search

OpenMined / TenSEAL

A library for doing homomorphic encryption operations on tensors
Apache License 2.0
837 stars 158 forks source link

Is there a way to save encrypted vectors? #454

Closed bluetail14 closed 1 year ago

bluetail14 commented 1 year ago

Question

I have tried np.savez , torch.save and pickle.dump to save my encrypted vectors and am getting an error that 'TypeError: cannot pickle '_tenseal_cpp.CKKSVector' object'. Is there a way to save them into a file?

Further Information

Describe your question in greater length here.

e.g. of an encrypted vector

enc_x_test = [ts.ckks_vector(context, x.tolist()) for x in x_test]

    with open(f'enc_test_{i}.pkl','wb') as fIn:
        pickle.dump(enc_x_test, fIn)

or,
enc_x_arr = np.array(enc_x_test)
np.savez('enc_x_test_saved.npz', enc_x_arr)

--------------------------------------------------------------------------
TypeError                                 Traceback (most recent call last)
Cell In[10], line 1
----> 1 np.savez('enc_x_test_saved.npz', enc_x_test_arr)

File /usr/local/lib/python3.10/site-packages/numpy/lib/npyio.py:639, in savez(file, *args, **kwds)
    555 @array_function_dispatch(_savez_dispatcher)
    556 def savez(file, *args, **kwds):
    557     """Save several arrays into a single file in uncompressed ``.npz`` format.
    558 
    559     Provide arrays as keyword arguments to store them under the
   (...)
    637 
    638     """
--> 639     _savez(file, args, kwds, False)

File /usr/local/lib/python3.10/site-packages/numpy/lib/npyio.py:743, in _savez(file, args, kwds, compress, allow_pickle, pickle_kwargs)
    741     # always force zip64, gh-10776
    742     with zipf.open(fname, 'w', force_zip64=True) as fid:
--> 743         format.write_array(fid, val,
    744                            allow_pickle=allow_pickle,
    745                            pickle_kwargs=pickle_kwargs)
    747 zipf.close()

File /usr/local/lib/python3.10/site-packages/numpy/lib/format.py:719, in write_array(fp, array, version, allow_pickle, pickle_kwargs)
    717     if pickle_kwargs is None:
    718         pickle_kwargs = {}
--> 719     pickle.dump(array, fp, protocol=3, **pickle_kwargs)
    720 elif array.flags.f_contiguous and not array.flags.c_contiguous:
    721     if isfileobj(fp):

TypeError: cannot pickle '_tenseal_cpp.CKKSVector' object

Screenshots

error_saving_file If applicable, add screenshots to help explain your question.

System Information

Python 3.10. numpy '1.25.1'

Additional Context

Add any other information

youben11 commented 1 year ago

There should be a serialize and load functions for that

bluetail14 commented 1 year ago

how do I use them? e.g. enc_x_test.serialize?

tanjuntao commented 1 year ago

You can refer to this example

harper-yuan commented 8 months ago

I encrypted a 512-dimensional vector, turning it into a CKKS ciphertext encrypted_tensor, and then used the serialization function encrypted_tensor.serialize(). I found that its size became 40MB, while the original variable encrypted_tensor was only 0.046875 KB. It expanded by 1000 times, is this normal?