Why modulus switching is done after add plainext to cyphertext?

[lzunsec]

When you encrypt a number n, it encrypt zero and adds the plaintext n to it. For some reason, the encrypt_zero_internal switches the modulo from 3 to 2 after encrypting the 0 number asymetrically: https://github.com/microsoft/SEAL/blob/6bfac481aae4057ea887d42eb0f24371e9b4c4f9/native/src/seal/encryptor.cpp#L137, at least if you start with a RNS base of size 3 in the bfv_basics example and encrypt asymetrically.

Why such modulus switch is done? I couldn't find any justifications. I suspect it has to do with making relinearization easier, but I couldn't find any justification on that

[WeiDaiWD]

Asymmetric encryption introduces larger noise than symmetric encryption. The added modulus switching helps to scale down the noise introduced in asymmetric encryption.

[fionser]

@lzunsec "I suspect it has to do with making relinearization easier,"

• In fact the modSwitch is used to scale down the noise in the ciphertext at the first beginning
• Then some smart people have figured out how to use it with other tech to accelerate KS.

[lzunsec]

@fionser sorry what is KS?

[fionser]

@fionser sorry what is KS?

the keyswtiching operation (i.e., used in relinearization and rotation)