HElib is an open-source software library that implements homomorphic encryption. It supports the BGV scheme with bootstrapping and the Approximate Number CKKS scheme. HElib also includes optimizations for efficient homomorphic evaluation, focusing on effective use of ciphertext packing techniques and on the Gentry-Halevi-Smart optimizations.
For security-level in the range of 70-260 it is possible to get a very good approximation of the lwe-estimator output using a simple affine formula, security = A*x+B, where x = n / log(1/alpha). The constants A and B depend on the Hamming weight of the secret key, we have different lines for different weights.
We tested it for weights in the range of 120-480, and for each setting determined some A,B values which are conservative wrt what the lwe-estimator says. See attached file with the collected data and resulting conservative affine functions conservative-estimates.pdf
This PR adds an optional parameter hwt to Context::securityLevel(), and uses these lines to get an estimate (instead of the old line from [AP09])
We did extensive experimentation with the lwe-estimator at https://bitbucket.org/malb/lwe-estimator/raw/HEAD/estimator.py
For security-level in the range of 70-260 it is possible to get a very good approximation of the lwe-estimator output using a simple affine formula, security = A*x+B, where x = n / log(1/alpha). The constants A and B depend on the Hamming weight of the secret key, we have different lines for different weights.
We tested it for weights in the range of 120-480, and for each setting determined some A,B values which are conservative wrt what the lwe-estimator says. See attached file with the collected data and resulting conservative affine functions conservative-estimates.pdf
This PR adds an optional parameter hwt to Context::securityLevel(), and uses these lines to get an estimate (instead of the old line from [AP09])