HElib is an open-source software library that implements homomorphic encryption. It supports the BGV scheme with bootstrapping and the Approximate Number CKKS scheme. HElib also includes optimizations for efficient homomorphic evaluation, focusing on effective use of ciphertext packing techniques and on the Gentry-Halevi-Smart optimizations.
EncryptedArray: change behavior of encrypt/encode for PtxtArray to be
more forgiving, in keeping with the general philosophy of that class
EncryptedArray: added Norm and Distance functions for PtxtArray,
where Norm is the trivial norm for BGV
EncryptedArray: with Norm and Distance defined, I got rid of the approx_equal
function for PtxtArray, as it is now redundant
Context: renamed makeBootstrappable enableBootStrapping, and got rid of
the skHwt parameter
GenSecKey: got rid of the skHwt parameter
NOTE: skHwt should be specified when building a context, as it is
needed in a number of calculations at that time. So now,
all secret keys are generated with the skHwt as specified
at that time. The default is 0, which means "dense",
unless bootstrapping is indicated, in which case the default
is BOOT_DFLT_SK_HWT=120. I got rid of skHwt a few other
places as well. In building a context, skHwt is passed as
a parameter to buildModChain. However, most users should be
using ContextBuilder, so this detail is not so important.
Updated Test_General.cpp to new api (I thought I did this before, but it got lost in git)
Updated calculation of nbits in addSpecialPrimes: this should now be
a smaller and more accurate number, which leads to greater security level
for a given L.
Made reLinearize for CKKS more robust so that it protects precision better.
Added overflow check to CKKS encoding
Also made the hoisting code in matmul protect against precision loss
Disabled copy/move constructor for Context and changed
the interface to ContextBuilder. I used ifdef's to make this
all undoable. Also, one can write
Context context { ContextBuilder()...build(); }
and this will work under both the old and new regime.
The new regime does not require ".build()".
Switched meaning of Ctxt *= Ctxt to call multiplyBy, which is
the high-level routine. There already is a function called multLowLvl
which does the "raw" multiply. We can add a synonym for that if
we don't like the name.
Implemented new interfaces to help support mitigation of new CKKS
vulnerabilities. In general, these interfaces make the "default"
behavior more real-data oriented. This mainly affects just the
Ptxt functionality. I also implemenetd an initial mitigation
strategy, but this is subject to change. For now, all of these
are ifdef'd out, as all of this is still in flux.
Added PtxtArray support for totalSums and runningSums, as well as functions
for Ctxt's that don't take an EA arg.
class Ptxt:
added encode method to encode to new EncodedPtxt class
updated Encrypt method and all of the op= methods
to use EncondedPtxt class
updated Decrypt for CKKS to use the View::decrypt.
This is to (a) reduce code duplication, and (b)
benefit from any CKKS vulnerability mitigation introduced
in View::decrypt.
NumbTh: added function NextPow2
EncryptedArray: change behavior of encrypt/encode for PtxtArray to be more forgiving, in keeping with the general philosophy of that class
EncryptedArray: added Norm and Distance functions for PtxtArray, where Norm is the trivial norm for BGV
EncryptedArray: with Norm and Distance defined, I got rid of the approx_equal function for PtxtArray, as it is now redundant
Context: renamed makeBootstrappable enableBootStrapping, and got rid of the skHwt parameter
GenSecKey: got rid of the skHwt parameter
NOTE: skHwt should be specified when building a context, as it is needed in a number of calculations at that time. So now, all secret keys are generated with the skHwt as specified at that time. The default is 0, which means "dense", unless bootstrapping is indicated, in which case the default is BOOT_DFLT_SK_HWT=120. I got rid of skHwt a few other places as well. In building a context, skHwt is passed as a parameter to buildModChain. However, most users should be using ContextBuilder, so this detail is not so important.
Updated Test_General.cpp to new api (I thought I did this before, but it got lost in git)
Updated calculation of nbits in addSpecialPrimes: this should now be a smaller and more accurate number, which leads to greater security level for a given L.
Made reLinearize for CKKS more robust so that it protects precision better.
Added overflow check to CKKS encoding
Also made the hoisting code in matmul protect against precision loss
Disabled copy/move constructor for Context and changed the interface to ContextBuilder. I used ifdef's to make this all undoable. Also, one can write Context context { ContextBuilder()...build(); }
and this will work under both the old and new regime.
The new regime does not require ".build()".
Switched meaning of Ctxt *= Ctxt to call multiplyBy, which is the high-level routine. There already is a function called multLowLvl which does the "raw" multiply. We can add a synonym for that if we don't like the name.
Implemented new interfaces to help support mitigation of new CKKS vulnerabilities. In general, these interfaces make the "default" behavior more real-data oriented. This mainly affects just the Ptxt functionality. I also implemenetd an initial mitigation strategy, but this is subject to change. For now, all of these are ifdef'd out, as all of this is still in flux.
Added PtxtArray support for totalSums and runningSums, as well as functions for Ctxt's that don't take an EA arg.
class Ptxt: