use std::collections::HashMap; use poulpy_core::{ GLWECopy, GLWEDecrypt, GLWEEncryptSk, GLWEExternalProduct, LWEEncryptSk, ScratchTakeCore, layouts::{ Base2K, Degree, Dnum, Dsize, GGLWEToGGSWKeyLayout, GGSWLayout, GGSWPreparedFactory, GLWEAutomorphismKeyLayout, GLWELayout, GLWESecret, GLWESecretPrepared, GLWESecretPreparedFactory, GLWESwitchingKeyLayout, GLWEToLWEKeyLayout, GLWEToMut, GLWEToRef, LWESecret, Rank, TorusPrecision, }, }; use poulpy_hal::{ api::{ModuleN, ModuleNew, ScratchOwnedAlloc, ScratchOwnedBorrow, VecZnxRotateInplace}, layouts::{Backend, Module, Scratch, ScratchOwned}, source::Source, }; use poulpy_schemes::bin_fhe::{ bdd_arithmetic::{ BDDKey, BDDKeyEncryptSk, BDDKeyLayout, BDDKeyPrepared, BDDKeyPreparedFactory, ExecuteBDDCircuit2WTo1W, FheUint, FheUintPrepare, FheUintPrepared, GLWEBlindSelection, Sltu, }, blind_rotation::{BlindRotationAlgo, BlindRotationKey, BlindRotationKeyFactory, BlindRotationKeyLayout, CGGI}, circuit_bootstrapping::CircuitBootstrappingKeyLayout, }; use rand::Rng; #[cfg(all(feature = "enable-avx", target_arch = "x86_64"))] use poulpy_cpu_avx::FFT64Avx; #[cfg(not(all(feature = "enable-avx", target_arch = "x86_64")))] use poulpy_cpu_ref::FFT64Ref; // This example demonstrates and end-to-end example usage of the BDD arithmetic API // to compute the maximum of an array of integers. fn example_max_array() where Module: ModuleNew + ModuleN + GLWESecretPreparedFactory + GLWEExternalProduct + GLWEDecrypt + LWEEncryptSk + GGSWPreparedFactory + GLWEEncryptSk + VecZnxRotateInplace + BDDKeyEncryptSk + BDDKeyPreparedFactory + FheUintPrepare + ExecuteBDDCircuit2WTo1W + GLWEBlindSelection, BlindRotationKey, BRA>: BlindRotationKeyFactory, // TODO find a way to remove this bound or move it to CBT KEY ScratchOwned: ScratchOwnedAlloc + ScratchOwnedBorrow, Scratch: ScratchTakeCore, { ////////// Parameter Selection const N_GLWE: u32 = 1024; const N_LWE: u32 = 567; const BINARY_BLOCK_SIZE: u32 = 7; const BASE2K: u32 = 17; const RANK: u32 = 1; // GLWE layout, used to generate GLWE Ciphertexts, keys, switching keys, etc let glwe_layout = GLWELayout { n: Degree(N_GLWE), base2k: Base2K(BASE2K), k: TorusPrecision(2 * BASE2K), rank: Rank(RANK), }; // Used to generate GGSW Ciphertexts let ggsw_layout = GGSWLayout { n: Degree(N_GLWE), base2k: Base2K(BASE2K), k: TorusPrecision(3 * BASE2K), rank: Rank(RANK), dnum: Dnum(3), dsize: Dsize(1), }; // Used to generate BDD Keys, for the arithmetic operations let bdd_layout = BDDKeyLayout { cbt_layout: CircuitBootstrappingKeyLayout { brk_layout: BlindRotationKeyLayout { n_glwe: Degree(N_GLWE), n_lwe: Degree(N_LWE), base2k: Base2K(BASE2K), k: TorusPrecision(4 * BASE2K), dnum: Dnum(4), rank: Rank(RANK), }, atk_layout: GLWEAutomorphismKeyLayout { n: Degree(N_GLWE), base2k: Base2K(BASE2K), k: TorusPrecision(4 * BASE2K), dnum: Dnum(4), dsize: Dsize(1), rank: Rank(RANK), }, tsk_layout: GGLWEToGGSWKeyLayout { n: Degree(N_GLWE), base2k: Base2K(BASE2K), k: TorusPrecision(4 * BASE2K), dnum: Dnum(4), dsize: Dsize(1), rank: Rank(RANK), }, }, ks_glwe_layout: Some(GLWESwitchingKeyLayout { n: Degree(N_GLWE), base2k: Base2K(BASE2K), k: TorusPrecision(4 * BASE2K), dnum: Dnum(4), dsize: Dsize(1), rank_in: Rank(RANK), rank_out: Rank(1), }), ks_lwe_layout: GLWEToLWEKeyLayout { n: Degree(N_GLWE), base2k: Base2K(BASE2K), k: TorusPrecision(4 * BASE2K), rank_in: Rank(RANK), dnum: Dnum(4), }, }; let module = Module::::new(N_GLWE as u64); // Secret key sampling source let mut source_xs: Source = Source::new([1u8; 32]); // Public randomness sampling source let mut source_xa: Source = Source::new([1u8; 32]); // Noise sampling source let mut source_xe: Source = Source::new([1u8; 32]); // Scratch space (4MB) let mut scratch: ScratchOwned = ScratchOwned::alloc(1 << 22); ////////// Key Generation and Preparation // Generating the GLWE and LWE key let mut sk_glwe = GLWESecret::alloc_from_infos(&glwe_layout); sk_glwe.fill_ternary_prob(0.5, &mut source_xs); let mut sk_lwe = LWESecret::alloc(Degree(N_LWE)); sk_lwe.fill_binary_block(BINARY_BLOCK_SIZE as usize, &mut source_xs); // Preparing the private keys let mut sk_glwe_prepared = GLWESecretPrepared::alloc_from_infos(&module, &glwe_layout); sk_glwe_prepared.prepare(&module, &sk_glwe); // Creating the public BDD Key // This key is required to prepare all Fhe Integers for operations, // and for performing the operations themselves let mut bdd_key: BDDKey, BRA> = BDDKey::alloc_from_infos(&bdd_layout); bdd_key.encrypt_sk( &module, &sk_lwe, &sk_glwe, &mut source_xa, &mut source_xe, scratch.borrow(), ); ////////// Input Encryption // Encrypting the inputs let mut rng = rand::rng(); let inputs: Vec = (0..3).map(|_| rng.random_range(0..u32::MAX - 1)).collect(); let mut inputs_enc: Vec, u32>> = Vec::new(); for input in &inputs { let mut next_input = FheUint::alloc_from_infos(&glwe_layout); next_input.encrypt_sk( &module, *input, &sk_glwe_prepared, &mut source_xa, &mut source_xe, scratch.borrow(), ); inputs_enc.push(next_input); } //////// Homomorphic computation starts here //////// // Preparing the BDD Key // The BDD key must be prepared once before any operation is performed let mut bdd_key_prepared: BDDKeyPrepared, BRA, BE> = BDDKeyPrepared::alloc_from_infos(&module, &bdd_layout); bdd_key_prepared.prepare(&module, &bdd_key, scratch.borrow()); let mut max_enc: FheUint, u32> = FheUint::alloc_from_infos(&glwe_layout); max_enc.encrypt_sk( &module, 0, &sk_glwe_prepared, &mut source_xa, &mut source_xe, scratch.borrow(), ); // Copy of max_enc for the HashMap let mut max_enc_copy: FheUint, u32> = FheUint::alloc_from_infos(&glwe_layout); // Allocating the intermediate ciphertext c_enc let mut compare_enc: FheUint, u32> = FheUint::alloc_from_infos(&glwe_layout); let mut compare_enc_prepared: FheUintPrepared, u32, BE> = FheUintPrepared::alloc_from_infos(&module, &ggsw_layout); for input_i in inputs_enc.iter_mut() { let mut max_enc_prepared: FheUintPrepared, u32, BE> = FheUintPrepared::alloc_from_infos(&module, &ggsw_layout); max_enc_prepared.prepare(&module, &max_enc, &bdd_key_prepared, scratch.borrow()); let mut input_i_enc_prepared: FheUintPrepared, u32, BE> = FheUintPrepared::alloc_from_infos(&module, &ggsw_layout); input_i_enc_prepared.prepare(&module, input_i, &bdd_key_prepared, scratch.borrow()); // b = (input_i < max) compare_enc.sltu( &module, &input_i_enc_prepared, &max_enc_prepared, &bdd_key_prepared, scratch.borrow(), ); compare_enc_prepared.prepare(&module, &compare_enc, &bdd_key_prepared, scratch.borrow()); module.glwe_copy(&mut max_enc_copy.to_mut(), &max_enc.to_ref()); let cts = HashMap::from([(0, input_i), (1, &mut max_enc_copy)]); as GLWEBlindSelection>::glwe_blind_selection( &module, &mut max_enc, cts, &compare_enc_prepared, 0, 1, scratch.borrow(), ); } //////// Homomorphic computation ends here //////// // Decrypting the result let result_dec = max_enc.decrypt(&module, &sk_glwe_prepared, scratch.borrow()); // result = max of inputs let result_correct = inputs.iter().max().unwrap(); println!("Result: {} == {}", result_dec, result_correct); } fn main() { #[cfg(all(feature = "enable-avx", target_arch = "x86_64"))] example_max_array::(); #[cfg(not(all(feature = "enable-avx", target_arch = "x86_64")))] example_max_array::(); }