// DFT(X^ai -1)
|
||||
module.vec_znx_dft_add(&mut xai_plus_y_dft, 0, &x_pow_a[ai_pos], 0, &minus_one, 0);
|
||||
module.vmp_apply(&mut vmp_res, &acc_dft, &skii.data, scratch4);
|
||||
|
||||
// DFT(X^ai -1) * (DFT(acc) * BRK[i])
|
||||
(0..cols).for_each(|i| {
|
||||
module.svp_apply_inplace(&mut vmp_res, i, &xai_plus_y_dft, 0);
|
||||
module.vec_znx_dft_add_inplace(&mut acc_add_dft, i, &vmp_res, i);
|
||||
module.svp_apply(&mut vmp_xai, 0, &x_pow_a[ai_pos], 0, &vmp_res, i);
|
||||
module.vec_znx_dft_add_inplace(&mut acc_add_dft, i, &vmp_xai, 0);
|
||||
module.vec_znx_dft_sub_ab_inplace(&mut acc_add_dft, i, &vmp_res, i);
|
||||
});
|
||||
});
|
||||
|
||||
{
|
||||
let (mut acc_add_big, scratch6) = scratch5.tmp_vec_znx_big(module, 1, brk.size());
|
||||
let (mut acc_add_big, scratch5) = scratch4.take_vec_znx_big(module, 1, brk.size());
|
||||
|
||||
(0..cols).for_each(|i| {
|
||||
module.vec_znx_idft(&mut acc_add_big, 0, &acc_add_dft, i, scratch6);
|
||||
module.vec_znx_dft_to_vec_znx_big(&mut acc_add_big, 0, &acc_add_dft, i, scratch5);
|
||||
module.vec_znx_big_add_small_inplace(&mut acc_add_big, 0, &out_mut.data, i);
|
||||
module.vec_znx_big_normalize(basek, &mut out_mut.data, i, &acc_add_big, 0, scratch6);
|
||||
module.vec_znx_big_normalize(basek, &mut out_mut.data, i, &acc_add_big, 0, scratch5);
|
||||
});
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
pub(crate) fn cggi_blind_rotate_binary_standard<DataRes, DataIn, DataBrk>(
|
||||
module: &Module<FFT64>,
|
||||
pub(crate) fn cggi_blind_rotate_binary_standard<DataRes, DataIn, DataBrk, B: Backend>(
|
||||
module: &Module<B>,
|
||||
res: &mut GLWECiphertext<DataRes>,
|
||||
lwe: &LWECiphertext<DataIn>,
|
||||
lut: &LookUpTable,
|
||||
brk: &BlindRotationKeyCGGI<DataBrk, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
brk: &BlindRotationKeyCGGIExec<DataBrk, B>,
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
DataRes: AsRef<[u8]> + AsMut<[u8]>,
|
||||
DataIn: AsRef<[u8]>,
|
||||
DataBrk: AsRef<[u8]>,
|
||||
DataRes: DataMut,
|
||||
DataIn: DataRef,
|
||||
DataBrk: DataRef,
|
||||
Module<B>: CCGIBlindRotationFamily<B>,
|
||||
Scratch<B>: TakeVecZnxDft<B> + TakeVecZnxBig<B> + TakeVecZnx<B> + ScratchAvailable,
|
||||
{
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
@@ -401,28 +416,24 @@ pub(crate) fn cggi_blind_rotate_binary_standard<DataRes, DataIn, DataBrk>(
|
||||
module.vec_znx_rotate(b, &mut out_mut.data, 0, &lut.data[0], 0);
|
||||
|
||||
// ACC + [sum DFT(X^ai -1) * (DFT(ACC) x BRKi)]
|
||||
let (mut acc_tmp, scratch1) = scratch.tmp_glwe_ct(module, basek, out_mut.k(), out_mut.rank());
|
||||
let (mut acc_tmp_rot, scratch2) = scratch1.tmp_glwe_ct(module, basek, out_mut.k(), out_mut.rank());
|
||||
let (mut acc_tmp, scratch1) = scratch.take_glwe_ct(module, basek, out_mut.k(), out_mut.rank());
|
||||
|
||||
// TODO: see if faster by skipping normalization in external product and keeping acc in big coeffs
|
||||
// TODO: first iteration can be optimized to be a gglwe product
|
||||
izip!(a.iter(), brk.data.iter()).for_each(|(ai, ski)| {
|
||||
// acc_tmp = sk[i] * acc
|
||||
acc_tmp.external_product(module, &out_mut, ski, scratch2);
|
||||
acc_tmp.external_product(module, &out_mut, ski, scratch1);
|
||||
|
||||
// acc_tmp = (sk[i] * acc) * X^{ai}
|
||||
acc_tmp_rot.rotate(module, *ai, &acc_tmp);
|
||||
// acc_tmp = (sk[i] * acc) * (X^{ai} - 1)
|
||||
acc_tmp.mul_xp_minus_one_inplace(module, *ai);
|
||||
|
||||
// acc = acc + (sk[i] * acc) * X^{ai}
|
||||
out_mut.add_inplace(module, &acc_tmp_rot);
|
||||
|
||||
// acc = acc + (sk[i] * acc) * X^{ai} - (sk[i] * acc) = acc + (sk[i] * acc) * (X^{ai} - 1)
|
||||
out_mut.sub_inplace_ab(module, &acc_tmp);
|
||||
// acc = acc + (sk[i] * acc) * (X^{ai} - 1)
|
||||
out_mut.add_inplace(module, &acc_tmp);
|
||||
});
|
||||
|
||||
// We can normalize only at the end because we add normalized values in [-2^{basek-1}, 2^{basek-1}]
|
||||
// on top of each others, thus ~ 2^{63-basek} additions are supported before overflow.
|
||||
out_mut.normalize_inplace(module, scratch2);
|
||||
out_mut.normalize_inplace(module, scratch1);
|
||||
}
|
||||
|
||||
pub(crate) fn negate_and_mod_switch_2n(n: usize, res: &mut [i64], lwe: &LWECiphertext<&[u8]>) {
|
||||
|
||||
@@ -1,39 +1,185 @@
|
||||
use backend::{
|
||||
Backend, FFT64, Module, ScalarZnx, ScalarZnxAlloc, ScalarZnxDft, ScalarZnxDftAlloc, ScalarZnxDftOps, ScalarZnxToRef, Scratch,
|
||||
ZnxView, ZnxViewMut,
|
||||
use backend::hal::{
|
||||
api::{
|
||||
MatZnxAlloc, ScalarZnxAlloc, ScratchAvailable, SvpPPolAlloc, SvpPrepare, TakeVecZnx, TakeVecZnxDft,
|
||||
VecZnxAddScalarInplace, VecZnxAllocBytes, ZnxView, ZnxViewMut,
|
||||
},
|
||||
layouts::{Backend, Data, DataMut, DataRef, Module, ReaderFrom, ScalarZnx, ScalarZnxToRef, Scratch, SvpPPol, WriterTo},
|
||||
};
|
||||
use sampling::source::Source;
|
||||
|
||||
use crate::{Distribution, FourierGLWESecret, GGSWCiphertext, Infos, LWESecret};
|
||||
use crate::{
|
||||
Distribution, GGSWCiphertext, GGSWCiphertextExec, GGSWEncryptSkFamily, GGSWLayoutFamily, GLWESecretExec, Infos, LWESecret,
|
||||
};
|
||||
|
||||
pub struct BlindRotationKeyCGGI<D, B: Backend> {
|
||||
pub(crate) data: Vec<GGSWCiphertext<D, B>>,
|
||||
pub struct BlindRotationKeyCGGI<D: Data> {
|
||||
pub(crate) keys: Vec<GGSWCiphertext<D>>,
|
||||
pub(crate) dist: Distribution,
|
||||
pub(crate) x_pow_a: Option<Vec<ScalarZnxDft<Vec<u8>, B>>>,
|
||||
}
|
||||
|
||||
// pub struct BlindRotationKeyFHEW<B: Backend> {
|
||||
// pub(crate) data: Vec<GGSWCiphertext<Vec<u8>, B>>,
|
||||
// pub(crate) auto: Vec<GLWEAutomorphismKey<Vec<u8>, B>>,
|
||||
//}
|
||||
impl<D: Data> PartialEq for BlindRotationKeyCGGI<D> {
|
||||
fn eq(&self, other: &Self) -> bool {
|
||||
if self.keys.len() != other.keys.len() {
|
||||
return false;
|
||||
}
|
||||
for (a, b) in self.keys.iter().zip(other.keys.iter()) {
|
||||
if a != b {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
self.dist == other.dist
|
||||
}
|
||||
}
|
||||
|
||||
impl BlindRotationKeyCGGI<Vec<u8>, FFT64> {
|
||||
pub fn allocate(module: &Module<FFT64>, n_lwe: usize, basek: usize, k: usize, rows: usize, rank: usize) -> Self {
|
||||
let mut data: Vec<GGSWCiphertext<Vec<u8>, FFT64>> = Vec::with_capacity(n_lwe);
|
||||
impl<D: Data> Eq for BlindRotationKeyCGGI<D> {}
|
||||
|
||||
use byteorder::{LittleEndian, ReadBytesExt, WriteBytesExt};
|
||||
|
||||
impl<D: DataMut> ReaderFrom for BlindRotationKeyCGGI<D> {
|
||||
fn read_from<R: std::io::Read>(&mut self, reader: &mut R) -> std::io::Result<()> {
|
||||
match Distribution::read_from(reader) {
|
||||
Ok(dist) => self.dist = dist,
|
||||
Err(e) => return Err(e),
|
||||
}
|
||||
let len: usize = reader.read_u64::<LittleEndian>()? as usize;
|
||||
if self.keys.len() != len {
|
||||
return Err(std::io::Error::new(
|
||||
std::io::ErrorKind::InvalidData,
|
||||
format!("self.keys.len()={} != read len={}", self.keys.len(), len),
|
||||
));
|
||||
}
|
||||
for key in &mut self.keys {
|
||||
key.read_from(reader)?;
|
||||
}
|
||||
Ok(())
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: DataRef> WriterTo for BlindRotationKeyCGGI<D> {
|
||||
fn write_to<W: std::io::Write>(&self, writer: &mut W) -> std::io::Result<()> {
|
||||
match self.dist.write_to(writer) {
|
||||
Ok(()) => {}
|
||||
Err(e) => return Err(e),
|
||||
}
|
||||
writer.write_u64::<LittleEndian>(self.keys.len() as u64)?;
|
||||
for key in &self.keys {
|
||||
key.write_to(writer)?;
|
||||
}
|
||||
Ok(())
|
||||
}
|
||||
}
|
||||
|
||||
impl BlindRotationKeyCGGI<Vec<u8>> {
|
||||
pub fn alloc<B: Backend>(module: &Module<B>, n_lwe: usize, basek: usize, k: usize, rows: usize, rank: usize) -> Self
|
||||
where
|
||||
Module<B>: MatZnxAlloc,
|
||||
{
|
||||
let mut data: Vec<GGSWCiphertext<Vec<u8>>> = Vec::with_capacity(n_lwe);
|
||||
(0..n_lwe).for_each(|_| data.push(GGSWCiphertext::alloc(module, basek, k, rows, 1, rank)));
|
||||
Self {
|
||||
data,
|
||||
keys: data,
|
||||
dist: Distribution::NONE,
|
||||
x_pow_a: None::<Vec<ScalarZnxDft<Vec<u8>, FFT64>>>,
|
||||
}
|
||||
}
|
||||
|
||||
pub fn generate_from_sk_scratch_space(module: &Module<FFT64>, basek: usize, k: usize, rank: usize) -> usize {
|
||||
pub fn generate_from_sk_scratch_space<B: Backend>(module: &Module<B>, basek: usize, k: usize, rank: usize) -> usize
|
||||
where
|
||||
Module<B>: GGSWEncryptSkFamily<B> + VecZnxAllocBytes,
|
||||
{
|
||||
GGSWCiphertext::encrypt_sk_scratch_space(module, basek, k, rank)
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: AsRef<[u8]>> BlindRotationKeyCGGI<D, FFT64> {
|
||||
impl<D: DataRef> BlindRotationKeyCGGI<D> {
|
||||
#[allow(dead_code)]
|
||||
pub(crate) fn n(&self) -> usize {
|
||||
self.keys[0].n()
|
||||
}
|
||||
|
||||
#[allow(dead_code)]
|
||||
pub(crate) fn rows(&self) -> usize {
|
||||
self.keys[0].rows()
|
||||
}
|
||||
|
||||
#[allow(dead_code)]
|
||||
pub(crate) fn k(&self) -> usize {
|
||||
self.keys[0].k()
|
||||
}
|
||||
|
||||
#[allow(dead_code)]
|
||||
pub(crate) fn size(&self) -> usize {
|
||||
self.keys[0].size()
|
||||
}
|
||||
|
||||
#[allow(dead_code)]
|
||||
pub(crate) fn rank(&self) -> usize {
|
||||
self.keys[0].rank()
|
||||
}
|
||||
|
||||
pub(crate) fn basek(&self) -> usize {
|
||||
self.keys[0].basek()
|
||||
}
|
||||
|
||||
#[allow(dead_code)]
|
||||
pub(crate) fn block_size(&self) -> usize {
|
||||
match self.dist {
|
||||
Distribution::BinaryBlock(value) => value,
|
||||
_ => 1,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: DataMut> BlindRotationKeyCGGI<D> {
|
||||
pub fn generate_from_sk<DataSkGLWE, DataSkLWE, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<B>,
|
||||
sk_glwe: &GLWESecretExec<DataSkGLWE, B>,
|
||||
sk_lwe: &LWESecret<DataSkLWE>,
|
||||
source_xa: &mut Source,
|
||||
source_xe: &mut Source,
|
||||
sigma: f64,
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
DataSkGLWE: DataRef,
|
||||
DataSkLWE: DataRef,
|
||||
Module<B>: GGSWEncryptSkFamily<B> + ScalarZnxAlloc + VecZnxAddScalarInplace,
|
||||
Scratch<B>: TakeVecZnxDft<B> + ScratchAvailable + TakeVecZnx<B>,
|
||||
{
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
assert_eq!(self.keys.len(), sk_lwe.n());
|
||||
assert_eq!(sk_glwe.n(), module.n());
|
||||
assert_eq!(sk_glwe.rank(), self.keys[0].rank());
|
||||
match sk_lwe.dist {
|
||||
Distribution::BinaryBlock(_)
|
||||
| Distribution::BinaryFixed(_)
|
||||
| Distribution::BinaryProb(_)
|
||||
| Distribution::ZERO => {}
|
||||
_ => panic!(
|
||||
"invalid GLWESecret distribution: must be BinaryBlock, BinaryFixed or BinaryProb (or ZERO for debugging)"
|
||||
),
|
||||
}
|
||||
}
|
||||
|
||||
self.dist = sk_lwe.dist;
|
||||
|
||||
let mut pt: ScalarZnx<Vec<u8>> = module.scalar_znx_alloc(1);
|
||||
let sk_ref: ScalarZnx<&[u8]> = sk_lwe.data.to_ref();
|
||||
|
||||
self.keys.iter_mut().enumerate().for_each(|(i, ggsw)| {
|
||||
pt.at_mut(0, 0)[0] = sk_ref.at(0, 0)[i];
|
||||
ggsw.encrypt_sk(module, &pt, sk_glwe, source_xa, source_xe, sigma, scratch);
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(PartialEq, Eq)]
|
||||
pub struct BlindRotationKeyCGGIExec<D: Data, B: Backend> {
|
||||
pub(crate) data: Vec<GGSWCiphertextExec<D, B>>,
|
||||
pub(crate) dist: Distribution,
|
||||
pub(crate) x_pow_a: Option<Vec<SvpPPol<Vec<u8>, B>>>,
|
||||
}
|
||||
|
||||
impl<D: Data, B: Backend> BlindRotationKeyCGGIExec<D, B> {
|
||||
#[allow(dead_code)]
|
||||
pub(crate) fn n(&self) -> usize {
|
||||
self.data[0].n()
|
||||
@@ -71,52 +217,66 @@ impl<D: AsRef<[u8]>> BlindRotationKeyCGGI<D, FFT64> {
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: AsRef<[u8]> + AsMut<[u8]>> BlindRotationKeyCGGI<D, FFT64> {
|
||||
pub fn generate_from_sk<DataSkGLWE, DataSkLWE>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
sk_glwe: &FourierGLWESecret<DataSkGLWE, FFT64>,
|
||||
sk_lwe: &LWESecret<DataSkLWE>,
|
||||
source_xa: &mut Source,
|
||||
source_xe: &mut Source,
|
||||
sigma: f64,
|
||||
scratch: &mut Scratch,
|
||||
) where
|
||||
DataSkGLWE: AsRef<[u8]>,
|
||||
DataSkLWE: AsRef<[u8]>,
|
||||
pub trait BlindRotationKeyCGGIExecLayoutFamily<B: Backend> = GGSWLayoutFamily<B> + SvpPPolAlloc<B> + SvpPrepare<B>;
|
||||
|
||||
impl<B: Backend> BlindRotationKeyCGGIExec<Vec<u8>, B> {
|
||||
pub fn alloc(module: &Module<B>, n_lwe: usize, basek: usize, k: usize, rows: usize, rank: usize) -> Self
|
||||
where
|
||||
Module<B>: BlindRotationKeyCGGIExecLayoutFamily<B>,
|
||||
{
|
||||
let mut data: Vec<GGSWCiphertextExec<Vec<u8>, B>> = Vec::with_capacity(n_lwe);
|
||||
(0..n_lwe).for_each(|_| data.push(GGSWCiphertextExec::alloc(module, basek, k, rows, 1, rank)));
|
||||
Self {
|
||||
data,
|
||||
dist: Distribution::NONE,
|
||||
x_pow_a: None,
|
||||
}
|
||||
}
|
||||
|
||||
pub fn from<DataOther>(module: &Module<B>, other: &BlindRotationKeyCGGI<DataOther>, scratch: &mut Scratch<B>) -> Self
|
||||
where
|
||||
DataOther: DataRef,
|
||||
Module<B>: BlindRotationKeyCGGIExecLayoutFamily<B> + ScalarZnxAlloc,
|
||||
{
|
||||
let mut brk: BlindRotationKeyCGGIExec<Vec<u8>, B> = Self::alloc(
|
||||
module,
|
||||
other.keys.len(),
|
||||
other.basek(),
|
||||
other.k(),
|
||||
other.rows(),
|
||||
other.rank(),
|
||||
);
|
||||
brk.prepare(module, other, scratch);
|
||||
brk
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: DataMut, B: Backend> BlindRotationKeyCGGIExec<D, B> {
|
||||
pub fn prepare<DataOther>(&mut self, module: &Module<B>, other: &BlindRotationKeyCGGI<DataOther>, scratch: &mut Scratch<B>)
|
||||
where
|
||||
DataOther: DataRef,
|
||||
Module<B>: BlindRotationKeyCGGIExecLayoutFamily<B> + ScalarZnxAlloc,
|
||||
{
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
assert_eq!(self.data.len(), sk_lwe.n());
|
||||
assert_eq!(sk_glwe.n(), module.n());
|
||||
assert_eq!(sk_glwe.rank(), self.data[0].rank());
|
||||
match sk_lwe.dist {
|
||||
Distribution::BinaryBlock(_)
|
||||
| Distribution::BinaryFixed(_)
|
||||
| Distribution::BinaryProb(_)
|
||||
| Distribution::ZERO => {}
|
||||
_ => panic!(
|
||||
"invalid GLWESecret distribution: must be BinaryBlock, BinaryFixed or BinaryProb (or ZERO for debugging)"
|
||||
),
|
||||
}
|
||||
assert_eq!(self.data.len(), other.keys.len());
|
||||
}
|
||||
|
||||
self.dist = sk_lwe.dist;
|
||||
self.data
|
||||
.iter_mut()
|
||||
.zip(other.keys.iter())
|
||||
.for_each(|(ggsw_exec, other)| {
|
||||
ggsw_exec.prepare(module, other, scratch);
|
||||
});
|
||||
|
||||
let mut pt: ScalarZnx<Vec<u8>> = module.new_scalar_znx(1);
|
||||
let sk_ref: ScalarZnx<&[u8]> = sk_lwe.data.to_ref();
|
||||
self.dist = other.dist;
|
||||
|
||||
self.data.iter_mut().enumerate().for_each(|(i, ggsw)| {
|
||||
pt.at_mut(0, 0)[0] = sk_ref.at(0, 0)[i];
|
||||
ggsw.encrypt_sk(module, &pt, sk_glwe, source_xa, source_xe, sigma, scratch);
|
||||
});
|
||||
|
||||
match sk_lwe.dist {
|
||||
match other.dist {
|
||||
Distribution::BinaryBlock(_) => {
|
||||
let mut x_pow_a: Vec<ScalarZnxDft<Vec<u8>, FFT64>> = Vec::with_capacity(module.n() << 1);
|
||||
let mut buf: ScalarZnx<Vec<u8>> = module.new_scalar_znx(1);
|
||||
let mut x_pow_a: Vec<SvpPPol<Vec<u8>, B>> = Vec::with_capacity(module.n() << 1);
|
||||
let mut buf: ScalarZnx<Vec<u8>> = module.scalar_znx_alloc(1);
|
||||
(0..module.n() << 1).for_each(|i| {
|
||||
let mut res: ScalarZnxDft<Vec<u8>, FFT64> = module.new_scalar_znx_dft(1);
|
||||
let mut res: SvpPPol<Vec<u8>, B> = module.svp_ppol_alloc(1);
|
||||
set_xai_plus_y(module, i, 0, &mut res, &mut buf);
|
||||
x_pow_a.push(res);
|
||||
});
|
||||
@@ -127,10 +287,11 @@ impl<D: AsRef<[u8]> + AsMut<[u8]>> BlindRotationKeyCGGI<D, FFT64> {
|
||||
}
|
||||
}
|
||||
|
||||
pub fn set_xai_plus_y<A, B>(module: &Module<FFT64>, ai: usize, y: i64, res: &mut ScalarZnxDft<A, FFT64>, buf: &mut ScalarZnx<B>)
|
||||
pub fn set_xai_plus_y<A, C, B: Backend>(module: &Module<B>, ai: usize, y: i64, res: &mut SvpPPol<A, B>, buf: &mut ScalarZnx<C>)
|
||||
where
|
||||
A: AsRef<[u8]> + AsMut<[u8]>,
|
||||
B: AsRef<[u8]> + AsMut<[u8]>,
|
||||
A: DataMut,
|
||||
C: DataMut,
|
||||
Module<B>: SvpPrepare<B>,
|
||||
{
|
||||
let n: usize = module.n();
|
||||
|
||||
|
||||
@@ -1,4 +1,11 @@
|
||||
use backend::{FFT64, Module, VecZnx, VecZnxAlloc, VecZnxOps, ZnxInfos, ZnxViewMut, alloc_aligned};
|
||||
use backend::hal::{
|
||||
api::{
|
||||
ScratchOwnedAlloc, ScratchOwnedBorrow, VecZnxAlloc, VecZnxCopy, VecZnxNormalizeInplace, VecZnxNormalizeTmpBytes,
|
||||
VecZnxRotateInplace, VecZnxSwithcDegree, ZnxInfos, ZnxViewMut,
|
||||
},
|
||||
layouts::{Backend, Module, ScratchOwned, VecZnx},
|
||||
oep::{ScratchOwnedAllocImpl, ScratchOwnedBorrowImpl},
|
||||
};
|
||||
|
||||
pub struct LookUpTable {
|
||||
pub(crate) data: Vec<VecZnx<Vec<u8>>>,
|
||||
@@ -7,7 +14,10 @@ pub struct LookUpTable {
|
||||
}
|
||||
|
||||
impl LookUpTable {
|
||||
pub fn alloc(module: &Module<FFT64>, basek: usize, k: usize, extension_factor: usize) -> Self {
|
||||
pub fn alloc<B: Backend>(module: &Module<B>, basek: usize, k: usize, extension_factor: usize) -> Self
|
||||
where
|
||||
Module<B>: VecZnxAlloc,
|
||||
{
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
assert!(
|
||||
@@ -19,7 +29,7 @@ impl LookUpTable {
|
||||
let size: usize = k.div_ceil(basek);
|
||||
let mut data: Vec<VecZnx<Vec<u8>>> = Vec::with_capacity(extension_factor);
|
||||
(0..extension_factor).for_each(|_| {
|
||||
data.push(module.new_vec_znx(1, size));
|
||||
data.push(module.vec_znx_alloc(1, size));
|
||||
});
|
||||
Self { data, basek, k }
|
||||
}
|
||||
@@ -36,7 +46,11 @@ impl LookUpTable {
|
||||
self.data.len() * self.data[0].n()
|
||||
}
|
||||
|
||||
pub fn set(&mut self, module: &Module<FFT64>, f: &Vec<i64>, k: usize) {
|
||||
pub fn set<B: Backend>(&mut self, module: &Module<B>, f: &Vec<i64>, k: usize)
|
||||
where
|
||||
Module<B>: VecZnxRotateInplace + VecZnxNormalizeInplace<B> + VecZnxNormalizeTmpBytes + VecZnxSwithcDegree + VecZnxCopy,
|
||||
B: ScratchOwnedAllocImpl<B> + ScratchOwnedBorrowImpl<B>,
|
||||
{
|
||||
assert!(f.len() <= module.n());
|
||||
|
||||
let basek: usize = self.basek;
|
||||
@@ -74,16 +88,22 @@ impl LookUpTable {
|
||||
// Rotates half the step to the left
|
||||
let half_step: usize = domain_size.div_round(f_len << 1);
|
||||
|
||||
lut_full.rotate(-(half_step as i64));
|
||||
module.vec_znx_rotate_inplace(-(half_step as i64), &mut lut_full, 0);
|
||||
|
||||
let mut tmp_bytes: Vec<u8> = alloc_aligned(lut_full.n() * size_of::<i64>());
|
||||
lut_full.normalize(self.basek, 0, &mut tmp_bytes);
|
||||
let n_large: usize = lut_full.n();
|
||||
|
||||
module.vec_znx_normalize_inplace(
|
||||
self.basek,
|
||||
&mut lut_full,
|
||||
0,
|
||||
ScratchOwned::alloc(module.vec_znx_normalize_tmp_bytes(n_large)).borrow(),
|
||||
);
|
||||
|
||||
if self.extension_factor() > 1 {
|
||||
(0..self.extension_factor()).for_each(|i| {
|
||||
module.switch_degree(&mut self.data[i], 0, &lut_full, 0);
|
||||
module.vec_znx_switch_degree(&mut self.data[i], 0, &lut_full, 0);
|
||||
if i < self.extension_factor() {
|
||||
lut_full.rotate(-1);
|
||||
module.vec_znx_rotate_inplace(-1, &mut lut_full, 0);
|
||||
}
|
||||
});
|
||||
} else {
|
||||
@@ -92,7 +112,10 @@ impl LookUpTable {
|
||||
}
|
||||
|
||||
#[allow(dead_code)]
|
||||
pub(crate) fn rotate(&mut self, k: i64) {
|
||||
pub(crate) fn rotate<B: Backend>(&mut self, module: &Module<B>, k: i64)
|
||||
where
|
||||
Module<B>: VecZnxRotateInplace,
|
||||
{
|
||||
let extension_factor: usize = self.extension_factor();
|
||||
let two_n: usize = 2 * self.data[0].n();
|
||||
let two_n_ext: usize = two_n * extension_factor;
|
||||
@@ -103,11 +126,11 @@ impl LookUpTable {
|
||||
let k_lo: usize = k_pos % extension_factor;
|
||||
|
||||
(0..extension_factor - k_lo).for_each(|i| {
|
||||
self.data[i].rotate(k_hi as i64);
|
||||
module.vec_znx_rotate_inplace(k_hi as i64, &mut self.data[i], 0);
|
||||
});
|
||||
|
||||
(extension_factor - k_lo..extension_factor).for_each(|i| {
|
||||
self.data[i].rotate(k_hi as i64 + 1);
|
||||
module.vec_znx_rotate_inplace(k_hi as i64 + 1, &mut self.data[i], 0);
|
||||
});
|
||||
|
||||
self.data.rotate_right(k_lo as usize);
|
||||
|
||||
@@ -2,9 +2,9 @@ pub mod cggi;
|
||||
pub mod key;
|
||||
pub mod lut;
|
||||
|
||||
pub use cggi::{cggi_blind_rotate, cggi_blind_rotate_scratch_space};
|
||||
pub use key::BlindRotationKeyCGGI;
|
||||
pub use cggi::{CCGIBlindRotationFamily, cggi_blind_rotate, cggi_blind_rotate_scratch_space};
|
||||
pub use key::{BlindRotationKeyCGGI, BlindRotationKeyCGGIExec, BlindRotationKeyCGGIExecLayoutFamily};
|
||||
pub use lut::LookUpTable;
|
||||
|
||||
#[cfg(test)]
|
||||
pub mod test_fft64;
|
||||
mod test;
|
||||
|
||||
179
core/src/blind_rotation/test/cggi.rs
Normal file
179
core/src/blind_rotation/test/cggi.rs
Normal file
@@ -0,0 +1,179 @@
|
||||
use backend::{
|
||||
hal::{
|
||||
api::{
|
||||
MatZnxAlloc, ModuleNew, ScalarZnxAlloc, ScratchOwnedAlloc, ScratchOwnedBorrow, VecZnxAddNormal,
|
||||
VecZnxAddScalarInplace, VecZnxAlloc, VecZnxAllocBytes, VecZnxEncodeCoeffsi64, VecZnxFillUniform, VecZnxRotateInplace,
|
||||
VecZnxSwithcDegree, ZnxView,
|
||||
},
|
||||
layouts::{Backend, Module, ScratchOwned},
|
||||
oep::{
|
||||
ScratchAvailableImpl, ScratchOwnedAllocImpl, ScratchOwnedBorrowImpl, TakeVecZnxBigImpl, TakeVecZnxDftImpl,
|
||||
TakeVecZnxDftSliceImpl, TakeVecZnxImpl, TakeVecZnxSliceImpl, VecZnxBigAllocBytesImpl, VecZnxDftAllocBytesImpl,
|
||||
},
|
||||
},
|
||||
implementation::cpu_spqlios::FFT64,
|
||||
};
|
||||
use sampling::source::Source;
|
||||
|
||||
use crate::{
|
||||
BlindRotationKeyCGGIExecLayoutFamily, CCGIBlindRotationFamily, GLWECiphertext, GLWEDecryptFamily, GLWEPlaintext, GLWESecret,
|
||||
GLWESecretExec, GLWESecretFamily, Infos, LWECiphertext, LWESecret,
|
||||
blind_rotation::{
|
||||
cggi::{cggi_blind_rotate, cggi_blind_rotate_scratch_space, negate_and_mod_switch_2n},
|
||||
key::{BlindRotationKeyCGGI, BlindRotationKeyCGGIExec},
|
||||
lut::LookUpTable,
|
||||
},
|
||||
lwe::{LWEPlaintext, ciphertext::LWECiphertextToRef},
|
||||
};
|
||||
|
||||
#[test]
|
||||
fn standard() {
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(512);
|
||||
blind_rotatio_test(&module, 224, 1, 1);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn block_binary() {
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(512);
|
||||
blind_rotatio_test(&module, 224, 7, 1);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn block_binary_extended() {
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(512);
|
||||
blind_rotatio_test(&module, 224, 7, 2);
|
||||
}
|
||||
|
||||
pub(crate) trait CGGITestModuleFamily<B: Backend> = CCGIBlindRotationFamily<B>
|
||||
+ GLWESecretFamily<B>
|
||||
+ GLWEDecryptFamily<B>
|
||||
+ BlindRotationKeyCGGIExecLayoutFamily<B>
|
||||
+ VecZnxAlloc
|
||||
+ ScalarZnxAlloc
|
||||
+ VecZnxFillUniform
|
||||
+ VecZnxAddNormal
|
||||
+ VecZnxAllocBytes
|
||||
+ VecZnxAddScalarInplace
|
||||
+ VecZnxEncodeCoeffsi64
|
||||
+ VecZnxRotateInplace
|
||||
+ VecZnxSwithcDegree
|
||||
+ MatZnxAlloc;
|
||||
pub(crate) trait CGGITestScratchFamily<B: Backend> = VecZnxDftAllocBytesImpl<B>
|
||||
+ VecZnxBigAllocBytesImpl<B>
|
||||
+ ScratchOwnedAllocImpl<B>
|
||||
+ ScratchOwnedBorrowImpl<B>
|
||||
+ TakeVecZnxDftImpl<B>
|
||||
+ TakeVecZnxBigImpl<B>
|
||||
+ TakeVecZnxDftSliceImpl<B>
|
||||
+ ScratchAvailableImpl<B>
|
||||
+ TakeVecZnxImpl<B>
|
||||
+ TakeVecZnxSliceImpl<B>;
|
||||
|
||||
fn blind_rotatio_test<B: Backend>(module: &Module<B>, n_lwe: usize, block_size: usize, extension_factor: usize)
|
||||
where
|
||||
Module<B>: CGGITestModuleFamily<B>,
|
||||
B: CGGITestScratchFamily<B>,
|
||||
{
|
||||
let basek: usize = 19;
|
||||
|
||||
let k_lwe: usize = 24;
|
||||
let k_brk: usize = 3 * basek;
|
||||
let rows_brk: usize = 2; // Ensures first limb is noise-free.
|
||||
let k_lut: usize = 1 * basek;
|
||||
let k_res: usize = 2 * basek;
|
||||
let rank: usize = 1;
|
||||
|
||||
let message_modulus: usize = 1 << 4;
|
||||
|
||||
let mut source_xs: Source = Source::new([2u8; 32]);
|
||||
let mut source_xe: Source = Source::new([2u8; 32]);
|
||||
let mut source_xa: Source = Source::new([1u8; 32]);
|
||||
|
||||
let mut sk_glwe: GLWESecret<Vec<u8>> = GLWESecret::alloc(module, rank);
|
||||
sk_glwe.fill_ternary_prob(0.5, &mut source_xs);
|
||||
let sk_glwe_dft: GLWESecretExec<Vec<u8>, B> = GLWESecretExec::from(module, &sk_glwe);
|
||||
|
||||
let mut sk_lwe: LWESecret<Vec<u8>> = LWESecret::alloc(n_lwe);
|
||||
sk_lwe.fill_binary_block(block_size, &mut source_xs);
|
||||
|
||||
let mut scratch: ScratchOwned<B> = ScratchOwned::<B>::alloc(BlindRotationKeyCGGI::generate_from_sk_scratch_space(
|
||||
module, basek, k_brk, rank,
|
||||
));
|
||||
|
||||
let mut scratch_br: ScratchOwned<B> = ScratchOwned::<B>::alloc(cggi_blind_rotate_scratch_space(
|
||||
module,
|
||||
block_size,
|
||||
extension_factor,
|
||||
basek,
|
||||
k_res,
|
||||
k_brk,
|
||||
rows_brk,
|
||||
rank,
|
||||
));
|
||||
|
||||
let mut brk: BlindRotationKeyCGGI<Vec<u8>> = BlindRotationKeyCGGI::alloc(module, n_lwe, basek, k_brk, rows_brk, rank);
|
||||
|
||||
brk.generate_from_sk(
|
||||
module,
|
||||
&sk_glwe_dft,
|
||||
&sk_lwe,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
3.2,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
let mut lwe: LWECiphertext<Vec<u8>> = LWECiphertext::alloc(n_lwe, basek, k_lwe);
|
||||
|
||||
let mut pt_lwe: LWEPlaintext<Vec<u8>> = LWEPlaintext::alloc(basek, k_lwe);
|
||||
|
||||
let x: i64 = 2;
|
||||
let bits: usize = 8;
|
||||
|
||||
module.encode_coeff_i64(basek, &mut pt_lwe.data, 0, bits, 0, x, bits);
|
||||
|
||||
lwe.encrypt_sk(
|
||||
module,
|
||||
&pt_lwe,
|
||||
&sk_lwe,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
3.2,
|
||||
);
|
||||
|
||||
let mut f: Vec<i64> = vec![0i64; message_modulus];
|
||||
f.iter_mut()
|
||||
.enumerate()
|
||||
.for_each(|(i, x)| *x = 2 * (i as i64) + 1);
|
||||
|
||||
let mut lut: LookUpTable = LookUpTable::alloc(module, basek, k_lut, extension_factor);
|
||||
lut.set(module, &f, message_modulus);
|
||||
|
||||
let mut res: GLWECiphertext<Vec<u8>> = GLWECiphertext::alloc(module, basek, k_res, rank);
|
||||
|
||||
let brk_exec: BlindRotationKeyCGGIExec<Vec<u8>, B> = BlindRotationKeyCGGIExec::from(module, &brk, scratch_br.borrow());
|
||||
|
||||
cggi_blind_rotate(module, &mut res, &lwe, &lut, &brk_exec, scratch_br.borrow());
|
||||
|
||||
let mut pt_have: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(module, basek, k_res);
|
||||
|
||||
res.decrypt(module, &mut pt_have, &sk_glwe_dft, scratch.borrow());
|
||||
|
||||
let mut lwe_2n: Vec<i64> = vec![0i64; lwe.n() + 1]; // TODO: from scratch space
|
||||
|
||||
negate_and_mod_switch_2n(2 * lut.domain_size(), &mut lwe_2n, &lwe.to_ref());
|
||||
|
||||
let pt_want: i64 = (lwe_2n[0]
|
||||
+ lwe_2n[1..]
|
||||
.iter()
|
||||
.zip(sk_lwe.data.at(0, 0))
|
||||
.map(|(x, y)| x * y)
|
||||
.sum::<i64>())
|
||||
& (2 * lut.domain_size() - 1) as i64;
|
||||
|
||||
lut.rotate(module, pt_want);
|
||||
|
||||
// First limb should be exactly equal (test are parameterized such that the noise does not reach
|
||||
// the first limb)
|
||||
assert_eq!(pt_have.data.at(0, 0), lut.data[0].at(0, 0));
|
||||
}
|
||||
@@ -1,6 +1,12 @@
|
||||
use std::vec;
|
||||
|
||||
use backend::{FFT64, Module, ZnxView};
|
||||
use backend::{
|
||||
hal::{
|
||||
api::{ModuleNew, ZnxView},
|
||||
layouts::Module,
|
||||
},
|
||||
implementation::cpu_spqlios::FFT64,
|
||||
};
|
||||
|
||||
use crate::blind_rotation::lut::{DivRound, LookUpTable};
|
||||
|
||||
@@ -23,7 +29,7 @@ fn standard() {
|
||||
lut.set(&module, &f, log_scale);
|
||||
|
||||
let half_step: i64 = lut.domain_size().div_round(message_modulus << 1) as i64;
|
||||
lut.rotate(half_step);
|
||||
lut.rotate(&module, half_step);
|
||||
|
||||
let step: usize = lut.domain_size().div_round(message_modulus);
|
||||
|
||||
@@ -33,7 +39,7 @@ fn standard() {
|
||||
f[i / step] % message_modulus as i64,
|
||||
lut.data[0].raw()[0] / (1 << (log_scale % basek)) as i64
|
||||
);
|
||||
lut.rotate(-1);
|
||||
lut.rotate(&module, -1);
|
||||
});
|
||||
});
|
||||
}
|
||||
@@ -57,7 +63,7 @@ fn extended() {
|
||||
lut.set(&module, &f, log_scale);
|
||||
|
||||
let half_step: i64 = lut.domain_size().div_round(message_modulus << 1) as i64;
|
||||
lut.rotate(half_step);
|
||||
lut.rotate(&module, half_step);
|
||||
|
||||
let step: usize = lut.domain_size().div_round(message_modulus);
|
||||
|
||||
@@ -67,7 +73,7 @@ fn extended() {
|
||||
f[i / step] % message_modulus as i64,
|
||||
lut.data[0].raw()[0] / (1 << (log_scale % basek)) as i64
|
||||
);
|
||||
lut.rotate(-1);
|
||||
lut.rotate(&module, -1);
|
||||
});
|
||||
});
|
||||
}
|
||||
@@ -1,125 +0,0 @@
|
||||
use backend::{Encoding, FFT64, Module, ScratchOwned, ZnxView};
|
||||
use sampling::source::Source;
|
||||
|
||||
use crate::{
|
||||
FourierGLWESecret, GLWECiphertext, GLWEPlaintext, GLWESecret, Infos, LWECiphertext, LWESecret,
|
||||
blind_rotation::{
|
||||
cggi::{cggi_blind_rotate, cggi_blind_rotate_scratch_space, negate_and_mod_switch_2n},
|
||||
key::BlindRotationKeyCGGI,
|
||||
lut::LookUpTable,
|
||||
},
|
||||
lwe::{LWEPlaintext, ciphertext::LWECiphertextToRef},
|
||||
};
|
||||
|
||||
#[test]
|
||||
fn standard() {
|
||||
blind_rotatio_test(224, 1, 1);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn block_binary() {
|
||||
blind_rotatio_test(224, 7, 1);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn block_binary_extended() {
|
||||
blind_rotatio_test(224, 7, 2);
|
||||
}
|
||||
|
||||
fn blind_rotatio_test(n_lwe: usize, block_size: usize, extension_factor: usize) {
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(512);
|
||||
let basek: usize = 19;
|
||||
|
||||
let k_lwe: usize = 24;
|
||||
let k_brk: usize = 3 * basek;
|
||||
let rows_brk: usize = 2; // Ensures first limb is noise-free.
|
||||
let k_lut: usize = 1 * basek;
|
||||
let k_res: usize = 2 * basek;
|
||||
let rank: usize = 1;
|
||||
|
||||
let message_modulus: usize = 1 << 4;
|
||||
|
||||
let mut source_xs: Source = Source::new([2u8; 32]);
|
||||
let mut source_xe: Source = Source::new([2u8; 32]);
|
||||
let mut source_xa: Source = Source::new([1u8; 32]);
|
||||
|
||||
let mut sk_glwe: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank);
|
||||
sk_glwe.fill_ternary_prob(0.5, &mut source_xs);
|
||||
let sk_glwe_dft: FourierGLWESecret<Vec<u8>, FFT64> = FourierGLWESecret::from(&module, &sk_glwe);
|
||||
|
||||
let mut sk_lwe: LWESecret<Vec<u8>> = LWESecret::alloc(n_lwe);
|
||||
sk_lwe.fill_binary_block(block_size, &mut source_xs);
|
||||
|
||||
let mut scratch: ScratchOwned = ScratchOwned::new(BlindRotationKeyCGGI::generate_from_sk_scratch_space(
|
||||
&module, basek, k_brk, rank,
|
||||
));
|
||||
|
||||
let mut scratch_br: ScratchOwned = ScratchOwned::new(cggi_blind_rotate_scratch_space(
|
||||
&module,
|
||||
block_size,
|
||||
extension_factor,
|
||||
basek,
|
||||
k_res,
|
||||
k_brk,
|
||||
rows_brk,
|
||||
rank,
|
||||
));
|
||||
|
||||
let mut brk: BlindRotationKeyCGGI<Vec<u8>, FFT64> =
|
||||
BlindRotationKeyCGGI::allocate(&module, n_lwe, basek, k_brk, rows_brk, rank);
|
||||
|
||||
brk.generate_from_sk(
|
||||
&module,
|
||||
&sk_glwe_dft,
|
||||
&sk_lwe,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
3.2,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
let mut lwe: LWECiphertext<Vec<u8>> = LWECiphertext::alloc(n_lwe, basek, k_lwe);
|
||||
|
||||
let mut pt_lwe: LWEPlaintext<Vec<u8>> = LWEPlaintext::alloc(basek, k_lwe);
|
||||
|
||||
let x: i64 = 2;
|
||||
let bits: usize = 8;
|
||||
|
||||
pt_lwe.data.encode_coeff_i64(0, basek, bits, 0, x, bits);
|
||||
|
||||
lwe.encrypt_sk(&pt_lwe, &sk_lwe, &mut source_xa, &mut source_xe, 3.2);
|
||||
|
||||
let mut f: Vec<i64> = vec![0i64; message_modulus];
|
||||
f.iter_mut()
|
||||
.enumerate()
|
||||
.for_each(|(i, x)| *x = 2 * (i as i64) + 1);
|
||||
|
||||
let mut lut: LookUpTable = LookUpTable::alloc(&module, basek, k_lut, extension_factor);
|
||||
lut.set(&module, &f, message_modulus);
|
||||
|
||||
let mut res: GLWECiphertext<Vec<u8>> = GLWECiphertext::alloc(&module, basek, k_res, rank);
|
||||
|
||||
cggi_blind_rotate(&module, &mut res, &lwe, &lut, &brk, scratch_br.borrow());
|
||||
|
||||
let mut pt_have: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k_res);
|
||||
|
||||
res.decrypt(&module, &mut pt_have, &sk_glwe_dft, scratch.borrow());
|
||||
|
||||
let mut lwe_2n: Vec<i64> = vec![0i64; lwe.n() + 1]; // TODO: from scratch space
|
||||
|
||||
negate_and_mod_switch_2n(2 * lut.domain_size(), &mut lwe_2n, &lwe.to_ref());
|
||||
|
||||
let pt_want: i64 = (lwe_2n[0]
|
||||
+ lwe_2n[1..]
|
||||
.iter()
|
||||
.zip(sk_lwe.data.at(0, 0))
|
||||
.map(|(x, y)| x * y)
|
||||
.sum::<i64>())
|
||||
& (2 * lut.domain_size() - 1) as i64;
|
||||
|
||||
lut.rotate(pt_want);
|
||||
|
||||
// First limb should be exactly equal (test are parameterized such that the noise does not reach
|
||||
// the first limb)
|
||||
assert_eq!(pt_have.data.at(0, 0), lut.data[0].at(0, 0));
|
||||
}
|
||||
@@ -1,3 +1,5 @@
|
||||
use std::io::{Read, Result, Write};
|
||||
|
||||
#[derive(Clone, Copy, Debug)]
|
||||
pub(crate) enum Distribution {
|
||||
TernaryFixed(usize), // Ternary with fixed Hamming weight
|
||||
@@ -8,3 +10,75 @@ pub(crate) enum Distribution {
|
||||
ZERO, // Debug mod
|
||||
NONE, // Unitialized
|
||||
}
|
||||
|
||||
const TAG_TERNARY_FIXED: u8 = 0;
|
||||
const TAG_TERNARY_PROB: u8 = 1;
|
||||
const TAG_BINARY_FIXED: u8 = 2;
|
||||
const TAG_BINARY_PROB: u8 = 3;
|
||||
const TAG_BINARY_BLOCK: u8 = 4;
|
||||
const TAG_ZERO: u8 = 5;
|
||||
const TAG_NONE: u8 = 6;
|
||||
|
||||
use byteorder::{LittleEndian, ReadBytesExt, WriteBytesExt};
|
||||
|
||||
impl Distribution {
|
||||
pub fn write_to<W: Write>(&self, writer: &mut W) -> Result<()> {
|
||||
let word: u64 = match self {
|
||||
Distribution::TernaryFixed(v) => (TAG_TERNARY_FIXED as u64) << 56 | (*v as u64),
|
||||
Distribution::TernaryProb(p) => {
|
||||
let bits = p.to_bits(); // f64 -> u64 bit representation
|
||||
(TAG_TERNARY_PROB as u64) << 56 | (bits & 0x00FF_FFFF_FFFF_FFFF)
|
||||
}
|
||||
Distribution::BinaryFixed(v) => (TAG_BINARY_FIXED as u64) << 56 | (*v as u64),
|
||||
Distribution::BinaryProb(p) => {
|
||||
let bits = p.to_bits();
|
||||
(TAG_BINARY_PROB as u64) << 56 | (bits & 0x00FF_FFFF_FFFF_FFFF)
|
||||
}
|
||||
Distribution::BinaryBlock(v) => (TAG_BINARY_BLOCK as u64) << 56 | (*v as u64),
|
||||
Distribution::ZERO => (TAG_ZERO as u64) << 56,
|
||||
Distribution::NONE => (TAG_NONE as u64) << 56,
|
||||
};
|
||||
writer.write_u64::<LittleEndian>(word)
|
||||
}
|
||||
|
||||
pub fn read_from<R: Read>(reader: &mut R) -> Result<Self> {
|
||||
let word = reader.read_u64::<LittleEndian>()?;
|
||||
let tag = (word >> 56) as u8;
|
||||
let payload = word & 0x00FF_FFFF_FFFF_FFFF;
|
||||
|
||||
let dist = match tag {
|
||||
TAG_TERNARY_FIXED => Distribution::TernaryFixed(payload as usize),
|
||||
TAG_TERNARY_PROB => Distribution::TernaryProb(f64::from_bits(payload)),
|
||||
TAG_BINARY_FIXED => Distribution::BinaryFixed(payload as usize),
|
||||
TAG_BINARY_PROB => Distribution::BinaryProb(f64::from_bits(payload)),
|
||||
TAG_BINARY_BLOCK => Distribution::BinaryBlock(payload as usize),
|
||||
TAG_ZERO => Distribution::ZERO,
|
||||
TAG_NONE => Distribution::NONE,
|
||||
_ => {
|
||||
return Err(std::io::Error::new(
|
||||
std::io::ErrorKind::InvalidData,
|
||||
"Invalid tag",
|
||||
));
|
||||
}
|
||||
};
|
||||
Ok(dist)
|
||||
}
|
||||
}
|
||||
|
||||
impl PartialEq for Distribution {
|
||||
fn eq(&self, other: &Self) -> bool {
|
||||
use Distribution::*;
|
||||
match (self, other) {
|
||||
(TernaryFixed(a), TernaryFixed(b)) => a == b,
|
||||
(TernaryProb(a), TernaryProb(b)) => a.to_bits() == b.to_bits(),
|
||||
(BinaryFixed(a), BinaryFixed(b)) => a == b,
|
||||
(BinaryProb(a), BinaryProb(b)) => a.to_bits() == b.to_bits(),
|
||||
(BinaryBlock(a), BinaryBlock(b)) => a == b,
|
||||
(ZERO, ZERO) => true,
|
||||
(NONE, NONE) => true,
|
||||
_ => false,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
impl Eq for Distribution {}
|
||||
|
||||
@@ -1,6 +1,4 @@
|
||||
use backend::{Backend, Module, ZnxInfos};
|
||||
|
||||
use crate::FourierGLWECiphertext;
|
||||
use backend::hal::api::ZnxInfos;
|
||||
|
||||
pub trait Infos {
|
||||
type Inner: ZnxInfos;
|
||||
@@ -54,15 +52,3 @@ pub trait SetMetaData {
|
||||
fn set_basek(&mut self, basek: usize);
|
||||
fn set_k(&mut self, k: usize);
|
||||
}
|
||||
|
||||
pub trait GetRow<B: Backend> {
|
||||
fn get_row<R>(&self, module: &Module<B>, row_i: usize, col_j: usize, res: &mut FourierGLWECiphertext<R, B>)
|
||||
where
|
||||
R: AsMut<[u8]> + AsRef<[u8]>;
|
||||
}
|
||||
|
||||
pub trait SetRow<B: Backend> {
|
||||
fn set_row<R>(&mut self, module: &Module<B>, row_i: usize, col_j: usize, a: &FourierGLWECiphertext<R, B>)
|
||||
where
|
||||
R: AsRef<[u8]>;
|
||||
}
|
||||
|
||||
@@ -1,45 +0,0 @@
|
||||
use backend::{Backend, Module, VecZnxDft, VecZnxDftAlloc};
|
||||
|
||||
use crate::Infos;
|
||||
|
||||
pub struct FourierGLWECiphertext<C, B: Backend> {
|
||||
pub data: VecZnxDft<C, B>,
|
||||
pub basek: usize,
|
||||
pub k: usize,
|
||||
}
|
||||
|
||||
impl<B: Backend> FourierGLWECiphertext<Vec<u8>, B> {
|
||||
pub fn alloc(module: &Module<B>, basek: usize, k: usize, rank: usize) -> Self {
|
||||
Self {
|
||||
data: module.new_vec_znx_dft(rank + 1, k.div_ceil(basek)),
|
||||
basek: basek,
|
||||
k: k,
|
||||
}
|
||||
}
|
||||
|
||||
pub fn bytes_of(module: &Module<B>, basek: usize, k: usize, rank: usize) -> usize {
|
||||
module.bytes_of_vec_znx_dft(rank + 1, k.div_ceil(basek))
|
||||
}
|
||||
}
|
||||
|
||||
impl<T, B: Backend> Infos for FourierGLWECiphertext<T, B> {
|
||||
type Inner = VecZnxDft<T, B>;
|
||||
|
||||
fn inner(&self) -> &Self::Inner {
|
||||
&self.data
|
||||
}
|
||||
|
||||
fn basek(&self) -> usize {
|
||||
self.basek
|
||||
}
|
||||
|
||||
fn k(&self) -> usize {
|
||||
self.k
|
||||
}
|
||||
}
|
||||
|
||||
impl<T, B: Backend> FourierGLWECiphertext<T, B> {
|
||||
pub fn rank(&self) -> usize {
|
||||
self.cols() - 1
|
||||
}
|
||||
}
|
||||
@@ -1,84 +0,0 @@
|
||||
use backend::{
|
||||
FFT64, Module, ScalarZnxDftOps, Scratch, VecZnxBig, VecZnxBigAlloc, VecZnxBigOps, VecZnxBigScratch, VecZnxDftAlloc,
|
||||
VecZnxDftOps, ZnxZero,
|
||||
};
|
||||
|
||||
use crate::{FourierGLWECiphertext, FourierGLWESecret, GLWECiphertext, GLWEPlaintext, Infos};
|
||||
|
||||
impl FourierGLWECiphertext<Vec<u8>, FFT64> {
|
||||
pub fn decrypt_scratch_space(module: &Module<FFT64>, basek: usize, k: usize) -> usize {
|
||||
let size: usize = k.div_ceil(basek);
|
||||
(module.vec_znx_big_normalize_tmp_bytes()
|
||||
| module.bytes_of_vec_znx_dft(1, size)
|
||||
| (module.bytes_of_vec_znx_big(1, size) + module.vec_znx_idft_tmp_bytes()))
|
||||
+ module.bytes_of_vec_znx_big(1, size)
|
||||
}
|
||||
}
|
||||
|
||||
impl<DataSelf: AsRef<[u8]>> FourierGLWECiphertext<DataSelf, FFT64> {
|
||||
pub fn decrypt<DataPt: AsRef<[u8]> + AsMut<[u8]>, DataSk: AsRef<[u8]>>(
|
||||
&self,
|
||||
module: &Module<FFT64>,
|
||||
pt: &mut GLWEPlaintext<DataPt>,
|
||||
sk: &FourierGLWESecret<DataSk, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
assert_eq!(self.rank(), sk.rank());
|
||||
assert_eq!(self.n(), module.n());
|
||||
assert_eq!(pt.n(), module.n());
|
||||
assert_eq!(sk.n(), module.n());
|
||||
}
|
||||
|
||||
let cols = self.rank() + 1;
|
||||
|
||||
let (mut pt_big, scratch_1) = scratch.tmp_vec_znx_big(module, 1, self.size()); // TODO optimize size when pt << ct
|
||||
pt_big.zero();
|
||||
|
||||
{
|
||||
(1..cols).for_each(|i| {
|
||||
let (mut ci_dft, _) = scratch_1.tmp_vec_znx_dft(module, 1, self.size()); // TODO optimize size when pt << ct
|
||||
module.svp_apply(&mut ci_dft, 0, &sk.data, i - 1, &self.data, i);
|
||||
let ci_big: VecZnxBig<&mut [u8], FFT64> = module.vec_znx_idft_consume(ci_dft);
|
||||
module.vec_znx_big_add_inplace(&mut pt_big, 0, &ci_big, 0);
|
||||
});
|
||||
}
|
||||
|
||||
{
|
||||
let (mut c0_big, scratch_2) = scratch_1.tmp_vec_znx_big(module, 1, self.size());
|
||||
// c0_big = (a * s) + (-a * s + m + e) = BIG(m + e)
|
||||
module.vec_znx_idft(&mut c0_big, 0, &self.data, 0, scratch_2);
|
||||
module.vec_znx_big_add_inplace(&mut pt_big, 0, &c0_big, 0);
|
||||
}
|
||||
|
||||
// pt = norm(BIG(m + e))
|
||||
module.vec_znx_big_normalize(self.basek(), &mut pt.data, 0, &mut pt_big, 0, scratch_1);
|
||||
|
||||
pt.basek = self.basek();
|
||||
pt.k = pt.k().min(self.k());
|
||||
}
|
||||
|
||||
#[allow(dead_code)]
|
||||
pub(crate) fn idft<DataRes: AsRef<[u8]> + AsMut<[u8]>>(
|
||||
&self,
|
||||
module: &Module<FFT64>,
|
||||
res: &mut GLWECiphertext<DataRes>,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
assert_eq!(self.rank(), res.rank());
|
||||
assert_eq!(self.basek(), res.basek())
|
||||
}
|
||||
|
||||
let min_size: usize = self.size().min(res.size());
|
||||
|
||||
let (mut res_big, scratch1) = scratch.tmp_vec_znx_big(module, 1, min_size);
|
||||
|
||||
(0..self.rank() + 1).for_each(|i| {
|
||||
module.vec_znx_idft(&mut res_big, 0, &self.data, i, scratch1);
|
||||
module.vec_znx_big_normalize(self.basek(), &mut res.data, i, &res_big, 0, scratch1);
|
||||
});
|
||||
}
|
||||
}
|
||||
@@ -1,32 +0,0 @@
|
||||
use backend::{FFT64, Module, Scratch, VecZnxAlloc, VecZnxBigScratch, VecZnxDftOps};
|
||||
use sampling::source::Source;
|
||||
|
||||
use crate::{FourierGLWECiphertext, FourierGLWESecret, GLWECiphertext, Infos, ScratchCore};
|
||||
|
||||
impl FourierGLWECiphertext<Vec<u8>, FFT64> {
|
||||
#[allow(dead_code)]
|
||||
pub(crate) fn idft_scratch_space(module: &Module<FFT64>, basek: usize, k: usize) -> usize {
|
||||
module.bytes_of_vec_znx(1, k.div_ceil(basek))
|
||||
+ (module.vec_znx_big_normalize_tmp_bytes() | module.vec_znx_idft_tmp_bytes())
|
||||
}
|
||||
|
||||
pub fn encrypt_sk_scratch_space(module: &Module<FFT64>, basek: usize, k: usize, rank: usize) -> usize {
|
||||
module.bytes_of_vec_znx(rank + 1, k.div_ceil(basek)) + GLWECiphertext::encrypt_sk_scratch_space(module, basek, k)
|
||||
}
|
||||
}
|
||||
|
||||
impl<DataSelf: AsMut<[u8]> + AsRef<[u8]>> FourierGLWECiphertext<DataSelf, FFT64> {
|
||||
pub fn encrypt_zero_sk<DataSk: AsRef<[u8]>>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
sk: &FourierGLWESecret<DataSk, FFT64>,
|
||||
source_xa: &mut Source,
|
||||
source_xe: &mut Source,
|
||||
sigma: f64,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
let (mut tmp_ct, scratch1) = scratch.tmp_glwe_ct(module, self.basek(), self.k(), self.rank());
|
||||
tmp_ct.encrypt_zero_sk(module, sk, source_xa, source_xe, sigma, scratch1);
|
||||
tmp_ct.dft(module, self);
|
||||
}
|
||||
}
|
||||
@@ -1,129 +0,0 @@
|
||||
use backend::{
|
||||
FFT64, MatZnxDftOps, MatZnxDftScratch, Module, Scratch, VecZnxAlloc, VecZnxBig, VecZnxBigOps, VecZnxBigScratch,
|
||||
VecZnxDftAlloc, VecZnxDftOps,
|
||||
};
|
||||
|
||||
use crate::{FourierGLWECiphertext, GGSWCiphertext, Infos};
|
||||
|
||||
impl FourierGLWECiphertext<Vec<u8>, FFT64> {
|
||||
// WARNING TODO: UPDATE
|
||||
pub fn external_product_scratch_space(
|
||||
module: &Module<FFT64>,
|
||||
basek: usize,
|
||||
_k_out: usize,
|
||||
k_in: usize,
|
||||
k_ggsw: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> usize {
|
||||
let ggsw_size: usize = k_ggsw.div_ceil(basek);
|
||||
let res_dft: usize = module.bytes_of_vec_znx_dft(rank + 1, ggsw_size);
|
||||
let in_size: usize = k_in.div_ceil(basek).div_ceil(digits);
|
||||
let ggsw_size: usize = k_ggsw.div_ceil(basek);
|
||||
let vmp: usize = module.bytes_of_vec_znx_dft(rank + 1, in_size)
|
||||
+ module.vmp_apply_tmp_bytes(ggsw_size, in_size, in_size, rank + 1, rank + 1, ggsw_size);
|
||||
let res_small: usize = module.bytes_of_vec_znx(rank + 1, ggsw_size);
|
||||
let normalize: usize = module.vec_znx_big_normalize_tmp_bytes();
|
||||
res_dft + (vmp | (res_small + normalize))
|
||||
}
|
||||
|
||||
pub fn external_product_inplace_scratch_space(
|
||||
module: &Module<FFT64>,
|
||||
basek: usize,
|
||||
k_out: usize,
|
||||
k_ggsw: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> usize {
|
||||
Self::external_product_scratch_space(module, basek, k_out, k_out, k_ggsw, digits, rank)
|
||||
}
|
||||
}
|
||||
|
||||
impl<DataSelf: AsMut<[u8]> + AsRef<[u8]>> FourierGLWECiphertext<DataSelf, FFT64> {
|
||||
pub fn external_product<DataLhs: AsRef<[u8]>, DataRhs: AsRef<[u8]>>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
lhs: &FourierGLWECiphertext<DataLhs, FFT64>,
|
||||
rhs: &GGSWCiphertext<DataRhs, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
let basek: usize = self.basek();
|
||||
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
assert_eq!(rhs.rank(), lhs.rank());
|
||||
assert_eq!(rhs.rank(), self.rank());
|
||||
assert_eq!(self.basek(), basek);
|
||||
assert_eq!(lhs.basek(), basek);
|
||||
assert_eq!(rhs.n(), module.n());
|
||||
assert_eq!(self.n(), module.n());
|
||||
assert_eq!(lhs.n(), module.n());
|
||||
assert!(
|
||||
scratch.available()
|
||||
>= FourierGLWECiphertext::external_product_scratch_space(
|
||||
module,
|
||||
self.basek(),
|
||||
self.k(),
|
||||
lhs.k(),
|
||||
rhs.k(),
|
||||
rhs.digits(),
|
||||
rhs.rank(),
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
let cols: usize = rhs.rank() + 1;
|
||||
let digits = rhs.digits();
|
||||
|
||||
// Space for VMP result in DFT domain and high precision
|
||||
let (mut res_dft, scratch1) = scratch.tmp_vec_znx_dft(module, cols, rhs.size());
|
||||
let (mut a_dft, scratch2) = scratch1.tmp_vec_znx_dft(module, cols, (lhs.size() + digits - 1) / digits);
|
||||
|
||||
{
|
||||
(0..digits).for_each(|di| {
|
||||
a_dft.set_size((lhs.size() + di) / digits);
|
||||
|
||||
// Small optimization for digits > 2
|
||||
// VMP produce some error e, and since we aggregate vmp * 2^{di * B}, then
|
||||
// we also aggregate ei * 2^{di * B}, with the largest error being ei * 2^{(digits-1) * B}.
|
||||
// As such we can ignore the last digits-2 limbs safely of the sum of vmp products.
|
||||
// It is possible to further ignore the last digits-1 limbs, but this introduce
|
||||
// ~0.5 to 1 bit of additional noise, and thus not chosen here to ensure that the same
|
||||
// noise is kept with respect to the ideal functionality.
|
||||
res_dft.set_size(rhs.size() - ((digits - di) as isize - 2).max(0) as usize);
|
||||
|
||||
(0..cols).for_each(|col_i| {
|
||||
module.vec_znx_dft_copy(digits, digits - 1 - di, &mut a_dft, col_i, &lhs.data, col_i);
|
||||
});
|
||||
|
||||
if di == 0 {
|
||||
module.vmp_apply(&mut res_dft, &a_dft, &rhs.data, scratch2);
|
||||
} else {
|
||||
module.vmp_apply_add(&mut res_dft, &a_dft, &rhs.data, di, scratch2);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
// VMP result in high precision
|
||||
let res_big: VecZnxBig<&mut [u8], FFT64> = module.vec_znx_idft_consume::<&mut [u8]>(res_dft);
|
||||
|
||||
// Space for VMP result normalized
|
||||
let (mut res_small, scratch2) = scratch1.tmp_vec_znx(module, cols, rhs.size());
|
||||
(0..cols).for_each(|i| {
|
||||
module.vec_znx_big_normalize(basek, &mut res_small, i, &res_big, i, scratch2);
|
||||
module.vec_znx_dft(1, 0, &mut self.data, i, &res_small, i);
|
||||
});
|
||||
}
|
||||
|
||||
pub fn external_product_inplace<DataRhs: AsRef<[u8]>>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
rhs: &GGSWCiphertext<DataRhs, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
unsafe {
|
||||
let self_ptr: *mut FourierGLWECiphertext<DataSelf, FFT64> = self as *mut FourierGLWECiphertext<DataSelf, FFT64>;
|
||||
self.external_product(&module, &*self_ptr, rhs, scratch);
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -1,56 +0,0 @@
|
||||
use backend::{FFT64, Module, Scratch};
|
||||
|
||||
use crate::{FourierGLWECiphertext, GLWECiphertext, GLWESwitchingKey, Infos, ScratchCore};
|
||||
|
||||
impl FourierGLWECiphertext<Vec<u8>, FFT64> {
|
||||
pub fn keyswitch_scratch_space(
|
||||
module: &Module<FFT64>,
|
||||
basek: usize,
|
||||
k_out: usize,
|
||||
k_in: usize,
|
||||
k_ksk: usize,
|
||||
digits: usize,
|
||||
rank_in: usize,
|
||||
rank_out: usize,
|
||||
) -> usize {
|
||||
GLWECiphertext::bytes_of(module, basek, k_out, rank_out)
|
||||
+ GLWECiphertext::keyswitch_from_fourier_scratch_space(module, basek, k_out, k_in, k_ksk, digits, rank_in, rank_out)
|
||||
}
|
||||
|
||||
pub fn keyswitch_inplace_scratch_space(
|
||||
module: &Module<FFT64>,
|
||||
basek: usize,
|
||||
k_out: usize,
|
||||
k_ksk: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> usize {
|
||||
Self::keyswitch_scratch_space(module, basek, k_out, k_out, k_ksk, digits, rank, rank)
|
||||
}
|
||||
}
|
||||
|
||||
impl<DataSelf: AsMut<[u8]> + AsRef<[u8]>> FourierGLWECiphertext<DataSelf, FFT64> {
|
||||
pub fn keyswitch<DataLhs: AsRef<[u8]>, DataRhs: AsRef<[u8]>>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
lhs: &FourierGLWECiphertext<DataLhs, FFT64>,
|
||||
rhs: &GLWESwitchingKey<DataRhs, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
let (mut tmp_ct, scratch1) = scratch.tmp_glwe_ct(module, self.basek(), self.k(), self.rank());
|
||||
tmp_ct.keyswitch_from_fourier(module, lhs, rhs, scratch1);
|
||||
tmp_ct.dft(module, self);
|
||||
}
|
||||
|
||||
pub fn keyswitch_inplace<DataRhs: AsRef<[u8]>>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
rhs: &GLWESwitchingKey<DataRhs, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
unsafe {
|
||||
let self_ptr: *mut FourierGLWECiphertext<DataSelf, FFT64> = self as *mut FourierGLWECiphertext<DataSelf, FFT64>;
|
||||
self.keyswitch(&module, &*self_ptr, rhs, scratch);
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -1,12 +0,0 @@
|
||||
pub mod ciphertext;
|
||||
pub mod decryption;
|
||||
pub mod encryption;
|
||||
pub mod external_product;
|
||||
pub mod keyswitch;
|
||||
pub mod secret;
|
||||
|
||||
pub use ciphertext::FourierGLWECiphertext;
|
||||
pub use secret::FourierGLWESecret;
|
||||
|
||||
#[cfg(test)]
|
||||
pub mod test_fft64;
|
||||
@@ -1,58 +0,0 @@
|
||||
use backend::{Backend, FFT64, Module, ScalarZnxDft, ScalarZnxDftAlloc, ScalarZnxDftOps, ZnxInfos};
|
||||
|
||||
use crate::{GLWESecret, dist::Distribution};
|
||||
|
||||
pub struct FourierGLWESecret<T, B: Backend> {
|
||||
pub(crate) data: ScalarZnxDft<T, B>,
|
||||
pub(crate) dist: Distribution,
|
||||
}
|
||||
|
||||
impl<B: Backend> FourierGLWESecret<Vec<u8>, B> {
|
||||
pub fn alloc(module: &Module<B>, rank: usize) -> Self {
|
||||
Self {
|
||||
data: module.new_scalar_znx_dft(rank),
|
||||
dist: Distribution::NONE,
|
||||
}
|
||||
}
|
||||
|
||||
pub fn bytes_of(module: &Module<B>, rank: usize) -> usize {
|
||||
module.bytes_of_scalar_znx_dft(rank)
|
||||
}
|
||||
}
|
||||
|
||||
impl FourierGLWESecret<Vec<u8>, FFT64> {
|
||||
pub fn from<D>(module: &Module<FFT64>, sk: &GLWESecret<D>) -> Self
|
||||
where
|
||||
D: AsRef<[u8]>,
|
||||
{
|
||||
let mut sk_dft: FourierGLWESecret<Vec<u8>, FFT64> = Self::alloc(module, sk.rank());
|
||||
sk_dft.set(module, sk);
|
||||
sk_dft
|
||||
}
|
||||
}
|
||||
|
||||
impl<DataSelf, B: Backend> FourierGLWESecret<DataSelf, B> {
|
||||
pub fn n(&self) -> usize {
|
||||
self.data.n()
|
||||
}
|
||||
|
||||
pub fn log_n(&self) -> usize {
|
||||
self.data.log_n()
|
||||
}
|
||||
|
||||
pub fn rank(&self) -> usize {
|
||||
self.data.cols()
|
||||
}
|
||||
}
|
||||
|
||||
impl<S: AsMut<[u8]> + AsRef<[u8]>> FourierGLWESecret<S, FFT64> {
|
||||
pub(crate) fn set<D>(&mut self, module: &Module<FFT64>, sk: &GLWESecret<D>)
|
||||
where
|
||||
D: AsRef<[u8]>,
|
||||
{
|
||||
(0..self.rank()).for_each(|i| {
|
||||
module.svp_prepare(&mut self.data, i, &sk.data, i);
|
||||
});
|
||||
self.dist = sk.dist
|
||||
}
|
||||
}
|
||||
@@ -1,246 +0,0 @@
|
||||
use crate::{
|
||||
FourierGLWECiphertext, FourierGLWESecret, GGSWCiphertext, GLWECiphertext, GLWEOps, GLWEPlaintext, GLWESecret, Infos,
|
||||
noise::noise_ggsw_product,
|
||||
};
|
||||
use backend::{FFT64, FillUniform, Module, ScalarZnx, ScalarZnxAlloc, ScratchOwned, Stats, VecZnxOps, ZnxViewMut};
|
||||
use sampling::source::Source;
|
||||
|
||||
#[test]
|
||||
fn apply() {
|
||||
let log_n: usize = 8;
|
||||
let basek: usize = 12;
|
||||
let k_in: usize = 45;
|
||||
let digits: usize = k_in.div_ceil(basek);
|
||||
(1..4).for_each(|rank| {
|
||||
(1..digits + 1).for_each(|di| {
|
||||
let k_ggsw: usize = k_in + basek * di;
|
||||
println!("test external_product digits: {} rank: {}", di, rank);
|
||||
let k_out: usize = k_ggsw; // Better capture noise.
|
||||
test_apply(log_n, basek, k_out, k_in, k_ggsw, di, rank, 3.2);
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn apply_inplace() {
|
||||
let log_n: usize = 8;
|
||||
let basek: usize = 12;
|
||||
let k_ct: usize = 60;
|
||||
let digits: usize = k_ct.div_ceil(basek);
|
||||
(1..4).for_each(|rank| {
|
||||
(1..digits + 1).for_each(|di| {
|
||||
let k_ggsw: usize = k_ct + basek * di;
|
||||
println!("test external_product digits: {} rank: {}", di, rank);
|
||||
test_apply_inplace(log_n, basek, k_ct, k_ggsw, di, rank, 3.2);
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
fn test_apply(log_n: usize, basek: usize, k_out: usize, k_in: usize, k_ggsw: usize, digits: usize, rank: usize, sigma: f64) {
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
|
||||
let rows: usize = k_in.div_ceil(digits * basek);
|
||||
|
||||
let mut ct_ggsw: GGSWCiphertext<Vec<u8>, FFT64> = GGSWCiphertext::alloc(&module, basek, k_ggsw, rows, digits, rank);
|
||||
let mut ct_in: GLWECiphertext<Vec<u8>> = GLWECiphertext::alloc(&module, basek, k_in, rank);
|
||||
let mut ct_out: GLWECiphertext<Vec<u8>> = GLWECiphertext::alloc(&module, basek, k_out, rank);
|
||||
let mut ct_in_dft: FourierGLWECiphertext<Vec<u8>, FFT64> = FourierGLWECiphertext::alloc(&module, basek, k_in, rank);
|
||||
let mut ct_out_dft: FourierGLWECiphertext<Vec<u8>, FFT64> = FourierGLWECiphertext::alloc(&module, basek, k_out, rank);
|
||||
let mut pt_rgsw: ScalarZnx<Vec<u8>> = module.new_scalar_znx(1);
|
||||
let mut pt_want: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k_in);
|
||||
let mut pt_have: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k_out);
|
||||
|
||||
let mut source_xs: Source = Source::new([0u8; 32]);
|
||||
let mut source_xe: Source = Source::new([0u8; 32]);
|
||||
let mut source_xa: Source = Source::new([0u8; 32]);
|
||||
|
||||
// Random input plaintext
|
||||
pt_want
|
||||
.data
|
||||
.fill_uniform(basek, 0, pt_want.size(), &mut source_xa);
|
||||
|
||||
pt_want.data.at_mut(0, 0)[1] = 1;
|
||||
|
||||
let k: i64 = 1;
|
||||
|
||||
pt_rgsw.raw_mut()[0] = 1; // X^{0}
|
||||
module.vec_znx_rotate_inplace(k, &mut pt_rgsw, 0); // X^{k}
|
||||
|
||||
let mut scratch: ScratchOwned = ScratchOwned::new(
|
||||
GGSWCiphertext::encrypt_sk_scratch_space(&module, basek, ct_ggsw.k(), rank)
|
||||
| GLWECiphertext::decrypt_scratch_space(&module, basek, ct_out.k())
|
||||
| GLWECiphertext::encrypt_sk_scratch_space(&module, basek, ct_in.k())
|
||||
| FourierGLWECiphertext::external_product_scratch_space(
|
||||
&module,
|
||||
basek,
|
||||
ct_out.k(),
|
||||
ct_in.k(),
|
||||
ct_ggsw.k(),
|
||||
digits,
|
||||
rank,
|
||||
),
|
||||
);
|
||||
|
||||
let mut sk: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank);
|
||||
sk.fill_ternary_prob(0.5, &mut source_xs);
|
||||
let sk_dft: FourierGLWESecret<Vec<u8>, FFT64> = FourierGLWESecret::from(&module, &sk);
|
||||
|
||||
ct_ggsw.encrypt_sk(
|
||||
&module,
|
||||
&pt_rgsw,
|
||||
&sk_dft,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
ct_in.encrypt_sk(
|
||||
&module,
|
||||
&pt_want,
|
||||
&sk_dft,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
ct_in.dft(&module, &mut ct_in_dft);
|
||||
ct_out_dft.external_product(&module, &ct_in_dft, &ct_ggsw, scratch.borrow());
|
||||
ct_out_dft.idft(&module, &mut ct_out, scratch.borrow());
|
||||
|
||||
ct_out.decrypt(&module, &mut pt_have, &sk_dft, scratch.borrow());
|
||||
|
||||
pt_want.rotate_inplace(&module, k);
|
||||
pt_have.sub_inplace_ab(&module, &pt_want);
|
||||
|
||||
let noise_have: f64 = pt_have.data.std(0, basek).log2();
|
||||
|
||||
let var_gct_err_lhs: f64 = sigma * sigma;
|
||||
let var_gct_err_rhs: f64 = 0f64;
|
||||
|
||||
let var_msg: f64 = 1f64 / module.n() as f64; // X^{k}
|
||||
let var_a0_err: f64 = sigma * sigma;
|
||||
let var_a1_err: f64 = 1f64 / 12f64;
|
||||
|
||||
let noise_want: f64 = noise_ggsw_product(
|
||||
module.n() as f64,
|
||||
basek * digits,
|
||||
0.5,
|
||||
var_msg,
|
||||
var_a0_err,
|
||||
var_a1_err,
|
||||
var_gct_err_lhs,
|
||||
var_gct_err_rhs,
|
||||
rank as f64,
|
||||
k_in,
|
||||
k_ggsw,
|
||||
);
|
||||
|
||||
assert!(
|
||||
(noise_have - noise_want).abs() <= 0.5,
|
||||
"{} {}",
|
||||
noise_have,
|
||||
noise_want
|
||||
);
|
||||
}
|
||||
|
||||
fn test_apply_inplace(log_n: usize, basek: usize, k_ct: usize, k_ggsw: usize, digits: usize, rank: usize, sigma: f64) {
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
let rows: usize = k_ct.div_ceil(digits * basek);
|
||||
|
||||
let mut ct_ggsw: GGSWCiphertext<Vec<u8>, FFT64> = GGSWCiphertext::alloc(&module, basek, k_ggsw, rows, digits, rank);
|
||||
let mut ct: GLWECiphertext<Vec<u8>> = GLWECiphertext::alloc(&module, basek, k_ct, rank);
|
||||
let mut ct_rlwe_dft: FourierGLWECiphertext<Vec<u8>, FFT64> = FourierGLWECiphertext::alloc(&module, basek, k_ct, rank);
|
||||
let mut pt_rgsw: ScalarZnx<Vec<u8>> = module.new_scalar_znx(1);
|
||||
let mut pt_want: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k_ct);
|
||||
let mut pt_have: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k_ct);
|
||||
|
||||
let mut source_xs: Source = Source::new([0u8; 32]);
|
||||
let mut source_xe: Source = Source::new([0u8; 32]);
|
||||
let mut source_xa: Source = Source::new([0u8; 32]);
|
||||
|
||||
// Random input plaintext
|
||||
pt_want
|
||||
.data
|
||||
.fill_uniform(basek, 0, pt_want.size(), &mut source_xa);
|
||||
|
||||
pt_want.data.at_mut(0, 0)[1] = 1;
|
||||
|
||||
let k: i64 = 1;
|
||||
|
||||
pt_rgsw.raw_mut()[0] = 1; // X^{0}
|
||||
module.vec_znx_rotate_inplace(k, &mut pt_rgsw, 0); // X^{k}
|
||||
|
||||
let mut scratch: ScratchOwned = ScratchOwned::new(
|
||||
GGSWCiphertext::encrypt_sk_scratch_space(&module, basek, ct_ggsw.k(), rank)
|
||||
| GLWECiphertext::decrypt_scratch_space(&module, basek, ct.k())
|
||||
| GLWECiphertext::encrypt_sk_scratch_space(&module, basek, ct.k())
|
||||
| FourierGLWECiphertext::external_product_inplace_scratch_space(&module, basek, ct.k(), ct_ggsw.k(), digits, rank),
|
||||
);
|
||||
|
||||
let mut sk: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank);
|
||||
sk.fill_ternary_prob(0.5, &mut source_xs);
|
||||
let sk_dft: FourierGLWESecret<Vec<u8>, FFT64> = FourierGLWESecret::from(&module, &sk);
|
||||
|
||||
ct_ggsw.encrypt_sk(
|
||||
&module,
|
||||
&pt_rgsw,
|
||||
&sk_dft,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
ct.encrypt_sk(
|
||||
&module,
|
||||
&pt_want,
|
||||
&sk_dft,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
ct.dft(&module, &mut ct_rlwe_dft);
|
||||
ct_rlwe_dft.external_product_inplace(&module, &ct_ggsw, scratch.borrow());
|
||||
ct_rlwe_dft.idft(&module, &mut ct, scratch.borrow());
|
||||
|
||||
ct.decrypt(&module, &mut pt_have, &sk_dft, scratch.borrow());
|
||||
|
||||
pt_want.rotate_inplace(&module, k);
|
||||
pt_have.sub_inplace_ab(&module, &pt_want);
|
||||
|
||||
let noise_have: f64 = pt_have.data.std(0, basek).log2();
|
||||
|
||||
let var_gct_err_lhs: f64 = sigma * sigma;
|
||||
let var_gct_err_rhs: f64 = 0f64;
|
||||
|
||||
let var_msg: f64 = 1f64 / module.n() as f64; // X^{k}
|
||||
let var_a0_err: f64 = sigma * sigma;
|
||||
let var_a1_err: f64 = 1f64 / 12f64;
|
||||
|
||||
let noise_want: f64 = noise_ggsw_product(
|
||||
module.n() as f64,
|
||||
basek * digits,
|
||||
0.5,
|
||||
var_msg,
|
||||
var_a0_err,
|
||||
var_a1_err,
|
||||
var_gct_err_lhs,
|
||||
var_gct_err_rhs,
|
||||
rank as f64,
|
||||
k_ct,
|
||||
k_ggsw,
|
||||
);
|
||||
|
||||
assert!(
|
||||
(noise_have - noise_want).abs() <= 0.5,
|
||||
"{} {}",
|
||||
noise_have,
|
||||
noise_want
|
||||
);
|
||||
|
||||
println!("{} {}", noise_have, noise_want);
|
||||
}
|
||||
@@ -1,235 +0,0 @@
|
||||
use crate::{
|
||||
FourierGLWECiphertext, FourierGLWESecret, GLWECiphertext, GLWEPlaintext, GLWESecret, GLWESwitchingKey, Infos,
|
||||
noise::log2_std_noise_gglwe_product,
|
||||
};
|
||||
use backend::{FFT64, FillUniform, Module, ScratchOwned, Stats, VecZnxOps};
|
||||
use sampling::source::Source;
|
||||
|
||||
#[test]
|
||||
fn apply() {
|
||||
let log_n: usize = 8;
|
||||
let basek: usize = 12;
|
||||
let k_in: usize = 45;
|
||||
let digits: usize = k_in.div_ceil(basek);
|
||||
(1..4).for_each(|rank_in| {
|
||||
(1..4).for_each(|rank_out| {
|
||||
(1..digits + 1).for_each(|di| {
|
||||
let k_ksk: usize = k_in + basek * di;
|
||||
println!(
|
||||
"test keyswitch digits: {} rank_in: {} rank_out: {}",
|
||||
di, rank_in, rank_out
|
||||
);
|
||||
let k_out: usize = k_ksk; // Better capture noise.
|
||||
test_apply(log_n, basek, k_in, k_out, k_ksk, di, rank_in, rank_out, 3.2);
|
||||
})
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn apply_inplace() {
|
||||
let log_n: usize = 8;
|
||||
let basek: usize = 12;
|
||||
let k_ct: usize = 45;
|
||||
let digits: usize = k_ct.div_ceil(basek);
|
||||
(1..4).for_each(|rank| {
|
||||
(1..digits + 1).for_each(|di| {
|
||||
let k_ksk: usize = k_ct + basek * di;
|
||||
println!("test keyswitch_inplace digits: {} rank: {}", di, rank);
|
||||
test_apply_inplace(log_n, basek, k_ct, k_ksk, di, rank, 3.2);
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
fn test_apply(
|
||||
log_n: usize,
|
||||
basek: usize,
|
||||
k_in: usize,
|
||||
k_out: usize,
|
||||
k_ksk: usize,
|
||||
digits: usize,
|
||||
rank_in: usize,
|
||||
rank_out: usize,
|
||||
sigma: f64,
|
||||
) {
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
|
||||
let rows: usize = k_in.div_ceil(basek * digits);
|
||||
|
||||
let mut ksk: GLWESwitchingKey<Vec<u8>, FFT64> =
|
||||
GLWESwitchingKey::alloc(&module, basek, k_ksk, rows, digits, rank_in, rank_out);
|
||||
let mut ct_glwe_in: GLWECiphertext<Vec<u8>> = GLWECiphertext::alloc(&module, basek, k_in, rank_in);
|
||||
let mut ct_glwe_dft_in: FourierGLWECiphertext<Vec<u8>, FFT64> = FourierGLWECiphertext::alloc(&module, basek, k_in, rank_in);
|
||||
let mut ct_glwe_out: GLWECiphertext<Vec<u8>> = GLWECiphertext::alloc(&module, basek, k_out, rank_out);
|
||||
let mut ct_glwe_dft_out: FourierGLWECiphertext<Vec<u8>, FFT64> =
|
||||
FourierGLWECiphertext::alloc(&module, basek, k_out, rank_out);
|
||||
let mut pt_want: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k_in);
|
||||
let mut pt_have: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k_out);
|
||||
|
||||
let mut source_xs: Source = Source::new([0u8; 32]);
|
||||
let mut source_xe: Source = Source::new([0u8; 32]);
|
||||
let mut source_xa: Source = Source::new([0u8; 32]);
|
||||
|
||||
// Random input plaintext
|
||||
pt_want
|
||||
.data
|
||||
.fill_uniform(basek, 0, pt_want.size(), &mut source_xa);
|
||||
|
||||
let mut scratch: ScratchOwned = ScratchOwned::new(
|
||||
GLWESwitchingKey::encrypt_sk_scratch_space(&module, basek, k_ksk, rank_in, rank_out)
|
||||
| GLWECiphertext::decrypt_scratch_space(&module, basek, k_out)
|
||||
| GLWECiphertext::encrypt_sk_scratch_space(&module, basek, k_in)
|
||||
| FourierGLWECiphertext::keyswitch_scratch_space(
|
||||
&module,
|
||||
basek,
|
||||
ct_glwe_out.k(),
|
||||
ksk.k(),
|
||||
ct_glwe_in.k(),
|
||||
digits,
|
||||
rank_in,
|
||||
rank_out,
|
||||
),
|
||||
);
|
||||
|
||||
let mut sk_in: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank_in);
|
||||
sk_in.fill_ternary_prob(0.5, &mut source_xs);
|
||||
let sk_in_dft: FourierGLWESecret<Vec<u8>, FFT64> = FourierGLWESecret::from(&module, &sk_in);
|
||||
|
||||
let mut sk_out: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank_out);
|
||||
sk_out.fill_ternary_prob(0.5, &mut source_xs);
|
||||
let sk_out_dft: FourierGLWESecret<Vec<u8>, FFT64> = FourierGLWESecret::from(&module, &sk_out);
|
||||
|
||||
ksk.encrypt_sk(
|
||||
&module,
|
||||
&sk_in,
|
||||
&sk_out_dft,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
ct_glwe_in.encrypt_sk(
|
||||
&module,
|
||||
&pt_want,
|
||||
&sk_in_dft,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
ct_glwe_in.dft(&module, &mut ct_glwe_dft_in);
|
||||
ct_glwe_dft_out.keyswitch(&module, &ct_glwe_dft_in, &ksk, scratch.borrow());
|
||||
ct_glwe_dft_out.idft(&module, &mut ct_glwe_out, scratch.borrow());
|
||||
|
||||
ct_glwe_out.decrypt(&module, &mut pt_have, &sk_out_dft, scratch.borrow());
|
||||
|
||||
module.vec_znx_sub_ab_inplace(&mut pt_have.data, 0, &pt_want.data, 0);
|
||||
|
||||
let noise_have: f64 = pt_have.data.std(0, basek).log2();
|
||||
let noise_want: f64 = log2_std_noise_gglwe_product(
|
||||
module.n() as f64,
|
||||
basek * digits,
|
||||
0.5,
|
||||
0.5,
|
||||
0f64,
|
||||
sigma * sigma,
|
||||
0f64,
|
||||
rank_in as f64,
|
||||
k_in,
|
||||
k_ksk,
|
||||
);
|
||||
|
||||
assert!(
|
||||
(noise_have - noise_want).abs() <= 0.5,
|
||||
"{} {}",
|
||||
noise_have,
|
||||
noise_want
|
||||
);
|
||||
}
|
||||
|
||||
fn test_apply_inplace(log_n: usize, basek: usize, k_ct: usize, k_ksk: usize, digits: usize, rank: usize, sigma: f64) {
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
|
||||
let rows: usize = k_ct.div_ceil(basek * digits);
|
||||
|
||||
let mut ksk: GLWESwitchingKey<Vec<u8>, FFT64> = GLWESwitchingKey::alloc(&module, basek, k_ksk, rows, digits, rank, rank);
|
||||
let mut ct_glwe: GLWECiphertext<Vec<u8>> = GLWECiphertext::alloc(&module, basek, k_ct, rank);
|
||||
let mut ct_rlwe_dft: FourierGLWECiphertext<Vec<u8>, FFT64> = FourierGLWECiphertext::alloc(&module, basek, k_ct, rank);
|
||||
let mut pt_want: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k_ct);
|
||||
let mut pt_have: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k_ct);
|
||||
|
||||
let mut source_xs: Source = Source::new([0u8; 32]);
|
||||
let mut source_xe: Source = Source::new([0u8; 32]);
|
||||
let mut source_xa: Source = Source::new([0u8; 32]);
|
||||
|
||||
// Random input plaintext
|
||||
pt_want
|
||||
.data
|
||||
.fill_uniform(basek, 0, pt_want.size(), &mut source_xa);
|
||||
|
||||
let mut scratch: ScratchOwned = ScratchOwned::new(
|
||||
GLWESwitchingKey::encrypt_sk_scratch_space(&module, basek, ksk.k(), rank, rank)
|
||||
| GLWECiphertext::decrypt_scratch_space(&module, basek, ct_glwe.k())
|
||||
| GLWECiphertext::encrypt_sk_scratch_space(&module, basek, ct_glwe.k())
|
||||
| FourierGLWECiphertext::keyswitch_inplace_scratch_space(&module, basek, ct_rlwe_dft.k(), ksk.k(), digits, rank),
|
||||
);
|
||||
|
||||
let mut sk_in: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank);
|
||||
sk_in.fill_ternary_prob(0.5, &mut source_xs);
|
||||
let sk_in_dft: FourierGLWESecret<Vec<u8>, FFT64> = FourierGLWESecret::from(&module, &sk_in);
|
||||
|
||||
let mut sk_out: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank);
|
||||
sk_out.fill_ternary_prob(0.5, &mut source_xs);
|
||||
let sk_out_dft: FourierGLWESecret<Vec<u8>, FFT64> = FourierGLWESecret::from(&module, &sk_out);
|
||||
|
||||
ksk.encrypt_sk(
|
||||
&module,
|
||||
&sk_in,
|
||||
&sk_out_dft,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
ct_glwe.encrypt_sk(
|
||||
&module,
|
||||
&pt_want,
|
||||
&sk_in_dft,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
ct_glwe.dft(&module, &mut ct_rlwe_dft);
|
||||
ct_rlwe_dft.keyswitch_inplace(&module, &ksk, scratch.borrow());
|
||||
ct_rlwe_dft.idft(&module, &mut ct_glwe, scratch.borrow());
|
||||
|
||||
ct_glwe.decrypt(&module, &mut pt_have, &sk_out_dft, scratch.borrow());
|
||||
|
||||
module.vec_znx_sub_ab_inplace(&mut pt_have.data, 0, &pt_want.data, 0);
|
||||
|
||||
let noise_have: f64 = pt_have.data.std(0, basek).log2();
|
||||
let noise_want: f64 = log2_std_noise_gglwe_product(
|
||||
module.n() as f64,
|
||||
basek * digits,
|
||||
0.5,
|
||||
0.5,
|
||||
0f64,
|
||||
sigma * sigma,
|
||||
0f64,
|
||||
rank as f64,
|
||||
k_ct,
|
||||
k_ksk,
|
||||
);
|
||||
|
||||
assert!(
|
||||
(noise_have - noise_want).abs() <= 0.5,
|
||||
"{} {}",
|
||||
noise_have,
|
||||
noise_want
|
||||
);
|
||||
}
|
||||
@@ -1,2 +0,0 @@
|
||||
pub mod external_product;
|
||||
pub mod keyswitch;
|
||||
@@ -1,44 +1,52 @@
|
||||
use backend::{FFT64, Module, Scratch, VecZnx, VecZnxDftOps, VecZnxOps, ZnxZero};
|
||||
use backend::hal::{
|
||||
api::{ScratchAvailable, TakeVecZnxDft, VecZnxAutomorphism, VecZnxAutomorphismInplace, ZnxZero},
|
||||
layouts::{Backend, DataMut, DataRef, Module, Scratch},
|
||||
};
|
||||
|
||||
use crate::{FourierGLWECiphertext, GLWEAutomorphismKey, GLWECiphertext, GetRow, Infos, ScratchCore, SetRow};
|
||||
use crate::{AutomorphismKey, AutomorphismKeyExec, GLWECiphertext, GLWEKeyswitchFamily, Infos};
|
||||
|
||||
impl GLWEAutomorphismKey<Vec<u8>, FFT64> {
|
||||
pub fn automorphism_scratch_space(
|
||||
module: &Module<FFT64>,
|
||||
impl AutomorphismKey<Vec<u8>> {
|
||||
pub fn automorphism_scratch_space<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k_out: usize,
|
||||
k_in: usize,
|
||||
k_ksk: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> usize {
|
||||
let tmp_dft: usize = FourierGLWECiphertext::bytes_of(module, basek, k_in, rank);
|
||||
let tmp_idft: usize = FourierGLWECiphertext::bytes_of(module, basek, k_out, rank);
|
||||
let idft: usize = module.vec_znx_idft_tmp_bytes();
|
||||
let keyswitch: usize = GLWECiphertext::keyswitch_inplace_scratch_space(module, basek, k_out, k_ksk, digits, rank);
|
||||
tmp_dft + tmp_idft + idft + keyswitch
|
||||
) -> usize
|
||||
where
|
||||
Module<B>: GLWEKeyswitchFamily<B>,
|
||||
{
|
||||
GLWECiphertext::keyswitch_scratch_space(module, basek, k_out, k_in, k_ksk, digits, rank, rank)
|
||||
}
|
||||
|
||||
pub fn automorphism_inplace_scratch_space(
|
||||
module: &Module<FFT64>,
|
||||
pub fn automorphism_inplace_scratch_space<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k_out: usize,
|
||||
k_ksk: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> usize {
|
||||
GLWEAutomorphismKey::automorphism_scratch_space(module, basek, k_out, k_out, k_ksk, digits, rank)
|
||||
) -> usize
|
||||
where
|
||||
Module<B>: GLWEKeyswitchFamily<B>,
|
||||
{
|
||||
AutomorphismKey::automorphism_scratch_space(module, basek, k_out, k_out, k_ksk, digits, rank)
|
||||
}
|
||||
}
|
||||
|
||||
impl<DataSelf: AsMut<[u8]> + AsRef<[u8]>> GLWEAutomorphismKey<DataSelf, FFT64> {
|
||||
pub fn automorphism<DataLhs: AsRef<[u8]>, DataRhs: AsRef<[u8]>>(
|
||||
impl<DataSelf: DataMut> AutomorphismKey<DataSelf> {
|
||||
pub fn automorphism<'a, DataLhs: DataRef, DataRhs: DataRef, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
lhs: &GLWEAutomorphismKey<DataLhs, FFT64>,
|
||||
rhs: &GLWEAutomorphismKey<DataRhs, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
module: &Module<B>,
|
||||
lhs: &AutomorphismKey<DataLhs>,
|
||||
rhs: &AutomorphismKeyExec<DataRhs, B>,
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
Module<B>: GLWEKeyswitchFamily<B> + VecZnxAutomorphism + VecZnxAutomorphismInplace,
|
||||
Scratch<B>: TakeVecZnxDft<B> + ScratchAvailable,
|
||||
{
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
assert_eq!(
|
||||
@@ -72,78 +80,49 @@ impl<DataSelf: AsMut<[u8]> + AsRef<[u8]>> GLWEAutomorphismKey<DataSelf, FFT64> {
|
||||
|
||||
let cols_out: usize = rhs.rank_out() + 1;
|
||||
|
||||
let p: i64 = lhs.p();
|
||||
let p_inv = module.galois_element_inv(p);
|
||||
|
||||
(0..self.rank_in()).for_each(|col_i| {
|
||||
(0..self.rows()).for_each(|row_j| {
|
||||
let (mut tmp_idft_data, scratct1) = scratch.tmp_vec_znx_big(module, cols_out, self.size());
|
||||
let mut res_ct: GLWECiphertext<&mut [u8]> = self.at_mut(row_j, col_i);
|
||||
let lhs_ct: GLWECiphertext<&[u8]> = lhs.at(row_j, col_i);
|
||||
|
||||
{
|
||||
let (mut tmp_dft, scratch2) = scratct1.tmp_fourier_glwe_ct(module, lhs.basek(), lhs.k(), lhs.rank());
|
||||
|
||||
// Extracts relevant row
|
||||
lhs.get_row(module, row_j, col_i, &mut tmp_dft);
|
||||
|
||||
// Get a VecZnxBig from scratch space
|
||||
|
||||
// Switches input outside of DFT
|
||||
(0..cols_out).for_each(|i| {
|
||||
module.vec_znx_idft(&mut tmp_idft_data, i, &tmp_dft.data, i, scratch2);
|
||||
});
|
||||
}
|
||||
|
||||
// Consumes to small vec znx
|
||||
let mut tmp_idft_small_data: VecZnx<&mut [u8]> = tmp_idft_data.to_vec_znx_small();
|
||||
|
||||
// Reverts the automorphis key from (-pi^{-1}_{k}(s)a + s, a) to (-sa + pi_{k}(s), a)
|
||||
// Reverts the automorphism X^{-k}: (-pi^{-1}_{k}(s)a + s, a) to (-sa + pi_{k}(s), a)
|
||||
(0..cols_out).for_each(|i| {
|
||||
module.vec_znx_automorphism_inplace(lhs.p(), &mut tmp_idft_small_data, i);
|
||||
module.vec_znx_automorphism(lhs.p(), &mut res_ct.data, i, &lhs_ct.data, i);
|
||||
});
|
||||
|
||||
// Wraps into ciphertext
|
||||
let mut tmp_idft: GLWECiphertext<&mut [u8]> = GLWECiphertext::<&mut [u8]> {
|
||||
data: tmp_idft_small_data,
|
||||
basek: self.basek(),
|
||||
k: self.k(),
|
||||
};
|
||||
|
||||
// Key-switch (-sa + pi_{k}(s), a) to (-pi^{-1}_{k'}(s)a + pi_{k}(s), a)
|
||||
tmp_idft.keyswitch_inplace(module, &rhs.key, scratct1);
|
||||
res_ct.keyswitch_inplace(module, &rhs.key, scratch);
|
||||
|
||||
{
|
||||
let (mut tmp_dft, _) = scratct1.tmp_fourier_glwe_ct(module, self.basek(), self.k(), self.rank());
|
||||
|
||||
// Applies back the automorphism X^{k}: (-pi^{-1}_{k'}(s)a + pi_{k}(s), a) -> (-pi^{-1}_{k'+k}(s)a + s, a)
|
||||
// and switches back to DFT domain
|
||||
(0..self.rank_out() + 1).for_each(|i| {
|
||||
module.vec_znx_automorphism_inplace(lhs.p(), &mut tmp_idft.data, i);
|
||||
module.vec_znx_dft(1, 0, &mut tmp_dft.data, i, &tmp_idft.data, i);
|
||||
});
|
||||
|
||||
// Sets back the relevant row
|
||||
self.set_row(module, row_j, col_i, &tmp_dft);
|
||||
}
|
||||
// Applies back the automorphism X^{-k}: (-pi^{-1}_{k'}(s)a + pi_{k}(s), a) to (-pi^{-1}_{k'+k}(s)a + s, a)
|
||||
(0..cols_out).for_each(|i| {
|
||||
module.vec_znx_automorphism_inplace(p_inv, &mut res_ct.data, i);
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
let (mut tmp_dft, _) = scratch.tmp_fourier_glwe_ct(module, self.basek(), self.k(), self.rank());
|
||||
tmp_dft.data.zero();
|
||||
|
||||
(self.rows().min(lhs.rows())..self.rows()).for_each(|row_i| {
|
||||
(0..self.rank_in()).for_each(|col_j| {
|
||||
self.set_row(module, row_i, col_j, &tmp_dft);
|
||||
self.at_mut(row_i, col_j).data.zero();
|
||||
});
|
||||
});
|
||||
|
||||
self.p = (lhs.p * rhs.p) % (module.cyclotomic_order() as i64);
|
||||
}
|
||||
|
||||
pub fn automorphism_inplace<DataRhs: AsRef<[u8]>>(
|
||||
pub fn automorphism_inplace<DataRhs: DataRef, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
rhs: &GLWEAutomorphismKey<DataRhs, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
module: &Module<B>,
|
||||
rhs: &AutomorphismKeyExec<DataRhs, B>,
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
Module<B>: GLWEKeyswitchFamily<B> + VecZnxAutomorphism + VecZnxAutomorphismInplace,
|
||||
Scratch<B>: TakeVecZnxDft<B> + ScratchAvailable,
|
||||
{
|
||||
unsafe {
|
||||
let self_ptr: *mut GLWEAutomorphismKey<DataSelf, FFT64> = self as *mut GLWEAutomorphismKey<DataSelf, FFT64>;
|
||||
let self_ptr: *mut AutomorphismKey<DataSelf> = self as *mut AutomorphismKey<DataSelf>;
|
||||
self.automorphism(&module, &*self_ptr, rhs, scratch);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,27 +1,37 @@
|
||||
use backend::{Backend, FFT64, MatZnxDft, MatZnxDftOps, Module};
|
||||
use backend::hal::{
|
||||
api::{MatZnxAlloc, MatZnxAllocBytes},
|
||||
layouts::{Backend, Data, DataMut, DataRef, MatZnx, Module, ReaderFrom, Scratch, VmpPMat, WriterTo},
|
||||
};
|
||||
|
||||
use crate::{FourierGLWECiphertext, GLWESwitchingKey, GetRow, Infos, SetRow};
|
||||
use crate::{GGLWEExecLayoutFamily, GLWECiphertext, GLWESwitchingKey, GLWESwitchingKeyExec, Infos};
|
||||
|
||||
pub struct GLWEAutomorphismKey<Data, B: Backend> {
|
||||
pub(crate) key: GLWESwitchingKey<Data, B>,
|
||||
#[derive(PartialEq, Eq)]
|
||||
pub struct AutomorphismKey<D: Data> {
|
||||
pub(crate) key: GLWESwitchingKey<D>,
|
||||
pub(crate) p: i64,
|
||||
}
|
||||
|
||||
impl GLWEAutomorphismKey<Vec<u8>, FFT64> {
|
||||
pub fn alloc(module: &Module<FFT64>, basek: usize, k: usize, rows: usize, digits: usize, rank: usize) -> Self {
|
||||
GLWEAutomorphismKey {
|
||||
impl AutomorphismKey<Vec<u8>> {
|
||||
pub fn alloc<B: Backend>(module: &Module<B>, basek: usize, k: usize, rows: usize, digits: usize, rank: usize) -> Self
|
||||
where
|
||||
Module<B>: MatZnxAlloc,
|
||||
{
|
||||
AutomorphismKey {
|
||||
key: GLWESwitchingKey::alloc(module, basek, k, rows, digits, rank, rank),
|
||||
p: 0,
|
||||
}
|
||||
}
|
||||
|
||||
pub fn bytes_of(module: &Module<FFT64>, basek: usize, k: usize, rows: usize, digits: usize, rank: usize) -> usize {
|
||||
GLWESwitchingKey::<Vec<u8>, FFT64>::bytes_of(module, basek, k, rows, digits, rank, rank)
|
||||
pub fn bytes_of<B: Backend>(module: &Module<B>, basek: usize, k: usize, rows: usize, digits: usize, rank: usize) -> usize
|
||||
where
|
||||
Module<B>: MatZnxAllocBytes,
|
||||
{
|
||||
GLWESwitchingKey::<Vec<u8>>::bytes_of(module, basek, k, rows, digits, rank, rank)
|
||||
}
|
||||
}
|
||||
|
||||
impl<T, B: Backend> Infos for GLWEAutomorphismKey<T, B> {
|
||||
type Inner = MatZnxDft<T, B>;
|
||||
impl<D: Data> Infos for AutomorphismKey<D> {
|
||||
type Inner = MatZnx<D>;
|
||||
|
||||
fn inner(&self) -> &Self::Inner {
|
||||
&self.key.inner()
|
||||
@@ -36,7 +46,7 @@ impl<T, B: Backend> Infos for GLWEAutomorphismKey<T, B> {
|
||||
}
|
||||
}
|
||||
|
||||
impl<T, B: Backend> GLWEAutomorphismKey<T, B> {
|
||||
impl<D: Data> AutomorphismKey<D> {
|
||||
pub fn p(&self) -> i64 {
|
||||
self.p
|
||||
}
|
||||
@@ -58,26 +68,120 @@ impl<T, B: Backend> GLWEAutomorphismKey<T, B> {
|
||||
}
|
||||
}
|
||||
|
||||
impl<C: AsRef<[u8]>> GetRow<FFT64> for GLWEAutomorphismKey<C, FFT64> {
|
||||
fn get_row<R: AsMut<[u8]> + AsRef<[u8]>>(
|
||||
&self,
|
||||
module: &Module<FFT64>,
|
||||
row_i: usize,
|
||||
col_j: usize,
|
||||
res: &mut FourierGLWECiphertext<R, FFT64>,
|
||||
) {
|
||||
module.mat_znx_dft_get_row(&mut res.data, &self.key.key.data, row_i, col_j);
|
||||
impl<D: DataRef> AutomorphismKey<D> {
|
||||
pub fn at(&self, row: usize, col: usize) -> GLWECiphertext<&[u8]> {
|
||||
self.key.at(row, col)
|
||||
}
|
||||
}
|
||||
|
||||
impl<C: AsMut<[u8]> + AsRef<[u8]>> SetRow<FFT64> for GLWEAutomorphismKey<C, FFT64> {
|
||||
fn set_row<R: AsRef<[u8]>>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
row_i: usize,
|
||||
col_j: usize,
|
||||
a: &FourierGLWECiphertext<R, FFT64>,
|
||||
) {
|
||||
module.mat_znx_dft_set_row(&mut self.key.key.data, row_i, col_j, &a.data);
|
||||
impl<D: DataMut> AutomorphismKey<D> {
|
||||
pub fn at_mut(&mut self, row: usize, col: usize) -> GLWECiphertext<&mut [u8]> {
|
||||
self.key.at_mut(row, col)
|
||||
}
|
||||
}
|
||||
|
||||
use byteorder::{LittleEndian, ReadBytesExt, WriteBytesExt};
|
||||
|
||||
impl<D: DataMut> ReaderFrom for AutomorphismKey<D> {
|
||||
fn read_from<R: std::io::Read>(&mut self, reader: &mut R) -> std::io::Result<()> {
|
||||
self.p = reader.read_u64::<LittleEndian>()? as i64;
|
||||
self.key.read_from(reader)
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: DataRef> WriterTo for AutomorphismKey<D> {
|
||||
fn write_to<W: std::io::Write>(&self, writer: &mut W) -> std::io::Result<()> {
|
||||
writer.write_u64::<LittleEndian>(self.p as u64)?;
|
||||
self.key.write_to(writer)
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(PartialEq, Eq)]
|
||||
pub struct AutomorphismKeyExec<D: Data, B: Backend> {
|
||||
pub(crate) key: GLWESwitchingKeyExec<D, B>,
|
||||
pub(crate) p: i64,
|
||||
}
|
||||
|
||||
impl<B: Backend> AutomorphismKeyExec<Vec<u8>, B> {
|
||||
pub fn alloc(module: &Module<B>, basek: usize, k: usize, rows: usize, digits: usize, rank: usize) -> Self
|
||||
where
|
||||
Module<B>: GGLWEExecLayoutFamily<B>,
|
||||
{
|
||||
AutomorphismKeyExec::<Vec<u8>, B> {
|
||||
key: GLWESwitchingKeyExec::alloc(module, basek, k, rows, digits, rank, rank),
|
||||
p: 0,
|
||||
}
|
||||
}
|
||||
|
||||
pub fn bytes_of(module: &Module<B>, basek: usize, k: usize, rows: usize, digits: usize, rank: usize) -> usize
|
||||
where
|
||||
Module<B>: GGLWEExecLayoutFamily<B>,
|
||||
{
|
||||
GLWESwitchingKeyExec::<Vec<u8>, B>::bytes_of(module, basek, k, rows, digits, rank, rank)
|
||||
}
|
||||
|
||||
pub fn from<DataOther: DataRef>(module: &Module<B>, other: &AutomorphismKey<DataOther>, scratch: &mut Scratch<B>) -> Self
|
||||
where
|
||||
Module<B>: GGLWEExecLayoutFamily<B>,
|
||||
{
|
||||
let mut atk_exec: AutomorphismKeyExec<Vec<u8>, B> = Self::alloc(
|
||||
module,
|
||||
other.basek(),
|
||||
other.k(),
|
||||
other.rows(),
|
||||
other.digits(),
|
||||
other.rank(),
|
||||
);
|
||||
atk_exec.prepare(module, other, scratch);
|
||||
atk_exec
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: DataMut, B: Backend> AutomorphismKeyExec<D, B> {
|
||||
pub fn prepare<DataOther>(&mut self, module: &Module<B>, other: &AutomorphismKey<DataOther>, scratch: &mut Scratch<B>)
|
||||
where
|
||||
DataOther: DataRef,
|
||||
Module<B>: GGLWEExecLayoutFamily<B>,
|
||||
{
|
||||
self.key.prepare(module, &other.key, scratch);
|
||||
self.p = other.p;
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: Data, B: Backend> Infos for AutomorphismKeyExec<D, B> {
|
||||
type Inner = VmpPMat<D, B>;
|
||||
|
||||
fn inner(&self) -> &Self::Inner {
|
||||
&self.key.inner()
|
||||
}
|
||||
|
||||
fn basek(&self) -> usize {
|
||||
self.key.basek()
|
||||
}
|
||||
|
||||
fn k(&self) -> usize {
|
||||
self.key.k()
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: Data, B: Backend> AutomorphismKeyExec<D, B> {
|
||||
pub fn p(&self) -> i64 {
|
||||
self.p
|
||||
}
|
||||
|
||||
pub fn digits(&self) -> usize {
|
||||
self.key.digits()
|
||||
}
|
||||
|
||||
pub fn rank(&self) -> usize {
|
||||
self.key.rank()
|
||||
}
|
||||
|
||||
pub fn rank_in(&self) -> usize {
|
||||
self.key.rank_in()
|
||||
}
|
||||
|
||||
pub fn rank_out(&self) -> usize {
|
||||
self.key.rank_out()
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,131 +0,0 @@
|
||||
use backend::{Backend, FFT64, MatZnxDft, MatZnxDftAlloc, MatZnxDftOps, Module};
|
||||
|
||||
use crate::{FourierGLWECiphertext, GetRow, Infos, SetRow};
|
||||
|
||||
pub struct GGLWECiphertext<C, B: Backend> {
|
||||
pub(crate) data: MatZnxDft<C, B>,
|
||||
pub(crate) basek: usize,
|
||||
pub(crate) k: usize,
|
||||
pub(crate) digits: usize,
|
||||
}
|
||||
|
||||
impl<B: Backend> GGLWECiphertext<Vec<u8>, B> {
|
||||
pub fn alloc(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rows: usize,
|
||||
digits: usize,
|
||||
rank_in: usize,
|
||||
rank_out: usize,
|
||||
) -> Self {
|
||||
let size: usize = k.div_ceil(basek);
|
||||
debug_assert!(
|
||||
size > digits,
|
||||
"invalid gglwe: ceil(k/basek): {} <= digits: {}",
|
||||
size,
|
||||
digits
|
||||
);
|
||||
|
||||
assert!(
|
||||
rows * digits <= size,
|
||||
"invalid gglwe: rows: {} * digits:{} > ceil(k/basek): {}",
|
||||
rows,
|
||||
digits,
|
||||
size
|
||||
);
|
||||
|
||||
Self {
|
||||
data: module.new_mat_znx_dft(rows, rank_in, rank_out + 1, size),
|
||||
basek: basek,
|
||||
k,
|
||||
digits,
|
||||
}
|
||||
}
|
||||
|
||||
pub fn bytes_of(
|
||||
module: &Module<FFT64>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rows: usize,
|
||||
digits: usize,
|
||||
rank_in: usize,
|
||||
rank_out: usize,
|
||||
) -> usize {
|
||||
let size: usize = k.div_ceil(basek);
|
||||
debug_assert!(
|
||||
size > digits,
|
||||
"invalid gglwe: ceil(k/basek): {} <= digits: {}",
|
||||
size,
|
||||
digits
|
||||
);
|
||||
|
||||
assert!(
|
||||
rows * digits <= size,
|
||||
"invalid gglwe: rows: {} * digits:{} > ceil(k/basek): {}",
|
||||
rows,
|
||||
digits,
|
||||
size
|
||||
);
|
||||
|
||||
module.bytes_of_mat_znx_dft(rows, rank_in, rank_out + 1, rows)
|
||||
}
|
||||
}
|
||||
|
||||
impl<T, B: Backend> Infos for GGLWECiphertext<T, B> {
|
||||
type Inner = MatZnxDft<T, B>;
|
||||
|
||||
fn inner(&self) -> &Self::Inner {
|
||||
&self.data
|
||||
}
|
||||
|
||||
fn basek(&self) -> usize {
|
||||
self.basek
|
||||
}
|
||||
|
||||
fn k(&self) -> usize {
|
||||
self.k
|
||||
}
|
||||
}
|
||||
|
||||
impl<T, B: Backend> GGLWECiphertext<T, B> {
|
||||
pub fn rank(&self) -> usize {
|
||||
self.data.cols_out() - 1
|
||||
}
|
||||
|
||||
pub fn digits(&self) -> usize {
|
||||
self.digits
|
||||
}
|
||||
|
||||
pub fn rank_in(&self) -> usize {
|
||||
self.data.cols_in()
|
||||
}
|
||||
|
||||
pub fn rank_out(&self) -> usize {
|
||||
self.data.cols_out() - 1
|
||||
}
|
||||
}
|
||||
|
||||
impl<C: AsRef<[u8]>> GetRow<FFT64> for GGLWECiphertext<C, FFT64> {
|
||||
fn get_row<R: AsMut<[u8]> + AsRef<[u8]>>(
|
||||
&self,
|
||||
module: &Module<FFT64>,
|
||||
row_i: usize,
|
||||
col_j: usize,
|
||||
res: &mut FourierGLWECiphertext<R, FFT64>,
|
||||
) {
|
||||
module.mat_znx_dft_get_row(&mut res.data, &self.data, row_i, col_j);
|
||||
}
|
||||
}
|
||||
|
||||
impl<C: AsMut<[u8]> + AsRef<[u8]>> SetRow<FFT64> for GGLWECiphertext<C, FFT64> {
|
||||
fn set_row<R: AsRef<[u8]>>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
row_i: usize,
|
||||
col_j: usize,
|
||||
a: &FourierGLWECiphertext<R, FFT64>,
|
||||
) {
|
||||
module.mat_znx_dft_set_row(&mut self.data, row_i, col_j, &a.data);
|
||||
}
|
||||
}
|
||||
@@ -1,41 +1,52 @@
|
||||
use backend::{
|
||||
FFT64, Module, ScalarZnx, ScalarZnxAlloc, ScalarZnxDftOps, ScalarZnxOps, Scratch, VecZnxAlloc, VecZnxDftAlloc, VecZnxOps,
|
||||
ZnxInfos, ZnxView, ZnxViewMut, ZnxZero,
|
||||
use backend::hal::{
|
||||
api::{
|
||||
ScalarZnxAllocBytes, ScalarZnxAutomorphism, ScratchAvailable, SvpApply, TakeScalarZnx, TakeVecZnx, TakeVecZnxBig,
|
||||
TakeVecZnxDft, VecZnxAddScalarInplace, VecZnxAllocBytes, VecZnxBigAllocBytes, VecZnxDftToVecZnxBigTmpA,
|
||||
VecZnxNormalizeInplace, VecZnxNormalizeTmpBytes, VecZnxSwithcDegree, ZnxZero,
|
||||
},
|
||||
layouts::{Backend, DataMut, DataRef, Module, ScalarZnx, Scratch},
|
||||
};
|
||||
use sampling::source::Source;
|
||||
|
||||
use crate::{
|
||||
FourierGLWESecret, GGLWECiphertext, GLWEAutomorphismKey, GLWECiphertext, GLWESecret, GLWESwitchingKey, GLWETensorKey, Infos,
|
||||
ScratchCore, SetRow,
|
||||
AutomorphismKey, GGLWECiphertext, GLWECiphertext, GLWEDecryptFamily, GLWEEncryptSkFamily, GLWEPlaintext, GLWESecret,
|
||||
GLWESecretExec, GLWESecretFamily, GLWESwitchingKey, GLWETensorKey, Infos, TakeGLWEPt, TakeGLWESecret, TakeGLWESecretExec,
|
||||
};
|
||||
|
||||
impl GGLWECiphertext<Vec<u8>, FFT64> {
|
||||
pub fn encrypt_sk_scratch_space(module: &Module<FFT64>, basek: usize, k: usize, rank: usize) -> usize {
|
||||
let size = k.div_ceil(basek);
|
||||
pub trait GGLWEEncryptSkFamily<B: Backend> = GLWEEncryptSkFamily<B> + GLWESecretFamily<B>;
|
||||
|
||||
impl GGLWECiphertext<Vec<u8>> {
|
||||
pub fn encrypt_sk_scratch_space<B: Backend>(module: &Module<B>, basek: usize, k: usize) -> usize
|
||||
where
|
||||
Module<B>: GGLWEEncryptSkFamily<B> + VecZnxAllocBytes,
|
||||
{
|
||||
GLWECiphertext::encrypt_sk_scratch_space(module, basek, k)
|
||||
+ module.bytes_of_vec_znx(rank + 1, size)
|
||||
+ module.bytes_of_vec_znx(1, size)
|
||||
+ module.bytes_of_vec_znx_dft(rank + 1, size)
|
||||
+ (GLWEPlaintext::byte_of(module, basek, k) | module.vec_znx_normalize_tmp_bytes(module.n()))
|
||||
}
|
||||
|
||||
pub fn encrypt_pk_scratch_space(_module: &Module<FFT64>, _basek: usize, _k: usize, _rank: usize) -> usize {
|
||||
pub fn encrypt_pk_scratch_space<B: Backend>(_module: &Module<B>, _basek: usize, _k: usize, _rank: usize) -> usize {
|
||||
unimplemented!()
|
||||
}
|
||||
}
|
||||
|
||||
impl<DataSelf: AsMut<[u8]> + AsRef<[u8]>> GGLWECiphertext<DataSelf, FFT64> {
|
||||
pub fn encrypt_sk<DataPt: AsRef<[u8]>, DataSk: AsRef<[u8]>>(
|
||||
impl<DataSelf: DataMut> GGLWECiphertext<DataSelf> {
|
||||
pub fn encrypt_sk<DataPt: DataRef, DataSk: DataRef, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
module: &Module<B>,
|
||||
pt: &ScalarZnx<DataPt>,
|
||||
sk: &FourierGLWESecret<DataSk, FFT64>,
|
||||
sk: &GLWESecretExec<DataSk, B>,
|
||||
source_xa: &mut Source,
|
||||
source_xe: &mut Source,
|
||||
sigma: f64,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
Module<B>: GGLWEEncryptSkFamily<B> + VecZnxAllocBytes + VecZnxAddScalarInplace,
|
||||
Scratch<B>: TakeVecZnxDft<B> + ScratchAvailable + TakeVecZnx<B>,
|
||||
{
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
use backend::hal::api::ZnxInfos;
|
||||
|
||||
assert_eq!(
|
||||
self.rank_in(),
|
||||
pt.cols(),
|
||||
@@ -54,12 +65,12 @@ impl<DataSelf: AsMut<[u8]> + AsRef<[u8]>> GGLWECiphertext<DataSelf, FFT64> {
|
||||
assert_eq!(sk.n(), module.n());
|
||||
assert_eq!(pt.n(), module.n());
|
||||
assert!(
|
||||
scratch.available() >= GGLWECiphertext::encrypt_sk_scratch_space(module, self.basek(), self.k(), self.rank()),
|
||||
scratch.available() >= GGLWECiphertext::encrypt_sk_scratch_space(module, self.basek(), self.k()),
|
||||
"scratch.available: {} < GGLWECiphertext::encrypt_sk_scratch_space(module, self.rank()={}, self.size()={}): {}",
|
||||
scratch.available(),
|
||||
self.rank(),
|
||||
self.size(),
|
||||
GGLWECiphertext::encrypt_sk_scratch_space(module, self.basek(), self.k(), self.rank())
|
||||
GGLWECiphertext::encrypt_sk_scratch_space(module, self.basek(), self.k())
|
||||
);
|
||||
assert!(
|
||||
self.rows() * self.digits() * self.basek() <= self.k(),
|
||||
@@ -77,12 +88,8 @@ impl<DataSelf: AsMut<[u8]> + AsRef<[u8]>> GGLWECiphertext<DataSelf, FFT64> {
|
||||
let basek: usize = self.basek();
|
||||
let k: usize = self.k();
|
||||
let rank_in: usize = self.rank_in();
|
||||
let rank_out: usize = self.rank_out();
|
||||
|
||||
let (mut tmp_pt, scrach_1) = scratch.tmp_glwe_pt(module, basek, k);
|
||||
let (mut tmp_ct, scrach_2) = scrach_1.tmp_glwe_ct(module, basek, k, rank_out);
|
||||
let (mut tmp_ct_dft, scratch_3) = scrach_2.tmp_fourier_glwe_ct(module, basek, k, rank_out);
|
||||
|
||||
let (mut tmp_pt, scrach_1) = scratch.take_glwe_pt(module, basek, k);
|
||||
// For each input column (i.e. rank) produces a GGLWE ciphertext of rank_out+1 columns
|
||||
//
|
||||
// Example for ksk rank 2 to rank 3:
|
||||
@@ -105,30 +112,36 @@ impl<DataSelf: AsMut<[u8]> + AsRef<[u8]>> GGLWECiphertext<DataSelf, FFT64> {
|
||||
pt,
|
||||
col_i,
|
||||
);
|
||||
module.vec_znx_normalize_inplace(basek, &mut tmp_pt.data, 0, scratch_3);
|
||||
module.vec_znx_normalize_inplace(basek, &mut tmp_pt.data, 0, scrach_1);
|
||||
|
||||
// rlwe encrypt of vec_znx_pt into vec_znx_ct
|
||||
tmp_ct.encrypt_sk(module, &tmp_pt, sk, source_xa, source_xe, sigma, scratch_3);
|
||||
|
||||
// Switch vec_znx_ct into DFT domain
|
||||
tmp_ct.dft(module, &mut tmp_ct_dft);
|
||||
|
||||
// Stores vec_znx_dft_ct into thw i-th row of the MatZnxDft
|
||||
self.set_row(module, row_i, col_i, &tmp_ct_dft);
|
||||
self.at_mut(row_i, col_i)
|
||||
.encrypt_sk(module, &tmp_pt, sk, source_xa, source_xe, sigma, scrach_1);
|
||||
});
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
impl GLWESwitchingKey<Vec<u8>, FFT64> {
|
||||
pub fn encrypt_sk_scratch_space(module: &Module<FFT64>, basek: usize, k: usize, rank_in: usize, rank_out: usize) -> usize {
|
||||
GGLWECiphertext::encrypt_sk_scratch_space(module, basek, k, rank_out)
|
||||
+ module.bytes_of_scalar_znx(rank_in)
|
||||
+ FourierGLWESecret::bytes_of(module, rank_out)
|
||||
pub trait GLWESwitchingKeyEncryptSkFamily<B: Backend> = GGLWEEncryptSkFamily<B>;
|
||||
|
||||
impl GLWESwitchingKey<Vec<u8>> {
|
||||
pub fn encrypt_sk_scratch_space<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rank_in: usize,
|
||||
rank_out: usize,
|
||||
) -> usize
|
||||
where
|
||||
Module<B>: GLWESwitchingKeyEncryptSkFamily<B> + ScalarZnxAllocBytes + VecZnxAllocBytes,
|
||||
{
|
||||
(GGLWECiphertext::encrypt_sk_scratch_space(module, basek, k) | module.scalar_znx_alloc_bytes(1))
|
||||
+ module.scalar_znx_alloc_bytes(rank_in)
|
||||
+ GLWESecretExec::bytes_of(module, rank_out)
|
||||
}
|
||||
|
||||
pub fn encrypt_pk_scratch_space(
|
||||
module: &Module<FFT64>,
|
||||
pub fn encrypt_pk_scratch_space<B: Backend>(
|
||||
module: &Module<B>,
|
||||
_basek: usize,
|
||||
_k: usize,
|
||||
_rank_in: usize,
|
||||
@@ -138,46 +151,63 @@ impl GLWESwitchingKey<Vec<u8>, FFT64> {
|
||||
}
|
||||
}
|
||||
|
||||
impl<DataSelf: AsMut<[u8]> + AsRef<[u8]>> GLWESwitchingKey<DataSelf, FFT64> {
|
||||
pub fn encrypt_sk<DataSkIn: AsRef<[u8]>, DataSkOut: AsRef<[u8]>>(
|
||||
impl<DataSelf: DataMut> GLWESwitchingKey<DataSelf> {
|
||||
pub fn encrypt_sk<DataSkIn: DataRef, DataSkOut: DataRef, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
module: &Module<B>,
|
||||
sk_in: &GLWESecret<DataSkIn>,
|
||||
sk_out: &FourierGLWESecret<DataSkOut, FFT64>,
|
||||
sk_out: &GLWESecret<DataSkOut>,
|
||||
source_xa: &mut Source,
|
||||
source_xe: &mut Source,
|
||||
sigma: f64,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
Module<B>: GLWESwitchingKeyEncryptSkFamily<B>
|
||||
+ ScalarZnxAllocBytes
|
||||
+ VecZnxSwithcDegree
|
||||
+ VecZnxAllocBytes
|
||||
+ VecZnxAddScalarInplace,
|
||||
Scratch<B>:
|
||||
ScratchAvailable + TakeScalarZnx<B> + TakeVecZnxDft<B> + TakeGLWESecretExec<B> + ScratchAvailable + TakeVecZnx<B>,
|
||||
{
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
assert!(sk_in.n() <= module.n());
|
||||
assert!(sk_out.n() <= module.n());
|
||||
assert!(
|
||||
scratch.available()
|
||||
>= GLWESwitchingKey::encrypt_sk_scratch_space(
|
||||
module,
|
||||
self.basek(),
|
||||
self.k(),
|
||||
self.rank_in(),
|
||||
self.rank_out()
|
||||
),
|
||||
"scratch.available()={} < GLWESwitchingKey::encrypt_sk_scratch_space={}",
|
||||
scratch.available(),
|
||||
GLWESwitchingKey::encrypt_sk_scratch_space(
|
||||
module,
|
||||
self.basek(),
|
||||
self.k(),
|
||||
self.rank_in(),
|
||||
self.rank_out()
|
||||
)
|
||||
)
|
||||
}
|
||||
|
||||
let (mut sk_in_tmp, scratch1) = scratch.tmp_scalar_znx(module, sk_in.rank());
|
||||
sk_in_tmp.zero();
|
||||
|
||||
let (mut sk_in_tmp, scratch1) = scratch.take_scalar_znx(module, sk_in.rank());
|
||||
(0..sk_in.rank()).for_each(|i| {
|
||||
sk_in_tmp
|
||||
.at_mut(i, 0)
|
||||
.iter_mut()
|
||||
.step_by(module.n() / sk_in.n())
|
||||
.zip(sk_in.data.at(i, 0).iter())
|
||||
.for_each(|(x, y)| *x = *y);
|
||||
module.vec_znx_switch_degree(&mut sk_in_tmp, i, &sk_in.data, i);
|
||||
});
|
||||
|
||||
let (mut sk_out_tmp, scratch2) = scratch1.tmp_fourier_glwe_secret(module, sk_out.rank());
|
||||
(0..sk_out.rank()).for_each(|i| {
|
||||
sk_out_tmp
|
||||
.data
|
||||
.at_mut(i, 0)
|
||||
.chunks_exact_mut(module.n() / sk_out.n())
|
||||
.zip(sk_out.data.at(i, 0).iter())
|
||||
.for_each(|(a_chunk, &b_elem)| {
|
||||
a_chunk.fill(b_elem);
|
||||
});
|
||||
});
|
||||
let (mut sk_out_tmp, scratch2) = scratch1.take_glwe_secret_exec(module, sk_out.rank());
|
||||
{
|
||||
let (mut tmp, _) = scratch2.take_scalar_znx(module, 1);
|
||||
(0..sk_out.rank()).for_each(|i| {
|
||||
module.vec_znx_switch_degree(&mut tmp, 0, &sk_out.data, i);
|
||||
module.svp_prepare(&mut sk_out_tmp.data, i, &tmp, 0);
|
||||
});
|
||||
}
|
||||
|
||||
self.key.encrypt_sk(
|
||||
module,
|
||||
@@ -193,27 +223,40 @@ impl<DataSelf: AsMut<[u8]> + AsRef<[u8]>> GLWESwitchingKey<DataSelf, FFT64> {
|
||||
}
|
||||
}
|
||||
|
||||
impl GLWEAutomorphismKey<Vec<u8>, FFT64> {
|
||||
pub fn encrypt_sk_scratch_space(module: &Module<FFT64>, basek: usize, k: usize, rank: usize) -> usize {
|
||||
pub trait AutomorphismKeyEncryptSkFamily<B: Backend> = GGLWEEncryptSkFamily<B>;
|
||||
|
||||
impl AutomorphismKey<Vec<u8>> {
|
||||
pub fn encrypt_sk_scratch_space<B: Backend>(module: &Module<B>, basek: usize, k: usize, rank: usize) -> usize
|
||||
where
|
||||
Module<B>: AutomorphismKeyEncryptSkFamily<B> + ScalarZnxAllocBytes + VecZnxAllocBytes,
|
||||
{
|
||||
GLWESwitchingKey::encrypt_sk_scratch_space(module, basek, k, rank, rank) + GLWESecret::bytes_of(module, rank)
|
||||
}
|
||||
|
||||
pub fn encrypt_pk_scratch_space(module: &Module<FFT64>, _basek: usize, _k: usize, _rank: usize) -> usize {
|
||||
pub fn encrypt_pk_scratch_space<B: Backend>(module: &Module<B>, _basek: usize, _k: usize, _rank: usize) -> usize {
|
||||
GLWESwitchingKey::encrypt_pk_scratch_space(module, _basek, _k, _rank, _rank)
|
||||
}
|
||||
}
|
||||
|
||||
impl<DataSelf: AsMut<[u8]> + AsRef<[u8]>> GLWEAutomorphismKey<DataSelf, FFT64> {
|
||||
pub fn encrypt_sk<DataSk: AsRef<[u8]>>(
|
||||
impl<DataSelf: DataMut> AutomorphismKey<DataSelf> {
|
||||
pub fn encrypt_sk<DataSk: DataRef, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
module: &Module<B>,
|
||||
p: i64,
|
||||
sk: &GLWESecret<DataSk>,
|
||||
source_xa: &mut Source,
|
||||
source_xe: &mut Source,
|
||||
sigma: f64,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
Module<B>: AutomorphismKeyEncryptSkFamily<B>
|
||||
+ ScalarZnxAutomorphism
|
||||
+ ScalarZnxAllocBytes
|
||||
+ VecZnxAllocBytes
|
||||
+ VecZnxSwithcDegree
|
||||
+ VecZnxAddScalarInplace,
|
||||
Scratch<B>: ScratchAvailable + TakeScalarZnx<B> + TakeVecZnxDft<B> + TakeGLWESecretExec<B> + TakeVecZnx<B>,
|
||||
{
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
assert_eq!(self.n(), module.n());
|
||||
@@ -221,19 +264,18 @@ impl<DataSelf: AsMut<[u8]> + AsRef<[u8]>> GLWEAutomorphismKey<DataSelf, FFT64> {
|
||||
assert_eq!(self.rank_out(), self.rank_in());
|
||||
assert_eq!(sk.rank(), self.rank());
|
||||
assert!(
|
||||
scratch.available() >= GLWEAutomorphismKey::encrypt_sk_scratch_space(module, self.basek(), self.k(), self.rank()),
|
||||
scratch.available() >= AutomorphismKey::encrypt_sk_scratch_space(module, self.basek(), self.k(), self.rank()),
|
||||
"scratch.available(): {} < AutomorphismKey::encrypt_sk_scratch_space(module, self.rank()={}, self.size()={}): {}",
|
||||
scratch.available(),
|
||||
self.rank(),
|
||||
self.size(),
|
||||
GLWEAutomorphismKey::encrypt_sk_scratch_space(module, self.basek(), self.k(), self.rank())
|
||||
AutomorphismKey::encrypt_sk_scratch_space(module, self.basek(), self.k(), self.rank())
|
||||
)
|
||||
}
|
||||
|
||||
let (mut sk_out_dft, scratch_1) = scratch.tmp_fourier_glwe_secret(module, sk.rank());
|
||||
let (mut sk_out, scratch_1) = scratch.take_glwe_secret(module, sk.rank());
|
||||
|
||||
{
|
||||
let (mut sk_out, _) = scratch_1.tmp_glwe_secret(module, sk.rank());
|
||||
(0..self.rank()).for_each(|i| {
|
||||
module.scalar_znx_automorphism(
|
||||
module.galois_element_inv(p),
|
||||
@@ -243,41 +285,50 @@ impl<DataSelf: AsMut<[u8]> + AsRef<[u8]>> GLWEAutomorphismKey<DataSelf, FFT64> {
|
||||
i,
|
||||
);
|
||||
});
|
||||
sk_out_dft.set(module, &sk_out);
|
||||
}
|
||||
|
||||
self.key.encrypt_sk(
|
||||
module,
|
||||
&sk,
|
||||
&sk_out_dft,
|
||||
source_xa,
|
||||
source_xe,
|
||||
sigma,
|
||||
scratch_1,
|
||||
);
|
||||
self.key
|
||||
.encrypt_sk(module, &sk, &sk_out, source_xa, source_xe, sigma, scratch_1);
|
||||
|
||||
self.p = p;
|
||||
}
|
||||
}
|
||||
|
||||
impl GLWETensorKey<Vec<u8>, FFT64> {
|
||||
pub fn encrypt_sk_scratch_space(module: &Module<FFT64>, basek: usize, k: usize, rank: usize) -> usize {
|
||||
GLWESecret::bytes_of(module, 1)
|
||||
+ FourierGLWESecret::bytes_of(module, 1)
|
||||
pub trait GLWETensorKeyEncryptSkFamily<B: Backend> =
|
||||
GGLWEEncryptSkFamily<B> + VecZnxBigAllocBytes + VecZnxDftToVecZnxBigTmpA<B> + SvpApply<B>;
|
||||
|
||||
impl GLWETensorKey<Vec<u8>> {
|
||||
pub fn encrypt_sk_scratch_space<B: Backend>(module: &Module<B>, basek: usize, k: usize, rank: usize) -> usize
|
||||
where
|
||||
Module<B>: GLWETensorKeyEncryptSkFamily<B> + ScalarZnxAllocBytes + VecZnxAllocBytes,
|
||||
{
|
||||
GLWESecretExec::bytes_of(module, rank)
|
||||
+ module.vec_znx_dft_alloc_bytes(rank, 1)
|
||||
+ module.vec_znx_big_alloc_bytes(1, 1)
|
||||
+ module.vec_znx_dft_alloc_bytes(1, 1)
|
||||
+ GLWESecret::bytes_of(module, 1)
|
||||
+ GLWESwitchingKey::encrypt_sk_scratch_space(module, basek, k, rank, rank)
|
||||
}
|
||||
}
|
||||
|
||||
impl<DataSelf: AsMut<[u8]> + AsRef<[u8]>> GLWETensorKey<DataSelf, FFT64> {
|
||||
pub fn encrypt_sk<DataSk: AsRef<[u8]>>(
|
||||
impl<DataSelf: DataMut> GLWETensorKey<DataSelf> {
|
||||
pub fn encrypt_sk<DataSk: DataRef, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
sk: &FourierGLWESecret<DataSk, FFT64>,
|
||||
module: &Module<B>,
|
||||
sk: &GLWESecret<DataSk>,
|
||||
source_xa: &mut Source,
|
||||
source_xe: &mut Source,
|
||||
sigma: f64,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
Module<B>: GLWETensorKeyEncryptSkFamily<B>
|
||||
+ ScalarZnxAllocBytes
|
||||
+ VecZnxSwithcDegree
|
||||
+ VecZnxAllocBytes
|
||||
+ VecZnxAddScalarInplace,
|
||||
Scratch<B>:
|
||||
ScratchAvailable + TakeVecZnxDft<B> + TakeVecZnxBig<B> + TakeGLWESecretExec<B> + TakeScalarZnx<B> + TakeVecZnx<B>,
|
||||
{
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
assert_eq!(self.rank(), sk.rank());
|
||||
@@ -287,15 +338,28 @@ impl<DataSelf: AsMut<[u8]> + AsRef<[u8]>> GLWETensorKey<DataSelf, FFT64> {
|
||||
|
||||
let rank: usize = self.rank();
|
||||
|
||||
let (mut sk_ij, scratch1) = scratch.tmp_glwe_secret(module, 1);
|
||||
let (mut sk_ij_dft, scratch2) = scratch1.tmp_fourier_glwe_secret(module, 1);
|
||||
let (mut sk_dft_prep, scratch1) = scratch.take_glwe_secret_exec(module, rank);
|
||||
sk_dft_prep.prepare(module, &sk);
|
||||
|
||||
let (mut sk_dft, scratch2) = scratch1.take_vec_znx_dft(module, rank, 1);
|
||||
|
||||
(0..rank).for_each(|i| {
|
||||
module.vec_znx_dft_from_vec_znx(1, 0, &mut sk_dft, i, &sk.data, i);
|
||||
});
|
||||
|
||||
let (mut sk_ij_big, scratch3) = scratch2.take_vec_znx_big(module, 1, 1);
|
||||
let (mut sk_ij, scratch4) = scratch3.take_glwe_secret(module, 1);
|
||||
let (mut sk_ij_dft, scratch5) = scratch4.take_vec_znx_dft(module, 1, 1);
|
||||
|
||||
(0..rank).for_each(|i| {
|
||||
(i..rank).for_each(|j| {
|
||||
module.svp_apply(&mut sk_ij_dft.data, 0, &sk.data, i, &sk.data, j);
|
||||
module.scalar_znx_idft(&mut sk_ij.data, 0, &sk_ij_dft.data, 0, scratch2);
|
||||
module.svp_apply(&mut sk_ij_dft, 0, &sk_dft_prep.data, j, &sk_dft, i);
|
||||
|
||||
module.vec_znx_dft_to_vec_znx_big_tmp_a(&mut sk_ij_big, 0, &mut sk_ij_dft, 0);
|
||||
module.vec_znx_big_normalize(self.basek(), &mut sk_ij.data, 0, &sk_ij_big, 0, scratch5);
|
||||
|
||||
self.at_mut(i, j)
|
||||
.encrypt_sk(module, &sk_ij, sk, source_xa, source_xe, sigma, scratch2);
|
||||
.encrypt_sk(module, &sk_ij, sk, source_xa, source_xe, sigma, scratch5);
|
||||
});
|
||||
})
|
||||
}
|
||||
|
||||
@@ -1,46 +1,52 @@
|
||||
use backend::{FFT64, Module, Scratch, ZnxZero};
|
||||
use backend::hal::{
|
||||
api::{ScratchAvailable, TakeVecZnxDft, ZnxZero},
|
||||
layouts::{Backend, DataMut, DataRef, Module, Scratch},
|
||||
};
|
||||
|
||||
use crate::{FourierGLWECiphertext, GGSWCiphertext, GLWEAutomorphismKey, GLWESwitchingKey, GetRow, Infos, ScratchCore, SetRow};
|
||||
use crate::{AutomorphismKey, GGSWCiphertextExec, GLWECiphertext, GLWEExternalProductFamily, GLWESwitchingKey, Infos};
|
||||
|
||||
impl GLWESwitchingKey<Vec<u8>, FFT64> {
|
||||
pub fn external_product_scratch_space(
|
||||
module: &Module<FFT64>,
|
||||
impl GLWESwitchingKey<Vec<u8>> {
|
||||
pub fn external_product_scratch_space<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k_out: usize,
|
||||
k_in: usize,
|
||||
k_ggsw: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> usize {
|
||||
let tmp_in: usize = FourierGLWECiphertext::bytes_of(module, basek, k_in, rank);
|
||||
let tmp_out: usize = FourierGLWECiphertext::bytes_of(module, basek, k_out, rank);
|
||||
let ggsw: usize = FourierGLWECiphertext::external_product_scratch_space(module, basek, k_out, k_in, k_ggsw, digits, rank);
|
||||
tmp_in + tmp_out + ggsw
|
||||
) -> usize
|
||||
where
|
||||
Module<B>: GLWEExternalProductFamily<B>,
|
||||
{
|
||||
GLWECiphertext::external_product_scratch_space(module, basek, k_out, k_in, k_ggsw, digits, rank)
|
||||
}
|
||||
|
||||
pub fn external_product_inplace_scratch_space(
|
||||
module: &Module<FFT64>,
|
||||
pub fn external_product_inplace_scratch_space<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k_out: usize,
|
||||
k_ggsw: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> usize {
|
||||
let tmp: usize = FourierGLWECiphertext::bytes_of(module, basek, k_out, rank);
|
||||
let ggsw: usize =
|
||||
FourierGLWECiphertext::external_product_inplace_scratch_space(module, basek, k_out, k_ggsw, digits, rank);
|
||||
tmp + ggsw
|
||||
) -> usize
|
||||
where
|
||||
Module<B>: GLWEExternalProductFamily<B>,
|
||||
{
|
||||
GLWECiphertext::external_product_inplace_scratch_space(module, basek, k_out, k_ggsw, digits, rank)
|
||||
}
|
||||
}
|
||||
|
||||
impl<DataSelf: AsMut<[u8]> + AsRef<[u8]>> GLWESwitchingKey<DataSelf, FFT64> {
|
||||
pub fn external_product<DataLhs: AsRef<[u8]>, DataRhs: AsRef<[u8]>>(
|
||||
impl<DataSelf: DataMut> GLWESwitchingKey<DataSelf> {
|
||||
pub fn external_product<DataLhs: DataRef, DataRhs: DataRef, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
lhs: &GLWESwitchingKey<DataLhs, FFT64>,
|
||||
rhs: &GGSWCiphertext<DataRhs, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
module: &Module<B>,
|
||||
lhs: &GLWESwitchingKey<DataLhs>,
|
||||
rhs: &GGSWCiphertextExec<DataRhs, B>,
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
Module<B>: GLWEExternalProductFamily<B>,
|
||||
Scratch<B>: TakeVecZnxDft<B> + ScratchAvailable,
|
||||
{
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
assert_eq!(
|
||||
@@ -66,32 +72,29 @@ impl<DataSelf: AsMut<[u8]> + AsRef<[u8]>> GLWESwitchingKey<DataSelf, FFT64> {
|
||||
);
|
||||
}
|
||||
|
||||
let (mut tmp_in, scratch1) = scratch.tmp_fourier_glwe_ct(module, lhs.basek(), lhs.k(), lhs.rank());
|
||||
let (mut tmp_out, scratch2) = scratch1.tmp_fourier_glwe_ct(module, self.basek(), self.k(), self.rank());
|
||||
|
||||
(0..self.rank_in()).for_each(|col_i| {
|
||||
(0..self.rows()).for_each(|row_j| {
|
||||
lhs.get_row(module, row_j, col_i, &mut tmp_in);
|
||||
tmp_out.external_product(module, &tmp_in, rhs, scratch2);
|
||||
self.set_row(module, row_j, col_i, &tmp_out);
|
||||
self.at_mut(row_j, col_i)
|
||||
.external_product(module, &lhs.at(row_j, col_i), rhs, scratch);
|
||||
});
|
||||
});
|
||||
|
||||
tmp_out.data.zero();
|
||||
|
||||
(self.rows().min(lhs.rows())..self.rows()).for_each(|row_i| {
|
||||
(0..self.rank_in()).for_each(|col_j| {
|
||||
self.set_row(module, row_i, col_j, &tmp_out);
|
||||
self.at_mut(row_i, col_j).data.zero();
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
pub fn external_product_inplace<DataRhs: AsRef<[u8]>>(
|
||||
pub fn external_product_inplace<DataRhs: DataRef, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
rhs: &GGSWCiphertext<DataRhs, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
module: &Module<B>,
|
||||
rhs: &GGSWCiphertextExec<DataRhs, B>,
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
Module<B>: GLWEExternalProductFamily<B>,
|
||||
Scratch<B>: TakeVecZnxDft<B> + ScratchAvailable,
|
||||
{
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
assert_eq!(
|
||||
@@ -103,60 +106,69 @@ impl<DataSelf: AsMut<[u8]> + AsRef<[u8]>> GLWESwitchingKey<DataSelf, FFT64> {
|
||||
);
|
||||
}
|
||||
|
||||
let (mut tmp, scratch1) = scratch.tmp_fourier_glwe_ct(module, self.basek(), self.k(), self.rank());
|
||||
println!("tmp: {}", tmp.size());
|
||||
(0..self.rank_in()).for_each(|col_i| {
|
||||
(0..self.rows()).for_each(|row_j| {
|
||||
self.get_row(module, row_j, col_i, &mut tmp);
|
||||
tmp.external_product_inplace(module, rhs, scratch1);
|
||||
self.set_row(module, row_j, col_i, &tmp);
|
||||
self.at_mut(row_j, col_i)
|
||||
.external_product_inplace(module, rhs, scratch);
|
||||
});
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
impl GLWEAutomorphismKey<Vec<u8>, FFT64> {
|
||||
pub fn external_product_scratch_space(
|
||||
module: &Module<FFT64>,
|
||||
impl AutomorphismKey<Vec<u8>> {
|
||||
pub fn external_product_scratch_space<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k_out: usize,
|
||||
k_in: usize,
|
||||
ggsw_k: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> usize {
|
||||
) -> usize
|
||||
where
|
||||
Module<B>: GLWEExternalProductFamily<B>,
|
||||
{
|
||||
GLWESwitchingKey::external_product_scratch_space(module, basek, k_out, k_in, ggsw_k, digits, rank)
|
||||
}
|
||||
|
||||
pub fn external_product_inplace_scratch_space(
|
||||
module: &Module<FFT64>,
|
||||
pub fn external_product_inplace_scratch_space<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k_out: usize,
|
||||
ggsw_k: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> usize {
|
||||
) -> usize
|
||||
where
|
||||
Module<B>: GLWEExternalProductFamily<B>,
|
||||
{
|
||||
GLWESwitchingKey::external_product_inplace_scratch_space(module, basek, k_out, ggsw_k, digits, rank)
|
||||
}
|
||||
}
|
||||
|
||||
impl<DataSelf: AsMut<[u8]> + AsRef<[u8]>> GLWEAutomorphismKey<DataSelf, FFT64> {
|
||||
pub fn external_product<DataLhs: AsRef<[u8]>, DataRhs: AsRef<[u8]>>(
|
||||
impl<DataSelf: DataMut> AutomorphismKey<DataSelf> {
|
||||
pub fn external_product<DataLhs: DataRef, DataRhs: DataRef, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
lhs: &GLWEAutomorphismKey<DataLhs, FFT64>,
|
||||
rhs: &GGSWCiphertext<DataRhs, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
module: &Module<B>,
|
||||
lhs: &AutomorphismKey<DataLhs>,
|
||||
rhs: &GGSWCiphertextExec<DataRhs, B>,
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
Module<B>: GLWEExternalProductFamily<B>,
|
||||
Scratch<B>: TakeVecZnxDft<B> + ScratchAvailable,
|
||||
{
|
||||
self.key.external_product(module, &lhs.key, rhs, scratch);
|
||||
}
|
||||
|
||||
pub fn external_product_inplace<DataRhs: AsRef<[u8]>>(
|
||||
pub fn external_product_inplace<DataRhs: DataRef, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
rhs: &GGSWCiphertext<DataRhs, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
module: &Module<B>,
|
||||
rhs: &GGSWCiphertextExec<DataRhs, B>,
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
Module<B>: GLWEExternalProductFamily<B>,
|
||||
Scratch<B>: TakeVecZnxDft<B> + ScratchAvailable,
|
||||
{
|
||||
self.key.external_product_inplace(module, rhs, scratch);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,56 +1,73 @@
|
||||
use backend::{FFT64, Module, Scratch, ZnxZero};
|
||||
use backend::hal::{
|
||||
api::{ScratchAvailable, TakeVecZnxDft, ZnxZero},
|
||||
layouts::{Backend, DataMut, DataRef, Module, Scratch},
|
||||
};
|
||||
|
||||
use crate::{FourierGLWECiphertext, GLWEAutomorphismKey, GLWESwitchingKey, GetRow, Infos, ScratchCore, SetRow};
|
||||
use crate::{
|
||||
AutomorphismKey, AutomorphismKeyExec, GLWECiphertext, GLWEKeyswitchFamily, GLWESwitchingKey, GLWESwitchingKeyExec, Infos,
|
||||
};
|
||||
|
||||
impl GLWEAutomorphismKey<Vec<u8>, FFT64> {
|
||||
pub fn keyswitch_scratch_space(
|
||||
module: &Module<FFT64>,
|
||||
impl AutomorphismKey<Vec<u8>> {
|
||||
pub fn keyswitch_scratch_space<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k_out: usize,
|
||||
k_in: usize,
|
||||
k_ksk: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> usize {
|
||||
) -> usize
|
||||
where
|
||||
Module<B>: GLWEKeyswitchFamily<B>,
|
||||
{
|
||||
GLWESwitchingKey::keyswitch_scratch_space(module, basek, k_out, k_in, k_ksk, digits, rank, rank)
|
||||
}
|
||||
|
||||
pub fn keyswitch_inplace_scratch_space(
|
||||
module: &Module<FFT64>,
|
||||
pub fn keyswitch_inplace_scratch_space<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k_out: usize,
|
||||
k_ksk: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> usize {
|
||||
) -> usize
|
||||
where
|
||||
Module<B>: GLWEKeyswitchFamily<B>,
|
||||
{
|
||||
GLWESwitchingKey::keyswitch_inplace_scratch_space(module, basek, k_out, k_ksk, digits, rank)
|
||||
}
|
||||
}
|
||||
|
||||
impl<DataSelf: AsMut<[u8]> + AsRef<[u8]>> GLWEAutomorphismKey<DataSelf, FFT64> {
|
||||
pub fn keyswitch<DataLhs: AsRef<[u8]>, DataRhs: AsRef<[u8]>>(
|
||||
impl<DataSelf: DataMut> AutomorphismKey<DataSelf> {
|
||||
pub fn keyswitch<DataLhs: DataRef, DataRhs: DataRef, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
lhs: &GLWEAutomorphismKey<DataLhs, FFT64>,
|
||||
rhs: &GLWESwitchingKey<DataRhs, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
module: &Module<B>,
|
||||
lhs: &AutomorphismKey<DataLhs>,
|
||||
rhs: &GLWESwitchingKeyExec<DataRhs, B>,
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
Module<B>: GLWEKeyswitchFamily<B>,
|
||||
Scratch<B>: TakeVecZnxDft<B> + ScratchAvailable,
|
||||
{
|
||||
self.key.keyswitch(module, &lhs.key, rhs, scratch);
|
||||
}
|
||||
|
||||
pub fn keyswitch_inplace<DataRhs: AsRef<[u8]>>(
|
||||
pub fn keyswitch_inplace<DataRhs: DataRef, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
rhs: &GLWEAutomorphismKey<DataRhs, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
module: &Module<B>,
|
||||
rhs: &AutomorphismKeyExec<DataRhs, B>,
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
Module<B>: GLWEKeyswitchFamily<B>,
|
||||
Scratch<B>: TakeVecZnxDft<B> + ScratchAvailable,
|
||||
{
|
||||
self.key.keyswitch_inplace(module, &rhs.key, scratch);
|
||||
}
|
||||
}
|
||||
|
||||
impl GLWESwitchingKey<Vec<u8>, FFT64> {
|
||||
pub fn keyswitch_scratch_space(
|
||||
module: &Module<FFT64>,
|
||||
impl GLWESwitchingKey<Vec<u8>> {
|
||||
pub fn keyswitch_scratch_space<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k_out: usize,
|
||||
k_in: usize,
|
||||
@@ -58,36 +75,39 @@ impl GLWESwitchingKey<Vec<u8>, FFT64> {
|
||||
digits: usize,
|
||||
rank_in: usize,
|
||||
rank_out: usize,
|
||||
) -> usize {
|
||||
let tmp_in: usize = FourierGLWECiphertext::bytes_of(module, basek, k_in, rank_in);
|
||||
let tmp_out: usize = FourierGLWECiphertext::bytes_of(module, basek, k_out, rank_out);
|
||||
let ksk: usize =
|
||||
FourierGLWECiphertext::keyswitch_scratch_space(module, basek, k_out, k_in, k_ksk, digits, rank_in, rank_out);
|
||||
tmp_in + tmp_out + ksk
|
||||
) -> usize
|
||||
where
|
||||
Module<B>: GLWEKeyswitchFamily<B>,
|
||||
{
|
||||
GLWECiphertext::keyswitch_scratch_space(module, basek, k_out, k_in, k_ksk, digits, rank_in, rank_out)
|
||||
}
|
||||
|
||||
pub fn keyswitch_inplace_scratch_space(
|
||||
module: &Module<FFT64>,
|
||||
pub fn keyswitch_inplace_scratch_space<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k_out: usize,
|
||||
k_ksk: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> usize {
|
||||
let tmp: usize = FourierGLWECiphertext::bytes_of(module, basek, k_out, rank);
|
||||
let ksk: usize = FourierGLWECiphertext::keyswitch_inplace_scratch_space(module, basek, k_out, k_ksk, digits, rank);
|
||||
tmp + ksk
|
||||
) -> usize
|
||||
where
|
||||
Module<B>: GLWEKeyswitchFamily<B>,
|
||||
{
|
||||
GLWECiphertext::keyswitch_inplace_scratch_space(module, basek, k_out, k_ksk, digits, rank)
|
||||
}
|
||||
}
|
||||
|
||||
impl<DataSelf: AsMut<[u8]> + AsRef<[u8]>> GLWESwitchingKey<DataSelf, FFT64> {
|
||||
pub fn keyswitch<DataLhs: AsRef<[u8]>, DataRhs: AsRef<[u8]>>(
|
||||
impl<DataSelf: DataMut> GLWESwitchingKey<DataSelf> {
|
||||
pub fn keyswitch<DataLhs: DataRef, DataRhs: DataRef, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
lhs: &GLWESwitchingKey<DataLhs, FFT64>,
|
||||
rhs: &GLWESwitchingKey<DataRhs, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
module: &Module<B>,
|
||||
lhs: &GLWESwitchingKey<DataLhs>,
|
||||
rhs: &GLWESwitchingKeyExec<DataRhs, B>,
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
Module<B>: GLWEKeyswitchFamily<B>,
|
||||
Scratch<B>: TakeVecZnxDft<B> + ScratchAvailable,
|
||||
{
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
assert_eq!(
|
||||
@@ -113,32 +133,29 @@ impl<DataSelf: AsMut<[u8]> + AsRef<[u8]>> GLWESwitchingKey<DataSelf, FFT64> {
|
||||
);
|
||||
}
|
||||
|
||||
let (mut tmp_in, scratch1) = scratch.tmp_fourier_glwe_ct(module, lhs.basek(), lhs.k(), lhs.rank());
|
||||
let (mut tmp_out, scratch2) = scratch1.tmp_fourier_glwe_ct(module, self.basek(), self.k(), self.rank());
|
||||
|
||||
(0..self.rank_in()).for_each(|col_i| {
|
||||
(0..self.rows()).for_each(|row_j| {
|
||||
lhs.get_row(module, row_j, col_i, &mut tmp_in);
|
||||
tmp_out.keyswitch(module, &tmp_in, rhs, scratch2);
|
||||
self.set_row(module, row_j, col_i, &tmp_out);
|
||||
self.at_mut(row_j, col_i)
|
||||
.keyswitch(module, &lhs.at(row_j, col_i), rhs, scratch);
|
||||
});
|
||||
});
|
||||
|
||||
tmp_out.data.zero();
|
||||
|
||||
(self.rows().min(lhs.rows())..self.rows()).for_each(|row_i| {
|
||||
(0..self.rank_in()).for_each(|col_j| {
|
||||
self.set_row(module, row_i, col_j, &tmp_out);
|
||||
self.at_mut(row_i, col_j).data.zero();
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
pub fn keyswitch_inplace<DataRhs: AsRef<[u8]>>(
|
||||
pub fn keyswitch_inplace<DataRhs: DataRef, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
rhs: &GLWESwitchingKey<DataRhs, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
module: &Module<B>,
|
||||
rhs: &GLWESwitchingKeyExec<DataRhs, B>,
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
Module<B>: GLWEKeyswitchFamily<B>,
|
||||
Scratch<B>: TakeVecZnxDft<B> + ScratchAvailable,
|
||||
{
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
assert_eq!(
|
||||
@@ -150,13 +167,10 @@ impl<DataSelf: AsMut<[u8]> + AsRef<[u8]>> GLWESwitchingKey<DataSelf, FFT64> {
|
||||
);
|
||||
}
|
||||
|
||||
let (mut tmp, scratch1) = scratch.tmp_fourier_glwe_ct(module, self.basek(), self.k(), self.rank());
|
||||
|
||||
(0..self.rank_in()).for_each(|col_i| {
|
||||
(0..self.rows()).for_each(|row_j| {
|
||||
self.get_row(module, row_j, col_i, &mut tmp);
|
||||
tmp.keyswitch_inplace(module, rhs, scratch1);
|
||||
self.set_row(module, row_j, col_i, &tmp);
|
||||
self.at_mut(row_j, col_i)
|
||||
.keyswitch_inplace(module, rhs, scratch)
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
@@ -1,23 +1,30 @@
|
||||
use backend::{Backend, FFT64, MatZnxDft, MatZnxDftOps, Module};
|
||||
use backend::hal::{
|
||||
api::{MatZnxAlloc, MatZnxAllocBytes},
|
||||
layouts::{Backend, Data, DataMut, DataRef, MatZnx, Module, ReaderFrom, Scratch, VmpPMat, WriterTo},
|
||||
};
|
||||
|
||||
use crate::{FourierGLWECiphertext, GGLWECiphertext, GetRow, Infos, SetRow};
|
||||
use crate::{GGLWECiphertext, GGLWECiphertextExec, GGLWEExecLayoutFamily, GLWECiphertext, Infos};
|
||||
|
||||
pub struct GLWESwitchingKey<Data, B: Backend> {
|
||||
pub(crate) key: GGLWECiphertext<Data, B>,
|
||||
#[derive(PartialEq, Eq)]
|
||||
pub struct GLWESwitchingKey<D: Data> {
|
||||
pub(crate) key: GGLWECiphertext<D>,
|
||||
pub(crate) sk_in_n: usize, // Degree of sk_in
|
||||
pub(crate) sk_out_n: usize, // Degree of sk_out
|
||||
}
|
||||
|
||||
impl GLWESwitchingKey<Vec<u8>, FFT64> {
|
||||
pub fn alloc(
|
||||
module: &Module<FFT64>,
|
||||
impl GLWESwitchingKey<Vec<u8>> {
|
||||
pub fn alloc<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rows: usize,
|
||||
digits: usize,
|
||||
rank_in: usize,
|
||||
rank_out: usize,
|
||||
) -> Self {
|
||||
) -> Self
|
||||
where
|
||||
Module<B>: MatZnxAlloc,
|
||||
{
|
||||
GLWESwitchingKey {
|
||||
key: GGLWECiphertext::alloc(module, basek, k, rows, digits, rank_in, rank_out),
|
||||
sk_in_n: 0,
|
||||
@@ -25,21 +32,24 @@ impl GLWESwitchingKey<Vec<u8>, FFT64> {
|
||||
}
|
||||
}
|
||||
|
||||
pub fn bytes_of(
|
||||
module: &Module<FFT64>,
|
||||
pub fn bytes_of<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rows: usize,
|
||||
digits: usize,
|
||||
rank_in: usize,
|
||||
rank_out: usize,
|
||||
) -> usize {
|
||||
GGLWECiphertext::<Vec<u8>, FFT64>::bytes_of(module, basek, k, rows, digits, rank_in, rank_out)
|
||||
) -> usize
|
||||
where
|
||||
Module<B>: MatZnxAllocBytes,
|
||||
{
|
||||
GGLWECiphertext::<Vec<u8>>::bytes_of(module, basek, k, rows, digits, rank_in, rank_out)
|
||||
}
|
||||
}
|
||||
|
||||
impl<T, B: Backend> Infos for GLWESwitchingKey<T, B> {
|
||||
type Inner = MatZnxDft<T, B>;
|
||||
impl<D: Data> Infos for GLWESwitchingKey<D> {
|
||||
type Inner = MatZnx<D>;
|
||||
|
||||
fn inner(&self) -> &Self::Inner {
|
||||
self.key.inner()
|
||||
@@ -54,7 +64,7 @@ impl<T, B: Backend> Infos for GLWESwitchingKey<T, B> {
|
||||
}
|
||||
}
|
||||
|
||||
impl<T, B: Backend> GLWESwitchingKey<T, B> {
|
||||
impl<D: Data> GLWESwitchingKey<D> {
|
||||
pub fn rank(&self) -> usize {
|
||||
self.key.data.cols_out() - 1
|
||||
}
|
||||
@@ -80,26 +90,138 @@ impl<T, B: Backend> GLWESwitchingKey<T, B> {
|
||||
}
|
||||
}
|
||||
|
||||
impl<C: AsRef<[u8]>> GetRow<FFT64> for GLWESwitchingKey<C, FFT64> {
|
||||
fn get_row<R: AsMut<[u8]> + AsRef<[u8]>>(
|
||||
&self,
|
||||
module: &Module<FFT64>,
|
||||
row_i: usize,
|
||||
col_j: usize,
|
||||
res: &mut FourierGLWECiphertext<R, FFT64>,
|
||||
) {
|
||||
module.mat_znx_dft_get_row(&mut res.data, &self.key.data, row_i, col_j);
|
||||
impl<D: DataRef> GLWESwitchingKey<D> {
|
||||
pub fn at(&self, row: usize, col: usize) -> GLWECiphertext<&[u8]> {
|
||||
self.key.at(row, col)
|
||||
}
|
||||
}
|
||||
|
||||
impl<C: AsMut<[u8]> + AsRef<[u8]>> SetRow<FFT64> for GLWESwitchingKey<C, FFT64> {
|
||||
fn set_row<R: AsRef<[u8]>>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
row_i: usize,
|
||||
col_j: usize,
|
||||
a: &FourierGLWECiphertext<R, FFT64>,
|
||||
) {
|
||||
module.mat_znx_dft_set_row(&mut self.key.data, row_i, col_j, &a.data);
|
||||
impl<D: DataMut> GLWESwitchingKey<D> {
|
||||
pub fn at_mut(&mut self, row: usize, col: usize) -> GLWECiphertext<&mut [u8]> {
|
||||
self.key.at_mut(row, col)
|
||||
}
|
||||
}
|
||||
|
||||
use byteorder::{LittleEndian, ReadBytesExt, WriteBytesExt};
|
||||
|
||||
impl<D: DataMut> ReaderFrom for GLWESwitchingKey<D> {
|
||||
fn read_from<R: std::io::Read>(&mut self, reader: &mut R) -> std::io::Result<()> {
|
||||
self.sk_in_n = reader.read_u64::<LittleEndian>()? as usize;
|
||||
self.sk_out_n = reader.read_u64::<LittleEndian>()? as usize;
|
||||
self.key.read_from(reader)
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: DataRef> WriterTo for GLWESwitchingKey<D> {
|
||||
fn write_to<W: std::io::Write>(&self, writer: &mut W) -> std::io::Result<()> {
|
||||
writer.write_u64::<LittleEndian>(self.sk_in_n as u64)?;
|
||||
writer.write_u64::<LittleEndian>(self.sk_out_n as u64)?;
|
||||
self.key.write_to(writer)
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(PartialEq, Eq)]
|
||||
pub struct GLWESwitchingKeyExec<D: Data, B: Backend> {
|
||||
pub(crate) key: GGLWECiphertextExec<D, B>,
|
||||
pub(crate) sk_in_n: usize, // Degree of sk_in
|
||||
pub(crate) sk_out_n: usize, // Degree of sk_out
|
||||
}
|
||||
|
||||
impl<B: Backend> GLWESwitchingKeyExec<Vec<u8>, B> {
|
||||
pub fn alloc(module: &Module<B>, basek: usize, k: usize, rows: usize, digits: usize, rank_in: usize, rank_out: usize) -> Self
|
||||
where
|
||||
Module<B>: GGLWEExecLayoutFamily<B>,
|
||||
{
|
||||
GLWESwitchingKeyExec::<Vec<u8>, B> {
|
||||
key: GGLWECiphertextExec::alloc(module, basek, k, rows, digits, rank_in, rank_out),
|
||||
sk_in_n: 0,
|
||||
sk_out_n: 0,
|
||||
}
|
||||
}
|
||||
|
||||
pub fn bytes_of(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rows: usize,
|
||||
digits: usize,
|
||||
rank_in: usize,
|
||||
rank_out: usize,
|
||||
) -> usize
|
||||
where
|
||||
Module<B>: GGLWEExecLayoutFamily<B>,
|
||||
{
|
||||
GGLWECiphertextExec::bytes_of(module, basek, k, rows, digits, rank_in, rank_out)
|
||||
}
|
||||
|
||||
pub fn from<DataOther: DataRef>(module: &Module<B>, other: &GLWESwitchingKey<DataOther>, scratch: &mut Scratch<B>) -> Self
|
||||
where
|
||||
Module<B>: GGLWEExecLayoutFamily<B>,
|
||||
{
|
||||
let mut ksk_exec: GLWESwitchingKeyExec<Vec<u8>, B> = Self::alloc(
|
||||
module,
|
||||
other.basek(),
|
||||
other.k(),
|
||||
other.rows(),
|
||||
other.digits(),
|
||||
other.rank_in(),
|
||||
other.rank_out(),
|
||||
);
|
||||
ksk_exec.prepare(module, other, scratch);
|
||||
ksk_exec
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: Data, B: Backend> Infos for GLWESwitchingKeyExec<D, B> {
|
||||
type Inner = VmpPMat<D, B>;
|
||||
|
||||
fn inner(&self) -> &Self::Inner {
|
||||
self.key.inner()
|
||||
}
|
||||
|
||||
fn basek(&self) -> usize {
|
||||
self.key.basek()
|
||||
}
|
||||
|
||||
fn k(&self) -> usize {
|
||||
self.key.k()
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: Data, B: Backend> GLWESwitchingKeyExec<D, B> {
|
||||
pub fn rank(&self) -> usize {
|
||||
self.key.data.cols_out() - 1
|
||||
}
|
||||
|
||||
pub fn rank_in(&self) -> usize {
|
||||
self.key.data.cols_in()
|
||||
}
|
||||
|
||||
pub fn rank_out(&self) -> usize {
|
||||
self.key.data.cols_out() - 1
|
||||
}
|
||||
|
||||
pub fn digits(&self) -> usize {
|
||||
self.key.digits()
|
||||
}
|
||||
|
||||
pub fn sk_degree_in(&self) -> usize {
|
||||
self.sk_in_n
|
||||
}
|
||||
|
||||
pub fn sk_degree_out(&self) -> usize {
|
||||
self.sk_out_n
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: DataMut, B: Backend> GLWESwitchingKeyExec<D, B> {
|
||||
pub fn prepare<DataOther>(&mut self, module: &Module<B>, other: &GLWESwitchingKey<DataOther>, scratch: &mut Scratch<B>)
|
||||
where
|
||||
DataOther: DataRef,
|
||||
Module<B>: GGLWEExecLayoutFamily<B>,
|
||||
{
|
||||
self.key.prepare(module, &other.key, scratch);
|
||||
self.sk_in_n = other.sk_in_n;
|
||||
self.sk_out_n = other.sk_out_n;
|
||||
}
|
||||
}
|
||||
|
||||
275
core/src/gglwe/layout.rs
Normal file
275
core/src/gglwe/layout.rs
Normal file
@@ -0,0 +1,275 @@
|
||||
use backend::hal::{
|
||||
api::{MatZnxAlloc, MatZnxAllocBytes, VmpPMatAlloc, VmpPMatAllocBytes, VmpPMatPrepare},
|
||||
layouts::{Backend, Data, DataMut, DataRef, MatZnx, Module, ReaderFrom, Scratch, VmpPMat, WriterTo},
|
||||
};
|
||||
|
||||
use crate::{GLWECiphertext, Infos};
|
||||
|
||||
pub trait GGLWEExecLayoutFamily<B: Backend> = VmpPMatAlloc<B> + VmpPMatAllocBytes + VmpPMatPrepare<B>;
|
||||
|
||||
#[derive(PartialEq, Eq)]
|
||||
pub struct GGLWECiphertext<D: Data> {
|
||||
pub(crate) data: MatZnx<D>,
|
||||
pub(crate) basek: usize,
|
||||
pub(crate) k: usize,
|
||||
pub(crate) digits: usize,
|
||||
}
|
||||
|
||||
impl<D: DataRef> GGLWECiphertext<D> {
|
||||
pub fn at(&self, row: usize, col: usize) -> GLWECiphertext<&[u8]> {
|
||||
GLWECiphertext {
|
||||
data: self.data.at(row, col),
|
||||
basek: self.basek,
|
||||
k: self.k,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: DataMut> GGLWECiphertext<D> {
|
||||
pub fn at_mut(&mut self, row: usize, col: usize) -> GLWECiphertext<&mut [u8]> {
|
||||
GLWECiphertext {
|
||||
data: self.data.at_mut(row, col),
|
||||
basek: self.basek,
|
||||
k: self.k,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
impl GGLWECiphertext<Vec<u8>> {
|
||||
pub fn alloc<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rows: usize,
|
||||
digits: usize,
|
||||
rank_in: usize,
|
||||
rank_out: usize,
|
||||
) -> Self
|
||||
where
|
||||
Module<B>: MatZnxAlloc,
|
||||
{
|
||||
let size: usize = k.div_ceil(basek);
|
||||
debug_assert!(
|
||||
size > digits,
|
||||
"invalid gglwe: ceil(k/basek): {} <= digits: {}",
|
||||
size,
|
||||
digits
|
||||
);
|
||||
|
||||
assert!(
|
||||
rows * digits <= size,
|
||||
"invalid gglwe: rows: {} * digits:{} > ceil(k/basek): {}",
|
||||
rows,
|
||||
digits,
|
||||
size
|
||||
);
|
||||
|
||||
Self {
|
||||
data: module.mat_znx_alloc(rows, rank_in, rank_out + 1, size),
|
||||
basek: basek,
|
||||
k,
|
||||
digits,
|
||||
}
|
||||
}
|
||||
|
||||
pub fn bytes_of<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rows: usize,
|
||||
digits: usize,
|
||||
rank_in: usize,
|
||||
rank_out: usize,
|
||||
) -> usize
|
||||
where
|
||||
Module<B>: MatZnxAllocBytes,
|
||||
{
|
||||
let size: usize = k.div_ceil(basek);
|
||||
debug_assert!(
|
||||
size > digits,
|
||||
"invalid gglwe: ceil(k/basek): {} <= digits: {}",
|
||||
size,
|
||||
digits
|
||||
);
|
||||
|
||||
assert!(
|
||||
rows * digits <= size,
|
||||
"invalid gglwe: rows: {} * digits:{} > ceil(k/basek): {}",
|
||||
rows,
|
||||
digits,
|
||||
size
|
||||
);
|
||||
|
||||
module.mat_znx_alloc_bytes(rows, rank_in, rank_out + 1, rows)
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: Data> Infos for GGLWECiphertext<D> {
|
||||
type Inner = MatZnx<D>;
|
||||
|
||||
fn inner(&self) -> &Self::Inner {
|
||||
&self.data
|
||||
}
|
||||
|
||||
fn basek(&self) -> usize {
|
||||
self.basek
|
||||
}
|
||||
|
||||
fn k(&self) -> usize {
|
||||
self.k
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: Data> GGLWECiphertext<D> {
|
||||
pub fn rank(&self) -> usize {
|
||||
self.data.cols_out() - 1
|
||||
}
|
||||
|
||||
pub fn digits(&self) -> usize {
|
||||
self.digits
|
||||
}
|
||||
|
||||
pub fn rank_in(&self) -> usize {
|
||||
self.data.cols_in()
|
||||
}
|
||||
|
||||
pub fn rank_out(&self) -> usize {
|
||||
self.data.cols_out() - 1
|
||||
}
|
||||
}
|
||||
|
||||
use byteorder::{LittleEndian, ReadBytesExt, WriteBytesExt};
|
||||
|
||||
impl<D: DataMut> ReaderFrom for GGLWECiphertext<D> {
|
||||
fn read_from<R: std::io::Read>(&mut self, reader: &mut R) -> std::io::Result<()> {
|
||||
self.k = reader.read_u64::<LittleEndian>()? as usize;
|
||||
self.basek = reader.read_u64::<LittleEndian>()? as usize;
|
||||
self.digits = reader.read_u64::<LittleEndian>()? as usize;
|
||||
self.data.read_from(reader)
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: DataRef> WriterTo for GGLWECiphertext<D> {
|
||||
fn write_to<W: std::io::Write>(&self, writer: &mut W) -> std::io::Result<()> {
|
||||
writer.write_u64::<LittleEndian>(self.k as u64)?;
|
||||
writer.write_u64::<LittleEndian>(self.basek as u64)?;
|
||||
writer.write_u64::<LittleEndian>(self.digits as u64)?;
|
||||
self.data.write_to(writer)
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(PartialEq, Eq)]
|
||||
pub struct GGLWECiphertextExec<D: Data, B: Backend> {
|
||||
pub(crate) data: VmpPMat<D, B>,
|
||||
pub(crate) basek: usize,
|
||||
pub(crate) k: usize,
|
||||
pub(crate) digits: usize,
|
||||
}
|
||||
|
||||
impl<B: Backend> GGLWECiphertextExec<Vec<u8>, B> {
|
||||
pub fn alloc(module: &Module<B>, basek: usize, k: usize, rows: usize, digits: usize, rank_in: usize, rank_out: usize) -> Self
|
||||
where
|
||||
Module<B>: GGLWEExecLayoutFamily<B>,
|
||||
{
|
||||
let size: usize = k.div_ceil(basek);
|
||||
debug_assert!(
|
||||
size > digits,
|
||||
"invalid gglwe: ceil(k/basek): {} <= digits: {}",
|
||||
size,
|
||||
digits
|
||||
);
|
||||
|
||||
assert!(
|
||||
rows * digits <= size,
|
||||
"invalid gglwe: rows: {} * digits:{} > ceil(k/basek): {}",
|
||||
rows,
|
||||
digits,
|
||||
size
|
||||
);
|
||||
|
||||
Self {
|
||||
data: module.vmp_pmat_alloc(rows, rank_in, rank_out + 1, size),
|
||||
basek: basek,
|
||||
k,
|
||||
digits,
|
||||
}
|
||||
}
|
||||
|
||||
pub fn bytes_of(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rows: usize,
|
||||
digits: usize,
|
||||
rank_in: usize,
|
||||
rank_out: usize,
|
||||
) -> usize
|
||||
where
|
||||
Module<B>: GGLWEExecLayoutFamily<B>,
|
||||
{
|
||||
let size: usize = k.div_ceil(basek);
|
||||
debug_assert!(
|
||||
size > digits,
|
||||
"invalid gglwe: ceil(k/basek): {} <= digits: {}",
|
||||
size,
|
||||
digits
|
||||
);
|
||||
|
||||
assert!(
|
||||
rows * digits <= size,
|
||||
"invalid gglwe: rows: {} * digits:{} > ceil(k/basek): {}",
|
||||
rows,
|
||||
digits,
|
||||
size
|
||||
);
|
||||
|
||||
module.vmp_pmat_alloc_bytes(rows, rank_in, rank_out + 1, rows)
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: Data, B: Backend> Infos for GGLWECiphertextExec<D, B> {
|
||||
type Inner = VmpPMat<D, B>;
|
||||
|
||||
fn inner(&self) -> &Self::Inner {
|
||||
&self.data
|
||||
}
|
||||
|
||||
fn basek(&self) -> usize {
|
||||
self.basek
|
||||
}
|
||||
|
||||
fn k(&self) -> usize {
|
||||
self.k
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: Data, B: Backend> GGLWECiphertextExec<D, B> {
|
||||
pub fn rank(&self) -> usize {
|
||||
self.data.cols_out() - 1
|
||||
}
|
||||
|
||||
pub fn digits(&self) -> usize {
|
||||
self.digits
|
||||
}
|
||||
|
||||
pub fn rank_in(&self) -> usize {
|
||||
self.data.cols_in()
|
||||
}
|
||||
|
||||
pub fn rank_out(&self) -> usize {
|
||||
self.data.cols_out() - 1
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: DataMut, B: Backend> GGLWECiphertextExec<D, B> {
|
||||
pub fn prepare<DataOther>(&mut self, module: &Module<B>, other: &GGLWECiphertext<DataOther>, scratch: &mut Scratch<B>)
|
||||
where
|
||||
DataOther: DataRef,
|
||||
Module<B>: GGLWEExecLayoutFamily<B>,
|
||||
{
|
||||
module.vmp_prepare(&mut self.data, &other.data, scratch);
|
||||
self.basek = other.basek;
|
||||
self.k = other.k;
|
||||
self.digits = other.digits;
|
||||
}
|
||||
}
|
||||
@@ -1,16 +1,20 @@
|
||||
pub mod automorphism;
|
||||
pub mod automorphism_key;
|
||||
pub mod ciphertext;
|
||||
pub mod encryption;
|
||||
pub mod external_product;
|
||||
pub mod keyswitch;
|
||||
pub mod keyswitch_key;
|
||||
pub mod tensor_key;
|
||||
mod automorphism;
|
||||
mod automorphism_key;
|
||||
mod encryption;
|
||||
mod external_product;
|
||||
mod keyswitch;
|
||||
mod keyswitch_key;
|
||||
mod layout;
|
||||
mod noise;
|
||||
mod tensor_key;
|
||||
|
||||
pub use automorphism_key::GLWEAutomorphismKey;
|
||||
pub use ciphertext::GGLWECiphertext;
|
||||
pub use keyswitch_key::GLWESwitchingKey;
|
||||
pub use tensor_key::GLWETensorKey;
|
||||
pub use automorphism_key::{AutomorphismKey, AutomorphismKeyExec};
|
||||
pub use encryption::{
|
||||
AutomorphismKeyEncryptSkFamily, GGLWEEncryptSkFamily, GLWESwitchingKeyEncryptSkFamily, GLWETensorKeyEncryptSkFamily,
|
||||
};
|
||||
pub use keyswitch_key::{GLWESwitchingKey, GLWESwitchingKeyExec};
|
||||
pub use layout::{GGLWECiphertext, GGLWECiphertextExec, GGLWEExecLayoutFamily};
|
||||
pub use tensor_key::{GLWETensorKey, GLWETensorKeyExec};
|
||||
|
||||
#[cfg(test)]
|
||||
mod test_fft64;
|
||||
mod test;
|
||||
|
||||
55
core/src/gglwe/noise.rs
Normal file
55
core/src/gglwe/noise.rs
Normal file
@@ -0,0 +1,55 @@
|
||||
use backend::hal::{
|
||||
api::{ScratchOwnedAlloc, ScratchOwnedBorrow, VecZnxAlloc, VecZnxStd, VecZnxSubScalarInplace, ZnxZero},
|
||||
layouts::{Backend, DataRef, Module, ScalarZnx, ScratchOwned},
|
||||
oep::{ScratchOwnedAllocImpl, ScratchOwnedBorrowImpl, TakeVecZnxBigImpl, TakeVecZnxDftImpl},
|
||||
};
|
||||
|
||||
use crate::{GGLWECiphertext, GLWECiphertext, GLWEDecryptFamily, GLWEPlaintext, GLWESecretExec, Infos};
|
||||
|
||||
impl<D: DataRef> GGLWECiphertext<D> {
|
||||
pub fn assert_noise<B: Backend, DataSk, DataWant>(
|
||||
self,
|
||||
module: &Module<B>,
|
||||
sk: &GLWESecretExec<DataSk, B>,
|
||||
pt_want: &ScalarZnx<DataWant>,
|
||||
max_noise: f64,
|
||||
) where
|
||||
DataSk: DataRef,
|
||||
DataWant: DataRef,
|
||||
Module<B>: GLWEDecryptFamily<B> + VecZnxStd + VecZnxAlloc + VecZnxSubScalarInplace,
|
||||
B: TakeVecZnxDftImpl<B> + TakeVecZnxBigImpl<B> + ScratchOwnedAllocImpl<B> + ScratchOwnedBorrowImpl<B>,
|
||||
{
|
||||
let digits: usize = self.digits();
|
||||
let basek: usize = self.basek();
|
||||
let k: usize = self.k();
|
||||
|
||||
let mut scratch: ScratchOwned<B> = ScratchOwned::alloc(GLWECiphertext::decrypt_scratch_space(module, basek, k));
|
||||
let mut pt: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(module, basek, k);
|
||||
|
||||
(0..self.rank_in()).for_each(|col_i| {
|
||||
(0..self.rows()).for_each(|row_i| {
|
||||
self.at(row_i, col_i)
|
||||
.decrypt(&module, &mut pt, &sk, scratch.borrow());
|
||||
|
||||
module.vec_znx_sub_scalar_inplace(
|
||||
&mut pt.data,
|
||||
0,
|
||||
(digits - 1) + row_i * digits,
|
||||
pt_want,
|
||||
col_i,
|
||||
);
|
||||
|
||||
let noise_have: f64 = module.vec_znx_std(basek, &pt.data, 0).log2();
|
||||
|
||||
assert!(
|
||||
noise_have <= max_noise,
|
||||
"noise_have: {} > max_noise: {}",
|
||||
noise_have,
|
||||
max_noise
|
||||
);
|
||||
|
||||
pt.data.zero();
|
||||
});
|
||||
});
|
||||
}
|
||||
}
|
||||
@@ -1,14 +1,21 @@
|
||||
use backend::{Backend, FFT64, MatZnxDft, Module};
|
||||
use backend::hal::{
|
||||
api::{MatZnxAlloc, MatZnxAllocBytes},
|
||||
layouts::{Backend, Data, DataMut, DataRef, MatZnx, Module, ReaderFrom, Scratch, VmpPMat, WriterTo},
|
||||
};
|
||||
|
||||
use crate::{GLWESwitchingKey, Infos};
|
||||
use crate::{GGLWEExecLayoutFamily, GLWESwitchingKey, GLWESwitchingKeyExec, Infos};
|
||||
|
||||
pub struct GLWETensorKey<C, B: Backend> {
|
||||
pub(crate) keys: Vec<GLWESwitchingKey<C, B>>,
|
||||
#[derive(PartialEq, Eq)]
|
||||
pub struct GLWETensorKey<D: Data> {
|
||||
pub(crate) keys: Vec<GLWESwitchingKey<D>>,
|
||||
}
|
||||
|
||||
impl GLWETensorKey<Vec<u8>, FFT64> {
|
||||
pub fn alloc(module: &Module<FFT64>, basek: usize, k: usize, rows: usize, digits: usize, rank: usize) -> Self {
|
||||
let mut keys: Vec<GLWESwitchingKey<Vec<u8>, FFT64>> = Vec::new();
|
||||
impl GLWETensorKey<Vec<u8>> {
|
||||
pub fn alloc<B: Backend>(module: &Module<B>, basek: usize, k: usize, rows: usize, digits: usize, rank: usize) -> Self
|
||||
where
|
||||
Module<B>: MatZnxAlloc,
|
||||
{
|
||||
let mut keys: Vec<GLWESwitchingKey<Vec<u8>>> = Vec::new();
|
||||
let pairs: usize = (((rank + 1) * rank) >> 1).max(1);
|
||||
(0..pairs).for_each(|_| {
|
||||
keys.push(GLWESwitchingKey::alloc(
|
||||
@@ -18,14 +25,17 @@ impl GLWETensorKey<Vec<u8>, FFT64> {
|
||||
Self { keys: keys }
|
||||
}
|
||||
|
||||
pub fn bytes_of(module: &Module<FFT64>, basek: usize, k: usize, rows: usize, digits: usize, rank: usize) -> usize {
|
||||
pub fn bytes_of<B: Backend>(module: &Module<B>, basek: usize, k: usize, rows: usize, digits: usize, rank: usize) -> usize
|
||||
where
|
||||
Module<B>: MatZnxAllocBytes,
|
||||
{
|
||||
let pairs: usize = (((rank + 1) * rank) >> 1).max(1);
|
||||
pairs * GLWESwitchingKey::<Vec<u8>, FFT64>::bytes_of(module, basek, k, rows, digits, 1, rank)
|
||||
pairs * GLWESwitchingKey::<Vec<u8>>::bytes_of(module, basek, k, rows, digits, 1, rank)
|
||||
}
|
||||
}
|
||||
|
||||
impl<T, B: Backend> Infos for GLWETensorKey<T, B> {
|
||||
type Inner = MatZnxDft<T, B>;
|
||||
impl<D: Data> Infos for GLWETensorKey<D> {
|
||||
type Inner = MatZnx<D>;
|
||||
|
||||
fn inner(&self) -> &Self::Inner {
|
||||
&self.keys[0].inner()
|
||||
@@ -40,7 +50,7 @@ impl<T, B: Backend> Infos for GLWETensorKey<T, B> {
|
||||
}
|
||||
}
|
||||
|
||||
impl<T, B: Backend> GLWETensorKey<T, B> {
|
||||
impl<D: Data> GLWETensorKey<D> {
|
||||
pub fn rank(&self) -> usize {
|
||||
self.keys[0].rank()
|
||||
}
|
||||
@@ -58,9 +68,9 @@ impl<T, B: Backend> GLWETensorKey<T, B> {
|
||||
}
|
||||
}
|
||||
|
||||
impl<DataSelf: AsMut<[u8]> + AsRef<[u8]>> GLWETensorKey<DataSelf, FFT64> {
|
||||
impl<D: DataMut> GLWETensorKey<D> {
|
||||
// Returns a mutable reference to GLWESwitchingKey_{s}(s[i] * s[j])
|
||||
pub fn at_mut(&mut self, mut i: usize, mut j: usize) -> &mut GLWESwitchingKey<DataSelf, FFT64> {
|
||||
pub fn at_mut(&mut self, mut i: usize, mut j: usize) -> &mut GLWESwitchingKey<D> {
|
||||
if i > j {
|
||||
std::mem::swap(&mut i, &mut j);
|
||||
};
|
||||
@@ -69,9 +79,9 @@ impl<DataSelf: AsMut<[u8]> + AsRef<[u8]>> GLWETensorKey<DataSelf, FFT64> {
|
||||
}
|
||||
}
|
||||
|
||||
impl<DataSelf: AsRef<[u8]>> GLWETensorKey<DataSelf, FFT64> {
|
||||
impl<D: DataRef> GLWETensorKey<D> {
|
||||
// Returns a reference to GLWESwitchingKey_{s}(s[i] * s[j])
|
||||
pub fn at(&self, mut i: usize, mut j: usize) -> &GLWESwitchingKey<DataSelf, FFT64> {
|
||||
pub fn at(&self, mut i: usize, mut j: usize) -> &GLWESwitchingKey<D> {
|
||||
if i > j {
|
||||
std::mem::swap(&mut i, &mut j);
|
||||
};
|
||||
@@ -79,3 +89,135 @@ impl<DataSelf: AsRef<[u8]>> GLWETensorKey<DataSelf, FFT64> {
|
||||
&self.keys[i * rank + j - (i * (i + 1) / 2)]
|
||||
}
|
||||
}
|
||||
|
||||
use byteorder::{LittleEndian, ReadBytesExt, WriteBytesExt};
|
||||
|
||||
impl<D: DataMut> ReaderFrom for GLWETensorKey<D> {
|
||||
fn read_from<R: std::io::Read>(&mut self, reader: &mut R) -> std::io::Result<()> {
|
||||
let len: usize = reader.read_u64::<LittleEndian>()? as usize;
|
||||
if self.keys.len() != len {
|
||||
return Err(std::io::Error::new(
|
||||
std::io::ErrorKind::InvalidData,
|
||||
format!("self.keys.len()={} != read len={}", self.keys.len(), len),
|
||||
));
|
||||
}
|
||||
for key in &mut self.keys {
|
||||
key.read_from(reader)?;
|
||||
}
|
||||
Ok(())
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: DataRef> WriterTo for GLWETensorKey<D> {
|
||||
fn write_to<W: std::io::Write>(&self, writer: &mut W) -> std::io::Result<()> {
|
||||
writer.write_u64::<LittleEndian>(self.keys.len() as u64)?;
|
||||
for key in &self.keys {
|
||||
key.write_to(writer)?;
|
||||
}
|
||||
Ok(())
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(PartialEq, Eq)]
|
||||
pub struct GLWETensorKeyExec<D: Data, B: Backend> {
|
||||
pub(crate) keys: Vec<GLWESwitchingKeyExec<D, B>>,
|
||||
}
|
||||
|
||||
impl<B: Backend> GLWETensorKeyExec<Vec<u8>, B> {
|
||||
pub fn alloc(module: &Module<B>, basek: usize, k: usize, rows: usize, digits: usize, rank: usize) -> Self
|
||||
where
|
||||
Module<B>: GGLWEExecLayoutFamily<B>,
|
||||
{
|
||||
let mut keys: Vec<GLWESwitchingKeyExec<Vec<u8>, B>> = Vec::new();
|
||||
let pairs: usize = (((rank + 1) * rank) >> 1).max(1);
|
||||
(0..pairs).for_each(|_| {
|
||||
keys.push(GLWESwitchingKeyExec::alloc(
|
||||
module, basek, k, rows, digits, 1, rank,
|
||||
));
|
||||
});
|
||||
Self { keys }
|
||||
}
|
||||
|
||||
pub fn bytes_of(module: &Module<B>, basek: usize, k: usize, rows: usize, digits: usize, rank: usize) -> usize
|
||||
where
|
||||
Module<B>: GGLWEExecLayoutFamily<B>,
|
||||
{
|
||||
let pairs: usize = (((rank + 1) * rank) >> 1).max(1);
|
||||
pairs * GLWESwitchingKeyExec::<Vec<u8>, B>::bytes_of(module, basek, k, rows, digits, 1, rank)
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: Data, B: Backend> Infos for GLWETensorKeyExec<D, B> {
|
||||
type Inner = VmpPMat<D, B>;
|
||||
|
||||
fn inner(&self) -> &Self::Inner {
|
||||
&self.keys[0].inner()
|
||||
}
|
||||
|
||||
fn basek(&self) -> usize {
|
||||
self.keys[0].basek()
|
||||
}
|
||||
|
||||
fn k(&self) -> usize {
|
||||
self.keys[0].k()
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: Data, B: Backend> GLWETensorKeyExec<D, B> {
|
||||
pub fn rank(&self) -> usize {
|
||||
self.keys[0].rank()
|
||||
}
|
||||
|
||||
pub fn rank_in(&self) -> usize {
|
||||
self.keys[0].rank_in()
|
||||
}
|
||||
|
||||
pub fn rank_out(&self) -> usize {
|
||||
self.keys[0].rank_out()
|
||||
}
|
||||
|
||||
pub fn digits(&self) -> usize {
|
||||
self.keys[0].digits()
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: DataMut, B: Backend> GLWETensorKeyExec<D, B> {
|
||||
// Returns a mutable reference to GLWESwitchingKey_{s}(s[i] * s[j])
|
||||
pub fn at_mut(&mut self, mut i: usize, mut j: usize) -> &mut GLWESwitchingKeyExec<D, B> {
|
||||
if i > j {
|
||||
std::mem::swap(&mut i, &mut j);
|
||||
};
|
||||
let rank: usize = self.rank();
|
||||
&mut self.keys[i * rank + j - (i * (i + 1) / 2)]
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: DataRef, B: Backend> GLWETensorKeyExec<D, B> {
|
||||
// Returns a reference to GLWESwitchingKey_{s}(s[i] * s[j])
|
||||
pub fn at(&self, mut i: usize, mut j: usize) -> &GLWESwitchingKeyExec<D, B> {
|
||||
if i > j {
|
||||
std::mem::swap(&mut i, &mut j);
|
||||
};
|
||||
let rank: usize = self.rank();
|
||||
&self.keys[i * rank + j - (i * (i + 1) / 2)]
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: DataMut, B: Backend> GLWETensorKeyExec<D, B> {
|
||||
pub fn prepare<DataOther>(&mut self, module: &Module<B>, other: &GLWETensorKey<DataOther>, scratch: &mut Scratch<B>)
|
||||
where
|
||||
DataOther: DataRef,
|
||||
Module<B>: GGLWEExecLayoutFamily<B>,
|
||||
{
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
assert_eq!(self.keys.len(), other.keys.len());
|
||||
}
|
||||
self.keys
|
||||
.iter_mut()
|
||||
.zip(other.keys.iter())
|
||||
.for_each(|(a, b)| {
|
||||
a.prepare(module, b, scratch);
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,9 +1,14 @@
|
||||
use backend::{FFT64, Module, ScalarZnxOps, ScratchOwned, Stats, VecZnxOps};
|
||||
use backend::{
|
||||
hal::{
|
||||
api::{ModuleNew, ScalarZnxAutomorphism, ScratchOwnedAlloc, ScratchOwnedBorrow, VecZnxStd, VecZnxSubScalarInplace},
|
||||
layouts::{Module, ScratchOwned},
|
||||
},
|
||||
implementation::cpu_spqlios::FFT64,
|
||||
};
|
||||
use sampling::source::Source;
|
||||
|
||||
use crate::{
|
||||
FourierGLWECiphertext, FourierGLWESecret, GLWEAutomorphismKey, GLWEPlaintext, GLWESecret, GetRow, Infos,
|
||||
noise::log2_std_noise_gglwe_product,
|
||||
AutomorphismKey, AutomorphismKeyExec, GLWEPlaintext, GLWESecret, GLWESecretExec, Infos, noise::log2_std_noise_gglwe_product,
|
||||
};
|
||||
|
||||
#[test]
|
||||
@@ -58,21 +63,17 @@ fn test_automorphism(
|
||||
let rows_in: usize = k_in / (basek * digits);
|
||||
let rows_apply: usize = k_in.div_ceil(basek * digits);
|
||||
|
||||
let mut auto_key_in: GLWEAutomorphismKey<Vec<u8>, FFT64> =
|
||||
GLWEAutomorphismKey::alloc(&module, basek, k_in, rows_in, digits_in, rank);
|
||||
let mut auto_key_out: GLWEAutomorphismKey<Vec<u8>, FFT64> =
|
||||
GLWEAutomorphismKey::alloc(&module, basek, k_out, rows_in, digits_in, rank);
|
||||
let mut auto_key_apply: GLWEAutomorphismKey<Vec<u8>, FFT64> =
|
||||
GLWEAutomorphismKey::alloc(&module, basek, k_apply, rows_apply, digits, rank);
|
||||
let mut auto_key_in: AutomorphismKey<Vec<u8>> = AutomorphismKey::alloc(&module, basek, k_in, rows_in, digits_in, rank);
|
||||
let mut auto_key_out: AutomorphismKey<Vec<u8>> = AutomorphismKey::alloc(&module, basek, k_out, rows_in, digits_in, rank);
|
||||
let mut auto_key_apply: AutomorphismKey<Vec<u8>> = AutomorphismKey::alloc(&module, basek, k_apply, rows_apply, digits, rank);
|
||||
|
||||
let mut source_xs: Source = Source::new([0u8; 32]);
|
||||
let mut source_xe: Source = Source::new([0u8; 32]);
|
||||
let mut source_xa: Source = Source::new([0u8; 32]);
|
||||
|
||||
let mut scratch: ScratchOwned = ScratchOwned::new(
|
||||
GLWEAutomorphismKey::encrypt_sk_scratch_space(&module, basek, k_apply, rank)
|
||||
| FourierGLWECiphertext::decrypt_scratch_space(&module, basek, k_out)
|
||||
| GLWEAutomorphismKey::automorphism_scratch_space(&module, basek, k_out, k_in, k_apply, digits, rank),
|
||||
let mut scratch: ScratchOwned<FFT64> = ScratchOwned::alloc(
|
||||
AutomorphismKey::encrypt_sk_scratch_space(&module, basek, k_apply, rank)
|
||||
| AutomorphismKey::automorphism_scratch_space(&module, basek, k_out, k_in, k_apply, digits, rank),
|
||||
);
|
||||
|
||||
let mut sk: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank);
|
||||
@@ -100,10 +101,19 @@ fn test_automorphism(
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
// gglwe_{s1}(s0) (x) gglwe_{s2}(s1) = gglwe_{s2}(s0)
|
||||
auto_key_out.automorphism(&module, &auto_key_in, &auto_key_apply, scratch.borrow());
|
||||
let mut auto_key_apply_exec: AutomorphismKeyExec<Vec<u8>, FFT64> =
|
||||
AutomorphismKeyExec::alloc(&module, basek, k_apply, rows_apply, digits, rank);
|
||||
|
||||
auto_key_apply_exec.prepare(&module, &auto_key_apply, scratch.borrow());
|
||||
|
||||
// gglwe_{s1}(s0) (x) gglwe_{s2}(s1) = gglwe_{s2}(s0)
|
||||
auto_key_out.automorphism(
|
||||
&module,
|
||||
&auto_key_in,
|
||||
&auto_key_apply_exec,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
let mut ct_glwe_dft: FourierGLWECiphertext<Vec<u8>, FFT64> = FourierGLWECiphertext::alloc(&module, basek, k_out, rank);
|
||||
let mut pt: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k_out);
|
||||
|
||||
let mut sk_auto: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank);
|
||||
@@ -118,12 +128,13 @@ fn test_automorphism(
|
||||
);
|
||||
});
|
||||
|
||||
let sk_auto_dft: FourierGLWESecret<Vec<u8>, FFT64> = FourierGLWESecret::from(&module, &sk_auto);
|
||||
let sk_auto_dft: GLWESecretExec<Vec<u8>, FFT64> = GLWESecretExec::from(&module, &sk_auto);
|
||||
|
||||
(0..auto_key_out.rank_in()).for_each(|col_i| {
|
||||
(0..auto_key_out.rows()).for_each(|row_i| {
|
||||
auto_key_out.get_row(&module, row_i, col_i, &mut ct_glwe_dft);
|
||||
ct_glwe_dft.decrypt(&module, &mut pt, &sk_auto_dft, scratch.borrow());
|
||||
auto_key_out
|
||||
.at(row_i, col_i)
|
||||
.decrypt(&module, &mut pt, &sk_auto_dft, scratch.borrow());
|
||||
|
||||
module.vec_znx_sub_scalar_inplace(
|
||||
&mut pt.data,
|
||||
@@ -133,7 +144,7 @@ fn test_automorphism(
|
||||
col_i,
|
||||
);
|
||||
|
||||
let noise_have: f64 = pt.data.std(0, basek).log2();
|
||||
let noise_have: f64 = module.vec_znx_std(basek, &pt.data, 0).log2();
|
||||
let noise_want: f64 = log2_std_noise_gglwe_product(
|
||||
module.n() as f64,
|
||||
basek * digits,
|
||||
@@ -175,19 +186,16 @@ fn test_automorphism_inplace(
|
||||
let rows_in: usize = k_in / (basek * digits);
|
||||
let rows_apply: usize = k_in.div_ceil(basek * digits);
|
||||
|
||||
let mut auto_key: GLWEAutomorphismKey<Vec<u8>, FFT64> =
|
||||
GLWEAutomorphismKey::alloc(&module, basek, k_in, rows_in, digits_in, rank);
|
||||
let mut auto_key_apply: GLWEAutomorphismKey<Vec<u8>, FFT64> =
|
||||
GLWEAutomorphismKey::alloc(&module, basek, k_apply, rows_apply, digits, rank);
|
||||
let mut auto_key: AutomorphismKey<Vec<u8>> = AutomorphismKey::alloc(&module, basek, k_in, rows_in, digits_in, rank);
|
||||
let mut auto_key_apply: AutomorphismKey<Vec<u8>> = AutomorphismKey::alloc(&module, basek, k_apply, rows_apply, digits, rank);
|
||||
|
||||
let mut source_xs: Source = Source::new([0u8; 32]);
|
||||
let mut source_xe: Source = Source::new([0u8; 32]);
|
||||
let mut source_xa: Source = Source::new([0u8; 32]);
|
||||
|
||||
let mut scratch: ScratchOwned = ScratchOwned::new(
|
||||
GLWEAutomorphismKey::encrypt_sk_scratch_space(&module, basek, k_apply, rank)
|
||||
| FourierGLWECiphertext::decrypt_scratch_space(&module, basek, k_in)
|
||||
| GLWEAutomorphismKey::automorphism_inplace_scratch_space(&module, basek, k_in, k_apply, digits, rank),
|
||||
let mut scratch: ScratchOwned<FFT64> = ScratchOwned::alloc(
|
||||
AutomorphismKey::encrypt_sk_scratch_space(&module, basek, k_apply, rank)
|
||||
| AutomorphismKey::automorphism_inplace_scratch_space(&module, basek, k_in, k_apply, digits, rank),
|
||||
);
|
||||
|
||||
let mut sk: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank);
|
||||
@@ -215,10 +223,14 @@ fn test_automorphism_inplace(
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
// gglwe_{s1}(s0) (x) gglwe_{s2}(s1) = gglwe_{s2}(s0)
|
||||
auto_key.automorphism_inplace(&module, &auto_key_apply, scratch.borrow());
|
||||
let mut auto_key_apply_exec: AutomorphismKeyExec<Vec<u8>, FFT64> =
|
||||
AutomorphismKeyExec::alloc(&module, basek, k_apply, rows_apply, digits, rank);
|
||||
|
||||
auto_key_apply_exec.prepare(&module, &auto_key_apply, scratch.borrow());
|
||||
|
||||
// gglwe_{s1}(s0) (x) gglwe_{s2}(s1) = gglwe_{s2}(s0)
|
||||
auto_key.automorphism_inplace(&module, &auto_key_apply_exec, scratch.borrow());
|
||||
|
||||
let mut ct_glwe_dft: FourierGLWECiphertext<Vec<u8>, FFT64> = FourierGLWECiphertext::alloc(&module, basek, k_in, rank);
|
||||
let mut pt: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k_in);
|
||||
|
||||
let mut sk_auto: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank);
|
||||
@@ -234,13 +246,13 @@ fn test_automorphism_inplace(
|
||||
);
|
||||
});
|
||||
|
||||
let sk_auto_dft: FourierGLWESecret<Vec<u8>, FFT64> = FourierGLWESecret::from(&module, &sk_auto);
|
||||
let sk_auto_dft: GLWESecretExec<Vec<u8>, FFT64> = GLWESecretExec::from(&module, &sk_auto);
|
||||
|
||||
(0..auto_key.rank_in()).for_each(|col_i| {
|
||||
(0..auto_key.rows()).for_each(|row_i| {
|
||||
auto_key.get_row(&module, row_i, col_i, &mut ct_glwe_dft);
|
||||
|
||||
ct_glwe_dft.decrypt(&module, &mut pt, &sk_auto_dft, scratch.borrow());
|
||||
auto_key
|
||||
.at(row_i, col_i)
|
||||
.decrypt(&module, &mut pt, &sk_auto_dft, scratch.borrow());
|
||||
module.vec_znx_sub_scalar_inplace(
|
||||
&mut pt.data,
|
||||
0,
|
||||
@@ -249,7 +261,7 @@ fn test_automorphism_inplace(
|
||||
col_i,
|
||||
);
|
||||
|
||||
let noise_have: f64 = pt.data.std(0, basek).log2();
|
||||
let noise_have: f64 = module.vec_znx_std(basek, &pt.data, 0).log2();
|
||||
let noise_want: f64 = log2_std_noise_gglwe_product(
|
||||
module.n() as f64,
|
||||
basek * digits,
|
||||
138
core/src/gglwe/test/gglwe_fft64.rs
Normal file
138
core/src/gglwe/test/gglwe_fft64.rs
Normal file
@@ -0,0 +1,138 @@
|
||||
use backend::{
|
||||
hal::{api::ModuleNew, layouts::Module},
|
||||
implementation::cpu_spqlios::FFT64,
|
||||
};
|
||||
|
||||
use crate::gglwe::test::gglwe_generic::{
|
||||
test_encrypt_sk, test_external_product, test_external_product_inplace, test_keyswitch, test_keyswitch_inplace,
|
||||
};
|
||||
|
||||
#[test]
|
||||
fn encrypt_sk() {
|
||||
let log_n: usize = 8;
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
let basek: usize = 12;
|
||||
let k_ksk: usize = 54;
|
||||
let digits: usize = k_ksk / basek;
|
||||
(1..4).for_each(|rank_in| {
|
||||
(1..4).for_each(|rank_out| {
|
||||
(1..digits + 1).for_each(|di| {
|
||||
println!(
|
||||
"test encrypt_sk digits: {} ranks: ({} {})",
|
||||
di, rank_in, rank_out
|
||||
);
|
||||
test_encrypt_sk(&module, basek, k_ksk, di, rank_in, rank_out, 3.2);
|
||||
});
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn keyswitch() {
|
||||
let log_n: usize = 8;
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
let basek: usize = 12;
|
||||
let k_in: usize = 60;
|
||||
let digits: usize = k_in.div_ceil(basek);
|
||||
(1..4).for_each(|rank_in_s0s1| {
|
||||
(1..4).for_each(|rank_out_s0s1| {
|
||||
(1..4).for_each(|rank_out_s1s2| {
|
||||
(1..digits + 1).for_each(|di| {
|
||||
let k_ksk: usize = k_in + basek * di;
|
||||
println!(
|
||||
"test key_switch digits: {} ranks: ({},{},{})",
|
||||
di, rank_in_s0s1, rank_out_s0s1, rank_out_s1s2
|
||||
);
|
||||
let k_out: usize = k_ksk; // Better capture noise.
|
||||
test_keyswitch(
|
||||
&module,
|
||||
basek,
|
||||
k_out,
|
||||
k_in,
|
||||
k_ksk,
|
||||
di,
|
||||
rank_in_s0s1,
|
||||
rank_out_s0s1,
|
||||
rank_out_s1s2,
|
||||
3.2,
|
||||
);
|
||||
})
|
||||
})
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn keyswitch_inplace() {
|
||||
let log_n: usize = 8;
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
let basek: usize = 12;
|
||||
let k_ct: usize = 60;
|
||||
let digits: usize = k_ct.div_ceil(basek);
|
||||
(1..4).for_each(|rank_in_s0s1| {
|
||||
(1..4).for_each(|rank_out_s0s1| {
|
||||
(1..digits + 1).for_each(|di| {
|
||||
let k_ksk: usize = k_ct + basek * di;
|
||||
println!(
|
||||
"test key_switch_inplace digits: {} ranks: ({},{})",
|
||||
di, rank_in_s0s1, rank_out_s0s1
|
||||
);
|
||||
test_keyswitch_inplace(
|
||||
&module,
|
||||
basek,
|
||||
k_ct,
|
||||
k_ksk,
|
||||
di,
|
||||
rank_in_s0s1,
|
||||
rank_out_s0s1,
|
||||
3.2,
|
||||
);
|
||||
});
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn external_product() {
|
||||
let log_n: usize = 8;
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
let basek: usize = 12;
|
||||
let k_in: usize = 60;
|
||||
let digits: usize = k_in.div_ceil(basek);
|
||||
(1..4).for_each(|rank_in| {
|
||||
(1..4).for_each(|rank_out| {
|
||||
(1..digits + 1).for_each(|di| {
|
||||
let k_ggsw: usize = k_in + basek * di;
|
||||
println!(
|
||||
"test external_product digits: {} ranks: ({} {})",
|
||||
di, rank_in, rank_out
|
||||
);
|
||||
let k_out: usize = k_in; // Better capture noise.
|
||||
test_external_product(
|
||||
&module, basek, k_out, k_in, k_ggsw, di, rank_in, rank_out, 3.2,
|
||||
);
|
||||
});
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn external_product_inplace() {
|
||||
let log_n: usize = 5;
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
let basek: usize = 12;
|
||||
let k_ct: usize = 60;
|
||||
let digits: usize = k_ct.div_ceil(basek);
|
||||
(1..4).for_each(|rank_in| {
|
||||
(1..4).for_each(|rank_out| {
|
||||
(1..digits).for_each(|di| {
|
||||
let k_ggsw: usize = k_ct + basek * di;
|
||||
println!(
|
||||
"test external_product_inplace digits: {} ranks: ({} {})",
|
||||
di, rank_in, rank_out
|
||||
);
|
||||
test_external_product_inplace(&module, basek, k_ct, k_ggsw, di, rank_in, rank_out, 3.2);
|
||||
});
|
||||
});
|
||||
});
|
||||
}
|
||||
540
core/src/gglwe/test/gglwe_generic.rs
Normal file
540
core/src/gglwe/test/gglwe_generic.rs
Normal file
@@ -0,0 +1,540 @@
|
||||
use backend::hal::{
|
||||
api::{
|
||||
MatZnxAlloc, ScalarZnxAlloc, ScalarZnxAllocBytes, ScratchOwnedAlloc, ScratchOwnedBorrow, VecZnxAddScalarInplace,
|
||||
VecZnxAlloc, VecZnxAllocBytes, VecZnxRotateInplace, VecZnxStd, VecZnxSubScalarInplace, VecZnxSwithcDegree, ZnxViewMut,
|
||||
},
|
||||
layouts::{Backend, Module, ScalarZnx, ScalarZnxToMut, ScratchOwned},
|
||||
oep::{
|
||||
ScratchAvailableImpl, ScratchOwnedAllocImpl, ScratchOwnedBorrowImpl, TakeScalarZnxImpl, TakeSvpPPolImpl,
|
||||
TakeVecZnxBigImpl, TakeVecZnxDftImpl, TakeVecZnxImpl, VecZnxBigAllocBytesImpl, VecZnxDftAllocBytesImpl,
|
||||
},
|
||||
};
|
||||
use sampling::source::Source;
|
||||
|
||||
use crate::{
|
||||
GGLWEEncryptSkFamily, GGLWEExecLayoutFamily, GGSWCiphertext, GGSWCiphertextExec, GGSWLayoutFamily, GLWEDecryptFamily,
|
||||
GLWEExternalProductFamily, GLWEKeyswitchFamily, GLWESecret, GLWESecretExec, GLWESwitchingKey,
|
||||
GLWESwitchingKeyEncryptSkFamily, GLWESwitchingKeyExec,
|
||||
noise::{log2_std_noise_gglwe_product, noise_ggsw_product},
|
||||
};
|
||||
|
||||
pub(crate) trait TestModuleFamily<B: Backend> = GGLWEEncryptSkFamily<B>
|
||||
+ GLWEDecryptFamily<B>
|
||||
+ MatZnxAlloc
|
||||
+ ScalarZnxAlloc
|
||||
+ ScalarZnxAllocBytes
|
||||
+ VecZnxAllocBytes
|
||||
+ VecZnxSwithcDegree
|
||||
+ VecZnxAddScalarInplace
|
||||
+ VecZnxStd
|
||||
+ VecZnxAlloc
|
||||
+ VecZnxSubScalarInplace;
|
||||
|
||||
pub(crate) trait TestScratchFamily<B: Backend> = TakeVecZnxDftImpl<B>
|
||||
+ TakeVecZnxBigImpl<B>
|
||||
+ TakeSvpPPolImpl<B>
|
||||
+ ScratchOwnedAllocImpl<B>
|
||||
+ ScratchOwnedBorrowImpl<B>
|
||||
+ ScratchAvailableImpl<B>
|
||||
+ TakeScalarZnxImpl<B>
|
||||
+ TakeVecZnxImpl<B>
|
||||
+ VecZnxDftAllocBytesImpl<B>
|
||||
+ VecZnxBigAllocBytesImpl<B>
|
||||
+ TakeSvpPPolImpl<B>;
|
||||
|
||||
pub(crate) fn test_encrypt_sk<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k_ksk: usize,
|
||||
digits: usize,
|
||||
rank_in: usize,
|
||||
rank_out: usize,
|
||||
sigma: f64,
|
||||
) where
|
||||
Module<B>: TestModuleFamily<B>,
|
||||
B: TestScratchFamily<B>,
|
||||
{
|
||||
let rows: usize = (k_ksk - digits * basek) / (digits * basek);
|
||||
|
||||
let mut ksk: GLWESwitchingKey<Vec<u8>> = GLWESwitchingKey::alloc(module, basek, k_ksk, rows, digits, rank_in, rank_out);
|
||||
|
||||
let mut source_xs: Source = Source::new([0u8; 32]);
|
||||
let mut source_xe: Source = Source::new([0u8; 32]);
|
||||
let mut source_xa: Source = Source::new([0u8; 32]);
|
||||
|
||||
let mut scratch: ScratchOwned<B> = ScratchOwned::alloc(GLWESwitchingKey::encrypt_sk_scratch_space(
|
||||
module, basek, k_ksk, rank_in, rank_out,
|
||||
));
|
||||
|
||||
let mut sk_in: GLWESecret<Vec<u8>> = GLWESecret::alloc(module, rank_in);
|
||||
sk_in.fill_ternary_prob(0.5, &mut source_xs);
|
||||
|
||||
let mut sk_out: GLWESecret<Vec<u8>> = GLWESecret::alloc(module, rank_out);
|
||||
sk_out.fill_ternary_prob(0.5, &mut source_xs);
|
||||
let sk_out_exec: GLWESecretExec<Vec<u8>, B> = GLWESecretExec::from(module, &sk_out);
|
||||
|
||||
ksk.encrypt_sk(
|
||||
module,
|
||||
&sk_in,
|
||||
&sk_out,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
ksk.key
|
||||
.assert_noise(module, &sk_out_exec, &sk_in.data, sigma);
|
||||
}
|
||||
|
||||
pub(crate) fn test_keyswitch<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k_out: usize,
|
||||
k_in: usize,
|
||||
k_ksk: usize,
|
||||
digits: usize,
|
||||
rank_in_s0s1: usize,
|
||||
rank_out_s0s1: usize,
|
||||
rank_out_s1s2: usize,
|
||||
sigma: f64,
|
||||
) where
|
||||
Module<B>:
|
||||
TestModuleFamily<B> + GGLWEEncryptSkFamily<B> + GLWEDecryptFamily<B> + GLWEKeyswitchFamily<B> + GGLWEExecLayoutFamily<B>,
|
||||
B: TestScratchFamily<B>,
|
||||
{
|
||||
let rows: usize = k_in.div_ceil(basek * digits);
|
||||
let digits_in: usize = 1;
|
||||
|
||||
let mut ct_gglwe_s0s1: GLWESwitchingKey<Vec<u8>> = GLWESwitchingKey::alloc(
|
||||
module,
|
||||
basek,
|
||||
k_in,
|
||||
rows,
|
||||
digits_in,
|
||||
rank_in_s0s1,
|
||||
rank_out_s0s1,
|
||||
);
|
||||
let mut ct_gglwe_s1s2: GLWESwitchingKey<Vec<u8>> = GLWESwitchingKey::alloc(
|
||||
module,
|
||||
basek,
|
||||
k_ksk,
|
||||
rows,
|
||||
digits,
|
||||
rank_out_s0s1,
|
||||
rank_out_s1s2,
|
||||
);
|
||||
let mut ct_gglwe_s0s2: GLWESwitchingKey<Vec<u8>> = GLWESwitchingKey::alloc(
|
||||
module,
|
||||
basek,
|
||||
k_out,
|
||||
rows,
|
||||
digits_in,
|
||||
rank_in_s0s1,
|
||||
rank_out_s1s2,
|
||||
);
|
||||
|
||||
let mut source_xs: Source = Source::new([0u8; 32]);
|
||||
let mut source_xe: Source = Source::new([0u8; 32]);
|
||||
let mut source_xa: Source = Source::new([0u8; 32]);
|
||||
|
||||
let mut scratch_enc: ScratchOwned<B> = ScratchOwned::alloc(GLWESwitchingKey::encrypt_sk_scratch_space(
|
||||
module,
|
||||
basek,
|
||||
k_ksk,
|
||||
rank_in_s0s1 | rank_out_s0s1,
|
||||
rank_out_s0s1 | rank_out_s1s2,
|
||||
));
|
||||
let mut scratch_apply: ScratchOwned<B> = ScratchOwned::alloc(GLWESwitchingKey::keyswitch_scratch_space(
|
||||
module,
|
||||
basek,
|
||||
k_out,
|
||||
k_in,
|
||||
k_ksk,
|
||||
digits,
|
||||
ct_gglwe_s1s2.rank_in(),
|
||||
ct_gglwe_s1s2.rank_out(),
|
||||
));
|
||||
|
||||
let mut sk0: GLWESecret<Vec<u8>> = GLWESecret::alloc(module, rank_in_s0s1);
|
||||
sk0.fill_ternary_prob(0.5, &mut source_xs);
|
||||
|
||||
let mut sk1: GLWESecret<Vec<u8>> = GLWESecret::alloc(module, rank_out_s0s1);
|
||||
sk1.fill_ternary_prob(0.5, &mut source_xs);
|
||||
|
||||
let mut sk2: GLWESecret<Vec<u8>> = GLWESecret::alloc(module, rank_out_s1s2);
|
||||
sk2.fill_ternary_prob(0.5, &mut source_xs);
|
||||
let sk2_exec: GLWESecretExec<Vec<u8>, B> = GLWESecretExec::from(module, &sk2);
|
||||
|
||||
// gglwe_{s1}(s0) = s0 -> s1
|
||||
ct_gglwe_s0s1.encrypt_sk(
|
||||
module,
|
||||
&sk0,
|
||||
&sk1,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch_enc.borrow(),
|
||||
);
|
||||
|
||||
// gglwe_{s2}(s1) -> s1 -> s2
|
||||
ct_gglwe_s1s2.encrypt_sk(
|
||||
module,
|
||||
&sk1,
|
||||
&sk2,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch_enc.borrow(),
|
||||
);
|
||||
|
||||
let ct_gglwe_s1s2_exec: GLWESwitchingKeyExec<Vec<u8>, B> =
|
||||
GLWESwitchingKeyExec::from(module, &ct_gglwe_s1s2, scratch_apply.borrow());
|
||||
|
||||
// gglwe_{s1}(s0) (x) gglwe_{s2}(s1) = gglwe_{s2}(s0)
|
||||
ct_gglwe_s0s2.keyswitch(
|
||||
module,
|
||||
&ct_gglwe_s0s1,
|
||||
&ct_gglwe_s1s2_exec,
|
||||
scratch_apply.borrow(),
|
||||
);
|
||||
|
||||
let max_noise: f64 = log2_std_noise_gglwe_product(
|
||||
module.n() as f64,
|
||||
basek * digits,
|
||||
0.5,
|
||||
0.5,
|
||||
0f64,
|
||||
sigma * sigma,
|
||||
0f64,
|
||||
rank_out_s0s1 as f64,
|
||||
k_in,
|
||||
k_ksk,
|
||||
);
|
||||
|
||||
ct_gglwe_s0s2
|
||||
.key
|
||||
.assert_noise(module, &sk2_exec, &sk0.data, max_noise + 0.5);
|
||||
}
|
||||
|
||||
pub(crate) fn test_keyswitch_inplace<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k_ct: usize,
|
||||
k_ksk: usize,
|
||||
digits: usize,
|
||||
rank_in: usize,
|
||||
rank_out: usize,
|
||||
sigma: f64,
|
||||
) where
|
||||
Module<B>: TestModuleFamily<B>
|
||||
+ GLWESwitchingKeyEncryptSkFamily<B>
|
||||
+ GLWEKeyswitchFamily<B>
|
||||
+ GGLWEExecLayoutFamily<B>
|
||||
+ GLWEDecryptFamily<B>,
|
||||
B: TestScratchFamily<B>,
|
||||
{
|
||||
let rows: usize = k_ct.div_ceil(basek * digits);
|
||||
let digits_in: usize = 1;
|
||||
|
||||
let mut ct_gglwe_s0s1: GLWESwitchingKey<Vec<u8>> =
|
||||
GLWESwitchingKey::alloc(module, basek, k_ct, rows, digits_in, rank_in, rank_out);
|
||||
let mut ct_gglwe_s1s2: GLWESwitchingKey<Vec<u8>> =
|
||||
GLWESwitchingKey::alloc(module, basek, k_ksk, rows, digits, rank_out, rank_out);
|
||||
|
||||
let mut source_xs: Source = Source::new([0u8; 32]);
|
||||
let mut source_xe: Source = Source::new([0u8; 32]);
|
||||
let mut source_xa: Source = Source::new([0u8; 32]);
|
||||
|
||||
let mut scratch_enc: ScratchOwned<B> = ScratchOwned::alloc(GLWESwitchingKey::encrypt_sk_scratch_space(
|
||||
module,
|
||||
basek,
|
||||
k_ksk,
|
||||
rank_in | rank_out,
|
||||
rank_out,
|
||||
));
|
||||
let mut scratch_apply: ScratchOwned<B> = ScratchOwned::alloc(GLWESwitchingKey::keyswitch_inplace_scratch_space(
|
||||
module, basek, k_ct, k_ksk, digits, rank_out,
|
||||
));
|
||||
|
||||
let var_xs: f64 = 0.5;
|
||||
|
||||
let mut sk0: GLWESecret<Vec<u8>> = GLWESecret::alloc(module, rank_in);
|
||||
sk0.fill_ternary_prob(var_xs, &mut source_xs);
|
||||
|
||||
let mut sk1: GLWESecret<Vec<u8>> = GLWESecret::alloc(module, rank_out);
|
||||
sk1.fill_ternary_prob(var_xs, &mut source_xs);
|
||||
|
||||
let mut sk2: GLWESecret<Vec<u8>> = GLWESecret::alloc(module, rank_out);
|
||||
sk2.fill_ternary_prob(var_xs, &mut source_xs);
|
||||
let sk2_exec: GLWESecretExec<Vec<u8>, B> = GLWESecretExec::from(module, &sk2);
|
||||
|
||||
// gglwe_{s1}(s0) = s0 -> s1
|
||||
ct_gglwe_s0s1.encrypt_sk(
|
||||
module,
|
||||
&sk0,
|
||||
&sk1,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch_enc.borrow(),
|
||||
);
|
||||
|
||||
// gglwe_{s2}(s1) -> s1 -> s2
|
||||
ct_gglwe_s1s2.encrypt_sk(
|
||||
module,
|
||||
&sk1,
|
||||
&sk2,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch_enc.borrow(),
|
||||
);
|
||||
|
||||
let ct_gglwe_s1s2_exec: GLWESwitchingKeyExec<Vec<u8>, B> =
|
||||
GLWESwitchingKeyExec::from(module, &ct_gglwe_s1s2, scratch_apply.borrow());
|
||||
|
||||
// gglwe_{s1}(s0) (x) gglwe_{s2}(s1) = gglwe_{s2}(s0)
|
||||
ct_gglwe_s0s1.keyswitch_inplace(module, &ct_gglwe_s1s2_exec, scratch_apply.borrow());
|
||||
|
||||
let ct_gglwe_s0s2: GLWESwitchingKey<Vec<u8>> = ct_gglwe_s0s1;
|
||||
|
||||
let max_noise: f64 = log2_std_noise_gglwe_product(
|
||||
module.n() as f64,
|
||||
basek * digits,
|
||||
var_xs,
|
||||
var_xs,
|
||||
0f64,
|
||||
sigma * sigma,
|
||||
0f64,
|
||||
rank_out as f64,
|
||||
k_ct,
|
||||
k_ksk,
|
||||
);
|
||||
|
||||
ct_gglwe_s0s2
|
||||
.key
|
||||
.assert_noise(module, &sk2_exec, &sk0.data, max_noise + 0.5);
|
||||
}
|
||||
|
||||
pub(crate) fn test_external_product<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k_out: usize,
|
||||
k_in: usize,
|
||||
k_ggsw: usize,
|
||||
digits: usize,
|
||||
rank_in: usize,
|
||||
rank_out: usize,
|
||||
sigma: f64,
|
||||
) where
|
||||
Module<B>: TestModuleFamily<B>
|
||||
+ GLWESwitchingKeyEncryptSkFamily<B>
|
||||
+ GLWEExternalProductFamily<B>
|
||||
+ GGSWLayoutFamily<B>
|
||||
+ GLWEDecryptFamily<B>
|
||||
+ VecZnxRotateInplace,
|
||||
B: TestScratchFamily<B>,
|
||||
{
|
||||
let rows: usize = k_in.div_ceil(basek * digits);
|
||||
let digits_in: usize = 1;
|
||||
|
||||
let mut ct_gglwe_in: GLWESwitchingKey<Vec<u8>> =
|
||||
GLWESwitchingKey::alloc(module, basek, k_in, rows, digits_in, rank_in, rank_out);
|
||||
let mut ct_gglwe_out: GLWESwitchingKey<Vec<u8>> =
|
||||
GLWESwitchingKey::alloc(module, basek, k_out, rows, digits_in, rank_in, rank_out);
|
||||
let mut ct_rgsw: GGSWCiphertext<Vec<u8>> = GGSWCiphertext::alloc(module, basek, k_ggsw, rows, digits, rank_out);
|
||||
|
||||
let mut pt_rgsw: ScalarZnx<Vec<u8>> = module.scalar_znx_alloc(1);
|
||||
|
||||
let mut source_xs: Source = Source::new([0u8; 32]);
|
||||
let mut source_xe: Source = Source::new([0u8; 32]);
|
||||
let mut source_xa: Source = Source::new([0u8; 32]);
|
||||
|
||||
let mut scratch: ScratchOwned<B> = ScratchOwned::alloc(
|
||||
GLWESwitchingKey::encrypt_sk_scratch_space(module, basek, k_in, rank_in, rank_out)
|
||||
| GLWESwitchingKey::external_product_scratch_space(module, basek, k_out, k_in, k_ggsw, digits, rank_out)
|
||||
| GGSWCiphertext::encrypt_sk_scratch_space(module, basek, k_ggsw, rank_out),
|
||||
);
|
||||
|
||||
let r: usize = 1;
|
||||
|
||||
pt_rgsw.to_mut().raw_mut()[r] = 1; // X^{r}
|
||||
|
||||
let var_xs: f64 = 0.5;
|
||||
|
||||
let mut sk_in: GLWESecret<Vec<u8>> = GLWESecret::alloc(module, rank_in);
|
||||
sk_in.fill_ternary_prob(var_xs, &mut source_xs);
|
||||
|
||||
let mut sk_out: GLWESecret<Vec<u8>> = GLWESecret::alloc(module, rank_out);
|
||||
sk_out.fill_ternary_prob(var_xs, &mut source_xs);
|
||||
let sk_out_exec: GLWESecretExec<Vec<u8>, B> = GLWESecretExec::from(module, &sk_out);
|
||||
|
||||
// gglwe_{s1}(s0) = s0 -> s1
|
||||
ct_gglwe_in.encrypt_sk(
|
||||
module,
|
||||
&sk_in,
|
||||
&sk_out,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
ct_rgsw.encrypt_sk(
|
||||
module,
|
||||
&pt_rgsw,
|
||||
&sk_out_exec,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
let mut ct_rgsw_exec: GGSWCiphertextExec<Vec<u8>, B> =
|
||||
GGSWCiphertextExec::alloc(module, basek, k_ggsw, rows, digits, rank_out);
|
||||
|
||||
ct_rgsw_exec.prepare(module, &ct_rgsw, scratch.borrow());
|
||||
|
||||
// gglwe_(m) (x) RGSW_(X^k) = gglwe_(m * X^k)
|
||||
ct_gglwe_out.external_product(module, &ct_gglwe_in, &ct_rgsw_exec, scratch.borrow());
|
||||
|
||||
(0..rank_in).for_each(|i| {
|
||||
module.vec_znx_rotate_inplace(r as i64, &mut sk_in.data, i); // * X^{r}
|
||||
});
|
||||
|
||||
let var_gct_err_lhs: f64 = sigma * sigma;
|
||||
let var_gct_err_rhs: f64 = 0f64;
|
||||
|
||||
let var_msg: f64 = 1f64 / module.n() as f64; // X^{k}
|
||||
let var_a0_err: f64 = sigma * sigma;
|
||||
let var_a1_err: f64 = 1f64 / 12f64;
|
||||
|
||||
let max_noise: f64 = noise_ggsw_product(
|
||||
module.n() as f64,
|
||||
basek * digits,
|
||||
var_xs,
|
||||
var_msg,
|
||||
var_a0_err,
|
||||
var_a1_err,
|
||||
var_gct_err_lhs,
|
||||
var_gct_err_rhs,
|
||||
rank_out as f64,
|
||||
k_in,
|
||||
k_ggsw,
|
||||
);
|
||||
|
||||
ct_gglwe_out
|
||||
.key
|
||||
.assert_noise(module, &sk_out_exec, &sk_in.data, max_noise + 0.5);
|
||||
}
|
||||
|
||||
pub(crate) fn test_external_product_inplace<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k_ct: usize,
|
||||
k_ggsw: usize,
|
||||
digits: usize,
|
||||
rank_in: usize,
|
||||
rank_out: usize,
|
||||
sigma: f64,
|
||||
) where
|
||||
Module<B>: TestModuleFamily<B>
|
||||
+ GLWESwitchingKeyEncryptSkFamily<B>
|
||||
+ GLWEExternalProductFamily<B>
|
||||
+ GGSWLayoutFamily<B>
|
||||
+ GLWEDecryptFamily<B>
|
||||
+ VecZnxRotateInplace,
|
||||
B: TestScratchFamily<B>,
|
||||
{
|
||||
let rows: usize = k_ct.div_ceil(basek * digits);
|
||||
|
||||
let digits_in: usize = 1;
|
||||
|
||||
let mut ct_gglwe: GLWESwitchingKey<Vec<u8>> =
|
||||
GLWESwitchingKey::alloc(module, basek, k_ct, rows, digits_in, rank_in, rank_out);
|
||||
let mut ct_rgsw: GGSWCiphertext<Vec<u8>> = GGSWCiphertext::alloc(module, basek, k_ggsw, rows, digits, rank_out);
|
||||
|
||||
let mut pt_rgsw: ScalarZnx<Vec<u8>> = module.scalar_znx_alloc(1);
|
||||
|
||||
let mut source_xs: Source = Source::new([0u8; 32]);
|
||||
let mut source_xe: Source = Source::new([0u8; 32]);
|
||||
let mut source_xa: Source = Source::new([0u8; 32]);
|
||||
|
||||
let mut scratch: ScratchOwned<B> = ScratchOwned::alloc(
|
||||
GLWESwitchingKey::encrypt_sk_scratch_space(module, basek, k_ct, rank_in, rank_out)
|
||||
| GLWESwitchingKey::external_product_inplace_scratch_space(module, basek, k_ct, k_ggsw, digits, rank_out)
|
||||
| GGSWCiphertext::encrypt_sk_scratch_space(module, basek, k_ggsw, rank_out),
|
||||
);
|
||||
|
||||
let r: usize = 1;
|
||||
|
||||
pt_rgsw.to_mut().raw_mut()[r] = 1; // X^{r}
|
||||
|
||||
let var_xs: f64 = 0.5;
|
||||
|
||||
let mut sk_in: GLWESecret<Vec<u8>> = GLWESecret::alloc(module, rank_in);
|
||||
sk_in.fill_ternary_prob(var_xs, &mut source_xs);
|
||||
|
||||
let mut sk_out: GLWESecret<Vec<u8>> = GLWESecret::alloc(module, rank_out);
|
||||
sk_out.fill_ternary_prob(var_xs, &mut source_xs);
|
||||
let sk_out_exec: GLWESecretExec<Vec<u8>, B> = GLWESecretExec::from(module, &sk_out);
|
||||
|
||||
// gglwe_{s1}(s0) = s0 -> s1
|
||||
ct_gglwe.encrypt_sk(
|
||||
module,
|
||||
&sk_in,
|
||||
&sk_out,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
ct_rgsw.encrypt_sk(
|
||||
module,
|
||||
&pt_rgsw,
|
||||
&sk_out_exec,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
let mut ct_rgsw_exec: GGSWCiphertextExec<Vec<u8>, B> =
|
||||
GGSWCiphertextExec::alloc(module, basek, k_ggsw, rows, digits, rank_out);
|
||||
|
||||
ct_rgsw_exec.prepare(module, &ct_rgsw, scratch.borrow());
|
||||
|
||||
// gglwe_(m) (x) RGSW_(X^k) = gglwe_(m * X^k)
|
||||
ct_gglwe.external_product_inplace(module, &ct_rgsw_exec, scratch.borrow());
|
||||
|
||||
(0..rank_in).for_each(|i| {
|
||||
module.vec_znx_rotate_inplace(r as i64, &mut sk_in.data, i); // * X^{r}
|
||||
});
|
||||
|
||||
let var_gct_err_lhs: f64 = sigma * sigma;
|
||||
let var_gct_err_rhs: f64 = 0f64;
|
||||
|
||||
let var_msg: f64 = 1f64 / module.n() as f64; // X^{k}
|
||||
let var_a0_err: f64 = sigma * sigma;
|
||||
let var_a1_err: f64 = 1f64 / 12f64;
|
||||
|
||||
let max_noise: f64 = noise_ggsw_product(
|
||||
module.n() as f64,
|
||||
basek * digits,
|
||||
var_xs,
|
||||
var_msg,
|
||||
var_a0_err,
|
||||
var_a1_err,
|
||||
var_gct_err_lhs,
|
||||
var_gct_err_rhs,
|
||||
rank_out as f64,
|
||||
k_ct,
|
||||
k_ggsw,
|
||||
);
|
||||
|
||||
ct_gglwe
|
||||
.key
|
||||
.assert_noise(module, &sk_out_exec, &sk_in.data, max_noise + 0.5);
|
||||
}
|
||||
5
core/src/gglwe/test/mod.rs
Normal file
5
core/src/gglwe/test/mod.rs
Normal file
@@ -0,0 +1,5 @@
|
||||
mod automorphism_key;
|
||||
mod gglwe_fft64;
|
||||
mod gglwe_generic;
|
||||
mod tensor_key_fft64;
|
||||
mod tensor_key_generic;
|
||||
16
core/src/gglwe/test/tensor_key_fft64.rs
Normal file
16
core/src/gglwe/test/tensor_key_fft64.rs
Normal file
@@ -0,0 +1,16 @@
|
||||
use backend::{
|
||||
hal::{api::ModuleNew, layouts::Module},
|
||||
implementation::cpu_spqlios::FFT64,
|
||||
};
|
||||
|
||||
use crate::gglwe::test::tensor_key_generic::test_encrypt_sk;
|
||||
|
||||
#[test]
|
||||
fn encrypt_sk() {
|
||||
let log_n: usize = 8;
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
(1..4).for_each(|rank| {
|
||||
println!("test encrypt_sk rank: {}", rank);
|
||||
test_encrypt_sk(&module, 16, 54, 3.2, rank);
|
||||
});
|
||||
}
|
||||
113
core/src/gglwe/test/tensor_key_generic.rs
Normal file
113
core/src/gglwe/test/tensor_key_generic.rs
Normal file
@@ -0,0 +1,113 @@
|
||||
use backend::hal::{
|
||||
api::{
|
||||
MatZnxAlloc, ScalarZnxAlloc, ScalarZnxAllocBytes, ScratchOwnedAlloc, ScratchOwnedBorrow, VecZnxAddScalarInplace,
|
||||
VecZnxAlloc, VecZnxAllocBytes, VecZnxBigAlloc, VecZnxDftAlloc, VecZnxStd, VecZnxSubScalarInplace, VecZnxSwithcDegree,
|
||||
},
|
||||
layouts::{Backend, Module, ScratchOwned, VecZnxDft},
|
||||
oep::{
|
||||
ScratchAvailableImpl, ScratchOwnedAllocImpl, ScratchOwnedBorrowImpl, TakeScalarZnxImpl, TakeSvpPPolImpl,
|
||||
TakeVecZnxBigImpl, TakeVecZnxDftImpl, TakeVecZnxImpl, VecZnxBigAllocBytesImpl, VecZnxDftAllocBytesImpl,
|
||||
},
|
||||
};
|
||||
use sampling::source::Source;
|
||||
|
||||
use crate::{
|
||||
GGLWEEncryptSkFamily, GGLWEExecLayoutFamily, GLWEDecryptFamily, GLWEPlaintext, GLWESecret, GLWESecretExec, GLWETensorKey,
|
||||
GLWETensorKeyEncryptSkFamily, Infos,
|
||||
};
|
||||
|
||||
pub(crate) trait TestModuleFamily<B: Backend> = GGLWEEncryptSkFamily<B>
|
||||
+ GLWEDecryptFamily<B>
|
||||
+ MatZnxAlloc
|
||||
+ ScalarZnxAlloc
|
||||
+ ScalarZnxAllocBytes
|
||||
+ VecZnxAllocBytes
|
||||
+ VecZnxSwithcDegree
|
||||
+ VecZnxAddScalarInplace
|
||||
+ VecZnxStd
|
||||
+ VecZnxAlloc
|
||||
+ VecZnxSubScalarInplace;
|
||||
|
||||
pub(crate) trait TestScratchFamily<B: Backend> = TakeVecZnxDftImpl<B>
|
||||
+ TakeVecZnxBigImpl<B>
|
||||
+ TakeSvpPPolImpl<B>
|
||||
+ ScratchOwnedAllocImpl<B>
|
||||
+ ScratchOwnedBorrowImpl<B>
|
||||
+ ScratchAvailableImpl<B>
|
||||
+ TakeScalarZnxImpl<B>
|
||||
+ TakeVecZnxImpl<B>
|
||||
+ VecZnxDftAllocBytesImpl<B>
|
||||
+ VecZnxBigAllocBytesImpl<B>
|
||||
+ TakeSvpPPolImpl<B>;
|
||||
|
||||
pub(crate) fn test_encrypt_sk<B: Backend>(module: &Module<B>, basek: usize, k: usize, sigma: f64, rank: usize)
|
||||
where
|
||||
Module<B>: TestModuleFamily<B>
|
||||
+ GGLWEExecLayoutFamily<B>
|
||||
+ GLWETensorKeyEncryptSkFamily<B>
|
||||
+ GLWEDecryptFamily<B>
|
||||
+ VecZnxDftAlloc<B>
|
||||
+ VecZnxBigAlloc<B>,
|
||||
B: TestScratchFamily<B>,
|
||||
{
|
||||
let rows: usize = k / basek;
|
||||
|
||||
let mut tensor_key: GLWETensorKey<Vec<u8>> = GLWETensorKey::alloc(&module, basek, k, rows, 1, rank);
|
||||
|
||||
let mut source_xs: Source = Source::new([0u8; 32]);
|
||||
let mut source_xe: Source = Source::new([0u8; 32]);
|
||||
let mut source_xa: Source = Source::new([0u8; 32]);
|
||||
|
||||
let mut scratch: ScratchOwned<B> = ScratchOwned::alloc(GLWETensorKey::encrypt_sk_scratch_space(
|
||||
module,
|
||||
basek,
|
||||
tensor_key.k(),
|
||||
rank,
|
||||
));
|
||||
|
||||
let mut sk: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank);
|
||||
sk.fill_ternary_prob(0.5, &mut source_xs);
|
||||
let mut sk_exec: GLWESecretExec<Vec<u8>, B> = GLWESecretExec::from(&module, &sk);
|
||||
sk_exec.prepare(module, &sk);
|
||||
|
||||
tensor_key.encrypt_sk(
|
||||
module,
|
||||
&sk,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
let mut pt: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k);
|
||||
|
||||
let mut sk_ij_dft = module.vec_znx_dft_alloc(1, 1);
|
||||
let mut sk_ij_big = module.vec_znx_big_alloc(1, 1);
|
||||
let mut sk_ij: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, 1);
|
||||
let mut sk_dft: VecZnxDft<Vec<u8>, B> = module.vec_znx_dft_alloc(rank, 1);
|
||||
|
||||
(0..rank).for_each(|i| {
|
||||
module.vec_znx_dft_from_vec_znx(1, 0, &mut sk_dft, i, &sk.data, i);
|
||||
});
|
||||
|
||||
(0..rank).for_each(|i| {
|
||||
(0..rank).for_each(|j| {
|
||||
module.svp_apply(&mut sk_ij_dft, 0, &sk_exec.data, j, &sk_dft, i);
|
||||
module.vec_znx_dft_to_vec_znx_big_tmp_a(&mut sk_ij_big, 0, &mut sk_ij_dft, 0);
|
||||
module.vec_znx_big_normalize(basek, &mut sk_ij.data, 0, &sk_ij_big, 0, scratch.borrow());
|
||||
(0..tensor_key.rank_in()).for_each(|col_i| {
|
||||
(0..tensor_key.rows()).for_each(|row_i| {
|
||||
tensor_key
|
||||
.at(i, j)
|
||||
.at(row_i, col_i)
|
||||
.decrypt(&module, &mut pt, &sk_exec, scratch.borrow());
|
||||
|
||||
module.vec_znx_sub_scalar_inplace(&mut pt.data, 0, row_i, &sk_ij.data, col_i);
|
||||
|
||||
let std_pt: f64 = module.vec_znx_std(basek, &pt.data, 0) * (k as f64).exp2();
|
||||
assert!((sigma - std_pt).abs() <= 0.5, "{} {}", sigma, std_pt);
|
||||
});
|
||||
});
|
||||
})
|
||||
})
|
||||
}
|
||||
@@ -1,680 +0,0 @@
|
||||
use backend::{FFT64, Module, ScalarZnx, ScalarZnxAlloc, ScalarZnxToMut, ScratchOwned, Stats, VecZnxOps, ZnxViewMut};
|
||||
use sampling::source::Source;
|
||||
|
||||
use crate::{
|
||||
FourierGLWECiphertext, FourierGLWESecret, GGSWCiphertext, GLWEPlaintext, GLWESecret, GLWESwitchingKey, GetRow, Infos,
|
||||
noise::{log2_std_noise_gglwe_product, noise_ggsw_product},
|
||||
};
|
||||
|
||||
#[test]
|
||||
fn encrypt_sk() {
|
||||
let log_n: usize = 8;
|
||||
let basek: usize = 12;
|
||||
let k_ksk: usize = 54;
|
||||
let digits: usize = k_ksk / basek;
|
||||
(1..4).for_each(|rank_in| {
|
||||
(1..4).for_each(|rank_out| {
|
||||
(1..digits + 1).for_each(|di| {
|
||||
println!(
|
||||
"test encrypt_sk digits: {} ranks: ({} {})",
|
||||
di, rank_in, rank_out
|
||||
);
|
||||
test_encrypt_sk(log_n, basek, k_ksk, di, rank_in, rank_out, 3.2);
|
||||
});
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn key_switch() {
|
||||
let log_n: usize = 8;
|
||||
let basek: usize = 12;
|
||||
let k_in: usize = 60;
|
||||
let digits: usize = k_in.div_ceil(basek);
|
||||
(1..4).for_each(|rank_in_s0s1| {
|
||||
(1..4).for_each(|rank_out_s0s1| {
|
||||
(1..4).for_each(|rank_out_s1s2| {
|
||||
(1..digits + 1).for_each(|di| {
|
||||
let k_ksk: usize = k_in + basek * di;
|
||||
println!(
|
||||
"test key_switch digits: {} ranks: ({},{},{})",
|
||||
di, rank_in_s0s1, rank_out_s0s1, rank_out_s1s2
|
||||
);
|
||||
let k_out: usize = k_ksk; // Better capture noise.
|
||||
test_key_switch(
|
||||
log_n,
|
||||
basek,
|
||||
k_out,
|
||||
k_in,
|
||||
k_ksk,
|
||||
di,
|
||||
rank_in_s0s1,
|
||||
rank_out_s0s1,
|
||||
rank_out_s1s2,
|
||||
3.2,
|
||||
);
|
||||
})
|
||||
})
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn key_switch_inplace() {
|
||||
let log_n: usize = 8;
|
||||
let basek: usize = 12;
|
||||
let k_ct: usize = 60;
|
||||
let digits: usize = k_ct.div_ceil(basek);
|
||||
(1..4).for_each(|rank_in_s0s1| {
|
||||
(1..4).for_each(|rank_out_s0s1| {
|
||||
(1..digits + 1).for_each(|di| {
|
||||
let k_ksk: usize = k_ct + basek * di;
|
||||
println!(
|
||||
"test key_switch_inplace digits: {} ranks: ({},{})",
|
||||
di, rank_in_s0s1, rank_out_s0s1
|
||||
);
|
||||
test_key_switch_inplace(
|
||||
log_n,
|
||||
basek,
|
||||
k_ct,
|
||||
k_ksk,
|
||||
di,
|
||||
rank_in_s0s1,
|
||||
rank_out_s0s1,
|
||||
3.2,
|
||||
);
|
||||
});
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn external_product() {
|
||||
let log_n: usize = 8;
|
||||
let basek: usize = 12;
|
||||
let k_in: usize = 60;
|
||||
let digits: usize = k_in.div_ceil(basek);
|
||||
(1..4).for_each(|rank_in| {
|
||||
(1..4).for_each(|rank_out| {
|
||||
(1..digits + 1).for_each(|di| {
|
||||
let k_ggsw: usize = k_in + basek * di;
|
||||
println!(
|
||||
"test external_product digits: {} ranks: ({} {})",
|
||||
di, rank_in, rank_out
|
||||
);
|
||||
let k_out: usize = k_in; // Better capture noise.
|
||||
test_external_product(
|
||||
log_n, basek, k_out, k_in, k_ggsw, di, rank_in, rank_out, 3.2,
|
||||
);
|
||||
});
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn external_product_inplace() {
|
||||
let log_n: usize = 5;
|
||||
let basek: usize = 12;
|
||||
let k_ct: usize = 60;
|
||||
let digits: usize = k_ct.div_ceil(basek);
|
||||
(1..4).for_each(|rank_in| {
|
||||
(1..4).for_each(|rank_out| {
|
||||
(1..digits).for_each(|di| {
|
||||
let k_ggsw: usize = k_ct + basek * di;
|
||||
println!(
|
||||
"test external_product_inplace digits: {} ranks: ({} {})",
|
||||
di, rank_in, rank_out
|
||||
);
|
||||
test_external_product_inplace(log_n, basek, k_ct, k_ggsw, di, rank_in, rank_out, 3.2);
|
||||
});
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
fn test_encrypt_sk(log_n: usize, basek: usize, k_ksk: usize, digits: usize, rank_in: usize, rank_out: usize, sigma: f64) {
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
let rows: usize = (k_ksk - digits * basek) / (digits * basek);
|
||||
|
||||
let mut ksk: GLWESwitchingKey<Vec<u8>, FFT64> =
|
||||
GLWESwitchingKey::alloc(&module, basek, k_ksk, rows, digits, rank_in, rank_out);
|
||||
let mut pt: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k_ksk);
|
||||
|
||||
let mut source_xs: Source = Source::new([0u8; 32]);
|
||||
let mut source_xe: Source = Source::new([0u8; 32]);
|
||||
let mut source_xa: Source = Source::new([0u8; 32]);
|
||||
|
||||
let mut scratch: ScratchOwned = ScratchOwned::new(
|
||||
GLWESwitchingKey::encrypt_sk_scratch_space(&module, basek, k_ksk, rank_in, rank_out)
|
||||
| FourierGLWECiphertext::decrypt_scratch_space(&module, basek, k_ksk),
|
||||
);
|
||||
|
||||
let mut sk_in: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank_in);
|
||||
sk_in.fill_ternary_prob(0.5, &mut source_xs);
|
||||
|
||||
let mut sk_out: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank_out);
|
||||
sk_out.fill_ternary_prob(0.5, &mut source_xs);
|
||||
let sk_out_dft: FourierGLWESecret<Vec<u8>, FFT64> = FourierGLWESecret::from(&module, &sk_out);
|
||||
|
||||
ksk.encrypt_sk(
|
||||
&module,
|
||||
&sk_in,
|
||||
&sk_out_dft,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
let mut ct_glwe_fourier: FourierGLWECiphertext<Vec<u8>, FFT64> =
|
||||
FourierGLWECiphertext::alloc(&module, basek, k_ksk, rank_out);
|
||||
|
||||
(0..ksk.rank_in()).for_each(|col_i| {
|
||||
(0..ksk.rows()).for_each(|row_i| {
|
||||
ksk.get_row(&module, row_i, col_i, &mut ct_glwe_fourier);
|
||||
ct_glwe_fourier.decrypt(&module, &mut pt, &sk_out_dft, scratch.borrow());
|
||||
module.vec_znx_sub_scalar_inplace(
|
||||
&mut pt.data,
|
||||
0,
|
||||
(digits - 1) + row_i * digits,
|
||||
&sk_in.data,
|
||||
col_i,
|
||||
);
|
||||
let std_pt: f64 = pt.data.std(0, basek) * (k_ksk as f64).exp2();
|
||||
assert!((sigma - std_pt).abs() <= 0.5, "{} {}", sigma, std_pt);
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
fn test_key_switch(
|
||||
log_n: usize,
|
||||
basek: usize,
|
||||
k_out: usize,
|
||||
k_in: usize,
|
||||
k_ksk: usize,
|
||||
digits: usize,
|
||||
rank_in_s0s1: usize,
|
||||
rank_out_s0s1: usize,
|
||||
rank_out_s1s2: usize,
|
||||
sigma: f64,
|
||||
) {
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
let rows: usize = k_in.div_ceil(basek * digits);
|
||||
let digits_in: usize = 1;
|
||||
|
||||
let mut ct_gglwe_s0s1: GLWESwitchingKey<Vec<u8>, FFT64> = GLWESwitchingKey::alloc(
|
||||
&module,
|
||||
basek,
|
||||
k_in,
|
||||
rows,
|
||||
digits_in,
|
||||
rank_in_s0s1,
|
||||
rank_out_s0s1,
|
||||
);
|
||||
let mut ct_gglwe_s1s2: GLWESwitchingKey<Vec<u8>, FFT64> = GLWESwitchingKey::alloc(
|
||||
&module,
|
||||
basek,
|
||||
k_ksk,
|
||||
rows,
|
||||
digits,
|
||||
rank_out_s0s1,
|
||||
rank_out_s1s2,
|
||||
);
|
||||
let mut ct_gglwe_s0s2: GLWESwitchingKey<Vec<u8>, FFT64> = GLWESwitchingKey::alloc(
|
||||
&module,
|
||||
basek,
|
||||
k_out,
|
||||
rows,
|
||||
digits_in,
|
||||
rank_in_s0s1,
|
||||
rank_out_s1s2,
|
||||
);
|
||||
|
||||
let mut source_xs: Source = Source::new([0u8; 32]);
|
||||
let mut source_xe: Source = Source::new([0u8; 32]);
|
||||
let mut source_xa: Source = Source::new([0u8; 32]);
|
||||
|
||||
let mut scratch: ScratchOwned = ScratchOwned::new(
|
||||
GLWESwitchingKey::encrypt_sk_scratch_space(
|
||||
&module,
|
||||
basek,
|
||||
k_ksk,
|
||||
rank_in_s0s1,
|
||||
rank_in_s0s1 | rank_out_s0s1,
|
||||
) | FourierGLWECiphertext::decrypt_scratch_space(&module, basek, k_out)
|
||||
| GLWESwitchingKey::keyswitch_scratch_space(
|
||||
&module,
|
||||
basek,
|
||||
k_out,
|
||||
k_in,
|
||||
k_ksk,
|
||||
digits,
|
||||
ct_gglwe_s1s2.rank_in(),
|
||||
ct_gglwe_s1s2.rank_out(),
|
||||
),
|
||||
);
|
||||
|
||||
let mut sk0: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank_in_s0s1);
|
||||
sk0.fill_ternary_prob(0.5, &mut source_xs);
|
||||
|
||||
let mut sk1: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank_out_s0s1);
|
||||
sk1.fill_ternary_prob(0.5, &mut source_xs);
|
||||
let sk1_dft: FourierGLWESecret<Vec<u8>, FFT64> = FourierGLWESecret::from(&module, &sk1);
|
||||
|
||||
let mut sk2: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank_out_s1s2);
|
||||
sk2.fill_ternary_prob(0.5, &mut source_xs);
|
||||
let sk2_dft: FourierGLWESecret<Vec<u8>, FFT64> = FourierGLWESecret::from(&module, &sk2);
|
||||
|
||||
// gglwe_{s1}(s0) = s0 -> s1
|
||||
ct_gglwe_s0s1.encrypt_sk(
|
||||
&module,
|
||||
&sk0,
|
||||
&sk1_dft,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
// gglwe_{s2}(s1) -> s1 -> s2
|
||||
ct_gglwe_s1s2.encrypt_sk(
|
||||
&module,
|
||||
&sk1,
|
||||
&sk2_dft,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
// gglwe_{s1}(s0) (x) gglwe_{s2}(s1) = gglwe_{s2}(s0)
|
||||
ct_gglwe_s0s2.keyswitch(&module, &ct_gglwe_s0s1, &ct_gglwe_s1s2, scratch.borrow());
|
||||
|
||||
let mut ct_glwe_dft: FourierGLWECiphertext<Vec<u8>, FFT64> =
|
||||
FourierGLWECiphertext::alloc(&module, basek, k_out, rank_out_s1s2);
|
||||
let mut pt: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k_out);
|
||||
|
||||
(0..ct_gglwe_s0s2.rank_in()).for_each(|col_i| {
|
||||
(0..ct_gglwe_s0s2.rows()).for_each(|row_i| {
|
||||
ct_gglwe_s0s2.get_row(&module, row_i, col_i, &mut ct_glwe_dft);
|
||||
ct_glwe_dft.decrypt(&module, &mut pt, &sk2_dft, scratch.borrow());
|
||||
module.vec_znx_sub_scalar_inplace(
|
||||
&mut pt.data,
|
||||
0,
|
||||
(digits_in - 1) + row_i * digits_in,
|
||||
&sk0.data,
|
||||
col_i,
|
||||
);
|
||||
|
||||
let noise_have: f64 = pt.data.std(0, basek).log2();
|
||||
let noise_want: f64 = log2_std_noise_gglwe_product(
|
||||
module.n() as f64,
|
||||
basek * digits,
|
||||
0.5,
|
||||
0.5,
|
||||
0f64,
|
||||
sigma * sigma,
|
||||
0f64,
|
||||
rank_out_s0s1 as f64,
|
||||
k_in,
|
||||
k_ksk,
|
||||
);
|
||||
|
||||
assert!(
|
||||
(noise_have - noise_want).abs() <= 1.0,
|
||||
"{} {}",
|
||||
noise_have,
|
||||
noise_want
|
||||
);
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
fn test_key_switch_inplace(
|
||||
log_n: usize,
|
||||
basek: usize,
|
||||
k_ct: usize,
|
||||
k_ksk: usize,
|
||||
digits: usize,
|
||||
rank_in: usize,
|
||||
rank_out: usize,
|
||||
sigma: f64,
|
||||
) {
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
let rows: usize = k_ct.div_ceil(basek * digits);
|
||||
let digits_in: usize = 1;
|
||||
|
||||
let mut ct_gglwe_s0s1: GLWESwitchingKey<Vec<u8>, FFT64> =
|
||||
GLWESwitchingKey::alloc(&module, basek, k_ct, rows, digits_in, rank_in, rank_out);
|
||||
let mut ct_gglwe_s1s2: GLWESwitchingKey<Vec<u8>, FFT64> =
|
||||
GLWESwitchingKey::alloc(&module, basek, k_ksk, rows, digits, rank_out, rank_out);
|
||||
|
||||
let mut source_xs: Source = Source::new([0u8; 32]);
|
||||
let mut source_xe: Source = Source::new([0u8; 32]);
|
||||
let mut source_xa: Source = Source::new([0u8; 32]);
|
||||
|
||||
let mut scratch: ScratchOwned = ScratchOwned::new(
|
||||
GLWESwitchingKey::encrypt_sk_scratch_space(&module, basek, k_ksk, rank_in, rank_out)
|
||||
| FourierGLWECiphertext::decrypt_scratch_space(&module, basek, k_ksk)
|
||||
| GLWESwitchingKey::keyswitch_inplace_scratch_space(&module, basek, k_ct, k_ksk, digits, rank_out),
|
||||
);
|
||||
|
||||
let mut sk0: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank_in);
|
||||
sk0.fill_ternary_prob(0.5, &mut source_xs);
|
||||
|
||||
let mut sk1: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank_out);
|
||||
sk1.fill_ternary_prob(0.5, &mut source_xs);
|
||||
let sk1_dft: FourierGLWESecret<Vec<u8>, FFT64> = FourierGLWESecret::from(&module, &sk1);
|
||||
|
||||
let mut sk2: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank_out);
|
||||
sk2.fill_ternary_prob(0.5, &mut source_xs);
|
||||
let sk2_dft: FourierGLWESecret<Vec<u8>, FFT64> = FourierGLWESecret::from(&module, &sk2);
|
||||
|
||||
// gglwe_{s1}(s0) = s0 -> s1
|
||||
ct_gglwe_s0s1.encrypt_sk(
|
||||
&module,
|
||||
&sk0,
|
||||
&sk1_dft,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
// gglwe_{s2}(s1) -> s1 -> s2
|
||||
ct_gglwe_s1s2.encrypt_sk(
|
||||
&module,
|
||||
&sk1,
|
||||
&sk2_dft,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
// gglwe_{s1}(s0) (x) gglwe_{s2}(s1) = gglwe_{s2}(s0)
|
||||
ct_gglwe_s0s1.keyswitch_inplace(&module, &ct_gglwe_s1s2, scratch.borrow());
|
||||
|
||||
let ct_gglwe_s0s2: GLWESwitchingKey<Vec<u8>, FFT64> = ct_gglwe_s0s1;
|
||||
|
||||
let mut ct_glwe_dft: FourierGLWECiphertext<Vec<u8>, FFT64> = FourierGLWECiphertext::alloc(&module, basek, k_ct, rank_out);
|
||||
let mut pt: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k_ct);
|
||||
|
||||
(0..ct_gglwe_s0s2.rank_in()).for_each(|col_i| {
|
||||
(0..ct_gglwe_s0s2.rows()).for_each(|row_i| {
|
||||
ct_gglwe_s0s2.get_row(&module, row_i, col_i, &mut ct_glwe_dft);
|
||||
ct_glwe_dft.decrypt(&module, &mut pt, &sk2_dft, scratch.borrow());
|
||||
module.vec_znx_sub_scalar_inplace(
|
||||
&mut pt.data,
|
||||
0,
|
||||
(digits_in - 1) + row_i * digits_in,
|
||||
&sk0.data,
|
||||
col_i,
|
||||
);
|
||||
|
||||
let noise_have: f64 = pt.data.std(0, basek).log2();
|
||||
let noise_want: f64 = log2_std_noise_gglwe_product(
|
||||
module.n() as f64,
|
||||
basek * digits,
|
||||
0.5,
|
||||
0.5,
|
||||
0f64,
|
||||
sigma * sigma,
|
||||
0f64,
|
||||
rank_out as f64,
|
||||
k_ct,
|
||||
k_ksk,
|
||||
);
|
||||
|
||||
assert!(
|
||||
(noise_have - noise_want).abs() <= 1.0,
|
||||
"{} {}",
|
||||
noise_have,
|
||||
noise_want
|
||||
);
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
fn test_external_product(
|
||||
log_n: usize,
|
||||
basek: usize,
|
||||
k_out: usize,
|
||||
k_in: usize,
|
||||
k_ggsw: usize,
|
||||
digits: usize,
|
||||
rank_in: usize,
|
||||
rank_out: usize,
|
||||
sigma: f64,
|
||||
) {
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
|
||||
let rows: usize = k_in.div_ceil(basek * digits);
|
||||
let digits_in: usize = 1;
|
||||
|
||||
let mut ct_gglwe_in: GLWESwitchingKey<Vec<u8>, FFT64> =
|
||||
GLWESwitchingKey::alloc(&module, basek, k_in, rows, digits_in, rank_in, rank_out);
|
||||
let mut ct_gglwe_out: GLWESwitchingKey<Vec<u8>, FFT64> =
|
||||
GLWESwitchingKey::alloc(&module, basek, k_out, rows, digits_in, rank_in, rank_out);
|
||||
let mut ct_rgsw: GGSWCiphertext<Vec<u8>, FFT64> = GGSWCiphertext::alloc(&module, basek, k_ggsw, rows, digits, rank_out);
|
||||
|
||||
let mut pt_rgsw: ScalarZnx<Vec<u8>> = module.new_scalar_znx(1);
|
||||
|
||||
let mut source_xs: Source = Source::new([0u8; 32]);
|
||||
let mut source_xe: Source = Source::new([0u8; 32]);
|
||||
let mut source_xa: Source = Source::new([0u8; 32]);
|
||||
|
||||
let mut scratch: ScratchOwned = ScratchOwned::new(
|
||||
GLWESwitchingKey::encrypt_sk_scratch_space(&module, basek, k_in, rank_in, rank_out)
|
||||
| FourierGLWECiphertext::decrypt_scratch_space(&module, basek, k_out)
|
||||
| GLWESwitchingKey::external_product_scratch_space(&module, basek, k_out, k_in, k_ggsw, digits, rank_out)
|
||||
| GGSWCiphertext::encrypt_sk_scratch_space(&module, basek, k_ggsw, rank_out),
|
||||
);
|
||||
|
||||
let r: usize = 1;
|
||||
|
||||
pt_rgsw.to_mut().raw_mut()[r] = 1; // X^{r}
|
||||
|
||||
let mut sk_in: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank_in);
|
||||
sk_in.fill_ternary_prob(0.5, &mut source_xs);
|
||||
|
||||
let mut sk_out: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank_out);
|
||||
sk_out.fill_ternary_prob(0.5, &mut source_xs);
|
||||
let sk_out_dft: FourierGLWESecret<Vec<u8>, FFT64> = FourierGLWESecret::from(&module, &sk_out);
|
||||
|
||||
// gglwe_{s1}(s0) = s0 -> s1
|
||||
ct_gglwe_in.encrypt_sk(
|
||||
&module,
|
||||
&sk_in,
|
||||
&sk_out_dft,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
ct_rgsw.encrypt_sk(
|
||||
&module,
|
||||
&pt_rgsw,
|
||||
&sk_out_dft,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
// gglwe_(m) (x) RGSW_(X^k) = gglwe_(m * X^k)
|
||||
ct_gglwe_out.external_product(&module, &ct_gglwe_in, &ct_rgsw, scratch.borrow());
|
||||
|
||||
let mut ct_glwe_dft: FourierGLWECiphertext<Vec<u8>, FFT64> = FourierGLWECiphertext::alloc(&module, basek, k_out, rank_out);
|
||||
let mut pt: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k_out);
|
||||
|
||||
(0..rank_in).for_each(|i| {
|
||||
module.vec_znx_rotate_inplace(r as i64, &mut sk_in.data, i); // * X^{r}
|
||||
});
|
||||
|
||||
(0..rank_in).for_each(|col_i| {
|
||||
(0..ct_gglwe_out.rows()).for_each(|row_i| {
|
||||
ct_gglwe_out.get_row(&module, row_i, col_i, &mut ct_glwe_dft);
|
||||
ct_glwe_dft.decrypt(&module, &mut pt, &sk_out_dft, scratch.borrow());
|
||||
|
||||
module.vec_znx_sub_scalar_inplace(
|
||||
&mut pt.data,
|
||||
0,
|
||||
(digits_in - 1) + row_i * digits_in,
|
||||
&sk_in.data,
|
||||
col_i,
|
||||
);
|
||||
|
||||
let noise_have: f64 = pt.data.std(0, basek).log2();
|
||||
|
||||
let var_gct_err_lhs: f64 = sigma * sigma;
|
||||
let var_gct_err_rhs: f64 = 0f64;
|
||||
|
||||
let var_msg: f64 = 1f64 / module.n() as f64; // X^{k}
|
||||
let var_a0_err: f64 = sigma * sigma;
|
||||
let var_a1_err: f64 = 1f64 / 12f64;
|
||||
|
||||
let noise_want: f64 = noise_ggsw_product(
|
||||
module.n() as f64,
|
||||
basek * digits,
|
||||
0.5,
|
||||
var_msg,
|
||||
var_a0_err,
|
||||
var_a1_err,
|
||||
var_gct_err_lhs,
|
||||
var_gct_err_rhs,
|
||||
rank_out as f64,
|
||||
k_in,
|
||||
k_ggsw,
|
||||
);
|
||||
|
||||
assert!(
|
||||
(noise_have - noise_want).abs() <= 1.0,
|
||||
"{} {}",
|
||||
noise_have,
|
||||
noise_want
|
||||
);
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
fn test_external_product_inplace(
|
||||
log_n: usize,
|
||||
basek: usize,
|
||||
k_ct: usize,
|
||||
k_ggsw: usize,
|
||||
digits: usize,
|
||||
rank_in: usize,
|
||||
rank_out: usize,
|
||||
sigma: f64,
|
||||
) {
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
|
||||
let rows: usize = k_ct.div_ceil(basek * digits);
|
||||
|
||||
let digits_in: usize = 1;
|
||||
|
||||
let mut ct_gglwe: GLWESwitchingKey<Vec<u8>, FFT64> =
|
||||
GLWESwitchingKey::alloc(&module, basek, k_ct, rows, digits_in, rank_in, rank_out);
|
||||
let mut ct_rgsw: GGSWCiphertext<Vec<u8>, FFT64> = GGSWCiphertext::alloc(&module, basek, k_ggsw, rows, digits, rank_out);
|
||||
|
||||
let mut pt_rgsw: ScalarZnx<Vec<u8>> = module.new_scalar_znx(1);
|
||||
|
||||
let mut source_xs: Source = Source::new([0u8; 32]);
|
||||
let mut source_xe: Source = Source::new([0u8; 32]);
|
||||
let mut source_xa: Source = Source::new([0u8; 32]);
|
||||
|
||||
let mut scratch: ScratchOwned = ScratchOwned::new(
|
||||
GLWESwitchingKey::encrypt_sk_scratch_space(&module, basek, k_ct, rank_in, rank_out)
|
||||
| FourierGLWECiphertext::decrypt_scratch_space(&module, basek, k_ct)
|
||||
| GLWESwitchingKey::external_product_inplace_scratch_space(&module, basek, k_ct, k_ggsw, digits, rank_out)
|
||||
| GGSWCiphertext::encrypt_sk_scratch_space(&module, basek, k_ggsw, rank_out),
|
||||
);
|
||||
|
||||
let r: usize = 1;
|
||||
|
||||
pt_rgsw.to_mut().raw_mut()[r] = 1; // X^{r}
|
||||
|
||||
let mut sk_in: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank_in);
|
||||
sk_in.fill_ternary_prob(0.5, &mut source_xs);
|
||||
|
||||
let mut sk_out: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank_out);
|
||||
sk_out.fill_ternary_prob(0.5, &mut source_xs);
|
||||
let sk_out_dft: FourierGLWESecret<Vec<u8>, FFT64> = FourierGLWESecret::from(&module, &sk_out);
|
||||
|
||||
// gglwe_{s1}(s0) = s0 -> s1
|
||||
ct_gglwe.encrypt_sk(
|
||||
&module,
|
||||
&sk_in,
|
||||
&sk_out_dft,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
ct_rgsw.encrypt_sk(
|
||||
&module,
|
||||
&pt_rgsw,
|
||||
&sk_out_dft,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
// gglwe_(m) (x) RGSW_(X^k) = gglwe_(m * X^k)
|
||||
ct_gglwe.external_product_inplace(&module, &ct_rgsw, scratch.borrow());
|
||||
|
||||
let mut ct_glwe_dft: FourierGLWECiphertext<Vec<u8>, FFT64> = FourierGLWECiphertext::alloc(&module, basek, k_ct, rank_out);
|
||||
let mut pt: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k_ct);
|
||||
|
||||
(0..rank_in).for_each(|i| {
|
||||
module.vec_znx_rotate_inplace(r as i64, &mut sk_in.data, i); // * X^{r}
|
||||
});
|
||||
|
||||
(0..rank_in).for_each(|col_i| {
|
||||
(0..ct_gglwe.rows()).for_each(|row_i| {
|
||||
ct_gglwe.get_row(&module, row_i, col_i, &mut ct_glwe_dft);
|
||||
ct_glwe_dft.decrypt(&module, &mut pt, &sk_out_dft, scratch.borrow());
|
||||
|
||||
module.vec_znx_sub_scalar_inplace(
|
||||
&mut pt.data,
|
||||
0,
|
||||
(digits_in - 1) + row_i * digits_in,
|
||||
&sk_in.data,
|
||||
col_i,
|
||||
);
|
||||
|
||||
let noise_have: f64 = pt.data.std(0, basek).log2();
|
||||
|
||||
let var_gct_err_lhs: f64 = sigma * sigma;
|
||||
let var_gct_err_rhs: f64 = 0f64;
|
||||
|
||||
let var_msg: f64 = 1f64 / module.n() as f64; // X^{k}
|
||||
let var_a0_err: f64 = sigma * sigma;
|
||||
let var_a1_err: f64 = 1f64 / 12f64;
|
||||
|
||||
let noise_want: f64 = noise_ggsw_product(
|
||||
module.n() as f64,
|
||||
basek * digits,
|
||||
0.5,
|
||||
var_msg,
|
||||
var_a0_err,
|
||||
var_a1_err,
|
||||
var_gct_err_lhs,
|
||||
var_gct_err_rhs,
|
||||
rank_out as f64,
|
||||
k_ct,
|
||||
k_ggsw,
|
||||
);
|
||||
|
||||
assert!(
|
||||
(noise_have - noise_want).abs() <= 1.0,
|
||||
"{} {}",
|
||||
noise_have,
|
||||
noise_want
|
||||
);
|
||||
});
|
||||
});
|
||||
}
|
||||
@@ -1,3 +0,0 @@
|
||||
pub mod automorphism_key;
|
||||
pub mod gglwe;
|
||||
pub mod tensor_key;
|
||||
@@ -1,69 +0,0 @@
|
||||
use backend::{FFT64, Module, ScalarZnxDftOps, ScratchOwned, Stats, VecZnxOps};
|
||||
use sampling::source::Source;
|
||||
|
||||
use crate::{FourierGLWECiphertext, FourierGLWESecret, GLWEPlaintext, GLWESecret, GLWETensorKey, GetRow, Infos};
|
||||
|
||||
#[test]
|
||||
fn encrypt_sk() {
|
||||
let log_n: usize = 8;
|
||||
(1..4).for_each(|rank| {
|
||||
println!("test encrypt_sk rank: {}", rank);
|
||||
test_encrypt_sk(log_n, 16, 54, 3.2, rank);
|
||||
});
|
||||
}
|
||||
|
||||
fn test_encrypt_sk(log_n: usize, basek: usize, k: usize, sigma: f64, rank: usize) {
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
|
||||
let rows: usize = k / basek;
|
||||
|
||||
let mut tensor_key: GLWETensorKey<Vec<u8>, FFT64> = GLWETensorKey::alloc(&module, basek, k, rows, 1, rank);
|
||||
|
||||
let mut source_xs: Source = Source::new([0u8; 32]);
|
||||
let mut source_xe: Source = Source::new([0u8; 32]);
|
||||
let mut source_xa: Source = Source::new([0u8; 32]);
|
||||
|
||||
let mut scratch: ScratchOwned = ScratchOwned::new(GLWETensorKey::encrypt_sk_scratch_space(
|
||||
&module,
|
||||
basek,
|
||||
tensor_key.k(),
|
||||
rank,
|
||||
));
|
||||
|
||||
let mut sk: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank);
|
||||
sk.fill_ternary_prob(0.5, &mut source_xs);
|
||||
let sk_dft: FourierGLWESecret<Vec<u8>, FFT64> = FourierGLWESecret::from(&module, &sk);
|
||||
|
||||
tensor_key.encrypt_sk(
|
||||
&module,
|
||||
&sk_dft,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
let mut ct_glwe_fourier: FourierGLWECiphertext<Vec<u8>, FFT64> = FourierGLWECiphertext::alloc(&module, basek, k, rank);
|
||||
let mut pt: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k);
|
||||
|
||||
let mut sk_ij_dft: FourierGLWESecret<Vec<u8>, FFT64> = FourierGLWESecret::alloc(&module, 1);
|
||||
let mut sk_ij: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, 1);
|
||||
|
||||
(0..rank).for_each(|i| {
|
||||
(0..rank).for_each(|j| {
|
||||
module.svp_apply(&mut sk_ij_dft.data, 0, &sk_dft.data, i, &sk_dft.data, j);
|
||||
module.scalar_znx_idft(&mut sk_ij.data, 0, &sk_ij_dft.data, 0, scratch.borrow());
|
||||
(0..tensor_key.rank_in()).for_each(|col_i| {
|
||||
(0..tensor_key.rows()).for_each(|row_i| {
|
||||
tensor_key
|
||||
.at(i, j)
|
||||
.get_row(&module, row_i, col_i, &mut ct_glwe_fourier);
|
||||
ct_glwe_fourier.decrypt(&module, &mut pt, &sk_dft, scratch.borrow());
|
||||
module.vec_znx_sub_scalar_inplace(&mut pt.data, 0, row_i, &sk_ij.data, col_i);
|
||||
let std_pt: f64 = pt.data.std(0, basek) * (k as f64).exp2();
|
||||
assert!((sigma - std_pt).abs() <= 0.5, "{} {}", sigma, std_pt);
|
||||
});
|
||||
});
|
||||
})
|
||||
})
|
||||
}
|
||||
147
core/src/ggsw/automorphism.rs
Normal file
147
core/src/ggsw/automorphism.rs
Normal file
@@ -0,0 +1,147 @@
|
||||
use backend::hal::{
|
||||
api::{ScratchAvailable, TakeVecZnxBig, TakeVecZnxDft, VecZnxAutomorphismInplace, VecZnxNormalizeTmpBytes},
|
||||
layouts::{Backend, DataMut, DataRef, Module, Scratch},
|
||||
};
|
||||
|
||||
use crate::{
|
||||
AutomorphismKeyExec, GGSWCiphertext, GGSWKeySwitchFamily, GLWECiphertext, GLWEKeyswitchFamily, GLWETensorKeyExec, Infos,
|
||||
};
|
||||
|
||||
impl GGSWCiphertext<Vec<u8>> {
|
||||
pub fn automorphism_scratch_space<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k_out: usize,
|
||||
k_in: usize,
|
||||
k_ksk: usize,
|
||||
digits_ksk: usize,
|
||||
k_tsk: usize,
|
||||
digits_tsk: usize,
|
||||
rank: usize,
|
||||
) -> usize
|
||||
where
|
||||
Module<B>: GLWEKeyswitchFamily<B> + GGSWKeySwitchFamily<B> + VecZnxNormalizeTmpBytes,
|
||||
{
|
||||
let out_size: usize = k_out.div_ceil(basek);
|
||||
let ci_dft: usize = module.vec_znx_dft_alloc_bytes(rank + 1, out_size);
|
||||
let ks_internal: usize =
|
||||
GLWECiphertext::keyswitch_scratch_space(module, basek, k_out, k_in, k_ksk, digits_ksk, rank, rank);
|
||||
let expand: usize = GGSWCiphertext::expand_row_scratch_space(module, basek, k_out, k_tsk, digits_tsk, rank);
|
||||
ci_dft + (ks_internal | expand)
|
||||
}
|
||||
|
||||
pub fn automorphism_inplace_scratch_space<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k_out: usize,
|
||||
k_ksk: usize,
|
||||
digits_ksk: usize,
|
||||
k_tsk: usize,
|
||||
digits_tsk: usize,
|
||||
rank: usize,
|
||||
) -> usize
|
||||
where
|
||||
Module<B>: GLWEKeyswitchFamily<B> + GGSWKeySwitchFamily<B> + VecZnxNormalizeTmpBytes,
|
||||
{
|
||||
GGSWCiphertext::automorphism_scratch_space(
|
||||
module, basek, k_out, k_out, k_ksk, digits_ksk, k_tsk, digits_tsk, rank,
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
impl<DataSelf: DataMut> GGSWCiphertext<DataSelf> {
|
||||
pub fn automorphism<DataLhs: DataRef, DataAk: DataRef, DataTsk: DataRef, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<B>,
|
||||
lhs: &GGSWCiphertext<DataLhs>,
|
||||
auto_key: &AutomorphismKeyExec<DataAk, B>,
|
||||
tensor_key: &GLWETensorKeyExec<DataTsk, B>,
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
Module<B>: GLWEKeyswitchFamily<B> + GGSWKeySwitchFamily<B> + VecZnxAutomorphismInplace + VecZnxNormalizeTmpBytes,
|
||||
Scratch<B>: ScratchAvailable + TakeVecZnxDft<B> + TakeVecZnxBig<B>,
|
||||
{
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
use crate::Infos;
|
||||
|
||||
assert_eq!(
|
||||
self.rank(),
|
||||
lhs.rank(),
|
||||
"ggsw_out rank: {} != ggsw_in rank: {}",
|
||||
self.rank(),
|
||||
lhs.rank()
|
||||
);
|
||||
assert_eq!(
|
||||
self.rank(),
|
||||
auto_key.rank(),
|
||||
"ggsw_in rank: {} != auto_key rank: {}",
|
||||
self.rank(),
|
||||
auto_key.rank()
|
||||
);
|
||||
assert_eq!(
|
||||
self.rank(),
|
||||
tensor_key.rank(),
|
||||
"ggsw_in rank: {} != tensor_key rank: {}",
|
||||
self.rank(),
|
||||
tensor_key.rank()
|
||||
);
|
||||
assert!(
|
||||
scratch.available()
|
||||
>= GGSWCiphertext::automorphism_scratch_space(
|
||||
module,
|
||||
self.basek(),
|
||||
self.k(),
|
||||
lhs.k(),
|
||||
auto_key.k(),
|
||||
auto_key.digits(),
|
||||
tensor_key.k(),
|
||||
tensor_key.digits(),
|
||||
self.rank(),
|
||||
)
|
||||
)
|
||||
};
|
||||
|
||||
let rank: usize = self.rank();
|
||||
let cols: usize = rank + 1;
|
||||
|
||||
// Keyswitch the j-th row of the col 0
|
||||
(0..lhs.rows()).for_each(|row_i| {
|
||||
// Key-switch column 0, i.e.
|
||||
// col 0: (-(a0s0 + a1s1 + a2s2) + M[i], a0, a1, a2) -> (-(a0pi^-1(s0) + a1pi^-1(s1) + a2pi^-1(s2)) + M[i], a0, a1, a2)
|
||||
self.at_mut(row_i, 0)
|
||||
.automorphism(module, &lhs.at(row_i, 0), auto_key, scratch);
|
||||
|
||||
// Isolates DFT(AUTO(a[i]))
|
||||
let (mut ci_dft, scratch1) = scratch.take_vec_znx_dft(module, cols, self.size());
|
||||
(0..cols).for_each(|i| {
|
||||
module.vec_znx_dft_from_vec_znx(1, 0, &mut ci_dft, i, &self.at(row_i, 0).data, i);
|
||||
});
|
||||
|
||||
// Generates
|
||||
//
|
||||
// col 1: (-(b0s0 + b1s1 + b2s2) , b0 + pi(M[i]), b1 , b2 )
|
||||
// col 2: (-(c0s0 + c1s1 + c2s2) , c0 , c1 + pi(M[i]), c2 )
|
||||
// col 3: (-(d0s0 + d1s1 + d2s2) , d0 , d1 , d2 + pi(M[i]))
|
||||
(1..cols).for_each(|col_j| {
|
||||
self.expand_row(module, row_i, col_j, &ci_dft, tensor_key, scratch1);
|
||||
});
|
||||
})
|
||||
}
|
||||
|
||||
pub fn automorphism_inplace<DataKsk: DataRef, DataTsk: DataRef, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<B>,
|
||||
auto_key: &AutomorphismKeyExec<DataKsk, B>,
|
||||
tensor_key: &GLWETensorKeyExec<DataTsk, B>,
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
Module<B>: GLWEKeyswitchFamily<B> + GGSWKeySwitchFamily<B> + VecZnxAutomorphismInplace + VecZnxNormalizeTmpBytes,
|
||||
Scratch<B>: ScratchAvailable + TakeVecZnxDft<B> + TakeVecZnxBig<B>,
|
||||
{
|
||||
unsafe {
|
||||
let self_ptr: *mut GGSWCiphertext<DataSelf> = self as *mut GGSWCiphertext<DataSelf>;
|
||||
self.automorphism(module, &*self_ptr, auto_key, tensor_key, scratch);
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -1,707 +0,0 @@
|
||||
use backend::{
|
||||
Backend, FFT64, MatZnxDft, MatZnxDftAlloc, MatZnxDftOps, MatZnxDftScratch, Module, ScalarZnx, Scratch, VecZnxAlloc,
|
||||
VecZnxBigAlloc, VecZnxBigOps, VecZnxBigScratch, VecZnxDft, VecZnxDftAlloc, VecZnxDftOps, VecZnxOps, VecZnxToMut, ZnxInfos,
|
||||
ZnxZero,
|
||||
};
|
||||
use sampling::source::Source;
|
||||
|
||||
use crate::{
|
||||
FourierGLWECiphertext, FourierGLWESecret, GLWEAutomorphismKey, GLWECiphertext, GLWESwitchingKey, GLWETensorKey, GetRow,
|
||||
Infos, ScratchCore, SetRow,
|
||||
};
|
||||
|
||||
pub struct GGSWCiphertext<C, B: Backend> {
|
||||
pub(crate) data: MatZnxDft<C, B>,
|
||||
pub(crate) basek: usize,
|
||||
pub(crate) k: usize,
|
||||
pub(crate) digits: usize,
|
||||
}
|
||||
|
||||
impl GGSWCiphertext<Vec<u8>, FFT64> {
|
||||
pub fn alloc(module: &Module<FFT64>, basek: usize, k: usize, rows: usize, digits: usize, rank: usize) -> Self {
|
||||
let size: usize = k.div_ceil(basek);
|
||||
debug_assert!(digits > 0, "invalid ggsw: `digits` == 0");
|
||||
|
||||
debug_assert!(
|
||||
size > digits,
|
||||
"invalid ggsw: ceil(k/basek): {} <= digits: {}",
|
||||
size,
|
||||
digits
|
||||
);
|
||||
|
||||
assert!(
|
||||
rows * digits <= size,
|
||||
"invalid ggsw: rows: {} * digits:{} > ceil(k/basek): {}",
|
||||
rows,
|
||||
digits,
|
||||
size
|
||||
);
|
||||
|
||||
Self {
|
||||
data: module.new_mat_znx_dft(rows, rank + 1, rank + 1, k.div_ceil(basek)),
|
||||
basek,
|
||||
k: k,
|
||||
digits,
|
||||
}
|
||||
}
|
||||
|
||||
pub fn bytes_of(module: &Module<FFT64>, basek: usize, k: usize, rows: usize, digits: usize, rank: usize) -> usize {
|
||||
let size: usize = k.div_ceil(basek);
|
||||
debug_assert!(
|
||||
size > digits,
|
||||
"invalid ggsw: ceil(k/basek): {} <= digits: {}",
|
||||
size,
|
||||
digits
|
||||
);
|
||||
|
||||
assert!(
|
||||
rows * digits <= size,
|
||||
"invalid ggsw: rows: {} * digits:{} > ceil(k/basek): {}",
|
||||
rows,
|
||||
digits,
|
||||
size
|
||||
);
|
||||
|
||||
module.bytes_of_mat_znx_dft(rows, rank + 1, rank + 1, size)
|
||||
}
|
||||
}
|
||||
|
||||
impl<T, B: Backend> Infos for GGSWCiphertext<T, B> {
|
||||
type Inner = MatZnxDft<T, B>;
|
||||
|
||||
fn inner(&self) -> &Self::Inner {
|
||||
&self.data
|
||||
}
|
||||
|
||||
fn basek(&self) -> usize {
|
||||
self.basek
|
||||
}
|
||||
|
||||
fn k(&self) -> usize {
|
||||
self.k
|
||||
}
|
||||
}
|
||||
|
||||
impl<T, B: Backend> GGSWCiphertext<T, B> {
|
||||
pub fn rank(&self) -> usize {
|
||||
self.data.cols_out() - 1
|
||||
}
|
||||
|
||||
pub fn digits(&self) -> usize {
|
||||
self.digits
|
||||
}
|
||||
}
|
||||
|
||||
impl GGSWCiphertext<Vec<u8>, FFT64> {
|
||||
pub fn encrypt_sk_scratch_space(module: &Module<FFT64>, basek: usize, k: usize, rank: usize) -> usize {
|
||||
let size = k.div_ceil(basek);
|
||||
GLWECiphertext::encrypt_sk_scratch_space(module, basek, k)
|
||||
+ module.bytes_of_vec_znx(rank + 1, size)
|
||||
+ module.bytes_of_vec_znx(1, size)
|
||||
+ module.bytes_of_vec_znx_dft(rank + 1, size)
|
||||
}
|
||||
|
||||
pub(crate) fn expand_row_scratch_space(
|
||||
module: &Module<FFT64>,
|
||||
basek: usize,
|
||||
self_k: usize,
|
||||
k_tsk: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> usize {
|
||||
let tsk_size: usize = k_tsk.div_ceil(basek);
|
||||
let self_size_out: usize = self_k.div_ceil(basek);
|
||||
let self_size_in: usize = self_size_out.div_ceil(digits);
|
||||
let tmp_dft_i: usize = module.bytes_of_vec_znx_dft(rank + 1, tsk_size);
|
||||
let tmp_a: usize = module.bytes_of_vec_znx_dft(1, self_size_in);
|
||||
let vmp: usize = module.vmp_apply_tmp_bytes(
|
||||
self_size_out,
|
||||
self_size_in,
|
||||
self_size_in,
|
||||
rank,
|
||||
rank,
|
||||
tsk_size,
|
||||
);
|
||||
let tmp_idft: usize = module.bytes_of_vec_znx_big(1, tsk_size);
|
||||
let norm: usize = module.vec_znx_big_normalize_tmp_bytes();
|
||||
tmp_dft_i + ((tmp_a + vmp) | (tmp_idft + norm))
|
||||
}
|
||||
|
||||
pub(crate) fn keyswitch_internal_col0_scratch_space(
|
||||
module: &Module<FFT64>,
|
||||
basek: usize,
|
||||
k_out: usize,
|
||||
k_in: usize,
|
||||
k_ksk: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> usize {
|
||||
GLWECiphertext::keyswitch_from_fourier_scratch_space(module, basek, k_out, k_in, k_ksk, digits, rank, rank)
|
||||
+ module.bytes_of_vec_znx_dft(rank + 1, k_in.div_ceil(basek))
|
||||
}
|
||||
|
||||
pub fn keyswitch_scratch_space(
|
||||
module: &Module<FFT64>,
|
||||
basek: usize,
|
||||
k_out: usize,
|
||||
k_in: usize,
|
||||
k_ksk: usize,
|
||||
digits_ksk: usize,
|
||||
k_tsk: usize,
|
||||
digits_tsk: usize,
|
||||
rank: usize,
|
||||
) -> usize {
|
||||
let out_size: usize = k_out.div_ceil(basek);
|
||||
let res_znx: usize = module.bytes_of_vec_znx(rank + 1, out_size);
|
||||
let ci_dft: usize = module.bytes_of_vec_znx_dft(rank + 1, out_size);
|
||||
let ks: usize =
|
||||
GGSWCiphertext::keyswitch_internal_col0_scratch_space(module, basek, k_out, k_in, k_ksk, digits_ksk, rank);
|
||||
let expand_rows: usize = GGSWCiphertext::expand_row_scratch_space(module, basek, k_out, k_tsk, digits_tsk, rank);
|
||||
let res_dft: usize = module.bytes_of_vec_znx_dft(rank + 1, out_size);
|
||||
res_znx + ci_dft + (ks | expand_rows | res_dft)
|
||||
}
|
||||
|
||||
pub fn keyswitch_inplace_scratch_space(
|
||||
module: &Module<FFT64>,
|
||||
basek: usize,
|
||||
k_out: usize,
|
||||
k_ksk: usize,
|
||||
digits_ksk: usize,
|
||||
k_tsk: usize,
|
||||
digits_tsk: usize,
|
||||
rank: usize,
|
||||
) -> usize {
|
||||
GGSWCiphertext::keyswitch_scratch_space(
|
||||
module, basek, k_out, k_out, k_ksk, digits_ksk, k_tsk, digits_tsk, rank,
|
||||
)
|
||||
}
|
||||
|
||||
pub fn automorphism_scratch_space(
|
||||
module: &Module<FFT64>,
|
||||
basek: usize,
|
||||
k_out: usize,
|
||||
k_in: usize,
|
||||
k_ksk: usize,
|
||||
digits_ksk: usize,
|
||||
k_tsk: usize,
|
||||
digits_tsk: usize,
|
||||
rank: usize,
|
||||
) -> usize {
|
||||
let cols: usize = rank + 1;
|
||||
let out_size: usize = k_out.div_ceil(basek);
|
||||
let res: usize = module.bytes_of_vec_znx(cols, out_size);
|
||||
let res_dft: usize = module.bytes_of_vec_znx_dft(cols, out_size);
|
||||
let ci_dft: usize = module.bytes_of_vec_znx_dft(cols, out_size);
|
||||
let ks_internal: usize =
|
||||
GGSWCiphertext::keyswitch_internal_col0_scratch_space(module, basek, k_out, k_in, k_ksk, digits_ksk, rank);
|
||||
let expand: usize = GGSWCiphertext::expand_row_scratch_space(module, basek, k_out, k_tsk, digits_tsk, rank);
|
||||
res + ci_dft + (ks_internal | expand | res_dft)
|
||||
}
|
||||
|
||||
pub fn automorphism_inplace_scratch_space(
|
||||
module: &Module<FFT64>,
|
||||
basek: usize,
|
||||
k_out: usize,
|
||||
k_ksk: usize,
|
||||
digits_ksk: usize,
|
||||
k_tsk: usize,
|
||||
digits_tsk: usize,
|
||||
rank: usize,
|
||||
) -> usize {
|
||||
GGSWCiphertext::automorphism_scratch_space(
|
||||
module, basek, k_out, k_out, k_ksk, digits_ksk, k_tsk, digits_tsk, rank,
|
||||
)
|
||||
}
|
||||
|
||||
pub fn external_product_scratch_space(
|
||||
module: &Module<FFT64>,
|
||||
basek: usize,
|
||||
k_out: usize,
|
||||
k_in: usize,
|
||||
k_ggsw: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> usize {
|
||||
let tmp_in: usize = FourierGLWECiphertext::bytes_of(module, basek, k_in, rank);
|
||||
let tmp_out: usize = FourierGLWECiphertext::bytes_of(module, basek, k_out, rank);
|
||||
let ggsw: usize = FourierGLWECiphertext::external_product_scratch_space(module, basek, k_out, k_in, k_ggsw, digits, rank);
|
||||
tmp_in + tmp_out + ggsw
|
||||
}
|
||||
|
||||
pub fn external_product_inplace_scratch_space(
|
||||
module: &Module<FFT64>,
|
||||
basek: usize,
|
||||
k_out: usize,
|
||||
k_ggsw: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> usize {
|
||||
let tmp: usize = FourierGLWECiphertext::bytes_of(module, basek, k_out, rank);
|
||||
let ggsw: usize =
|
||||
FourierGLWECiphertext::external_product_inplace_scratch_space(module, basek, k_out, k_ggsw, digits, rank);
|
||||
tmp + ggsw
|
||||
}
|
||||
}
|
||||
|
||||
impl<DataSelf: AsMut<[u8]> + AsRef<[u8]>> GGSWCiphertext<DataSelf, FFT64> {
|
||||
pub fn encrypt_sk<DataPt: AsRef<[u8]>, DataSk: AsRef<[u8]>>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
pt: &ScalarZnx<DataPt>,
|
||||
sk: &FourierGLWESecret<DataSk, FFT64>,
|
||||
source_xa: &mut Source,
|
||||
source_xe: &mut Source,
|
||||
sigma: f64,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
assert_eq!(self.rank(), sk.rank());
|
||||
assert_eq!(self.n(), module.n());
|
||||
assert_eq!(pt.n(), module.n());
|
||||
assert_eq!(sk.n(), module.n());
|
||||
}
|
||||
|
||||
let basek: usize = self.basek();
|
||||
let k: usize = self.k();
|
||||
let rank: usize = self.rank();
|
||||
let digits: usize = self.digits();
|
||||
|
||||
let (mut tmp_pt, scratch1) = scratch.tmp_glwe_pt(module, basek, k);
|
||||
let (mut tmp_ct, scratch2) = scratch1.tmp_glwe_ct(module, basek, k, rank);
|
||||
|
||||
(0..self.rows()).for_each(|row_i| {
|
||||
tmp_pt.data.zero();
|
||||
|
||||
// Adds the scalar_znx_pt to the i-th limb of the vec_znx_pt
|
||||
module.vec_znx_add_scalar_inplace(&mut tmp_pt.data, 0, (digits - 1) + row_i * digits, pt, 0);
|
||||
module.vec_znx_normalize_inplace(basek, &mut tmp_pt.data, 0, scratch2);
|
||||
|
||||
(0..rank + 1).for_each(|col_j| {
|
||||
// rlwe encrypt of vec_znx_pt into vec_znx_ct
|
||||
|
||||
tmp_ct.encrypt_sk_private(
|
||||
module,
|
||||
Some((&tmp_pt, col_j)),
|
||||
sk,
|
||||
source_xa,
|
||||
source_xe,
|
||||
sigma,
|
||||
scratch2,
|
||||
);
|
||||
|
||||
// Switch vec_znx_ct into DFT domain
|
||||
{
|
||||
let (mut tmp_ct_dft, _) = scratch2.tmp_fourier_glwe_ct(module, basek, k, rank);
|
||||
tmp_ct.dft(module, &mut tmp_ct_dft);
|
||||
self.set_row(module, row_i, col_j, &tmp_ct_dft);
|
||||
}
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
pub(crate) fn expand_row<R, DataCi: AsRef<[u8]>, DataTsk: AsRef<[u8]>>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
col_j: usize,
|
||||
res: &mut R,
|
||||
ci_dft: &VecZnxDft<DataCi, FFT64>,
|
||||
tsk: &GLWETensorKey<DataTsk, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
) where
|
||||
R: VecZnxToMut,
|
||||
{
|
||||
let cols: usize = self.rank() + 1;
|
||||
|
||||
assert!(
|
||||
scratch.available()
|
||||
>= GGSWCiphertext::expand_row_scratch_space(
|
||||
module,
|
||||
self.basek(),
|
||||
self.k(),
|
||||
tsk.k(),
|
||||
tsk.digits(),
|
||||
tsk.rank()
|
||||
)
|
||||
);
|
||||
|
||||
// Example for rank 3:
|
||||
//
|
||||
// Note: M is a vector (m, Bm, B^2m, B^3m, ...), so each column is
|
||||
// actually composed of that many rows and we focus on a specific row here
|
||||
// implicitely given ci_dft.
|
||||
//
|
||||
// # Input
|
||||
//
|
||||
// col 0: (-(a0s0 + a1s1 + a2s2) + M[i], a0 , a1 , a2 )
|
||||
// col 1: (0, 0, 0, 0)
|
||||
// col 2: (0, 0, 0, 0)
|
||||
// col 3: (0, 0, 0, 0)
|
||||
//
|
||||
// # Output
|
||||
//
|
||||
// col 0: (-(a0s0 + a1s1 + a2s2) + M[i], a0 , a1 , a2 )
|
||||
// col 1: (-(b0s0 + b1s1 + b2s2) , b0 + M[i], b1 , b2 )
|
||||
// col 2: (-(c0s0 + c1s1 + c2s2) , c0 , c1 + M[i], c2 )
|
||||
// col 3: (-(d0s0 + d1s1 + d2s2) , d0 , d1 , d2 + M[i])
|
||||
|
||||
let digits: usize = tsk.digits();
|
||||
|
||||
let (mut tmp_dft_i, scratch1) = scratch.tmp_vec_znx_dft(module, cols, tsk.size());
|
||||
let (mut tmp_a, scratch2) = scratch1.tmp_vec_znx_dft(module, 1, (ci_dft.size() + digits - 1) / digits);
|
||||
|
||||
{
|
||||
// Performs a key-switch for each combination of s[i]*s[j], i.e. for a0, a1, a2
|
||||
//
|
||||
// # Example for col=1
|
||||
//
|
||||
// a0 * (-(f0s0 + f1s1 + f1s2) + s0^2, f0, f1, f2) = (-(a0f0s0 + a0f1s1 + a0f1s2) + a0s0^2, a0f0, a0f1, a0f2)
|
||||
// +
|
||||
// a1 * (-(g0s0 + g1s1 + g1s2) + s0s1, g0, g1, g2) = (-(a1g0s0 + a1g1s1 + a1g1s2) + a1s0s1, a1g0, a1g1, a1g2)
|
||||
// +
|
||||
// a2 * (-(h0s0 + h1s1 + h1s2) + s0s2, h0, h1, h2) = (-(a2h0s0 + a2h1s1 + a2h1s2) + a2s0s2, a2h0, a2h1, a2h2)
|
||||
// =
|
||||
// (-(x0s0 + x1s1 + x2s2) + s0(a0s0 + a1s1 + a2s2), x0, x1, x2)
|
||||
(1..cols).for_each(|col_i| {
|
||||
let pmat: &MatZnxDft<DataTsk, FFT64> = &tsk.at(col_i - 1, col_j - 1).key.data; // Selects Enc(s[i]s[j])
|
||||
|
||||
// Extracts a[i] and multipies with Enc(s[i]s[j])
|
||||
(0..digits).for_each(|di| {
|
||||
tmp_a.set_size((ci_dft.size() + di) / digits);
|
||||
|
||||
// Small optimization for digits > 2
|
||||
// VMP produce some error e, and since we aggregate vmp * 2^{di * B}, then
|
||||
// we also aggregate ei * 2^{di * B}, with the largest error being ei * 2^{(digits-1) * B}.
|
||||
// As such we can ignore the last digits-2 limbs safely of the sum of vmp products.
|
||||
// It is possible to further ignore the last digits-1 limbs, but this introduce
|
||||
// ~0.5 to 1 bit of additional noise, and thus not chosen here to ensure that the same
|
||||
// noise is kept with respect to the ideal functionality.
|
||||
tmp_dft_i.set_size(tsk.size() - ((digits - di) as isize - 2).max(0) as usize);
|
||||
|
||||
module.vec_znx_dft_copy(digits, digits - 1 - di, &mut tmp_a, 0, ci_dft, col_i);
|
||||
if di == 0 && col_i == 1 {
|
||||
module.vmp_apply(&mut tmp_dft_i, &tmp_a, pmat, scratch2);
|
||||
} else {
|
||||
module.vmp_apply_add(&mut tmp_dft_i, &tmp_a, pmat, di, scratch2);
|
||||
}
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
// Adds -(sum a[i] * s[i]) + m) on the i-th column of tmp_idft_i
|
||||
//
|
||||
// (-(x0s0 + x1s1 + x2s2) + a0s0s0 + a1s0s1 + a2s0s2, x0, x1, x2)
|
||||
// +
|
||||
// (0, -(a0s0 + a1s1 + a2s2) + M[i], 0, 0)
|
||||
// =
|
||||
// (-(x0s0 + x1s1 + x2s2) + s0(a0s0 + a1s1 + a2s2), x0 -(a0s0 + a1s1 + a2s2) + M[i], x1, x2)
|
||||
// =
|
||||
// (-(x0s0 + x1s1 + x2s2), x0 + M[i], x1, x2)
|
||||
module.vec_znx_dft_add_inplace(&mut tmp_dft_i, col_j, ci_dft, 0);
|
||||
let (mut tmp_idft, scratch2) = scratch1.tmp_vec_znx_big(module, 1, tsk.size());
|
||||
(0..cols).for_each(|i| {
|
||||
module.vec_znx_idft_tmp_a(&mut tmp_idft, 0, &mut tmp_dft_i, i);
|
||||
module.vec_znx_big_normalize(self.basek(), res, i, &tmp_idft, 0, scratch2);
|
||||
});
|
||||
}
|
||||
|
||||
pub fn keyswitch<DataLhs: AsRef<[u8]>, DataKsk: AsRef<[u8]>, DataTsk: AsRef<[u8]>>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
lhs: &GGSWCiphertext<DataLhs, FFT64>,
|
||||
ksk: &GLWESwitchingKey<DataKsk, FFT64>,
|
||||
tsk: &GLWETensorKey<DataTsk, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
let rank: usize = self.rank();
|
||||
let cols: usize = rank + 1;
|
||||
let basek: usize = self.basek();
|
||||
|
||||
let (mut tmp_res, scratch1) = scratch.tmp_glwe_ct(module, basek, self.k(), rank);
|
||||
let (mut ci_dft, scratch2) = scratch1.tmp_vec_znx_dft(module, cols, self.size());
|
||||
|
||||
// Keyswitch the j-th row of the col 0
|
||||
(0..lhs.rows()).for_each(|row_i| {
|
||||
// Key-switch column 0, i.e.
|
||||
// col 0: (-(a0s0 + a1s1 + a2s2) + M[i], a0, a1, a2) -> (-(a0s0' + a1s1' + a2s2') + M[i], a0, a1, a2)
|
||||
lhs.keyswitch_internal_col0(module, row_i, &mut tmp_res, ksk, scratch2);
|
||||
|
||||
// Isolates DFT(a[i])
|
||||
(0..cols).for_each(|col_i| {
|
||||
module.vec_znx_dft(1, 0, &mut ci_dft, col_i, &tmp_res.data, col_i);
|
||||
});
|
||||
|
||||
module.mat_znx_dft_set_row(&mut self.data, row_i, 0, &ci_dft);
|
||||
|
||||
// Generates
|
||||
//
|
||||
// col 1: (-(b0s0' + b1s1' + b2s2') , b0 + M[i], b1 , b2 )
|
||||
// col 2: (-(c0s0' + c1s1' + c2s2') , c0 , c1 + M[i], c2 )
|
||||
// col 3: (-(d0s0' + d1s1' + d2s2') , d0 , d1 , d2 + M[i])
|
||||
(1..cols).for_each(|col_j| {
|
||||
self.expand_row(module, col_j, &mut tmp_res.data, &ci_dft, tsk, scratch2);
|
||||
let (mut tmp_res_dft, _) = scratch2.tmp_fourier_glwe_ct(module, basek, self.k(), rank);
|
||||
tmp_res.dft(module, &mut tmp_res_dft);
|
||||
self.set_row(module, row_i, col_j, &tmp_res_dft);
|
||||
});
|
||||
})
|
||||
}
|
||||
|
||||
pub fn keyswitch_inplace<DataKsk: AsRef<[u8]>, DataTsk: AsRef<[u8]>>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
ksk: &GLWESwitchingKey<DataKsk, FFT64>,
|
||||
tsk: &GLWETensorKey<DataTsk, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
unsafe {
|
||||
let self_ptr: *mut GGSWCiphertext<DataSelf, FFT64> = self as *mut GGSWCiphertext<DataSelf, FFT64>;
|
||||
self.keyswitch(module, &*self_ptr, ksk, tsk, scratch);
|
||||
}
|
||||
}
|
||||
|
||||
pub fn automorphism<DataLhs: AsRef<[u8]>, DataAk: AsRef<[u8]>, DataTsk: AsRef<[u8]>>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
lhs: &GGSWCiphertext<DataLhs, FFT64>,
|
||||
auto_key: &GLWEAutomorphismKey<DataAk, FFT64>,
|
||||
tensor_key: &GLWETensorKey<DataTsk, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
assert_eq!(
|
||||
self.rank(),
|
||||
lhs.rank(),
|
||||
"ggsw_out rank: {} != ggsw_in rank: {}",
|
||||
self.rank(),
|
||||
lhs.rank()
|
||||
);
|
||||
assert_eq!(
|
||||
self.rank(),
|
||||
auto_key.rank(),
|
||||
"ggsw_in rank: {} != auto_key rank: {}",
|
||||
self.rank(),
|
||||
auto_key.rank()
|
||||
);
|
||||
assert_eq!(
|
||||
self.rank(),
|
||||
tensor_key.rank(),
|
||||
"ggsw_in rank: {} != tensor_key rank: {}",
|
||||
self.rank(),
|
||||
tensor_key.rank()
|
||||
);
|
||||
assert!(
|
||||
scratch.available()
|
||||
>= GGSWCiphertext::automorphism_scratch_space(
|
||||
module,
|
||||
self.basek(),
|
||||
self.k(),
|
||||
lhs.k(),
|
||||
auto_key.k(),
|
||||
auto_key.digits(),
|
||||
tensor_key.k(),
|
||||
tensor_key.digits(),
|
||||
self.rank(),
|
||||
)
|
||||
)
|
||||
};
|
||||
|
||||
let rank: usize = self.rank();
|
||||
let cols: usize = rank + 1;
|
||||
let basek: usize = self.basek();
|
||||
|
||||
let (mut tmp_res, scratch1) = scratch.tmp_glwe_ct(module, basek, self.k(), rank);
|
||||
let (mut ci_dft, scratch2) = scratch1.tmp_vec_znx_dft(module, cols, self.size());
|
||||
|
||||
// Keyswitch the j-th row of the col 0
|
||||
(0..lhs.rows()).for_each(|row_i| {
|
||||
// Key-switch column 0, i.e.
|
||||
// col 0: (-(a0s0 + a1s1 + a2s2) + M[i], a0, a1, a2) -> (-(a0pi^-1(s0) + a1pi^-1(s1) + a2pi^-1(s2)) + M[i], a0, a1, a2)
|
||||
lhs.keyswitch_internal_col0(module, row_i, &mut tmp_res, &auto_key.key, scratch2);
|
||||
|
||||
// Isolates DFT(AUTO(a[i]))
|
||||
(0..cols).for_each(|col_i| {
|
||||
// (-(a0pi^-1(s0) + a1pi^-1(s1) + a2pi^-1(s2)) + M[i], a0, a1, a2) -> (-(a0s0 + a1s1 + a2s2) + pi(M[i]), a0, a1, a2)
|
||||
module.vec_znx_automorphism_inplace(auto_key.p(), &mut tmp_res.data, col_i);
|
||||
module.vec_znx_dft(1, 0, &mut ci_dft, col_i, &tmp_res.data, col_i);
|
||||
});
|
||||
|
||||
module.mat_znx_dft_set_row(&mut self.data, row_i, 0, &ci_dft);
|
||||
|
||||
// Generates
|
||||
//
|
||||
// col 1: (-(b0s0 + b1s1 + b2s2) , b0 + pi(M[i]), b1 , b2 )
|
||||
// col 2: (-(c0s0 + c1s1 + c2s2) , c0 , c1 + pi(M[i]), c2 )
|
||||
// col 3: (-(d0s0 + d1s1 + d2s2) , d0 , d1 , d2 + pi(M[i]))
|
||||
(1..cols).for_each(|col_j| {
|
||||
self.expand_row(
|
||||
module,
|
||||
col_j,
|
||||
&mut tmp_res.data,
|
||||
&ci_dft,
|
||||
tensor_key,
|
||||
scratch2,
|
||||
);
|
||||
let (mut tmp_res_dft, _) = scratch2.tmp_fourier_glwe_ct(module, basek, self.k(), rank);
|
||||
tmp_res.dft(module, &mut tmp_res_dft);
|
||||
self.set_row(module, row_i, col_j, &tmp_res_dft);
|
||||
});
|
||||
})
|
||||
}
|
||||
|
||||
pub fn automorphism_inplace<DataKsk: AsRef<[u8]>, DataTsk: AsRef<[u8]>>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
auto_key: &GLWEAutomorphismKey<DataKsk, FFT64>,
|
||||
tensor_key: &GLWETensorKey<DataTsk, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
unsafe {
|
||||
let self_ptr: *mut GGSWCiphertext<DataSelf, FFT64> = self as *mut GGSWCiphertext<DataSelf, FFT64>;
|
||||
self.automorphism(module, &*self_ptr, auto_key, tensor_key, scratch);
|
||||
}
|
||||
}
|
||||
|
||||
pub fn external_product<DataLhs: AsRef<[u8]>, DataRhs: AsRef<[u8]>>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
lhs: &GGSWCiphertext<DataLhs, FFT64>,
|
||||
rhs: &GGSWCiphertext<DataRhs, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
assert_eq!(
|
||||
self.rank(),
|
||||
lhs.rank(),
|
||||
"ggsw_out rank: {} != ggsw_in rank: {}",
|
||||
self.rank(),
|
||||
lhs.rank()
|
||||
);
|
||||
assert_eq!(
|
||||
self.rank(),
|
||||
rhs.rank(),
|
||||
"ggsw_in rank: {} != ggsw_apply rank: {}",
|
||||
self.rank(),
|
||||
rhs.rank()
|
||||
);
|
||||
|
||||
assert!(
|
||||
scratch.available()
|
||||
>= GGSWCiphertext::external_product_scratch_space(
|
||||
module,
|
||||
self.basek(),
|
||||
self.k(),
|
||||
lhs.k(),
|
||||
rhs.k(),
|
||||
rhs.digits(),
|
||||
rhs.rank()
|
||||
)
|
||||
)
|
||||
}
|
||||
|
||||
let (mut tmp_ct_in, scratch1) = scratch.tmp_fourier_glwe_ct(module, lhs.basek(), lhs.k(), lhs.rank());
|
||||
let (mut tmp_ct_out, scratch2) = scratch1.tmp_fourier_glwe_ct(module, self.basek(), self.k(), self.rank());
|
||||
|
||||
(0..self.rank() + 1).for_each(|col_i| {
|
||||
(0..self.rows()).for_each(|row_j| {
|
||||
lhs.get_row(module, row_j, col_i, &mut tmp_ct_in);
|
||||
tmp_ct_out.external_product(module, &tmp_ct_in, rhs, scratch2);
|
||||
self.set_row(module, row_j, col_i, &tmp_ct_out);
|
||||
});
|
||||
});
|
||||
|
||||
tmp_ct_out.data.zero();
|
||||
|
||||
(self.rows().min(lhs.rows())..self.rows()).for_each(|row_i| {
|
||||
(0..self.rank() + 1).for_each(|col_j| {
|
||||
self.set_row(module, row_i, col_j, &tmp_ct_out);
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
pub fn external_product_inplace<DataRhs: AsRef<[u8]>>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
rhs: &GGSWCiphertext<DataRhs, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
assert_eq!(
|
||||
self.rank(),
|
||||
rhs.rank(),
|
||||
"ggsw_out rank: {} != ggsw_apply: {}",
|
||||
self.rank(),
|
||||
rhs.rank()
|
||||
);
|
||||
}
|
||||
|
||||
let (mut tmp_ct, scratch1) = scratch.tmp_fourier_glwe_ct(module, self.basek(), self.k(), self.rank());
|
||||
|
||||
(0..self.rank() + 1).for_each(|col_i| {
|
||||
(0..self.rows()).for_each(|row_j| {
|
||||
self.get_row(module, row_j, col_i, &mut tmp_ct);
|
||||
tmp_ct.external_product_inplace(module, rhs, scratch1);
|
||||
self.set_row(module, row_j, col_i, &tmp_ct);
|
||||
});
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
impl<DataSelf: AsRef<[u8]>> GGSWCiphertext<DataSelf, FFT64> {
|
||||
pub(crate) fn keyswitch_internal_col0<DataRes: AsMut<[u8]> + AsRef<[u8]>, DataKsk: AsRef<[u8]>>(
|
||||
&self,
|
||||
module: &Module<FFT64>,
|
||||
row_i: usize,
|
||||
res: &mut GLWECiphertext<DataRes>,
|
||||
ksk: &GLWESwitchingKey<DataKsk, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
assert_eq!(self.rank(), ksk.rank());
|
||||
assert_eq!(res.rank(), ksk.rank());
|
||||
assert!(
|
||||
scratch.available()
|
||||
>= GGSWCiphertext::keyswitch_internal_col0_scratch_space(
|
||||
module,
|
||||
self.basek(),
|
||||
res.k(),
|
||||
self.k(),
|
||||
ksk.k(),
|
||||
ksk.digits(),
|
||||
ksk.rank()
|
||||
)
|
||||
)
|
||||
}
|
||||
let (mut tmp_dft_dft, scratch1) = scratch.tmp_fourier_glwe_ct(module, self.basek(), self.k(), self.rank());
|
||||
self.get_row(module, row_i, 0, &mut tmp_dft_dft);
|
||||
res.keyswitch_from_fourier(module, &tmp_dft_dft, ksk, scratch1);
|
||||
}
|
||||
}
|
||||
|
||||
impl<DataSelf: AsRef<[u8]>> GetRow<FFT64> for GGSWCiphertext<DataSelf, FFT64> {
|
||||
fn get_row<R: AsMut<[u8]> + AsRef<[u8]>>(
|
||||
&self,
|
||||
module: &Module<FFT64>,
|
||||
row_i: usize,
|
||||
col_j: usize,
|
||||
res: &mut FourierGLWECiphertext<R, FFT64>,
|
||||
) {
|
||||
module.mat_znx_dft_get_row(&mut res.data, &self.data, row_i, col_j);
|
||||
}
|
||||
}
|
||||
|
||||
impl<DataSelf: AsMut<[u8]> + AsRef<[u8]>> SetRow<FFT64> for GGSWCiphertext<DataSelf, FFT64> {
|
||||
fn set_row<R: AsRef<[u8]>>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
row_i: usize,
|
||||
col_j: usize,
|
||||
a: &FourierGLWECiphertext<R, FFT64>,
|
||||
) {
|
||||
module.mat_znx_dft_set_row(&mut self.data, row_i, col_j, &a.data);
|
||||
}
|
||||
}
|
||||
79
core/src/ggsw/encryption.rs
Normal file
79
core/src/ggsw/encryption.rs
Normal file
@@ -0,0 +1,79 @@
|
||||
use backend::hal::{
|
||||
api::{
|
||||
ScratchAvailable, TakeVecZnx, TakeVecZnxDft, VecZnxAddScalarInplace, VecZnxAllocBytes, VecZnxNormalizeInplace, ZnxZero,
|
||||
},
|
||||
layouts::{Backend, DataMut, DataRef, Module, ScalarZnx, Scratch},
|
||||
};
|
||||
use sampling::source::Source;
|
||||
|
||||
use crate::{GGSWCiphertext, GLWECiphertext, GLWEEncryptSkFamily, GLWESecretExec, Infos, TakeGLWEPt};
|
||||
|
||||
pub trait GGSWEncryptSkFamily<B: Backend> = GLWEEncryptSkFamily<B>;
|
||||
|
||||
impl GGSWCiphertext<Vec<u8>> {
|
||||
pub fn encrypt_sk_scratch_space<B: Backend>(module: &Module<B>, basek: usize, k: usize, rank: usize) -> usize
|
||||
where
|
||||
Module<B>: GGSWEncryptSkFamily<B> + VecZnxAllocBytes,
|
||||
{
|
||||
let size = k.div_ceil(basek);
|
||||
GLWECiphertext::encrypt_sk_scratch_space(module, basek, k)
|
||||
+ module.vec_znx_alloc_bytes(rank + 1, size)
|
||||
+ module.vec_znx_alloc_bytes(1, size)
|
||||
+ module.vec_znx_dft_alloc_bytes(rank + 1, size)
|
||||
}
|
||||
}
|
||||
|
||||
impl<DataSelf: DataMut> GGSWCiphertext<DataSelf> {
|
||||
pub fn encrypt_sk<DataPt: DataRef, DataSk: DataRef, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<B>,
|
||||
pt: &ScalarZnx<DataPt>,
|
||||
sk: &GLWESecretExec<DataSk, B>,
|
||||
source_xa: &mut Source,
|
||||
source_xe: &mut Source,
|
||||
sigma: f64,
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
Module<B>: GGSWEncryptSkFamily<B> + VecZnxAddScalarInplace,
|
||||
Scratch<B>: TakeVecZnxDft<B> + ScratchAvailable + TakeVecZnx<B>,
|
||||
{
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
use backend::hal::api::ZnxInfos;
|
||||
|
||||
assert_eq!(self.rank(), sk.rank());
|
||||
assert_eq!(self.n(), module.n());
|
||||
assert_eq!(pt.n(), module.n());
|
||||
assert_eq!(sk.n(), module.n());
|
||||
}
|
||||
|
||||
let basek: usize = self.basek();
|
||||
let k: usize = self.k();
|
||||
let rank: usize = self.rank();
|
||||
let digits: usize = self.digits();
|
||||
|
||||
let (mut tmp_pt, scratch1) = scratch.take_glwe_pt(module, basek, k);
|
||||
|
||||
(0..self.rows()).for_each(|row_i| {
|
||||
tmp_pt.data.zero();
|
||||
|
||||
// Adds the scalar_znx_pt to the i-th limb of the vec_znx_pt
|
||||
module.vec_znx_add_scalar_inplace(&mut tmp_pt.data, 0, (digits - 1) + row_i * digits, pt, 0);
|
||||
module.vec_znx_normalize_inplace(basek, &mut tmp_pt.data, 0, scratch1);
|
||||
|
||||
(0..rank + 1).for_each(|col_j| {
|
||||
// rlwe encrypt of vec_znx_pt into vec_znx_ct
|
||||
|
||||
self.at_mut(row_i, col_j).encrypt_sk_private(
|
||||
module,
|
||||
Some((&tmp_pt, col_j)),
|
||||
sk,
|
||||
source_xa,
|
||||
source_xe,
|
||||
sigma,
|
||||
scratch1,
|
||||
);
|
||||
});
|
||||
});
|
||||
}
|
||||
}
|
||||
123
core/src/ggsw/external_product.rs
Normal file
123
core/src/ggsw/external_product.rs
Normal file
@@ -0,0 +1,123 @@
|
||||
use backend::hal::{
|
||||
api::{ScratchAvailable, TakeVecZnxDft, ZnxZero},
|
||||
layouts::{Backend, DataMut, DataRef, Module, Scratch},
|
||||
};
|
||||
|
||||
use crate::{GGSWCiphertext, GGSWCiphertextExec, GLWECiphertext, GLWEExternalProductFamily, Infos};
|
||||
|
||||
impl GGSWCiphertext<Vec<u8>> {
|
||||
pub fn external_product_scratch_space<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k_out: usize,
|
||||
k_in: usize,
|
||||
k_ggsw: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> usize
|
||||
where
|
||||
Module<B>: GLWEExternalProductFamily<B>,
|
||||
{
|
||||
GLWECiphertext::external_product_scratch_space(module, basek, k_out, k_in, k_ggsw, digits, rank)
|
||||
}
|
||||
|
||||
pub fn external_product_inplace_scratch_space<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k_out: usize,
|
||||
k_ggsw: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> usize
|
||||
where
|
||||
Module<B>: GLWEExternalProductFamily<B>,
|
||||
{
|
||||
GLWECiphertext::external_product_inplace_scratch_space(module, basek, k_out, k_ggsw, digits, rank)
|
||||
}
|
||||
}
|
||||
|
||||
impl<DataSelf: DataMut> GGSWCiphertext<DataSelf> {
|
||||
pub fn external_product<DataLhs: DataRef, DataRhs: DataRef, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<B>,
|
||||
lhs: &GGSWCiphertext<DataLhs>,
|
||||
rhs: &GGSWCiphertextExec<DataRhs, B>,
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
Module<B>: GLWEExternalProductFamily<B>,
|
||||
Scratch<B>: ScratchAvailable + TakeVecZnxDft<B>,
|
||||
{
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
use crate::{GGSWCiphertext, Infos};
|
||||
|
||||
assert_eq!(
|
||||
self.rank(),
|
||||
lhs.rank(),
|
||||
"ggsw_out rank: {} != ggsw_in rank: {}",
|
||||
self.rank(),
|
||||
lhs.rank()
|
||||
);
|
||||
assert_eq!(
|
||||
self.rank(),
|
||||
rhs.rank(),
|
||||
"ggsw_in rank: {} != ggsw_apply rank: {}",
|
||||
self.rank(),
|
||||
rhs.rank()
|
||||
);
|
||||
|
||||
assert!(
|
||||
scratch.available()
|
||||
>= GGSWCiphertext::external_product_scratch_space(
|
||||
module,
|
||||
self.basek(),
|
||||
self.k(),
|
||||
lhs.k(),
|
||||
rhs.k(),
|
||||
rhs.digits(),
|
||||
rhs.rank()
|
||||
)
|
||||
)
|
||||
}
|
||||
|
||||
let min_rows: usize = self.rows().min(lhs.rows());
|
||||
|
||||
(0..self.rank() + 1).for_each(|col_i| {
|
||||
(0..min_rows).for_each(|row_j| {
|
||||
self.at_mut(row_j, col_i)
|
||||
.external_product(module, &lhs.at(row_j, col_i), rhs, scratch);
|
||||
});
|
||||
(min_rows..self.rows()).for_each(|row_i| {
|
||||
self.at_mut(row_i, col_i).data.zero();
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
pub fn external_product_inplace<DataRhs: DataRef, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<B>,
|
||||
rhs: &GGSWCiphertextExec<DataRhs, B>,
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
Module<B>: GLWEExternalProductFamily<B>,
|
||||
Scratch<B>: TakeVecZnxDft<B> + ScratchAvailable,
|
||||
{
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
assert_eq!(
|
||||
self.rank(),
|
||||
rhs.rank(),
|
||||
"ggsw_out rank: {} != ggsw_apply: {}",
|
||||
self.rank(),
|
||||
rhs.rank()
|
||||
);
|
||||
}
|
||||
|
||||
(0..self.rank() + 1).for_each(|col_i| {
|
||||
(0..self.rows()).for_each(|row_j| {
|
||||
self.at_mut(row_j, col_i)
|
||||
.external_product_inplace(module, rhs, scratch);
|
||||
});
|
||||
});
|
||||
}
|
||||
}
|
||||
253
core/src/ggsw/keyswitch.rs
Normal file
253
core/src/ggsw/keyswitch.rs
Normal file
@@ -0,0 +1,253 @@
|
||||
use backend::hal::{
|
||||
api::{
|
||||
ScratchAvailable, TakeVecZnxBig, TakeVecZnxDft, VecZnxAllocBytes, VecZnxBigAllocBytes, VecZnxDftAddInplace,
|
||||
VecZnxDftCopy, VecZnxDftToVecZnxBigTmpA, VecZnxNormalizeTmpBytes, ZnxInfos,
|
||||
},
|
||||
layouts::{Backend, DataMut, DataRef, Module, Scratch, VecZnxDft, VmpPMat},
|
||||
};
|
||||
|
||||
use crate::{GGSWCiphertext, GLWECiphertext, GLWEKeyswitchFamily, GLWESwitchingKeyExec, GLWETensorKeyExec, Infos};
|
||||
|
||||
pub trait GGSWKeySwitchFamily<B> =
|
||||
GLWEKeyswitchFamily<B> + VecZnxBigAllocBytes + VecZnxDftCopy<B> + VecZnxDftAddInplace<B> + VecZnxDftToVecZnxBigTmpA<B>;
|
||||
|
||||
impl GGSWCiphertext<Vec<u8>> {
|
||||
pub(crate) fn expand_row_scratch_space<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
self_k: usize,
|
||||
k_tsk: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> usize
|
||||
where
|
||||
Module<B>: GGSWKeySwitchFamily<B> + VecZnxNormalizeTmpBytes,
|
||||
{
|
||||
let tsk_size: usize = k_tsk.div_ceil(basek);
|
||||
let self_size_out: usize = self_k.div_ceil(basek);
|
||||
let self_size_in: usize = self_size_out.div_ceil(digits);
|
||||
|
||||
let tmp_dft_i: usize = module.vec_znx_dft_alloc_bytes(rank + 1, tsk_size);
|
||||
let tmp_a: usize = module.vec_znx_dft_alloc_bytes(1, self_size_in);
|
||||
let vmp: usize = module.vmp_apply_tmp_bytes(
|
||||
self_size_out,
|
||||
self_size_in,
|
||||
self_size_in,
|
||||
rank,
|
||||
rank,
|
||||
tsk_size,
|
||||
);
|
||||
let tmp_idft: usize = module.vec_znx_big_alloc_bytes(1, tsk_size);
|
||||
let norm: usize = module.vec_znx_normalize_tmp_bytes(module.n());
|
||||
tmp_dft_i + ((tmp_a + vmp) | (tmp_idft + norm))
|
||||
}
|
||||
|
||||
pub fn keyswitch_scratch_space<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k_out: usize,
|
||||
k_in: usize,
|
||||
k_ksk: usize,
|
||||
digits_ksk: usize,
|
||||
k_tsk: usize,
|
||||
digits_tsk: usize,
|
||||
rank: usize,
|
||||
) -> usize
|
||||
where
|
||||
Module<B>: GLWEKeyswitchFamily<B> + GGSWKeySwitchFamily<B> + VecZnxAllocBytes + VecZnxNormalizeTmpBytes,
|
||||
{
|
||||
let out_size: usize = k_out.div_ceil(basek);
|
||||
let res_znx: usize = module.vec_znx_alloc_bytes(rank + 1, out_size);
|
||||
let ci_dft: usize = module.vec_znx_dft_alloc_bytes(rank + 1, out_size);
|
||||
let ks: usize = GLWECiphertext::keyswitch_scratch_space(module, basek, k_out, k_in, k_ksk, digits_ksk, rank, rank);
|
||||
let expand_rows: usize = GGSWCiphertext::expand_row_scratch_space(module, basek, k_out, k_tsk, digits_tsk, rank);
|
||||
let res_dft: usize = module.vec_znx_dft_alloc_bytes(rank + 1, out_size);
|
||||
res_znx + ci_dft + (ks | expand_rows | res_dft)
|
||||
}
|
||||
|
||||
pub fn keyswitch_inplace_scratch_space<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k_out: usize,
|
||||
k_ksk: usize,
|
||||
digits_ksk: usize,
|
||||
k_tsk: usize,
|
||||
digits_tsk: usize,
|
||||
rank: usize,
|
||||
) -> usize
|
||||
where
|
||||
Module<B>: GLWEKeyswitchFamily<B> + GGSWKeySwitchFamily<B> + VecZnxAllocBytes + VecZnxNormalizeTmpBytes,
|
||||
{
|
||||
GGSWCiphertext::keyswitch_scratch_space(
|
||||
module, basek, k_out, k_out, k_ksk, digits_ksk, k_tsk, digits_tsk, rank,
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
impl<DataSelf: DataMut> GGSWCiphertext<DataSelf> {
|
||||
pub(crate) fn expand_row<DataCi: DataRef, DataTsk: DataRef, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<B>,
|
||||
row_i: usize,
|
||||
col_j: usize,
|
||||
ci_dft: &VecZnxDft<DataCi, B>,
|
||||
tsk: &GLWETensorKeyExec<DataTsk, B>,
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
Module<B>: GGSWKeySwitchFamily<B> + VecZnxNormalizeTmpBytes,
|
||||
Scratch<B>: TakeVecZnxDft<B> + TakeVecZnxBig<B> + ScratchAvailable,
|
||||
{
|
||||
let cols: usize = self.rank() + 1;
|
||||
|
||||
assert!(
|
||||
scratch.available()
|
||||
>= GGSWCiphertext::expand_row_scratch_space(
|
||||
module,
|
||||
self.basek(),
|
||||
self.k(),
|
||||
tsk.k(),
|
||||
tsk.digits(),
|
||||
tsk.rank()
|
||||
)
|
||||
);
|
||||
|
||||
// Example for rank 3:
|
||||
//
|
||||
// Note: M is a vector (m, Bm, B^2m, B^3m, ...), so each column is
|
||||
// actually composed of that many rows and we focus on a specific row here
|
||||
// implicitely given ci_dft.
|
||||
//
|
||||
// # Input
|
||||
//
|
||||
// col 0: (-(a0s0 + a1s1 + a2s2) + M[i], a0 , a1 , a2 )
|
||||
// col 1: (0, 0, 0, 0)
|
||||
// col 2: (0, 0, 0, 0)
|
||||
// col 3: (0, 0, 0, 0)
|
||||
//
|
||||
// # Output
|
||||
//
|
||||
// col 0: (-(a0s0 + a1s1 + a2s2) + M[i], a0 , a1 , a2 )
|
||||
// col 1: (-(b0s0 + b1s1 + b2s2) , b0 + M[i], b1 , b2 )
|
||||
// col 2: (-(c0s0 + c1s1 + c2s2) , c0 , c1 + M[i], c2 )
|
||||
// col 3: (-(d0s0 + d1s1 + d2s2) , d0 , d1 , d2 + M[i])
|
||||
|
||||
let digits: usize = tsk.digits();
|
||||
|
||||
let (mut tmp_dft_i, scratch1) = scratch.take_vec_znx_dft(module, cols, tsk.size());
|
||||
let (mut tmp_a, scratch2) = scratch1.take_vec_znx_dft(module, 1, ci_dft.size().div_ceil(digits));
|
||||
|
||||
{
|
||||
// Performs a key-switch for each combination of s[i]*s[j], i.e. for a0, a1, a2
|
||||
//
|
||||
// # Example for col=1
|
||||
//
|
||||
// a0 * (-(f0s0 + f1s1 + f1s2) + s0^2, f0, f1, f2) = (-(a0f0s0 + a0f1s1 + a0f1s2) + a0s0^2, a0f0, a0f1, a0f2)
|
||||
// +
|
||||
// a1 * (-(g0s0 + g1s1 + g1s2) + s0s1, g0, g1, g2) = (-(a1g0s0 + a1g1s1 + a1g1s2) + a1s0s1, a1g0, a1g1, a1g2)
|
||||
// +
|
||||
// a2 * (-(h0s0 + h1s1 + h1s2) + s0s2, h0, h1, h2) = (-(a2h0s0 + a2h1s1 + a2h1s2) + a2s0s2, a2h0, a2h1, a2h2)
|
||||
// =
|
||||
// (-(x0s0 + x1s1 + x2s2) + s0(a0s0 + a1s1 + a2s2), x0, x1, x2)
|
||||
(1..cols).for_each(|col_i| {
|
||||
let pmat: &VmpPMat<DataTsk, B> = &tsk.at(col_i - 1, col_j - 1).key.data; // Selects Enc(s[i]s[j])
|
||||
|
||||
// Extracts a[i] and multipies with Enc(s[i]s[j])
|
||||
(0..digits).for_each(|di| {
|
||||
tmp_a.set_size((ci_dft.size() + di) / digits);
|
||||
|
||||
// Small optimization for digits > 2
|
||||
// VMP produce some error e, and since we aggregate vmp * 2^{di * B}, then
|
||||
// we also aggregate ei * 2^{di * B}, with the largest error being ei * 2^{(digits-1) * B}.
|
||||
// As such we can ignore the last digits-2 limbs safely of the sum of vmp products.
|
||||
// It is possible to further ignore the last digits-1 limbs, but this introduce
|
||||
// ~0.5 to 1 bit of additional noise, and thus not chosen here to ensure that the same
|
||||
// noise is kept with respect to the ideal functionality.
|
||||
tmp_dft_i.set_size(tsk.size() - ((digits - di) as isize - 2).max(0) as usize);
|
||||
|
||||
module.vec_znx_dft_copy(digits, digits - 1 - di, &mut tmp_a, 0, ci_dft, col_i);
|
||||
if di == 0 && col_i == 1 {
|
||||
module.vmp_apply(&mut tmp_dft_i, &tmp_a, pmat, scratch2);
|
||||
} else {
|
||||
module.vmp_apply_add(&mut tmp_dft_i, &tmp_a, pmat, di, scratch2);
|
||||
}
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
// Adds -(sum a[i] * s[i]) + m) on the i-th column of tmp_idft_i
|
||||
//
|
||||
// (-(x0s0 + x1s1 + x2s2) + a0s0s0 + a1s0s1 + a2s0s2, x0, x1, x2)
|
||||
// +
|
||||
// (0, -(a0s0 + a1s1 + a2s2) + M[i], 0, 0)
|
||||
// =
|
||||
// (-(x0s0 + x1s1 + x2s2) + s0(a0s0 + a1s1 + a2s2), x0 -(a0s0 + a1s1 + a2s2) + M[i], x1, x2)
|
||||
// =
|
||||
// (-(x0s0 + x1s1 + x2s2), x0 + M[i], x1, x2)
|
||||
module.vec_znx_dft_add_inplace(&mut tmp_dft_i, col_j, ci_dft, 0);
|
||||
let (mut tmp_idft, scratch2) = scratch1.take_vec_znx_big(module, 1, tsk.size());
|
||||
(0..cols).for_each(|i| {
|
||||
module.vec_znx_dft_to_vec_znx_big_tmp_a(&mut tmp_idft, 0, &mut tmp_dft_i, i);
|
||||
module.vec_znx_big_normalize(
|
||||
self.basek(),
|
||||
&mut self.at_mut(row_i, col_j).data,
|
||||
i,
|
||||
&tmp_idft,
|
||||
0,
|
||||
scratch2,
|
||||
);
|
||||
});
|
||||
}
|
||||
|
||||
pub fn keyswitch<DataLhs: DataRef, DataKsk: DataRef, DataTsk: DataRef, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<B>,
|
||||
lhs: &GGSWCiphertext<DataLhs>,
|
||||
ksk: &GLWESwitchingKeyExec<DataKsk, B>,
|
||||
tsk: &GLWETensorKeyExec<DataTsk, B>,
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
Module<B>: GLWEKeyswitchFamily<B> + GGSWKeySwitchFamily<B> + VecZnxNormalizeTmpBytes,
|
||||
Scratch<B>: TakeVecZnxDft<B> + TakeVecZnxBig<B> + ScratchAvailable,
|
||||
{
|
||||
let rank: usize = self.rank();
|
||||
let cols: usize = rank + 1;
|
||||
|
||||
// Keyswitch the j-th row of the col 0
|
||||
(0..lhs.rows()).for_each(|row_i| {
|
||||
// Key-switch column 0, i.e.
|
||||
// col 0: (-(a0s0 + a1s1 + a2s2) + M[i], a0, a1, a2) -> (-(a0s0' + a1s1' + a2s2') + M[i], a0, a1, a2)
|
||||
self.at_mut(row_i, 0)
|
||||
.keyswitch(module, &lhs.at(row_i, 0), ksk, scratch);
|
||||
|
||||
// Pre-compute DFT of (a0, a1, a2)
|
||||
let (mut ci_dft, scratch1) = scratch.take_vec_znx_dft(module, cols, self.size());
|
||||
(0..cols).for_each(|i| {
|
||||
module.vec_znx_dft_from_vec_znx(1, 0, &mut ci_dft, i, &self.at(row_i, 0).data, i);
|
||||
});
|
||||
// Generates
|
||||
//
|
||||
// col 1: (-(b0s0' + b1s1' + b2s2') , b0 + M[i], b1 , b2 )
|
||||
// col 2: (-(c0s0' + c1s1' + c2s2') , c0 , c1 + M[i], c2 )
|
||||
// col 3: (-(d0s0' + d1s1' + d2s2') , d0 , d1 , d2 + M[i])
|
||||
(1..cols).for_each(|col_j| {
|
||||
self.expand_row(module, row_i, col_j, &ci_dft, tsk, scratch1);
|
||||
});
|
||||
})
|
||||
}
|
||||
|
||||
pub fn keyswitch_inplace<DataKsk: DataRef, DataTsk: DataRef, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<B>,
|
||||
ksk: &GLWESwitchingKeyExec<DataKsk, B>,
|
||||
tsk: &GLWETensorKeyExec<DataTsk, B>,
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
Module<B>: GLWEKeyswitchFamily<B> + GGSWKeySwitchFamily<B> + VecZnxNormalizeTmpBytes,
|
||||
Scratch<B>: TakeVecZnxDft<B> + TakeVecZnxBig<B> + ScratchAvailable,
|
||||
{
|
||||
unsafe {
|
||||
let self_ptr: *mut GGSWCiphertext<DataSelf> = self as *mut GGSWCiphertext<DataSelf>;
|
||||
self.keyswitch(module, &*self_ptr, ksk, tsk, scratch);
|
||||
}
|
||||
}
|
||||
}
|
||||
259
core/src/ggsw/layout.rs
Normal file
259
core/src/ggsw/layout.rs
Normal file
@@ -0,0 +1,259 @@
|
||||
use backend::hal::{
|
||||
api::{MatZnxAlloc, MatZnxAllocBytes, VmpPMatAlloc, VmpPMatAllocBytes, VmpPMatPrepare},
|
||||
layouts::{Backend, Data, DataMut, DataRef, MatZnx, Module, ReaderFrom, Scratch, VmpPMat, WriterTo},
|
||||
};
|
||||
|
||||
use crate::{GLWECiphertext, Infos};
|
||||
|
||||
pub trait GGSWLayoutFamily<B: Backend> = VmpPMatAlloc<B> + VmpPMatAllocBytes + VmpPMatPrepare<B>;
|
||||
|
||||
#[derive(PartialEq, Eq)]
|
||||
pub struct GGSWCiphertext<D: Data> {
|
||||
pub(crate) data: MatZnx<D>,
|
||||
pub(crate) basek: usize,
|
||||
pub(crate) k: usize,
|
||||
pub(crate) digits: usize,
|
||||
}
|
||||
|
||||
impl<D: DataRef> GGSWCiphertext<D> {
|
||||
pub fn at(&self, row: usize, col: usize) -> GLWECiphertext<&[u8]> {
|
||||
GLWECiphertext {
|
||||
data: self.data.at(row, col),
|
||||
basek: self.basek,
|
||||
k: self.k,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: DataMut> GGSWCiphertext<D> {
|
||||
pub fn at_mut(&mut self, row: usize, col: usize) -> GLWECiphertext<&mut [u8]> {
|
||||
GLWECiphertext {
|
||||
data: self.data.at_mut(row, col),
|
||||
basek: self.basek,
|
||||
k: self.k,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
impl GGSWCiphertext<Vec<u8>> {
|
||||
pub fn alloc<B: Backend>(module: &Module<B>, basek: usize, k: usize, rows: usize, digits: usize, rank: usize) -> Self
|
||||
where
|
||||
Module<B>: MatZnxAlloc,
|
||||
{
|
||||
let size: usize = k.div_ceil(basek);
|
||||
debug_assert!(digits > 0, "invalid ggsw: `digits` == 0");
|
||||
|
||||
debug_assert!(
|
||||
size > digits,
|
||||
"invalid ggsw: ceil(k/basek): {} <= digits: {}",
|
||||
size,
|
||||
digits
|
||||
);
|
||||
|
||||
assert!(
|
||||
rows * digits <= size,
|
||||
"invalid ggsw: rows: {} * digits:{} > ceil(k/basek): {}",
|
||||
rows,
|
||||
digits,
|
||||
size
|
||||
);
|
||||
|
||||
Self {
|
||||
data: module.mat_znx_alloc(rows, rank + 1, rank + 1, k.div_ceil(basek)),
|
||||
basek,
|
||||
k: k,
|
||||
digits,
|
||||
}
|
||||
}
|
||||
|
||||
pub fn bytes_of<B: Backend>(module: &Module<B>, basek: usize, k: usize, rows: usize, digits: usize, rank: usize) -> usize
|
||||
where
|
||||
Module<B>: MatZnxAllocBytes,
|
||||
{
|
||||
let size: usize = k.div_ceil(basek);
|
||||
debug_assert!(
|
||||
size > digits,
|
||||
"invalid ggsw: ceil(k/basek): {} <= digits: {}",
|
||||
size,
|
||||
digits
|
||||
);
|
||||
|
||||
assert!(
|
||||
rows * digits <= size,
|
||||
"invalid ggsw: rows: {} * digits:{} > ceil(k/basek): {}",
|
||||
rows,
|
||||
digits,
|
||||
size
|
||||
);
|
||||
|
||||
module.mat_znx_alloc_bytes(rows, rank + 1, rank + 1, size)
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: Data> Infos for GGSWCiphertext<D> {
|
||||
type Inner = MatZnx<D>;
|
||||
|
||||
fn inner(&self) -> &Self::Inner {
|
||||
&self.data
|
||||
}
|
||||
|
||||
fn basek(&self) -> usize {
|
||||
self.basek
|
||||
}
|
||||
|
||||
fn k(&self) -> usize {
|
||||
self.k
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: Data> GGSWCiphertext<D> {
|
||||
pub fn rank(&self) -> usize {
|
||||
self.data.cols_out() - 1
|
||||
}
|
||||
|
||||
pub fn digits(&self) -> usize {
|
||||
self.digits
|
||||
}
|
||||
}
|
||||
|
||||
use byteorder::{LittleEndian, ReadBytesExt, WriteBytesExt};
|
||||
|
||||
impl<D: DataMut> ReaderFrom for GGSWCiphertext<D> {
|
||||
fn read_from<R: std::io::Read>(&mut self, reader: &mut R) -> std::io::Result<()> {
|
||||
self.k = reader.read_u64::<LittleEndian>()? as usize;
|
||||
self.basek = reader.read_u64::<LittleEndian>()? as usize;
|
||||
self.digits = reader.read_u64::<LittleEndian>()? as usize;
|
||||
self.data.read_from(reader)
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: DataRef> WriterTo for GGSWCiphertext<D> {
|
||||
fn write_to<W: std::io::Write>(&self, writer: &mut W) -> std::io::Result<()> {
|
||||
writer.write_u64::<LittleEndian>(self.k as u64)?;
|
||||
writer.write_u64::<LittleEndian>(self.basek as u64)?;
|
||||
writer.write_u64::<LittleEndian>(self.digits as u64)?;
|
||||
self.data.write_to(writer)
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(PartialEq, Eq)]
|
||||
pub struct GGSWCiphertextExec<D: Data, B: Backend> {
|
||||
pub(crate) data: VmpPMat<D, B>,
|
||||
pub(crate) basek: usize,
|
||||
pub(crate) k: usize,
|
||||
pub(crate) digits: usize,
|
||||
}
|
||||
|
||||
impl<B: Backend> GGSWCiphertextExec<Vec<u8>, B> {
|
||||
pub fn alloc(module: &Module<B>, basek: usize, k: usize, rows: usize, digits: usize, rank: usize) -> Self
|
||||
where
|
||||
Module<B>: GGSWLayoutFamily<B>,
|
||||
{
|
||||
let size: usize = k.div_ceil(basek);
|
||||
debug_assert!(digits > 0, "invalid ggsw: `digits` == 0");
|
||||
|
||||
debug_assert!(
|
||||
size > digits,
|
||||
"invalid ggsw: ceil(k/basek): {} <= digits: {}",
|
||||
size,
|
||||
digits
|
||||
);
|
||||
|
||||
assert!(
|
||||
rows * digits <= size,
|
||||
"invalid ggsw: rows: {} * digits:{} > ceil(k/basek): {}",
|
||||
rows,
|
||||
digits,
|
||||
size
|
||||
);
|
||||
|
||||
Self {
|
||||
data: module.vmp_pmat_alloc(rows, rank + 1, rank + 1, k.div_ceil(basek)),
|
||||
basek,
|
||||
k: k,
|
||||
digits,
|
||||
}
|
||||
}
|
||||
|
||||
pub fn bytes_of(module: &Module<B>, basek: usize, k: usize, rows: usize, digits: usize, rank: usize) -> usize
|
||||
where
|
||||
Module<B>: GGSWLayoutFamily<B>,
|
||||
{
|
||||
let size: usize = k.div_ceil(basek);
|
||||
debug_assert!(
|
||||
size > digits,
|
||||
"invalid ggsw: ceil(k/basek): {} <= digits: {}",
|
||||
size,
|
||||
digits
|
||||
);
|
||||
|
||||
assert!(
|
||||
rows * digits <= size,
|
||||
"invalid ggsw: rows: {} * digits:{} > ceil(k/basek): {}",
|
||||
rows,
|
||||
digits,
|
||||
size
|
||||
);
|
||||
|
||||
module.vmp_pmat_alloc_bytes(rows, rank + 1, rank + 1, size)
|
||||
}
|
||||
|
||||
pub fn from<DataOther: DataRef>(
|
||||
module: &Module<B>,
|
||||
other: &GGSWCiphertext<DataOther>,
|
||||
scratch: &mut Scratch<B>,
|
||||
) -> GGSWCiphertextExec<Vec<u8>, B>
|
||||
where
|
||||
Module<B>: GGSWLayoutFamily<B>,
|
||||
{
|
||||
let mut ggsw_exec: GGSWCiphertextExec<Vec<u8>, B> = Self::alloc(
|
||||
module,
|
||||
other.basek(),
|
||||
other.k(),
|
||||
other.rows(),
|
||||
other.digits(),
|
||||
other.rank(),
|
||||
);
|
||||
ggsw_exec.prepare(module, other, scratch);
|
||||
ggsw_exec
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: Data, B: Backend> Infos for GGSWCiphertextExec<D, B> {
|
||||
type Inner = VmpPMat<D, B>;
|
||||
|
||||
fn inner(&self) -> &Self::Inner {
|
||||
&self.data
|
||||
}
|
||||
|
||||
fn basek(&self) -> usize {
|
||||
self.basek
|
||||
}
|
||||
|
||||
fn k(&self) -> usize {
|
||||
self.k
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: Data, B: Backend> GGSWCiphertextExec<D, B> {
|
||||
pub fn rank(&self) -> usize {
|
||||
self.data.cols_out() - 1
|
||||
}
|
||||
|
||||
pub fn digits(&self) -> usize {
|
||||
self.digits
|
||||
}
|
||||
}
|
||||
|
||||
impl<DataSelf: DataMut, B: Backend> GGSWCiphertextExec<DataSelf, B> {
|
||||
pub fn prepare<DataOther>(&mut self, module: &Module<B>, other: &GGSWCiphertext<DataOther>, scratch: &mut Scratch<B>)
|
||||
where
|
||||
DataOther: DataRef,
|
||||
Module<B>: GGSWLayoutFamily<B>,
|
||||
{
|
||||
module.vmp_prepare(&mut self.data, &other.data, scratch);
|
||||
self.k = other.k;
|
||||
self.basek = other.basek;
|
||||
self.digits = other.digits;
|
||||
}
|
||||
}
|
||||
@@ -1,6 +1,14 @@
|
||||
pub mod ciphertext;
|
||||
mod automorphism;
|
||||
mod encryption;
|
||||
mod external_product;
|
||||
mod keyswitch;
|
||||
mod layout;
|
||||
mod noise;
|
||||
|
||||
pub use ciphertext::GGSWCiphertext;
|
||||
pub use encryption::GGSWEncryptSkFamily;
|
||||
pub use keyswitch::GGSWKeySwitchFamily;
|
||||
pub use layout::{GGSWCiphertext, GGSWCiphertextExec, GGSWLayoutFamily};
|
||||
pub use noise::GGSWAssertNoiseFamily;
|
||||
|
||||
#[cfg(test)]
|
||||
mod test_fft64;
|
||||
mod test;
|
||||
|
||||
73
core/src/ggsw/noise.rs
Normal file
73
core/src/ggsw/noise.rs
Normal file
@@ -0,0 +1,73 @@
|
||||
use backend::hal::{
|
||||
api::{
|
||||
ScratchOwnedAlloc, ScratchOwnedBorrow, VecZnxAddScalarInplace, VecZnxAlloc, VecZnxBigAlloc, VecZnxBigNormalize,
|
||||
VecZnxBigNormalizeTmpBytes, VecZnxDftAlloc, VecZnxDftToVecZnxBigTmpA, VecZnxNormalizeTmpBytes, VecZnxStd,
|
||||
VecZnxSubABInplace, ZnxZero,
|
||||
},
|
||||
layouts::{Backend, DataRef, Module, ScalarZnx, ScratchOwned, VecZnxBig, VecZnxDft},
|
||||
oep::{ScratchOwnedAllocImpl, ScratchOwnedBorrowImpl, TakeVecZnxBigImpl, TakeVecZnxDftImpl},
|
||||
};
|
||||
|
||||
use crate::{GGSWCiphertext, GLWECiphertext, GLWEDecryptFamily, GLWEPlaintext, GLWESecretExec, Infos};
|
||||
|
||||
pub trait GGSWAssertNoiseFamily<B: Backend> = GLWEDecryptFamily<B>
|
||||
+ VecZnxBigAlloc<B>
|
||||
+ VecZnxDftAlloc<B>
|
||||
+ VecZnxBigNormalizeTmpBytes
|
||||
+ VecZnxBigNormalize<B>
|
||||
+ VecZnxDftToVecZnxBigTmpA<B>;
|
||||
|
||||
impl<D: DataRef> GGSWCiphertext<D> {
|
||||
pub fn assert_noise<B: Backend, DataSk, DataScalar, F>(
|
||||
&self,
|
||||
module: &Module<B>,
|
||||
sk_exec: &GLWESecretExec<DataSk, B>,
|
||||
pt_want: &ScalarZnx<DataScalar>,
|
||||
max_noise: F,
|
||||
) where
|
||||
DataSk: DataRef,
|
||||
DataScalar: DataRef,
|
||||
Module<B>: GGSWAssertNoiseFamily<B> + VecZnxAlloc + VecZnxAddScalarInplace + VecZnxSubABInplace + VecZnxStd,
|
||||
B: TakeVecZnxDftImpl<B> + TakeVecZnxBigImpl<B> + ScratchOwnedAllocImpl<B> + ScratchOwnedBorrowImpl<B>,
|
||||
F: Fn(usize) -> f64,
|
||||
{
|
||||
let basek: usize = self.basek();
|
||||
let k: usize = self.k();
|
||||
let digits: usize = self.digits();
|
||||
|
||||
let mut pt: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(module, basek, k);
|
||||
let mut pt_have: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(module, basek, k);
|
||||
let mut pt_dft: VecZnxDft<Vec<u8>, B> = module.vec_znx_dft_alloc(1, self.size());
|
||||
let mut pt_big: VecZnxBig<Vec<u8>, B> = module.vec_znx_big_alloc(1, self.size());
|
||||
|
||||
let mut scratch: ScratchOwned<B> = ScratchOwned::alloc(
|
||||
GLWECiphertext::decrypt_scratch_space(module, basek, k) | module.vec_znx_normalize_tmp_bytes(module.n()),
|
||||
);
|
||||
|
||||
(0..self.rank() + 1).for_each(|col_j| {
|
||||
(0..self.rows()).for_each(|row_i| {
|
||||
module.vec_znx_add_scalar_inplace(&mut pt.data, 0, (digits - 1) + row_i * digits, pt_want, 0);
|
||||
|
||||
// mul with sk[col_j-1]
|
||||
if col_j > 0 {
|
||||
module.vec_znx_dft_from_vec_znx(1, 0, &mut pt_dft, 0, &pt.data, 0);
|
||||
module.svp_apply_inplace(&mut pt_dft, 0, &sk_exec.data, col_j - 1);
|
||||
module.vec_znx_dft_to_vec_znx_big_tmp_a(&mut pt_big, 0, &mut pt_dft, 0);
|
||||
module.vec_znx_big_normalize(basek, &mut pt.data, 0, &pt_big, 0, scratch.borrow());
|
||||
}
|
||||
|
||||
self.at(row_i, col_j)
|
||||
.decrypt(module, &mut pt_have, &sk_exec, scratch.borrow());
|
||||
|
||||
module.vec_znx_sub_ab_inplace(&mut pt_have.data, 0, &pt.data, 0);
|
||||
|
||||
let std_pt: f64 = module.vec_znx_std(basek, &pt_have.data, 0).log2();
|
||||
let noise: f64 = max_noise(col_j);
|
||||
println!("{} {}", std_pt, noise);
|
||||
assert!(std_pt <= noise, "{} > {}", std_pt, noise);
|
||||
|
||||
pt.data.zero();
|
||||
});
|
||||
});
|
||||
}
|
||||
}
|
||||
724
core/src/ggsw/test/generic_tests.rs
Normal file
724
core/src/ggsw/test/generic_tests.rs
Normal file
@@ -0,0 +1,724 @@
|
||||
use backend::hal::{
|
||||
api::{
|
||||
MatZnxAlloc, ScalarZnxAlloc, ScalarZnxAllocBytes, ScalarZnxAutomorphism, ScalarZnxAutomorphismInplace, ScratchOwnedAlloc,
|
||||
ScratchOwnedBorrow, VecZnxAddScalarInplace, VecZnxAlloc, VecZnxAllocBytes, VecZnxAutomorphismInplace,
|
||||
VecZnxRotateInplace, VecZnxStd, VecZnxSubABInplace, VecZnxSwithcDegree, ZnxViewMut,
|
||||
},
|
||||
layouts::{Backend, Module, ScalarZnx, ScalarZnxToMut, ScratchOwned},
|
||||
oep::{
|
||||
ScratchAvailableImpl, ScratchOwnedAllocImpl, ScratchOwnedBorrowImpl, TakeScalarZnxImpl, TakeSvpPPolImpl,
|
||||
TakeVecZnxBigImpl, TakeVecZnxDftImpl, TakeVecZnxImpl, VecZnxBigAllocBytesImpl, VecZnxDftAllocBytesImpl,
|
||||
},
|
||||
};
|
||||
use sampling::source::Source;
|
||||
|
||||
use crate::{
|
||||
AutomorphismKey, AutomorphismKeyExec, GGLWEExecLayoutFamily, GGSWAssertNoiseFamily, GGSWCiphertext, GGSWCiphertextExec,
|
||||
GGSWEncryptSkFamily, GGSWKeySwitchFamily, GLWESecret, GLWESecretExec, GLWESecretFamily, GLWESwitchingKey,
|
||||
GLWESwitchingKeyEncryptSkFamily, GLWESwitchingKeyExec, GLWETensorKey, GLWETensorKeyEncryptSkFamily, GLWETensorKeyExec,
|
||||
noise::{noise_ggsw_keyswitch, noise_ggsw_product},
|
||||
};
|
||||
|
||||
pub(crate) trait TestModuleFamily<B: Backend> = GLWESecretFamily<B>
|
||||
+ GGSWEncryptSkFamily<B>
|
||||
+ GGSWAssertNoiseFamily<B>
|
||||
+ VecZnxAlloc
|
||||
+ ScalarZnxAlloc
|
||||
+ VecZnxAllocBytes
|
||||
+ MatZnxAlloc
|
||||
+ VecZnxAddScalarInplace
|
||||
+ VecZnxSubABInplace
|
||||
+ VecZnxStd
|
||||
+ ScalarZnxAllocBytes;
|
||||
pub(crate) trait TestScratchFamily<B: Backend> = TakeVecZnxDftImpl<B>
|
||||
+ TakeVecZnxBigImpl<B>
|
||||
+ TakeSvpPPolImpl<B>
|
||||
+ ScratchOwnedAllocImpl<B>
|
||||
+ ScratchOwnedBorrowImpl<B>
|
||||
+ ScratchAvailableImpl<B>
|
||||
+ TakeScalarZnxImpl<B>
|
||||
+ TakeVecZnxImpl<B>
|
||||
+ VecZnxDftAllocBytesImpl<B>
|
||||
+ VecZnxBigAllocBytesImpl<B>
|
||||
+ TakeSvpPPolImpl<B>;
|
||||
|
||||
pub(crate) fn test_encrypt_sk<B: Backend>(module: &Module<B>, basek: usize, k: usize, digits: usize, rank: usize, sigma: f64)
|
||||
where
|
||||
Module<B>: TestModuleFamily<B>,
|
||||
B: TestScratchFamily<B>,
|
||||
{
|
||||
let rows: usize = (k - digits * basek) / (digits * basek);
|
||||
|
||||
let mut ct: GGSWCiphertext<Vec<u8>> = GGSWCiphertext::alloc(module, basek, k, rows, digits, rank);
|
||||
|
||||
let mut pt_scalar: ScalarZnx<Vec<u8>> = module.scalar_znx_alloc(1);
|
||||
|
||||
let mut source_xs: Source = Source::new([0u8; 32]);
|
||||
let mut source_xe: Source = Source::new([0u8; 32]);
|
||||
let mut source_xa: Source = Source::new([0u8; 32]);
|
||||
|
||||
pt_scalar.fill_ternary_hw(0, module.n(), &mut source_xs);
|
||||
|
||||
let mut scratch: ScratchOwned<B> = ScratchOwned::alloc(GGSWCiphertext::encrypt_sk_scratch_space(
|
||||
module, basek, k, rank,
|
||||
));
|
||||
|
||||
let mut sk: GLWESecret<Vec<u8>> = GLWESecret::alloc(module, rank);
|
||||
sk.fill_ternary_prob(0.5, &mut source_xs);
|
||||
let mut sk_exec: GLWESecretExec<Vec<u8>, B> = GLWESecretExec::from(module, &sk);
|
||||
sk_exec.prepare(module, &sk);
|
||||
|
||||
ct.encrypt_sk(
|
||||
module,
|
||||
&pt_scalar,
|
||||
&sk_exec,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
let noise_f = |_col_i: usize| -(k as f64) + sigma.log2() + 0.5;
|
||||
|
||||
ct.assert_noise(module, &sk_exec, &pt_scalar, &noise_f);
|
||||
}
|
||||
|
||||
pub(crate) fn test_keyswitch<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k_out: usize,
|
||||
k_in: usize,
|
||||
k_ksk: usize,
|
||||
k_tsk: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
sigma: f64,
|
||||
) where
|
||||
Module<B>: TestModuleFamily<B>
|
||||
+ GGSWAssertNoiseFamily<B>
|
||||
+ GGSWKeySwitchFamily<B>
|
||||
+ GLWESwitchingKeyEncryptSkFamily<B>
|
||||
+ GLWETensorKeyEncryptSkFamily<B>
|
||||
+ GGLWEExecLayoutFamily<B>
|
||||
+ VecZnxSwithcDegree,
|
||||
B: TestScratchFamily<B> + VecZnxDftAllocBytesImpl<B> + VecZnxBigAllocBytesImpl<B> + TakeSvpPPolImpl<B>,
|
||||
{
|
||||
let rows: usize = k_in.div_ceil(digits * basek);
|
||||
|
||||
let digits_in: usize = 1;
|
||||
|
||||
let mut ct_in: GGSWCiphertext<Vec<u8>> = GGSWCiphertext::alloc(module, basek, k_in, rows, digits_in, rank);
|
||||
let mut ct_out: GGSWCiphertext<Vec<u8>> = GGSWCiphertext::alloc(module, basek, k_out, rows, digits_in, rank);
|
||||
let mut tsk: GLWETensorKey<Vec<u8>> = GLWETensorKey::alloc(module, basek, k_ksk, rows, digits, rank);
|
||||
let mut ksk: GLWESwitchingKey<Vec<u8>> = GLWESwitchingKey::alloc(module, basek, k_ksk, rows, digits, rank, rank);
|
||||
let mut pt_scalar: ScalarZnx<Vec<u8>> = module.scalar_znx_alloc(1);
|
||||
|
||||
let mut source_xs: Source = Source::new([0u8; 32]);
|
||||
let mut source_xe: Source = Source::new([0u8; 32]);
|
||||
let mut source_xa: Source = Source::new([0u8; 32]);
|
||||
|
||||
let mut scratch: ScratchOwned<B> = ScratchOwned::alloc(
|
||||
GGSWCiphertext::encrypt_sk_scratch_space(module, basek, k_in, rank)
|
||||
| GLWESwitchingKey::encrypt_sk_scratch_space(module, basek, k_ksk, rank, rank)
|
||||
| GLWETensorKey::encrypt_sk_scratch_space(module, basek, k_tsk, rank)
|
||||
| GGSWCiphertext::keyswitch_scratch_space(
|
||||
module, basek, k_out, k_in, k_ksk, digits, k_tsk, digits, rank,
|
||||
),
|
||||
);
|
||||
|
||||
let var_xs: f64 = 0.5;
|
||||
|
||||
let mut sk_in: GLWESecret<Vec<u8>> = GLWESecret::alloc(module, rank);
|
||||
sk_in.fill_ternary_prob(var_xs, &mut source_xs);
|
||||
let sk_in_dft: GLWESecretExec<Vec<u8>, B> = GLWESecretExec::from(module, &sk_in);
|
||||
|
||||
let mut sk_out: GLWESecret<Vec<u8>> = GLWESecret::alloc(module, rank);
|
||||
sk_out.fill_ternary_prob(var_xs, &mut source_xs);
|
||||
let sk_out_exec: GLWESecretExec<Vec<u8>, B> = GLWESecretExec::from(module, &sk_out);
|
||||
|
||||
ksk.encrypt_sk(
|
||||
module,
|
||||
&sk_in,
|
||||
&sk_out,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
tsk.encrypt_sk(
|
||||
module,
|
||||
&sk_out,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
pt_scalar.fill_ternary_hw(0, module.n(), &mut source_xs);
|
||||
|
||||
ct_in.encrypt_sk(
|
||||
module,
|
||||
&pt_scalar,
|
||||
&sk_in_dft,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
let mut ksk_exec: GLWESwitchingKeyExec<Vec<u8>, B> =
|
||||
GLWESwitchingKeyExec::alloc(module, basek, k_ksk, rows, digits, rank, rank);
|
||||
let mut tsk_exec: GLWETensorKeyExec<Vec<u8>, B> = GLWETensorKeyExec::alloc(module, basek, k_ksk, rows, digits, rank);
|
||||
|
||||
ksk_exec.prepare(module, &ksk, scratch.borrow());
|
||||
tsk_exec.prepare(module, &tsk, scratch.borrow());
|
||||
|
||||
ct_out.keyswitch(module, &ct_in, &ksk_exec, &tsk_exec, scratch.borrow());
|
||||
|
||||
let max_noise = |col_j: usize| -> f64 {
|
||||
noise_ggsw_keyswitch(
|
||||
module.n() as f64,
|
||||
basek * digits,
|
||||
col_j,
|
||||
var_xs,
|
||||
0f64,
|
||||
sigma * sigma,
|
||||
0f64,
|
||||
rank as f64,
|
||||
k_in,
|
||||
k_ksk,
|
||||
k_tsk,
|
||||
) + 0.5
|
||||
};
|
||||
|
||||
ct_out.assert_noise(module, &sk_out_exec, &pt_scalar, &max_noise);
|
||||
}
|
||||
|
||||
pub(crate) fn test_keyswitch_inplace<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k_ct: usize,
|
||||
k_ksk: usize,
|
||||
k_tsk: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
sigma: f64,
|
||||
) where
|
||||
Module<B>: TestModuleFamily<B>
|
||||
+ GGSWAssertNoiseFamily<B>
|
||||
+ GGSWKeySwitchFamily<B>
|
||||
+ GLWESwitchingKeyEncryptSkFamily<B>
|
||||
+ GLWETensorKeyEncryptSkFamily<B>
|
||||
+ GGLWEExecLayoutFamily<B>
|
||||
+ VecZnxSwithcDegree,
|
||||
B: TestScratchFamily<B>,
|
||||
{
|
||||
let rows: usize = k_ct.div_ceil(digits * basek);
|
||||
|
||||
let digits_in: usize = 1;
|
||||
|
||||
let mut ct: GGSWCiphertext<Vec<u8>> = GGSWCiphertext::alloc(module, basek, k_ct, rows, digits_in, rank);
|
||||
let mut tsk: GLWETensorKey<Vec<u8>> = GLWETensorKey::alloc(module, basek, k_tsk, rows, digits, rank);
|
||||
let mut ksk: GLWESwitchingKey<Vec<u8>> = GLWESwitchingKey::alloc(module, basek, k_ksk, rows, digits, rank, rank);
|
||||
let mut pt_scalar: ScalarZnx<Vec<u8>> = module.scalar_znx_alloc(1);
|
||||
|
||||
let mut source_xs: Source = Source::new([0u8; 32]);
|
||||
let mut source_xe: Source = Source::new([0u8; 32]);
|
||||
let mut source_xa: Source = Source::new([0u8; 32]);
|
||||
|
||||
let mut scratch: ScratchOwned<B> = ScratchOwned::alloc(
|
||||
GGSWCiphertext::encrypt_sk_scratch_space(module, basek, k_ct, rank)
|
||||
| GLWESwitchingKey::encrypt_sk_scratch_space(module, basek, k_ksk, rank, rank)
|
||||
| GLWETensorKey::encrypt_sk_scratch_space(module, basek, k_tsk, rank)
|
||||
| GGSWCiphertext::keyswitch_inplace_scratch_space(module, basek, k_ct, k_ksk, digits, k_tsk, digits, rank),
|
||||
);
|
||||
|
||||
let var_xs: f64 = 0.5;
|
||||
|
||||
let mut sk_in: GLWESecret<Vec<u8>> = GLWESecret::alloc(module, rank);
|
||||
sk_in.fill_ternary_prob(var_xs, &mut source_xs);
|
||||
let sk_in_dft: GLWESecretExec<Vec<u8>, B> = GLWESecretExec::from(module, &sk_in);
|
||||
|
||||
let mut sk_out: GLWESecret<Vec<u8>> = GLWESecret::alloc(module, rank);
|
||||
sk_out.fill_ternary_prob(var_xs, &mut source_xs);
|
||||
let sk_out_exec: GLWESecretExec<Vec<u8>, B> = GLWESecretExec::from(module, &sk_out);
|
||||
|
||||
ksk.encrypt_sk(
|
||||
module,
|
||||
&sk_in,
|
||||
&sk_out,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
tsk.encrypt_sk(
|
||||
module,
|
||||
&sk_out,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
pt_scalar.fill_ternary_hw(0, module.n(), &mut source_xs);
|
||||
|
||||
ct.encrypt_sk(
|
||||
module,
|
||||
&pt_scalar,
|
||||
&sk_in_dft,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
let mut ksk_exec: GLWESwitchingKeyExec<Vec<u8>, B> =
|
||||
GLWESwitchingKeyExec::alloc(module, basek, k_ksk, rows, digits, rank, rank);
|
||||
let mut tsk_exec: GLWETensorKeyExec<Vec<u8>, B> = GLWETensorKeyExec::alloc(module, basek, k_ksk, rows, digits, rank);
|
||||
|
||||
ksk_exec.prepare(module, &ksk, scratch.borrow());
|
||||
tsk_exec.prepare(module, &tsk, scratch.borrow());
|
||||
|
||||
ct.keyswitch_inplace(module, &ksk_exec, &tsk_exec, scratch.borrow());
|
||||
|
||||
let max_noise = |col_j: usize| -> f64 {
|
||||
noise_ggsw_keyswitch(
|
||||
module.n() as f64,
|
||||
basek * digits,
|
||||
col_j,
|
||||
var_xs,
|
||||
0f64,
|
||||
sigma * sigma,
|
||||
0f64,
|
||||
rank as f64,
|
||||
k_ct,
|
||||
k_ksk,
|
||||
k_tsk,
|
||||
) + 0.5
|
||||
};
|
||||
|
||||
ct.assert_noise(module, &sk_out_exec, &pt_scalar, &max_noise);
|
||||
}
|
||||
|
||||
pub(crate) fn test_automorphism<B: Backend>(
|
||||
p: i64,
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k_out: usize,
|
||||
k_in: usize,
|
||||
k_ksk: usize,
|
||||
k_tsk: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
sigma: f64,
|
||||
) where
|
||||
Module<B>: TestModuleFamily<B>
|
||||
+ GGSWAssertNoiseFamily<B>
|
||||
+ GGSWKeySwitchFamily<B>
|
||||
+ GLWESwitchingKeyEncryptSkFamily<B>
|
||||
+ GLWETensorKeyEncryptSkFamily<B>
|
||||
+ GGLWEExecLayoutFamily<B>
|
||||
+ VecZnxSwithcDegree
|
||||
+ VecZnxAutomorphismInplace
|
||||
+ ScalarZnxAutomorphismInplace
|
||||
+ ScalarZnxAutomorphism,
|
||||
B: TestScratchFamily<B>,
|
||||
{
|
||||
let rows: usize = k_in.div_ceil(basek * digits);
|
||||
let rows_in: usize = k_in.div_euclid(basek * digits);
|
||||
|
||||
let digits_in: usize = 1;
|
||||
|
||||
let mut ct_in: GGSWCiphertext<Vec<u8>> = GGSWCiphertext::alloc(module, basek, k_in, rows_in, digits_in, rank);
|
||||
let mut ct_out: GGSWCiphertext<Vec<u8>> = GGSWCiphertext::alloc(module, basek, k_out, rows_in, digits_in, rank);
|
||||
let mut tensor_key: GLWETensorKey<Vec<u8>> = GLWETensorKey::alloc(module, basek, k_tsk, rows, digits, rank);
|
||||
let mut auto_key: AutomorphismKey<Vec<u8>> = AutomorphismKey::alloc(module, basek, k_ksk, rows, digits, rank);
|
||||
let mut pt_scalar: ScalarZnx<Vec<u8>> = module.scalar_znx_alloc(1);
|
||||
|
||||
let mut source_xs: Source = Source::new([0u8; 32]);
|
||||
let mut source_xe: Source = Source::new([0u8; 32]);
|
||||
let mut source_xa: Source = Source::new([0u8; 32]);
|
||||
|
||||
let mut scratch: ScratchOwned<B> = ScratchOwned::alloc(
|
||||
GGSWCiphertext::encrypt_sk_scratch_space(module, basek, k_in, rank)
|
||||
| AutomorphismKey::encrypt_sk_scratch_space(module, basek, k_ksk, rank)
|
||||
| GLWETensorKey::encrypt_sk_scratch_space(module, basek, k_tsk, rank)
|
||||
| GGSWCiphertext::automorphism_scratch_space(
|
||||
module, basek, k_out, k_in, k_ksk, digits, k_tsk, digits, rank,
|
||||
),
|
||||
);
|
||||
|
||||
let var_xs: f64 = 0.5;
|
||||
|
||||
let mut sk: GLWESecret<Vec<u8>> = GLWESecret::alloc(module, rank);
|
||||
sk.fill_ternary_prob(var_xs, &mut source_xs);
|
||||
let sk_exec: GLWESecretExec<Vec<u8>, B> = GLWESecretExec::from(module, &sk);
|
||||
|
||||
auto_key.encrypt_sk(
|
||||
module,
|
||||
p,
|
||||
&sk,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
tensor_key.encrypt_sk(
|
||||
module,
|
||||
&sk,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
pt_scalar.fill_ternary_hw(0, module.n(), &mut source_xs);
|
||||
|
||||
ct_in.encrypt_sk(
|
||||
module,
|
||||
&pt_scalar,
|
||||
&sk_exec,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
let mut auto_key_exec: AutomorphismKeyExec<Vec<u8>, B> = AutomorphismKeyExec::alloc(module, basek, k_ksk, rows, digits, rank);
|
||||
auto_key_exec.prepare(module, &auto_key, scratch.borrow());
|
||||
|
||||
let mut tsk_exec: GLWETensorKeyExec<Vec<u8>, B> = GLWETensorKeyExec::alloc(module, basek, k_tsk, rows, digits, rank);
|
||||
tsk_exec.prepare(module, &tensor_key, scratch.borrow());
|
||||
|
||||
ct_out.automorphism(module, &ct_in, &auto_key_exec, &tsk_exec, scratch.borrow());
|
||||
|
||||
module.scalar_znx_automorphism_inplace(p, &mut pt_scalar, 0);
|
||||
|
||||
let max_noise = |col_j: usize| -> f64 {
|
||||
noise_ggsw_keyswitch(
|
||||
module.n() as f64,
|
||||
basek * digits,
|
||||
col_j,
|
||||
var_xs,
|
||||
0f64,
|
||||
sigma * sigma,
|
||||
0f64,
|
||||
rank as f64,
|
||||
k_in,
|
||||
k_ksk,
|
||||
k_tsk,
|
||||
) + 0.5
|
||||
};
|
||||
|
||||
ct_out.assert_noise(module, &sk_exec, &pt_scalar, &max_noise);
|
||||
}
|
||||
|
||||
pub(crate) fn test_automorphism_inplace<B: Backend>(
|
||||
p: i64,
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k_ct: usize,
|
||||
k_ksk: usize,
|
||||
k_tsk: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
sigma: f64,
|
||||
) where
|
||||
Module<B>: TestModuleFamily<B>
|
||||
+ GGSWAssertNoiseFamily<B>
|
||||
+ GGSWKeySwitchFamily<B>
|
||||
+ GLWESwitchingKeyEncryptSkFamily<B>
|
||||
+ GLWETensorKeyEncryptSkFamily<B>
|
||||
+ GGLWEExecLayoutFamily<B>
|
||||
+ VecZnxSwithcDegree
|
||||
+ VecZnxAutomorphismInplace
|
||||
+ ScalarZnxAutomorphismInplace
|
||||
+ ScalarZnxAutomorphism,
|
||||
B: TestScratchFamily<B>,
|
||||
{
|
||||
let rows: usize = k_ct.div_ceil(digits * basek);
|
||||
let rows_in: usize = k_ct.div_euclid(basek * digits);
|
||||
let digits_in: usize = 1;
|
||||
|
||||
let mut ct: GGSWCiphertext<Vec<u8>> = GGSWCiphertext::alloc(module, basek, k_ct, rows_in, digits_in, rank);
|
||||
let mut tensor_key: GLWETensorKey<Vec<u8>> = GLWETensorKey::alloc(module, basek, k_tsk, rows, digits, rank);
|
||||
let mut auto_key: AutomorphismKey<Vec<u8>> = AutomorphismKey::alloc(module, basek, k_ksk, rows, digits, rank);
|
||||
let mut pt_scalar: ScalarZnx<Vec<u8>> = module.scalar_znx_alloc(1);
|
||||
|
||||
let mut source_xs: Source = Source::new([0u8; 32]);
|
||||
let mut source_xe: Source = Source::new([0u8; 32]);
|
||||
let mut source_xa: Source = Source::new([0u8; 32]);
|
||||
|
||||
let mut scratch: ScratchOwned<B> = ScratchOwned::alloc(
|
||||
GGSWCiphertext::encrypt_sk_scratch_space(module, basek, k_ct, rank)
|
||||
| AutomorphismKey::encrypt_sk_scratch_space(module, basek, k_ksk, rank)
|
||||
| GLWETensorKey::encrypt_sk_scratch_space(module, basek, k_tsk, rank)
|
||||
| GGSWCiphertext::automorphism_inplace_scratch_space(module, basek, k_ct, k_ksk, digits, k_tsk, digits, rank),
|
||||
);
|
||||
|
||||
let var_xs: f64 = 0.5;
|
||||
|
||||
let mut sk: GLWESecret<Vec<u8>> = GLWESecret::alloc(module, rank);
|
||||
sk.fill_ternary_prob(var_xs, &mut source_xs);
|
||||
let sk_exec: GLWESecretExec<Vec<u8>, B> = GLWESecretExec::from(module, &sk);
|
||||
|
||||
auto_key.encrypt_sk(
|
||||
module,
|
||||
p,
|
||||
&sk,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
tensor_key.encrypt_sk(
|
||||
module,
|
||||
&sk,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
pt_scalar.fill_ternary_hw(0, module.n(), &mut source_xs);
|
||||
|
||||
ct.encrypt_sk(
|
||||
module,
|
||||
&pt_scalar,
|
||||
&sk_exec,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
let mut auto_key_exec: AutomorphismKeyExec<Vec<u8>, B> = AutomorphismKeyExec::alloc(module, basek, k_ksk, rows, digits, rank);
|
||||
auto_key_exec.prepare(module, &auto_key, scratch.borrow());
|
||||
|
||||
let mut tsk_exec: GLWETensorKeyExec<Vec<u8>, B> = GLWETensorKeyExec::alloc(module, basek, k_tsk, rows, digits, rank);
|
||||
tsk_exec.prepare(module, &tensor_key, scratch.borrow());
|
||||
|
||||
ct.automorphism_inplace(module, &auto_key_exec, &tsk_exec, scratch.borrow());
|
||||
|
||||
module.scalar_znx_automorphism_inplace(p, &mut pt_scalar, 0);
|
||||
|
||||
let max_noise = |col_j: usize| -> f64 {
|
||||
noise_ggsw_keyswitch(
|
||||
module.n() as f64,
|
||||
basek * digits,
|
||||
col_j,
|
||||
var_xs,
|
||||
0f64,
|
||||
sigma * sigma,
|
||||
0f64,
|
||||
rank as f64,
|
||||
k_ct,
|
||||
k_ksk,
|
||||
k_tsk,
|
||||
) + 0.5
|
||||
};
|
||||
|
||||
ct.assert_noise(module, &sk_exec, &pt_scalar, &max_noise);
|
||||
}
|
||||
|
||||
pub(crate) fn test_external_product<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k_in: usize,
|
||||
k_out: usize,
|
||||
k_ggsw: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
sigma: f64,
|
||||
) where
|
||||
Module<B>: TestModuleFamily<B>
|
||||
+ GGSWAssertNoiseFamily<B>
|
||||
+ GGSWKeySwitchFamily<B>
|
||||
+ GLWESwitchingKeyEncryptSkFamily<B>
|
||||
+ GLWETensorKeyEncryptSkFamily<B>
|
||||
+ GGLWEExecLayoutFamily<B>
|
||||
+ VecZnxRotateInplace,
|
||||
B: TestScratchFamily<B>,
|
||||
{
|
||||
let rows: usize = k_in.div_ceil(basek * digits);
|
||||
let rows_in: usize = k_in.div_euclid(basek * digits);
|
||||
let digits_in: usize = 1;
|
||||
|
||||
let mut ct_ggsw_lhs_in: GGSWCiphertext<Vec<u8>> = GGSWCiphertext::alloc(module, basek, k_in, rows_in, digits_in, rank);
|
||||
let mut ct_ggsw_lhs_out: GGSWCiphertext<Vec<u8>> = GGSWCiphertext::alloc(module, basek, k_out, rows_in, digits_in, rank);
|
||||
let mut ct_ggsw_rhs: GGSWCiphertext<Vec<u8>> = GGSWCiphertext::alloc(module, basek, k_ggsw, rows, digits, rank);
|
||||
let mut pt_ggsw_lhs: ScalarZnx<Vec<u8>> = module.scalar_znx_alloc(1);
|
||||
let mut pt_ggsw_rhs: ScalarZnx<Vec<u8>> = module.scalar_znx_alloc(1);
|
||||
|
||||
let mut source_xs: Source = Source::new([0u8; 32]);
|
||||
let mut source_xe: Source = Source::new([0u8; 32]);
|
||||
let mut source_xa: Source = Source::new([0u8; 32]);
|
||||
|
||||
pt_ggsw_lhs.fill_ternary_prob(0, 0.5, &mut source_xs);
|
||||
|
||||
let k: usize = 1;
|
||||
|
||||
pt_ggsw_rhs.to_mut().raw_mut()[k] = 1; //X^{k}
|
||||
|
||||
let mut scratch: ScratchOwned<B> = ScratchOwned::alloc(
|
||||
GGSWCiphertext::encrypt_sk_scratch_space(module, basek, k_ggsw, rank)
|
||||
| GGSWCiphertext::external_product_scratch_space(module, basek, k_out, k_in, k_ggsw, digits, rank),
|
||||
);
|
||||
|
||||
let mut sk: GLWESecret<Vec<u8>> = GLWESecret::alloc(module, rank);
|
||||
sk.fill_ternary_prob(0.5, &mut source_xs);
|
||||
let sk_exec: GLWESecretExec<Vec<u8>, B> = GLWESecretExec::from(module, &sk);
|
||||
|
||||
ct_ggsw_rhs.encrypt_sk(
|
||||
module,
|
||||
&pt_ggsw_rhs,
|
||||
&sk_exec,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
ct_ggsw_lhs_in.encrypt_sk(
|
||||
module,
|
||||
&pt_ggsw_lhs,
|
||||
&sk_exec,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
let mut ct_rhs_exec: GGSWCiphertextExec<Vec<u8>, B> = GGSWCiphertextExec::alloc(module, basek, k_ggsw, rows, digits, rank);
|
||||
ct_rhs_exec.prepare(module, &ct_ggsw_rhs, scratch.borrow());
|
||||
|
||||
ct_ggsw_lhs_out.external_product(module, &ct_ggsw_lhs_in, &ct_rhs_exec, scratch.borrow());
|
||||
|
||||
module.vec_znx_rotate_inplace(k as i64, &mut pt_ggsw_lhs, 0);
|
||||
|
||||
let var_gct_err_lhs: f64 = sigma * sigma;
|
||||
let var_gct_err_rhs: f64 = 0f64;
|
||||
|
||||
let var_msg: f64 = 1f64 / module.n() as f64; // X^{k}
|
||||
let var_a0_err: f64 = sigma * sigma;
|
||||
let var_a1_err: f64 = 1f64 / 12f64;
|
||||
|
||||
let max_noise = |_col_j: usize| -> f64 {
|
||||
noise_ggsw_product(
|
||||
module.n() as f64,
|
||||
basek * digits,
|
||||
0.5,
|
||||
var_msg,
|
||||
var_a0_err,
|
||||
var_a1_err,
|
||||
var_gct_err_lhs,
|
||||
var_gct_err_rhs,
|
||||
rank as f64,
|
||||
k_in,
|
||||
k_ggsw,
|
||||
) + 0.5
|
||||
};
|
||||
|
||||
ct_ggsw_lhs_out.assert_noise(module, &sk_exec, &pt_ggsw_lhs, &max_noise);
|
||||
}
|
||||
|
||||
pub(crate) fn test_external_product_inplace<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k_ct: usize,
|
||||
k_ggsw: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
sigma: f64,
|
||||
) where
|
||||
Module<B>: TestModuleFamily<B>
|
||||
+ GGSWAssertNoiseFamily<B>
|
||||
+ GGSWKeySwitchFamily<B>
|
||||
+ GLWESwitchingKeyEncryptSkFamily<B>
|
||||
+ GLWETensorKeyEncryptSkFamily<B>
|
||||
+ GGLWEExecLayoutFamily<B>
|
||||
+ VecZnxRotateInplace,
|
||||
B: TestScratchFamily<B>,
|
||||
{
|
||||
let rows: usize = k_ct.div_ceil(digits * basek);
|
||||
let rows_in: usize = k_ct.div_euclid(basek * digits);
|
||||
let digits_in: usize = 1;
|
||||
|
||||
let mut ct_ggsw_lhs: GGSWCiphertext<Vec<u8>> = GGSWCiphertext::alloc(module, basek, k_ct, rows_in, digits_in, rank);
|
||||
let mut ct_ggsw_rhs: GGSWCiphertext<Vec<u8>> = GGSWCiphertext::alloc(module, basek, k_ggsw, rows, digits, rank);
|
||||
|
||||
let mut pt_ggsw_lhs: ScalarZnx<Vec<u8>> = module.scalar_znx_alloc(1);
|
||||
let mut pt_ggsw_rhs: ScalarZnx<Vec<u8>> = module.scalar_znx_alloc(1);
|
||||
|
||||
let mut source_xs: Source = Source::new([0u8; 32]);
|
||||
let mut source_xe: Source = Source::new([0u8; 32]);
|
||||
let mut source_xa: Source = Source::new([0u8; 32]);
|
||||
|
||||
pt_ggsw_lhs.fill_ternary_prob(0, 0.5, &mut source_xs);
|
||||
|
||||
let k: usize = 1;
|
||||
|
||||
pt_ggsw_rhs.to_mut().raw_mut()[k] = 1; //X^{k}
|
||||
|
||||
let mut scratch: ScratchOwned<B> = ScratchOwned::alloc(
|
||||
GGSWCiphertext::encrypt_sk_scratch_space(module, basek, k_ggsw, rank)
|
||||
| GGSWCiphertext::external_product_inplace_scratch_space(module, basek, k_ct, k_ggsw, digits, rank),
|
||||
);
|
||||
|
||||
let mut sk: GLWESecret<Vec<u8>> = GLWESecret::alloc(module, rank);
|
||||
sk.fill_ternary_prob(0.5, &mut source_xs);
|
||||
let sk_exec: GLWESecretExec<Vec<u8>, B> = GLWESecretExec::from(module, &sk);
|
||||
|
||||
ct_ggsw_rhs.encrypt_sk(
|
||||
module,
|
||||
&pt_ggsw_rhs,
|
||||
&sk_exec,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
ct_ggsw_lhs.encrypt_sk(
|
||||
module,
|
||||
&pt_ggsw_lhs,
|
||||
&sk_exec,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
let mut ct_rhs_exec: GGSWCiphertextExec<Vec<u8>, B> = GGSWCiphertextExec::alloc(module, basek, k_ggsw, rows, digits, rank);
|
||||
ct_rhs_exec.prepare(module, &ct_ggsw_rhs, scratch.borrow());
|
||||
|
||||
ct_ggsw_lhs.external_product_inplace(module, &ct_rhs_exec, scratch.borrow());
|
||||
|
||||
module.vec_znx_rotate_inplace(k as i64, &mut pt_ggsw_lhs, 0);
|
||||
|
||||
let var_gct_err_lhs: f64 = sigma * sigma;
|
||||
let var_gct_err_rhs: f64 = 0f64;
|
||||
|
||||
let var_msg: f64 = 1f64 / module.n() as f64; // X^{k}
|
||||
let var_a0_err: f64 = sigma * sigma;
|
||||
let var_a1_err: f64 = 1f64 / 12f64;
|
||||
|
||||
let max_noise = |_col_j: usize| -> f64 {
|
||||
noise_ggsw_product(
|
||||
module.n() as f64,
|
||||
basek * digits,
|
||||
0.5,
|
||||
var_msg,
|
||||
var_a0_err,
|
||||
var_a1_err,
|
||||
var_gct_err_lhs,
|
||||
var_gct_err_rhs,
|
||||
rank as f64,
|
||||
k_ct,
|
||||
k_ggsw,
|
||||
) + 0.5
|
||||
};
|
||||
|
||||
ct_ggsw_lhs.assert_noise(module, &sk_exec, &pt_ggsw_lhs, &max_noise);
|
||||
}
|
||||
2
core/src/ggsw/test/mod.rs
Normal file
2
core/src/ggsw/test/mod.rs
Normal file
@@ -0,0 +1,2 @@
|
||||
mod generic_tests;
|
||||
mod test_fft64;
|
||||
127
core/src/ggsw/test/test_fft64.rs
Normal file
127
core/src/ggsw/test/test_fft64.rs
Normal file
@@ -0,0 +1,127 @@
|
||||
use backend::{
|
||||
hal::{api::ModuleNew, layouts::Module},
|
||||
implementation::cpu_spqlios::FFT64,
|
||||
};
|
||||
|
||||
use crate::ggsw::test::generic_tests::{
|
||||
test_automorphism, test_automorphism_inplace, test_encrypt_sk, test_external_product, test_external_product_inplace,
|
||||
test_keyswitch, test_keyswitch_inplace,
|
||||
};
|
||||
|
||||
#[test]
|
||||
fn encrypt_sk() {
|
||||
let log_n: usize = 8;
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
let basek: usize = 12;
|
||||
let k_ct: usize = 54;
|
||||
let digits: usize = k_ct / basek;
|
||||
(1..4).for_each(|rank| {
|
||||
(1..digits + 1).for_each(|di| {
|
||||
println!("test encrypt_sk digits: {} rank: {}", di, rank);
|
||||
test_encrypt_sk(&module, basek, k_ct, di, rank, 3.2);
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn keyswitch() {
|
||||
let log_n: usize = 8;
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
let basek: usize = 12;
|
||||
let k_in: usize = 54;
|
||||
let digits: usize = k_in.div_ceil(basek);
|
||||
(1..4).for_each(|rank| {
|
||||
(1..digits + 1).for_each(|di| {
|
||||
let k_ksk: usize = k_in + basek * di;
|
||||
let k_tsk: usize = k_ksk;
|
||||
println!("test keyswitch digits: {} rank: {}", di, rank);
|
||||
let k_out: usize = k_ksk; // Better capture noise.
|
||||
test_keyswitch(&module, basek, k_out, k_in, k_ksk, k_tsk, di, rank, 3.2);
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn keyswitch_inplace() {
|
||||
let log_n: usize = 8;
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
let basek: usize = 12;
|
||||
let k_ct: usize = 54;
|
||||
let digits: usize = k_ct.div_ceil(basek);
|
||||
(1..4).for_each(|rank| {
|
||||
(1..digits + 1).for_each(|di| {
|
||||
let k_ksk: usize = k_ct + basek * di;
|
||||
let k_tsk: usize = k_ksk;
|
||||
println!("test keyswitch_inplace digits: {} rank: {}", di, rank);
|
||||
test_keyswitch_inplace(&module, basek, k_ct, k_ksk, k_tsk, di, rank, 3.2);
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn automorphism() {
|
||||
let log_n: usize = 8;
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
let basek: usize = 12;
|
||||
let k_in: usize = 54;
|
||||
let digits: usize = k_in.div_ceil(basek);
|
||||
(1..4).for_each(|rank| {
|
||||
(1..digits + 1).for_each(|di| {
|
||||
let k_ksk: usize = k_in + basek * di;
|
||||
let k_tsk: usize = k_ksk;
|
||||
println!("test automorphism rank: {}", rank);
|
||||
let k_out: usize = k_ksk; // Better capture noise.
|
||||
test_automorphism(-5, &module, basek, k_out, k_in, k_ksk, k_tsk, di, rank, 3.2);
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn automorphism_inplace() {
|
||||
let log_n: usize = 8;
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
let basek: usize = 12;
|
||||
let k_ct: usize = 54;
|
||||
let digits: usize = k_ct.div_ceil(basek);
|
||||
(1..4).for_each(|rank| {
|
||||
(1..digits + 1).for_each(|di| {
|
||||
let k_ksk: usize = k_ct + basek * di;
|
||||
let k_tsk: usize = k_ksk;
|
||||
println!("test automorphism_inplace rank: {}", rank);
|
||||
test_automorphism_inplace(-5, &module, basek, k_ct, k_ksk, k_tsk, di, rank, 3.2);
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn external_product() {
|
||||
let log_n: usize = 8;
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
let basek: usize = 12;
|
||||
let k_in: usize = 60;
|
||||
let digits: usize = k_in.div_ceil(basek);
|
||||
(1..4).for_each(|rank| {
|
||||
(1..digits + 1).for_each(|di| {
|
||||
let k_ggsw: usize = k_in + basek * di;
|
||||
println!("test external_product digits: {} ranks: {}", di, rank);
|
||||
let k_out: usize = k_in; // Better capture noise.
|
||||
test_external_product(&module, basek, k_in, k_out, k_ggsw, di, rank, 3.2);
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn external_product_inplace() {
|
||||
let log_n: usize = 8;
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
let basek: usize = 12;
|
||||
let k_ct: usize = 60;
|
||||
let digits: usize = k_ct.div_ceil(basek);
|
||||
(1..4).for_each(|rank| {
|
||||
(1..digits).for_each(|di| {
|
||||
let k_ggsw: usize = k_ct + basek * di;
|
||||
println!("test external_product digits: {} rank: {}", di, rank);
|
||||
test_external_product_inplace(&module, basek, k_ct, k_ggsw, di, rank, 3.2);
|
||||
});
|
||||
});
|
||||
}
|
||||
@@ -1,962 +0,0 @@
|
||||
use backend::{
|
||||
FFT64, Module, ScalarZnx, ScalarZnxAlloc, ScalarZnxDftOps, ScalarZnxOps, ScratchOwned, Stats, VecZnxBig, VecZnxBigAlloc,
|
||||
VecZnxBigOps, VecZnxDft, VecZnxDftAlloc, VecZnxDftOps, VecZnxOps, VecZnxToMut, ZnxViewMut, ZnxZero,
|
||||
};
|
||||
use sampling::source::Source;
|
||||
|
||||
use crate::{
|
||||
FourierGLWECiphertext, FourierGLWESecret, GGSWCiphertext, GLWEAutomorphismKey, GLWEPlaintext, GLWESecret, GLWESwitchingKey,
|
||||
GLWETensorKey, GetRow, Infos,
|
||||
noise::{noise_ggsw_keyswitch, noise_ggsw_product},
|
||||
};
|
||||
|
||||
#[test]
|
||||
fn encrypt_sk() {
|
||||
let log_n: usize = 8;
|
||||
let basek: usize = 12;
|
||||
let k_ct: usize = 54;
|
||||
let digits: usize = k_ct / basek;
|
||||
(1..4).for_each(|rank| {
|
||||
(1..digits + 1).for_each(|di| {
|
||||
println!("test encrypt_sk digits: {} rank: {}", di, rank);
|
||||
test_encrypt_sk(log_n, basek, k_ct, di, rank, 3.2);
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn keyswitch() {
|
||||
let log_n: usize = 8;
|
||||
let basek: usize = 12;
|
||||
let k_in: usize = 54;
|
||||
let digits: usize = k_in.div_ceil(basek);
|
||||
(1..4).for_each(|rank| {
|
||||
(1..digits + 1).for_each(|di| {
|
||||
let k_ksk: usize = k_in + basek * di;
|
||||
let k_tsk: usize = k_ksk;
|
||||
println!("test keyswitch digits: {} rank: {}", di, rank);
|
||||
let k_out: usize = k_ksk; // Better capture noise.
|
||||
test_keyswitch(log_n, basek, k_out, k_in, k_ksk, k_tsk, di, rank, 3.2);
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn keyswitch_inplace() {
|
||||
let log_n: usize = 8;
|
||||
let basek: usize = 12;
|
||||
let k_ct: usize = 54;
|
||||
let digits: usize = k_ct.div_ceil(basek);
|
||||
(1..4).for_each(|rank| {
|
||||
(1..digits + 1).for_each(|di| {
|
||||
let k_ksk: usize = k_ct + basek * di;
|
||||
let k_tsk: usize = k_ksk;
|
||||
println!("test keyswitch_inplace digits: {} rank: {}", di, rank);
|
||||
test_keyswitch_inplace(log_n, basek, k_ct, k_ksk, k_tsk, di, rank, 3.2);
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn automorphism() {
|
||||
let log_n: usize = 8;
|
||||
let basek: usize = 12;
|
||||
let k_in: usize = 54;
|
||||
let digits: usize = k_in.div_ceil(basek);
|
||||
(1..4).for_each(|rank| {
|
||||
(1..digits + 1).for_each(|di| {
|
||||
let k_ksk: usize = k_in + basek * di;
|
||||
let k_tsk: usize = k_ksk;
|
||||
println!("test automorphism rank: {}", rank);
|
||||
let k_out: usize = k_ksk; // Better capture noise.
|
||||
test_automorphism(-5, log_n, basek, k_out, k_in, k_ksk, k_tsk, di, rank, 3.2);
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn automorphism_inplace() {
|
||||
let log_n: usize = 8;
|
||||
let basek: usize = 12;
|
||||
let k_ct: usize = 54;
|
||||
let digits: usize = k_ct.div_ceil(basek);
|
||||
(1..4).for_each(|rank| {
|
||||
(1..digits + 1).for_each(|di| {
|
||||
let k_ksk: usize = k_ct + basek * di;
|
||||
let k_tsk: usize = k_ksk;
|
||||
println!("test automorphism_inplace rank: {}", rank);
|
||||
test_automorphism_inplace(-5, log_n, basek, k_ct, k_ksk, k_tsk, di, rank, 3.2);
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn external_product() {
|
||||
let log_n: usize = 8;
|
||||
let basek: usize = 12;
|
||||
let k_in: usize = 60;
|
||||
let digits: usize = k_in.div_ceil(basek);
|
||||
(1..4).for_each(|rank| {
|
||||
(1..digits + 1).for_each(|di| {
|
||||
let k_ggsw: usize = k_in + basek * di;
|
||||
println!("test external_product digits: {} ranks: {}", di, rank);
|
||||
let k_out: usize = k_in; // Better capture noise.
|
||||
test_external_product(log_n, basek, k_in, k_out, k_ggsw, di, rank, 3.2);
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn external_product_inplace() {
|
||||
let log_n: usize = 5;
|
||||
let basek: usize = 12;
|
||||
let k_ct: usize = 60;
|
||||
let digits: usize = k_ct.div_ceil(basek);
|
||||
(1..4).for_each(|rank| {
|
||||
(1..digits).for_each(|di| {
|
||||
let k_ggsw: usize = k_ct + basek * di;
|
||||
println!("test external_product digits: {} rank: {}", di, rank);
|
||||
test_external_product_inplace(log_n, basek, k_ct, k_ggsw, di, rank, 3.2);
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
fn test_encrypt_sk(log_n: usize, basek: usize, k: usize, digits: usize, rank: usize, sigma: f64) {
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
|
||||
let rows: usize = (k - digits * basek) / (digits * basek);
|
||||
|
||||
let mut ct: GGSWCiphertext<Vec<u8>, FFT64> = GGSWCiphertext::alloc(&module, basek, k, rows, digits, rank);
|
||||
let mut pt_have: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k);
|
||||
let mut pt_want: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k);
|
||||
let mut pt_scalar: ScalarZnx<Vec<u8>> = module.new_scalar_znx(1);
|
||||
|
||||
let mut source_xs: Source = Source::new([0u8; 32]);
|
||||
let mut source_xe: Source = Source::new([0u8; 32]);
|
||||
let mut source_xa: Source = Source::new([0u8; 32]);
|
||||
|
||||
pt_scalar.fill_ternary_hw(0, module.n(), &mut source_xs);
|
||||
|
||||
let mut scratch: ScratchOwned = ScratchOwned::new(
|
||||
GGSWCiphertext::encrypt_sk_scratch_space(&module, basek, k, rank)
|
||||
| FourierGLWECiphertext::decrypt_scratch_space(&module, basek, k),
|
||||
);
|
||||
|
||||
let mut sk: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank);
|
||||
sk.fill_ternary_prob(0.5, &mut source_xs);
|
||||
let sk_dft: FourierGLWESecret<Vec<u8>, FFT64> = FourierGLWESecret::from(&module, &sk);
|
||||
|
||||
ct.encrypt_sk(
|
||||
&module,
|
||||
&pt_scalar,
|
||||
&sk_dft,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
let mut ct_glwe_fourier: FourierGLWECiphertext<Vec<u8>, FFT64> = FourierGLWECiphertext::alloc(&module, basek, k, rank);
|
||||
let mut pt_dft: VecZnxDft<Vec<u8>, FFT64> = module.new_vec_znx_dft(1, ct.size());
|
||||
let mut pt_big: VecZnxBig<Vec<u8>, FFT64> = module.new_vec_znx_big(1, ct.size());
|
||||
|
||||
(0..ct.rank() + 1).for_each(|col_j| {
|
||||
(0..ct.rows()).for_each(|row_i| {
|
||||
module.vec_znx_add_scalar_inplace(
|
||||
&mut pt_want.data,
|
||||
0,
|
||||
(digits - 1) + row_i * digits,
|
||||
&pt_scalar,
|
||||
0,
|
||||
);
|
||||
|
||||
// mul with sk[col_j-1]
|
||||
if col_j > 0 {
|
||||
module.vec_znx_dft(1, 0, &mut pt_dft, 0, &pt_want.data, 0);
|
||||
module.svp_apply_inplace(&mut pt_dft, 0, &sk_dft.data, col_j - 1);
|
||||
module.vec_znx_idft_tmp_a(&mut pt_big, 0, &mut pt_dft, 0);
|
||||
module.vec_znx_big_normalize(basek, &mut pt_want.data, 0, &pt_big, 0, scratch.borrow());
|
||||
}
|
||||
|
||||
ct.get_row(&module, row_i, col_j, &mut ct_glwe_fourier);
|
||||
|
||||
ct_glwe_fourier.decrypt(&module, &mut pt_have, &sk_dft, scratch.borrow());
|
||||
|
||||
module.vec_znx_sub_ab_inplace(&mut pt_have.data, 0, &pt_want.data, 0);
|
||||
|
||||
let std_pt: f64 = pt_have.data.std(0, basek) * (k as f64).exp2();
|
||||
assert!((sigma - std_pt).abs() <= 0.5, "{} {}", sigma, std_pt);
|
||||
|
||||
pt_want.data.zero();
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
fn test_keyswitch(
|
||||
log_n: usize,
|
||||
basek: usize,
|
||||
k_out: usize,
|
||||
k_in: usize,
|
||||
k_ksk: usize,
|
||||
k_tsk: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
sigma: f64,
|
||||
) {
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
let rows: usize = k_in.div_ceil(digits * basek);
|
||||
|
||||
let digits_in: usize = 1;
|
||||
|
||||
let mut ct_in: GGSWCiphertext<Vec<u8>, FFT64> = GGSWCiphertext::alloc(&module, basek, k_in, rows, digits_in, rank);
|
||||
let mut ct_out: GGSWCiphertext<Vec<u8>, FFT64> = GGSWCiphertext::alloc(&module, basek, k_out, rows, digits_in, rank);
|
||||
let mut tsk: GLWETensorKey<Vec<u8>, FFT64> = GLWETensorKey::alloc(&module, basek, k_ksk, rows, digits, rank);
|
||||
let mut ksk: GLWESwitchingKey<Vec<u8>, FFT64> = GLWESwitchingKey::alloc(&module, basek, k_ksk, rows, digits, rank, rank);
|
||||
let mut pt_have: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k_out);
|
||||
let mut pt_want: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k_out);
|
||||
let mut pt_scalar: ScalarZnx<Vec<u8>> = module.new_scalar_znx(1);
|
||||
|
||||
let mut source_xs: Source = Source::new([0u8; 32]);
|
||||
let mut source_xe: Source = Source::new([0u8; 32]);
|
||||
let mut source_xa: Source = Source::new([0u8; 32]);
|
||||
|
||||
let mut scratch: ScratchOwned = ScratchOwned::new(
|
||||
GGSWCiphertext::encrypt_sk_scratch_space(&module, basek, k_in, rank)
|
||||
| FourierGLWECiphertext::decrypt_scratch_space(&module, basek, k_out)
|
||||
| GLWESwitchingKey::encrypt_sk_scratch_space(&module, basek, k_ksk, rank, rank)
|
||||
| GLWETensorKey::encrypt_sk_scratch_space(&module, basek, k_tsk, rank)
|
||||
| GGSWCiphertext::keyswitch_scratch_space(
|
||||
&module, basek, k_out, k_in, k_ksk, digits, k_tsk, digits, rank,
|
||||
),
|
||||
);
|
||||
|
||||
let var_xs: f64 = 0.5;
|
||||
|
||||
let mut sk_in: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank);
|
||||
sk_in.fill_ternary_prob(var_xs, &mut source_xs);
|
||||
let sk_in_dft: FourierGLWESecret<Vec<u8>, FFT64> = FourierGLWESecret::from(&module, &sk_in);
|
||||
|
||||
let mut sk_out: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank);
|
||||
sk_out.fill_ternary_prob(var_xs, &mut source_xs);
|
||||
let sk_out_dft: FourierGLWESecret<Vec<u8>, FFT64> = FourierGLWESecret::from(&module, &sk_out);
|
||||
|
||||
ksk.encrypt_sk(
|
||||
&module,
|
||||
&sk_in,
|
||||
&sk_out_dft,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
tsk.encrypt_sk(
|
||||
&module,
|
||||
&sk_out_dft,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
pt_scalar.fill_ternary_hw(0, module.n(), &mut source_xs);
|
||||
|
||||
ct_in.encrypt_sk(
|
||||
&module,
|
||||
&pt_scalar,
|
||||
&sk_in_dft,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
ct_out.keyswitch(&module, &ct_in, &ksk, &tsk, scratch.borrow());
|
||||
|
||||
let mut ct_glwe_fourier: FourierGLWECiphertext<Vec<u8>, FFT64> = FourierGLWECiphertext::alloc(&module, basek, k_out, rank);
|
||||
let mut pt_dft: VecZnxDft<Vec<u8>, FFT64> = module.new_vec_znx_dft(1, ct_out.size());
|
||||
let mut pt_big: VecZnxBig<Vec<u8>, FFT64> = module.new_vec_znx_big(1, ct_out.size());
|
||||
|
||||
(0..ct_out.rank() + 1).for_each(|col_j| {
|
||||
(0..ct_out.rows()).for_each(|row_i| {
|
||||
module.vec_znx_add_scalar_inplace(&mut pt_want.data, 0, row_i, &pt_scalar, 0);
|
||||
|
||||
// mul with sk[col_j-1]
|
||||
if col_j > 0 {
|
||||
module.vec_znx_dft(1, 0, &mut pt_dft, 0, &pt_want.data, 0);
|
||||
module.svp_apply_inplace(&mut pt_dft, 0, &sk_out_dft.data, col_j - 1);
|
||||
module.vec_znx_idft_tmp_a(&mut pt_big, 0, &mut pt_dft, 0);
|
||||
module.vec_znx_big_normalize(basek, &mut pt_want.data, 0, &pt_big, 0, scratch.borrow());
|
||||
}
|
||||
|
||||
ct_out.get_row(&module, row_i, col_j, &mut ct_glwe_fourier);
|
||||
|
||||
ct_glwe_fourier.decrypt(&module, &mut pt_have, &sk_out_dft, scratch.borrow());
|
||||
|
||||
module.vec_znx_sub_ab_inplace(&mut pt_have.data, 0, &pt_want.data, 0);
|
||||
|
||||
let noise_have: f64 = pt_have.data.std(0, basek).log2();
|
||||
let noise_want: f64 = noise_ggsw_keyswitch(
|
||||
module.n() as f64,
|
||||
basek * digits,
|
||||
col_j,
|
||||
var_xs,
|
||||
0f64,
|
||||
sigma * sigma,
|
||||
0f64,
|
||||
rank as f64,
|
||||
k_in,
|
||||
k_ksk,
|
||||
k_tsk,
|
||||
);
|
||||
|
||||
println!("{} {}", noise_have, noise_want);
|
||||
|
||||
assert!(
|
||||
noise_have < noise_want + 0.5,
|
||||
"{} {}",
|
||||
noise_have,
|
||||
noise_want
|
||||
);
|
||||
|
||||
pt_want.data.zero();
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
fn test_keyswitch_inplace(
|
||||
log_n: usize,
|
||||
basek: usize,
|
||||
k_ct: usize,
|
||||
k_ksk: usize,
|
||||
k_tsk: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
sigma: f64,
|
||||
) {
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
let rows: usize = k_ct.div_ceil(digits * basek);
|
||||
|
||||
let digits_in: usize = 1;
|
||||
|
||||
let mut ct: GGSWCiphertext<Vec<u8>, FFT64> = GGSWCiphertext::alloc(&module, basek, k_ct, rows, digits_in, rank);
|
||||
let mut tsk: GLWETensorKey<Vec<u8>, FFT64> = GLWETensorKey::alloc(&module, basek, k_tsk, rows, digits, rank);
|
||||
let mut ksk: GLWESwitchingKey<Vec<u8>, FFT64> = GLWESwitchingKey::alloc(&module, basek, k_ksk, rows, digits, rank, rank);
|
||||
let mut pt_have: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k_ct);
|
||||
let mut pt_want: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k_ct);
|
||||
let mut pt_scalar: ScalarZnx<Vec<u8>> = module.new_scalar_znx(1);
|
||||
|
||||
let mut source_xs: Source = Source::new([0u8; 32]);
|
||||
let mut source_xe: Source = Source::new([0u8; 32]);
|
||||
let mut source_xa: Source = Source::new([0u8; 32]);
|
||||
|
||||
let mut scratch: ScratchOwned = ScratchOwned::new(
|
||||
GGSWCiphertext::encrypt_sk_scratch_space(&module, basek, k_ct, rank)
|
||||
| FourierGLWECiphertext::decrypt_scratch_space(&module, basek, k_ct)
|
||||
| GLWESwitchingKey::encrypt_sk_scratch_space(&module, basek, k_ksk, rank, rank)
|
||||
| GLWETensorKey::encrypt_sk_scratch_space(&module, basek, k_tsk, rank)
|
||||
| GGSWCiphertext::keyswitch_inplace_scratch_space(&module, basek, k_ct, k_ksk, digits, k_tsk, digits, rank),
|
||||
);
|
||||
|
||||
let var_xs: f64 = 0.5;
|
||||
|
||||
let mut sk_in: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank);
|
||||
sk_in.fill_ternary_prob(var_xs, &mut source_xs);
|
||||
let sk_in_dft: FourierGLWESecret<Vec<u8>, FFT64> = FourierGLWESecret::from(&module, &sk_in);
|
||||
|
||||
let mut sk_out: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank);
|
||||
sk_out.fill_ternary_prob(var_xs, &mut source_xs);
|
||||
let sk_out_dft: FourierGLWESecret<Vec<u8>, FFT64> = FourierGLWESecret::from(&module, &sk_out);
|
||||
|
||||
ksk.encrypt_sk(
|
||||
&module,
|
||||
&sk_in,
|
||||
&sk_out_dft,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
tsk.encrypt_sk(
|
||||
&module,
|
||||
&sk_out_dft,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
pt_scalar.fill_ternary_hw(0, module.n(), &mut source_xs);
|
||||
|
||||
ct.encrypt_sk(
|
||||
&module,
|
||||
&pt_scalar,
|
||||
&sk_in_dft,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
ct.keyswitch_inplace(&module, &ksk, &tsk, scratch.borrow());
|
||||
|
||||
let mut ct_glwe_fourier: FourierGLWECiphertext<Vec<u8>, FFT64> = FourierGLWECiphertext::alloc(&module, basek, k_ct, rank);
|
||||
let mut pt_dft: VecZnxDft<Vec<u8>, FFT64> = module.new_vec_znx_dft(1, ct.size());
|
||||
let mut pt_big: VecZnxBig<Vec<u8>, FFT64> = module.new_vec_znx_big(1, ct.size());
|
||||
|
||||
(0..ct.rank() + 1).for_each(|col_j| {
|
||||
(0..ct.rows()).for_each(|row_i| {
|
||||
module.vec_znx_add_scalar_inplace(
|
||||
&mut pt_want.data,
|
||||
0,
|
||||
(digits_in - 1) + row_i * digits_in,
|
||||
&pt_scalar,
|
||||
0,
|
||||
);
|
||||
|
||||
// mul with sk[col_j-1]
|
||||
if col_j > 0 {
|
||||
module.vec_znx_dft(1, 0, &mut pt_dft, 0, &pt_want.data, 0);
|
||||
module.svp_apply_inplace(&mut pt_dft, 0, &sk_out_dft.data, col_j - 1);
|
||||
module.vec_znx_idft_tmp_a(&mut pt_big, 0, &mut pt_dft, 0);
|
||||
module.vec_znx_big_normalize(basek, &mut pt_want.data, 0, &pt_big, 0, scratch.borrow());
|
||||
}
|
||||
|
||||
ct.get_row(&module, row_i, col_j, &mut ct_glwe_fourier);
|
||||
|
||||
ct_glwe_fourier.decrypt(&module, &mut pt_have, &sk_out_dft, scratch.borrow());
|
||||
|
||||
module.vec_znx_sub_ab_inplace(&mut pt_have.data, 0, &pt_want.data, 0);
|
||||
|
||||
let noise_have: f64 = pt_have.data.std(0, basek).log2();
|
||||
let noise_want: f64 = noise_ggsw_keyswitch(
|
||||
module.n() as f64,
|
||||
basek * digits,
|
||||
col_j,
|
||||
var_xs,
|
||||
0f64,
|
||||
sigma * sigma,
|
||||
0f64,
|
||||
rank as f64,
|
||||
k_ct,
|
||||
k_ksk,
|
||||
k_tsk,
|
||||
);
|
||||
|
||||
println!("{} {}", noise_have, noise_want);
|
||||
|
||||
assert!(
|
||||
noise_have < noise_want + 0.5,
|
||||
"{} {}",
|
||||
noise_have,
|
||||
noise_want
|
||||
);
|
||||
|
||||
pt_want.data.zero();
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
fn test_automorphism(
|
||||
p: i64,
|
||||
log_n: usize,
|
||||
basek: usize,
|
||||
k_out: usize,
|
||||
k_in: usize,
|
||||
k_ksk: usize,
|
||||
k_tsk: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
sigma: f64,
|
||||
) {
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
let rows: usize = k_in.div_ceil(basek * digits);
|
||||
let rows_in: usize = k_in.div_euclid(basek * digits);
|
||||
|
||||
let digits_in: usize = 1;
|
||||
|
||||
let mut ct_in: GGSWCiphertext<Vec<u8>, FFT64> = GGSWCiphertext::alloc(&module, basek, k_in, rows_in, digits_in, rank);
|
||||
let mut ct_out: GGSWCiphertext<Vec<u8>, FFT64> = GGSWCiphertext::alloc(&module, basek, k_out, rows_in, digits_in, rank);
|
||||
let mut tensor_key: GLWETensorKey<Vec<u8>, FFT64> = GLWETensorKey::alloc(&module, basek, k_tsk, rows, digits, rank);
|
||||
let mut auto_key: GLWEAutomorphismKey<Vec<u8>, FFT64> = GLWEAutomorphismKey::alloc(&module, basek, k_ksk, rows, digits, rank);
|
||||
let mut pt_have: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k_out);
|
||||
let mut pt_want: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k_out);
|
||||
let mut pt_scalar: ScalarZnx<Vec<u8>> = module.new_scalar_znx(1);
|
||||
|
||||
let mut source_xs: Source = Source::new([0u8; 32]);
|
||||
let mut source_xe: Source = Source::new([0u8; 32]);
|
||||
let mut source_xa: Source = Source::new([0u8; 32]);
|
||||
|
||||
let mut scratch: ScratchOwned = ScratchOwned::new(
|
||||
GGSWCiphertext::encrypt_sk_scratch_space(&module, basek, k_in, rank)
|
||||
| FourierGLWECiphertext::decrypt_scratch_space(&module, basek, k_out)
|
||||
| GLWEAutomorphismKey::encrypt_sk_scratch_space(&module, basek, k_ksk, rank)
|
||||
| GLWETensorKey::encrypt_sk_scratch_space(&module, basek, k_tsk, rank)
|
||||
| GGSWCiphertext::automorphism_scratch_space(
|
||||
&module, basek, k_out, k_in, k_ksk, digits, k_tsk, digits, rank,
|
||||
),
|
||||
);
|
||||
|
||||
let var_xs: f64 = 0.5;
|
||||
|
||||
let mut sk: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank);
|
||||
sk.fill_ternary_prob(var_xs, &mut source_xs);
|
||||
let sk_dft: FourierGLWESecret<Vec<u8>, FFT64> = FourierGLWESecret::from(&module, &sk);
|
||||
|
||||
auto_key.encrypt_sk(
|
||||
&module,
|
||||
p,
|
||||
&sk,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
tensor_key.encrypt_sk(
|
||||
&module,
|
||||
&sk_dft,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
pt_scalar.fill_ternary_hw(0, module.n(), &mut source_xs);
|
||||
|
||||
ct_in.encrypt_sk(
|
||||
&module,
|
||||
&pt_scalar,
|
||||
&sk_dft,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
ct_out.automorphism(&module, &ct_in, &auto_key, &tensor_key, scratch.borrow());
|
||||
|
||||
module.scalar_znx_automorphism_inplace(p, &mut pt_scalar, 0);
|
||||
|
||||
let mut ct_glwe_fourier: FourierGLWECiphertext<Vec<u8>, FFT64> = FourierGLWECiphertext::alloc(&module, basek, k_out, rank);
|
||||
let mut pt_dft: VecZnxDft<Vec<u8>, FFT64> = module.new_vec_znx_dft(1, ct_out.size());
|
||||
let mut pt_big: VecZnxBig<Vec<u8>, FFT64> = module.new_vec_znx_big(1, ct_out.size());
|
||||
|
||||
(0..ct_out.rank() + 1).for_each(|col_j| {
|
||||
(0..ct_out.rows()).for_each(|row_i| {
|
||||
module.vec_znx_add_scalar_inplace(&mut pt_want.data, 0, row_i, &pt_scalar, 0);
|
||||
|
||||
// mul with sk[col_j-1]
|
||||
if col_j > 0 {
|
||||
module.vec_znx_dft(1, 0, &mut pt_dft, 0, &pt_want.data, 0);
|
||||
module.svp_apply_inplace(&mut pt_dft, 0, &sk_dft.data, col_j - 1);
|
||||
module.vec_znx_idft_tmp_a(&mut pt_big, 0, &mut pt_dft, 0);
|
||||
module.vec_znx_big_normalize(basek, &mut pt_want.data, 0, &pt_big, 0, scratch.borrow());
|
||||
}
|
||||
|
||||
ct_out.get_row(&module, row_i, col_j, &mut ct_glwe_fourier);
|
||||
|
||||
ct_glwe_fourier.decrypt(&module, &mut pt_have, &sk_dft, scratch.borrow());
|
||||
|
||||
module.vec_znx_sub_ab_inplace(&mut pt_have.data, 0, &pt_want.data, 0);
|
||||
|
||||
let noise_have: f64 = pt_have.data.std(0, basek).log2();
|
||||
let noise_want: f64 = noise_ggsw_keyswitch(
|
||||
module.n() as f64,
|
||||
basek * digits,
|
||||
col_j,
|
||||
var_xs,
|
||||
0f64,
|
||||
sigma * sigma,
|
||||
0f64,
|
||||
rank as f64,
|
||||
k_in,
|
||||
k_ksk,
|
||||
k_tsk,
|
||||
);
|
||||
|
||||
assert!(
|
||||
noise_have < noise_want + 0.5,
|
||||
"{} {}",
|
||||
noise_have,
|
||||
noise_want
|
||||
);
|
||||
|
||||
pt_want.data.zero();
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
fn test_automorphism_inplace(
|
||||
p: i64,
|
||||
log_n: usize,
|
||||
basek: usize,
|
||||
k_ct: usize,
|
||||
k_ksk: usize,
|
||||
k_tsk: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
sigma: f64,
|
||||
) {
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
let rows: usize = k_ct.div_ceil(digits * basek);
|
||||
let rows_in: usize = k_ct.div_euclid(basek * digits);
|
||||
let digits_in: usize = 1;
|
||||
|
||||
let mut ct: GGSWCiphertext<Vec<u8>, FFT64> = GGSWCiphertext::alloc(&module, basek, k_ct, rows_in, digits_in, rank);
|
||||
let mut tensor_key: GLWETensorKey<Vec<u8>, FFT64> = GLWETensorKey::alloc(&module, basek, k_tsk, rows, digits, rank);
|
||||
let mut auto_key: GLWEAutomorphismKey<Vec<u8>, FFT64> = GLWEAutomorphismKey::alloc(&module, basek, k_ksk, rows, digits, rank);
|
||||
let mut pt_have: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k_ct);
|
||||
let mut pt_want: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k_ct);
|
||||
let mut pt_scalar: ScalarZnx<Vec<u8>> = module.new_scalar_znx(1);
|
||||
|
||||
let mut source_xs: Source = Source::new([0u8; 32]);
|
||||
let mut source_xe: Source = Source::new([0u8; 32]);
|
||||
let mut source_xa: Source = Source::new([0u8; 32]);
|
||||
|
||||
let mut scratch: ScratchOwned = ScratchOwned::new(
|
||||
GGSWCiphertext::encrypt_sk_scratch_space(&module, basek, k_ct, rank)
|
||||
| FourierGLWECiphertext::decrypt_scratch_space(&module, basek, k_ct)
|
||||
| GLWEAutomorphismKey::encrypt_sk_scratch_space(&module, basek, k_ksk, rank)
|
||||
| GLWETensorKey::encrypt_sk_scratch_space(&module, basek, k_tsk, rank)
|
||||
| GGSWCiphertext::automorphism_inplace_scratch_space(&module, basek, k_ct, k_ksk, digits, k_tsk, digits, rank),
|
||||
);
|
||||
|
||||
let var_xs: f64 = 0.5;
|
||||
|
||||
let mut sk: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank);
|
||||
sk.fill_ternary_prob(var_xs, &mut source_xs);
|
||||
let sk_dft: FourierGLWESecret<Vec<u8>, FFT64> = FourierGLWESecret::from(&module, &sk);
|
||||
|
||||
auto_key.encrypt_sk(
|
||||
&module,
|
||||
p,
|
||||
&sk,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
tensor_key.encrypt_sk(
|
||||
&module,
|
||||
&sk_dft,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
pt_scalar.fill_ternary_hw(0, module.n(), &mut source_xs);
|
||||
|
||||
ct.encrypt_sk(
|
||||
&module,
|
||||
&pt_scalar,
|
||||
&sk_dft,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
ct.automorphism_inplace(&module, &auto_key, &tensor_key, scratch.borrow());
|
||||
|
||||
module.scalar_znx_automorphism_inplace(p, &mut pt_scalar, 0);
|
||||
|
||||
let mut ct_glwe_fourier: FourierGLWECiphertext<Vec<u8>, FFT64> = FourierGLWECiphertext::alloc(&module, basek, k_ct, rank);
|
||||
let mut pt_dft: VecZnxDft<Vec<u8>, FFT64> = module.new_vec_znx_dft(1, ct.size());
|
||||
let mut pt_big: VecZnxBig<Vec<u8>, FFT64> = module.new_vec_znx_big(1, ct.size());
|
||||
|
||||
(0..ct.rank() + 1).for_each(|col_j| {
|
||||
(0..ct.rows()).for_each(|row_i| {
|
||||
module.vec_znx_add_scalar_inplace(&mut pt_want.data, 0, row_i, &pt_scalar, 0);
|
||||
|
||||
// mul with sk[col_j-1]
|
||||
if col_j > 0 {
|
||||
module.vec_znx_dft(1, 0, &mut pt_dft, 0, &pt_want.data, 0);
|
||||
module.svp_apply_inplace(&mut pt_dft, 0, &sk_dft.data, col_j - 1);
|
||||
module.vec_znx_idft_tmp_a(&mut pt_big, 0, &mut pt_dft, 0);
|
||||
module.vec_znx_big_normalize(basek, &mut pt_want.data, 0, &pt_big, 0, scratch.borrow());
|
||||
}
|
||||
|
||||
ct.get_row(&module, row_i, col_j, &mut ct_glwe_fourier);
|
||||
|
||||
ct_glwe_fourier.decrypt(&module, &mut pt_have, &sk_dft, scratch.borrow());
|
||||
|
||||
module.vec_znx_sub_ab_inplace(&mut pt_have.data, 0, &pt_want.data, 0);
|
||||
|
||||
let noise_have: f64 = pt_have.data.std(0, basek).log2();
|
||||
let noise_want: f64 = noise_ggsw_keyswitch(
|
||||
module.n() as f64,
|
||||
basek * digits,
|
||||
col_j,
|
||||
var_xs,
|
||||
0f64,
|
||||
sigma * sigma,
|
||||
0f64,
|
||||
rank as f64,
|
||||
k_ct,
|
||||
k_ksk,
|
||||
k_tsk,
|
||||
);
|
||||
|
||||
assert!(
|
||||
noise_have <= noise_want + 0.5,
|
||||
"{} {}",
|
||||
noise_have,
|
||||
noise_want
|
||||
);
|
||||
|
||||
pt_want.data.zero();
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
fn test_external_product(
|
||||
log_n: usize,
|
||||
basek: usize,
|
||||
k_in: usize,
|
||||
k_out: usize,
|
||||
k_ggsw: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
sigma: f64,
|
||||
) {
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
|
||||
let rows: usize = k_in.div_ceil(basek * digits);
|
||||
let rows_in: usize = k_in.div_euclid(basek * digits);
|
||||
let digits_in: usize = 1;
|
||||
|
||||
let mut ct_ggsw_lhs_in: GGSWCiphertext<Vec<u8>, FFT64> =
|
||||
GGSWCiphertext::alloc(&module, basek, k_in, rows_in, digits_in, rank);
|
||||
let mut ct_ggsw_lhs_out: GGSWCiphertext<Vec<u8>, FFT64> =
|
||||
GGSWCiphertext::alloc(&module, basek, k_out, rows_in, digits_in, rank);
|
||||
let mut ct_ggsw_rhs: GGSWCiphertext<Vec<u8>, FFT64> = GGSWCiphertext::alloc(&module, basek, k_ggsw, rows, digits, rank);
|
||||
let mut pt_ggsw_lhs: ScalarZnx<Vec<u8>> = module.new_scalar_znx(1);
|
||||
let mut pt_ggsw_rhs: ScalarZnx<Vec<u8>> = module.new_scalar_znx(1);
|
||||
|
||||
let mut source_xs: Source = Source::new([0u8; 32]);
|
||||
let mut source_xe: Source = Source::new([0u8; 32]);
|
||||
let mut source_xa: Source = Source::new([0u8; 32]);
|
||||
|
||||
pt_ggsw_lhs.fill_ternary_prob(0, 0.5, &mut source_xs);
|
||||
|
||||
let k: usize = 1;
|
||||
|
||||
pt_ggsw_rhs.to_mut().raw_mut()[k] = 1; //X^{k}
|
||||
|
||||
let mut scratch: ScratchOwned = ScratchOwned::new(
|
||||
FourierGLWECiphertext::decrypt_scratch_space(&module, basek, k_out)
|
||||
| GGSWCiphertext::encrypt_sk_scratch_space(&module, basek, k_ggsw, rank)
|
||||
| GGSWCiphertext::external_product_scratch_space(&module, basek, k_out, k_in, k_ggsw, digits, rank),
|
||||
);
|
||||
|
||||
let mut sk: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank);
|
||||
sk.fill_ternary_prob(0.5, &mut source_xs);
|
||||
let sk_dft: FourierGLWESecret<Vec<u8>, FFT64> = FourierGLWESecret::from(&module, &sk);
|
||||
|
||||
ct_ggsw_rhs.encrypt_sk(
|
||||
&module,
|
||||
&pt_ggsw_rhs,
|
||||
&sk_dft,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
ct_ggsw_lhs_in.encrypt_sk(
|
||||
&module,
|
||||
&pt_ggsw_lhs,
|
||||
&sk_dft,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
ct_ggsw_lhs_out.external_product(&module, &ct_ggsw_lhs_in, &ct_ggsw_rhs, scratch.borrow());
|
||||
|
||||
let mut ct_glwe_fourier: FourierGLWECiphertext<Vec<u8>, FFT64> = FourierGLWECiphertext::alloc(&module, basek, k_out, rank);
|
||||
let mut pt: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k_out);
|
||||
let mut pt_dft: VecZnxDft<Vec<u8>, FFT64> = module.new_vec_znx_dft(1, ct_ggsw_lhs_out.size());
|
||||
let mut pt_big: VecZnxBig<Vec<u8>, FFT64> = module.new_vec_znx_big(1, ct_ggsw_lhs_out.size());
|
||||
let mut pt_want: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k_out);
|
||||
|
||||
module.vec_znx_rotate_inplace(k as i64, &mut pt_ggsw_lhs, 0);
|
||||
|
||||
(0..ct_ggsw_lhs_out.rank() + 1).for_each(|col_j| {
|
||||
(0..ct_ggsw_lhs_out.rows()).for_each(|row_i| {
|
||||
module.vec_znx_add_scalar_inplace(
|
||||
&mut pt_want.data,
|
||||
0,
|
||||
(digits_in - 1) + row_i * digits_in,
|
||||
&pt_ggsw_lhs,
|
||||
0,
|
||||
);
|
||||
|
||||
if col_j > 0 {
|
||||
module.vec_znx_dft(1, 0, &mut pt_dft, 0, &pt_want.data, 0);
|
||||
module.svp_apply_inplace(&mut pt_dft, 0, &sk_dft.data, col_j - 1);
|
||||
module.vec_znx_idft_tmp_a(&mut pt_big, 0, &mut pt_dft, 0);
|
||||
module.vec_znx_big_normalize(basek, &mut pt_want.data, 0, &pt_big, 0, scratch.borrow());
|
||||
}
|
||||
|
||||
ct_ggsw_lhs_out.get_row(&module, row_i, col_j, &mut ct_glwe_fourier);
|
||||
ct_glwe_fourier.decrypt(&module, &mut pt, &sk_dft, scratch.borrow());
|
||||
|
||||
module.vec_znx_sub_ab_inplace(&mut pt.data, 0, &pt_want.data, 0);
|
||||
|
||||
let noise_have: f64 = pt.data.std(0, basek).log2();
|
||||
|
||||
let var_gct_err_lhs: f64 = sigma * sigma;
|
||||
let var_gct_err_rhs: f64 = 0f64;
|
||||
|
||||
let var_msg: f64 = 1f64 / module.n() as f64; // X^{k}
|
||||
let var_a0_err: f64 = sigma * sigma;
|
||||
let var_a1_err: f64 = 1f64 / 12f64;
|
||||
|
||||
let noise_want: f64 = noise_ggsw_product(
|
||||
module.n() as f64,
|
||||
basek * digits,
|
||||
0.5,
|
||||
var_msg,
|
||||
var_a0_err,
|
||||
var_a1_err,
|
||||
var_gct_err_lhs,
|
||||
var_gct_err_rhs,
|
||||
rank as f64,
|
||||
k_in,
|
||||
k_ggsw,
|
||||
);
|
||||
|
||||
assert!(
|
||||
noise_have <= noise_want + 0.5,
|
||||
"have: {} want: {}",
|
||||
noise_have,
|
||||
noise_want
|
||||
);
|
||||
|
||||
println!("{} {}", noise_have, noise_want);
|
||||
|
||||
pt_want.data.zero();
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
fn test_external_product_inplace(log_n: usize, basek: usize, k_ct: usize, k_ggsw: usize, digits: usize, rank: usize, sigma: f64) {
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
let rows: usize = k_ct.div_ceil(digits * basek);
|
||||
let rows_in: usize = k_ct.div_euclid(basek * digits);
|
||||
let digits_in: usize = 1;
|
||||
|
||||
let mut ct_ggsw_lhs: GGSWCiphertext<Vec<u8>, FFT64> = GGSWCiphertext::alloc(&module, basek, k_ct, rows_in, digits_in, rank);
|
||||
let mut ct_ggsw_rhs: GGSWCiphertext<Vec<u8>, FFT64> = GGSWCiphertext::alloc(&module, basek, k_ggsw, rows, digits, rank);
|
||||
|
||||
let mut pt_ggsw_lhs: ScalarZnx<Vec<u8>> = module.new_scalar_znx(1);
|
||||
let mut pt_ggsw_rhs: ScalarZnx<Vec<u8>> = module.new_scalar_znx(1);
|
||||
|
||||
let mut source_xs: Source = Source::new([0u8; 32]);
|
||||
let mut source_xe: Source = Source::new([0u8; 32]);
|
||||
let mut source_xa: Source = Source::new([0u8; 32]);
|
||||
|
||||
pt_ggsw_lhs.fill_ternary_prob(0, 0.5, &mut source_xs);
|
||||
|
||||
let k: usize = 1;
|
||||
|
||||
pt_ggsw_rhs.to_mut().raw_mut()[k] = 1; //X^{k}
|
||||
|
||||
let mut scratch: ScratchOwned = ScratchOwned::new(
|
||||
FourierGLWECiphertext::decrypt_scratch_space(&module, basek, k_ct)
|
||||
| GGSWCiphertext::encrypt_sk_scratch_space(&module, basek, k_ggsw, rank)
|
||||
| GGSWCiphertext::external_product_inplace_scratch_space(&module, basek, k_ct, k_ggsw, digits, rank),
|
||||
);
|
||||
|
||||
let mut sk: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank);
|
||||
sk.fill_ternary_prob(0.5, &mut source_xs);
|
||||
let sk_dft: FourierGLWESecret<Vec<u8>, FFT64> = FourierGLWESecret::from(&module, &sk);
|
||||
|
||||
ct_ggsw_rhs.encrypt_sk(
|
||||
&module,
|
||||
&pt_ggsw_rhs,
|
||||
&sk_dft,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
ct_ggsw_lhs.encrypt_sk(
|
||||
&module,
|
||||
&pt_ggsw_lhs,
|
||||
&sk_dft,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
ct_ggsw_lhs.external_product_inplace(&module, &ct_ggsw_rhs, scratch.borrow());
|
||||
|
||||
let mut ct_glwe_fourier: FourierGLWECiphertext<Vec<u8>, FFT64> = FourierGLWECiphertext::alloc(&module, basek, k_ct, rank);
|
||||
let mut pt: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k_ct);
|
||||
let mut pt_dft: VecZnxDft<Vec<u8>, FFT64> = module.new_vec_znx_dft(1, ct_ggsw_lhs.size());
|
||||
let mut pt_big: VecZnxBig<Vec<u8>, FFT64> = module.new_vec_znx_big(1, ct_ggsw_lhs.size());
|
||||
let mut pt_want: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k_ct);
|
||||
|
||||
module.vec_znx_rotate_inplace(k as i64, &mut pt_ggsw_lhs, 0);
|
||||
|
||||
(0..ct_ggsw_lhs.rank() + 1).for_each(|col_j| {
|
||||
(0..ct_ggsw_lhs.rows()).for_each(|row_i| {
|
||||
module.vec_znx_add_scalar_inplace(
|
||||
&mut pt_want.data,
|
||||
0,
|
||||
(digits_in - 1) + row_i * digits_in,
|
||||
&pt_ggsw_lhs,
|
||||
0,
|
||||
);
|
||||
|
||||
if col_j > 0 {
|
||||
module.vec_znx_dft(1, 0, &mut pt_dft, 0, &pt_want.data, 0);
|
||||
module.svp_apply_inplace(&mut pt_dft, 0, &sk_dft.data, col_j - 1);
|
||||
module.vec_znx_idft_tmp_a(&mut pt_big, 0, &mut pt_dft, 0);
|
||||
module.vec_znx_big_normalize(basek, &mut pt_want.data, 0, &pt_big, 0, scratch.borrow());
|
||||
}
|
||||
|
||||
ct_ggsw_lhs.get_row(&module, row_i, col_j, &mut ct_glwe_fourier);
|
||||
ct_glwe_fourier.decrypt(&module, &mut pt, &sk_dft, scratch.borrow());
|
||||
|
||||
module.vec_znx_sub_ab_inplace(&mut pt.data, 0, &pt_want.data, 0);
|
||||
|
||||
let noise_have: f64 = pt.data.std(0, basek).log2();
|
||||
|
||||
let var_gct_err_lhs: f64 = sigma * sigma;
|
||||
let var_gct_err_rhs: f64 = 0f64;
|
||||
|
||||
let var_msg: f64 = 1f64 / module.n() as f64; // X^{k}
|
||||
let var_a0_err: f64 = sigma * sigma;
|
||||
let var_a1_err: f64 = 1f64 / 12f64;
|
||||
|
||||
let noise_want: f64 = noise_ggsw_product(
|
||||
module.n() as f64,
|
||||
basek * digits,
|
||||
0.5,
|
||||
var_msg,
|
||||
var_a0_err,
|
||||
var_a1_err,
|
||||
var_gct_err_lhs,
|
||||
var_gct_err_rhs,
|
||||
rank as f64,
|
||||
k_ct,
|
||||
k_ggsw,
|
||||
);
|
||||
|
||||
assert!(
|
||||
noise_have <= noise_want + 0.5,
|
||||
"have: {} want: {}",
|
||||
noise_have,
|
||||
noise_want
|
||||
);
|
||||
|
||||
pt_want.data.zero();
|
||||
});
|
||||
});
|
||||
}
|
||||
@@ -1 +0,0 @@
|
||||
mod ggsw;
|
||||
@@ -1,121 +1,187 @@
|
||||
use backend::{FFT64, Module, Scratch, VecZnxOps};
|
||||
use backend::hal::{
|
||||
api::{
|
||||
ScratchAvailable, TakeVecZnxDft, VecZnxAutomorphismInplace, VecZnxBigAutomorphismInplace, VecZnxBigSubSmallAInplace,
|
||||
VecZnxBigSubSmallBInplace,
|
||||
},
|
||||
layouts::{Backend, DataMut, DataRef, Module, Scratch, VecZnxBig},
|
||||
};
|
||||
|
||||
use crate::{GLWEAutomorphismKey, GLWECiphertext};
|
||||
use crate::{AutomorphismKeyExec, GLWECiphertext, GLWEKeyswitchFamily, Infos, glwe::keyswitch::keyswitch};
|
||||
|
||||
impl GLWECiphertext<Vec<u8>> {
|
||||
pub fn automorphism_scratch_space(
|
||||
module: &Module<FFT64>,
|
||||
pub fn automorphism_scratch_space<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k_out: usize,
|
||||
k_in: usize,
|
||||
k_ksk: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> usize {
|
||||
) -> usize
|
||||
where
|
||||
Module<B>: GLWEKeyswitchFamily<B>,
|
||||
{
|
||||
Self::keyswitch_scratch_space(module, basek, k_out, k_in, k_ksk, digits, rank, rank)
|
||||
}
|
||||
|
||||
pub fn automorphism_inplace_scratch_space(
|
||||
module: &Module<FFT64>,
|
||||
pub fn automorphism_inplace_scratch_space<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k_out: usize,
|
||||
k_ksk: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> usize {
|
||||
) -> usize
|
||||
where
|
||||
Module<B>: GLWEKeyswitchFamily<B>,
|
||||
{
|
||||
Self::keyswitch_inplace_scratch_space(module, basek, k_out, k_ksk, digits, rank)
|
||||
}
|
||||
}
|
||||
|
||||
impl<DataSelf: AsRef<[u8]> + AsMut<[u8]>> GLWECiphertext<DataSelf> {
|
||||
pub fn automorphism<DataLhs: AsRef<[u8]>, DataRhs: AsRef<[u8]>>(
|
||||
impl<DataSelf: DataMut> GLWECiphertext<DataSelf> {
|
||||
pub fn automorphism<DataLhs: DataRef, DataRhs: DataRef, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
module: &Module<B>,
|
||||
lhs: &GLWECiphertext<DataLhs>,
|
||||
rhs: &GLWEAutomorphismKey<DataRhs, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
rhs: &AutomorphismKeyExec<DataRhs, B>,
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
Module<B>: GLWEKeyswitchFamily<B> + VecZnxAutomorphismInplace,
|
||||
Scratch<B>: TakeVecZnxDft<B> + ScratchAvailable,
|
||||
{
|
||||
self.keyswitch(module, lhs, &rhs.key, scratch);
|
||||
(0..self.rank() + 1).for_each(|i| {
|
||||
module.vec_znx_automorphism_inplace(rhs.p(), &mut self.data, i);
|
||||
})
|
||||
}
|
||||
|
||||
pub fn automorphism_inplace<DataRhs: AsRef<[u8]>>(
|
||||
pub fn automorphism_inplace<DataRhs: DataRef, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
rhs: &GLWEAutomorphismKey<DataRhs, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
module: &Module<B>,
|
||||
rhs: &AutomorphismKeyExec<DataRhs, B>,
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
Module<B>: GLWEKeyswitchFamily<B> + VecZnxAutomorphismInplace,
|
||||
Scratch<B>: TakeVecZnxDft<B> + ScratchAvailable,
|
||||
{
|
||||
self.keyswitch_inplace(module, &rhs.key, scratch);
|
||||
(0..self.rank() + 1).for_each(|i| {
|
||||
module.vec_znx_automorphism_inplace(rhs.p(), &mut self.data, i);
|
||||
})
|
||||
}
|
||||
|
||||
pub fn automorphism_add<DataLhs: AsRef<[u8]>, DataRhs: AsRef<[u8]>>(
|
||||
pub fn automorphism_add<DataLhs: DataRef, DataRhs: DataRef, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
module: &Module<B>,
|
||||
lhs: &GLWECiphertext<DataLhs>,
|
||||
rhs: &GLWEAutomorphismKey<DataRhs, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
Self::keyswitch_private::<_, _, 1>(self, rhs.p(), module, lhs, &rhs.key, scratch);
|
||||
rhs: &AutomorphismKeyExec<DataRhs, B>,
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
Module<B>: GLWEKeyswitchFamily<B> + VecZnxBigAutomorphismInplace<B>,
|
||||
Scratch<B>: TakeVecZnxDft<B> + ScratchAvailable,
|
||||
{
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
self.assert_keyswitch(module, lhs, &rhs.key, scratch);
|
||||
}
|
||||
let (res_dft, scratch1) = scratch.take_vec_znx_dft(module, self.cols(), rhs.size()); // TODO: optimise size
|
||||
let mut res_big: VecZnxBig<_, B> = keyswitch(module, res_dft, lhs, &rhs.key, scratch1);
|
||||
(0..self.cols()).for_each(|i| {
|
||||
module.vec_znx_big_automorphism_inplace(rhs.p(), &mut res_big, i);
|
||||
module.vec_znx_big_add_small_inplace(&mut res_big, i, &lhs.data, i);
|
||||
module.vec_znx_big_normalize(self.basek(), &mut self.data, i, &res_big, i, scratch1);
|
||||
})
|
||||
}
|
||||
|
||||
pub fn automorphism_add_inplace<DataRhs: AsRef<[u8]>>(
|
||||
pub fn automorphism_add_inplace<DataRhs: DataRef, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
rhs: &GLWEAutomorphismKey<DataRhs, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
module: &Module<B>,
|
||||
rhs: &AutomorphismKeyExec<DataRhs, B>,
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
Module<B>: GLWEKeyswitchFamily<B> + VecZnxBigAutomorphismInplace<B>,
|
||||
Scratch<B>: TakeVecZnxDft<B> + ScratchAvailable,
|
||||
{
|
||||
unsafe {
|
||||
let self_ptr: *mut GLWECiphertext<DataSelf> = self as *mut GLWECiphertext<DataSelf>;
|
||||
Self::keyswitch_private::<_, _, 1>(self, rhs.p(), module, &*self_ptr, &rhs.key, scratch);
|
||||
self.automorphism_add(module, &*self_ptr, rhs, scratch);
|
||||
}
|
||||
}
|
||||
|
||||
pub fn automorphism_sub_ab<DataLhs: AsRef<[u8]>, DataRhs: AsRef<[u8]>>(
|
||||
pub fn automorphism_sub_ab<DataLhs: DataRef, DataRhs: DataRef, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
module: &Module<B>,
|
||||
lhs: &GLWECiphertext<DataLhs>,
|
||||
rhs: &GLWEAutomorphismKey<DataRhs, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
Self::keyswitch_private::<_, _, 2>(self, rhs.p(), module, lhs, &rhs.key, scratch);
|
||||
rhs: &AutomorphismKeyExec<DataRhs, B>,
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
Module<B>: GLWEKeyswitchFamily<B> + VecZnxBigAutomorphismInplace<B> + VecZnxBigSubSmallAInplace<B>,
|
||||
Scratch<B>: TakeVecZnxDft<B> + ScratchAvailable,
|
||||
{
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
self.assert_keyswitch(module, lhs, &rhs.key, scratch);
|
||||
}
|
||||
let (res_dft, scratch1) = scratch.take_vec_znx_dft(module, self.cols(), rhs.size()); // TODO: optimise size
|
||||
let mut res_big: VecZnxBig<_, B> = keyswitch(module, res_dft, lhs, &rhs.key, scratch1);
|
||||
(0..self.cols()).for_each(|i| {
|
||||
module.vec_znx_big_automorphism_inplace(rhs.p(), &mut res_big, i);
|
||||
module.vec_znx_big_sub_small_a_inplace(&mut res_big, i, &lhs.data, i);
|
||||
module.vec_znx_big_normalize(self.basek(), &mut self.data, i, &res_big, i, scratch1);
|
||||
})
|
||||
}
|
||||
|
||||
pub fn automorphism_sub_ab_inplace<DataRhs: AsRef<[u8]>>(
|
||||
pub fn automorphism_sub_ab_inplace<DataRhs: DataRef, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
rhs: &GLWEAutomorphismKey<DataRhs, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
module: &Module<B>,
|
||||
rhs: &AutomorphismKeyExec<DataRhs, B>,
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
Module<B>: GLWEKeyswitchFamily<B> + VecZnxBigAutomorphismInplace<B> + VecZnxBigSubSmallAInplace<B>,
|
||||
Scratch<B>: TakeVecZnxDft<B> + ScratchAvailable,
|
||||
{
|
||||
unsafe {
|
||||
let self_ptr: *mut GLWECiphertext<DataSelf> = self as *mut GLWECiphertext<DataSelf>;
|
||||
Self::keyswitch_private::<_, _, 2>(self, rhs.p(), module, &*self_ptr, &rhs.key, scratch);
|
||||
self.automorphism_sub_ab(module, &*self_ptr, rhs, scratch);
|
||||
}
|
||||
}
|
||||
|
||||
pub fn automorphism_sub_ba<DataLhs: AsRef<[u8]>, DataRhs: AsRef<[u8]>>(
|
||||
pub fn automorphism_sub_ba<DataLhs: DataRef, DataRhs: DataRef, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
module: &Module<B>,
|
||||
lhs: &GLWECiphertext<DataLhs>,
|
||||
rhs: &GLWEAutomorphismKey<DataRhs, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
Self::keyswitch_private::<_, _, 3>(self, rhs.p(), module, lhs, &rhs.key, scratch);
|
||||
rhs: &AutomorphismKeyExec<DataRhs, B>,
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
Module<B>: GLWEKeyswitchFamily<B> + VecZnxBigAutomorphismInplace<B> + VecZnxBigSubSmallBInplace<B>,
|
||||
Scratch<B>: TakeVecZnxDft<B> + ScratchAvailable,
|
||||
{
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
self.assert_keyswitch(module, lhs, &rhs.key, scratch);
|
||||
}
|
||||
let (res_dft, scratch1) = scratch.take_vec_znx_dft(module, self.cols(), rhs.size()); // TODO: optimise size
|
||||
let mut res_big: VecZnxBig<_, B> = keyswitch(module, res_dft, lhs, &rhs.key, scratch1);
|
||||
(0..self.cols()).for_each(|i| {
|
||||
module.vec_znx_big_automorphism_inplace(rhs.p(), &mut res_big, i);
|
||||
module.vec_znx_big_sub_small_b_inplace(&mut res_big, i, &lhs.data, i);
|
||||
module.vec_znx_big_normalize(self.basek(), &mut self.data, i, &res_big, i, scratch1);
|
||||
})
|
||||
}
|
||||
|
||||
pub fn automorphism_sub_ba_inplace<DataRhs: AsRef<[u8]>>(
|
||||
pub fn automorphism_sub_ba_inplace<DataRhs: DataRef, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
rhs: &GLWEAutomorphismKey<DataRhs, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
module: &Module<B>,
|
||||
rhs: &AutomorphismKeyExec<DataRhs, B>,
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
Module<B>: GLWEKeyswitchFamily<B> + VecZnxBigAutomorphismInplace<B> + VecZnxBigSubSmallBInplace<B>,
|
||||
Scratch<B>: TakeVecZnxDft<B> + ScratchAvailable,
|
||||
{
|
||||
unsafe {
|
||||
let self_ptr: *mut GLWECiphertext<DataSelf> = self as *mut GLWECiphertext<DataSelf>;
|
||||
Self::keyswitch_private::<_, _, 3>(self, rhs.p(), module, &*self_ptr, &rhs.key, scratch);
|
||||
self.automorphism_sub_ba(module, &*self_ptr, rhs, scratch);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,115 +0,0 @@
|
||||
use backend::{Backend, FFT64, Module, VecZnx, VecZnxAlloc, VecZnxDftOps, VecZnxToMut, VecZnxToRef};
|
||||
|
||||
use crate::{FourierGLWECiphertext, GLWEOps, Infos, SetMetaData};
|
||||
|
||||
pub struct GLWECiphertext<C> {
|
||||
pub data: VecZnx<C>,
|
||||
pub basek: usize,
|
||||
pub k: usize,
|
||||
}
|
||||
|
||||
impl GLWECiphertext<Vec<u8>> {
|
||||
pub fn alloc<B: Backend>(module: &Module<B>, basek: usize, k: usize, rank: usize) -> Self {
|
||||
Self {
|
||||
data: module.new_vec_znx(rank + 1, k.div_ceil(basek)),
|
||||
basek,
|
||||
k,
|
||||
}
|
||||
}
|
||||
|
||||
pub fn bytes_of(module: &Module<FFT64>, basek: usize, k: usize, rank: usize) -> usize {
|
||||
module.bytes_of_vec_znx(rank + 1, k.div_ceil(basek))
|
||||
}
|
||||
}
|
||||
|
||||
impl<T> Infos for GLWECiphertext<T> {
|
||||
type Inner = VecZnx<T>;
|
||||
|
||||
fn inner(&self) -> &Self::Inner {
|
||||
&self.data
|
||||
}
|
||||
|
||||
fn basek(&self) -> usize {
|
||||
self.basek
|
||||
}
|
||||
|
||||
fn k(&self) -> usize {
|
||||
self.k
|
||||
}
|
||||
}
|
||||
|
||||
impl<T> GLWECiphertext<T> {
|
||||
pub fn rank(&self) -> usize {
|
||||
self.cols() - 1
|
||||
}
|
||||
}
|
||||
|
||||
impl<C: AsRef<[u8]>> GLWECiphertext<C> {
|
||||
#[allow(dead_code)]
|
||||
pub(crate) fn dft<R: AsMut<[u8]> + AsRef<[u8]>>(&self, module: &Module<FFT64>, res: &mut FourierGLWECiphertext<R, FFT64>) {
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
assert_eq!(self.rank(), res.rank());
|
||||
assert_eq!(self.basek(), res.basek())
|
||||
}
|
||||
|
||||
(0..self.rank() + 1).for_each(|i| {
|
||||
module.vec_znx_dft(1, 0, &mut res.data, i, &self.data, i);
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
impl<DataSelf: AsRef<[u8]>> GLWECiphertext<DataSelf> {
|
||||
pub fn clone(&self) -> GLWECiphertext<Vec<u8>> {
|
||||
GLWECiphertext {
|
||||
data: self.data.clone(),
|
||||
basek: self.basek(),
|
||||
k: self.k(),
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
impl<DataSelf: AsMut<[u8]> + AsRef<[u8]>> SetMetaData for GLWECiphertext<DataSelf> {
|
||||
fn set_k(&mut self, k: usize) {
|
||||
self.k = k
|
||||
}
|
||||
|
||||
fn set_basek(&mut self, basek: usize) {
|
||||
self.basek = basek
|
||||
}
|
||||
}
|
||||
|
||||
pub trait GLWECiphertextToRef: Infos {
|
||||
fn to_ref(&self) -> GLWECiphertext<&[u8]>;
|
||||
}
|
||||
|
||||
impl<D: AsRef<[u8]>> GLWECiphertextToRef for GLWECiphertext<D> {
|
||||
fn to_ref(&self) -> GLWECiphertext<&[u8]> {
|
||||
GLWECiphertext {
|
||||
data: self.data.to_ref(),
|
||||
basek: self.basek,
|
||||
k: self.k,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
pub trait GLWECiphertextToMut: Infos {
|
||||
fn to_mut(&mut self) -> GLWECiphertext<&mut [u8]>;
|
||||
}
|
||||
|
||||
impl<D: AsMut<[u8]> + AsRef<[u8]>> GLWECiphertextToMut for GLWECiphertext<D> {
|
||||
fn to_mut(&mut self) -> GLWECiphertext<&mut [u8]> {
|
||||
GLWECiphertext {
|
||||
data: self.data.to_mut(),
|
||||
basek: self.basek,
|
||||
k: self.k,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
impl<D> GLWEOps for GLWECiphertext<D>
|
||||
where
|
||||
D: AsRef<[u8]> + AsMut<[u8]>,
|
||||
GLWECiphertext<D>: GLWECiphertextToMut + Infos + SetMetaData,
|
||||
{
|
||||
}
|
||||
@@ -1,25 +1,46 @@
|
||||
use backend::{
|
||||
FFT64, Module, ScalarZnxDftOps, Scratch, VecZnxBigAlloc, VecZnxBigOps, VecZnxBigScratch, VecZnxDftAlloc, VecZnxDftOps,
|
||||
ZnxZero,
|
||||
use backend::hal::{
|
||||
api::{
|
||||
DataViewMut, SvpApplyInplace, TakeVecZnxBig, TakeVecZnxDft, VecZnxBigAddInplace, VecZnxBigAddSmallInplace,
|
||||
VecZnxBigAllocBytes, VecZnxBigNormalize, VecZnxDftAllocBytes, VecZnxDftFromVecZnx, VecZnxDftToVecZnxBigConsume,
|
||||
VecZnxNormalizeTmpBytes,
|
||||
},
|
||||
layouts::{Backend, DataMut, DataRef, Module, Scratch},
|
||||
};
|
||||
|
||||
use crate::{FourierGLWESecret, GLWECiphertext, GLWEPlaintext, Infos};
|
||||
use crate::{GLWECiphertext, GLWEPlaintext, GLWESecretExec, Infos};
|
||||
|
||||
pub trait GLWEDecryptFamily<B: Backend> = VecZnxDftAllocBytes
|
||||
+ VecZnxBigAllocBytes
|
||||
+ VecZnxDftFromVecZnx<B>
|
||||
+ SvpApplyInplace<B>
|
||||
+ VecZnxDftToVecZnxBigConsume<B>
|
||||
+ VecZnxBigAddInplace<B>
|
||||
+ VecZnxBigAddSmallInplace<B>
|
||||
+ VecZnxBigNormalize<B>
|
||||
+ VecZnxNormalizeTmpBytes;
|
||||
|
||||
impl GLWECiphertext<Vec<u8>> {
|
||||
pub fn decrypt_scratch_space(module: &Module<FFT64>, basek: usize, k: usize) -> usize {
|
||||
pub fn decrypt_scratch_space<B: Backend>(module: &Module<B>, basek: usize, k: usize) -> usize
|
||||
where
|
||||
Module<B>: GLWEDecryptFamily<B>,
|
||||
{
|
||||
let size: usize = k.div_ceil(basek);
|
||||
(module.vec_znx_big_normalize_tmp_bytes() | module.bytes_of_vec_znx_dft(1, size)) + module.bytes_of_vec_znx_big(1, size)
|
||||
(module.vec_znx_normalize_tmp_bytes(module.n()) | module.vec_znx_dft_alloc_bytes(1, size))
|
||||
+ module.vec_znx_dft_alloc_bytes(1, size)
|
||||
}
|
||||
}
|
||||
|
||||
impl<DataSelf: AsRef<[u8]>> GLWECiphertext<DataSelf> {
|
||||
pub fn decrypt<DataPt: AsMut<[u8]> + AsRef<[u8]>, DataSk: AsRef<[u8]>>(
|
||||
impl<DataSelf: DataRef> GLWECiphertext<DataSelf> {
|
||||
pub fn decrypt<DataPt: DataMut, DataSk: DataRef, B: Backend>(
|
||||
&self,
|
||||
module: &Module<FFT64>,
|
||||
module: &Module<B>,
|
||||
pt: &mut GLWEPlaintext<DataPt>,
|
||||
sk: &FourierGLWESecret<DataSk, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
sk: &GLWESecretExec<DataSk, B>,
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
Module<B>: GLWEDecryptFamily<B>,
|
||||
Scratch<B>: TakeVecZnxDft<B> + TakeVecZnxBig<B>,
|
||||
{
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
assert_eq!(self.rank(), sk.rank());
|
||||
@@ -30,16 +51,16 @@ impl<DataSelf: AsRef<[u8]>> GLWECiphertext<DataSelf> {
|
||||
|
||||
let cols: usize = self.rank() + 1;
|
||||
|
||||
let (mut c0_big, scratch_1) = scratch.tmp_vec_znx_big(module, 1, self.size()); // TODO optimize size when pt << ct
|
||||
c0_big.zero();
|
||||
let (mut c0_big, scratch_1) = scratch.take_vec_znx_big(module, 1, self.size()); // TODO optimize size when pt << ct
|
||||
c0_big.data_mut().fill(0);
|
||||
|
||||
{
|
||||
(1..cols).for_each(|i| {
|
||||
// ci_dft = DFT(a[i]) * DFT(s[i])
|
||||
let (mut ci_dft, _) = scratch_1.tmp_vec_znx_dft(module, 1, self.size()); // TODO optimize size when pt << ct
|
||||
module.vec_znx_dft(1, 0, &mut ci_dft, 0, &self.data, i);
|
||||
let (mut ci_dft, _) = scratch_1.take_vec_znx_dft(module, 1, self.size()); // TODO optimize size when pt << ct
|
||||
module.vec_znx_dft_from_vec_znx(1, 0, &mut ci_dft, 0, &self.data, i);
|
||||
module.svp_apply_inplace(&mut ci_dft, 0, &sk.data, i - 1);
|
||||
let ci_big = module.vec_znx_idft_consume(ci_dft);
|
||||
let ci_big = module.vec_znx_dft_to_vec_znx_big_consume(ci_dft);
|
||||
|
||||
// c0_big += a[i] * s[i]
|
||||
module.vec_znx_big_add_inplace(&mut c0_big, 0, &ci_big, 0);
|
||||
|
||||
@@ -1,35 +1,76 @@
|
||||
use backend::{
|
||||
AddNormal, FFT64, FillUniform, Module, ScalarZnxAlloc, ScalarZnxDftAlloc, ScalarZnxDftOps, Scratch, VecZnxAlloc, VecZnxBig,
|
||||
VecZnxBigAlloc, VecZnxBigOps, VecZnxBigScratch, VecZnxDftAlloc, VecZnxDftOps, VecZnxOps, ZnxZero,
|
||||
use backend::hal::{
|
||||
api::{
|
||||
ScalarZnxAllocBytes, ScratchAvailable, SvpApply, SvpApplyInplace, SvpPPolAllocBytes, SvpPrepare, TakeScalarZnx,
|
||||
TakeSvpPPol, TakeVecZnx, TakeVecZnxDft, VecZnxAddInplace, VecZnxAddNormal, VecZnxBigAddNormal, VecZnxBigAddSmallInplace,
|
||||
VecZnxBigAllocBytes, VecZnxBigNormalize, VecZnxDftAllocBytes, VecZnxDftFromVecZnx, VecZnxDftToVecZnxBigConsume,
|
||||
VecZnxFillUniform, VecZnxNormalize, VecZnxNormalizeInplace, VecZnxNormalizeTmpBytes, VecZnxSubABInplace, ZnxZero,
|
||||
},
|
||||
layouts::{Backend, DataMut, DataRef, Module, Scratch, VecZnxBig},
|
||||
};
|
||||
use sampling::source::Source;
|
||||
|
||||
use crate::{FourierGLWESecret, GLWECiphertext, GLWEPlaintext, GLWEPublicKey, Infos, SIX_SIGMA, dist::Distribution};
|
||||
use crate::{GLWECiphertext, GLWEPlaintext, GLWEPublicKeyExec, GLWESecretExec, Infos, SIX_SIGMA, dist::Distribution};
|
||||
|
||||
pub trait GLWEEncryptSkFamily<B: Backend> = VecZnxDftAllocBytes
|
||||
+ VecZnxBigNormalize<B>
|
||||
+ VecZnxDftFromVecZnx<B>
|
||||
+ SvpApplyInplace<B>
|
||||
+ VecZnxDftToVecZnxBigConsume<B>
|
||||
+ VecZnxNormalizeTmpBytes
|
||||
+ VecZnxFillUniform
|
||||
+ VecZnxSubABInplace
|
||||
+ VecZnxAddInplace
|
||||
+ VecZnxNormalizeInplace<B>
|
||||
+ VecZnxAddNormal
|
||||
+ VecZnxNormalize<B>;
|
||||
|
||||
pub trait GLWEEncryptPkFamily<B: Backend> = VecZnxDftAllocBytes
|
||||
+ VecZnxBigAllocBytes
|
||||
+ SvpPPolAllocBytes
|
||||
+ SvpPrepare<B>
|
||||
+ SvpApply<B>
|
||||
+ VecZnxDftToVecZnxBigConsume<B>
|
||||
+ VecZnxBigAddNormal<B>
|
||||
+ VecZnxBigAddSmallInplace<B>
|
||||
+ VecZnxBigNormalize<B>
|
||||
+ ScalarZnxAllocBytes
|
||||
+ VecZnxNormalizeTmpBytes;
|
||||
|
||||
impl GLWECiphertext<Vec<u8>> {
|
||||
pub fn encrypt_sk_scratch_space(module: &Module<FFT64>, basek: usize, k: usize) -> usize {
|
||||
pub fn encrypt_sk_scratch_space<B: Backend>(module: &Module<B>, basek: usize, k: usize) -> usize
|
||||
where
|
||||
Module<B>: GLWEEncryptSkFamily<B>,
|
||||
{
|
||||
let size: usize = k.div_ceil(basek);
|
||||
module.vec_znx_big_normalize_tmp_bytes() + module.bytes_of_vec_znx_dft(1, size) + module.bytes_of_vec_znx(1, size)
|
||||
module.vec_znx_normalize_tmp_bytes(module.n())
|
||||
+ module.vec_znx_dft_alloc_bytes(1, size)
|
||||
+ module.vec_znx_dft_alloc_bytes(1, size)
|
||||
}
|
||||
pub fn encrypt_pk_scratch_space(module: &Module<FFT64>, basek: usize, k: usize) -> usize {
|
||||
pub fn encrypt_pk_scratch_space<B: Backend>(module: &Module<B>, basek: usize, k: usize) -> usize
|
||||
where
|
||||
Module<B>: GLWEEncryptPkFamily<B>,
|
||||
{
|
||||
let size: usize = k.div_ceil(basek);
|
||||
((module.bytes_of_vec_znx_dft(1, size) + module.bytes_of_vec_znx_big(1, size)) | module.bytes_of_scalar_znx(1))
|
||||
+ module.bytes_of_scalar_znx_dft(1)
|
||||
+ module.vec_znx_big_normalize_tmp_bytes()
|
||||
((module.vec_znx_dft_alloc_bytes(1, size) + module.vec_znx_big_alloc_bytes(1, size)) | module.scalar_znx_alloc_bytes(1))
|
||||
+ module.svp_ppol_alloc_bytes(1)
|
||||
+ module.vec_znx_normalize_tmp_bytes(module.n())
|
||||
}
|
||||
}
|
||||
|
||||
impl<DataSelf: AsRef<[u8]> + AsMut<[u8]>> GLWECiphertext<DataSelf> {
|
||||
pub fn encrypt_sk<DataPt: AsRef<[u8]>, DataSk: AsRef<[u8]>>(
|
||||
impl<DataSelf: DataMut> GLWECiphertext<DataSelf> {
|
||||
pub fn encrypt_sk<DataPt: DataRef, DataSk: DataRef, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
module: &Module<B>,
|
||||
pt: &GLWEPlaintext<DataPt>,
|
||||
sk: &FourierGLWESecret<DataSk, FFT64>,
|
||||
sk: &GLWESecretExec<DataSk, B>,
|
||||
source_xa: &mut Source,
|
||||
source_xe: &mut Source,
|
||||
sigma: f64,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
Module<B>: GLWEEncryptSkFamily<B>,
|
||||
Scratch<B>: TakeVecZnxDft<B> + ScratchAvailable + TakeVecZnx<B>,
|
||||
{
|
||||
self.encrypt_sk_private(
|
||||
module,
|
||||
Some((pt, 0)),
|
||||
@@ -41,15 +82,18 @@ impl<DataSelf: AsRef<[u8]> + AsMut<[u8]>> GLWECiphertext<DataSelf> {
|
||||
);
|
||||
}
|
||||
|
||||
pub fn encrypt_zero_sk<DataSk: AsRef<[u8]>>(
|
||||
pub fn encrypt_zero_sk<DataSk: DataRef, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
sk: &FourierGLWESecret<DataSk, FFT64>,
|
||||
module: &Module<B>,
|
||||
sk: &GLWESecretExec<DataSk, B>,
|
||||
source_xa: &mut Source,
|
||||
source_xe: &mut Source,
|
||||
sigma: f64,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
Module<B>: GLWEEncryptSkFamily<B>,
|
||||
Scratch<B>: TakeVecZnxDft<B> + ScratchAvailable + TakeVecZnx<B>,
|
||||
{
|
||||
self.encrypt_sk_private(
|
||||
module,
|
||||
None::<(&GLWEPlaintext<Vec<u8>>, usize)>,
|
||||
@@ -61,17 +105,20 @@ impl<DataSelf: AsRef<[u8]> + AsMut<[u8]>> GLWECiphertext<DataSelf> {
|
||||
);
|
||||
}
|
||||
|
||||
pub fn encrypt_pk<DataPt: AsRef<[u8]>, DataPk: AsRef<[u8]>>(
|
||||
pub fn encrypt_pk<DataPt: DataRef, DataPk: DataRef, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
module: &Module<B>,
|
||||
pt: &GLWEPlaintext<DataPt>,
|
||||
pk: &GLWEPublicKey<DataPk, FFT64>,
|
||||
pk: &GLWEPublicKeyExec<DataPk, B>,
|
||||
source_xu: &mut Source,
|
||||
source_xe: &mut Source,
|
||||
sigma: f64,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
self.encrypt_pk_private::<DataPt, DataPk>(
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
Module<B>: GLWEEncryptPkFamily<B>,
|
||||
Scratch<B>: TakeVecZnxDft<B> + TakeSvpPPol<B> + TakeScalarZnx<B>,
|
||||
{
|
||||
self.encrypt_pk_private::<DataPt, DataPk, B>(
|
||||
module,
|
||||
Some((pt, 0)),
|
||||
pk,
|
||||
@@ -82,16 +129,19 @@ impl<DataSelf: AsRef<[u8]> + AsMut<[u8]>> GLWECiphertext<DataSelf> {
|
||||
);
|
||||
}
|
||||
|
||||
pub fn encrypt_zero_pk<DataPk: AsRef<[u8]>>(
|
||||
pub fn encrypt_zero_pk<DataPk: DataRef, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
pk: &GLWEPublicKey<DataPk, FFT64>,
|
||||
module: &Module<B>,
|
||||
pk: &GLWEPublicKeyExec<DataPk, B>,
|
||||
source_xu: &mut Source,
|
||||
source_xe: &mut Source,
|
||||
sigma: f64,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
self.encrypt_pk_private::<Vec<u8>, DataPk>(
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
Module<B>: GLWEEncryptPkFamily<B>,
|
||||
Scratch<B>: TakeVecZnxDft<B> + TakeSvpPPol<B> + TakeScalarZnx<B>,
|
||||
{
|
||||
self.encrypt_pk_private::<Vec<u8>, DataPk, B>(
|
||||
module,
|
||||
None::<(&GLWEPlaintext<Vec<u8>>, usize)>,
|
||||
pk,
|
||||
@@ -102,16 +152,19 @@ impl<DataSelf: AsRef<[u8]> + AsMut<[u8]>> GLWECiphertext<DataSelf> {
|
||||
);
|
||||
}
|
||||
|
||||
pub(crate) fn encrypt_sk_private<DataPt: AsRef<[u8]>, DataSk: AsRef<[u8]>>(
|
||||
pub(crate) fn encrypt_sk_private<DataPt: DataRef, DataSk: DataRef, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
module: &Module<B>,
|
||||
pt: Option<(&GLWEPlaintext<DataPt>, usize)>,
|
||||
sk: &FourierGLWESecret<DataSk, FFT64>,
|
||||
sk: &GLWESecretExec<DataSk, B>,
|
||||
source_xa: &mut Source,
|
||||
source_xe: &mut Source,
|
||||
sigma: f64,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
Module<B>: GLWEEncryptSkFamily<B>,
|
||||
Scratch<B>: TakeVecZnxDft<B> + ScratchAvailable + TakeVecZnx<B>,
|
||||
{
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
assert_eq!(self.rank(), sk.rank());
|
||||
@@ -134,28 +187,28 @@ impl<DataSelf: AsRef<[u8]> + AsMut<[u8]>> GLWECiphertext<DataSelf> {
|
||||
let size: usize = self.size();
|
||||
let cols: usize = self.rank() + 1;
|
||||
|
||||
let (mut c0_big, scratch_1) = scratch.tmp_vec_znx(module, 1, size);
|
||||
c0_big.zero();
|
||||
let (mut c0, scratch_1) = scratch.take_vec_znx(module, 1, size);
|
||||
c0.zero();
|
||||
|
||||
{
|
||||
// c[i] = uniform
|
||||
// c[0] -= c[i] * s[i],
|
||||
(1..cols).for_each(|i| {
|
||||
let (mut ci_dft, scratch_2) = scratch_1.tmp_vec_znx_dft(module, 1, size);
|
||||
let (mut ci_dft, scratch_2) = scratch_1.take_vec_znx_dft(module, 1, size);
|
||||
|
||||
// c[i] = uniform
|
||||
self.data.fill_uniform(basek, i, size, source_xa);
|
||||
module.vec_znx_fill_uniform(basek, &mut self.data, i, k, source_xa);
|
||||
|
||||
// c[i] = norm(IDFT(DFT(c[i]) * DFT(s[i])))
|
||||
module.vec_znx_dft(1, 0, &mut ci_dft, 0, &self.data, i);
|
||||
module.vec_znx_dft_from_vec_znx(1, 0, &mut ci_dft, 0, &self.data, i);
|
||||
module.svp_apply_inplace(&mut ci_dft, 0, &sk.data, i - 1);
|
||||
let ci_big: VecZnxBig<&mut [u8], FFT64> = module.vec_znx_idft_consume(ci_dft);
|
||||
let ci_big: VecZnxBig<&mut [u8], B> = module.vec_znx_dft_to_vec_znx_big_consume(ci_dft);
|
||||
|
||||
// use c[0] as buffer, which is overwritten later by the normalization step
|
||||
module.vec_znx_big_normalize(basek, &mut self.data, 0, &ci_big, 0, scratch_2);
|
||||
|
||||
// c0_tmp = -c[i] * s[i] (use c[0] as buffer)
|
||||
module.vec_znx_sub_ab_inplace(&mut c0_big, 0, &self.data, 0);
|
||||
module.vec_znx_sub_ab_inplace(&mut c0, 0, &self.data, 0);
|
||||
|
||||
// c[i] += m if col = i
|
||||
if let Some((pt, col)) = pt {
|
||||
@@ -168,29 +221,39 @@ impl<DataSelf: AsRef<[u8]> + AsMut<[u8]>> GLWECiphertext<DataSelf> {
|
||||
}
|
||||
|
||||
// c[0] += e
|
||||
c0_big.add_normal(basek, 0, k, source_xe, sigma, sigma * SIX_SIGMA);
|
||||
module.vec_znx_add_normal(basek, &mut c0, 0, k, source_xe, sigma, sigma * SIX_SIGMA);
|
||||
|
||||
// c[0] += m if col = 0
|
||||
if let Some((pt, col)) = pt {
|
||||
if col == 0 {
|
||||
module.vec_znx_add_inplace(&mut c0_big, 0, &pt.data, 0);
|
||||
module.vec_znx_add_inplace(&mut c0, 0, &pt.data, 0);
|
||||
}
|
||||
}
|
||||
|
||||
// c[0] = norm(c[0])
|
||||
module.vec_znx_normalize(basek, &mut self.data, 0, &c0_big, 0, scratch_1);
|
||||
module.vec_znx_normalize(basek, &mut self.data, 0, &c0, 0, scratch_1);
|
||||
}
|
||||
|
||||
pub(crate) fn encrypt_pk_private<DataPt: AsRef<[u8]>, DataPk: AsRef<[u8]>>(
|
||||
pub(crate) fn encrypt_pk_private<DataPt: DataRef, DataPk: DataRef, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
module: &Module<B>,
|
||||
pt: Option<(&GLWEPlaintext<DataPt>, usize)>,
|
||||
pk: &GLWEPublicKey<DataPk, FFT64>,
|
||||
pk: &GLWEPublicKeyExec<DataPk, B>,
|
||||
source_xu: &mut Source,
|
||||
source_xe: &mut Source,
|
||||
sigma: f64,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
Module<B>: VecZnxDftAllocBytes
|
||||
+ SvpPPolAllocBytes
|
||||
+ SvpPrepare<B>
|
||||
+ SvpApply<B>
|
||||
+ VecZnxDftToVecZnxBigConsume<B>
|
||||
+ VecZnxBigAddNormal<B>
|
||||
+ VecZnxBigAddSmallInplace<B>
|
||||
+ VecZnxBigNormalize<B>,
|
||||
Scratch<B>: TakeVecZnxDft<B> + TakeSvpPPol<B> + TakeScalarZnx<B>,
|
||||
{
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
assert_eq!(self.basek(), pk.basek());
|
||||
@@ -208,10 +271,10 @@ impl<DataSelf: AsRef<[u8]> + AsMut<[u8]>> GLWECiphertext<DataSelf> {
|
||||
let cols: usize = self.rank() + 1;
|
||||
|
||||
// Generates u according to the underlying secret distribution.
|
||||
let (mut u_dft, scratch_1) = scratch.tmp_scalar_znx_dft(module, 1);
|
||||
let (mut u_dft, scratch_1) = scratch.take_svp_ppol(module, 1);
|
||||
|
||||
{
|
||||
let (mut u, _) = scratch_1.tmp_scalar_znx(module, 1);
|
||||
let (mut u, _) = scratch_1.take_scalar_znx(module, 1);
|
||||
match pk.dist {
|
||||
Distribution::NONE => panic!(
|
||||
"invalid public key: SecretDistribution::NONE, ensure it has been correctly intialized through \
|
||||
@@ -230,15 +293,23 @@ impl<DataSelf: AsRef<[u8]> + AsMut<[u8]>> GLWECiphertext<DataSelf> {
|
||||
|
||||
// ct[i] = pk[i] * u + ei (+ m if col = i)
|
||||
(0..cols).for_each(|i| {
|
||||
let (mut ci_dft, scratch_2) = scratch_1.tmp_vec_znx_dft(module, 1, size_pk);
|
||||
let (mut ci_dft, scratch_2) = scratch_1.take_vec_znx_dft(module, 1, size_pk);
|
||||
// ci_dft = DFT(u) * DFT(pk[i])
|
||||
module.svp_apply(&mut ci_dft, 0, &u_dft, 0, &pk.data.data, i);
|
||||
module.svp_apply(&mut ci_dft, 0, &u_dft, 0, &pk.data, i);
|
||||
|
||||
// ci_big = u * p[i]
|
||||
let mut ci_big = module.vec_znx_idft_consume(ci_dft);
|
||||
let mut ci_big = module.vec_znx_dft_to_vec_znx_big_consume(ci_dft);
|
||||
|
||||
// ci_big = u * pk[i] + e
|
||||
ci_big.add_normal(basek, 0, pk.k(), source_xe, sigma, sigma * SIX_SIGMA);
|
||||
module.vec_znx_big_add_normal(
|
||||
basek,
|
||||
&mut ci_big,
|
||||
0,
|
||||
pk.k(),
|
||||
source_xe,
|
||||
sigma,
|
||||
sigma * SIX_SIGMA,
|
||||
);
|
||||
|
||||
// ci_big = u * pk[i] + e + m (if col = i)
|
||||
if let Some((pt, col)) = pt {
|
||||
|
||||
@@ -1,24 +1,40 @@
|
||||
use backend::{
|
||||
FFT64, MatZnxDftOps, MatZnxDftScratch, Module, Scratch, VecZnxBig, VecZnxBigOps, VecZnxDftAlloc, VecZnxDftOps, VecZnxScratch,
|
||||
use backend::hal::{
|
||||
api::{
|
||||
DataViewMut, ScratchAvailable, TakeVecZnxDft, VecZnxBigNormalize, VecZnxDftAllocBytes, VecZnxDftFromVecZnx,
|
||||
VecZnxDftToVecZnxBigConsume, VecZnxNormalizeTmpBytes, VmpApply, VmpApplyAdd, VmpApplyTmpBytes,
|
||||
},
|
||||
layouts::{Backend, DataMut, DataRef, Module, Scratch, VecZnxBig},
|
||||
};
|
||||
|
||||
use crate::{GGSWCiphertext, GLWECiphertext, Infos};
|
||||
use crate::{GGSWCiphertextExec, GLWECiphertext, Infos};
|
||||
|
||||
pub trait GLWEExternalProductFamily<B: Backend> = VecZnxDftAllocBytes
|
||||
+ VmpApplyTmpBytes
|
||||
+ VmpApply<B>
|
||||
+ VmpApplyAdd<B>
|
||||
+ VecZnxDftFromVecZnx<B>
|
||||
+ VecZnxDftToVecZnxBigConsume<B>
|
||||
+ VecZnxBigNormalize<B>
|
||||
+ VecZnxNormalizeTmpBytes;
|
||||
|
||||
impl GLWECiphertext<Vec<u8>> {
|
||||
pub fn external_product_scratch_space(
|
||||
module: &Module<FFT64>,
|
||||
pub fn external_product_scratch_space<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k_out: usize,
|
||||
k_in: usize,
|
||||
k_ggsw: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> usize {
|
||||
) -> usize
|
||||
where
|
||||
Module<B>: GLWEExternalProductFamily<B>,
|
||||
{
|
||||
let in_size: usize = k_in.div_ceil(basek).div_ceil(digits);
|
||||
let out_size: usize = k_out.div_ceil(basek);
|
||||
let ggsw_size: usize = k_ggsw.div_ceil(basek);
|
||||
let res_dft: usize = module.bytes_of_vec_znx_dft(rank + 1, ggsw_size);
|
||||
let a_dft: usize = module.bytes_of_vec_znx_dft(rank + 1, in_size);
|
||||
let res_dft: usize = module.vec_znx_dft_alloc_bytes(rank + 1, ggsw_size);
|
||||
let a_dft: usize = module.vec_znx_dft_alloc_bytes(rank + 1, in_size);
|
||||
let vmp: usize = module.vmp_apply_tmp_bytes(
|
||||
out_size,
|
||||
in_size,
|
||||
@@ -27,34 +43,42 @@ impl GLWECiphertext<Vec<u8>> {
|
||||
rank + 1, // cols out
|
||||
ggsw_size,
|
||||
);
|
||||
let normalize: usize = module.vec_znx_normalize_tmp_bytes();
|
||||
let normalize: usize = module.vec_znx_normalize_tmp_bytes(module.n());
|
||||
res_dft + a_dft + (vmp | normalize)
|
||||
}
|
||||
|
||||
pub fn external_product_inplace_scratch_space(
|
||||
module: &Module<FFT64>,
|
||||
pub fn external_product_inplace_scratch_space<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k_out: usize,
|
||||
k_ggsw: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> usize {
|
||||
) -> usize
|
||||
where
|
||||
Module<B>: GLWEExternalProductFamily<B>,
|
||||
{
|
||||
Self::external_product_scratch_space(module, basek, k_out, k_out, k_ggsw, digits, rank)
|
||||
}
|
||||
}
|
||||
|
||||
impl<DataSelf: AsRef<[u8]> + AsMut<[u8]>> GLWECiphertext<DataSelf> {
|
||||
pub fn external_product<DataLhs: AsRef<[u8]>, DataRhs: AsRef<[u8]>>(
|
||||
impl<DataSelf: DataMut> GLWECiphertext<DataSelf> {
|
||||
pub fn external_product<DataLhs: DataRef, DataRhs: DataRef, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
module: &Module<B>,
|
||||
lhs: &GLWECiphertext<DataLhs>,
|
||||
rhs: &GGSWCiphertext<DataRhs, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
rhs: &GGSWCiphertextExec<DataRhs, B>,
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
Module<B>: GLWEExternalProductFamily<B>,
|
||||
Scratch<B>: TakeVecZnxDft<B> + ScratchAvailable,
|
||||
{
|
||||
let basek: usize = self.basek();
|
||||
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
use backend::hal::api::ScratchAvailable;
|
||||
|
||||
assert_eq!(rhs.rank(), lhs.rank());
|
||||
assert_eq!(rhs.rank(), self.rank());
|
||||
assert_eq!(self.basek(), basek);
|
||||
@@ -79,12 +103,14 @@ impl<DataSelf: AsRef<[u8]> + AsMut<[u8]>> GLWECiphertext<DataSelf> {
|
||||
let cols: usize = rhs.rank() + 1;
|
||||
let digits: usize = rhs.digits();
|
||||
|
||||
let (mut res_dft, scratch1) = scratch.tmp_vec_znx_dft(module, cols, rhs.size()); // Todo optimise
|
||||
let (mut a_dft, scratch2) = scratch1.tmp_vec_znx_dft(module, cols, (lhs.size() + digits - 1) / digits);
|
||||
let (mut res_dft, scratch1) = scratch.take_vec_znx_dft(module, cols, rhs.size()); // Todo optimise
|
||||
let (mut a_dft, scratch2) = scratch1.take_vec_znx_dft(module, cols, lhs.size().div_ceil(digits));
|
||||
|
||||
a_dft.data_mut().fill(0);
|
||||
|
||||
{
|
||||
(0..digits).for_each(|di| {
|
||||
// (lhs.size() + di) / digits = (a - (digit - di - 1) + digit - 1) / digits
|
||||
// (lhs.size() + di) / digits = (a - (digit - di - 1)).div_ceil(digits)
|
||||
a_dft.set_size((lhs.size() + di) / digits);
|
||||
|
||||
// Small optimization for digits > 2
|
||||
@@ -97,7 +123,7 @@ impl<DataSelf: AsRef<[u8]> + AsMut<[u8]>> GLWECiphertext<DataSelf> {
|
||||
res_dft.set_size(rhs.size() - ((digits - di) as isize - 2).max(0) as usize);
|
||||
|
||||
(0..cols).for_each(|col_i| {
|
||||
module.vec_znx_dft(digits, digits - 1 - di, &mut a_dft, col_i, &lhs.data, col_i);
|
||||
module.vec_znx_dft_from_vec_znx(digits, digits - 1 - di, &mut a_dft, col_i, &lhs.data, col_i);
|
||||
});
|
||||
|
||||
if di == 0 {
|
||||
@@ -108,19 +134,22 @@ impl<DataSelf: AsRef<[u8]> + AsMut<[u8]>> GLWECiphertext<DataSelf> {
|
||||
});
|
||||
}
|
||||
|
||||
let res_big: VecZnxBig<&mut [u8], FFT64> = module.vec_znx_idft_consume(res_dft);
|
||||
let res_big: VecZnxBig<&mut [u8], B> = module.vec_znx_dft_to_vec_znx_big_consume(res_dft);
|
||||
|
||||
(0..cols).for_each(|i| {
|
||||
module.vec_znx_big_normalize(basek, &mut self.data, i, &res_big, i, scratch1);
|
||||
});
|
||||
}
|
||||
|
||||
pub fn external_product_inplace<DataRhs: AsRef<[u8]>>(
|
||||
pub fn external_product_inplace<DataRhs: DataRef, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
rhs: &GGSWCiphertext<DataRhs, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
module: &Module<B>,
|
||||
rhs: &GGSWCiphertextExec<DataRhs, B>,
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
Module<B>: GLWEExternalProductFamily<B>,
|
||||
Scratch<B>: TakeVecZnxDft<B> + ScratchAvailable,
|
||||
{
|
||||
unsafe {
|
||||
let self_ptr: *mut GLWECiphertext<DataSelf> = self as *mut GLWECiphertext<DataSelf>;
|
||||
self.external_product(&module, &*self_ptr, rhs, scratch);
|
||||
|
||||
@@ -1,13 +1,27 @@
|
||||
use backend::{
|
||||
FFT64, MatZnxDftOps, MatZnxDftScratch, Module, Scratch, VecZnxBig, VecZnxBigOps, VecZnxBigScratch, VecZnxDftAlloc,
|
||||
VecZnxDftOps, ZnxZero,
|
||||
use backend::hal::{
|
||||
api::{
|
||||
DataViewMut, ScratchAvailable, TakeVecZnxDft, VecZnxBigAddSmallInplace, VecZnxBigNormalize, VecZnxBigNormalizeTmpBytes,
|
||||
VecZnxDftAllocBytes, VecZnxDftFromVecZnx, VecZnxDftToVecZnxBigConsume, VmpApply, VmpApplyAdd, VmpApplyTmpBytes, ZnxInfos,
|
||||
},
|
||||
layouts::{Backend, DataMut, DataRef, Module, Scratch, VecZnx, VecZnxBig, VecZnxDft, VmpPMat},
|
||||
};
|
||||
|
||||
use crate::{FourierGLWECiphertext, GLWECiphertext, GLWESwitchingKey, Infos};
|
||||
use crate::{GLWECiphertext, GLWESwitchingKeyExec, Infos};
|
||||
|
||||
pub trait GLWEKeyswitchFamily<B: Backend> = VecZnxDftAllocBytes
|
||||
+ VmpApplyTmpBytes
|
||||
+ VecZnxBigNormalizeTmpBytes
|
||||
+ VmpApplyTmpBytes
|
||||
+ VmpApply<B>
|
||||
+ VmpApplyAdd<B>
|
||||
+ VecZnxDftFromVecZnx<B>
|
||||
+ VecZnxDftToVecZnxBigConsume<B>
|
||||
+ VecZnxBigAddSmallInplace<B>
|
||||
+ VecZnxBigNormalize<B>;
|
||||
|
||||
impl GLWECiphertext<Vec<u8>> {
|
||||
pub fn keyswitch_scratch_space(
|
||||
module: &Module<FFT64>,
|
||||
pub fn keyswitch_scratch_space<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k_out: usize,
|
||||
k_in: usize,
|
||||
@@ -15,20 +29,23 @@ impl GLWECiphertext<Vec<u8>> {
|
||||
digits: usize,
|
||||
rank_in: usize,
|
||||
rank_out: usize,
|
||||
) -> usize {
|
||||
let res_dft: usize = FourierGLWECiphertext::bytes_of(module, basek, k_out, rank_out + 1);
|
||||
) -> usize
|
||||
where
|
||||
Module<B>: GLWEKeyswitchFamily<B>,
|
||||
{
|
||||
let in_size: usize = k_in.div_ceil(basek).div_ceil(digits);
|
||||
let out_size: usize = k_out.div_ceil(basek);
|
||||
let ksk_size: usize = k_ksk.div_ceil(basek);
|
||||
let ai_dft: usize = module.bytes_of_vec_znx_dft(rank_in, in_size);
|
||||
let res_dft: usize = module.vec_znx_dft_alloc_bytes(rank_out + 1, ksk_size); // TODO OPTIMIZE
|
||||
let ai_dft: usize = module.vec_znx_dft_alloc_bytes(rank_in, in_size);
|
||||
let vmp: usize = module.vmp_apply_tmp_bytes(out_size, in_size, in_size, rank_in, rank_out + 1, ksk_size)
|
||||
+ module.bytes_of_vec_znx_dft(rank_in, in_size);
|
||||
let normalize: usize = module.vec_znx_big_normalize_tmp_bytes();
|
||||
+ module.vec_znx_dft_alloc_bytes(rank_in, in_size);
|
||||
let normalize: usize = module.vec_znx_big_normalize_tmp_bytes(module.n());
|
||||
return res_dft + ((ai_dft + vmp) | normalize);
|
||||
}
|
||||
|
||||
pub fn keyswitch_from_fourier_scratch_space(
|
||||
module: &Module<FFT64>,
|
||||
pub fn keyswitch_from_fourier_scratch_space<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k_out: usize,
|
||||
k_in: usize,
|
||||
@@ -36,221 +53,220 @@ impl GLWECiphertext<Vec<u8>> {
|
||||
digits: usize,
|
||||
rank_in: usize,
|
||||
rank_out: usize,
|
||||
) -> usize {
|
||||
) -> usize
|
||||
where
|
||||
Module<B>: GLWEKeyswitchFamily<B>,
|
||||
{
|
||||
Self::keyswitch_scratch_space(module, basek, k_out, k_in, k_ksk, digits, rank_in, rank_out)
|
||||
}
|
||||
|
||||
pub fn keyswitch_inplace_scratch_space(
|
||||
module: &Module<FFT64>,
|
||||
pub fn keyswitch_inplace_scratch_space<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k_out: usize,
|
||||
k_ksk: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> usize {
|
||||
) -> usize
|
||||
where
|
||||
Module<B>: GLWEKeyswitchFamily<B>,
|
||||
{
|
||||
Self::keyswitch_scratch_space(module, basek, k_out, k_out, k_ksk, digits, rank, rank)
|
||||
}
|
||||
}
|
||||
|
||||
impl<DataSelf: AsRef<[u8]> + AsMut<[u8]>> GLWECiphertext<DataSelf> {
|
||||
pub fn keyswitch<DataLhs: AsRef<[u8]>, DataRhs: AsRef<[u8]>>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
impl<DataSelf: DataRef> GLWECiphertext<DataSelf> {
|
||||
pub(crate) fn assert_keyswitch<B: Backend, DataLhs, DataRhs>(
|
||||
&self,
|
||||
module: &Module<B>,
|
||||
lhs: &GLWECiphertext<DataLhs>,
|
||||
rhs: &GLWESwitchingKey<DataRhs, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
Self::keyswitch_private::<_, _, 0>(self, 0, module, lhs, rhs, scratch);
|
||||
rhs: &GLWESwitchingKeyExec<DataRhs, B>,
|
||||
scratch: &Scratch<B>,
|
||||
) where
|
||||
DataLhs: DataRef,
|
||||
DataRhs: DataRef,
|
||||
Module<B>: GLWEKeyswitchFamily<B>,
|
||||
Scratch<B>: ScratchAvailable,
|
||||
{
|
||||
let basek: usize = self.basek();
|
||||
assert_eq!(
|
||||
lhs.rank(),
|
||||
rhs.rank_in(),
|
||||
"lhs.rank(): {} != rhs.rank_in(): {}",
|
||||
lhs.rank(),
|
||||
rhs.rank_in()
|
||||
);
|
||||
assert_eq!(
|
||||
self.rank(),
|
||||
rhs.rank_out(),
|
||||
"self.rank(): {} != rhs.rank_out(): {}",
|
||||
self.rank(),
|
||||
rhs.rank_out()
|
||||
);
|
||||
assert_eq!(self.basek(), basek);
|
||||
assert_eq!(lhs.basek(), basek);
|
||||
assert_eq!(rhs.n(), module.n());
|
||||
assert_eq!(self.n(), module.n());
|
||||
assert_eq!(lhs.n(), module.n());
|
||||
assert!(
|
||||
scratch.available()
|
||||
>= GLWECiphertext::keyswitch_scratch_space(
|
||||
module,
|
||||
self.basek(),
|
||||
self.k(),
|
||||
lhs.k(),
|
||||
rhs.k(),
|
||||
rhs.digits(),
|
||||
rhs.rank_in(),
|
||||
rhs.rank_out(),
|
||||
)
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
impl<DataSelf: DataMut> GLWECiphertext<DataSelf> {
|
||||
pub fn keyswitch<DataLhs: DataRef, DataRhs: DataRef, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<B>,
|
||||
lhs: &GLWECiphertext<DataLhs>,
|
||||
rhs: &GLWESwitchingKeyExec<DataRhs, B>,
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
Module<B>: GLWEKeyswitchFamily<B>,
|
||||
Scratch<B>: TakeVecZnxDft<B> + ScratchAvailable,
|
||||
{
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
self.assert_keyswitch(module, lhs, rhs, scratch);
|
||||
}
|
||||
let (res_dft, scratch1) = scratch.take_vec_znx_dft(module, self.cols(), rhs.size()); // Todo optimise
|
||||
let res_big: VecZnxBig<_, B> = keyswitch(module, res_dft, lhs, rhs, scratch1);
|
||||
(0..self.cols()).for_each(|i| {
|
||||
module.vec_znx_big_normalize(self.basek(), &mut self.data, i, &res_big, i, scratch1);
|
||||
})
|
||||
}
|
||||
|
||||
pub fn keyswitch_inplace<DataRhs: AsRef<[u8]>>(
|
||||
pub fn keyswitch_inplace<DataRhs: DataRef, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
rhs: &GLWESwitchingKey<DataRhs, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
module: &Module<B>,
|
||||
rhs: &GLWESwitchingKeyExec<DataRhs, B>,
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
Module<B>: GLWEKeyswitchFamily<B>,
|
||||
Scratch<B>: TakeVecZnxDft<B> + ScratchAvailable,
|
||||
{
|
||||
unsafe {
|
||||
let self_ptr: *mut GLWECiphertext<DataSelf> = self as *mut GLWECiphertext<DataSelf>;
|
||||
self.keyswitch(&module, &*self_ptr, rhs, scratch);
|
||||
}
|
||||
}
|
||||
|
||||
pub(crate) fn keyswitch_private<DataLhs: AsRef<[u8]>, DataRhs: AsRef<[u8]>, const OP: u8>(
|
||||
&mut self,
|
||||
apply_auto: i64,
|
||||
module: &Module<FFT64>,
|
||||
lhs: &GLWECiphertext<DataLhs>,
|
||||
rhs: &GLWESwitchingKey<DataRhs, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
let basek: usize = self.basek();
|
||||
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
assert_eq!(
|
||||
lhs.rank(),
|
||||
rhs.rank_in(),
|
||||
"lhs.rank(): {} != rhs.rank_in(): {}",
|
||||
lhs.rank(),
|
||||
rhs.rank_in()
|
||||
);
|
||||
assert_eq!(
|
||||
self.rank(),
|
||||
rhs.rank_out(),
|
||||
"self.rank(): {} != rhs.rank_out(): {}",
|
||||
self.rank(),
|
||||
rhs.rank_out()
|
||||
);
|
||||
assert_eq!(self.basek(), basek);
|
||||
assert_eq!(lhs.basek(), basek);
|
||||
assert_eq!(rhs.n(), module.n());
|
||||
assert_eq!(self.n(), module.n());
|
||||
assert_eq!(lhs.n(), module.n());
|
||||
assert!(
|
||||
scratch.available()
|
||||
>= GLWECiphertext::keyswitch_scratch_space(
|
||||
module,
|
||||
self.basek(),
|
||||
self.k(),
|
||||
lhs.k(),
|
||||
rhs.k(),
|
||||
rhs.digits(),
|
||||
rhs.rank_in(),
|
||||
rhs.rank_out(),
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
let cols_in: usize = rhs.rank_in();
|
||||
let cols_out: usize = rhs.rank_out() + 1;
|
||||
let digits: usize = rhs.digits();
|
||||
|
||||
let (mut res_dft, scratch1) = scratch.tmp_vec_znx_dft(module, cols_out, rhs.size()); // Todo optimise
|
||||
let (mut ai_dft, scratch2) = scratch1.tmp_vec_znx_dft(module, cols_in, (lhs.size() + digits - 1) / digits);
|
||||
ai_dft.zero();
|
||||
{
|
||||
(0..digits).for_each(|di| {
|
||||
ai_dft.set_size((lhs.size() + di) / digits);
|
||||
|
||||
// Small optimization for digits > 2
|
||||
// VMP produce some error e, and since we aggregate vmp * 2^{di * B}, then
|
||||
// we also aggregate ei * 2^{di * B}, with the largest error being ei * 2^{(digits-1) * B}.
|
||||
// As such we can ignore the last digits-2 limbs safely of the sum of vmp products.
|
||||
// It is possible to further ignore the last digits-1 limbs, but this introduce
|
||||
// ~0.5 to 1 bit of additional noise, and thus not chosen here to ensure that the same
|
||||
// noise is kept with respect to the ideal functionality.
|
||||
res_dft.set_size(rhs.size() - ((digits - di) as isize - 2).max(0) as usize);
|
||||
|
||||
(0..cols_in).for_each(|col_i| {
|
||||
module.vec_znx_dft(
|
||||
digits,
|
||||
digits - di - 1,
|
||||
&mut ai_dft,
|
||||
col_i,
|
||||
&lhs.data,
|
||||
col_i + 1,
|
||||
);
|
||||
});
|
||||
|
||||
if di == 0 {
|
||||
module.vmp_apply(&mut res_dft, &ai_dft, &rhs.key.data, scratch2);
|
||||
} else {
|
||||
module.vmp_apply_add(&mut res_dft, &ai_dft, &rhs.key.data, di, scratch2);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
let mut res_big: VecZnxBig<&mut [u8], FFT64> = module.vec_znx_idft_consume(res_dft);
|
||||
|
||||
module.vec_znx_big_add_small_inplace(&mut res_big, 0, &lhs.data, 0);
|
||||
|
||||
(0..cols_out).for_each(|i| {
|
||||
if apply_auto != 0 {
|
||||
module.vec_znx_big_automorphism_inplace(apply_auto, &mut res_big, i);
|
||||
}
|
||||
|
||||
match OP {
|
||||
1 => module.vec_znx_big_add_small_inplace(&mut res_big, i, &lhs.data, i),
|
||||
2 => module.vec_znx_big_sub_small_a_inplace(&mut res_big, i, &lhs.data, i),
|
||||
3 => module.vec_znx_big_sub_small_b_inplace(&mut res_big, i, &lhs.data, i),
|
||||
_ => {}
|
||||
}
|
||||
module.vec_znx_big_normalize(basek, &mut self.data, i, &res_big, i, scratch1);
|
||||
});
|
||||
}
|
||||
|
||||
pub(crate) fn keyswitch_from_fourier<DataLhs: AsRef<[u8]>, DataRhs: AsRef<[u8]>>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
lhs: &FourierGLWECiphertext<DataLhs, FFT64>,
|
||||
rhs: &GLWESwitchingKey<DataRhs, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
let basek: usize = self.basek();
|
||||
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
assert_eq!(lhs.rank(), rhs.rank_in());
|
||||
assert_eq!(self.rank(), rhs.rank_out());
|
||||
assert_eq!(self.basek(), basek);
|
||||
assert_eq!(lhs.basek(), basek);
|
||||
assert_eq!(rhs.n(), module.n());
|
||||
assert_eq!(self.n(), module.n());
|
||||
assert_eq!(lhs.n(), module.n());
|
||||
assert!(
|
||||
scratch.available()
|
||||
>= GLWECiphertext::keyswitch_from_fourier_scratch_space(
|
||||
module,
|
||||
self.basek(),
|
||||
self.k(),
|
||||
lhs.k(),
|
||||
rhs.k(),
|
||||
rhs.digits(),
|
||||
rhs.rank_in(),
|
||||
rhs.rank_out(),
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
let cols_in: usize = rhs.rank_in();
|
||||
let cols_out: usize = rhs.rank_out() + 1;
|
||||
|
||||
// Buffer of the result of VMP in DFT
|
||||
let (mut res_dft, scratch1) = scratch.tmp_vec_znx_dft(module, cols_out, rhs.size()); // Todo optimise
|
||||
|
||||
{
|
||||
let digits = rhs.digits();
|
||||
|
||||
(0..digits).for_each(|di| {
|
||||
// (lhs.size() + di) / digits = (a - (digit - di - 1) + digit - 1) / digits
|
||||
let (mut ai_dft, scratch2) = scratch1.tmp_vec_znx_dft(module, cols_in, (lhs.size() + di) / digits);
|
||||
|
||||
(0..cols_in).for_each(|col_i| {
|
||||
module.vec_znx_dft_copy(
|
||||
digits,
|
||||
digits - 1 - di,
|
||||
&mut ai_dft,
|
||||
col_i,
|
||||
&lhs.data,
|
||||
col_i + 1,
|
||||
);
|
||||
});
|
||||
|
||||
if di == 0 {
|
||||
module.vmp_apply(&mut res_dft, &ai_dft, &rhs.key.data, scratch2);
|
||||
} else {
|
||||
module.vmp_apply_add(&mut res_dft, &ai_dft, &rhs.key.data, di, scratch2);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
module.vec_znx_dft_add_inplace(&mut res_dft, 0, &lhs.data, 0);
|
||||
|
||||
// Switches result of VMP outside of DFT
|
||||
let res_big: VecZnxBig<&mut [u8], FFT64> = module.vec_znx_idft_consume::<&mut [u8]>(res_dft);
|
||||
|
||||
(0..cols_out).for_each(|i| {
|
||||
module.vec_znx_big_normalize(basek, &mut self.data, i, &res_big, i, scratch1);
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
pub(crate) fn keyswitch<B: Backend, DataRes, DataIn, DataKey>(
|
||||
module: &Module<B>,
|
||||
res_dft: VecZnxDft<DataRes, B>,
|
||||
lhs: &GLWECiphertext<DataIn>,
|
||||
rhs: &GLWESwitchingKeyExec<DataKey, B>,
|
||||
scratch: &mut Scratch<B>,
|
||||
) -> VecZnxBig<DataRes, B>
|
||||
where
|
||||
DataRes: DataMut,
|
||||
DataIn: DataRef,
|
||||
DataKey: DataRef,
|
||||
Module<B>: GLWEKeyswitchFamily<B>,
|
||||
Scratch<B>: TakeVecZnxDft<B>,
|
||||
{
|
||||
if rhs.digits() == 1 {
|
||||
return keyswitch_vmp_one_digit(module, res_dft, &lhs.data, &rhs.key.data, scratch);
|
||||
}
|
||||
|
||||
keyswitch_vmp_multiple_digits(
|
||||
module,
|
||||
res_dft,
|
||||
&lhs.data,
|
||||
&rhs.key.data,
|
||||
rhs.digits(),
|
||||
scratch,
|
||||
)
|
||||
}
|
||||
|
||||
fn keyswitch_vmp_one_digit<B: Backend, DataRes, DataIn, DataVmp>(
|
||||
module: &Module<B>,
|
||||
mut res_dft: VecZnxDft<DataRes, B>,
|
||||
a: &VecZnx<DataIn>,
|
||||
mat: &VmpPMat<DataVmp, B>,
|
||||
scratch: &mut Scratch<B>,
|
||||
) -> VecZnxBig<DataRes, B>
|
||||
where
|
||||
DataRes: DataMut,
|
||||
DataIn: DataRef,
|
||||
DataVmp: DataRef,
|
||||
Module<B>:
|
||||
VecZnxDftAllocBytes + VecZnxDftFromVecZnx<B> + VmpApply<B> + VecZnxDftToVecZnxBigConsume<B> + VecZnxBigAddSmallInplace<B>,
|
||||
Scratch<B>: TakeVecZnxDft<B>,
|
||||
{
|
||||
let cols: usize = a.cols();
|
||||
let (mut ai_dft, scratch1) = scratch.take_vec_znx_dft(module, cols - 1, a.size());
|
||||
(0..cols - 1).for_each(|col_i| {
|
||||
module.vec_znx_dft_from_vec_znx(1, 0, &mut ai_dft, col_i, a, col_i + 1);
|
||||
});
|
||||
module.vmp_apply(&mut res_dft, &ai_dft, mat, scratch1);
|
||||
let mut res_big: VecZnxBig<DataRes, B> = module.vec_znx_dft_to_vec_znx_big_consume(res_dft);
|
||||
module.vec_znx_big_add_small_inplace(&mut res_big, 0, a, 0);
|
||||
res_big
|
||||
}
|
||||
|
||||
fn keyswitch_vmp_multiple_digits<B: Backend, DataRes, DataIn, DataVmp>(
|
||||
module: &Module<B>,
|
||||
mut res_dft: VecZnxDft<DataRes, B>,
|
||||
a: &VecZnx<DataIn>,
|
||||
mat: &VmpPMat<DataVmp, B>,
|
||||
digits: usize,
|
||||
scratch: &mut Scratch<B>,
|
||||
) -> VecZnxBig<DataRes, B>
|
||||
where
|
||||
DataRes: DataMut,
|
||||
DataIn: DataRef,
|
||||
DataVmp: DataRef,
|
||||
Module<B>: VecZnxDftAllocBytes
|
||||
+ VecZnxDftFromVecZnx<B>
|
||||
+ VmpApply<B>
|
||||
+ VmpApplyAdd<B>
|
||||
+ VecZnxDftToVecZnxBigConsume<B>
|
||||
+ VecZnxBigAddSmallInplace<B>,
|
||||
Scratch<B>: TakeVecZnxDft<B>,
|
||||
{
|
||||
let cols: usize = a.cols();
|
||||
let size: usize = a.size();
|
||||
let (mut ai_dft, scratch1) = scratch.take_vec_znx_dft(module, cols - 1, size.div_ceil(digits));
|
||||
|
||||
ai_dft.data_mut().fill(0);
|
||||
|
||||
(0..digits).for_each(|di| {
|
||||
ai_dft.set_size((size + di) / digits);
|
||||
|
||||
// Small optimization for digits > 2
|
||||
// VMP produce some error e, and since we aggregate vmp * 2^{di * B}, then
|
||||
// we also aggregate ei * 2^{di * B}, with the largest error being ei * 2^{(digits-1) * B}.
|
||||
// As such we can ignore the last digits-2 limbs safely of the sum of vmp products.
|
||||
// It is possible to further ignore the last digits-1 limbs, but this introduce
|
||||
// ~0.5 to 1 bit of additional noise, and thus not chosen here to ensure that the same
|
||||
// noise is kept with respect to the ideal functionality.
|
||||
res_dft.set_size(mat.size() - ((digits - di) as isize - 2).max(0) as usize);
|
||||
|
||||
(0..cols - 1).for_each(|col_i| {
|
||||
module.vec_znx_dft_from_vec_znx(digits, digits - di - 1, &mut ai_dft, col_i, a, col_i + 1);
|
||||
});
|
||||
|
||||
if di == 0 {
|
||||
module.vmp_apply(&mut res_dft, &ai_dft, mat, scratch1);
|
||||
} else {
|
||||
module.vmp_apply_add(&mut res_dft, &ai_dft, mat, di, scratch1);
|
||||
}
|
||||
});
|
||||
|
||||
res_dft.set_size(res_dft.max_size());
|
||||
let mut res_big: VecZnxBig<DataRes, B> = module.vec_znx_dft_to_vec_znx_big_consume(res_dft);
|
||||
module.vec_znx_big_add_small_inplace(&mut res_big, 0, a, 0);
|
||||
res_big
|
||||
}
|
||||
|
||||
123
core/src/glwe/layout.rs
Normal file
123
core/src/glwe/layout.rs
Normal file
@@ -0,0 +1,123 @@
|
||||
use backend::hal::{
|
||||
api::{VecZnxAlloc, VecZnxAllocBytes},
|
||||
layouts::{Backend, Data, DataMut, DataRef, Module, ReaderFrom, VecZnx, VecZnxToMut, VecZnxToRef, WriterTo},
|
||||
};
|
||||
|
||||
use crate::{GLWEOps, Infos, SetMetaData};
|
||||
|
||||
#[derive(PartialEq, Eq)]
|
||||
pub struct GLWECiphertext<D: Data> {
|
||||
pub data: VecZnx<D>,
|
||||
pub basek: usize,
|
||||
pub k: usize,
|
||||
}
|
||||
|
||||
impl GLWECiphertext<Vec<u8>> {
|
||||
pub fn alloc<B: Backend>(module: &Module<B>, basek: usize, k: usize, rank: usize) -> Self
|
||||
where
|
||||
Module<B>: VecZnxAlloc,
|
||||
{
|
||||
Self {
|
||||
data: module.vec_znx_alloc(rank + 1, k.div_ceil(basek)),
|
||||
basek,
|
||||
k,
|
||||
}
|
||||
}
|
||||
|
||||
pub fn bytes_of<B: Backend>(module: &Module<B>, basek: usize, k: usize, rank: usize) -> usize
|
||||
where
|
||||
Module<B>: VecZnxAllocBytes,
|
||||
{
|
||||
module.vec_znx_alloc_bytes(rank + 1, k.div_ceil(basek))
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: Data> Infos for GLWECiphertext<D> {
|
||||
type Inner = VecZnx<D>;
|
||||
|
||||
fn inner(&self) -> &Self::Inner {
|
||||
&self.data
|
||||
}
|
||||
|
||||
fn basek(&self) -> usize {
|
||||
self.basek
|
||||
}
|
||||
|
||||
fn k(&self) -> usize {
|
||||
self.k
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: Data> GLWECiphertext<D> {
|
||||
pub fn rank(&self) -> usize {
|
||||
self.cols() - 1
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: DataRef> GLWECiphertext<D> {
|
||||
pub fn clone(&self) -> GLWECiphertext<Vec<u8>> {
|
||||
GLWECiphertext {
|
||||
data: self.data.clone(),
|
||||
basek: self.basek(),
|
||||
k: self.k(),
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: DataMut> SetMetaData for GLWECiphertext<D> {
|
||||
fn set_k(&mut self, k: usize) {
|
||||
self.k = k
|
||||
}
|
||||
|
||||
fn set_basek(&mut self, basek: usize) {
|
||||
self.basek = basek
|
||||
}
|
||||
}
|
||||
|
||||
pub trait GLWECiphertextToRef: Infos {
|
||||
fn to_ref(&self) -> GLWECiphertext<&[u8]>;
|
||||
}
|
||||
|
||||
impl<D: DataRef> GLWECiphertextToRef for GLWECiphertext<D> {
|
||||
fn to_ref(&self) -> GLWECiphertext<&[u8]> {
|
||||
GLWECiphertext {
|
||||
data: self.data.to_ref(),
|
||||
basek: self.basek,
|
||||
k: self.k,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
pub trait GLWECiphertextToMut: Infos {
|
||||
fn to_mut(&mut self) -> GLWECiphertext<&mut [u8]>;
|
||||
}
|
||||
|
||||
impl<D: DataMut> GLWECiphertextToMut for GLWECiphertext<D> {
|
||||
fn to_mut(&mut self) -> GLWECiphertext<&mut [u8]> {
|
||||
GLWECiphertext {
|
||||
data: self.data.to_mut(),
|
||||
basek: self.basek,
|
||||
k: self.k,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: DataMut> GLWEOps for GLWECiphertext<D> where GLWECiphertext<D>: GLWECiphertextToMut + Infos + SetMetaData {}
|
||||
|
||||
use byteorder::{LittleEndian, ReadBytesExt, WriteBytesExt};
|
||||
|
||||
impl<D: DataMut> ReaderFrom for GLWECiphertext<D> {
|
||||
fn read_from<R: std::io::Read>(&mut self, reader: &mut R) -> std::io::Result<()> {
|
||||
self.k = reader.read_u64::<LittleEndian>()? as usize;
|
||||
self.basek = reader.read_u64::<LittleEndian>()? as usize;
|
||||
self.data.read_from(reader)
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: DataRef> WriterTo for GLWECiphertext<D> {
|
||||
fn write_to<W: std::io::Write>(&self, writer: &mut W) -> std::io::Result<()> {
|
||||
writer.write_u64::<LittleEndian>(self.k as u64)?;
|
||||
writer.write_u64::<LittleEndian>(self.basek as u64)?;
|
||||
self.data.write_to(writer)
|
||||
}
|
||||
}
|
||||
@@ -1,23 +1,27 @@
|
||||
pub mod automorphism;
|
||||
pub mod ciphertext;
|
||||
pub mod decryption;
|
||||
pub mod encryption;
|
||||
pub mod external_product;
|
||||
pub mod keyswitch;
|
||||
pub mod ops;
|
||||
pub mod packing;
|
||||
pub mod plaintext;
|
||||
pub mod public_key;
|
||||
pub mod secret;
|
||||
pub mod trace;
|
||||
mod automorphism;
|
||||
mod decryption;
|
||||
mod encryption;
|
||||
mod external_product;
|
||||
mod keyswitch;
|
||||
mod layout;
|
||||
mod noise;
|
||||
mod ops;
|
||||
mod packing;
|
||||
mod plaintext;
|
||||
mod public_key;
|
||||
mod secret;
|
||||
mod trace;
|
||||
|
||||
pub use ciphertext::GLWECiphertext;
|
||||
pub(crate) use ciphertext::{GLWECiphertextToMut, GLWECiphertextToRef};
|
||||
pub use decryption::*;
|
||||
pub use encryption::*;
|
||||
pub use external_product::*;
|
||||
pub use keyswitch::*;
|
||||
pub use layout::*;
|
||||
pub use ops::GLWEOps;
|
||||
pub use packing::GLWEPacker;
|
||||
pub use plaintext::GLWEPlaintext;
|
||||
pub use public_key::GLWEPublicKey;
|
||||
pub use secret::GLWESecret;
|
||||
pub use packing::*;
|
||||
pub use plaintext::*;
|
||||
pub use public_key::*;
|
||||
pub use secret::*;
|
||||
|
||||
#[cfg(test)]
|
||||
mod test_fft64;
|
||||
|
||||
38
core/src/glwe/noise.rs
Normal file
38
core/src/glwe/noise.rs
Normal file
@@ -0,0 +1,38 @@
|
||||
use backend::hal::{
|
||||
api::{ScratchOwnedAlloc, ScratchOwnedBorrow, VecZnxAlloc, VecZnxNormalizeInplace, VecZnxStd, VecZnxSubABInplace},
|
||||
layouts::{Backend, DataRef, Module, ScratchOwned},
|
||||
oep::{ScratchOwnedAllocImpl, ScratchOwnedBorrowImpl, TakeVecZnxBigImpl, TakeVecZnxDftImpl},
|
||||
};
|
||||
|
||||
use crate::{GLWECiphertext, GLWEDecryptFamily, GLWEPlaintext, GLWESecretExec, Infos};
|
||||
|
||||
impl<D: DataRef> GLWECiphertext<D> {
|
||||
pub fn assert_noise<B: Backend, DataSk, DataPt>(
|
||||
&self,
|
||||
module: &Module<B>,
|
||||
sk_exec: &GLWESecretExec<DataSk, B>,
|
||||
pt_want: &GLWEPlaintext<DataPt>,
|
||||
max_noise: f64,
|
||||
) where
|
||||
DataSk: DataRef,
|
||||
DataPt: DataRef,
|
||||
Module<B>: GLWEDecryptFamily<B> + VecZnxSubABInplace + VecZnxNormalizeInplace<B> + VecZnxStd + VecZnxAlloc,
|
||||
B: TakeVecZnxDftImpl<B> + TakeVecZnxBigImpl<B> + ScratchOwnedAllocImpl<B> + ScratchOwnedBorrowImpl<B>,
|
||||
{
|
||||
let mut pt_have: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(module, self.basek(), self.k());
|
||||
|
||||
let mut scratch: ScratchOwned<B> = ScratchOwned::alloc(GLWECiphertext::decrypt_scratch_space(
|
||||
module,
|
||||
self.basek(),
|
||||
self.k(),
|
||||
));
|
||||
|
||||
self.decrypt(module, &mut pt_have, &sk_exec, scratch.borrow());
|
||||
|
||||
module.vec_znx_sub_ab_inplace(&mut pt_have.data, 0, &pt_want.data, 0);
|
||||
module.vec_znx_normalize_inplace(self.basek(), &mut pt_have.data, 0, scratch.borrow());
|
||||
|
||||
let noise_have: f64 = module.vec_znx_std(self.basek(), &pt_have.data, 0).log2();
|
||||
assert!(noise_have <= max_noise, "{} {}", noise_have, max_noise);
|
||||
}
|
||||
}
|
||||
@@ -1,12 +1,20 @@
|
||||
use backend::{FFT64, Module, Scratch, VecZnx, VecZnxOps, ZnxZero};
|
||||
use backend::hal::{
|
||||
api::{
|
||||
VecZnxAdd, VecZnxAddInplace, VecZnxCopy, VecZnxMulXpMinusOne, VecZnxMulXpMinusOneInplace, VecZnxNegateInplace,
|
||||
VecZnxNormalize, VecZnxNormalizeInplace, VecZnxRotate, VecZnxRotateInplace, VecZnxRshInplace, VecZnxSub,
|
||||
VecZnxSubABInplace, VecZnxSubBAInplace, ZnxZero,
|
||||
},
|
||||
layouts::{Backend, Module, Scratch, VecZnx},
|
||||
};
|
||||
|
||||
use crate::{GLWECiphertext, GLWECiphertextToMut, GLWECiphertextToRef, Infos, SetMetaData};
|
||||
|
||||
pub trait GLWEOps: GLWECiphertextToMut + SetMetaData + Sized {
|
||||
fn add<A, B>(&mut self, module: &Module<FFT64>, a: &A, b: &B)
|
||||
fn add<A, B, BACKEND: Backend>(&mut self, module: &Module<BACKEND>, a: &A, b: &B)
|
||||
where
|
||||
A: GLWECiphertextToRef,
|
||||
B: GLWECiphertextToRef,
|
||||
Module<BACKEND>: VecZnxAdd + VecZnxCopy,
|
||||
{
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
@@ -50,9 +58,10 @@ pub trait GLWEOps: GLWECiphertextToMut + SetMetaData + Sized {
|
||||
self.set_k(set_k_binary(self, a, b));
|
||||
}
|
||||
|
||||
fn add_inplace<A>(&mut self, module: &Module<FFT64>, a: &A)
|
||||
fn add_inplace<A, BACKEND: Backend>(&mut self, module: &Module<BACKEND>, a: &A)
|
||||
where
|
||||
A: GLWECiphertextToRef + Infos,
|
||||
Module<BACKEND>: VecZnxAddInplace,
|
||||
{
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
@@ -72,10 +81,11 @@ pub trait GLWEOps: GLWECiphertextToMut + SetMetaData + Sized {
|
||||
self.set_k(set_k_unary(self, a))
|
||||
}
|
||||
|
||||
fn sub<A, B>(&mut self, module: &Module<FFT64>, a: &A, b: &B)
|
||||
fn sub<A, B, BACKEND: Backend>(&mut self, module: &Module<BACKEND>, a: &A, b: &B)
|
||||
where
|
||||
A: GLWECiphertextToRef,
|
||||
B: GLWECiphertextToRef,
|
||||
Module<BACKEND>: VecZnxSub + VecZnxCopy + VecZnxNegateInplace,
|
||||
{
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
@@ -120,9 +130,10 @@ pub trait GLWEOps: GLWECiphertextToMut + SetMetaData + Sized {
|
||||
self.set_k(set_k_binary(self, a, b));
|
||||
}
|
||||
|
||||
fn sub_inplace_ab<A>(&mut self, module: &Module<FFT64>, a: &A)
|
||||
fn sub_inplace_ab<A, BACKEND: Backend>(&mut self, module: &Module<BACKEND>, a: &A)
|
||||
where
|
||||
A: GLWECiphertextToRef + Infos,
|
||||
Module<BACKEND>: VecZnxSubABInplace,
|
||||
{
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
@@ -142,9 +153,10 @@ pub trait GLWEOps: GLWECiphertextToMut + SetMetaData + Sized {
|
||||
self.set_k(set_k_unary(self, a))
|
||||
}
|
||||
|
||||
fn sub_inplace_ba<A>(&mut self, module: &Module<FFT64>, a: &A)
|
||||
fn sub_inplace_ba<A, BACKEND: Backend>(&mut self, module: &Module<BACKEND>, a: &A)
|
||||
where
|
||||
A: GLWECiphertextToRef + Infos,
|
||||
Module<BACKEND>: VecZnxSubBAInplace,
|
||||
{
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
@@ -164,9 +176,10 @@ pub trait GLWEOps: GLWECiphertextToMut + SetMetaData + Sized {
|
||||
self.set_k(set_k_unary(self, a))
|
||||
}
|
||||
|
||||
fn rotate<A>(&mut self, module: &Module<FFT64>, k: i64, a: &A)
|
||||
fn rotate<A, B: Backend>(&mut self, module: &Module<B>, k: i64, a: &A)
|
||||
where
|
||||
A: GLWECiphertextToRef + Infos,
|
||||
Module<B>: VecZnxRotate,
|
||||
{
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
@@ -186,7 +199,10 @@ pub trait GLWEOps: GLWECiphertextToMut + SetMetaData + Sized {
|
||||
self.set_k(set_k_unary(self, a))
|
||||
}
|
||||
|
||||
fn rotate_inplace(&mut self, module: &Module<FFT64>, k: i64) {
|
||||
fn rotate_inplace<B: Backend>(&mut self, module: &Module<B>, k: i64)
|
||||
where
|
||||
Module<B>: VecZnxRotateInplace,
|
||||
{
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
assert_eq!(self.n(), module.n());
|
||||
@@ -199,9 +215,49 @@ pub trait GLWEOps: GLWECiphertextToMut + SetMetaData + Sized {
|
||||
});
|
||||
}
|
||||
|
||||
fn copy<A>(&mut self, module: &Module<FFT64>, a: &A)
|
||||
fn mul_xp_minus_one<A, B: Backend>(&mut self, module: &Module<B>, k: i64, a: &A)
|
||||
where
|
||||
A: GLWECiphertextToRef + Infos,
|
||||
Module<B>: VecZnxMulXpMinusOne,
|
||||
{
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
assert_eq!(a.n(), module.n());
|
||||
assert_eq!(self.n(), module.n());
|
||||
assert_eq!(self.rank(), a.rank())
|
||||
}
|
||||
|
||||
let self_mut: &mut GLWECiphertext<&mut [u8]> = &mut self.to_mut();
|
||||
let a_ref: &GLWECiphertext<&[u8]> = &a.to_ref();
|
||||
|
||||
(0..a.rank() + 1).for_each(|i| {
|
||||
module.vec_znx_mul_xp_minus_one(k, &mut self_mut.data, i, &a_ref.data, i);
|
||||
});
|
||||
|
||||
self.set_basek(a.basek());
|
||||
self.set_k(set_k_unary(self, a))
|
||||
}
|
||||
|
||||
fn mul_xp_minus_one_inplace<B: Backend>(&mut self, module: &Module<B>, k: i64)
|
||||
where
|
||||
Module<B>: VecZnxMulXpMinusOneInplace,
|
||||
{
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
assert_eq!(self.n(), module.n());
|
||||
}
|
||||
|
||||
let self_mut: &mut GLWECiphertext<&mut [u8]> = &mut self.to_mut();
|
||||
|
||||
(0..self_mut.rank() + 1).for_each(|i| {
|
||||
module.vec_znx_mul_xp_minus_one_inplace(k, &mut self_mut.data, i);
|
||||
});
|
||||
}
|
||||
|
||||
fn copy<A, B: Backend>(&mut self, module: &Module<B>, a: &A)
|
||||
where
|
||||
A: GLWECiphertextToRef + Infos,
|
||||
Module<B>: VecZnxCopy,
|
||||
{
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
@@ -221,15 +277,18 @@ pub trait GLWEOps: GLWECiphertextToMut + SetMetaData + Sized {
|
||||
self.set_basek(a.basek());
|
||||
}
|
||||
|
||||
fn rsh(&mut self, k: usize, scratch: &mut Scratch) {
|
||||
fn rsh<B: Backend>(&mut self, module: &Module<B>, k: usize)
|
||||
where
|
||||
Module<B>: VecZnxRshInplace,
|
||||
{
|
||||
let basek: usize = self.basek();
|
||||
let mut self_mut: GLWECiphertext<&mut [u8]> = self.to_mut();
|
||||
self_mut.data.rsh(basek, k, scratch);
|
||||
module.vec_znx_rsh_inplace(basek, k, &mut self.to_mut().data);
|
||||
}
|
||||
|
||||
fn normalize<A>(&mut self, module: &Module<FFT64>, a: &A, scratch: &mut Scratch)
|
||||
fn normalize<A, B: Backend>(&mut self, module: &Module<B>, a: &A, scratch: &mut Scratch<B>)
|
||||
where
|
||||
A: GLWECiphertextToRef,
|
||||
Module<B>: VecZnxNormalize<B>,
|
||||
{
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
@@ -248,7 +307,10 @@ pub trait GLWEOps: GLWECiphertextToMut + SetMetaData + Sized {
|
||||
self.set_k(a.k().min(self.k()));
|
||||
}
|
||||
|
||||
fn normalize_inplace(&mut self, module: &Module<FFT64>, scratch: &mut Scratch) {
|
||||
fn normalize_inplace<B: Backend>(&mut self, module: &Module<B>, scratch: &mut Scratch<B>)
|
||||
where
|
||||
Module<B>: VecZnxNormalizeInplace<B>,
|
||||
{
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
assert_eq!(self.n(), module.n());
|
||||
@@ -261,7 +323,7 @@ pub trait GLWEOps: GLWECiphertextToMut + SetMetaData + Sized {
|
||||
}
|
||||
|
||||
impl GLWECiphertext<Vec<u8>> {
|
||||
pub fn rsh_scratch_space(module: &Module<FFT64>) -> usize {
|
||||
pub fn rsh_scratch_space<BACKEND: Backend>(module: &Module<BACKEND>) -> usize {
|
||||
VecZnx::rsh_scratch_space(module.n())
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,9 +1,31 @@
|
||||
use crate::{GLWEAutomorphismKey, GLWECiphertext, GLWEOps, Infos, ScratchCore};
|
||||
use std::collections::HashMap;
|
||||
|
||||
use backend::{FFT64, Module, Scratch};
|
||||
use backend::hal::{
|
||||
api::{
|
||||
ScratchAvailable, TakeVecZnx, TakeVecZnxDft, VecZnxAddInplace, VecZnxAlloc, VecZnxAllocBytes, VecZnxAutomorphismInplace,
|
||||
VecZnxBigAutomorphismInplace, VecZnxBigSubSmallBInplace, VecZnxCopy, VecZnxNegateInplace, VecZnxNormalizeInplace,
|
||||
VecZnxRotate, VecZnxRotateInplace, VecZnxRshInplace, VecZnxSub, VecZnxSubABInplace,
|
||||
},
|
||||
layouts::{Backend, DataMut, DataRef, Module, Scratch},
|
||||
};
|
||||
|
||||
/// [StreamPacker] enables only the fly GLWE packing
|
||||
use crate::{AutomorphismKeyExec, GLWECiphertext, GLWEKeyswitchFamily, GLWEOps, Infos, TakeGLWECt};
|
||||
|
||||
pub trait GLWEPackingFamily<B: Backend> = GLWEKeyswitchFamily<B>
|
||||
+ VecZnxCopy
|
||||
+ VecZnxRotateInplace
|
||||
+ VecZnxSub
|
||||
+ VecZnxNegateInplace
|
||||
+ VecZnxRshInplace
|
||||
+ VecZnxAddInplace
|
||||
+ VecZnxNormalizeInplace<B>
|
||||
+ VecZnxSubABInplace
|
||||
+ VecZnxRotate
|
||||
+ VecZnxAutomorphismInplace
|
||||
+ VecZnxBigSubSmallBInplace<B>
|
||||
+ VecZnxBigAutomorphismInplace<B>;
|
||||
|
||||
/// [GLWEPacker] enables only the fly GLWE packing
|
||||
/// with constant memory of Log(N) ciphertexts.
|
||||
/// Main difference with usual GLWE packing is that
|
||||
/// the output is bit-reversed.
|
||||
@@ -14,7 +36,7 @@ pub struct GLWEPacker {
|
||||
}
|
||||
|
||||
/// [Accumulator] stores intermediate packing result.
|
||||
/// There are Log(N) such accumulators in a [StreamPacker].
|
||||
/// There are Log(N) such accumulators in a [GLWEPacker].
|
||||
struct Accumulator {
|
||||
data: GLWECiphertext<Vec<u8>>,
|
||||
value: bool, // Implicit flag for zero ciphertext
|
||||
@@ -30,7 +52,10 @@ impl Accumulator {
|
||||
/// * `basek`: base 2 logarithm of the GLWE ciphertext in memory digit representation.
|
||||
/// * `k`: base 2 precision of the GLWE ciphertext precision over the Torus.
|
||||
/// * `rank`: rank of the GLWE ciphertext.
|
||||
pub fn alloc(module: &Module<FFT64>, basek: usize, k: usize, rank: usize) -> Self {
|
||||
pub fn alloc<B: Backend>(module: &Module<B>, basek: usize, k: usize, rank: usize) -> Self
|
||||
where
|
||||
Module<B>: VecZnxAlloc,
|
||||
{
|
||||
Self {
|
||||
data: GLWECiphertext::alloc(module, basek, k, rank),
|
||||
value: false,
|
||||
@@ -40,7 +65,7 @@ impl Accumulator {
|
||||
}
|
||||
|
||||
impl GLWEPacker {
|
||||
/// Instantiates a new [StreamPacker].
|
||||
/// Instantiates a new [GLWEPacker].
|
||||
///
|
||||
/// #Arguments
|
||||
///
|
||||
@@ -53,7 +78,10 @@ impl GLWEPacker {
|
||||
/// * `basek`: base 2 logarithm of the GLWE ciphertext in memory digit representation.
|
||||
/// * `k`: base 2 precision of the GLWE ciphertext precision over the Torus.
|
||||
/// * `rank`: rank of the GLWE ciphertext.
|
||||
pub fn new(module: &Module<FFT64>, log_batch: usize, basek: usize, k: usize, rank: usize) -> Self {
|
||||
pub fn new<B: Backend>(module: &Module<B>, log_batch: usize, basek: usize, k: usize, rank: usize) -> Self
|
||||
where
|
||||
Module<B>: VecZnxAlloc,
|
||||
{
|
||||
let mut accumulators: Vec<Accumulator> = Vec::<Accumulator>::new();
|
||||
let log_n: usize = module.log_n();
|
||||
(0..log_n - log_batch).for_each(|_| accumulators.push(Accumulator::alloc(module, basek, k, rank)));
|
||||
@@ -74,30 +102,43 @@ impl GLWEPacker {
|
||||
}
|
||||
|
||||
/// Number of scratch space bytes required to call [Self::add].
|
||||
pub fn scratch_space(module: &Module<FFT64>, basek: usize, ct_k: usize, k_ksk: usize, digits: usize, rank: usize) -> usize {
|
||||
pub fn scratch_space<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
ct_k: usize,
|
||||
k_ksk: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> usize
|
||||
where
|
||||
Module<B>: GLWEKeyswitchFamily<B> + VecZnxAllocBytes,
|
||||
{
|
||||
pack_core_scratch_space(module, basek, ct_k, k_ksk, digits, rank)
|
||||
}
|
||||
|
||||
pub fn galois_elements(module: &Module<FFT64>) -> Vec<i64> {
|
||||
pub fn galois_elements<B: Backend>(module: &Module<B>) -> Vec<i64> {
|
||||
GLWECiphertext::trace_galois_elements(module)
|
||||
}
|
||||
|
||||
/// Adds a GLWE ciphertext to the [StreamPacker].
|
||||
/// Adds a GLWE ciphertext to the [GLWEPacker].
|
||||
/// #Arguments
|
||||
///
|
||||
/// * `module`: static backend FFT tables.
|
||||
/// * `res`: space to append fully packed ciphertext. Only when the number
|
||||
/// of packed ciphertexts reaches N/2^log_batch is a result written.
|
||||
/// * `a`: ciphertext to pack. Can optionally give None to pack a 0 ciphertext.
|
||||
/// * `auto_keys`: a [HashMap] containing the [AutomorphismKey]s.
|
||||
/// * `scratch`: scratch space of size at least [Self::add_scratch_space].
|
||||
pub fn add<DataA: AsRef<[u8]>, DataAK: AsRef<[u8]>>(
|
||||
/// * `auto_keys`: a [HashMap] containing the [AutomorphismKeyExec]s.
|
||||
/// * `scratch`: scratch space of size at least [Self::scratch_space].
|
||||
pub fn add<DataA: DataRef, DataAK: DataRef, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
module: &Module<B>,
|
||||
a: Option<&GLWECiphertext<DataA>>,
|
||||
auto_keys: &HashMap<i64, GLWEAutomorphismKey<DataAK, FFT64>>,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
auto_keys: &HashMap<i64, AutomorphismKeyExec<DataAK, B>>,
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
Module<B>: GLWEPackingFamily<B>,
|
||||
Scratch<B>: TakeVecZnxDft<B> + ScratchAvailable + TakeVecZnx<B>,
|
||||
{
|
||||
assert!(
|
||||
self.counter < module.n(),
|
||||
"Packing limit of {} reached",
|
||||
@@ -116,7 +157,10 @@ impl GLWEPacker {
|
||||
}
|
||||
|
||||
/// Flush result to`res`.
|
||||
pub fn flush<Data: AsMut<[u8]> + AsRef<[u8]>>(&mut self, module: &Module<FFT64>, res: &mut GLWECiphertext<Data>) {
|
||||
pub fn flush<Data: DataMut, B: Backend>(&mut self, module: &Module<B>, res: &mut GLWECiphertext<Data>)
|
||||
where
|
||||
Module<B>: VecZnxCopy,
|
||||
{
|
||||
assert!(self.counter == module.n());
|
||||
// Copy result GLWE into res GLWE
|
||||
res.copy(
|
||||
@@ -128,18 +172,31 @@ impl GLWEPacker {
|
||||
}
|
||||
}
|
||||
|
||||
fn pack_core_scratch_space(module: &Module<FFT64>, basek: usize, ct_k: usize, k_ksk: usize, digits: usize, rank: usize) -> usize {
|
||||
fn pack_core_scratch_space<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
ct_k: usize,
|
||||
k_ksk: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> usize
|
||||
where
|
||||
Module<B>: GLWEKeyswitchFamily<B> + VecZnxAllocBytes,
|
||||
{
|
||||
combine_scratch_space(module, basek, ct_k, k_ksk, digits, rank)
|
||||
}
|
||||
|
||||
fn pack_core<D: AsRef<[u8]>, DataAK: AsRef<[u8]>>(
|
||||
module: &Module<FFT64>,
|
||||
fn pack_core<D: DataRef, DataAK: DataRef, B: Backend>(
|
||||
module: &Module<B>,
|
||||
a: Option<&GLWECiphertext<D>>,
|
||||
accumulators: &mut [Accumulator],
|
||||
i: usize,
|
||||
auto_keys: &HashMap<i64, GLWEAutomorphismKey<DataAK, FFT64>>,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
auto_keys: &HashMap<i64, AutomorphismKeyExec<DataAK, B>>,
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
Module<B>: GLWEPackingFamily<B>,
|
||||
Scratch<B>: TakeVecZnxDft<B> + ScratchAvailable + TakeVecZnx<B>,
|
||||
{
|
||||
let log_n: usize = module.log_n();
|
||||
|
||||
if i == log_n {
|
||||
@@ -189,21 +246,34 @@ fn pack_core<D: AsRef<[u8]>, DataAK: AsRef<[u8]>>(
|
||||
}
|
||||
}
|
||||
|
||||
fn combine_scratch_space(module: &Module<FFT64>, basek: usize, ct_k: usize, k_ksk: usize, digits: usize, rank: usize) -> usize {
|
||||
fn combine_scratch_space<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
ct_k: usize,
|
||||
k_ksk: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> usize
|
||||
where
|
||||
Module<B>: GLWEKeyswitchFamily<B> + VecZnxAllocBytes,
|
||||
{
|
||||
GLWECiphertext::bytes_of(module, basek, ct_k, rank)
|
||||
+ (GLWECiphertext::rsh_scratch_space(module)
|
||||
| GLWECiphertext::automorphism_scratch_space(module, basek, ct_k, ct_k, k_ksk, digits, rank))
|
||||
}
|
||||
|
||||
/// [combine] merges two ciphertexts together.
|
||||
fn combine<D: AsRef<[u8]>, DataAK: AsRef<[u8]>>(
|
||||
module: &Module<FFT64>,
|
||||
fn combine<D: DataRef, DataAK: DataRef, B: Backend>(
|
||||
module: &Module<B>,
|
||||
acc: &mut Accumulator,
|
||||
b: Option<&GLWECiphertext<D>>,
|
||||
i: usize,
|
||||
auto_keys: &HashMap<i64, GLWEAutomorphismKey<DataAK, FFT64>>,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
auto_keys: &HashMap<i64, AutomorphismKeyExec<DataAK, B>>,
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
Module<B>: GLWEPackingFamily<B>,
|
||||
Scratch<B>: TakeVecZnxDft<B> + ScratchAvailable + TakeVecZnx<B>,
|
||||
{
|
||||
let log_n: usize = module.log_n();
|
||||
let a: &mut GLWECiphertext<Vec<u8>> = &mut acc.data;
|
||||
let basek: usize = a.basek();
|
||||
@@ -232,18 +302,18 @@ fn combine<D: AsRef<[u8]>, DataAK: AsRef<[u8]>>(
|
||||
// since 2*(I(X) * Q/2) = I(X) * Q = 0 mod Q.
|
||||
if acc.value {
|
||||
if let Some(b) = b {
|
||||
let (mut tmp_b, scratch_1) = scratch.tmp_glwe_ct(module, basek, k, rank);
|
||||
let (mut tmp_b, scratch_1) = scratch.take_glwe_ct(module, basek, k, rank);
|
||||
|
||||
// a = a * X^-t
|
||||
a.rotate_inplace(module, -t);
|
||||
|
||||
// tmp_b = a * X^-t - b
|
||||
tmp_b.sub(module, a, b);
|
||||
tmp_b.rsh(1, scratch_1);
|
||||
tmp_b.rsh(module, 1);
|
||||
|
||||
// a = a * X^-t + b
|
||||
a.add_inplace(module, b);
|
||||
a.rsh(1, scratch_1);
|
||||
a.rsh(module, 1);
|
||||
|
||||
tmp_b.normalize_inplace(module, scratch_1);
|
||||
|
||||
@@ -263,7 +333,7 @@ fn combine<D: AsRef<[u8]>, DataAK: AsRef<[u8]>>(
|
||||
// = a + b * X^t + phi(a - b * X^t)
|
||||
a.rotate_inplace(module, t);
|
||||
} else {
|
||||
a.rsh(1, scratch);
|
||||
a.rsh(module, 1);
|
||||
// a = a + phi(a)
|
||||
if let Some(key) = auto_keys.get(&gal_el) {
|
||||
a.automorphism_add_inplace(module, key, scratch);
|
||||
@@ -273,13 +343,13 @@ fn combine<D: AsRef<[u8]>, DataAK: AsRef<[u8]>>(
|
||||
}
|
||||
} else {
|
||||
if let Some(b) = b {
|
||||
let (mut tmp_b, scratch_1) = scratch.tmp_glwe_ct(module, basek, k, rank);
|
||||
let (mut tmp_b, scratch_1) = scratch.take_glwe_ct(module, basek, k, rank);
|
||||
tmp_b.rotate(module, 1 << (log_n - i - 1), b);
|
||||
tmp_b.rsh(1, scratch_1);
|
||||
tmp_b.rsh(module, 1);
|
||||
|
||||
// a = (b* X^t - phi(b* X^t))
|
||||
if let Some(key) = auto_keys.get(&gal_el) {
|
||||
a.automorphism_sub_ba::<&mut [u8], _>(module, &tmp_b, key, scratch_1);
|
||||
a.automorphism_sub_ba(module, &tmp_b, key, scratch_1);
|
||||
} else {
|
||||
panic!("auto_key[{}] not found", gal_el);
|
||||
}
|
||||
|
||||
@@ -1,15 +1,18 @@
|
||||
use backend::{Backend, FFT64, Module, VecZnx, VecZnxAlloc, VecZnxToMut, VecZnxToRef};
|
||||
use backend::hal::{
|
||||
api::{VecZnxAlloc, VecZnxAllocBytes},
|
||||
layouts::{Backend, Data, DataMut, DataRef, Module, VecZnx, VecZnxToMut, VecZnxToRef},
|
||||
};
|
||||
|
||||
use crate::{GLWECiphertext, GLWECiphertextToMut, GLWECiphertextToRef, GLWEOps, Infos, SetMetaData};
|
||||
|
||||
pub struct GLWEPlaintext<C> {
|
||||
pub data: VecZnx<C>,
|
||||
pub struct GLWEPlaintext<D: Data> {
|
||||
pub data: VecZnx<D>,
|
||||
pub basek: usize,
|
||||
pub k: usize,
|
||||
}
|
||||
|
||||
impl<T> Infos for GLWEPlaintext<T> {
|
||||
type Inner = VecZnx<T>;
|
||||
impl<D: Data> Infos for GLWEPlaintext<D> {
|
||||
type Inner = VecZnx<D>;
|
||||
|
||||
fn inner(&self) -> &Self::Inner {
|
||||
&self.data
|
||||
@@ -24,7 +27,7 @@ impl<T> Infos for GLWEPlaintext<T> {
|
||||
}
|
||||
}
|
||||
|
||||
impl<DataSelf: AsMut<[u8]> + AsRef<[u8]>> SetMetaData for GLWEPlaintext<DataSelf> {
|
||||
impl<D: DataMut> SetMetaData for GLWEPlaintext<D> {
|
||||
fn set_k(&mut self, k: usize) {
|
||||
self.k = k
|
||||
}
|
||||
@@ -35,20 +38,26 @@ impl<DataSelf: AsMut<[u8]> + AsRef<[u8]>> SetMetaData for GLWEPlaintext<DataSelf
|
||||
}
|
||||
|
||||
impl GLWEPlaintext<Vec<u8>> {
|
||||
pub fn alloc<B: Backend>(module: &Module<B>, basek: usize, k: usize) -> Self {
|
||||
pub fn alloc<B: Backend>(module: &Module<B>, basek: usize, k: usize) -> Self
|
||||
where
|
||||
Module<B>: VecZnxAlloc,
|
||||
{
|
||||
Self {
|
||||
data: module.new_vec_znx(1, k.div_ceil(basek)),
|
||||
data: module.vec_znx_alloc(1, k.div_ceil(basek)),
|
||||
basek: basek,
|
||||
k,
|
||||
}
|
||||
}
|
||||
|
||||
pub fn byte_of(module: &Module<FFT64>, basek: usize, k: usize) -> usize {
|
||||
module.bytes_of_vec_znx(1, k.div_ceil(basek))
|
||||
pub fn byte_of<B: Backend>(module: &Module<B>, basek: usize, k: usize) -> usize
|
||||
where
|
||||
Module<B>: VecZnxAllocBytes,
|
||||
{
|
||||
module.vec_znx_alloc_bytes(1, k.div_ceil(basek))
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: AsRef<[u8]>> GLWECiphertextToRef for GLWEPlaintext<D> {
|
||||
impl<D: DataRef> GLWECiphertextToRef for GLWEPlaintext<D> {
|
||||
fn to_ref(&self) -> GLWECiphertext<&[u8]> {
|
||||
GLWECiphertext {
|
||||
data: self.data.to_ref(),
|
||||
@@ -58,7 +67,7 @@ impl<D: AsRef<[u8]>> GLWECiphertextToRef for GLWEPlaintext<D> {
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: AsMut<[u8]> + AsRef<[u8]>> GLWECiphertextToMut for GLWEPlaintext<D> {
|
||||
impl<D: DataMut> GLWECiphertextToMut for GLWEPlaintext<D> {
|
||||
fn to_mut(&mut self) -> GLWECiphertext<&mut [u8]> {
|
||||
GLWECiphertext {
|
||||
data: self.data.to_mut(),
|
||||
@@ -70,7 +79,7 @@ impl<D: AsMut<[u8]> + AsRef<[u8]>> GLWECiphertextToMut for GLWEPlaintext<D> {
|
||||
|
||||
impl<D> GLWEOps for GLWEPlaintext<D>
|
||||
where
|
||||
D: AsRef<[u8]> + AsMut<[u8]>,
|
||||
D: DataMut,
|
||||
GLWEPlaintext<D>: GLWECiphertextToMut + Infos + SetMetaData,
|
||||
{
|
||||
}
|
||||
|
||||
@@ -1,57 +1,84 @@
|
||||
use backend::{Backend, FFT64, Module, ScratchOwned, VecZnxDft};
|
||||
use backend::hal::{
|
||||
api::{
|
||||
ScratchOwnedAlloc, ScratchOwnedBorrow, VecZnxAlloc, VecZnxAllocBytes, VecZnxDftAlloc, VecZnxDftAllocBytes,
|
||||
VecZnxDftFromVecZnx,
|
||||
},
|
||||
layouts::{Backend, Data, DataMut, DataRef, Module, ReaderFrom, Scratch, ScratchOwned, VecZnx, VecZnxDft, WriterTo},
|
||||
oep::{ScratchAvailableImpl, ScratchOwnedAllocImpl, ScratchOwnedBorrowImpl, TakeVecZnxDftImpl, TakeVecZnxImpl},
|
||||
};
|
||||
use sampling::source::Source;
|
||||
|
||||
use crate::{FourierGLWECiphertext, FourierGLWESecret, Infos, dist::Distribution};
|
||||
use crate::{GLWECiphertext, GLWEEncryptSkFamily, GLWESecretExec, Infos, dist::Distribution};
|
||||
|
||||
pub struct GLWEPublicKey<D, B: Backend> {
|
||||
pub(crate) data: FourierGLWECiphertext<D, B>,
|
||||
pub trait GLWEPublicKeyFamily<B: Backend> = GLWEEncryptSkFamily<B>;
|
||||
|
||||
#[derive(PartialEq, Eq)]
|
||||
pub struct GLWEPublicKey<D: Data> {
|
||||
pub(crate) data: VecZnx<D>,
|
||||
pub(crate) basek: usize,
|
||||
pub(crate) k: usize,
|
||||
pub(crate) dist: Distribution,
|
||||
}
|
||||
|
||||
impl<B: Backend> GLWEPublicKey<Vec<u8>, B> {
|
||||
pub fn alloc(module: &Module<B>, basek: usize, k: usize, rank: usize) -> Self {
|
||||
impl GLWEPublicKey<Vec<u8>> {
|
||||
pub fn alloc<B: Backend>(module: &Module<B>, basek: usize, k: usize, rank: usize) -> Self
|
||||
where
|
||||
Module<B>: VecZnxAlloc,
|
||||
{
|
||||
Self {
|
||||
data: FourierGLWECiphertext::alloc(module, basek, k, rank),
|
||||
data: module.vec_znx_alloc(rank + 1, k.div_ceil(basek)),
|
||||
basek: basek,
|
||||
k: k,
|
||||
dist: Distribution::NONE,
|
||||
}
|
||||
}
|
||||
|
||||
pub fn bytes_of(module: &Module<B>, basek: usize, k: usize, rank: usize) -> usize {
|
||||
FourierGLWECiphertext::<Vec<u8>, B>::bytes_of(module, basek, k, rank)
|
||||
pub fn bytes_of<B: Backend>(module: &Module<B>, basek: usize, k: usize, rank: usize) -> usize
|
||||
where
|
||||
Module<B>: VecZnxAllocBytes,
|
||||
{
|
||||
module.vec_znx_alloc_bytes(rank + 1, k.div_ceil(basek))
|
||||
}
|
||||
}
|
||||
|
||||
impl<T, B: Backend> Infos for GLWEPublicKey<T, B> {
|
||||
type Inner = VecZnxDft<T, B>;
|
||||
impl<D: Data> Infos for GLWEPublicKey<D> {
|
||||
type Inner = VecZnx<D>;
|
||||
|
||||
fn inner(&self) -> &Self::Inner {
|
||||
&self.data.data
|
||||
&self.data
|
||||
}
|
||||
|
||||
fn basek(&self) -> usize {
|
||||
self.data.basek
|
||||
self.basek
|
||||
}
|
||||
|
||||
fn k(&self) -> usize {
|
||||
self.data.k
|
||||
self.k
|
||||
}
|
||||
}
|
||||
|
||||
impl<T, B: Backend> GLWEPublicKey<T, B> {
|
||||
impl<D: Data> GLWEPublicKey<D> {
|
||||
pub fn rank(&self) -> usize {
|
||||
self.cols() - 1
|
||||
}
|
||||
}
|
||||
|
||||
impl<C: AsRef<[u8]> + AsMut<[u8]>> GLWEPublicKey<C, FFT64> {
|
||||
pub fn generate_from_sk<S: AsRef<[u8]>>(
|
||||
impl<D: DataMut> GLWEPublicKey<D> {
|
||||
pub fn generate_from_sk<S: DataRef, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
sk: &FourierGLWESecret<S, FFT64>,
|
||||
module: &Module<B>,
|
||||
sk: &GLWESecretExec<S, B>,
|
||||
source_xa: &mut Source,
|
||||
source_xe: &mut Source,
|
||||
sigma: f64,
|
||||
) {
|
||||
) where
|
||||
Module<B>: GLWEPublicKeyFamily<B> + VecZnxAlloc,
|
||||
B: ScratchOwnedAllocImpl<B>
|
||||
+ ScratchOwnedBorrowImpl<B>
|
||||
+ TakeVecZnxDftImpl<B>
|
||||
+ ScratchAvailableImpl<B>
|
||||
+ TakeVecZnxImpl<B>,
|
||||
{
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
match sk.dist {
|
||||
@@ -61,15 +88,123 @@ impl<C: AsRef<[u8]> + AsMut<[u8]>> GLWEPublicKey<C, FFT64> {
|
||||
}
|
||||
|
||||
// Its ok to allocate scratch space here since pk is usually generated only once.
|
||||
let mut scratch: ScratchOwned = ScratchOwned::new(FourierGLWECiphertext::encrypt_sk_scratch_space(
|
||||
let mut scratch: ScratchOwned<B> = ScratchOwned::alloc(GLWECiphertext::encrypt_sk_scratch_space(
|
||||
module,
|
||||
self.basek(),
|
||||
self.k(),
|
||||
self.rank(),
|
||||
));
|
||||
|
||||
self.data
|
||||
.encrypt_zero_sk(module, sk, source_xa, source_xe, sigma, scratch.borrow());
|
||||
let mut tmp: GLWECiphertext<Vec<u8>> = GLWECiphertext::alloc(module, self.basek(), self.k(), self.rank());
|
||||
tmp.encrypt_zero_sk(module, sk, source_xa, source_xe, sigma, scratch.borrow());
|
||||
self.dist = sk.dist;
|
||||
}
|
||||
}
|
||||
|
||||
use byteorder::{LittleEndian, ReadBytesExt, WriteBytesExt};
|
||||
|
||||
impl<D: DataMut> ReaderFrom for GLWEPublicKey<D> {
|
||||
fn read_from<R: std::io::Read>(&mut self, reader: &mut R) -> std::io::Result<()> {
|
||||
self.k = reader.read_u64::<LittleEndian>()? as usize;
|
||||
self.basek = reader.read_u64::<LittleEndian>()? as usize;
|
||||
match Distribution::read_from(reader) {
|
||||
Ok(dist) => self.dist = dist,
|
||||
Err(e) => return Err(e),
|
||||
}
|
||||
self.data.read_from(reader)
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: DataRef> WriterTo for GLWEPublicKey<D> {
|
||||
fn write_to<W: std::io::Write>(&self, writer: &mut W) -> std::io::Result<()> {
|
||||
writer.write_u64::<LittleEndian>(self.k as u64)?;
|
||||
writer.write_u64::<LittleEndian>(self.basek as u64)?;
|
||||
match self.dist.write_to(writer) {
|
||||
Ok(()) => {}
|
||||
Err(e) => return Err(e),
|
||||
}
|
||||
self.data.write_to(writer)
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(PartialEq, Eq)]
|
||||
pub struct GLWEPublicKeyExec<D: Data, B: Backend> {
|
||||
pub(crate) data: VecZnxDft<D, B>,
|
||||
pub(crate) basek: usize,
|
||||
pub(crate) k: usize,
|
||||
pub(crate) dist: Distribution,
|
||||
}
|
||||
|
||||
impl<D: Data, B: Backend> Infos for GLWEPublicKeyExec<D, B> {
|
||||
type Inner = VecZnxDft<D, B>;
|
||||
|
||||
fn inner(&self) -> &Self::Inner {
|
||||
&self.data
|
||||
}
|
||||
|
||||
fn basek(&self) -> usize {
|
||||
self.basek
|
||||
}
|
||||
|
||||
fn k(&self) -> usize {
|
||||
self.k
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: Data, B: Backend> GLWEPublicKeyExec<D, B> {
|
||||
pub fn rank(&self) -> usize {
|
||||
self.cols() - 1
|
||||
}
|
||||
}
|
||||
|
||||
impl<B: Backend> GLWEPublicKeyExec<Vec<u8>, B> {
|
||||
pub fn alloc(module: &Module<B>, basek: usize, k: usize, rank: usize) -> Self
|
||||
where
|
||||
Module<B>: VecZnxDftAlloc<B>,
|
||||
{
|
||||
Self {
|
||||
data: module.vec_znx_dft_alloc(rank + 1, k.div_ceil(basek)),
|
||||
basek: basek,
|
||||
k: k,
|
||||
dist: Distribution::NONE,
|
||||
}
|
||||
}
|
||||
|
||||
pub fn bytes_of(module: &Module<B>, basek: usize, k: usize, rank: usize) -> usize
|
||||
where
|
||||
Module<B>: VecZnxDftAllocBytes,
|
||||
{
|
||||
module.vec_znx_dft_alloc_bytes(rank + 1, k.div_ceil(basek))
|
||||
}
|
||||
|
||||
pub fn from<DataOther>(module: &Module<B>, other: &GLWEPublicKey<DataOther>, scratch: &mut Scratch<B>) -> Self
|
||||
where
|
||||
DataOther: DataRef,
|
||||
Module<B>: VecZnxDftAlloc<B> + VecZnxDftFromVecZnx<B>,
|
||||
{
|
||||
let mut pk_exec: GLWEPublicKeyExec<Vec<u8>, B> = GLWEPublicKeyExec::alloc(module, other.basek(), other.k(), other.rank());
|
||||
pk_exec.prepare(module, other, scratch);
|
||||
pk_exec
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: DataMut, B: Backend> GLWEPublicKeyExec<D, B> {
|
||||
pub fn prepare<DataOther>(&mut self, module: &Module<B>, other: &GLWEPublicKey<DataOther>, _scratch: &mut Scratch<B>)
|
||||
where
|
||||
DataOther: DataRef,
|
||||
Module<B>: VecZnxDftFromVecZnx<B>,
|
||||
{
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
assert_eq!(self.n(), module.n());
|
||||
assert_eq!(other.n(), module.n());
|
||||
assert_eq!(self.size(), other.size());
|
||||
}
|
||||
|
||||
(0..self.cols()).for_each(|i| {
|
||||
module.vec_znx_dft_from_vec_znx(1, 0, &mut self.data, i, &other.data, i);
|
||||
});
|
||||
self.k = other.k;
|
||||
self.basek = other.basek;
|
||||
self.dist = other.dist;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,27 +1,39 @@
|
||||
use backend::{Backend, Module, ScalarZnx, ScalarZnxAlloc, ZnxInfos, ZnxZero};
|
||||
use backend::hal::{
|
||||
api::{ScalarZnxAlloc, ScalarZnxAllocBytes, SvpPPolAlloc, SvpPPolAllocBytes, SvpPrepare, ZnxInfos, ZnxZero},
|
||||
layouts::{Backend, Data, DataMut, DataRef, Module, ReaderFrom, ScalarZnx, SvpPPol, WriterTo},
|
||||
};
|
||||
use sampling::source::Source;
|
||||
|
||||
use crate::dist::Distribution;
|
||||
|
||||
pub struct GLWESecret<T> {
|
||||
pub(crate) data: ScalarZnx<T>,
|
||||
pub trait GLWESecretFamily<B: Backend> = SvpPrepare<B> + SvpPPolAllocBytes + SvpPPolAlloc<B>;
|
||||
|
||||
#[derive(PartialEq, Eq)]
|
||||
pub struct GLWESecret<D: Data> {
|
||||
pub(crate) data: ScalarZnx<D>,
|
||||
pub(crate) dist: Distribution,
|
||||
}
|
||||
|
||||
impl GLWESecret<Vec<u8>> {
|
||||
pub fn alloc<B: Backend>(module: &Module<B>, rank: usize) -> Self {
|
||||
pub fn alloc<B: Backend>(module: &Module<B>, rank: usize) -> Self
|
||||
where
|
||||
Module<B>: ScalarZnxAlloc,
|
||||
{
|
||||
Self {
|
||||
data: module.new_scalar_znx(rank),
|
||||
data: module.scalar_znx_alloc(rank),
|
||||
dist: Distribution::NONE,
|
||||
}
|
||||
}
|
||||
|
||||
pub fn bytes_of<B: Backend>(module: &Module<B>, rank: usize) -> usize {
|
||||
module.bytes_of_scalar_znx(rank)
|
||||
pub fn bytes_of<B: Backend>(module: &Module<B>, rank: usize) -> usize
|
||||
where
|
||||
Module<B>: ScalarZnxAllocBytes,
|
||||
{
|
||||
module.scalar_znx_alloc_bytes(rank)
|
||||
}
|
||||
}
|
||||
|
||||
impl<DataSelf> GLWESecret<DataSelf> {
|
||||
impl<D: Data> GLWESecret<D> {
|
||||
pub fn n(&self) -> usize {
|
||||
self.data.n()
|
||||
}
|
||||
@@ -35,7 +47,7 @@ impl<DataSelf> GLWESecret<DataSelf> {
|
||||
}
|
||||
}
|
||||
|
||||
impl<S: AsMut<[u8]> + AsRef<[u8]>> GLWESecret<S> {
|
||||
impl<D: DataMut> GLWESecret<D> {
|
||||
pub fn fill_ternary_prob(&mut self, prob: f64, source: &mut Source) {
|
||||
(0..self.rank()).for_each(|i| {
|
||||
self.data.fill_ternary_prob(i, prob, source);
|
||||
@@ -75,10 +87,87 @@ impl<S: AsMut<[u8]> + AsRef<[u8]>> GLWESecret<S> {
|
||||
self.data.zero();
|
||||
self.dist = Distribution::ZERO;
|
||||
}
|
||||
|
||||
// pub(crate) fn prep_fourier(&mut self, module: &Module<FFT64>) {
|
||||
// (0..self.rank()).for_each(|i| {
|
||||
// module.svp_prepare(&mut self.data_fourier, i, &self.data, i);
|
||||
// });
|
||||
// }
|
||||
}
|
||||
|
||||
impl<D: DataMut> ReaderFrom for GLWESecret<D> {
|
||||
fn read_from<R: std::io::Read>(&mut self, reader: &mut R) -> std::io::Result<()> {
|
||||
match Distribution::read_from(reader) {
|
||||
Ok(dist) => self.dist = dist,
|
||||
Err(e) => return Err(e),
|
||||
}
|
||||
self.data.read_from(reader)
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: DataRef> WriterTo for GLWESecret<D> {
|
||||
fn write_to<W: std::io::Write>(&self, writer: &mut W) -> std::io::Result<()> {
|
||||
match self.dist.write_to(writer) {
|
||||
Ok(()) => {}
|
||||
Err(e) => return Err(e),
|
||||
}
|
||||
self.data.write_to(writer)
|
||||
}
|
||||
}
|
||||
|
||||
pub struct GLWESecretExec<D: Data, B: Backend> {
|
||||
pub(crate) data: SvpPPol<D, B>,
|
||||
pub(crate) dist: Distribution,
|
||||
}
|
||||
|
||||
impl<B: Backend> GLWESecretExec<Vec<u8>, B> {
|
||||
pub fn alloc(module: &Module<B>, rank: usize) -> Self
|
||||
where
|
||||
Module<B>: GLWESecretFamily<B>,
|
||||
{
|
||||
Self {
|
||||
data: module.svp_ppol_alloc(rank),
|
||||
dist: Distribution::NONE,
|
||||
}
|
||||
}
|
||||
|
||||
pub fn bytes_of(module: &Module<B>, rank: usize) -> usize
|
||||
where
|
||||
Module<B>: GLWESecretFamily<B>,
|
||||
{
|
||||
module.svp_ppol_alloc_bytes(rank)
|
||||
}
|
||||
}
|
||||
|
||||
impl<B: Backend> GLWESecretExec<Vec<u8>, B> {
|
||||
pub fn from<D>(module: &Module<B>, sk: &GLWESecret<D>) -> Self
|
||||
where
|
||||
D: DataRef,
|
||||
Module<B>: GLWESecretFamily<B>,
|
||||
{
|
||||
let mut sk_dft: GLWESecretExec<Vec<u8>, B> = Self::alloc(module, sk.rank());
|
||||
sk_dft.prepare(module, sk);
|
||||
sk_dft
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: Data, B: Backend> GLWESecretExec<D, B> {
|
||||
pub fn n(&self) -> usize {
|
||||
self.data.n()
|
||||
}
|
||||
|
||||
pub fn log_n(&self) -> usize {
|
||||
self.data.log_n()
|
||||
}
|
||||
|
||||
pub fn rank(&self) -> usize {
|
||||
self.data.cols()
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: DataMut, B: Backend> GLWESecretExec<D, B> {
|
||||
pub(crate) fn prepare<O>(&mut self, module: &Module<B>, sk: &GLWESecret<O>)
|
||||
where
|
||||
O: DataRef,
|
||||
Module<B>: GLWESecretFamily<B>,
|
||||
{
|
||||
(0..self.rank()).for_each(|i| {
|
||||
module.svp_prepare(&mut self.data, i, &sk.data, i);
|
||||
});
|
||||
self.dist = sk.dist
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,14 +1,30 @@
|
||||
use backend::{FFT64, FillUniform, Module, ScratchOwned, Stats, VecZnxOps};
|
||||
|
||||
use backend::{
|
||||
hal::{
|
||||
api::{
|
||||
MatZnxAlloc, ModuleNew, ScalarZnxAlloc, ScalarZnxAllocBytes, ScalarZnxAutomorphism, ScratchOwnedAlloc,
|
||||
ScratchOwnedBorrow, VecZnxAddScalarInplace, VecZnxAlloc, VecZnxAllocBytes, VecZnxAutomorphismInplace,
|
||||
VecZnxFillUniform, VecZnxStd, VecZnxSwithcDegree,
|
||||
},
|
||||
layouts::{Backend, Module, ScratchOwned},
|
||||
oep::{
|
||||
ScratchAvailableImpl, ScratchOwnedAllocImpl, ScratchOwnedBorrowImpl, TakeScalarZnxImpl, TakeSvpPPolImpl,
|
||||
TakeVecZnxBigImpl, TakeVecZnxDftImpl, TakeVecZnxImpl,
|
||||
},
|
||||
},
|
||||
implementation::cpu_spqlios::FFT64,
|
||||
};
|
||||
use sampling::source::Source;
|
||||
|
||||
use crate::{
|
||||
FourierGLWESecret, GLWEAutomorphismKey, GLWECiphertext, GLWEPlaintext, GLWESecret, Infos, noise::log2_std_noise_gglwe_product,
|
||||
AutomorphismKey, AutomorphismKeyEncryptSkFamily, AutomorphismKeyExec, GGLWEExecLayoutFamily, GLWECiphertext,
|
||||
GLWEDecryptFamily, GLWEKeyswitchFamily, GLWEPlaintext, GLWESecret, GLWESecretExec, Infos,
|
||||
noise::log2_std_noise_gglwe_product,
|
||||
};
|
||||
|
||||
#[test]
|
||||
fn apply_inplace() {
|
||||
let log_n: usize = 8;
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
let basek: usize = 12;
|
||||
let k_ct: usize = 60;
|
||||
let digits: usize = k_ct.div_ceil(basek);
|
||||
@@ -16,7 +32,7 @@ fn apply_inplace() {
|
||||
(1..digits + 1).for_each(|di| {
|
||||
let k_ksk: usize = k_ct + basek * di;
|
||||
println!("test automorphism_inplace digits: {} rank: {}", di, rank);
|
||||
test_automorphism_inplace(log_n, basek, -5, k_ct, k_ksk, di, rank, 3.2);
|
||||
test_automorphism_inplace(&module, basek, -5, k_ct, k_ksk, di, rank, 3.2);
|
||||
});
|
||||
});
|
||||
}
|
||||
@@ -24,6 +40,7 @@ fn apply_inplace() {
|
||||
#[test]
|
||||
fn apply() {
|
||||
let log_n: usize = 8;
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
let basek: usize = 12;
|
||||
let k_in: usize = 60;
|
||||
let digits: usize = k_in.div_ceil(basek);
|
||||
@@ -32,13 +49,36 @@ fn apply() {
|
||||
let k_ksk: usize = k_in + basek * di;
|
||||
let k_out: usize = k_ksk; // Better capture noise.
|
||||
println!("test automorphism digits: {} rank: {}", di, rank);
|
||||
test_automorphism(log_n, basek, -5, k_out, k_in, k_ksk, di, rank, 3.2);
|
||||
test_automorphism(&module, basek, -5, k_out, k_in, k_ksk, di, rank, 3.2);
|
||||
})
|
||||
});
|
||||
}
|
||||
|
||||
fn test_automorphism(
|
||||
log_n: usize,
|
||||
pub(crate) trait AutomorphismTestModuleFamily<B: Backend> = AutomorphismKeyEncryptSkFamily<B>
|
||||
+ GLWEDecryptFamily<B>
|
||||
+ GGLWEExecLayoutFamily<B>
|
||||
+ GLWEKeyswitchFamily<B>
|
||||
+ MatZnxAlloc
|
||||
+ VecZnxAlloc
|
||||
+ ScalarZnxAllocBytes
|
||||
+ VecZnxAllocBytes
|
||||
+ ScalarZnxAutomorphism
|
||||
+ VecZnxSwithcDegree
|
||||
+ ScalarZnxAlloc
|
||||
+ VecZnxAddScalarInplace
|
||||
+ VecZnxAutomorphismInplace
|
||||
+ VecZnxStd;
|
||||
pub(crate) trait AutomorphismTestScratchFamily<B: Backend> = TakeVecZnxDftImpl<B>
|
||||
+ TakeVecZnxBigImpl<B>
|
||||
+ TakeSvpPPolImpl<B>
|
||||
+ ScratchOwnedAllocImpl<B>
|
||||
+ ScratchOwnedBorrowImpl<B>
|
||||
+ ScratchAvailableImpl<B>
|
||||
+ TakeScalarZnxImpl<B>
|
||||
+ TakeVecZnxImpl<B>;
|
||||
|
||||
fn test_automorphism<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
p: i64,
|
||||
k_out: usize,
|
||||
@@ -47,31 +87,29 @@ fn test_automorphism(
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
sigma: f64,
|
||||
) {
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
|
||||
) where
|
||||
Module<B>: AutomorphismTestModuleFamily<B>,
|
||||
B: AutomorphismTestScratchFamily<B>,
|
||||
{
|
||||
let rows: usize = k_in.div_ceil(basek * digits);
|
||||
|
||||
let mut autokey: GLWEAutomorphismKey<Vec<u8>, FFT64> = GLWEAutomorphismKey::alloc(&module, basek, k_ksk, rows, digits, rank);
|
||||
let mut ct_in: GLWECiphertext<Vec<u8>> = GLWECiphertext::alloc(&module, basek, k_in, rank);
|
||||
let mut ct_out: GLWECiphertext<Vec<u8>> = GLWECiphertext::alloc(&module, basek, k_out, rank);
|
||||
let mut pt_want: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k_in);
|
||||
let mut pt_have: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k_out);
|
||||
let mut autokey: AutomorphismKey<Vec<u8>> = AutomorphismKey::alloc(module, basek, k_ksk, rows, digits, rank);
|
||||
let mut ct_in: GLWECiphertext<Vec<u8>> = GLWECiphertext::alloc(module, basek, k_in, rank);
|
||||
let mut ct_out: GLWECiphertext<Vec<u8>> = GLWECiphertext::alloc(module, basek, k_out, rank);
|
||||
let mut pt_want: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(module, basek, k_in);
|
||||
|
||||
let mut source_xs: Source = Source::new([0u8; 32]);
|
||||
let mut source_xe: Source = Source::new([0u8; 32]);
|
||||
let mut source_xa: Source = Source::new([0u8; 32]);
|
||||
|
||||
pt_want
|
||||
.data
|
||||
.fill_uniform(basek, 0, pt_want.size(), &mut source_xa);
|
||||
module.vec_znx_fill_uniform(basek, &mut pt_want.data, 0, k_in, &mut source_xa);
|
||||
|
||||
let mut scratch: ScratchOwned = ScratchOwned::new(
|
||||
GLWEAutomorphismKey::encrypt_sk_scratch_space(&module, basek, autokey.k(), rank)
|
||||
| GLWECiphertext::decrypt_scratch_space(&module, basek, ct_out.k())
|
||||
| GLWECiphertext::encrypt_sk_scratch_space(&module, basek, ct_in.k())
|
||||
let mut scratch: ScratchOwned<B> = ScratchOwned::alloc(
|
||||
AutomorphismKey::encrypt_sk_scratch_space(module, basek, autokey.k(), rank)
|
||||
| GLWECiphertext::decrypt_scratch_space(module, basek, ct_out.k())
|
||||
| GLWECiphertext::encrypt_sk_scratch_space(module, basek, ct_in.k())
|
||||
| GLWECiphertext::automorphism_scratch_space(
|
||||
&module,
|
||||
module,
|
||||
basek,
|
||||
ct_out.k(),
|
||||
ct_in.k(),
|
||||
@@ -81,12 +119,12 @@ fn test_automorphism(
|
||||
),
|
||||
);
|
||||
|
||||
let mut sk: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank);
|
||||
let mut sk: GLWESecret<Vec<u8>> = GLWESecret::alloc(module, rank);
|
||||
sk.fill_ternary_prob(0.5, &mut source_xs);
|
||||
let sk_dft: FourierGLWESecret<Vec<u8>, FFT64> = FourierGLWESecret::from(&module, &sk);
|
||||
let sk_exec: GLWESecretExec<Vec<u8>, B> = GLWESecretExec::from(module, &sk);
|
||||
|
||||
autokey.encrypt_sk(
|
||||
&module,
|
||||
module,
|
||||
p,
|
||||
&sk,
|
||||
&mut source_xa,
|
||||
@@ -96,26 +134,21 @@ fn test_automorphism(
|
||||
);
|
||||
|
||||
ct_in.encrypt_sk(
|
||||
&module,
|
||||
module,
|
||||
&pt_want,
|
||||
&sk_dft,
|
||||
&sk_exec,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
ct_out.automorphism(&module, &ct_in, &autokey, scratch.borrow());
|
||||
ct_out.decrypt(&module, &mut pt_have, &sk_dft, scratch.borrow());
|
||||
module.vec_znx_automorphism_inplace(p, &mut pt_want.data, 0);
|
||||
module.vec_znx_sub_ab_inplace(&mut pt_have.data, 0, &pt_want.data, 0);
|
||||
module.vec_znx_normalize_inplace(basek, &mut pt_have.data, 0, scratch.borrow());
|
||||
let mut autokey_exec: AutomorphismKeyExec<Vec<u8>, B> = AutomorphismKeyExec::alloc(module, basek, k_ksk, rows, digits, rank);
|
||||
autokey_exec.prepare(module, &autokey, scratch.borrow());
|
||||
|
||||
let noise_have: f64 = pt_have.data.std(0, basek).log2();
|
||||
ct_out.automorphism(module, &ct_in, &autokey_exec, scratch.borrow());
|
||||
|
||||
println!("{}", noise_have);
|
||||
|
||||
let noise_want: f64 = log2_std_noise_gglwe_product(
|
||||
let max_noise: f64 = log2_std_noise_gglwe_product(
|
||||
module.n() as f64,
|
||||
basek * digits,
|
||||
0.5,
|
||||
@@ -128,16 +161,13 @@ fn test_automorphism(
|
||||
k_ksk,
|
||||
);
|
||||
|
||||
assert!(
|
||||
noise_have <= noise_want + 1.0,
|
||||
"{} {}",
|
||||
noise_have,
|
||||
noise_want
|
||||
);
|
||||
module.vec_znx_automorphism_inplace(p, &mut pt_want.data, 0);
|
||||
|
||||
ct_out.assert_noise(module, &sk_exec, &pt_want, max_noise + 1.0);
|
||||
}
|
||||
|
||||
fn test_automorphism_inplace(
|
||||
log_n: usize,
|
||||
fn test_automorphism_inplace<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
p: i64,
|
||||
k_ct: usize,
|
||||
@@ -145,37 +175,35 @@ fn test_automorphism_inplace(
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
sigma: f64,
|
||||
) {
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
|
||||
) where
|
||||
Module<B>: AutomorphismTestModuleFamily<B>,
|
||||
B: AutomorphismTestScratchFamily<B>,
|
||||
{
|
||||
let rows: usize = k_ct.div_ceil(basek * digits);
|
||||
|
||||
let mut autokey: GLWEAutomorphismKey<Vec<u8>, FFT64> = GLWEAutomorphismKey::alloc(&module, basek, k_ksk, rows, digits, rank);
|
||||
let mut ct: GLWECiphertext<Vec<u8>> = GLWECiphertext::alloc(&module, basek, k_ct, rank);
|
||||
let mut pt_want: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k_ct);
|
||||
let mut pt_have: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k_ct);
|
||||
let mut autokey: AutomorphismKey<Vec<u8>> = AutomorphismKey::alloc(module, basek, k_ksk, rows, digits, rank);
|
||||
let mut ct: GLWECiphertext<Vec<u8>> = GLWECiphertext::alloc(module, basek, k_ct, rank);
|
||||
let mut pt_want: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(module, basek, k_ct);
|
||||
|
||||
let mut source_xs: Source = Source::new([0u8; 32]);
|
||||
let mut source_xe: Source = Source::new([0u8; 32]);
|
||||
let mut source_xa: Source = Source::new([0u8; 32]);
|
||||
|
||||
pt_want
|
||||
.data
|
||||
.fill_uniform(basek, 0, pt_want.size(), &mut source_xa);
|
||||
module.vec_znx_fill_uniform(basek, &mut pt_want.data, 0, k_ct, &mut source_xa);
|
||||
|
||||
let mut scratch: ScratchOwned = ScratchOwned::new(
|
||||
GLWEAutomorphismKey::encrypt_sk_scratch_space(&module, basek, autokey.k(), rank)
|
||||
| GLWECiphertext::decrypt_scratch_space(&module, basek, ct.k())
|
||||
| GLWECiphertext::encrypt_sk_scratch_space(&module, basek, ct.k())
|
||||
| GLWECiphertext::automorphism_inplace_scratch_space(&module, basek, ct.k(), autokey.k(), digits, rank),
|
||||
let mut scratch: ScratchOwned<B> = ScratchOwned::alloc(
|
||||
AutomorphismKey::encrypt_sk_scratch_space(module, basek, autokey.k(), rank)
|
||||
| GLWECiphertext::decrypt_scratch_space(module, basek, ct.k())
|
||||
| GLWECiphertext::encrypt_sk_scratch_space(module, basek, ct.k())
|
||||
| GLWECiphertext::automorphism_inplace_scratch_space(module, basek, ct.k(), autokey.k(), digits, rank),
|
||||
);
|
||||
|
||||
let mut sk: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank);
|
||||
let mut sk: GLWESecret<Vec<u8>> = GLWESecret::alloc(module, rank);
|
||||
sk.fill_ternary_prob(0.5, &mut source_xs);
|
||||
let sk_dft: FourierGLWESecret<Vec<u8>, FFT64> = FourierGLWESecret::from(&module, &sk);
|
||||
let sk_exec: GLWESecretExec<Vec<u8>, B> = GLWESecretExec::from(module, &sk);
|
||||
|
||||
autokey.encrypt_sk(
|
||||
&module,
|
||||
module,
|
||||
p,
|
||||
&sk,
|
||||
&mut source_xa,
|
||||
@@ -185,23 +213,21 @@ fn test_automorphism_inplace(
|
||||
);
|
||||
|
||||
ct.encrypt_sk(
|
||||
&module,
|
||||
module,
|
||||
&pt_want,
|
||||
&sk_dft,
|
||||
&sk_exec,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
ct.automorphism_inplace(&module, &autokey, scratch.borrow());
|
||||
ct.decrypt(&module, &mut pt_have, &sk_dft, scratch.borrow());
|
||||
module.vec_znx_automorphism_inplace(p, &mut pt_want.data, 0);
|
||||
module.vec_znx_sub_ab_inplace(&mut pt_have.data, 0, &pt_want.data, 0);
|
||||
module.vec_znx_normalize_inplace(basek, &mut pt_have.data, 0, scratch.borrow());
|
||||
let mut autokey_exec: AutomorphismKeyExec<Vec<u8>, B> = AutomorphismKeyExec::alloc(module, basek, k_ksk, rows, digits, rank);
|
||||
autokey_exec.prepare(module, &autokey, scratch.borrow());
|
||||
|
||||
let noise_have: f64 = pt_have.data.std(0, basek).log2();
|
||||
let noise_want: f64 = log2_std_noise_gglwe_product(
|
||||
ct.automorphism_inplace(module, &autokey_exec, scratch.borrow());
|
||||
|
||||
let max_noise: f64 = log2_std_noise_gglwe_product(
|
||||
module.n() as f64,
|
||||
basek * digits,
|
||||
0.5,
|
||||
@@ -214,10 +240,7 @@ fn test_automorphism_inplace(
|
||||
k_ksk,
|
||||
);
|
||||
|
||||
assert!(
|
||||
(noise_have - noise_want).abs() <= 0.5,
|
||||
"{} {}",
|
||||
noise_have,
|
||||
noise_want
|
||||
);
|
||||
module.vec_znx_automorphism_inplace(p, &mut pt_want.data, 0);
|
||||
|
||||
ct.assert_noise(module, &sk_exec, &pt_want, max_noise + 1.0);
|
||||
}
|
||||
|
||||
@@ -1,160 +1,200 @@
|
||||
use backend::{FFT64, FillUniform, Module, ScratchOwned, Stats};
|
||||
use backend::{
|
||||
hal::{
|
||||
api::{
|
||||
ModuleNew, ScalarZnxAlloc, ScratchOwnedAlloc, ScratchOwnedBorrow, VecZnxAlloc, VecZnxDftAlloc, VecZnxFillUniform,
|
||||
VecZnxStd, VecZnxSubABInplace,
|
||||
},
|
||||
layouts::{Backend, Module, ScratchOwned},
|
||||
oep::{
|
||||
ScratchAvailableImpl, ScratchOwnedAllocImpl, ScratchOwnedBorrowImpl, TakeScalarZnxImpl, TakeSvpPPolImpl,
|
||||
TakeVecZnxBigImpl, TakeVecZnxDftImpl, TakeVecZnxImpl,
|
||||
},
|
||||
},
|
||||
implementation::cpu_spqlios::FFT64,
|
||||
};
|
||||
use sampling::source::Source;
|
||||
|
||||
use crate::{FourierGLWECiphertext, FourierGLWESecret, GLWECiphertext, GLWEOps, GLWEPlaintext, GLWEPublicKey, GLWESecret, Infos};
|
||||
use crate::{
|
||||
GLWECiphertext, GLWEDecryptFamily, GLWEEncryptPkFamily, GLWEEncryptSkFamily, GLWEOps, GLWEPlaintext, GLWEPublicKey,
|
||||
GLWEPublicKeyExec, GLWESecret, GLWESecretExec, GLWESecretFamily, Infos,
|
||||
};
|
||||
|
||||
#[test]
|
||||
fn encrypt_sk() {
|
||||
let log_n: usize = 8;
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
(1..4).for_each(|rank| {
|
||||
println!("test encrypt_sk rank: {}", rank);
|
||||
test_encrypt_sk(log_n, 8, 54, 30, 3.2, rank);
|
||||
test_encrypt_sk(&module, 8, 54, 30, 3.2, rank);
|
||||
});
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn encrypt_zero_sk() {
|
||||
let log_n: usize = 8;
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
(1..4).for_each(|rank| {
|
||||
println!("test encrypt_zero_sk rank: {}", rank);
|
||||
test_encrypt_zero_sk(log_n, 8, 64, 3.2, rank);
|
||||
test_encrypt_zero_sk(&module, 8, 64, 3.2, rank);
|
||||
});
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn encrypt_pk() {
|
||||
let log_n: usize = 8;
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
(1..4).for_each(|rank| {
|
||||
println!("test encrypt_pk rank: {}", rank);
|
||||
test_encrypt_pk(log_n, 8, 64, 64, 3.2, rank)
|
||||
test_encrypt_pk(&module, 8, 64, 64, 3.2, rank)
|
||||
});
|
||||
}
|
||||
|
||||
fn test_encrypt_sk(log_n: usize, basek: usize, k_ct: usize, k_pt: usize, sigma: f64, rank: usize) {
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
pub(crate) trait EncryptionTestModuleFamily<B: Backend> =
|
||||
GLWEDecryptFamily<B> + GLWESecretFamily<B> + VecZnxAlloc + ScalarZnxAlloc + VecZnxStd;
|
||||
|
||||
let mut ct: GLWECiphertext<Vec<u8>> = GLWECiphertext::alloc(&module, basek, k_ct, rank);
|
||||
let mut pt_want: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k_pt);
|
||||
let mut pt_have: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k_pt);
|
||||
pub(crate) trait EncryptionTestScratchFamily<B: Backend> = TakeVecZnxDftImpl<B>
|
||||
+ TakeVecZnxBigImpl<B>
|
||||
+ TakeSvpPPolImpl<B>
|
||||
+ ScratchOwnedAllocImpl<B>
|
||||
+ ScratchOwnedBorrowImpl<B>
|
||||
+ ScratchAvailableImpl<B>
|
||||
+ TakeScalarZnxImpl<B>
|
||||
+ TakeVecZnxImpl<B>;
|
||||
|
||||
fn test_encrypt_sk<B: Backend>(module: &Module<B>, basek: usize, k_ct: usize, k_pt: usize, sigma: f64, rank: usize)
|
||||
where
|
||||
Module<B>: EncryptionTestModuleFamily<B> + GLWEEncryptSkFamily<B>,
|
||||
B: EncryptionTestScratchFamily<B>,
|
||||
{
|
||||
let mut ct: GLWECiphertext<Vec<u8>> = GLWECiphertext::alloc(module, basek, k_ct, rank);
|
||||
let mut pt_want: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(module, basek, k_pt);
|
||||
let mut pt_have: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(module, basek, k_pt);
|
||||
|
||||
let mut source_xs: Source = Source::new([0u8; 32]);
|
||||
let mut source_xe: Source = Source::new([0u8; 32]);
|
||||
let mut source_xa: Source = Source::new([0u8; 32]);
|
||||
|
||||
let mut scratch: ScratchOwned = ScratchOwned::new(
|
||||
GLWECiphertext::encrypt_sk_scratch_space(&module, basek, ct.k())
|
||||
| GLWECiphertext::decrypt_scratch_space(&module, basek, ct.k()),
|
||||
let mut scratch: ScratchOwned<B> = ScratchOwned::alloc(
|
||||
GLWECiphertext::encrypt_sk_scratch_space(module, basek, ct.k())
|
||||
| GLWECiphertext::decrypt_scratch_space(module, basek, ct.k()),
|
||||
);
|
||||
|
||||
let mut sk: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank);
|
||||
let mut sk: GLWESecret<Vec<u8>> = GLWESecret::alloc(module, rank);
|
||||
sk.fill_ternary_prob(0.5, &mut source_xs);
|
||||
let sk_dft: FourierGLWESecret<Vec<u8>, FFT64> = FourierGLWESecret::from(&module, &sk);
|
||||
let sk_exec: GLWESecretExec<Vec<u8>, B> = GLWESecretExec::from(module, &sk);
|
||||
|
||||
pt_want
|
||||
.data
|
||||
.fill_uniform(basek, 0, pt_want.size(), &mut source_xa);
|
||||
module.vec_znx_fill_uniform(basek, &mut pt_want.data, 0, k_pt, &mut source_xa);
|
||||
|
||||
ct.encrypt_sk(
|
||||
&module,
|
||||
module,
|
||||
&pt_want,
|
||||
&sk_dft,
|
||||
&sk_exec,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
ct.decrypt(&module, &mut pt_have, &sk_dft, scratch.borrow());
|
||||
ct.decrypt(module, &mut pt_have, &sk_exec, scratch.borrow());
|
||||
|
||||
pt_want.sub_inplace_ab(&module, &pt_have);
|
||||
pt_want.sub_inplace_ab(module, &pt_have);
|
||||
|
||||
let noise_have: f64 = pt_want.data.std(0, basek) * (ct.k() as f64).exp2();
|
||||
let noise_have: f64 = module.vec_znx_std(basek, &pt_want.data, 0) * (ct.k() as f64).exp2();
|
||||
let noise_want: f64 = sigma;
|
||||
|
||||
assert!(noise_have <= noise_want + 0.2);
|
||||
}
|
||||
|
||||
fn test_encrypt_zero_sk(log_n: usize, basek: usize, k_ct: usize, sigma: f64, rank: usize) {
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
|
||||
let mut pt: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k_ct);
|
||||
fn test_encrypt_zero_sk<B: Backend>(module: &Module<B>, basek: usize, k_ct: usize, sigma: f64, rank: usize)
|
||||
where
|
||||
Module<B>: EncryptionTestModuleFamily<B> + GLWEEncryptSkFamily<B>,
|
||||
B: EncryptionTestScratchFamily<B>,
|
||||
{
|
||||
let mut pt: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(module, basek, k_ct);
|
||||
|
||||
let mut source_xs: Source = Source::new([0u8; 32]);
|
||||
let mut source_xe: Source = Source::new([1u8; 32]);
|
||||
let mut source_xa: Source = Source::new([0u8; 32]);
|
||||
|
||||
let mut sk: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank);
|
||||
let mut sk: GLWESecret<Vec<u8>> = GLWESecret::alloc(module, rank);
|
||||
sk.fill_ternary_prob(0.5, &mut source_xs);
|
||||
let sk_dft: FourierGLWESecret<Vec<u8>, FFT64> = FourierGLWESecret::from(&module, &sk);
|
||||
let sk_exec: GLWESecretExec<Vec<u8>, B> = GLWESecretExec::from(module, &sk);
|
||||
|
||||
let mut ct_dft: FourierGLWECiphertext<Vec<u8>, FFT64> = FourierGLWECiphertext::alloc(&module, basek, k_ct, rank);
|
||||
let mut ct: GLWECiphertext<Vec<u8>> = GLWECiphertext::alloc(module, basek, k_ct, rank);
|
||||
|
||||
let mut scratch: ScratchOwned = ScratchOwned::new(
|
||||
FourierGLWECiphertext::decrypt_scratch_space(&module, basek, k_ct)
|
||||
| FourierGLWECiphertext::encrypt_sk_scratch_space(&module, basek, k_ct, rank),
|
||||
let mut scratch: ScratchOwned<B> = ScratchOwned::alloc(
|
||||
GLWECiphertext::decrypt_scratch_space(module, basek, k_ct)
|
||||
| GLWECiphertext::encrypt_sk_scratch_space(module, basek, k_ct),
|
||||
);
|
||||
|
||||
ct_dft.encrypt_zero_sk(
|
||||
&module,
|
||||
&sk_dft,
|
||||
ct.encrypt_zero_sk(
|
||||
module,
|
||||
&sk_exec,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
ct_dft.decrypt(&module, &mut pt, &sk_dft, scratch.borrow());
|
||||
ct.decrypt(module, &mut pt, &sk_exec, scratch.borrow());
|
||||
|
||||
assert!((sigma - pt.data.std(0, basek) * (k_ct as f64).exp2()) <= 0.2);
|
||||
assert!((sigma - module.vec_znx_std(basek, &pt.data, 0) * (k_ct as f64).exp2()) <= 0.2);
|
||||
}
|
||||
|
||||
fn test_encrypt_pk(log_n: usize, basek: usize, k_ct: usize, k_pk: usize, sigma: f64, rank: usize) {
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
|
||||
let mut ct: GLWECiphertext<Vec<u8>> = GLWECiphertext::alloc(&module, basek, k_ct, rank);
|
||||
let mut pt_have: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k_ct);
|
||||
let mut pt_want: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k_ct);
|
||||
fn test_encrypt_pk<B: Backend>(module: &Module<B>, basek: usize, k_ct: usize, k_pk: usize, sigma: f64, rank: usize)
|
||||
where
|
||||
Module<B>: EncryptionTestModuleFamily<B>
|
||||
+ GLWEEncryptPkFamily<B>
|
||||
+ GLWEEncryptSkFamily<B>
|
||||
+ VecZnxDftAlloc<B>
|
||||
+ VecZnxFillUniform
|
||||
+ VecZnxSubABInplace,
|
||||
B: EncryptionTestScratchFamily<B>,
|
||||
{
|
||||
let mut ct: GLWECiphertext<Vec<u8>> = GLWECiphertext::alloc(module, basek, k_ct, rank);
|
||||
let mut pt_have: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(module, basek, k_ct);
|
||||
let mut pt_want: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(module, basek, k_ct);
|
||||
|
||||
let mut source_xs: Source = Source::new([0u8; 32]);
|
||||
let mut source_xe: Source = Source::new([0u8; 32]);
|
||||
let mut source_xa: Source = Source::new([0u8; 32]);
|
||||
let mut source_xu: Source = Source::new([0u8; 32]);
|
||||
|
||||
let mut sk: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank);
|
||||
let mut sk: GLWESecret<Vec<u8>> = GLWESecret::alloc(module, rank);
|
||||
sk.fill_ternary_prob(0.5, &mut source_xs);
|
||||
let sk_dft: FourierGLWESecret<Vec<u8>, FFT64> = FourierGLWESecret::from(&module, &sk);
|
||||
let sk_exec: GLWESecretExec<Vec<u8>, B> = GLWESecretExec::from(module, &sk);
|
||||
|
||||
let mut pk: GLWEPublicKey<Vec<u8>, FFT64> = GLWEPublicKey::alloc(&module, basek, k_pk, rank);
|
||||
pk.generate_from_sk(&module, &sk_dft, &mut source_xa, &mut source_xe, sigma);
|
||||
let mut pk: GLWEPublicKey<Vec<u8>> = GLWEPublicKey::alloc(module, basek, k_pk, rank);
|
||||
pk.generate_from_sk(module, &sk_exec, &mut source_xa, &mut source_xe, sigma);
|
||||
|
||||
let mut scratch: ScratchOwned = ScratchOwned::new(
|
||||
GLWECiphertext::encrypt_sk_scratch_space(&module, basek, ct.k())
|
||||
| GLWECiphertext::decrypt_scratch_space(&module, basek, ct.k())
|
||||
| GLWECiphertext::encrypt_pk_scratch_space(&module, basek, pk.k()),
|
||||
let mut scratch: ScratchOwned<B> = ScratchOwned::alloc(
|
||||
GLWECiphertext::encrypt_sk_scratch_space(module, basek, ct.k())
|
||||
| GLWECiphertext::decrypt_scratch_space(module, basek, ct.k())
|
||||
| GLWECiphertext::encrypt_pk_scratch_space(module, basek, pk.k()),
|
||||
);
|
||||
|
||||
pt_want
|
||||
.data
|
||||
.fill_uniform(basek, 0, pt_want.size(), &mut source_xa);
|
||||
module.vec_znx_fill_uniform(basek, &mut pt_want.data, 0, k_ct, &mut source_xa);
|
||||
|
||||
let pk_exec: GLWEPublicKeyExec<Vec<u8>, B> = GLWEPublicKeyExec::from(module, &pk, scratch.borrow());
|
||||
|
||||
ct.encrypt_pk(
|
||||
&module,
|
||||
module,
|
||||
&pt_want,
|
||||
&pk,
|
||||
&pk_exec,
|
||||
&mut source_xu,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
ct.decrypt(&module, &mut pt_have, &sk_dft, scratch.borrow());
|
||||
ct.decrypt(module, &mut pt_have, &sk_exec, scratch.borrow());
|
||||
|
||||
pt_want.sub_inplace_ab(&module, &pt_have);
|
||||
pt_want.sub_inplace_ab(module, &pt_have);
|
||||
|
||||
let noise_have: f64 = pt_want.data.std(0, basek).log2();
|
||||
let noise_have: f64 = module.vec_znx_std(basek, &pt_want.data, 0).log2();
|
||||
let noise_want: f64 = ((((rank as f64) + 1.0) * module.n() as f64 * 0.5 * sigma * sigma).sqrt()).log2() - (k_ct as f64);
|
||||
|
||||
assert!(
|
||||
(noise_have - noise_want).abs() < 0.2,
|
||||
noise_have <= noise_want + 0.2,
|
||||
"{} {}",
|
||||
noise_have,
|
||||
noise_want
|
||||
|
||||
@@ -1,11 +1,28 @@
|
||||
use backend::{FFT64, FillUniform, Module, ScalarZnx, ScalarZnxAlloc, ScratchOwned, Stats, VecZnxOps, ZnxViewMut};
|
||||
use backend::{
|
||||
hal::{
|
||||
api::{
|
||||
MatZnxAlloc, ModuleNew, ScalarZnxAlloc, ScratchOwnedAlloc, ScratchOwnedBorrow, VecZnxAddScalarInplace, VecZnxAlloc,
|
||||
VecZnxAllocBytes, VecZnxFillUniform, VecZnxRotateInplace, VecZnxStd, ZnxViewMut,
|
||||
},
|
||||
layouts::{Backend, Module, ScalarZnx, ScratchOwned},
|
||||
oep::{
|
||||
ScratchAvailableImpl, ScratchOwnedAllocImpl, ScratchOwnedBorrowImpl, TakeScalarZnxImpl, TakeSvpPPolImpl,
|
||||
TakeVecZnxBigImpl, TakeVecZnxDftImpl, TakeVecZnxImpl,
|
||||
},
|
||||
},
|
||||
implementation::cpu_spqlios::FFT64,
|
||||
};
|
||||
use sampling::source::Source;
|
||||
|
||||
use crate::{FourierGLWESecret, GGSWCiphertext, GLWECiphertext, GLWEPlaintext, GLWESecret, Infos, noise::noise_ggsw_product};
|
||||
use crate::{
|
||||
GGSWCiphertext, GGSWCiphertextExec, GGSWLayoutFamily, GLWECiphertext, GLWEDecryptFamily, GLWEEncryptSkFamily,
|
||||
GLWEExternalProductFamily, GLWEPlaintext, GLWESecret, GLWESecretExec, GLWESecretFamily, Infos, noise::noise_ggsw_product,
|
||||
};
|
||||
|
||||
#[test]
|
||||
fn apply() {
|
||||
let log_n: usize = 8;
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
let basek: usize = 12;
|
||||
let k_in: usize = 45;
|
||||
let digits: usize = k_in.div_ceil(basek);
|
||||
@@ -14,7 +31,7 @@ fn apply() {
|
||||
let k_ggsw: usize = k_in + basek * di;
|
||||
let k_out: usize = k_ggsw; // Better capture noise
|
||||
println!("test external_product digits: {} rank: {}", di, rank);
|
||||
test_external_product(log_n, basek, k_out, k_in, k_ggsw, di, rank, 3.2);
|
||||
test_external_product(&module, basek, k_out, k_in, k_ggsw, di, rank, 3.2);
|
||||
});
|
||||
});
|
||||
}
|
||||
@@ -22,6 +39,7 @@ fn apply() {
|
||||
#[test]
|
||||
fn apply_inplace() {
|
||||
let log_n: usize = 8;
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
let basek: usize = 12;
|
||||
let k_ct: usize = 60;
|
||||
let digits: usize = k_ct.div_ceil(basek);
|
||||
@@ -29,13 +47,35 @@ fn apply_inplace() {
|
||||
(1..digits + 1).for_each(|di| {
|
||||
let k_ggsw: usize = k_ct + basek * di;
|
||||
println!("test external_product digits: {} rank: {}", di, rank);
|
||||
test_external_product_inplace(log_n, basek, k_ct, k_ggsw, di, rank, 3.2);
|
||||
test_external_product_inplace(&module, basek, k_ct, k_ggsw, di, rank, 3.2);
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
fn test_external_product(
|
||||
log_n: usize,
|
||||
pub(crate) trait ExternalProductTestModuleFamily<B: Backend> = GLWEEncryptSkFamily<B>
|
||||
+ GLWEDecryptFamily<B>
|
||||
+ GLWESecretFamily<B>
|
||||
+ GLWEExternalProductFamily<B>
|
||||
+ GGSWLayoutFamily<B>
|
||||
+ MatZnxAlloc
|
||||
+ VecZnxAlloc
|
||||
+ ScalarZnxAlloc
|
||||
+ VecZnxAllocBytes
|
||||
+ VecZnxAddScalarInplace
|
||||
+ VecZnxRotateInplace
|
||||
+ VecZnxStd;
|
||||
|
||||
pub(crate) trait ExternalProductTestScratchFamily<B: Backend> = TakeVecZnxDftImpl<B>
|
||||
+ TakeVecZnxBigImpl<B>
|
||||
+ TakeSvpPPolImpl<B>
|
||||
+ ScratchOwnedAllocImpl<B>
|
||||
+ ScratchOwnedBorrowImpl<B>
|
||||
+ ScratchAvailableImpl<B>
|
||||
+ TakeScalarZnxImpl<B>
|
||||
+ TakeVecZnxImpl<B>;
|
||||
|
||||
fn test_external_product<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k_out: usize,
|
||||
k_in: usize,
|
||||
@@ -43,26 +83,24 @@ fn test_external_product(
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
sigma: f64,
|
||||
) {
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
|
||||
) where
|
||||
Module<B>: ExternalProductTestModuleFamily<B>,
|
||||
B: ExternalProductTestScratchFamily<B>,
|
||||
{
|
||||
let rows: usize = k_in.div_ceil(basek * digits);
|
||||
|
||||
let mut ct_ggsw: GGSWCiphertext<Vec<u8>, FFT64> = GGSWCiphertext::alloc(&module, basek, k_ggsw, rows, digits, rank);
|
||||
let mut ct_glwe_in: GLWECiphertext<Vec<u8>> = GLWECiphertext::alloc(&module, basek, k_in, rank);
|
||||
let mut ct_glwe_out: GLWECiphertext<Vec<u8>> = GLWECiphertext::alloc(&module, basek, k_out, rank);
|
||||
let mut pt_rgsw: ScalarZnx<Vec<u8>> = module.new_scalar_znx(1);
|
||||
let mut pt_want: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k_in);
|
||||
let mut pt_have: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k_out);
|
||||
let mut ct_ggsw: GGSWCiphertext<Vec<u8>> = GGSWCiphertext::alloc(module, basek, k_ggsw, rows, digits, rank);
|
||||
let mut ct_glwe_in: GLWECiphertext<Vec<u8>> = GLWECiphertext::alloc(module, basek, k_in, rank);
|
||||
let mut ct_glwe_out: GLWECiphertext<Vec<u8>> = GLWECiphertext::alloc(module, basek, k_out, rank);
|
||||
let mut pt_rgsw: ScalarZnx<Vec<u8>> = module.scalar_znx_alloc(1);
|
||||
let mut pt_want: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(module, basek, k_in);
|
||||
|
||||
let mut source_xs: Source = Source::new([0u8; 32]);
|
||||
let mut source_xe: Source = Source::new([0u8; 32]);
|
||||
let mut source_xa: Source = Source::new([0u8; 32]);
|
||||
|
||||
// Random input plaintext
|
||||
pt_want
|
||||
.data
|
||||
.fill_uniform(basek, 0, pt_want.size(), &mut source_xa);
|
||||
module.vec_znx_fill_uniform(basek, &mut pt_want.data, 0, k_in, &mut source_xa);
|
||||
|
||||
pt_want.data.at_mut(0, 0)[1] = 1;
|
||||
|
||||
@@ -70,12 +108,11 @@ fn test_external_product(
|
||||
|
||||
pt_rgsw.raw_mut()[k] = 1; // X^{k}
|
||||
|
||||
let mut scratch: ScratchOwned = ScratchOwned::new(
|
||||
GGSWCiphertext::encrypt_sk_scratch_space(&module, basek, ct_ggsw.k(), rank)
|
||||
| GLWECiphertext::decrypt_scratch_space(&module, basek, ct_glwe_out.k())
|
||||
| GLWECiphertext::encrypt_sk_scratch_space(&module, basek, ct_glwe_in.k())
|
||||
let mut scratch: ScratchOwned<B> = ScratchOwned::alloc(
|
||||
GGSWCiphertext::encrypt_sk_scratch_space(module, basek, ct_ggsw.k(), rank)
|
||||
| GLWECiphertext::encrypt_sk_scratch_space(module, basek, ct_glwe_in.k())
|
||||
| GLWECiphertext::external_product_scratch_space(
|
||||
&module,
|
||||
module,
|
||||
basek,
|
||||
ct_glwe_out.k(),
|
||||
ct_glwe_in.k(),
|
||||
@@ -85,14 +122,14 @@ fn test_external_product(
|
||||
),
|
||||
);
|
||||
|
||||
let mut sk: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank);
|
||||
let mut sk: GLWESecret<Vec<u8>> = GLWESecret::alloc(module, rank);
|
||||
sk.fill_ternary_prob(0.5, &mut source_xs);
|
||||
let sk_dft: FourierGLWESecret<Vec<u8>, FFT64> = FourierGLWESecret::from(&module, &sk);
|
||||
let sk_exec: GLWESecretExec<Vec<u8>, B> = GLWESecretExec::from(module, &sk);
|
||||
|
||||
ct_ggsw.encrypt_sk(
|
||||
&module,
|
||||
module,
|
||||
&pt_rgsw,
|
||||
&sk_dft,
|
||||
&sk_exec,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
@@ -100,25 +137,21 @@ fn test_external_product(
|
||||
);
|
||||
|
||||
ct_glwe_in.encrypt_sk(
|
||||
&module,
|
||||
module,
|
||||
&pt_want,
|
||||
&sk_dft,
|
||||
&sk_exec,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
ct_glwe_out.external_product(&module, &ct_glwe_in, &ct_ggsw, scratch.borrow());
|
||||
let ct_ggsw_exec: GGSWCiphertextExec<Vec<u8>, B> = GGSWCiphertextExec::from(module, &ct_ggsw, scratch.borrow());
|
||||
|
||||
ct_glwe_out.decrypt(&module, &mut pt_have, &sk_dft, scratch.borrow());
|
||||
ct_glwe_out.external_product(module, &ct_glwe_in, &ct_ggsw_exec, scratch.borrow());
|
||||
|
||||
module.vec_znx_rotate_inplace(k as i64, &mut pt_want.data, 0);
|
||||
|
||||
module.vec_znx_sub_ab_inplace(&mut pt_have.data, 0, &pt_want.data, 0);
|
||||
|
||||
let noise_have: f64 = pt_have.data.std(0, basek).log2();
|
||||
|
||||
let var_gct_err_lhs: f64 = sigma * sigma;
|
||||
let var_gct_err_rhs: f64 = 0f64;
|
||||
|
||||
@@ -126,7 +159,7 @@ fn test_external_product(
|
||||
let var_a0_err: f64 = sigma * sigma;
|
||||
let var_a1_err: f64 = 1f64 / 12f64;
|
||||
|
||||
let noise_want: f64 = noise_ggsw_product(
|
||||
let max_noise: f64 = noise_ggsw_product(
|
||||
module.n() as f64,
|
||||
basek * digits,
|
||||
0.5,
|
||||
@@ -140,32 +173,34 @@ fn test_external_product(
|
||||
k_ggsw,
|
||||
);
|
||||
|
||||
assert!(
|
||||
(noise_have - noise_want).abs() <= 0.5,
|
||||
"{} {}",
|
||||
noise_have,
|
||||
noise_want
|
||||
);
|
||||
ct_glwe_out.assert_noise(module, &sk_exec, &pt_want, max_noise + 0.5);
|
||||
}
|
||||
|
||||
fn test_external_product_inplace(log_n: usize, basek: usize, k_ct: usize, k_ggsw: usize, digits: usize, rank: usize, sigma: f64) {
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
fn test_external_product_inplace<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k_ct: usize,
|
||||
k_ggsw: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
sigma: f64,
|
||||
) where
|
||||
Module<B>: ExternalProductTestModuleFamily<B>,
|
||||
B: ExternalProductTestScratchFamily<B>,
|
||||
{
|
||||
let rows: usize = k_ct.div_ceil(basek * digits);
|
||||
|
||||
let mut ct_ggsw: GGSWCiphertext<Vec<u8>, FFT64> = GGSWCiphertext::alloc(&module, basek, k_ggsw, rows, digits, rank);
|
||||
let mut ct_glwe: GLWECiphertext<Vec<u8>> = GLWECiphertext::alloc(&module, basek, k_ct, rank);
|
||||
let mut pt_rgsw: ScalarZnx<Vec<u8>> = module.new_scalar_znx(1);
|
||||
let mut pt_want: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k_ct);
|
||||
let mut pt_have: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k_ct);
|
||||
let mut ct_ggsw: GGSWCiphertext<Vec<u8>> = GGSWCiphertext::alloc(module, basek, k_ggsw, rows, digits, rank);
|
||||
let mut ct_glwe: GLWECiphertext<Vec<u8>> = GLWECiphertext::alloc(module, basek, k_ct, rank);
|
||||
let mut pt_rgsw: ScalarZnx<Vec<u8>> = module.scalar_znx_alloc(1);
|
||||
let mut pt_want: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(module, basek, k_ct);
|
||||
|
||||
let mut source_xs: Source = Source::new([0u8; 32]);
|
||||
let mut source_xe: Source = Source::new([0u8; 32]);
|
||||
let mut source_xa: Source = Source::new([0u8; 32]);
|
||||
|
||||
// Random input plaintext
|
||||
pt_want
|
||||
.data
|
||||
.fill_uniform(basek, 0, pt_want.size(), &mut source_xa);
|
||||
module.vec_znx_fill_uniform(basek, &mut pt_want.data, 0, k_ct, &mut source_xa);
|
||||
|
||||
pt_want.data.at_mut(0, 0)[1] = 1;
|
||||
|
||||
@@ -173,21 +208,20 @@ fn test_external_product_inplace(log_n: usize, basek: usize, k_ct: usize, k_ggsw
|
||||
|
||||
pt_rgsw.raw_mut()[k] = 1; // X^{k}
|
||||
|
||||
let mut scratch: ScratchOwned = ScratchOwned::new(
|
||||
GGSWCiphertext::encrypt_sk_scratch_space(&module, basek, ct_ggsw.k(), rank)
|
||||
| GLWECiphertext::decrypt_scratch_space(&module, basek, ct_glwe.k())
|
||||
| GLWECiphertext::encrypt_sk_scratch_space(&module, basek, ct_glwe.k())
|
||||
| GLWECiphertext::external_product_inplace_scratch_space(&module, basek, ct_glwe.k(), ct_ggsw.k(), digits, rank),
|
||||
let mut scratch: ScratchOwned<B> = ScratchOwned::alloc(
|
||||
GGSWCiphertext::encrypt_sk_scratch_space(module, basek, ct_ggsw.k(), rank)
|
||||
| GLWECiphertext::encrypt_sk_scratch_space(module, basek, ct_glwe.k())
|
||||
| GLWECiphertext::external_product_inplace_scratch_space(module, basek, ct_glwe.k(), ct_ggsw.k(), digits, rank),
|
||||
);
|
||||
|
||||
let mut sk: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank);
|
||||
let mut sk: GLWESecret<Vec<u8>> = GLWESecret::alloc(module, rank);
|
||||
sk.fill_ternary_prob(0.5, &mut source_xs);
|
||||
let sk_dft: FourierGLWESecret<Vec<u8>, FFT64> = FourierGLWESecret::from(&module, &sk);
|
||||
let sk_exec: GLWESecretExec<Vec<u8>, B> = GLWESecretExec::from(module, &sk);
|
||||
|
||||
ct_ggsw.encrypt_sk(
|
||||
&module,
|
||||
module,
|
||||
&pt_rgsw,
|
||||
&sk_dft,
|
||||
&sk_exec,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
@@ -195,25 +229,21 @@ fn test_external_product_inplace(log_n: usize, basek: usize, k_ct: usize, k_ggsw
|
||||
);
|
||||
|
||||
ct_glwe.encrypt_sk(
|
||||
&module,
|
||||
module,
|
||||
&pt_want,
|
||||
&sk_dft,
|
||||
&sk_exec,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
ct_glwe.external_product_inplace(&module, &ct_ggsw, scratch.borrow());
|
||||
let ct_ggsw_exec: GGSWCiphertextExec<Vec<u8>, B> = GGSWCiphertextExec::from(module, &ct_ggsw, scratch.borrow());
|
||||
|
||||
ct_glwe.decrypt(&module, &mut pt_have, &sk_dft, scratch.borrow());
|
||||
ct_glwe.external_product_inplace(module, &ct_ggsw_exec, scratch.borrow());
|
||||
|
||||
module.vec_znx_rotate_inplace(k as i64, &mut pt_want.data, 0);
|
||||
|
||||
module.vec_znx_sub_ab_inplace(&mut pt_have.data, 0, &pt_want.data, 0);
|
||||
|
||||
let noise_have: f64 = pt_have.data.std(0, basek).log2();
|
||||
|
||||
let var_gct_err_lhs: f64 = sigma * sigma;
|
||||
let var_gct_err_rhs: f64 = 0f64;
|
||||
|
||||
@@ -221,7 +251,7 @@ fn test_external_product_inplace(log_n: usize, basek: usize, k_ct: usize, k_ggsw
|
||||
let var_a0_err: f64 = sigma * sigma;
|
||||
let var_a1_err: f64 = 1f64 / 12f64;
|
||||
|
||||
let noise_want: f64 = noise_ggsw_product(
|
||||
let max_noise: f64 = noise_ggsw_product(
|
||||
module.n() as f64,
|
||||
basek * digits,
|
||||
0.5,
|
||||
@@ -235,10 +265,5 @@ fn test_external_product_inplace(log_n: usize, basek: usize, k_ct: usize, k_ggsw
|
||||
k_ggsw,
|
||||
);
|
||||
|
||||
assert!(
|
||||
(noise_have - noise_want).abs() <= 0.5,
|
||||
"{} {}",
|
||||
noise_have,
|
||||
noise_want
|
||||
);
|
||||
ct_glwe.assert_noise(module, &sk_exec, &pt_want, max_noise + 0.5);
|
||||
}
|
||||
|
||||
@@ -1,13 +1,29 @@
|
||||
use backend::{FFT64, FillUniform, Module, ScratchOwned, Stats, VecZnxOps};
|
||||
use backend::{
|
||||
hal::{
|
||||
api::{
|
||||
MatZnxAlloc, ModuleNew, ScalarZnxAlloc, ScalarZnxAllocBytes, ScratchOwnedAlloc, ScratchOwnedBorrow,
|
||||
VecZnxAddScalarInplace, VecZnxAlloc, VecZnxAllocBytes, VecZnxFillUniform, VecZnxStd, VecZnxSwithcDegree,
|
||||
},
|
||||
layouts::{Backend, Module, ScratchOwned},
|
||||
oep::{
|
||||
ScratchAvailableImpl, ScratchOwnedAllocImpl, ScratchOwnedBorrowImpl, TakeScalarZnxImpl, TakeSvpPPolImpl,
|
||||
TakeVecZnxBigImpl, TakeVecZnxDftImpl, TakeVecZnxImpl,
|
||||
},
|
||||
},
|
||||
implementation::cpu_spqlios::FFT64,
|
||||
};
|
||||
use sampling::source::Source;
|
||||
|
||||
use crate::{
|
||||
FourierGLWESecret, GLWECiphertext, GLWEPlaintext, GLWESecret, GLWESwitchingKey, Infos, noise::log2_std_noise_gglwe_product,
|
||||
GGLWEExecLayoutFamily, GLWECiphertext, GLWEDecryptFamily, GLWEKeyswitchFamily, GLWEPlaintext, GLWESecret, GLWESecretExec,
|
||||
GLWESecretFamily, GLWESwitchingKey, GLWESwitchingKeyEncryptSkFamily, GLWESwitchingKeyExec, Infos,
|
||||
noise::log2_std_noise_gglwe_product,
|
||||
};
|
||||
|
||||
#[test]
|
||||
fn apply() {
|
||||
let log_n: usize = 8;
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
let basek: usize = 12;
|
||||
let k_in: usize = 45;
|
||||
let digits: usize = k_in.div_ceil(basek);
|
||||
@@ -20,7 +36,9 @@ fn apply() {
|
||||
"test keyswitch digits: {} rank_in: {} rank_out: {}",
|
||||
di, rank_in, rank_out
|
||||
);
|
||||
test_keyswitch(log_n, basek, k_out, k_in, k_ksk, di, rank_in, rank_out, 3.2);
|
||||
test_keyswitch(
|
||||
&module, basek, k_out, k_in, k_ksk, di, rank_in, rank_out, 3.2,
|
||||
);
|
||||
})
|
||||
});
|
||||
});
|
||||
@@ -29,6 +47,7 @@ fn apply() {
|
||||
#[test]
|
||||
fn apply_inplace() {
|
||||
let log_n: usize = 8;
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
let basek: usize = 12;
|
||||
let k_ct: usize = 45;
|
||||
let digits: usize = k_ct.div_ceil(basek);
|
||||
@@ -36,13 +55,36 @@ fn apply_inplace() {
|
||||
(1..digits + 1).for_each(|di| {
|
||||
let k_ksk: usize = k_ct + basek * di;
|
||||
println!("test keyswitch_inplace digits: {} rank: {}", di, rank);
|
||||
test_keyswitch_inplace(log_n, basek, k_ct, k_ksk, di, rank, 3.2);
|
||||
test_keyswitch_inplace(&module, basek, k_ct, k_ksk, di, rank, 3.2);
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
fn test_keyswitch(
|
||||
log_n: usize,
|
||||
pub(crate) trait KeySwitchTestModuleFamily<B: Backend> = GLWESecretFamily<B>
|
||||
+ GLWESwitchingKeyEncryptSkFamily<B>
|
||||
+ GLWEKeyswitchFamily<B>
|
||||
+ GLWEDecryptFamily<B>
|
||||
+ GGLWEExecLayoutFamily<B>
|
||||
+ MatZnxAlloc
|
||||
+ VecZnxAlloc
|
||||
+ ScalarZnxAlloc
|
||||
+ ScalarZnxAllocBytes
|
||||
+ VecZnxAllocBytes
|
||||
+ VecZnxStd
|
||||
+ VecZnxSwithcDegree
|
||||
+ VecZnxAddScalarInplace;
|
||||
|
||||
pub(crate) trait KeySwitchTestScratchFamily<B: Backend> = TakeVecZnxDftImpl<B>
|
||||
+ TakeVecZnxBigImpl<B>
|
||||
+ TakeSvpPPolImpl<B>
|
||||
+ ScratchOwnedAllocImpl<B>
|
||||
+ ScratchOwnedBorrowImpl<B>
|
||||
+ ScratchAvailableImpl<B>
|
||||
+ TakeScalarZnxImpl<B>
|
||||
+ TakeVecZnxImpl<B>;
|
||||
|
||||
fn test_keyswitch<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k_out: usize,
|
||||
k_in: usize,
|
||||
@@ -51,32 +93,28 @@ fn test_keyswitch(
|
||||
rank_in: usize,
|
||||
rank_out: usize,
|
||||
sigma: f64,
|
||||
) {
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
|
||||
) where
|
||||
Module<B>: KeySwitchTestModuleFamily<B>,
|
||||
B: KeySwitchTestScratchFamily<B>,
|
||||
{
|
||||
let rows: usize = k_in.div_ceil(basek * digits);
|
||||
|
||||
let mut ksk: GLWESwitchingKey<Vec<u8>, FFT64> =
|
||||
GLWESwitchingKey::alloc(&module, basek, k_ksk, rows, digits, rank_in, rank_out);
|
||||
let mut ct_in: GLWECiphertext<Vec<u8>> = GLWECiphertext::alloc(&module, basek, k_in, rank_in);
|
||||
let mut ct_out: GLWECiphertext<Vec<u8>> = GLWECiphertext::alloc(&module, basek, k_out, rank_out);
|
||||
let mut pt_want: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k_in);
|
||||
let mut pt_have: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k_out);
|
||||
let mut ksk: GLWESwitchingKey<Vec<u8>> = GLWESwitchingKey::alloc(module, basek, k_ksk, rows, digits, rank_in, rank_out);
|
||||
let mut ct_in: GLWECiphertext<Vec<u8>> = GLWECiphertext::alloc(module, basek, k_in, rank_in);
|
||||
let mut ct_out: GLWECiphertext<Vec<u8>> = GLWECiphertext::alloc(module, basek, k_out, rank_out);
|
||||
let mut pt_want: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(module, basek, k_in);
|
||||
|
||||
let mut source_xs: Source = Source::new([0u8; 32]);
|
||||
let mut source_xe: Source = Source::new([0u8; 32]);
|
||||
let mut source_xa: Source = Source::new([0u8; 32]);
|
||||
|
||||
pt_want
|
||||
.data
|
||||
.fill_uniform(basek, 0, pt_want.size(), &mut source_xa);
|
||||
module.vec_znx_fill_uniform(basek, &mut pt_want.data, 0, k_in, &mut source_xa);
|
||||
|
||||
let mut scratch: ScratchOwned = ScratchOwned::new(
|
||||
GLWESwitchingKey::encrypt_sk_scratch_space(&module, basek, ksk.k(), rank_in, rank_out)
|
||||
| GLWECiphertext::decrypt_scratch_space(&module, basek, ct_out.k())
|
||||
| GLWECiphertext::encrypt_sk_scratch_space(&module, basek, ct_in.k())
|
||||
let mut scratch: ScratchOwned<B> = ScratchOwned::alloc(
|
||||
GLWESwitchingKey::encrypt_sk_scratch_space(module, basek, ksk.k(), rank_in, rank_out)
|
||||
| GLWECiphertext::encrypt_sk_scratch_space(module, basek, ct_in.k())
|
||||
| GLWECiphertext::keyswitch_scratch_space(
|
||||
&module,
|
||||
module,
|
||||
basek,
|
||||
ct_out.k(),
|
||||
ct_in.k(),
|
||||
@@ -87,18 +125,18 @@ fn test_keyswitch(
|
||||
),
|
||||
);
|
||||
|
||||
let mut sk_in: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank_in);
|
||||
let mut sk_in: GLWESecret<Vec<u8>> = GLWESecret::alloc(module, rank_in);
|
||||
sk_in.fill_ternary_prob(0.5, &mut source_xs);
|
||||
let sk_in_dft: FourierGLWESecret<Vec<u8>, FFT64> = FourierGLWESecret::from(&module, &sk_in);
|
||||
let sk_in_exec: GLWESecretExec<Vec<u8>, B> = GLWESecretExec::from(module, &sk_in);
|
||||
|
||||
let mut sk_out: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank_out);
|
||||
let mut sk_out: GLWESecret<Vec<u8>> = GLWESecret::alloc(module, rank_out);
|
||||
sk_out.fill_ternary_prob(0.5, &mut source_xs);
|
||||
let sk_out_dft: FourierGLWESecret<Vec<u8>, FFT64> = FourierGLWESecret::from(&module, &sk_out);
|
||||
let sk_out_exec: GLWESecretExec<Vec<u8>, B> = GLWESecretExec::from(module, &sk_out);
|
||||
|
||||
ksk.encrypt_sk(
|
||||
&module,
|
||||
module,
|
||||
&sk_in,
|
||||
&sk_out_dft,
|
||||
&sk_out,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
@@ -106,22 +144,20 @@ fn test_keyswitch(
|
||||
);
|
||||
|
||||
ct_in.encrypt_sk(
|
||||
&module,
|
||||
module,
|
||||
&pt_want,
|
||||
&sk_in_dft,
|
||||
&sk_in_exec,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
ct_out.keyswitch(&module, &ct_in, &ksk, scratch.borrow());
|
||||
ct_out.decrypt(&module, &mut pt_have, &sk_out_dft, scratch.borrow());
|
||||
let ksk_exec: GLWESwitchingKeyExec<Vec<u8>, B> = GLWESwitchingKeyExec::from(module, &ksk, scratch.borrow());
|
||||
|
||||
module.vec_znx_sub_ab_inplace(&mut pt_have.data, 0, &pt_want.data, 0);
|
||||
ct_out.keyswitch(module, &ct_in, &ksk_exec, scratch.borrow());
|
||||
|
||||
let noise_have: f64 = pt_have.data.std(0, basek).log2();
|
||||
let noise_want: f64 = log2_std_noise_gglwe_product(
|
||||
let max_noise: f64 = log2_std_noise_gglwe_product(
|
||||
module.n() as f64,
|
||||
basek * digits,
|
||||
0.5,
|
||||
@@ -134,53 +170,51 @@ fn test_keyswitch(
|
||||
k_ksk,
|
||||
);
|
||||
|
||||
println!("{} vs. {}", noise_have, noise_want);
|
||||
|
||||
assert!(
|
||||
(noise_have - noise_want).abs() <= 0.5,
|
||||
"{} {}",
|
||||
noise_have,
|
||||
noise_want
|
||||
);
|
||||
ct_out.assert_noise(module, &sk_out_exec, &pt_want, max_noise + 0.5);
|
||||
}
|
||||
|
||||
fn test_keyswitch_inplace(log_n: usize, basek: usize, k_ct: usize, k_ksk: usize, digits: usize, rank: usize, sigma: f64) {
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
|
||||
fn test_keyswitch_inplace<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k_ct: usize,
|
||||
k_ksk: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
sigma: f64,
|
||||
) where
|
||||
Module<B>: KeySwitchTestModuleFamily<B>,
|
||||
B: KeySwitchTestScratchFamily<B>,
|
||||
{
|
||||
let rows: usize = k_ct.div_ceil(basek * digits);
|
||||
|
||||
let mut ct_grlwe: GLWESwitchingKey<Vec<u8>, FFT64> = GLWESwitchingKey::alloc(&module, basek, k_ksk, rows, digits, rank, rank);
|
||||
let mut ct_glwe: GLWECiphertext<Vec<u8>> = GLWECiphertext::alloc(&module, basek, k_ct, rank);
|
||||
let mut pt_want: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k_ct);
|
||||
let mut pt_have: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k_ct);
|
||||
let mut ksk: GLWESwitchingKey<Vec<u8>> = GLWESwitchingKey::alloc(module, basek, k_ksk, rows, digits, rank, rank);
|
||||
let mut ct_glwe: GLWECiphertext<Vec<u8>> = GLWECiphertext::alloc(module, basek, k_ct, rank);
|
||||
let mut pt_want: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(module, basek, k_ct);
|
||||
|
||||
let mut source_xs: Source = Source::new([0u8; 32]);
|
||||
let mut source_xe: Source = Source::new([0u8; 32]);
|
||||
let mut source_xa: Source = Source::new([0u8; 32]);
|
||||
|
||||
pt_want
|
||||
.data
|
||||
.fill_uniform(basek, 0, pt_want.size(), &mut source_xa);
|
||||
module.vec_znx_fill_uniform(basek, &mut pt_want.data, 0, k_ct, &mut source_xa);
|
||||
|
||||
let mut scratch: ScratchOwned = ScratchOwned::new(
|
||||
GLWESwitchingKey::encrypt_sk_scratch_space(&module, basek, ct_grlwe.k(), rank, rank)
|
||||
| GLWECiphertext::decrypt_scratch_space(&module, basek, ct_glwe.k())
|
||||
| GLWECiphertext::encrypt_sk_scratch_space(&module, basek, ct_glwe.k())
|
||||
| GLWECiphertext::keyswitch_inplace_scratch_space(&module, basek, ct_glwe.k(), ct_grlwe.k(), digits, rank),
|
||||
let mut scratch: ScratchOwned<B> = ScratchOwned::alloc(
|
||||
GLWESwitchingKey::encrypt_sk_scratch_space(module, basek, ksk.k(), rank, rank)
|
||||
| GLWECiphertext::encrypt_sk_scratch_space(module, basek, ct_glwe.k())
|
||||
| GLWECiphertext::keyswitch_inplace_scratch_space(module, basek, ct_glwe.k(), ksk.k(), digits, rank),
|
||||
);
|
||||
|
||||
let mut sk_in: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank);
|
||||
let mut sk_in: GLWESecret<Vec<u8>> = GLWESecret::alloc(module, rank);
|
||||
sk_in.fill_ternary_prob(0.5, &mut source_xs);
|
||||
let sk_in_dft: FourierGLWESecret<Vec<u8>, FFT64> = FourierGLWESecret::from(&module, &sk_in);
|
||||
let sk_in_exec: GLWESecretExec<Vec<u8>, B> = GLWESecretExec::from(module, &sk_in);
|
||||
|
||||
let mut sk_out: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank);
|
||||
let mut sk_out: GLWESecret<Vec<u8>> = GLWESecret::alloc(module, rank);
|
||||
sk_out.fill_ternary_prob(0.5, &mut source_xs);
|
||||
let sk_out_dft: FourierGLWESecret<Vec<u8>, FFT64> = FourierGLWESecret::from(&module, &sk_out);
|
||||
let sk_out_exec: GLWESecretExec<Vec<u8>, B> = GLWESecretExec::from(module, &sk_out);
|
||||
|
||||
ct_grlwe.encrypt_sk(
|
||||
&module,
|
||||
ksk.encrypt_sk(
|
||||
module,
|
||||
&sk_in,
|
||||
&sk_out_dft,
|
||||
&sk_out,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
@@ -188,23 +222,20 @@ fn test_keyswitch_inplace(log_n: usize, basek: usize, k_ct: usize, k_ksk: usize,
|
||||
);
|
||||
|
||||
ct_glwe.encrypt_sk(
|
||||
&module,
|
||||
module,
|
||||
&pt_want,
|
||||
&sk_in_dft,
|
||||
&sk_in_exec,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
ct_glwe.keyswitch_inplace(&module, &ct_grlwe, scratch.borrow());
|
||||
let ksk_exec: GLWESwitchingKeyExec<Vec<u8>, B> = GLWESwitchingKeyExec::from(module, &ksk, scratch.borrow());
|
||||
|
||||
ct_glwe.decrypt(&module, &mut pt_have, &sk_out_dft, scratch.borrow());
|
||||
ct_glwe.keyswitch_inplace(module, &ksk_exec, scratch.borrow());
|
||||
|
||||
module.vec_znx_sub_ab_inplace(&mut pt_have.data, 0, &pt_want.data, 0);
|
||||
|
||||
let noise_have: f64 = pt_have.data.std(0, basek).log2();
|
||||
let noise_want: f64 = log2_std_noise_gglwe_product(
|
||||
let max_noise: f64 = log2_std_noise_gglwe_product(
|
||||
module.n() as f64,
|
||||
basek * digits,
|
||||
0.5,
|
||||
@@ -217,10 +248,5 @@ fn test_keyswitch_inplace(log_n: usize, basek: usize, k_ct: usize, k_ksk: usize,
|
||||
k_ksk,
|
||||
);
|
||||
|
||||
assert!(
|
||||
(noise_have - noise_want).abs() <= 0.5,
|
||||
"{} {}",
|
||||
noise_have,
|
||||
noise_want
|
||||
);
|
||||
ct_glwe.assert_noise(module, &sk_out_exec, &pt_want, max_noise + 0.5);
|
||||
}
|
||||
|
||||
@@ -1,14 +1,67 @@
|
||||
use crate::{FourierGLWESecret, GLWEAutomorphismKey, GLWECiphertext, GLWEOps, GLWEPacker, GLWEPlaintext, GLWESecret};
|
||||
use std::collections::HashMap;
|
||||
|
||||
use backend::{Encoding, FFT64, Module, ScratchOwned, Stats};
|
||||
use backend::{
|
||||
hal::{
|
||||
api::{
|
||||
MatZnxAlloc, ModuleNew, ScalarZnxAlloc, ScalarZnxAllocBytes, ScalarZnxAutomorphism, ScratchOwnedAlloc,
|
||||
ScratchOwnedBorrow, VecZnxAddScalarInplace, VecZnxAlloc, VecZnxAllocBytes, VecZnxBigSubSmallBInplace,
|
||||
VecZnxEncodeVeci64, VecZnxRotateInplace, VecZnxStd, VecZnxSwithcDegree,
|
||||
},
|
||||
layouts::{Backend, Module, ScratchOwned},
|
||||
oep::{
|
||||
ScratchAvailableImpl, ScratchOwnedAllocImpl, ScratchOwnedBorrowImpl, TakeScalarZnxImpl, TakeSvpPPolImpl,
|
||||
TakeVecZnxBigImpl, TakeVecZnxDftImpl, TakeVecZnxImpl,
|
||||
},
|
||||
},
|
||||
implementation::cpu_spqlios::FFT64,
|
||||
};
|
||||
use sampling::source::Source;
|
||||
|
||||
use crate::{
|
||||
AutomorphismKey, AutomorphismKeyExec, GGLWEExecLayoutFamily, GLWECiphertext, GLWEDecryptFamily, GLWEKeyswitchFamily, GLWEOps,
|
||||
GLWEPacker, GLWEPackingFamily, GLWEPlaintext, GLWESecret, GLWESecretExec, GLWESecretFamily, GLWESwitchingKeyEncryptSkFamily,
|
||||
};
|
||||
|
||||
#[test]
|
||||
fn apply() {
|
||||
fn trace() {
|
||||
let log_n: usize = 5;
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
test_packing(&module);
|
||||
}
|
||||
|
||||
pub(crate) trait PackingTestModuleFamily<B: Backend> = GLWEPackingFamily<B>
|
||||
+ GLWESecretFamily<B>
|
||||
+ GLWESwitchingKeyEncryptSkFamily<B>
|
||||
+ GLWEKeyswitchFamily<B>
|
||||
+ GLWEDecryptFamily<B>
|
||||
+ GGLWEExecLayoutFamily<B>
|
||||
+ MatZnxAlloc
|
||||
+ VecZnxAlloc
|
||||
+ ScalarZnxAlloc
|
||||
+ ScalarZnxAllocBytes
|
||||
+ VecZnxAllocBytes
|
||||
+ VecZnxStd
|
||||
+ VecZnxSwithcDegree
|
||||
+ VecZnxAddScalarInplace
|
||||
+ VecZnxEncodeVeci64
|
||||
+ ScalarZnxAutomorphism
|
||||
+ VecZnxRotateInplace
|
||||
+ VecZnxBigSubSmallBInplace<B>;
|
||||
|
||||
pub(crate) trait PackingTestScratchFamily<B: Backend> = TakeVecZnxDftImpl<B>
|
||||
+ TakeVecZnxBigImpl<B>
|
||||
+ TakeSvpPPolImpl<B>
|
||||
+ ScratchOwnedAllocImpl<B>
|
||||
+ ScratchOwnedBorrowImpl<B>
|
||||
+ ScratchAvailableImpl<B>
|
||||
+ TakeScalarZnxImpl<B>
|
||||
+ TakeVecZnxImpl<B>;
|
||||
|
||||
pub(crate) fn test_packing<B: Backend>(module: &Module<B>)
|
||||
where
|
||||
Module<B>: PackingTestModuleFamily<B>,
|
||||
B: PackingTestScratchFamily<B>,
|
||||
{
|
||||
let mut source_xs: Source = Source::new([0u8; 32]);
|
||||
let mut source_xe: Source = Source::new([0u8; 32]);
|
||||
let mut source_xa: Source = Source::new([0u8; 32]);
|
||||
@@ -23,31 +76,31 @@ fn apply() {
|
||||
|
||||
let rows: usize = k_ct.div_ceil(basek * digits);
|
||||
|
||||
let mut scratch: ScratchOwned = ScratchOwned::new(
|
||||
GLWECiphertext::encrypt_sk_scratch_space(&module, basek, k_ct)
|
||||
| GLWECiphertext::decrypt_scratch_space(&module, basek, k_ct)
|
||||
| GLWEAutomorphismKey::encrypt_sk_scratch_space(&module, basek, k_ksk, rank)
|
||||
| GLWEPacker::scratch_space(&module, basek, k_ct, k_ksk, digits, rank),
|
||||
let mut scratch: ScratchOwned<B> = ScratchOwned::alloc(
|
||||
GLWECiphertext::encrypt_sk_scratch_space(module, basek, k_ct)
|
||||
| AutomorphismKey::encrypt_sk_scratch_space(module, basek, k_ksk, rank)
|
||||
| GLWEPacker::scratch_space(module, basek, k_ct, k_ksk, digits, rank),
|
||||
);
|
||||
|
||||
let mut sk: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank);
|
||||
let mut sk: GLWESecret<Vec<u8>> = GLWESecret::alloc(module, rank);
|
||||
sk.fill_ternary_prob(0.5, &mut source_xs);
|
||||
let sk_dft: FourierGLWESecret<Vec<u8>, FFT64> = FourierGLWESecret::from(&module, &sk);
|
||||
let sk_dft: GLWESecretExec<Vec<u8>, B> = GLWESecretExec::from(module, &sk);
|
||||
|
||||
let mut pt: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k_ct);
|
||||
let mut pt: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(module, basek, k_ct);
|
||||
let mut data: Vec<i64> = vec![0i64; module.n()];
|
||||
data.iter_mut().enumerate().for_each(|(i, x)| {
|
||||
*x = i as i64;
|
||||
});
|
||||
pt.data.encode_vec_i64(0, basek, pt_k, &data, 32);
|
||||
|
||||
let gal_els: Vec<i64> = GLWEPacker::galois_elements(&module);
|
||||
module.encode_vec_i64(basek, &mut pt.data, 0, pt_k, &data, 32);
|
||||
|
||||
let mut auto_keys: HashMap<i64, GLWEAutomorphismKey<Vec<u8>, FFT64>> = HashMap::new();
|
||||
let gal_els: Vec<i64> = GLWEPacker::galois_elements(module);
|
||||
|
||||
let mut auto_keys: HashMap<i64, AutomorphismKeyExec<Vec<u8>, B>> = HashMap::new();
|
||||
let mut tmp: AutomorphismKey<Vec<u8>> = AutomorphismKey::alloc(module, basek, k_ksk, rows, digits, rank);
|
||||
gal_els.iter().for_each(|gal_el| {
|
||||
let mut key: GLWEAutomorphismKey<Vec<u8>, FFT64> = GLWEAutomorphismKey::alloc(&module, basek, k_ksk, rows, digits, rank);
|
||||
key.encrypt_sk(
|
||||
&module,
|
||||
tmp.encrypt_sk(
|
||||
module,
|
||||
*gal_el,
|
||||
&sk,
|
||||
&mut source_xa,
|
||||
@@ -55,17 +108,18 @@ fn apply() {
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
auto_keys.insert(*gal_el, key);
|
||||
let atk_exec: AutomorphismKeyExec<Vec<u8>, B> = AutomorphismKeyExec::from(module, &tmp, scratch.borrow());
|
||||
auto_keys.insert(*gal_el, atk_exec);
|
||||
});
|
||||
|
||||
let log_batch: usize = 0;
|
||||
|
||||
let mut packer: GLWEPacker = GLWEPacker::new(&module, log_batch, basek, k_ct, rank);
|
||||
let mut packer: GLWEPacker = GLWEPacker::new(module, log_batch, basek, k_ct, rank);
|
||||
|
||||
let mut ct: GLWECiphertext<Vec<u8>> = GLWECiphertext::alloc(&module, basek, k_ct, rank);
|
||||
let mut ct: GLWECiphertext<Vec<u8>> = GLWECiphertext::alloc(module, basek, k_ct, rank);
|
||||
|
||||
ct.encrypt_sk(
|
||||
&module,
|
||||
module,
|
||||
&pt,
|
||||
&sk_dft,
|
||||
&mut source_xa,
|
||||
@@ -74,9 +128,11 @@ fn apply() {
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
let log_n: usize = module.log_n();
|
||||
|
||||
(0..module.n() >> log_batch).for_each(|i| {
|
||||
ct.encrypt_sk(
|
||||
&module,
|
||||
module,
|
||||
&pt,
|
||||
&sk_dft,
|
||||
&mut source_xa,
|
||||
@@ -85,13 +141,13 @@ fn apply() {
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
pt.rotate_inplace(&module, -(1 << log_batch)); // X^-batch * pt
|
||||
pt.rotate_inplace(module, -(1 << log_batch)); // X^-batch * pt
|
||||
|
||||
if reverse_bits_msb(i, log_n as u32) % 5 == 0 {
|
||||
packer.add(&module, Some(&ct), &auto_keys, scratch.borrow());
|
||||
packer.add(module, Some(&ct), &auto_keys, scratch.borrow());
|
||||
} else {
|
||||
packer.add(
|
||||
&module,
|
||||
module,
|
||||
None::<&GLWECiphertext<Vec<u8>>>,
|
||||
&auto_keys,
|
||||
scratch.borrow(),
|
||||
@@ -99,23 +155,24 @@ fn apply() {
|
||||
}
|
||||
});
|
||||
|
||||
let mut res = GLWECiphertext::alloc(&module, basek, k_ct, rank);
|
||||
packer.flush(&module, &mut res);
|
||||
let mut res = GLWECiphertext::alloc(module, basek, k_ct, rank);
|
||||
packer.flush(module, &mut res);
|
||||
|
||||
let mut pt_want: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k_ct);
|
||||
let mut pt_want: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(module, basek, k_ct);
|
||||
let mut data: Vec<i64> = vec![0i64; module.n()];
|
||||
data.iter_mut().enumerate().for_each(|(i, x)| {
|
||||
if i % 5 == 0 {
|
||||
*x = reverse_bits_msb(i, log_n as u32) as i64;
|
||||
}
|
||||
});
|
||||
pt_want.data.encode_vec_i64(0, basek, pt_k, &data, 32);
|
||||
|
||||
res.decrypt(&module, &mut pt, &sk_dft, scratch.borrow());
|
||||
module.encode_vec_i64(basek, &mut pt_want.data, 0, pt_k, &data, 32);
|
||||
|
||||
pt.sub_inplace_ab(&module, &pt_want);
|
||||
res.decrypt(module, &mut pt, &sk_dft, scratch.borrow());
|
||||
|
||||
let noise_have = pt.data.std(0, basek).log2();
|
||||
pt.sub_inplace_ab(module, &pt_want);
|
||||
|
||||
let noise_have: f64 = module.vec_znx_std(basek, &pt.data, 0).log2();
|
||||
// println!("noise_have: {}", noise_have);
|
||||
assert!(
|
||||
noise_have < -((k_ct - basek) as f64),
|
||||
|
||||
@@ -1,47 +1,97 @@
|
||||
use std::collections::HashMap;
|
||||
|
||||
use backend::{FFT64, FillUniform, Module, ScratchOwned, Stats, VecZnxOps, ZnxView, ZnxViewMut};
|
||||
use backend::{
|
||||
hal::{
|
||||
api::{
|
||||
MatZnxAlloc, ModuleNew, ScalarZnxAlloc, ScalarZnxAllocBytes, ScalarZnxAutomorphism, ScratchOwnedAlloc,
|
||||
ScratchOwnedBorrow, VecZnxAddScalarInplace, VecZnxAlloc, VecZnxAllocBytes, VecZnxBigAutomorphismInplace,
|
||||
VecZnxBigSubSmallBInplace, VecZnxCopy, VecZnxEncodeVeci64, VecZnxFillUniform, VecZnxNormalizeInplace,
|
||||
VecZnxRotateInplace, VecZnxRshInplace, VecZnxStd, VecZnxSubABInplace, VecZnxSwithcDegree, ZnxView, ZnxViewMut,
|
||||
},
|
||||
layouts::{Backend, Module, ScratchOwned},
|
||||
oep::{
|
||||
ScratchAvailableImpl, ScratchOwnedAllocImpl, ScratchOwnedBorrowImpl, TakeScalarZnxImpl, TakeSvpPPolImpl,
|
||||
TakeVecZnxBigImpl, TakeVecZnxDftImpl, TakeVecZnxImpl,
|
||||
},
|
||||
},
|
||||
implementation::cpu_spqlios::FFT64,
|
||||
};
|
||||
use sampling::source::Source;
|
||||
|
||||
use crate::{
|
||||
FourierGLWESecret, GLWEAutomorphismKey, GLWECiphertext, GLWEPlaintext, GLWESecret, Infos, noise::var_noise_gglwe_product,
|
||||
AutomorphismKey, AutomorphismKeyExec, GGLWEExecLayoutFamily, GLWECiphertext, GLWEDecryptFamily, GLWEKeyswitchFamily,
|
||||
GLWEPlaintext, GLWESecret, GLWESecretExec, GLWESecretFamily, GLWESwitchingKeyEncryptSkFamily, Infos,
|
||||
noise::var_noise_gglwe_product,
|
||||
};
|
||||
|
||||
#[test]
|
||||
fn apply_inplace() {
|
||||
let log_n: usize = 8;
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
(1..4).for_each(|rank| {
|
||||
println!("test trace_inplace rank: {}", rank);
|
||||
test_trace_inplace(log_n, 8, 54, 3.2, rank);
|
||||
test_trace_inplace(&module, 8, 54, 3.2, rank);
|
||||
});
|
||||
}
|
||||
|
||||
fn test_trace_inplace(log_n: usize, basek: usize, k: usize, sigma: f64, rank: usize) {
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
pub(crate) trait TraceTestModuleFamily<B: Backend> = GLWESecretFamily<B>
|
||||
+ GLWESwitchingKeyEncryptSkFamily<B>
|
||||
+ GLWEKeyswitchFamily<B>
|
||||
+ GLWEDecryptFamily<B>
|
||||
+ GGLWEExecLayoutFamily<B>
|
||||
+ MatZnxAlloc
|
||||
+ VecZnxAlloc
|
||||
+ ScalarZnxAlloc
|
||||
+ ScalarZnxAllocBytes
|
||||
+ VecZnxAllocBytes
|
||||
+ VecZnxStd
|
||||
+ VecZnxSwithcDegree
|
||||
+ VecZnxAddScalarInplace
|
||||
+ VecZnxEncodeVeci64
|
||||
+ ScalarZnxAutomorphism
|
||||
+ VecZnxRotateInplace
|
||||
+ VecZnxBigSubSmallBInplace<B>
|
||||
+ VecZnxBigAutomorphismInplace<B>
|
||||
+ VecZnxCopy
|
||||
+ VecZnxRshInplace;
|
||||
|
||||
pub(crate) trait TraceTestScratchFamily<B: Backend> = TakeVecZnxDftImpl<B>
|
||||
+ TakeVecZnxBigImpl<B>
|
||||
+ TakeSvpPPolImpl<B>
|
||||
+ ScratchOwnedAllocImpl<B>
|
||||
+ ScratchOwnedBorrowImpl<B>
|
||||
+ ScratchAvailableImpl<B>
|
||||
+ TakeScalarZnxImpl<B>
|
||||
+ TakeVecZnxImpl<B>;
|
||||
|
||||
fn test_trace_inplace<B: Backend>(module: &Module<B>, basek: usize, k: usize, sigma: f64, rank: usize)
|
||||
where
|
||||
Module<B>: TraceTestModuleFamily<B>,
|
||||
B: TraceTestScratchFamily<B>,
|
||||
{
|
||||
let k_autokey: usize = k + basek;
|
||||
|
||||
let digits: usize = 1;
|
||||
let rows: usize = k.div_ceil(basek * digits);
|
||||
|
||||
let mut ct: GLWECiphertext<Vec<u8>> = GLWECiphertext::alloc(&module, basek, k, rank);
|
||||
let mut pt_want: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k);
|
||||
let mut pt_have: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k);
|
||||
let mut ct: GLWECiphertext<Vec<u8>> = GLWECiphertext::alloc(module, basek, k, rank);
|
||||
let mut pt_want: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(module, basek, k);
|
||||
let mut pt_have: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(module, basek, k);
|
||||
|
||||
let mut source_xs: Source = Source::new([0u8; 32]);
|
||||
let mut source_xe: Source = Source::new([0u8; 32]);
|
||||
let mut source_xa: Source = Source::new([0u8; 32]);
|
||||
|
||||
let mut scratch: ScratchOwned = ScratchOwned::new(
|
||||
GLWECiphertext::encrypt_sk_scratch_space(&module, basek, ct.k())
|
||||
| GLWECiphertext::decrypt_scratch_space(&module, basek, ct.k())
|
||||
| GLWEAutomorphismKey::encrypt_sk_scratch_space(&module, basek, k_autokey, rank)
|
||||
| GLWECiphertext::trace_inplace_scratch_space(&module, basek, ct.k(), k_autokey, digits, rank),
|
||||
let mut scratch: ScratchOwned<B> = ScratchOwned::alloc(
|
||||
GLWECiphertext::encrypt_sk_scratch_space(module, basek, ct.k())
|
||||
| GLWECiphertext::decrypt_scratch_space(module, basek, ct.k())
|
||||
| AutomorphismKey::encrypt_sk_scratch_space(module, basek, k_autokey, rank)
|
||||
| GLWECiphertext::trace_inplace_scratch_space(module, basek, ct.k(), k_autokey, digits, rank),
|
||||
);
|
||||
|
||||
let mut sk: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank);
|
||||
let mut sk: GLWESecret<Vec<u8>> = GLWESecret::alloc(module, rank);
|
||||
sk.fill_ternary_prob(0.5, &mut source_xs);
|
||||
let sk_dft: FourierGLWESecret<Vec<u8>, FFT64> = FourierGLWESecret::from(&module, &sk);
|
||||
let sk_dft: GLWESecretExec<Vec<u8>, B> = GLWESecretExec::from(module, &sk);
|
||||
|
||||
let mut data_want: Vec<i64> = vec![0i64; module.n()];
|
||||
|
||||
@@ -49,12 +99,10 @@ fn test_trace_inplace(log_n: usize, basek: usize, k: usize, sigma: f64, rank: us
|
||||
.iter_mut()
|
||||
.for_each(|x| *x = source_xa.next_i64() & 0xFF);
|
||||
|
||||
pt_have
|
||||
.data
|
||||
.fill_uniform(basek, 0, pt_have.size(), &mut source_xa);
|
||||
module.vec_znx_fill_uniform(basek, &mut pt_have.data, 0, k, &mut source_xa);
|
||||
|
||||
ct.encrypt_sk(
|
||||
&module,
|
||||
module,
|
||||
&pt_have,
|
||||
&sk_dft,
|
||||
&mut source_xa,
|
||||
@@ -63,13 +111,12 @@ fn test_trace_inplace(log_n: usize, basek: usize, k: usize, sigma: f64, rank: us
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
let mut auto_keys: HashMap<i64, GLWEAutomorphismKey<Vec<u8>, FFT64>> = HashMap::new();
|
||||
let gal_els: Vec<i64> = GLWECiphertext::trace_galois_elements(&module);
|
||||
let mut auto_keys: HashMap<i64, AutomorphismKeyExec<Vec<u8>, B>> = HashMap::new();
|
||||
let gal_els: Vec<i64> = GLWECiphertext::trace_galois_elements(module);
|
||||
let mut tmp: AutomorphismKey<Vec<u8>> = AutomorphismKey::alloc(module, basek, k_autokey, rows, digits, rank);
|
||||
gal_els.iter().for_each(|gal_el| {
|
||||
let mut key: GLWEAutomorphismKey<Vec<u8>, FFT64> =
|
||||
GLWEAutomorphismKey::alloc(&module, basek, k_autokey, rows, digits, rank);
|
||||
key.encrypt_sk(
|
||||
&module,
|
||||
tmp.encrypt_sk(
|
||||
module,
|
||||
*gal_el,
|
||||
&sk,
|
||||
&mut source_xa,
|
||||
@@ -77,20 +124,21 @@ fn test_trace_inplace(log_n: usize, basek: usize, k: usize, sigma: f64, rank: us
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
auto_keys.insert(*gal_el, key);
|
||||
let atk_exec: AutomorphismKeyExec<Vec<u8>, B> = AutomorphismKeyExec::from(module, &tmp, scratch.borrow());
|
||||
auto_keys.insert(*gal_el, atk_exec);
|
||||
});
|
||||
|
||||
ct.trace_inplace(&module, 0, 5, &auto_keys, scratch.borrow());
|
||||
ct.trace_inplace(&module, 5, log_n, &auto_keys, scratch.borrow());
|
||||
ct.trace_inplace(module, 0, 5, &auto_keys, scratch.borrow());
|
||||
ct.trace_inplace(module, 5, module.log_n(), &auto_keys, scratch.borrow());
|
||||
|
||||
(0..pt_want.size()).for_each(|i| pt_want.data.at_mut(0, i)[0] = pt_have.data.at(0, i)[0]);
|
||||
|
||||
ct.decrypt(&module, &mut pt_have, &sk_dft, scratch.borrow());
|
||||
ct.decrypt(module, &mut pt_have, &sk_dft, scratch.borrow());
|
||||
|
||||
module.vec_znx_sub_ab_inplace(&mut pt_want.data, 0, &pt_have.data, 0);
|
||||
module.vec_znx_normalize_inplace(basek, &mut pt_want.data, 0, scratch.borrow());
|
||||
|
||||
let noise_have = pt_want.data.std(0, basek).log2();
|
||||
let noise_have: f64 = module.vec_znx_std(basek, &pt_want.data, 0).log2();
|
||||
|
||||
let mut noise_want: f64 = var_noise_gglwe_product(
|
||||
module.n() as f64,
|
||||
|
||||
@@ -1,11 +1,19 @@
|
||||
use std::collections::HashMap;
|
||||
|
||||
use backend::{FFT64, Module, Scratch};
|
||||
use backend::hal::{
|
||||
api::{ScratchAvailable, TakeVecZnxDft, VecZnxBigAutomorphismInplace, VecZnxCopy, VecZnxRshInplace},
|
||||
layouts::{Backend, DataMut, DataRef, Module, Scratch},
|
||||
};
|
||||
|
||||
use crate::{GLWEAutomorphismKey, GLWECiphertext, GLWECiphertextToMut, GLWECiphertextToRef, GLWEOps, Infos, SetMetaData};
|
||||
use crate::{
|
||||
AutomorphismKeyExec, GLWECiphertext, GLWECiphertextToMut, GLWECiphertextToRef, GLWEKeyswitchFamily, GLWEOps, Infos,
|
||||
SetMetaData,
|
||||
};
|
||||
|
||||
pub trait GLWETraceFamily<B: Backend> = GLWEKeyswitchFamily<B> + VecZnxCopy + VecZnxRshInplace + VecZnxBigAutomorphismInplace<B>;
|
||||
|
||||
impl GLWECiphertext<Vec<u8>> {
|
||||
pub fn trace_galois_elements(module: &Module<FFT64>) -> Vec<i64> {
|
||||
pub fn trace_galois_elements<B: Backend>(module: &Module<B>) -> Vec<i64> {
|
||||
let mut gal_els: Vec<i64> = Vec::new();
|
||||
(0..module.log_n()).for_each(|i| {
|
||||
if i == 0 {
|
||||
@@ -17,59 +25,70 @@ impl GLWECiphertext<Vec<u8>> {
|
||||
gal_els
|
||||
}
|
||||
|
||||
pub fn trace_scratch_space(
|
||||
module: &Module<FFT64>,
|
||||
pub fn trace_scratch_space<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
out_k: usize,
|
||||
in_k: usize,
|
||||
ksk_k: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> usize {
|
||||
) -> usize
|
||||
where
|
||||
Module<B>: GLWEKeyswitchFamily<B>,
|
||||
{
|
||||
Self::automorphism_inplace_scratch_space(module, basek, out_k.min(in_k), ksk_k, digits, rank)
|
||||
}
|
||||
|
||||
pub fn trace_inplace_scratch_space(
|
||||
module: &Module<FFT64>,
|
||||
pub fn trace_inplace_scratch_space<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
out_k: usize,
|
||||
ksk_k: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> usize {
|
||||
) -> usize
|
||||
where
|
||||
Module<B>: GLWEKeyswitchFamily<B>,
|
||||
{
|
||||
Self::automorphism_inplace_scratch_space(module, basek, out_k, ksk_k, digits, rank)
|
||||
}
|
||||
}
|
||||
|
||||
impl<DataSelf: AsRef<[u8]> + AsMut<[u8]>> GLWECiphertext<DataSelf>
|
||||
impl<DataSelf: DataMut> GLWECiphertext<DataSelf>
|
||||
where
|
||||
GLWECiphertext<DataSelf>: GLWECiphertextToMut + Infos + SetMetaData,
|
||||
{
|
||||
pub fn trace<DataLhs: AsRef<[u8]>, DataAK: AsRef<[u8]>>(
|
||||
pub fn trace<DataLhs: DataRef, DataAK: DataRef, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
module: &Module<B>,
|
||||
start: usize,
|
||||
end: usize,
|
||||
lhs: &GLWECiphertext<DataLhs>,
|
||||
auto_keys: &HashMap<i64, GLWEAutomorphismKey<DataAK, FFT64>>,
|
||||
scratch: &mut Scratch,
|
||||
auto_keys: &HashMap<i64, AutomorphismKeyExec<DataAK, B>>,
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
GLWECiphertext<DataLhs>: GLWECiphertextToRef + Infos,
|
||||
GLWECiphertext<DataLhs>: GLWECiphertextToRef + Infos + VecZnxRshInplace,
|
||||
Module<B>: GLWETraceFamily<B>,
|
||||
Scratch<B>: TakeVecZnxDft<B> + ScratchAvailable,
|
||||
{
|
||||
self.copy(module, lhs);
|
||||
self.trace_inplace(module, start, end, auto_keys, scratch);
|
||||
}
|
||||
|
||||
pub fn trace_inplace<DataAK: AsRef<[u8]>>(
|
||||
pub fn trace_inplace<DataAK: DataRef, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
module: &Module<B>,
|
||||
start: usize,
|
||||
end: usize,
|
||||
auto_keys: &HashMap<i64, GLWEAutomorphismKey<DataAK, FFT64>>,
|
||||
scratch: &mut Scratch,
|
||||
) {
|
||||
auto_keys: &HashMap<i64, AutomorphismKeyExec<DataAK, B>>,
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
Module<B>: GLWETraceFamily<B>,
|
||||
Scratch<B>: TakeVecZnxDft<B> + ScratchAvailable,
|
||||
{
|
||||
(start..end).for_each(|i| {
|
||||
self.rsh(1, scratch);
|
||||
self.rsh(module, 1);
|
||||
|
||||
let p: i64;
|
||||
if i == 0 {
|
||||
|
||||
351
core/src/lib.rs
351
core/src/lib.rs
@@ -1,337 +1,22 @@
|
||||
pub mod blind_rotation;
|
||||
pub mod dist;
|
||||
pub mod elem;
|
||||
pub mod fourier_glwe;
|
||||
pub mod gglwe;
|
||||
pub mod ggsw;
|
||||
pub mod glwe;
|
||||
pub mod lwe;
|
||||
pub mod noise;
|
||||
|
||||
use backend::Backend;
|
||||
use backend::FFT64;
|
||||
use backend::Module;
|
||||
pub use blind_rotation::{BlindRotationKeyCGGI, LookUpTable, cggi_blind_rotate, cggi_blind_rotate_scratch_space};
|
||||
pub use elem::{GetRow, Infos, SetMetaData, SetRow};
|
||||
pub use fourier_glwe::{FourierGLWECiphertext, FourierGLWESecret};
|
||||
pub use gglwe::{GGLWECiphertext, GLWEAutomorphismKey, GLWESwitchingKey, GLWETensorKey};
|
||||
pub use ggsw::GGSWCiphertext;
|
||||
pub use glwe::{GLWECiphertext, GLWEOps, GLWEPacker, GLWEPlaintext, GLWEPublicKey, GLWESecret};
|
||||
pub use lwe::{LWECiphertext, LWESecret};
|
||||
|
||||
pub use backend;
|
||||
pub use backend::Scratch;
|
||||
pub use backend::ScratchOwned;
|
||||
pub(crate) use glwe::{GLWECiphertextToMut, GLWECiphertextToRef};
|
||||
#![feature(trait_alias)]
|
||||
mod blind_rotation;
|
||||
mod dist;
|
||||
mod elem;
|
||||
mod gglwe;
|
||||
mod ggsw;
|
||||
mod glwe;
|
||||
mod lwe;
|
||||
mod noise;
|
||||
mod scratch;
|
||||
|
||||
use crate::dist::Distribution;
|
||||
|
||||
pub use blind_rotation::*;
|
||||
pub use elem::*;
|
||||
pub use gglwe::*;
|
||||
pub use ggsw::*;
|
||||
pub use glwe::*;
|
||||
pub use lwe::*;
|
||||
pub use scratch::*;
|
||||
|
||||
pub(crate) const SIX_SIGMA: f64 = 6.0;
|
||||
|
||||
pub trait ScratchCore<B: Backend> {
|
||||
fn tmp_glwe_ct(&mut self, module: &Module<B>, basek: usize, k: usize, rank: usize) -> (GLWECiphertext<&mut [u8]>, &mut Self);
|
||||
fn tmp_vec_glwe_ct(
|
||||
&mut self,
|
||||
size: usize,
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rank: usize,
|
||||
) -> (Vec<GLWECiphertext<&mut [u8]>>, &mut Self);
|
||||
fn tmp_glwe_pt(&mut self, module: &Module<B>, basek: usize, k: usize) -> (GLWEPlaintext<&mut [u8]>, &mut Self);
|
||||
fn tmp_gglwe(
|
||||
&mut self,
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rows: usize,
|
||||
digits: usize,
|
||||
rank_in: usize,
|
||||
rank_out: usize,
|
||||
) -> (GGLWECiphertext<&mut [u8], B>, &mut Self);
|
||||
fn tmp_ggsw(
|
||||
&mut self,
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rows: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> (GGSWCiphertext<&mut [u8], B>, &mut Self);
|
||||
fn tmp_fourier_glwe_ct(
|
||||
&mut self,
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rank: usize,
|
||||
) -> (FourierGLWECiphertext<&mut [u8], B>, &mut Self);
|
||||
fn tmp_slice_fourier_glwe_ct(
|
||||
&mut self,
|
||||
size: usize,
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rank: usize,
|
||||
) -> (Vec<FourierGLWECiphertext<&mut [u8], B>>, &mut Self);
|
||||
fn tmp_glwe_secret(&mut self, module: &Module<B>, rank: usize) -> (GLWESecret<&mut [u8]>, &mut Self);
|
||||
fn tmp_fourier_glwe_secret(&mut self, module: &Module<B>, rank: usize) -> (FourierGLWESecret<&mut [u8], B>, &mut Self);
|
||||
fn tmp_glwe_pk(
|
||||
&mut self,
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rank: usize,
|
||||
) -> (GLWEPublicKey<&mut [u8], B>, &mut Self);
|
||||
fn tmp_glwe_ksk(
|
||||
&mut self,
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rows: usize,
|
||||
digits: usize,
|
||||
rank_in: usize,
|
||||
rank_out: usize,
|
||||
) -> (GLWESwitchingKey<&mut [u8], B>, &mut Self);
|
||||
fn tmp_tsk(
|
||||
&mut self,
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rows: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> (GLWETensorKey<&mut [u8], B>, &mut Self);
|
||||
fn tmp_autokey(
|
||||
&mut self,
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rows: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> (GLWEAutomorphismKey<&mut [u8], B>, &mut Self);
|
||||
}
|
||||
|
||||
impl ScratchCore<FFT64> for Scratch {
|
||||
fn tmp_glwe_ct(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rank: usize,
|
||||
) -> (GLWECiphertext<&mut [u8]>, &mut Self) {
|
||||
let (data, scratch) = self.tmp_vec_znx(module, rank + 1, k.div_ceil(basek));
|
||||
(GLWECiphertext { data, basek, k }, scratch)
|
||||
}
|
||||
|
||||
fn tmp_vec_glwe_ct(
|
||||
&mut self,
|
||||
size: usize,
|
||||
module: &Module<FFT64>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rank: usize,
|
||||
) -> (Vec<GLWECiphertext<&mut [u8]>>, &mut Self) {
|
||||
let mut scratch: &mut Scratch = self;
|
||||
let mut cts: Vec<GLWECiphertext<&mut [u8]>> = Vec::with_capacity(size);
|
||||
for _ in 0..size {
|
||||
let (ct, new_scratch) = scratch.tmp_glwe_ct(module, basek, k, rank);
|
||||
scratch = new_scratch;
|
||||
cts.push(ct);
|
||||
}
|
||||
(cts, scratch)
|
||||
}
|
||||
|
||||
fn tmp_glwe_pt(&mut self, module: &Module<FFT64>, basek: usize, k: usize) -> (GLWEPlaintext<&mut [u8]>, &mut Self) {
|
||||
let (data, scratch) = self.tmp_vec_znx(module, 1, k.div_ceil(basek));
|
||||
(GLWEPlaintext { data, basek, k }, scratch)
|
||||
}
|
||||
|
||||
fn tmp_gglwe(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rows: usize,
|
||||
digits: usize,
|
||||
rank_in: usize,
|
||||
rank_out: usize,
|
||||
) -> (GGLWECiphertext<&mut [u8], FFT64>, &mut Self) {
|
||||
let (data, scratch) = self.tmp_mat_znx_dft(
|
||||
module,
|
||||
rows.div_ceil(digits),
|
||||
rank_in,
|
||||
rank_out + 1,
|
||||
k.div_ceil(basek),
|
||||
);
|
||||
(
|
||||
GGLWECiphertext {
|
||||
data: data,
|
||||
basek: basek,
|
||||
k,
|
||||
digits,
|
||||
},
|
||||
scratch,
|
||||
)
|
||||
}
|
||||
|
||||
fn tmp_ggsw(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rows: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> (GGSWCiphertext<&mut [u8], FFT64>, &mut Self) {
|
||||
let (data, scratch) = self.tmp_mat_znx_dft(
|
||||
module,
|
||||
rows.div_ceil(digits),
|
||||
rank + 1,
|
||||
rank + 1,
|
||||
k.div_ceil(basek),
|
||||
);
|
||||
(
|
||||
GGSWCiphertext {
|
||||
data,
|
||||
basek,
|
||||
k,
|
||||
digits,
|
||||
},
|
||||
scratch,
|
||||
)
|
||||
}
|
||||
|
||||
fn tmp_fourier_glwe_ct(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rank: usize,
|
||||
) -> (FourierGLWECiphertext<&mut [u8], FFT64>, &mut Self) {
|
||||
let (data, scratch) = self.tmp_vec_znx_dft(module, rank + 1, k.div_ceil(basek));
|
||||
(FourierGLWECiphertext { data, basek, k }, scratch)
|
||||
}
|
||||
|
||||
fn tmp_slice_fourier_glwe_ct(
|
||||
&mut self,
|
||||
size: usize,
|
||||
module: &Module<FFT64>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rank: usize,
|
||||
) -> (Vec<FourierGLWECiphertext<&mut [u8], FFT64>>, &mut Self) {
|
||||
let mut scratch: &mut Scratch = self;
|
||||
let mut cts: Vec<FourierGLWECiphertext<&mut [u8], FFT64>> = Vec::with_capacity(size);
|
||||
for _ in 0..size {
|
||||
let (ct, new_scratch) = scratch.tmp_fourier_glwe_ct(module, basek, k, rank);
|
||||
scratch = new_scratch;
|
||||
cts.push(ct);
|
||||
}
|
||||
(cts, scratch)
|
||||
}
|
||||
|
||||
fn tmp_glwe_pk(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rank: usize,
|
||||
) -> (GLWEPublicKey<&mut [u8], FFT64>, &mut Self) {
|
||||
let (data, scratch) = self.tmp_fourier_glwe_ct(module, basek, k, rank);
|
||||
(
|
||||
GLWEPublicKey {
|
||||
data,
|
||||
dist: Distribution::NONE,
|
||||
},
|
||||
scratch,
|
||||
)
|
||||
}
|
||||
|
||||
fn tmp_glwe_secret(&mut self, module: &Module<FFT64>, rank: usize) -> (GLWESecret<&mut [u8]>, &mut Self) {
|
||||
let (data, scratch) = self.tmp_scalar_znx(module, rank);
|
||||
(
|
||||
GLWESecret {
|
||||
data,
|
||||
dist: Distribution::NONE,
|
||||
},
|
||||
scratch,
|
||||
)
|
||||
}
|
||||
|
||||
fn tmp_fourier_glwe_secret(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
rank: usize,
|
||||
) -> (FourierGLWESecret<&mut [u8], FFT64>, &mut Self) {
|
||||
let (data, scratch) = self.tmp_scalar_znx_dft(module, rank);
|
||||
(
|
||||
FourierGLWESecret {
|
||||
data,
|
||||
dist: Distribution::NONE,
|
||||
},
|
||||
scratch,
|
||||
)
|
||||
}
|
||||
|
||||
fn tmp_glwe_ksk(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rows: usize,
|
||||
digits: usize,
|
||||
rank_in: usize,
|
||||
rank_out: usize,
|
||||
) -> (GLWESwitchingKey<&mut [u8], FFT64>, &mut Self) {
|
||||
let (data, scratch) = self.tmp_gglwe(module, basek, k, rows, digits, rank_in, rank_out);
|
||||
(
|
||||
GLWESwitchingKey {
|
||||
key: data,
|
||||
sk_in_n: 0,
|
||||
sk_out_n: 0,
|
||||
},
|
||||
scratch,
|
||||
)
|
||||
}
|
||||
|
||||
fn tmp_autokey(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rows: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> (GLWEAutomorphismKey<&mut [u8], FFT64>, &mut Self) {
|
||||
let (data, scratch) = self.tmp_glwe_ksk(module, basek, k, rows, digits, rank, rank);
|
||||
(GLWEAutomorphismKey { key: data, p: 0 }, scratch)
|
||||
}
|
||||
|
||||
fn tmp_tsk(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rows: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> (GLWETensorKey<&mut [u8], FFT64>, &mut Self) {
|
||||
let mut keys: Vec<GLWESwitchingKey<&mut [u8], FFT64>> = Vec::new();
|
||||
let pairs: usize = (((rank + 1) * rank) >> 1).max(1);
|
||||
|
||||
let mut scratch: &mut Scratch = self;
|
||||
|
||||
if pairs != 0 {
|
||||
let (gglwe, s) = scratch.tmp_glwe_ksk(module, basek, k, rows, digits, 1, rank);
|
||||
scratch = s;
|
||||
keys.push(gglwe);
|
||||
}
|
||||
for _ in 1..pairs {
|
||||
let (gglwe, s) = scratch.tmp_glwe_ksk(module, basek, k, rows, digits, 1, rank);
|
||||
scratch = s;
|
||||
keys.push(gglwe);
|
||||
}
|
||||
(GLWETensorKey { keys }, scratch)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,8 +1,11 @@
|
||||
use backend::{VecZnx, VecZnxToMut, VecZnxToRef};
|
||||
use backend::hal::{
|
||||
api::ZnxInfos,
|
||||
layouts::{Data, DataMut, DataRef, ReaderFrom, VecZnx, VecZnxToMut, VecZnxToRef, WriterTo},
|
||||
};
|
||||
|
||||
use crate::{Infos, SetMetaData};
|
||||
|
||||
pub struct LWECiphertext<D> {
|
||||
pub struct LWECiphertext<D: Data> {
|
||||
pub(crate) data: VecZnx<D>,
|
||||
pub(crate) k: usize,
|
||||
pub(crate) basek: usize,
|
||||
@@ -18,11 +21,14 @@ impl LWECiphertext<Vec<u8>> {
|
||||
}
|
||||
}
|
||||
|
||||
impl<T> Infos for LWECiphertext<T> {
|
||||
type Inner = VecZnx<T>;
|
||||
impl<D: Data> Infos for LWECiphertext<D>
|
||||
where
|
||||
VecZnx<D>: ZnxInfos,
|
||||
{
|
||||
type Inner = VecZnx<D>;
|
||||
|
||||
fn n(&self) -> usize {
|
||||
&self.inner().n - 1
|
||||
&self.inner().n() - 1
|
||||
}
|
||||
|
||||
fn inner(&self) -> &Self::Inner {
|
||||
@@ -38,7 +44,7 @@ impl<T> Infos for LWECiphertext<T> {
|
||||
}
|
||||
}
|
||||
|
||||
impl<DataSelf: AsMut<[u8]> + AsRef<[u8]>> SetMetaData for LWECiphertext<DataSelf> {
|
||||
impl<DataSelf: DataMut> SetMetaData for LWECiphertext<DataSelf> {
|
||||
fn set_k(&mut self, k: usize) {
|
||||
self.k = k
|
||||
}
|
||||
@@ -52,7 +58,7 @@ pub trait LWECiphertextToRef {
|
||||
fn to_ref(&self) -> LWECiphertext<&[u8]>;
|
||||
}
|
||||
|
||||
impl<D: AsRef<[u8]>> LWECiphertextToRef for LWECiphertext<D> {
|
||||
impl<D: DataRef> LWECiphertextToRef for LWECiphertext<D> {
|
||||
fn to_ref(&self) -> LWECiphertext<&[u8]> {
|
||||
LWECiphertext {
|
||||
data: self.data.to_ref(),
|
||||
@@ -63,10 +69,11 @@ impl<D: AsRef<[u8]>> LWECiphertextToRef for LWECiphertext<D> {
|
||||
}
|
||||
|
||||
pub trait LWECiphertextToMut {
|
||||
#[allow(dead_code)]
|
||||
fn to_mut(&mut self) -> LWECiphertext<&mut [u8]>;
|
||||
}
|
||||
|
||||
impl<D: AsMut<[u8]> + AsRef<[u8]>> LWECiphertextToMut for LWECiphertext<D> {
|
||||
impl<D: DataMut> LWECiphertextToMut for LWECiphertext<D> {
|
||||
fn to_mut(&mut self) -> LWECiphertext<&mut [u8]> {
|
||||
LWECiphertext {
|
||||
data: self.data.to_mut(),
|
||||
@@ -75,3 +82,21 @@ impl<D: AsMut<[u8]> + AsRef<[u8]>> LWECiphertextToMut for LWECiphertext<D> {
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
use byteorder::{LittleEndian, ReadBytesExt, WriteBytesExt};
|
||||
|
||||
impl<D: DataMut> ReaderFrom for LWECiphertext<D> {
|
||||
fn read_from<R: std::io::Read>(&mut self, reader: &mut R) -> std::io::Result<()> {
|
||||
self.k = reader.read_u64::<LittleEndian>()? as usize;
|
||||
self.basek = reader.read_u64::<LittleEndian>()? as usize;
|
||||
self.data.read_from(reader)
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: DataRef> WriterTo for LWECiphertext<D> {
|
||||
fn write_to<W: std::io::Write>(&self, writer: &mut W) -> std::io::Result<()> {
|
||||
writer.write_u64::<LittleEndian>(self.k as u64)?;
|
||||
writer.write_u64::<LittleEndian>(self.basek as u64)?;
|
||||
self.data.write_to(writer)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,15 +1,21 @@
|
||||
use backend::{ZnxView, ZnxViewMut, alloc_aligned};
|
||||
use backend::hal::{
|
||||
api::{ScratchOwnedAlloc, ScratchOwnedBorrow, VecZnxNormalizeInplace, ZnxView, ZnxViewMut},
|
||||
layouts::{Backend, DataMut, DataRef, Module, ScratchOwned},
|
||||
oep::{ScratchOwnedAllocImpl, ScratchOwnedBorrowImpl},
|
||||
};
|
||||
|
||||
use crate::{Infos, LWECiphertext, LWESecret, SetMetaData, lwe::LWEPlaintext};
|
||||
|
||||
impl<DataSelf> LWECiphertext<DataSelf>
|
||||
where
|
||||
DataSelf: AsRef<[u8]>,
|
||||
DataSelf: DataRef,
|
||||
{
|
||||
pub fn decrypt<DataPt, DataSk>(&self, pt: &mut LWEPlaintext<DataPt>, sk: &LWESecret<DataSk>)
|
||||
pub fn decrypt<DataPt, DataSk, B: Backend>(&self, module: &Module<B>, pt: &mut LWEPlaintext<DataPt>, sk: &LWESecret<DataSk>)
|
||||
where
|
||||
DataPt: AsRef<[u8]> + AsMut<[u8]>,
|
||||
DataSk: AsRef<[u8]>,
|
||||
DataPt: DataMut,
|
||||
DataSk: DataRef,
|
||||
Module<B>: VecZnxNormalizeInplace<B>,
|
||||
B: ScratchOwnedAllocImpl<B> + ScratchOwnedBorrowImpl<B>,
|
||||
{
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
@@ -24,10 +30,12 @@ where
|
||||
.map(|(x, y)| x * y)
|
||||
.sum::<i64>();
|
||||
});
|
||||
|
||||
let mut tmp_bytes: Vec<u8> = alloc_aligned(size_of::<i64>());
|
||||
pt.data.normalize(self.basek(), 0, &mut tmp_bytes);
|
||||
|
||||
module.vec_znx_normalize_inplace(
|
||||
self.basek(),
|
||||
&mut pt.data,
|
||||
0,
|
||||
ScratchOwned::alloc(size_of::<i64>()).borrow(),
|
||||
);
|
||||
pt.set_basek(self.basek());
|
||||
pt.set_k(self.k().min(pt.size() * self.basek()));
|
||||
}
|
||||
|
||||
@@ -1,22 +1,28 @@
|
||||
use backend::{AddNormal, FillUniform, VecZnx, ZnxView, ZnxViewMut, alloc_aligned};
|
||||
use backend::hal::{
|
||||
api::{
|
||||
ScratchOwnedAlloc, ScratchOwnedBorrow, VecZnxAddNormal, VecZnxFillUniform, VecZnxNormalizeInplace, ZnxView, ZnxViewMut,
|
||||
},
|
||||
layouts::{Backend, DataMut, DataRef, Module, ScratchOwned, VecZnx},
|
||||
oep::{ScratchOwnedAllocImpl, ScratchOwnedBorrowImpl},
|
||||
};
|
||||
use sampling::source::Source;
|
||||
|
||||
use crate::{Infos, LWECiphertext, LWESecret, SIX_SIGMA, lwe::LWEPlaintext};
|
||||
|
||||
impl<DataSelf> LWECiphertext<DataSelf>
|
||||
where
|
||||
DataSelf: AsMut<[u8]> + AsRef<[u8]>,
|
||||
{
|
||||
pub fn encrypt_sk<DataPt, DataSk>(
|
||||
impl<DataSelf: DataMut> LWECiphertext<DataSelf> {
|
||||
pub fn encrypt_sk<DataPt, DataSk, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<B>,
|
||||
pt: &LWEPlaintext<DataPt>,
|
||||
sk: &LWESecret<DataSk>,
|
||||
source_xa: &mut Source,
|
||||
source_xe: &mut Source,
|
||||
sigma: f64,
|
||||
) where
|
||||
DataPt: AsRef<[u8]>,
|
||||
DataSk: AsRef<[u8]>,
|
||||
DataPt: DataRef,
|
||||
DataSk: DataRef,
|
||||
Module<B>: VecZnxFillUniform + VecZnxAddNormal + VecZnxNormalizeInplace<B>,
|
||||
B: ScratchOwnedAllocImpl<B> + ScratchOwnedBorrowImpl<B>,
|
||||
{
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
@@ -24,8 +30,10 @@ where
|
||||
}
|
||||
|
||||
let basek: usize = self.basek();
|
||||
let k: usize = self.k();
|
||||
|
||||
module.vec_znx_fill_uniform(basek, &mut self.data, 0, k, source_xa);
|
||||
|
||||
self.data.fill_uniform(basek, 0, self.size(), source_xa);
|
||||
let mut tmp_znx: VecZnx<Vec<u8>> = VecZnx::<Vec<u8>>::new::<i64>(1, 1, self.size());
|
||||
|
||||
let min_size = self.size().min(pt.size());
|
||||
@@ -47,11 +55,22 @@ where
|
||||
.sum::<i64>();
|
||||
});
|
||||
|
||||
tmp_znx.add_normal(basek, 0, self.k(), source_xe, sigma, sigma * SIX_SIGMA);
|
||||
module.vec_znx_add_normal(
|
||||
basek,
|
||||
&mut self.data,
|
||||
0,
|
||||
k,
|
||||
source_xe,
|
||||
sigma,
|
||||
sigma * SIX_SIGMA,
|
||||
);
|
||||
|
||||
let mut tmp_bytes: Vec<u8> = alloc_aligned(size_of::<i64>());
|
||||
|
||||
tmp_znx.normalize(basek, 0, &mut tmp_bytes);
|
||||
module.vec_znx_normalize_inplace(
|
||||
basek,
|
||||
&mut tmp_znx,
|
||||
0,
|
||||
ScratchOwned::alloc(size_of::<i64>()).borrow(),
|
||||
);
|
||||
|
||||
(0..self.size()).for_each(|i| {
|
||||
self.data.at_mut(0, i)[0] = tmp_znx.at(0, i)[0];
|
||||
|
||||
@@ -1,55 +1,137 @@
|
||||
use backend::{Backend, FFT64, Module, Scratch, VecZnxOps, ZnxView, ZnxViewMut, ZnxZero};
|
||||
use backend::hal::{
|
||||
api::{
|
||||
MatZnxAlloc, ScalarZnxAllocBytes, ScratchAvailable, TakeScalarZnx, TakeVecZnx, TakeVecZnxDft, VecZnxAddScalarInplace,
|
||||
VecZnxAllocBytes, VecZnxAutomorphismInplace, VecZnxSwithcDegree, ZnxView, ZnxViewMut, ZnxZero,
|
||||
},
|
||||
layouts::{Backend, Data, DataMut, DataRef, Module, ReaderFrom, Scratch, WriterTo},
|
||||
};
|
||||
use sampling::source::Source;
|
||||
|
||||
use crate::{FourierGLWESecret, GLWECiphertext, GLWESecret, GLWESwitchingKey, Infos, LWECiphertext, LWESecret, ScratchCore};
|
||||
use crate::{
|
||||
GGLWEEncryptSkFamily, GGLWEExecLayoutFamily, GLWECiphertext, GLWEKeyswitchFamily, GLWESecret, GLWESecretExec,
|
||||
GLWESwitchingKey, GLWESwitchingKeyExec, Infos, LWECiphertext, LWESecret, TakeGLWECt, TakeGLWESecret, TakeGLWESecretExec,
|
||||
};
|
||||
|
||||
/// A special [GLWESwitchingKey] required to for the conversion from [GLWECiphertext] to [LWECiphertext].
|
||||
pub struct GLWEToLWESwitchingKey<D, B: Backend>(GLWESwitchingKey<D, B>);
|
||||
#[derive(PartialEq, Eq)]
|
||||
pub struct GLWEToLWESwitchingKey<D: Data>(GLWESwitchingKey<D>);
|
||||
|
||||
impl GLWEToLWESwitchingKey<Vec<u8>, FFT64> {
|
||||
pub fn alloc(module: &Module<FFT64>, basek: usize, k: usize, rows: usize, rank: usize) -> Self {
|
||||
Self(GLWESwitchingKey::alloc(module, basek, k, rows, 1, rank, 1))
|
||||
}
|
||||
|
||||
pub fn encrypt_sk_scratch_space(module: &Module<FFT64>, basek: usize, k: usize, rank: usize) -> usize {
|
||||
FourierGLWESecret::bytes_of(module, rank)
|
||||
+ (GLWESwitchingKey::encrypt_sk_scratch_space(module, basek, k, rank, rank) | GLWESecret::bytes_of(module, rank))
|
||||
impl<D: DataMut> ReaderFrom for GLWEToLWESwitchingKey<D> {
|
||||
fn read_from<R: std::io::Read>(&mut self, reader: &mut R) -> std::io::Result<()> {
|
||||
self.0.read_from(reader)
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: AsMut<[u8]> + AsRef<[u8]>> GLWEToLWESwitchingKey<D, FFT64> {
|
||||
pub fn encrypt_sk<DLwe, DGlwe>(
|
||||
impl<D: DataRef> WriterTo for GLWEToLWESwitchingKey<D> {
|
||||
fn write_to<W: std::io::Write>(&self, writer: &mut W) -> std::io::Result<()> {
|
||||
self.0.write_to(writer)
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(PartialEq, Eq)]
|
||||
pub struct GLWEToLWESwitchingKeyExec<D: Data, B: Backend>(GLWESwitchingKeyExec<D, B>);
|
||||
|
||||
impl<B: Backend> GLWEToLWESwitchingKeyExec<Vec<u8>, B> {
|
||||
pub fn alloc(module: &Module<B>, basek: usize, k: usize, rows: usize, rank_in: usize) -> Self
|
||||
where
|
||||
Module<B>: GGLWEExecLayoutFamily<B>,
|
||||
{
|
||||
Self(GLWESwitchingKeyExec::alloc(
|
||||
module, basek, k, rows, 1, rank_in, 1,
|
||||
))
|
||||
}
|
||||
|
||||
pub fn bytes_of(module: &Module<B>, basek: usize, k: usize, rows: usize, digits: usize, rank_in: usize) -> usize
|
||||
where
|
||||
Module<B>: GGLWEExecLayoutFamily<B>,
|
||||
{
|
||||
GLWESwitchingKeyExec::<Vec<u8>, B>::bytes_of(module, basek, k, rows, digits, rank_in, 1)
|
||||
}
|
||||
|
||||
pub fn from<DataOther: DataRef>(
|
||||
module: &Module<B>,
|
||||
other: &GLWEToLWESwitchingKey<DataOther>,
|
||||
scratch: &mut Scratch<B>,
|
||||
) -> Self
|
||||
where
|
||||
Module<B>: GGLWEExecLayoutFamily<B>,
|
||||
{
|
||||
let mut ksk_exec: GLWEToLWESwitchingKeyExec<Vec<u8>, B> = Self::alloc(
|
||||
module,
|
||||
other.0.basek(),
|
||||
other.0.k(),
|
||||
other.0.rows(),
|
||||
other.0.rank_in(),
|
||||
);
|
||||
ksk_exec.prepare(module, other, scratch);
|
||||
ksk_exec
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: DataMut, B: Backend> GLWEToLWESwitchingKeyExec<D, B> {
|
||||
pub fn prepare<DataOther>(&mut self, module: &Module<B>, other: &GLWEToLWESwitchingKey<DataOther>, scratch: &mut Scratch<B>)
|
||||
where
|
||||
DataOther: DataRef,
|
||||
Module<B>: GGLWEExecLayoutFamily<B>,
|
||||
{
|
||||
self.0.prepare(module, &other.0, scratch);
|
||||
}
|
||||
}
|
||||
|
||||
impl GLWEToLWESwitchingKey<Vec<u8>> {
|
||||
pub fn alloc<B: Backend>(module: &Module<B>, basek: usize, k: usize, rows: usize, rank_in: usize) -> Self
|
||||
where
|
||||
Module<B>: MatZnxAlloc,
|
||||
{
|
||||
Self(GLWESwitchingKey::alloc(
|
||||
module, basek, k, rows, 1, rank_in, 1,
|
||||
))
|
||||
}
|
||||
|
||||
pub fn encrypt_sk_scratch_space<B: Backend>(module: &Module<B>, basek: usize, k: usize, rank_in: usize) -> usize
|
||||
where
|
||||
Module<B>: GGLWEEncryptSkFamily<B> + ScalarZnxAllocBytes + VecZnxAllocBytes,
|
||||
{
|
||||
GLWESecretExec::bytes_of(module, rank_in)
|
||||
+ (GLWESwitchingKey::encrypt_sk_scratch_space(module, basek, k, rank_in, 1) | GLWESecret::bytes_of(module, rank_in))
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: DataMut> GLWEToLWESwitchingKey<D> {
|
||||
pub fn encrypt_sk<DLwe, DGlwe, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
module: &Module<B>,
|
||||
sk_lwe: &LWESecret<DLwe>,
|
||||
sk_glwe: &GLWESecret<DGlwe>,
|
||||
source_xa: &mut Source,
|
||||
source_xe: &mut Source,
|
||||
sigma: f64,
|
||||
scratch: &mut Scratch,
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
DLwe: AsRef<[u8]>,
|
||||
DGlwe: AsRef<[u8]>,
|
||||
DLwe: DataRef,
|
||||
DGlwe: DataRef,
|
||||
Module<B>: GGLWEEncryptSkFamily<B>
|
||||
+ VecZnxAutomorphismInplace
|
||||
+ ScalarZnxAllocBytes
|
||||
+ VecZnxSwithcDegree
|
||||
+ VecZnxAllocBytes
|
||||
+ VecZnxAddScalarInplace,
|
||||
Scratch<B>: ScratchAvailable + TakeScalarZnx<B> + TakeVecZnxDft<B> + TakeGLWESecretExec<B> + TakeVecZnx<B>,
|
||||
{
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
assert!(sk_lwe.n() <= module.n());
|
||||
}
|
||||
|
||||
let (mut sk_lwe_as_glwe_dft, scratch1) = scratch.tmp_fourier_glwe_secret(module, 1);
|
||||
|
||||
{
|
||||
let (mut sk_lwe_as_glwe, _) = scratch1.tmp_glwe_secret(module, 1);
|
||||
sk_lwe_as_glwe.data.zero();
|
||||
sk_lwe_as_glwe.data.at_mut(0, 0)[..sk_lwe.n()].copy_from_slice(sk_lwe.data.at(0, 0));
|
||||
module.vec_znx_automorphism_inplace(-1, &mut sk_lwe_as_glwe.data, 0);
|
||||
sk_lwe_as_glwe_dft.set(module, &sk_lwe_as_glwe);
|
||||
}
|
||||
let (mut sk_lwe_as_glwe, scratch1) = scratch.take_glwe_secret(module, 1);
|
||||
sk_lwe_as_glwe.data.zero();
|
||||
sk_lwe_as_glwe.data.at_mut(0, 0)[..sk_lwe.n()].copy_from_slice(sk_lwe.data.at(0, 0));
|
||||
module.vec_znx_automorphism_inplace(-1, &mut sk_lwe_as_glwe.data, 0);
|
||||
|
||||
self.0.encrypt_sk(
|
||||
module,
|
||||
sk_glwe,
|
||||
&sk_lwe_as_glwe_dft,
|
||||
&sk_lwe_as_glwe,
|
||||
source_xa,
|
||||
source_xe,
|
||||
sigma,
|
||||
@@ -59,38 +141,115 @@ impl<D: AsMut<[u8]> + AsRef<[u8]>> GLWEToLWESwitchingKey<D, FFT64> {
|
||||
}
|
||||
|
||||
/// A special [GLWESwitchingKey] required to for the conversion from [LWECiphertext] to [GLWECiphertext].
|
||||
pub struct LWEToGLWESwitchingKey<D, B: Backend>(GLWESwitchingKey<D, B>);
|
||||
#[derive(PartialEq, Eq)]
|
||||
pub struct LWEToGLWESwitchingKeyExec<D: Data, B: Backend>(GLWESwitchingKeyExec<D, B>);
|
||||
|
||||
impl LWEToGLWESwitchingKey<Vec<u8>, FFT64> {
|
||||
pub fn alloc(module: &Module<FFT64>, basek: usize, k: usize, rows: usize, rank: usize) -> Self {
|
||||
Self(GLWESwitchingKey::alloc(module, basek, k, rows, 1, 1, rank))
|
||||
impl<B: Backend> LWEToGLWESwitchingKeyExec<Vec<u8>, B> {
|
||||
pub fn alloc(module: &Module<B>, basek: usize, k: usize, rows: usize, rank_out: usize) -> Self
|
||||
where
|
||||
Module<B>: GGLWEExecLayoutFamily<B>,
|
||||
{
|
||||
Self(GLWESwitchingKeyExec::alloc(
|
||||
module, basek, k, rows, 1, 1, rank_out,
|
||||
))
|
||||
}
|
||||
|
||||
pub fn encrypt_sk_scratch_space(module: &Module<FFT64>, basek: usize, k: usize, rank: usize) -> usize {
|
||||
GLWESwitchingKey::encrypt_sk_scratch_space(module, basek, k, 1, rank) + GLWESecret::bytes_of(module, 1)
|
||||
pub fn bytes_of(module: &Module<B>, basek: usize, k: usize, rows: usize, digits: usize, rank_out: usize) -> usize
|
||||
where
|
||||
Module<B>: GGLWEExecLayoutFamily<B>,
|
||||
{
|
||||
GLWESwitchingKeyExec::<Vec<u8>, B>::bytes_of(module, basek, k, rows, digits, 1, rank_out)
|
||||
}
|
||||
|
||||
pub fn from<DataOther: DataRef>(
|
||||
module: &Module<B>,
|
||||
other: &LWEToGLWESwitchingKey<DataOther>,
|
||||
scratch: &mut Scratch<B>,
|
||||
) -> Self
|
||||
where
|
||||
Module<B>: GGLWEExecLayoutFamily<B>,
|
||||
{
|
||||
let mut ksk_exec: LWEToGLWESwitchingKeyExec<Vec<u8>, B> = Self::alloc(
|
||||
module,
|
||||
other.0.basek(),
|
||||
other.0.k(),
|
||||
other.0.rows(),
|
||||
other.0.rank(),
|
||||
);
|
||||
ksk_exec.prepare(module, other, scratch);
|
||||
ksk_exec
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: AsMut<[u8]> + AsRef<[u8]>> LWEToGLWESwitchingKey<D, FFT64> {
|
||||
pub fn encrypt_sk<DLwe, DGlwe>(
|
||||
impl<D: DataMut, B: Backend> LWEToGLWESwitchingKeyExec<D, B> {
|
||||
pub fn prepare<DataOther>(&mut self, module: &Module<B>, other: &LWEToGLWESwitchingKey<DataOther>, scratch: &mut Scratch<B>)
|
||||
where
|
||||
DataOther: DataRef,
|
||||
Module<B>: GGLWEExecLayoutFamily<B>,
|
||||
{
|
||||
self.0.prepare(module, &other.0, scratch);
|
||||
}
|
||||
}
|
||||
#[derive(PartialEq, Eq)]
|
||||
pub struct LWEToGLWESwitchingKey<D: Data>(GLWESwitchingKey<D>);
|
||||
|
||||
impl<D: DataMut> ReaderFrom for LWEToGLWESwitchingKey<D> {
|
||||
fn read_from<R: std::io::Read>(&mut self, reader: &mut R) -> std::io::Result<()> {
|
||||
self.0.read_from(reader)
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: DataRef> WriterTo for LWEToGLWESwitchingKey<D> {
|
||||
fn write_to<W: std::io::Write>(&self, writer: &mut W) -> std::io::Result<()> {
|
||||
self.0.write_to(writer)
|
||||
}
|
||||
}
|
||||
|
||||
impl LWEToGLWESwitchingKey<Vec<u8>> {
|
||||
pub fn alloc<B: Backend>(module: &Module<B>, basek: usize, k: usize, rows: usize, rank_out: usize) -> Self
|
||||
where
|
||||
Module<B>: MatZnxAlloc,
|
||||
{
|
||||
Self(GLWESwitchingKey::alloc(
|
||||
module, basek, k, rows, 1, 1, rank_out,
|
||||
))
|
||||
}
|
||||
|
||||
pub fn encrypt_sk_scratch_space<B: Backend>(module: &Module<B>, basek: usize, k: usize, rank_out: usize) -> usize
|
||||
where
|
||||
Module<B>: GGLWEEncryptSkFamily<B> + ScalarZnxAllocBytes + VecZnxAllocBytes,
|
||||
{
|
||||
GLWESwitchingKey::encrypt_sk_scratch_space(module, basek, k, 1, rank_out) + GLWESecret::bytes_of(module, 1)
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: DataMut> LWEToGLWESwitchingKey<D> {
|
||||
pub fn encrypt_sk<DLwe, DGlwe, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
module: &Module<B>,
|
||||
sk_lwe: &LWESecret<DLwe>,
|
||||
sk_glwe: &FourierGLWESecret<DGlwe, FFT64>,
|
||||
sk_glwe: &GLWESecret<DGlwe>,
|
||||
source_xa: &mut Source,
|
||||
source_xe: &mut Source,
|
||||
sigma: f64,
|
||||
scratch: &mut Scratch,
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
DLwe: AsRef<[u8]>,
|
||||
DGlwe: AsRef<[u8]>,
|
||||
DLwe: DataRef,
|
||||
DGlwe: DataRef,
|
||||
Module<B>: GGLWEEncryptSkFamily<B>
|
||||
+ VecZnxAutomorphismInplace
|
||||
+ ScalarZnxAllocBytes
|
||||
+ VecZnxSwithcDegree
|
||||
+ VecZnxAllocBytes
|
||||
+ VecZnxAddScalarInplace,
|
||||
Scratch<B>: ScratchAvailable + TakeScalarZnx<B> + TakeVecZnxDft<B> + TakeGLWESecretExec<B> + TakeVecZnx<B>,
|
||||
{
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
assert!(sk_lwe.n() <= module.n());
|
||||
}
|
||||
|
||||
let (mut sk_lwe_as_glwe, scratch1) = scratch.tmp_glwe_secret(module, 1);
|
||||
let (mut sk_lwe_as_glwe, scratch1) = scratch.take_glwe_secret(module, 1);
|
||||
sk_lwe_as_glwe.data.at_mut(0, 0)[..sk_lwe.n()].copy_from_slice(sk_lwe.data.at(0, 0));
|
||||
sk_lwe_as_glwe.data.at_mut(0, 0)[sk_lwe.n()..].fill(0);
|
||||
module.vec_znx_automorphism_inplace(-1, &mut sk_lwe_as_glwe.data, 0);
|
||||
@@ -107,33 +266,96 @@ impl<D: AsMut<[u8]> + AsRef<[u8]>> LWEToGLWESwitchingKey<D, FFT64> {
|
||||
}
|
||||
}
|
||||
|
||||
pub struct LWESwitchingKey<D, B: Backend>(GLWESwitchingKey<D, B>);
|
||||
#[derive(PartialEq, Eq)]
|
||||
pub struct LWESwitchingKeyExec<D: Data, B: Backend>(GLWESwitchingKeyExec<D, B>);
|
||||
|
||||
impl LWESwitchingKey<Vec<u8>, FFT64> {
|
||||
pub fn alloc(module: &Module<FFT64>, basek: usize, k: usize, rows: usize) -> Self {
|
||||
impl<B: Backend> LWESwitchingKeyExec<Vec<u8>, B> {
|
||||
pub fn alloc(module: &Module<B>, basek: usize, k: usize, rows: usize) -> Self
|
||||
where
|
||||
Module<B>: GGLWEExecLayoutFamily<B>,
|
||||
{
|
||||
Self(GLWESwitchingKeyExec::alloc(module, basek, k, rows, 1, 1, 1))
|
||||
}
|
||||
|
||||
pub fn bytes_of(module: &Module<B>, basek: usize, k: usize, rows: usize, digits: usize) -> usize
|
||||
where
|
||||
Module<B>: GGLWEExecLayoutFamily<B>,
|
||||
{
|
||||
GLWESwitchingKeyExec::<Vec<u8>, B>::bytes_of(module, basek, k, rows, digits, 1, 1)
|
||||
}
|
||||
|
||||
pub fn from<DataOther: DataRef>(module: &Module<B>, other: &LWESwitchingKey<DataOther>, scratch: &mut Scratch<B>) -> Self
|
||||
where
|
||||
Module<B>: GGLWEExecLayoutFamily<B>,
|
||||
{
|
||||
let mut ksk_exec: LWESwitchingKeyExec<Vec<u8>, B> = Self::alloc(module, other.0.basek(), other.0.k(), other.0.rows());
|
||||
ksk_exec.prepare(module, other, scratch);
|
||||
ksk_exec
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: DataMut, B: Backend> LWESwitchingKeyExec<D, B> {
|
||||
pub fn prepare<DataOther>(&mut self, module: &Module<B>, other: &LWESwitchingKey<DataOther>, scratch: &mut Scratch<B>)
|
||||
where
|
||||
DataOther: DataRef,
|
||||
Module<B>: GGLWEExecLayoutFamily<B>,
|
||||
{
|
||||
self.0.prepare(module, &other.0, scratch);
|
||||
}
|
||||
}
|
||||
#[derive(PartialEq, Eq)]
|
||||
pub struct LWESwitchingKey<D: Data>(GLWESwitchingKey<D>);
|
||||
|
||||
impl<D: DataMut> ReaderFrom for LWESwitchingKey<D> {
|
||||
fn read_from<R: std::io::Read>(&mut self, reader: &mut R) -> std::io::Result<()> {
|
||||
self.0.read_from(reader)
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: DataRef> WriterTo for LWESwitchingKey<D> {
|
||||
fn write_to<W: std::io::Write>(&self, writer: &mut W) -> std::io::Result<()> {
|
||||
self.0.write_to(writer)
|
||||
}
|
||||
}
|
||||
|
||||
impl LWESwitchingKey<Vec<u8>> {
|
||||
pub fn alloc<B: Backend>(module: &Module<B>, basek: usize, k: usize, rows: usize) -> Self
|
||||
where
|
||||
Module<B>: MatZnxAlloc,
|
||||
{
|
||||
Self(GLWESwitchingKey::alloc(module, basek, k, rows, 1, 1, 1))
|
||||
}
|
||||
|
||||
pub fn encrypt_sk_scratch_space(module: &Module<FFT64>, basek: usize, k: usize) -> usize {
|
||||
pub fn encrypt_sk_scratch_space<B: Backend>(module: &Module<B>, basek: usize, k: usize) -> usize
|
||||
where
|
||||
Module<B>: GGLWEEncryptSkFamily<B> + ScalarZnxAllocBytes + VecZnxAllocBytes,
|
||||
{
|
||||
GLWESecret::bytes_of(module, 1)
|
||||
+ FourierGLWESecret::bytes_of(module, 1)
|
||||
+ GLWESecretExec::bytes_of(module, 1)
|
||||
+ GLWESwitchingKey::encrypt_sk_scratch_space(module, basek, k, 1, 1)
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: AsMut<[u8]> + AsRef<[u8]>> LWESwitchingKey<D, FFT64> {
|
||||
pub fn encrypt_sk<DIn, DOut>(
|
||||
impl<D: DataMut> LWESwitchingKey<D> {
|
||||
pub fn encrypt_sk<DIn, DOut, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
module: &Module<B>,
|
||||
sk_lwe_in: &LWESecret<DIn>,
|
||||
sk_lwe_out: &LWESecret<DOut>,
|
||||
source_xa: &mut Source,
|
||||
source_xe: &mut Source,
|
||||
sigma: f64,
|
||||
scratch: &mut Scratch,
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
DIn: AsRef<[u8]>,
|
||||
DOut: AsRef<[u8]>,
|
||||
DIn: DataRef,
|
||||
DOut: DataRef,
|
||||
Module<B>: GGLWEEncryptSkFamily<B>
|
||||
+ VecZnxAutomorphismInplace
|
||||
+ ScalarZnxAllocBytes
|
||||
+ VecZnxSwithcDegree
|
||||
+ VecZnxAllocBytes
|
||||
+ VecZnxAddScalarInplace,
|
||||
Scratch<B>: ScratchAvailable + TakeScalarZnx<B> + TakeVecZnxDft<B> + TakeGLWESecretExec<B> + TakeVecZnx<B>,
|
||||
{
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
@@ -141,13 +363,13 @@ impl<D: AsMut<[u8]> + AsRef<[u8]>> LWESwitchingKey<D, FFT64> {
|
||||
assert!(sk_lwe_out.n() <= module.n());
|
||||
}
|
||||
|
||||
let (mut sk_in_glwe, scratch1) = scratch.tmp_glwe_secret(module, 1);
|
||||
let (mut sk_out_glwe, scratch2) = scratch1.tmp_fourier_glwe_secret(module, 1);
|
||||
let (mut sk_in_glwe, scratch1) = scratch.take_glwe_secret(module, 1);
|
||||
let (mut sk_out_glwe, scratch2) = scratch1.take_glwe_secret(module, 1);
|
||||
|
||||
sk_out_glwe.data.at_mut(0, 0)[..sk_lwe_out.n()].copy_from_slice(sk_lwe_out.data.at(0, 0));
|
||||
sk_out_glwe.data.at_mut(0, 0)[sk_lwe_out.n()..].fill(0);
|
||||
module.vec_znx_automorphism_inplace(-1, &mut sk_out_glwe.data, 0);
|
||||
|
||||
sk_in_glwe.data.at_mut(0, 0)[..sk_lwe_out.n()].copy_from_slice(sk_lwe_out.data.at(0, 0));
|
||||
sk_in_glwe.data.at_mut(0, 0)[sk_lwe_out.n()..].fill(0);
|
||||
module.vec_znx_automorphism_inplace(-1, &mut sk_in_glwe.data, 0);
|
||||
sk_out_glwe.set(module, &sk_in_glwe);
|
||||
sk_in_glwe.data.at_mut(0, 0)[..sk_lwe_in.n()].copy_from_slice(sk_lwe_in.data.at(0, 0));
|
||||
sk_in_glwe.data.at_mut(0, 0)[sk_lwe_in.n()..].fill(0);
|
||||
module.vec_znx_automorphism_inplace(-1, &mut sk_in_glwe.data, 0);
|
||||
@@ -165,35 +387,38 @@ impl<D: AsMut<[u8]> + AsRef<[u8]>> LWESwitchingKey<D, FFT64> {
|
||||
}
|
||||
|
||||
impl LWECiphertext<Vec<u8>> {
|
||||
pub fn from_glwe_scratch_space(
|
||||
module: &Module<FFT64>,
|
||||
pub fn from_glwe_scratch_space<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k_lwe: usize,
|
||||
k_glwe: usize,
|
||||
k_ksk: usize,
|
||||
rank: usize,
|
||||
) -> usize {
|
||||
) -> usize
|
||||
where
|
||||
Module<B>: GLWEKeyswitchFamily<B> + VecZnxAllocBytes,
|
||||
{
|
||||
GLWECiphertext::bytes_of(module, basek, k_lwe, 1)
|
||||
+ GLWECiphertext::keyswitch_scratch_space(module, basek, k_lwe, k_glwe, k_ksk, 1, rank, 1)
|
||||
}
|
||||
|
||||
pub fn keyswitch_scratch_space(
|
||||
module: &Module<FFT64>,
|
||||
pub fn keyswitch_scratch_space<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k_lwe_out: usize,
|
||||
k_lwe_in: usize,
|
||||
k_ksk: usize,
|
||||
) -> usize {
|
||||
) -> usize
|
||||
where
|
||||
Module<B>: GLWEKeyswitchFamily<B> + ScalarZnxAllocBytes + VecZnxAllocBytes,
|
||||
{
|
||||
GLWECiphertext::bytes_of(module, basek, k_lwe_out.max(k_lwe_in), 1)
|
||||
+ GLWECiphertext::keyswitch_inplace_scratch_space(module, basek, k_lwe_out, k_ksk, 1, 1)
|
||||
}
|
||||
}
|
||||
|
||||
impl<DLwe: AsRef<[u8]> + AsMut<[u8]>> LWECiphertext<DLwe> {
|
||||
pub fn sample_extract<DGlwe>(&mut self, a: &GLWECiphertext<DGlwe>)
|
||||
where
|
||||
DGlwe: AsRef<[u8]>,
|
||||
{
|
||||
impl<DLwe: DataMut> LWECiphertext<DLwe> {
|
||||
pub fn sample_extract<DGlwe: DataRef>(&mut self, a: &GLWECiphertext<DGlwe>) {
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
assert!(self.n() <= a.n());
|
||||
@@ -210,34 +435,38 @@ impl<DLwe: AsRef<[u8]> + AsMut<[u8]>> LWECiphertext<DLwe> {
|
||||
});
|
||||
}
|
||||
|
||||
pub fn from_glwe<DGlwe, DKs>(
|
||||
pub fn from_glwe<DGlwe, DKs, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
module: &Module<B>,
|
||||
a: &GLWECiphertext<DGlwe>,
|
||||
ks: &GLWEToLWESwitchingKey<DKs, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
ks: &GLWEToLWESwitchingKeyExec<DKs, B>,
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
DGlwe: AsRef<[u8]>,
|
||||
DKs: AsRef<[u8]>,
|
||||
DGlwe: DataRef,
|
||||
DKs: DataRef,
|
||||
Module<B>: GLWEKeyswitchFamily<B>,
|
||||
Scratch<B>: TakeVecZnxDft<B> + ScratchAvailable + TakeVecZnx<B>,
|
||||
{
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
assert_eq!(self.basek(), a.basek());
|
||||
}
|
||||
let (mut tmp_glwe, scratch1) = scratch.tmp_glwe_ct(module, a.basek(), self.k(), 1);
|
||||
let (mut tmp_glwe, scratch1) = scratch.take_glwe_ct(module, a.basek(), self.k(), 1);
|
||||
tmp_glwe.keyswitch(module, a, &ks.0, scratch1);
|
||||
self.sample_extract(&tmp_glwe);
|
||||
}
|
||||
|
||||
pub fn keyswitch<A, DKs>(
|
||||
pub fn keyswitch<A, DKs, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
module: &Module<B>,
|
||||
a: &LWECiphertext<A>,
|
||||
ksk: &LWESwitchingKey<DKs, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
ksk: &LWESwitchingKeyExec<DKs, B>,
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
A: AsRef<[u8]>,
|
||||
DKs: AsRef<[u8]>,
|
||||
A: DataRef,
|
||||
DKs: DataRef,
|
||||
Module<B>: GLWEKeyswitchFamily<B>,
|
||||
Scratch<B>: TakeVecZnxDft<B> + ScratchAvailable + TakeVecZnx<B>,
|
||||
{
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
@@ -249,7 +478,7 @@ impl<DLwe: AsRef<[u8]> + AsMut<[u8]>> LWECiphertext<DLwe> {
|
||||
let max_k: usize = self.k().max(a.k());
|
||||
let basek: usize = self.basek();
|
||||
|
||||
let (mut glwe, scratch1) = scratch.tmp_glwe_ct(&module, basek, max_k, 1);
|
||||
let (mut glwe, scratch1) = scratch.take_glwe_ct(&module, basek, max_k, 1);
|
||||
glwe.data.zero();
|
||||
|
||||
let n_lwe: usize = a.n();
|
||||
@@ -267,29 +496,34 @@ impl<DLwe: AsRef<[u8]> + AsMut<[u8]>> LWECiphertext<DLwe> {
|
||||
}
|
||||
|
||||
impl GLWECiphertext<Vec<u8>> {
|
||||
pub fn from_lwe_scratch_space(
|
||||
module: &Module<FFT64>,
|
||||
pub fn from_lwe_scratch_space<B: Backend>(
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k_lwe: usize,
|
||||
k_glwe: usize,
|
||||
k_ksk: usize,
|
||||
rank: usize,
|
||||
) -> usize {
|
||||
) -> usize
|
||||
where
|
||||
Module<B>: GLWEKeyswitchFamily<B> + VecZnxAllocBytes,
|
||||
{
|
||||
GLWECiphertext::keyswitch_scratch_space(module, basek, k_glwe, k_lwe, k_ksk, 1, 1, rank)
|
||||
+ GLWECiphertext::bytes_of(module, basek, k_lwe, 1)
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: AsRef<[u8]> + AsMut<[u8]>> GLWECiphertext<D> {
|
||||
pub fn from_lwe<DLwe, DKsk>(
|
||||
impl<D: DataMut> GLWECiphertext<D> {
|
||||
pub fn from_lwe<DLwe, DKsk, B: Backend>(
|
||||
&mut self,
|
||||
module: &Module<FFT64>,
|
||||
module: &Module<B>,
|
||||
lwe: &LWECiphertext<DLwe>,
|
||||
ksk: &LWEToGLWESwitchingKey<DKsk, FFT64>,
|
||||
scratch: &mut Scratch,
|
||||
ksk: &LWEToGLWESwitchingKeyExec<DKsk, B>,
|
||||
scratch: &mut Scratch<B>,
|
||||
) where
|
||||
DLwe: AsRef<[u8]>,
|
||||
DKsk: AsRef<[u8]>,
|
||||
DLwe: DataRef,
|
||||
DKsk: DataRef,
|
||||
Module<B>: GLWEKeyswitchFamily<B>,
|
||||
Scratch<B>: TakeVecZnxDft<B> + ScratchAvailable + TakeVecZnx<B>,
|
||||
{
|
||||
#[cfg(debug_assertions)]
|
||||
{
|
||||
@@ -297,7 +531,7 @@ impl<D: AsRef<[u8]> + AsMut<[u8]>> GLWECiphertext<D> {
|
||||
assert_eq!(self.basek(), self.basek());
|
||||
}
|
||||
|
||||
let (mut glwe, scratch1) = scratch.tmp_glwe_ct(module, lwe.basek(), lwe.k(), 1);
|
||||
let (mut glwe, scratch1) = scratch.take_glwe_ct(module, lwe.basek(), lwe.k(), 1);
|
||||
glwe.data.zero();
|
||||
|
||||
let n_lwe: usize = lwe.n();
|
||||
|
||||
@@ -1,8 +1,8 @@
|
||||
use backend::{VecZnx, VecZnxToMut, VecZnxToRef};
|
||||
use backend::hal::layouts::{Data, DataMut, DataRef, VecZnx, VecZnxToMut, VecZnxToRef};
|
||||
|
||||
use crate::{Infos, SetMetaData};
|
||||
|
||||
pub struct LWEPlaintext<D> {
|
||||
pub struct LWEPlaintext<D: Data> {
|
||||
pub(crate) data: VecZnx<D>,
|
||||
pub(crate) k: usize,
|
||||
pub(crate) basek: usize,
|
||||
@@ -18,8 +18,8 @@ impl LWEPlaintext<Vec<u8>> {
|
||||
}
|
||||
}
|
||||
|
||||
impl<T> Infos for LWEPlaintext<T> {
|
||||
type Inner = VecZnx<T>;
|
||||
impl<D: Data> Infos for LWEPlaintext<D> {
|
||||
type Inner = VecZnx<D>;
|
||||
|
||||
fn inner(&self) -> &Self::Inner {
|
||||
&self.data
|
||||
@@ -34,7 +34,7 @@ impl<T> Infos for LWEPlaintext<T> {
|
||||
}
|
||||
}
|
||||
|
||||
impl<DataSelf: AsMut<[u8]> + AsRef<[u8]>> SetMetaData for LWEPlaintext<DataSelf> {
|
||||
impl<D: DataMut> SetMetaData for LWEPlaintext<D> {
|
||||
fn set_k(&mut self, k: usize) {
|
||||
self.k = k
|
||||
}
|
||||
@@ -45,10 +45,11 @@ impl<DataSelf: AsMut<[u8]> + AsRef<[u8]>> SetMetaData for LWEPlaintext<DataSelf>
|
||||
}
|
||||
|
||||
pub trait LWEPlaintextToRef {
|
||||
#[allow(dead_code)]
|
||||
fn to_ref(&self) -> LWEPlaintext<&[u8]>;
|
||||
}
|
||||
|
||||
impl<D: AsRef<[u8]>> LWEPlaintextToRef for LWEPlaintext<D> {
|
||||
impl<D: DataRef> LWEPlaintextToRef for LWEPlaintext<D> {
|
||||
fn to_ref(&self) -> LWEPlaintext<&[u8]> {
|
||||
LWEPlaintext {
|
||||
data: self.data.to_ref(),
|
||||
@@ -59,10 +60,11 @@ impl<D: AsRef<[u8]>> LWEPlaintextToRef for LWEPlaintext<D> {
|
||||
}
|
||||
|
||||
pub trait LWEPlaintextToMut {
|
||||
#[allow(dead_code)]
|
||||
fn to_mut(&mut self) -> LWEPlaintext<&mut [u8]>;
|
||||
}
|
||||
|
||||
impl<D: AsMut<[u8]> + AsRef<[u8]>> LWEPlaintextToMut for LWEPlaintext<D> {
|
||||
impl<D: DataMut> LWEPlaintextToMut for LWEPlaintext<D> {
|
||||
fn to_mut(&mut self) -> LWEPlaintext<&mut [u8]> {
|
||||
LWEPlaintext {
|
||||
data: self.data.to_mut(),
|
||||
|
||||
@@ -1,10 +1,13 @@
|
||||
use backend::{ScalarZnx, ZnxInfos, ZnxZero};
|
||||
use backend::hal::{
|
||||
api::{ZnxInfos, ZnxZero},
|
||||
layouts::{Data, DataMut, ScalarZnx},
|
||||
};
|
||||
use sampling::source::Source;
|
||||
|
||||
use crate::Distribution;
|
||||
|
||||
pub struct LWESecret<T> {
|
||||
pub(crate) data: ScalarZnx<T>,
|
||||
pub struct LWESecret<D: Data> {
|
||||
pub(crate) data: ScalarZnx<D>,
|
||||
pub(crate) dist: Distribution,
|
||||
}
|
||||
|
||||
@@ -17,7 +20,7 @@ impl LWESecret<Vec<u8>> {
|
||||
}
|
||||
}
|
||||
|
||||
impl<DataSelf> LWESecret<DataSelf> {
|
||||
impl<D: Data> LWESecret<D> {
|
||||
pub fn n(&self) -> usize {
|
||||
self.data.n()
|
||||
}
|
||||
@@ -31,7 +34,7 @@ impl<DataSelf> LWESecret<DataSelf> {
|
||||
}
|
||||
}
|
||||
|
||||
impl<D: AsRef<[u8]> + AsMut<[u8]>> LWESecret<D> {
|
||||
impl<D: DataMut> LWESecret<D> {
|
||||
pub fn fill_ternary_prob(&mut self, prob: f64, source: &mut Source) {
|
||||
self.data.fill_ternary_prob(0, prob, source);
|
||||
self.dist = Distribution::TernaryProb(prob);
|
||||
|
||||
@@ -1,18 +1,67 @@
|
||||
use backend::{Encoding, FFT64, Module, ScratchOwned, ZnxView};
|
||||
use backend::{
|
||||
hal::{
|
||||
api::{
|
||||
MatZnxAlloc, ModuleNew, ScalarZnxAlloc, ScalarZnxAllocBytes, ScratchOwnedAlloc, ScratchOwnedBorrow,
|
||||
VecZnxAddScalarInplace, VecZnxAlloc, VecZnxAllocBytes, VecZnxAutomorphismInplace, VecZnxEncodeCoeffsi64,
|
||||
VecZnxSwithcDegree, ZnxView,
|
||||
},
|
||||
layouts::{Backend, Module, ScratchOwned},
|
||||
oep::{
|
||||
ScratchAvailableImpl, ScratchOwnedAllocImpl, ScratchOwnedBorrowImpl, TakeScalarZnxImpl, TakeSvpPPolImpl,
|
||||
TakeVecZnxBigImpl, TakeVecZnxDftImpl, TakeVecZnxImpl,
|
||||
},
|
||||
},
|
||||
implementation::cpu_spqlios::FFT64,
|
||||
};
|
||||
use sampling::source::Source;
|
||||
|
||||
use crate::{
|
||||
FourierGLWESecret, GLWECiphertext, GLWEPlaintext, GLWESecret, Infos, LWECiphertext, LWESecret,
|
||||
GGLWEEncryptSkFamily, GGLWEExecLayoutFamily, GLWECiphertext, GLWEDecryptFamily, GLWEKeyswitchFamily, GLWEPlaintext,
|
||||
GLWESecret, GLWESecretExec, Infos, LWECiphertext, LWESecret,
|
||||
lwe::{
|
||||
LWEPlaintext,
|
||||
keyswtich::{GLWEToLWESwitchingKey, LWESwitchingKey, LWEToGLWESwitchingKey},
|
||||
keyswtich::{
|
||||
GLWEToLWESwitchingKey, GLWEToLWESwitchingKeyExec, LWESwitchingKey, LWESwitchingKeyExec, LWEToGLWESwitchingKey,
|
||||
LWEToGLWESwitchingKeyExec,
|
||||
},
|
||||
},
|
||||
};
|
||||
|
||||
#[test]
|
||||
fn lwe_to_glwe() {
|
||||
let n: usize = 1 << 5;
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(n);
|
||||
let log_n: usize = 5;
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
test_lwe_to_glwe(&module)
|
||||
}
|
||||
|
||||
pub(crate) trait LWETestModuleFamily<B: Backend> = GGLWEEncryptSkFamily<B>
|
||||
+ GLWEDecryptFamily<B>
|
||||
+ VecZnxSwithcDegree
|
||||
+ VecZnxAddScalarInplace
|
||||
+ VecZnxAlloc
|
||||
+ GGLWEExecLayoutFamily<B>
|
||||
+ GLWEKeyswitchFamily<B>
|
||||
+ ScalarZnxAllocBytes
|
||||
+ VecZnxAllocBytes
|
||||
+ ScalarZnxAlloc
|
||||
+ VecZnxEncodeCoeffsi64
|
||||
+ MatZnxAlloc
|
||||
+ VecZnxAutomorphismInplace;
|
||||
|
||||
pub(crate) trait LWETestScratchFamily<B: Backend> = TakeScalarZnxImpl<B>
|
||||
+ TakeVecZnxDftImpl<B>
|
||||
+ ScratchAvailableImpl<B>
|
||||
+ TakeVecZnxImpl<B>
|
||||
+ TakeVecZnxBigImpl<B>
|
||||
+ TakeSvpPPolImpl<B>
|
||||
+ ScratchOwnedAllocImpl<B>
|
||||
+ ScratchOwnedBorrowImpl<B>;
|
||||
|
||||
pub(crate) fn test_lwe_to_glwe<B: Backend>(module: &Module<B>)
|
||||
where
|
||||
Module<B>: LWETestModuleFamily<B>,
|
||||
B: LWETestScratchFamily<B>,
|
||||
{
|
||||
let basek: usize = 17;
|
||||
let sigma: f64 = 3.2;
|
||||
|
||||
@@ -30,56 +79,71 @@ fn lwe_to_glwe() {
|
||||
let mut source_xa: Source = Source::new([0u8; 32]);
|
||||
let mut source_xe: Source = Source::new([0u8; 32]);
|
||||
|
||||
let mut scratch: ScratchOwned = ScratchOwned::new(
|
||||
LWEToGLWESwitchingKey::encrypt_sk_scratch_space(&module, basek, k_ksk, rank)
|
||||
| GLWECiphertext::from_lwe_scratch_space(&module, basek, k_lwe_ct, k_glwe_ct, k_ksk, rank)
|
||||
| GLWECiphertext::decrypt_scratch_space(&module, basek, k_glwe_ct),
|
||||
let mut scratch: ScratchOwned<B> = ScratchOwned::alloc(
|
||||
LWEToGLWESwitchingKey::encrypt_sk_scratch_space(module, basek, k_ksk, rank)
|
||||
| GLWECiphertext::from_lwe_scratch_space(module, basek, k_lwe_ct, k_glwe_ct, k_ksk, rank)
|
||||
| GLWECiphertext::decrypt_scratch_space(module, basek, k_glwe_ct),
|
||||
);
|
||||
|
||||
let mut sk_glwe: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank);
|
||||
let mut sk_glwe: GLWESecret<Vec<u8>> = GLWESecret::alloc(module, rank);
|
||||
sk_glwe.fill_ternary_prob(0.5, &mut source_xs);
|
||||
|
||||
let mut sk_glwe_dft: FourierGLWESecret<Vec<u8>, FFT64> = FourierGLWESecret::alloc(&module, rank);
|
||||
sk_glwe_dft.set(&module, &sk_glwe);
|
||||
let sk_glwe_exec: GLWESecretExec<Vec<u8>, B> = GLWESecretExec::from(module, &sk_glwe);
|
||||
|
||||
let mut sk_lwe = LWESecret::alloc(n_lwe);
|
||||
let mut sk_lwe: LWESecret<Vec<u8>> = LWESecret::alloc(n_lwe);
|
||||
sk_lwe.fill_ternary_prob(0.5, &mut source_xs);
|
||||
|
||||
let data: i64 = 17;
|
||||
|
||||
let mut lwe_pt: LWEPlaintext<Vec<u8>> = LWEPlaintext::alloc(basek, k_lwe_pt);
|
||||
lwe_pt
|
||||
.data
|
||||
.encode_coeff_i64(0, basek, k_lwe_pt, 0, data, k_lwe_pt);
|
||||
module.encode_coeff_i64(basek, &mut lwe_pt.data, 0, k_lwe_pt, 0, data, k_lwe_pt);
|
||||
|
||||
let mut lwe_ct: LWECiphertext<Vec<u8>> = LWECiphertext::alloc(n_lwe, basek, k_lwe_ct);
|
||||
lwe_ct.encrypt_sk(&lwe_pt, &sk_lwe, &mut source_xa, &mut source_xe, sigma);
|
||||
lwe_ct.encrypt_sk(
|
||||
module,
|
||||
&lwe_pt,
|
||||
&sk_lwe,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
);
|
||||
|
||||
let mut ksk: LWEToGLWESwitchingKey<Vec<u8>, FFT64> = LWEToGLWESwitchingKey::alloc(&module, basek, k_ksk, lwe_ct.size(), rank);
|
||||
let mut ksk: LWEToGLWESwitchingKey<Vec<u8>> = LWEToGLWESwitchingKey::alloc(module, basek, k_ksk, lwe_ct.size(), rank);
|
||||
|
||||
ksk.encrypt_sk(
|
||||
&module,
|
||||
module,
|
||||
&sk_lwe,
|
||||
&sk_glwe_dft,
|
||||
&sk_glwe,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
let mut glwe_ct: GLWECiphertext<Vec<u8>> = GLWECiphertext::alloc(&module, basek, k_glwe_ct, rank);
|
||||
glwe_ct.from_lwe(&module, &lwe_ct, &ksk, scratch.borrow());
|
||||
let mut glwe_ct: GLWECiphertext<Vec<u8>> = GLWECiphertext::alloc(module, basek, k_glwe_ct, rank);
|
||||
|
||||
let mut glwe_pt: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k_glwe_ct);
|
||||
glwe_ct.decrypt(&module, &mut glwe_pt, &sk_glwe_dft, scratch.borrow());
|
||||
let ksk_exec: LWEToGLWESwitchingKeyExec<Vec<u8>, B> = LWEToGLWESwitchingKeyExec::from(module, &ksk, scratch.borrow());
|
||||
|
||||
glwe_ct.from_lwe(module, &lwe_ct, &ksk_exec, scratch.borrow());
|
||||
|
||||
let mut glwe_pt: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(module, basek, k_glwe_ct);
|
||||
glwe_ct.decrypt(module, &mut glwe_pt, &sk_glwe_exec, scratch.borrow());
|
||||
|
||||
assert_eq!(glwe_pt.data.at(0, 0)[0], lwe_pt.data.at(0, 0)[0]);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn glwe_to_lwe() {
|
||||
let n: usize = 1 << 5;
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(n);
|
||||
let log_n: usize = 5;
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
test_glwe_to_lwe(&module)
|
||||
}
|
||||
|
||||
fn test_glwe_to_lwe<B: Backend>(module: &Module<B>)
|
||||
where
|
||||
Module<B>: LWETestModuleFamily<B>,
|
||||
B: LWETestScratchFamily<B>,
|
||||
{
|
||||
let basek: usize = 17;
|
||||
let sigma: f64 = 3.2;
|
||||
|
||||
@@ -97,44 +161,39 @@ fn glwe_to_lwe() {
|
||||
let mut source_xa: Source = Source::new([0u8; 32]);
|
||||
let mut source_xe: Source = Source::new([0u8; 32]);
|
||||
|
||||
let mut scratch: ScratchOwned = ScratchOwned::new(
|
||||
LWEToGLWESwitchingKey::encrypt_sk_scratch_space(&module, basek, k_ksk, rank)
|
||||
| GLWECiphertext::from_lwe_scratch_space(&module, basek, k_lwe_ct, k_glwe_ct, k_ksk, rank)
|
||||
| GLWECiphertext::decrypt_scratch_space(&module, basek, k_glwe_ct),
|
||||
let mut scratch: ScratchOwned<B> = ScratchOwned::alloc(
|
||||
LWEToGLWESwitchingKey::encrypt_sk_scratch_space(module, basek, k_ksk, rank)
|
||||
| GLWECiphertext::from_lwe_scratch_space(module, basek, k_lwe_ct, k_glwe_ct, k_ksk, rank)
|
||||
| GLWECiphertext::decrypt_scratch_space(module, basek, k_glwe_ct),
|
||||
);
|
||||
|
||||
let mut sk_glwe: GLWESecret<Vec<u8>> = GLWESecret::alloc(&module, rank);
|
||||
let mut sk_glwe: GLWESecret<Vec<u8>> = GLWESecret::alloc(module, rank);
|
||||
sk_glwe.fill_ternary_prob(0.5, &mut source_xs);
|
||||
|
||||
let mut sk_glwe_dft: FourierGLWESecret<Vec<u8>, FFT64> = FourierGLWESecret::alloc(&module, rank);
|
||||
sk_glwe_dft.set(&module, &sk_glwe);
|
||||
let sk_glwe_exec: GLWESecretExec<Vec<u8>, B> = GLWESecretExec::from(module, &sk_glwe);
|
||||
|
||||
let mut sk_lwe = LWESecret::alloc(n_lwe);
|
||||
sk_lwe.fill_ternary_prob(0.5, &mut source_xs);
|
||||
|
||||
let data: i64 = 17;
|
||||
let mut glwe_pt: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(&module, basek, k_glwe_ct);
|
||||
let mut glwe_pt: GLWEPlaintext<Vec<u8>> = GLWEPlaintext::alloc(module, basek, k_glwe_ct);
|
||||
module.encode_coeff_i64(basek, &mut glwe_pt.data, 0, k_lwe_pt, 0, data, k_lwe_pt);
|
||||
|
||||
glwe_pt
|
||||
.data
|
||||
.encode_coeff_i64(0, basek, k_lwe_pt, 0, data, k_lwe_pt);
|
||||
|
||||
let mut glwe_ct = GLWECiphertext::alloc(&module, basek, k_glwe_ct, rank);
|
||||
let mut glwe_ct = GLWECiphertext::alloc(module, basek, k_glwe_ct, rank);
|
||||
glwe_ct.encrypt_sk(
|
||||
&module,
|
||||
module,
|
||||
&glwe_pt,
|
||||
&sk_glwe_dft,
|
||||
&sk_glwe_exec,
|
||||
&mut source_xa,
|
||||
&mut source_xe,
|
||||
sigma,
|
||||
scratch.borrow(),
|
||||
);
|
||||
|
||||
let mut ksk: GLWEToLWESwitchingKey<Vec<u8>, FFT64> =
|
||||
GLWEToLWESwitchingKey::alloc(&module, basek, k_ksk, glwe_ct.size(), rank);
|
||||
let mut ksk: GLWEToLWESwitchingKey<Vec<u8>> = GLWEToLWESwitchingKey::alloc(module, basek, k_ksk, glwe_ct.size(), rank);
|
||||
|
||||
ksk.encrypt_sk(
|
||||
&module,
|
||||
module,
|
||||
&sk_lwe,
|
||||
&sk_glwe,
|
||||
&mut source_xa,
|
||||
@@ -144,18 +203,29 @@ fn glwe_to_lwe() {
|
||||
);
|
||||
|
||||
let mut lwe_ct: LWECiphertext<Vec<u8>> = LWECiphertext::alloc(n_lwe, basek, k_lwe_ct);
|
||||
lwe_ct.from_glwe(&module, &glwe_ct, &ksk, scratch.borrow());
|
||||
|
||||
let ksk_exec: GLWEToLWESwitchingKeyExec<Vec<u8>, B> = GLWEToLWESwitchingKeyExec::from(module, &ksk, scratch.borrow());
|
||||
|
||||
lwe_ct.from_glwe(module, &glwe_ct, &ksk_exec, scratch.borrow());
|
||||
|
||||
let mut lwe_pt: LWEPlaintext<Vec<u8>> = LWEPlaintext::alloc(basek, k_lwe_ct);
|
||||
lwe_ct.decrypt(&mut lwe_pt, &sk_lwe);
|
||||
lwe_ct.decrypt(module, &mut lwe_pt, &sk_lwe);
|
||||
|
||||
assert_eq!(glwe_pt.data.at(0, 0)[0], lwe_pt.data.at(0, 0)[0]);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn keyswitch() {
|
||||
let n: usize = 1 << 5;
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(n);
|
||||
let log_n: usize = 5;
|
||||
let module: Module<FFT64> = Module::<FFT64>::new(1 << log_n);
|
||||
test_keyswitch(&module)
|
||||
}
|
||||
|
||||
fn test_keyswitch<B: Backend>(module: &Module<B>)
|
||||
where
|
||||
Module<B>: LWETestModuleFamily<B>,
|
||||
B: LWETestScratchFamily<B>,
|
||||
{
|
||||
let basek: usize = 17;
|
||||
let sigma: f64 = 3.2;
|
||||
|
||||
@@ -170,9 +240,9 @@ fn keyswitch() {
|
||||
let mut source_xa: Source = Source::new([0u8; 32]);
|
||||
let mut source_xe: Source = Source::new([0u8; 32]);
|
||||
|
||||
let mut scratch: ScratchOwned = ScratchOwned::new(
|
||||
LWESwitchingKey::encrypt_sk_scratch_space(&module, basek, k_ksk)
|
||||
| LWECiphertext::keyswitch_scratch_space(&module, basek, k_lwe_ct, k_lwe_ct, k_ksk),
|
||||
let mut scratch: ScratchOwned<B> = ScratchOwned::alloc(
|
||||
LWESwitchingKey::encrypt_sk_scratch_space(module, basek, k_ksk)
|
||||
| LWECiphertext::keyswitch_scratch_space(module, basek, k_lwe_ct, k_lwe_ct, k_ksk),
|
||||
);
|
||||
|
||||
let mut sk_lwe_in: LWESecret<Vec<u8>> = LWESecret::alloc(n_lwe_in);
|
||||
@@ -184,12 +254,11 @@ fn keyswitch() {
|
||||
let data: i64 = 17;
|
||||
|
||||
let mut lwe_pt_in: LWEPlaintext<Vec<u8>> = LWEPlaintext::alloc(basek, k_lwe_pt);
|
||||
lwe_pt_in
|
||||
.data
|
||||
.encode_coeff_i64(0, basek, k_lwe_pt, 0, data, k_lwe_pt);
|
||||
module.encode_coeff_i64(basek, &mut lwe_pt_in.data, 0, k_lwe_pt, 0, data, k_lwe_pt);
|
||||
|
||||
let mut lwe_ct_in: LWECiphertext<Vec<u8>> = LWECiphertext::alloc(n_lwe_in, basek, k_lwe_ct);
|
||||
lwe_ct_in.encrypt_sk(
|
||||
module,
|
||||
&lwe_pt_in,
|
||||
&sk_lwe_in,
|
||||
&mut source_xa,
|
||||
@@ -197,10 +266,10 @@ fn keyswitch() {
|
||||
sigma,
|
||||
);
|
||||
|
||||
let mut ksk: LWESwitchingKey<Vec<u8>, FFT64> = LWESwitchingKey::alloc(&module, basek, k_ksk, lwe_ct_in.size());
|
||||
let mut ksk: LWESwitchingKey<Vec<u8>> = LWESwitchingKey::alloc(module, basek, k_ksk, lwe_ct_in.size());
|
||||
|
||||
ksk.encrypt_sk(
|
||||
&module,
|
||||
module,
|
||||
&sk_lwe_in,
|
||||
&sk_lwe_out,
|
||||
&mut source_xa,
|
||||
@@ -211,10 +280,12 @@ fn keyswitch() {
|
||||
|
||||
let mut lwe_ct_out: LWECiphertext<Vec<u8>> = LWECiphertext::alloc(n_lwe_out, basek, k_lwe_ct);
|
||||
|
||||
lwe_ct_out.keyswitch(&module, &lwe_ct_in, &ksk, scratch.borrow());
|
||||
let ksk_exec: LWESwitchingKeyExec<Vec<u8>, B> = LWESwitchingKeyExec::from(module, &ksk, scratch.borrow());
|
||||
|
||||
lwe_ct_out.keyswitch(module, &lwe_ct_in, &ksk_exec, scratch.borrow());
|
||||
|
||||
let mut lwe_pt_out: LWEPlaintext<Vec<u8>> = LWEPlaintext::alloc(basek, k_lwe_ct);
|
||||
lwe_ct_out.decrypt(&mut lwe_pt_out, &sk_lwe_out);
|
||||
lwe_ct_out.decrypt(module, &mut lwe_pt_out, &sk_lwe_out);
|
||||
|
||||
assert_eq!(lwe_pt_in.data.at(0, 0)[0], lwe_pt_out.data.at(0, 0)[0]);
|
||||
}
|
||||
|
||||
@@ -12,7 +12,7 @@ pub(crate) fn var_noise_gglwe_product(
|
||||
b_logq: usize,
|
||||
) -> f64 {
|
||||
let a_logq: usize = a_logq.min(b_logq);
|
||||
let a_cols: usize = (a_logq + basek - 1) / basek;
|
||||
let a_cols: usize = a_logq.div_ceil(basek);
|
||||
|
||||
let b_scale: f64 = (b_logq as f64).exp2();
|
||||
let a_scale: f64 = ((b_logq - a_logq) as f64).exp2();
|
||||
@@ -73,7 +73,7 @@ pub(crate) fn noise_ggsw_product(
|
||||
k_ggsw: usize,
|
||||
) -> f64 {
|
||||
let a_logq: usize = k_in.min(k_ggsw);
|
||||
let a_cols: usize = (a_logq + basek - 1) / basek;
|
||||
let a_cols: usize = a_logq.div_ceil(basek);
|
||||
|
||||
let b_scale: f64 = (k_ggsw as f64).exp2();
|
||||
let a_scale: f64 = ((k_ggsw - a_logq) as f64).exp2();
|
||||
|
||||
947
core/src/scratch.rs
Normal file
947
core/src/scratch.rs
Normal file
@@ -0,0 +1,947 @@
|
||||
use backend::hal::{
|
||||
api::{TakeMatZnx, TakeScalarZnx, TakeSvpPPol, TakeVecZnx, TakeVecZnxDft, TakeVmpPMat},
|
||||
layouts::{Backend, DataRef, Module, Scratch},
|
||||
oep::{TakeMatZnxImpl, TakeScalarZnxImpl, TakeSvpPPolImpl, TakeVecZnxDftImpl, TakeVecZnxImpl, TakeVmpPMatImpl},
|
||||
};
|
||||
|
||||
use crate::{
|
||||
AutomorphismKey, AutomorphismKeyExec, GGLWECiphertext, GGLWECiphertextExec, GGSWCiphertext, GGSWCiphertextExec,
|
||||
GLWECiphertext, GLWEPlaintext, GLWEPublicKey, GLWEPublicKeyExec, GLWESecret, GLWESecretExec, GLWESwitchingKey,
|
||||
GLWESwitchingKeyExec, GLWETensorKey, GLWETensorKeyExec, Infos, dist::Distribution,
|
||||
};
|
||||
|
||||
pub trait TakeLike<'a, B: Backend, T> {
|
||||
type Output;
|
||||
fn take_like(&'a mut self, template: &T) -> (Self::Output, &'a mut Self);
|
||||
}
|
||||
|
||||
pub trait TakeGLWECt<B: Backend> {
|
||||
fn take_glwe_ct(&mut self, module: &Module<B>, basek: usize, k: usize, rank: usize)
|
||||
-> (GLWECiphertext<&mut [u8]>, &mut Self);
|
||||
}
|
||||
|
||||
pub trait TakeGLWECtSlice<B: Backend> {
|
||||
fn take_glwe_ct_slice(
|
||||
&mut self,
|
||||
size: usize,
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rank: usize,
|
||||
) -> (Vec<GLWECiphertext<&mut [u8]>>, &mut Self);
|
||||
}
|
||||
|
||||
pub trait TakeGLWEPt<B: Backend> {
|
||||
fn take_glwe_pt(&mut self, module: &Module<B>, basek: usize, k: usize) -> (GLWEPlaintext<&mut [u8]>, &mut Self);
|
||||
}
|
||||
|
||||
pub trait TakeGGLWE<B: Backend> {
|
||||
fn take_gglwe(
|
||||
&mut self,
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rows: usize,
|
||||
digits: usize,
|
||||
rank_in: usize,
|
||||
rank_out: usize,
|
||||
) -> (GGLWECiphertext<&mut [u8]>, &mut Self);
|
||||
}
|
||||
|
||||
pub trait TakeGGLWEExec<B: Backend> {
|
||||
fn take_gglwe_exec(
|
||||
&mut self,
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rows: usize,
|
||||
digits: usize,
|
||||
rank_in: usize,
|
||||
rank_out: usize,
|
||||
) -> (GGLWECiphertextExec<&mut [u8], B>, &mut Self);
|
||||
}
|
||||
|
||||
pub trait TakeGGSW<B: Backend> {
|
||||
fn take_ggsw(
|
||||
&mut self,
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rows: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> (GGSWCiphertext<&mut [u8]>, &mut Self);
|
||||
}
|
||||
|
||||
pub trait TakeGGSWExec<B: Backend> {
|
||||
fn take_ggsw_exec(
|
||||
&mut self,
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rows: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> (GGSWCiphertextExec<&mut [u8], B>, &mut Self);
|
||||
}
|
||||
|
||||
pub trait TakeGLWESecret<B: Backend> {
|
||||
fn take_glwe_secret(&mut self, module: &Module<B>, rank: usize) -> (GLWESecret<&mut [u8]>, &mut Self);
|
||||
}
|
||||
|
||||
pub trait TakeGLWESecretExec<B: Backend> {
|
||||
fn take_glwe_secret_exec(&mut self, module: &Module<B>, rank: usize) -> (GLWESecretExec<&mut [u8], B>, &mut Self);
|
||||
}
|
||||
|
||||
pub trait TakeGLWEPk<B: Backend> {
|
||||
fn take_glwe_pk(&mut self, module: &Module<B>, basek: usize, k: usize, rank: usize) -> (GLWEPublicKey<&mut [u8]>, &mut Self);
|
||||
}
|
||||
|
||||
pub trait TakeGLWEPkExec<B: Backend> {
|
||||
fn take_glwe_pk_exec(
|
||||
&mut self,
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rank: usize,
|
||||
) -> (GLWEPublicKeyExec<&mut [u8], B>, &mut Self);
|
||||
}
|
||||
|
||||
pub trait TakeGLWESwitchingKey<B: Backend> {
|
||||
fn take_glwe_switching_key(
|
||||
&mut self,
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rows: usize,
|
||||
digits: usize,
|
||||
rank_in: usize,
|
||||
rank_out: usize,
|
||||
) -> (GLWESwitchingKey<&mut [u8]>, &mut Self);
|
||||
}
|
||||
|
||||
pub trait TakeGLWESwitchingKeyExec<B: Backend> {
|
||||
fn take_glwe_switching_key_exec(
|
||||
&mut self,
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rows: usize,
|
||||
digits: usize,
|
||||
rank_in: usize,
|
||||
rank_out: usize,
|
||||
) -> (GLWESwitchingKeyExec<&mut [u8], B>, &mut Self);
|
||||
}
|
||||
|
||||
pub trait TakeTensorKey<B: Backend> {
|
||||
fn take_tensor_key(
|
||||
&mut self,
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rows: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> (GLWETensorKey<&mut [u8]>, &mut Self);
|
||||
}
|
||||
|
||||
pub trait TakeTensorKeyExec<B: Backend> {
|
||||
fn take_tensor_key_exec(
|
||||
&mut self,
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rows: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> (GLWETensorKeyExec<&mut [u8], B>, &mut Self);
|
||||
}
|
||||
|
||||
pub trait TakeAutomorphismKey<B: Backend> {
|
||||
fn take_automorphism_key(
|
||||
&mut self,
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rows: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> (AutomorphismKey<&mut [u8]>, &mut Self);
|
||||
}
|
||||
|
||||
pub trait TakeAutomorphismKeyExec<B: Backend> {
|
||||
fn take_automorphism_key_exec(
|
||||
&mut self,
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rows: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> (AutomorphismKeyExec<&mut [u8], B>, &mut Self);
|
||||
}
|
||||
|
||||
impl<B: Backend> TakeGLWECt<B> for Scratch<B>
|
||||
where
|
||||
Scratch<B>: TakeVecZnx<B>,
|
||||
{
|
||||
fn take_glwe_ct(
|
||||
&mut self,
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rank: usize,
|
||||
) -> (GLWECiphertext<&mut [u8]>, &mut Self) {
|
||||
let (data, scratch) = self.take_vec_znx(module, rank + 1, k.div_ceil(basek));
|
||||
(GLWECiphertext { data, basek, k }, scratch)
|
||||
}
|
||||
}
|
||||
|
||||
impl<'a, B, D> TakeLike<'a, B, GLWECiphertext<D>> for Scratch<B>
|
||||
where
|
||||
B: Backend + TakeVecZnxImpl<B>,
|
||||
D: DataRef,
|
||||
{
|
||||
type Output = GLWECiphertext<&'a mut [u8]>;
|
||||
|
||||
fn take_like(&'a mut self, template: &GLWECiphertext<D>) -> (Self::Output, &'a mut Self) {
|
||||
let (data, scratch) = B::take_vec_znx_impl(self, template.n(), template.cols(), template.size());
|
||||
(
|
||||
GLWECiphertext {
|
||||
data,
|
||||
basek: template.basek(),
|
||||
k: template.k(),
|
||||
},
|
||||
scratch,
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
impl<B: Backend> TakeGLWECtSlice<B> for Scratch<B>
|
||||
where
|
||||
Scratch<B>: TakeVecZnx<B>,
|
||||
{
|
||||
fn take_glwe_ct_slice(
|
||||
&mut self,
|
||||
size: usize,
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rank: usize,
|
||||
) -> (Vec<GLWECiphertext<&mut [u8]>>, &mut Self) {
|
||||
let mut scratch: &mut Scratch<B> = self;
|
||||
let mut cts: Vec<GLWECiphertext<&mut [u8]>> = Vec::with_capacity(size);
|
||||
for _ in 0..size {
|
||||
let (ct, new_scratch) = scratch.take_glwe_ct(module, basek, k, rank);
|
||||
scratch = new_scratch;
|
||||
cts.push(ct);
|
||||
}
|
||||
(cts, scratch)
|
||||
}
|
||||
}
|
||||
|
||||
impl<B: Backend> TakeGLWEPt<B> for Scratch<B>
|
||||
where
|
||||
Scratch<B>: TakeVecZnx<B>,
|
||||
{
|
||||
fn take_glwe_pt(&mut self, module: &Module<B>, basek: usize, k: usize) -> (GLWEPlaintext<&mut [u8]>, &mut Self) {
|
||||
let (data, scratch) = self.take_vec_znx(module, 1, k.div_ceil(basek));
|
||||
(GLWEPlaintext { data, basek, k }, scratch)
|
||||
}
|
||||
}
|
||||
|
||||
impl<'a, B, D> TakeLike<'a, B, GLWEPlaintext<D>> for Scratch<B>
|
||||
where
|
||||
B: Backend + TakeVecZnxImpl<B>,
|
||||
D: DataRef,
|
||||
{
|
||||
type Output = GLWEPlaintext<&'a mut [u8]>;
|
||||
|
||||
fn take_like(&'a mut self, template: &GLWEPlaintext<D>) -> (Self::Output, &'a mut Self) {
|
||||
let (data, scratch) = B::take_vec_znx_impl(self, template.n(), template.cols(), template.size());
|
||||
(
|
||||
GLWEPlaintext {
|
||||
data,
|
||||
basek: template.basek(),
|
||||
k: template.k(),
|
||||
},
|
||||
scratch,
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
impl<B: Backend> TakeGGLWE<B> for Scratch<B>
|
||||
where
|
||||
Scratch<B>: TakeMatZnx<B>,
|
||||
{
|
||||
fn take_gglwe(
|
||||
&mut self,
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rows: usize,
|
||||
digits: usize,
|
||||
rank_in: usize,
|
||||
rank_out: usize,
|
||||
) -> (GGLWECiphertext<&mut [u8]>, &mut Self) {
|
||||
let (data, scratch) = self.take_mat_znx(
|
||||
module,
|
||||
rows.div_ceil(digits),
|
||||
rank_in,
|
||||
rank_out + 1,
|
||||
k.div_ceil(basek),
|
||||
);
|
||||
(
|
||||
GGLWECiphertext {
|
||||
data: data,
|
||||
basek: basek,
|
||||
k,
|
||||
digits,
|
||||
},
|
||||
scratch,
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
impl<'a, B, D> TakeLike<'a, B, GGLWECiphertext<D>> for Scratch<B>
|
||||
where
|
||||
B: Backend + TakeMatZnxImpl<B>,
|
||||
D: DataRef,
|
||||
{
|
||||
type Output = GGLWECiphertext<&'a mut [u8]>;
|
||||
|
||||
fn take_like(&'a mut self, template: &GGLWECiphertext<D>) -> (Self::Output, &'a mut Self) {
|
||||
let (data, scratch) = B::take_mat_znx_impl(
|
||||
self,
|
||||
template.n(),
|
||||
template.rows(),
|
||||
template.data.cols_in(),
|
||||
template.data.cols_out(),
|
||||
template.size(),
|
||||
);
|
||||
(
|
||||
GGLWECiphertext {
|
||||
data,
|
||||
basek: template.basek(),
|
||||
k: template.k(),
|
||||
digits: template.digits(),
|
||||
},
|
||||
scratch,
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
impl<B: Backend> TakeGGLWEExec<B> for Scratch<B>
|
||||
where
|
||||
Scratch<B>: TakeVmpPMat<B>,
|
||||
{
|
||||
fn take_gglwe_exec(
|
||||
&mut self,
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rows: usize,
|
||||
digits: usize,
|
||||
rank_in: usize,
|
||||
rank_out: usize,
|
||||
) -> (GGLWECiphertextExec<&mut [u8], B>, &mut Self) {
|
||||
let (data, scratch) = self.take_vmp_pmat(
|
||||
module,
|
||||
rows.div_ceil(digits),
|
||||
rank_in,
|
||||
rank_out + 1,
|
||||
k.div_ceil(basek),
|
||||
);
|
||||
(
|
||||
GGLWECiphertextExec {
|
||||
data: data,
|
||||
basek: basek,
|
||||
k,
|
||||
digits,
|
||||
},
|
||||
scratch,
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
impl<'a, B, D> TakeLike<'a, B, GGLWECiphertextExec<D, B>> for Scratch<B>
|
||||
where
|
||||
B: Backend + TakeVmpPMatImpl<B>,
|
||||
D: DataRef,
|
||||
{
|
||||
type Output = GGLWECiphertextExec<&'a mut [u8], B>;
|
||||
|
||||
fn take_like(&'a mut self, template: &GGLWECiphertextExec<D, B>) -> (Self::Output, &'a mut Self) {
|
||||
let (data, scratch) = B::take_vmp_pmat_impl(
|
||||
self,
|
||||
template.n(),
|
||||
template.rows(),
|
||||
template.data.cols_in(),
|
||||
template.data.cols_out(),
|
||||
template.size(),
|
||||
);
|
||||
(
|
||||
GGLWECiphertextExec {
|
||||
data,
|
||||
basek: template.basek(),
|
||||
k: template.k(),
|
||||
digits: template.digits(),
|
||||
},
|
||||
scratch,
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
impl<B: Backend> TakeGGSW<B> for Scratch<B>
|
||||
where
|
||||
Scratch<B>: TakeMatZnx<B>,
|
||||
{
|
||||
fn take_ggsw(
|
||||
&mut self,
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rows: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> (GGSWCiphertext<&mut [u8]>, &mut Self) {
|
||||
let (data, scratch) = self.take_mat_znx(
|
||||
module,
|
||||
rows.div_ceil(digits),
|
||||
rank + 1,
|
||||
rank + 1,
|
||||
k.div_ceil(basek),
|
||||
);
|
||||
(
|
||||
GGSWCiphertext {
|
||||
data,
|
||||
basek,
|
||||
k,
|
||||
digits,
|
||||
},
|
||||
scratch,
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
impl<'a, B, D> TakeLike<'a, B, GGSWCiphertext<D>> for Scratch<B>
|
||||
where
|
||||
B: Backend + TakeMatZnxImpl<B>,
|
||||
D: DataRef,
|
||||
{
|
||||
type Output = GGSWCiphertext<&'a mut [u8]>;
|
||||
|
||||
fn take_like(&'a mut self, template: &GGSWCiphertext<D>) -> (Self::Output, &'a mut Self) {
|
||||
let (data, scratch) = B::take_mat_znx_impl(
|
||||
self,
|
||||
template.n(),
|
||||
template.rows(),
|
||||
template.data.cols_in(),
|
||||
template.data.cols_out(),
|
||||
template.size(),
|
||||
);
|
||||
(
|
||||
GGSWCiphertext {
|
||||
data,
|
||||
basek: template.basek(),
|
||||
k: template.k(),
|
||||
digits: template.digits(),
|
||||
},
|
||||
scratch,
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
impl<B: Backend> TakeGGSWExec<B> for Scratch<B>
|
||||
where
|
||||
Scratch<B>: TakeVmpPMat<B>,
|
||||
{
|
||||
fn take_ggsw_exec(
|
||||
&mut self,
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rows: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> (GGSWCiphertextExec<&mut [u8], B>, &mut Self) {
|
||||
let (data, scratch) = self.take_vmp_pmat(
|
||||
module,
|
||||
rows.div_ceil(digits),
|
||||
rank + 1,
|
||||
rank + 1,
|
||||
k.div_ceil(basek),
|
||||
);
|
||||
(
|
||||
GGSWCiphertextExec {
|
||||
data,
|
||||
basek,
|
||||
k,
|
||||
digits,
|
||||
},
|
||||
scratch,
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
impl<'a, B, D> TakeLike<'a, B, GGSWCiphertextExec<D, B>> for Scratch<B>
|
||||
where
|
||||
B: Backend + TakeVmpPMatImpl<B>,
|
||||
D: DataRef,
|
||||
{
|
||||
type Output = GGSWCiphertextExec<&'a mut [u8], B>;
|
||||
|
||||
fn take_like(&'a mut self, template: &GGSWCiphertextExec<D, B>) -> (Self::Output, &'a mut Self) {
|
||||
let (data, scratch) = B::take_vmp_pmat_impl(
|
||||
self,
|
||||
template.n(),
|
||||
template.rows(),
|
||||
template.data.cols_in(),
|
||||
template.data.cols_out(),
|
||||
template.size(),
|
||||
);
|
||||
(
|
||||
GGSWCiphertextExec {
|
||||
data,
|
||||
basek: template.basek(),
|
||||
k: template.k(),
|
||||
digits: template.digits(),
|
||||
},
|
||||
scratch,
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
impl<B: Backend> TakeGLWEPk<B> for Scratch<B>
|
||||
where
|
||||
Scratch<B>: TakeVecZnx<B>,
|
||||
{
|
||||
fn take_glwe_pk(&mut self, module: &Module<B>, basek: usize, k: usize, rank: usize) -> (GLWEPublicKey<&mut [u8]>, &mut Self) {
|
||||
let (data, scratch) = self.take_vec_znx(module, rank + 1, k.div_ceil(basek));
|
||||
(
|
||||
GLWEPublicKey {
|
||||
data,
|
||||
k,
|
||||
basek,
|
||||
dist: Distribution::NONE,
|
||||
},
|
||||
scratch,
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
impl<'a, B, D> TakeLike<'a, B, GLWEPublicKey<D>> for Scratch<B>
|
||||
where
|
||||
B: Backend + TakeVecZnxImpl<B>,
|
||||
D: DataRef,
|
||||
{
|
||||
type Output = GLWEPublicKey<&'a mut [u8]>;
|
||||
|
||||
fn take_like(&'a mut self, template: &GLWEPublicKey<D>) -> (Self::Output, &'a mut Self) {
|
||||
let (data, scratch) = B::take_vec_znx_impl(self, template.n(), template.cols(), template.size());
|
||||
(
|
||||
GLWEPublicKey {
|
||||
data,
|
||||
basek: template.basek(),
|
||||
k: template.k(),
|
||||
dist: template.dist,
|
||||
},
|
||||
scratch,
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
impl<B: Backend> TakeGLWEPkExec<B> for Scratch<B>
|
||||
where
|
||||
Scratch<B>: TakeVecZnxDft<B>,
|
||||
{
|
||||
fn take_glwe_pk_exec(
|
||||
&mut self,
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rank: usize,
|
||||
) -> (GLWEPublicKeyExec<&mut [u8], B>, &mut Self) {
|
||||
let (data, scratch) = self.take_vec_znx_dft(module, rank + 1, k.div_ceil(basek));
|
||||
(
|
||||
GLWEPublicKeyExec {
|
||||
data,
|
||||
k,
|
||||
basek,
|
||||
dist: Distribution::NONE,
|
||||
},
|
||||
scratch,
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
impl<'a, B, D> TakeLike<'a, B, GLWEPublicKeyExec<D, B>> for Scratch<B>
|
||||
where
|
||||
B: Backend + TakeVecZnxDftImpl<B>,
|
||||
D: DataRef,
|
||||
{
|
||||
type Output = GLWEPublicKeyExec<&'a mut [u8], B>;
|
||||
|
||||
fn take_like(&'a mut self, template: &GLWEPublicKeyExec<D, B>) -> (Self::Output, &'a mut Self) {
|
||||
let (data, scratch) = B::take_vec_znx_dft_impl(self, template.n(), template.cols(), template.size());
|
||||
(
|
||||
GLWEPublicKeyExec {
|
||||
data,
|
||||
basek: template.basek(),
|
||||
k: template.k(),
|
||||
dist: template.dist,
|
||||
},
|
||||
scratch,
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
impl<B: Backend> TakeGLWESecret<B> for Scratch<B>
|
||||
where
|
||||
Scratch<B>: TakeScalarZnx<B>,
|
||||
{
|
||||
fn take_glwe_secret(&mut self, module: &Module<B>, rank: usize) -> (GLWESecret<&mut [u8]>, &mut Self) {
|
||||
let (data, scratch) = self.take_scalar_znx(module, rank);
|
||||
(
|
||||
GLWESecret {
|
||||
data,
|
||||
dist: Distribution::NONE,
|
||||
},
|
||||
scratch,
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
impl<'a, B, D> TakeLike<'a, B, GLWESecret<D>> for Scratch<B>
|
||||
where
|
||||
B: Backend + TakeScalarZnxImpl<B>,
|
||||
D: DataRef,
|
||||
{
|
||||
type Output = GLWESecret<&'a mut [u8]>;
|
||||
|
||||
fn take_like(&'a mut self, template: &GLWESecret<D>) -> (Self::Output, &'a mut Self) {
|
||||
let (data, scratch) = B::take_scalar_znx_impl(self, template.n(), template.rank());
|
||||
(
|
||||
GLWESecret {
|
||||
data,
|
||||
dist: template.dist,
|
||||
},
|
||||
scratch,
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
impl<B: Backend> TakeGLWESecretExec<B> for Scratch<B>
|
||||
where
|
||||
Scratch<B>: TakeSvpPPol<B>,
|
||||
{
|
||||
fn take_glwe_secret_exec(&mut self, module: &Module<B>, rank: usize) -> (GLWESecretExec<&mut [u8], B>, &mut Self) {
|
||||
let (data, scratch) = self.take_svp_ppol(module, rank);
|
||||
(
|
||||
GLWESecretExec {
|
||||
data,
|
||||
dist: Distribution::NONE,
|
||||
},
|
||||
scratch,
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
impl<'a, B, D> TakeLike<'a, B, GLWESecretExec<D, B>> for Scratch<B>
|
||||
where
|
||||
B: Backend + TakeSvpPPolImpl<B>,
|
||||
D: DataRef,
|
||||
{
|
||||
type Output = GLWESecretExec<&'a mut [u8], B>;
|
||||
|
||||
fn take_like(&'a mut self, template: &GLWESecretExec<D, B>) -> (Self::Output, &'a mut Self) {
|
||||
let (data, scratch) = B::take_svp_ppol_impl(self, template.n(), template.rank());
|
||||
(
|
||||
GLWESecretExec {
|
||||
data,
|
||||
dist: template.dist,
|
||||
},
|
||||
scratch,
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
impl<B: Backend> TakeGLWESwitchingKey<B> for Scratch<B>
|
||||
where
|
||||
Scratch<B>: TakeMatZnx<B>,
|
||||
{
|
||||
fn take_glwe_switching_key(
|
||||
&mut self,
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rows: usize,
|
||||
digits: usize,
|
||||
rank_in: usize,
|
||||
rank_out: usize,
|
||||
) -> (GLWESwitchingKey<&mut [u8]>, &mut Self) {
|
||||
let (data, scratch) = self.take_gglwe(module, basek, k, rows, digits, rank_in, rank_out);
|
||||
(
|
||||
GLWESwitchingKey {
|
||||
key: data,
|
||||
sk_in_n: 0,
|
||||
sk_out_n: 0,
|
||||
},
|
||||
scratch,
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
impl<'a, B, D> TakeLike<'a, B, GLWESwitchingKey<D>> for Scratch<B>
|
||||
where
|
||||
Scratch<B>: TakeLike<'a, B, GGLWECiphertext<D>, Output = GGLWECiphertext<&'a mut [u8]>>,
|
||||
B: Backend + TakeMatZnxImpl<B>,
|
||||
D: DataRef,
|
||||
{
|
||||
type Output = GLWESwitchingKey<&'a mut [u8]>;
|
||||
|
||||
fn take_like(&'a mut self, template: &GLWESwitchingKey<D>) -> (Self::Output, &'a mut Self) {
|
||||
let (key, scratch) = self.take_like(&template.key);
|
||||
(
|
||||
GLWESwitchingKey {
|
||||
key,
|
||||
sk_in_n: template.sk_in_n,
|
||||
sk_out_n: template.sk_out_n,
|
||||
},
|
||||
scratch,
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
impl<B: Backend> TakeGLWESwitchingKeyExec<B> for Scratch<B>
|
||||
where
|
||||
Scratch<B>: TakeGGLWEExec<B>,
|
||||
{
|
||||
fn take_glwe_switching_key_exec(
|
||||
&mut self,
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rows: usize,
|
||||
digits: usize,
|
||||
rank_in: usize,
|
||||
rank_out: usize,
|
||||
) -> (GLWESwitchingKeyExec<&mut [u8], B>, &mut Self) {
|
||||
let (data, scratch) = self.take_gglwe_exec(module, basek, k, rows, digits, rank_in, rank_out);
|
||||
(
|
||||
GLWESwitchingKeyExec {
|
||||
key: data,
|
||||
sk_in_n: 0,
|
||||
sk_out_n: 0,
|
||||
},
|
||||
scratch,
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
impl<'a, B, D> TakeLike<'a, B, GLWESwitchingKeyExec<D, B>> for Scratch<B>
|
||||
where
|
||||
Scratch<B>: TakeLike<'a, B, GGLWECiphertextExec<D, B>, Output = GGLWECiphertextExec<&'a mut [u8], B>>,
|
||||
B: Backend + TakeMatZnxImpl<B>,
|
||||
D: DataRef,
|
||||
{
|
||||
type Output = GLWESwitchingKeyExec<&'a mut [u8], B>;
|
||||
|
||||
fn take_like(&'a mut self, template: &GLWESwitchingKeyExec<D, B>) -> (Self::Output, &'a mut Self) {
|
||||
let (key, scratch) = self.take_like(&template.key);
|
||||
(
|
||||
GLWESwitchingKeyExec {
|
||||
key,
|
||||
sk_in_n: template.sk_in_n,
|
||||
sk_out_n: template.sk_out_n,
|
||||
},
|
||||
scratch,
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
impl<B: Backend> TakeAutomorphismKey<B> for Scratch<B>
|
||||
where
|
||||
Scratch<B>: TakeMatZnx<B>,
|
||||
{
|
||||
fn take_automorphism_key(
|
||||
&mut self,
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rows: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> (AutomorphismKey<&mut [u8]>, &mut Self) {
|
||||
let (data, scratch) = self.take_glwe_switching_key(module, basek, k, rows, digits, rank, rank);
|
||||
(AutomorphismKey { key: data, p: 0 }, scratch)
|
||||
}
|
||||
}
|
||||
|
||||
impl<'a, B, D> TakeLike<'a, B, AutomorphismKey<D>> for Scratch<B>
|
||||
where
|
||||
Scratch<B>: TakeLike<'a, B, GLWESwitchingKey<D>, Output = GLWESwitchingKey<&'a mut [u8]>>,
|
||||
B: Backend + TakeMatZnxImpl<B>,
|
||||
D: DataRef,
|
||||
{
|
||||
type Output = AutomorphismKey<&'a mut [u8]>;
|
||||
|
||||
fn take_like(&'a mut self, template: &AutomorphismKey<D>) -> (Self::Output, &'a mut Self) {
|
||||
let (key, scratch) = self.take_like(&template.key);
|
||||
(AutomorphismKey { key, p: template.p }, scratch)
|
||||
}
|
||||
}
|
||||
|
||||
impl<B: Backend> TakeAutomorphismKeyExec<B> for Scratch<B>
|
||||
where
|
||||
Scratch<B>: TakeGLWESwitchingKeyExec<B>,
|
||||
{
|
||||
fn take_automorphism_key_exec(
|
||||
&mut self,
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rows: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> (AutomorphismKeyExec<&mut [u8], B>, &mut Self) {
|
||||
let (data, scratch) = self.take_glwe_switching_key_exec(module, basek, k, rows, digits, rank, rank);
|
||||
(AutomorphismKeyExec { key: data, p: 0 }, scratch)
|
||||
}
|
||||
}
|
||||
|
||||
impl<'a, B, D> TakeLike<'a, B, AutomorphismKeyExec<D, B>> for Scratch<B>
|
||||
where
|
||||
Scratch<B>: TakeLike<'a, B, GLWESwitchingKeyExec<D, B>, Output = GLWESwitchingKeyExec<&'a mut [u8], B>>,
|
||||
B: Backend + TakeMatZnxImpl<B>,
|
||||
D: DataRef,
|
||||
{
|
||||
type Output = AutomorphismKeyExec<&'a mut [u8], B>;
|
||||
|
||||
fn take_like(&'a mut self, template: &AutomorphismKeyExec<D, B>) -> (Self::Output, &'a mut Self) {
|
||||
let (key, scratch) = self.take_like(&template.key);
|
||||
(AutomorphismKeyExec { key, p: template.p }, scratch)
|
||||
}
|
||||
}
|
||||
|
||||
impl<B: Backend> TakeTensorKey<B> for Scratch<B>
|
||||
where
|
||||
Scratch<B>: TakeMatZnx<B>,
|
||||
{
|
||||
fn take_tensor_key(
|
||||
&mut self,
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rows: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> (GLWETensorKey<&mut [u8]>, &mut Self) {
|
||||
let mut keys: Vec<GLWESwitchingKey<&mut [u8]>> = Vec::new();
|
||||
let pairs: usize = (((rank + 1) * rank) >> 1).max(1);
|
||||
|
||||
let mut scratch: &mut Scratch<B> = self;
|
||||
|
||||
if pairs != 0 {
|
||||
let (gglwe, s) = scratch.take_glwe_switching_key(module, basek, k, rows, digits, 1, rank);
|
||||
scratch = s;
|
||||
keys.push(gglwe);
|
||||
}
|
||||
for _ in 1..pairs {
|
||||
let (gglwe, s) = scratch.take_glwe_switching_key(module, basek, k, rows, digits, 1, rank);
|
||||
scratch = s;
|
||||
keys.push(gglwe);
|
||||
}
|
||||
(GLWETensorKey { keys }, scratch)
|
||||
}
|
||||
}
|
||||
|
||||
impl<'a, B, D> TakeLike<'a, B, GLWETensorKey<D>> for Scratch<B>
|
||||
where
|
||||
Scratch<B>: TakeLike<'a, B, GLWESwitchingKey<D>, Output = GLWESwitchingKey<&'a mut [u8]>>,
|
||||
B: Backend + TakeMatZnxImpl<B>,
|
||||
D: DataRef,
|
||||
{
|
||||
type Output = GLWETensorKey<&'a mut [u8]>;
|
||||
|
||||
fn take_like(&'a mut self, template: &GLWETensorKey<D>) -> (Self::Output, &'a mut Self) {
|
||||
let mut keys: Vec<GLWESwitchingKey<&mut [u8]>> = Vec::new();
|
||||
let pairs: usize = template.keys.len();
|
||||
|
||||
let mut scratch: &mut Scratch<B> = self;
|
||||
|
||||
if pairs != 0 {
|
||||
let (gglwe, s) = scratch.take_like(template.at(0, 0));
|
||||
scratch = s;
|
||||
keys.push(gglwe);
|
||||
}
|
||||
for _ in 1..pairs {
|
||||
let (gglwe, s) = scratch.take_like(template.at(0, 0));
|
||||
scratch = s;
|
||||
keys.push(gglwe);
|
||||
}
|
||||
|
||||
(GLWETensorKey { keys }, scratch)
|
||||
}
|
||||
}
|
||||
|
||||
impl<B: Backend> TakeTensorKeyExec<B> for Scratch<B>
|
||||
where
|
||||
Scratch<B>: TakeVmpPMat<B>,
|
||||
{
|
||||
fn take_tensor_key_exec(
|
||||
&mut self,
|
||||
module: &Module<B>,
|
||||
basek: usize,
|
||||
k: usize,
|
||||
rows: usize,
|
||||
digits: usize,
|
||||
rank: usize,
|
||||
) -> (GLWETensorKeyExec<&mut [u8], B>, &mut Self) {
|
||||
let mut keys: Vec<GLWESwitchingKeyExec<&mut [u8], B>> = Vec::new();
|
||||
let pairs: usize = (((rank + 1) * rank) >> 1).max(1);
|
||||
|
||||
let mut scratch: &mut Scratch<B> = self;
|
||||
|
||||
if pairs != 0 {
|
||||
let (gglwe, s) = scratch.take_glwe_switching_key_exec(module, basek, k, rows, digits, 1, rank);
|
||||
scratch = s;
|
||||
keys.push(gglwe);
|
||||
}
|
||||
for _ in 1..pairs {
|
||||
let (gglwe, s) = scratch.take_glwe_switching_key_exec(module, basek, k, rows, digits, 1, rank);
|
||||
scratch = s;
|
||||
keys.push(gglwe);
|
||||
}
|
||||
(GLWETensorKeyExec { keys }, scratch)
|
||||
}
|
||||
}
|
||||
|
||||
impl<'a, B, D> TakeLike<'a, B, GLWETensorKeyExec<D, B>> for Scratch<B>
|
||||
where
|
||||
Scratch<B>: TakeLike<'a, B, GLWESwitchingKeyExec<D, B>, Output = GLWESwitchingKeyExec<&'a mut [u8], B>>,
|
||||
B: Backend + TakeMatZnxImpl<B>,
|
||||
D: DataRef,
|
||||
{
|
||||
type Output = GLWETensorKeyExec<&'a mut [u8], B>;
|
||||
|
||||
fn take_like(&'a mut self, template: &GLWETensorKeyExec<D, B>) -> (Self::Output, &'a mut Self) {
|
||||
let mut keys: Vec<GLWESwitchingKeyExec<&mut [u8], B>> = Vec::new();
|
||||
let pairs: usize = template.keys.len();
|
||||
|
||||
let mut scratch: &mut Scratch<B> = self;
|
||||
|
||||
if pairs != 0 {
|
||||
let (gglwe, s) = scratch.take_like(template.at(0, 0));
|
||||
scratch = s;
|
||||
keys.push(gglwe);
|
||||
}
|
||||
for _ in 1..pairs {
|
||||
let (gglwe, s) = scratch.take_like(template.at(0, 0));
|
||||
scratch = s;
|
||||
keys.push(gglwe);
|
||||
}
|
||||
|
||||
(GLWETensorKeyExec { keys }, scratch)
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user