I cannot fully digest on how the RGSW evaluation keys are generates and have the following questions:
My understanding is that, the skN variable generated here is used for encrypting the LWEPlaintext (i.e., int64_t) variables into RGSW ciphertexts; and thus we need a switching key from skN to LWEsk (which is the secret key to decrypt the final LWE ciphertext after extracting the constant term). Could you please tell me if my understanding is correct?
Based on the algorithm in the paper, the extraction of the final accumulator would be r, which we suppose is the result of inner product on the power of X. I wonder if there will be some error due to the encryption of LWEPlaintext into the evaluation keys of RGSW form? I.e, if the result is 7 (=a-bs), will it be actually 6? Basically I want to make the underlying LWE plaintext space larger than binary and would like to know what is the range of the error during decryption.
I am trying to make the final accumulator to stay in the form of a monomial X^r, i.e., the extraction of constant term would be zero, and the extraction of r-th term would be one. Could you please provide some instructions on how to change the code? I removed the factor of Gpow in https://github.com/openfheorg/openfhe-development/blob/main/src/binfhe/lib/rgsw-acc-dm.cpp#L107-L109 (so that it would be an encryption of X^m, instead of G*X^m), and it seems now the extraction of constant term indeed results in around 0. Am I doing this correctly? But again, this has some error (sometimes I get 0, sometimes I get -1/1/2 instead), could I apply a functional mapping on the coefficient to make it binary?
Sorry for the detailed questions; any insights here would be really helpful to me.
Great thanks!!
Hi there,
I am trying to understand the code of RLWE x RGSW inside this file: https://github.com/openfheorg/openfhe-development/blob/main/src/binfhe/lib/rgsw-acc-dm.cpp with respect to your paper: https://eprint.iacr.org/2020/086.pdf.
I cannot fully digest on how the RGSW evaluation keys are generates and have the following questions:
skNvariable generated here is used for encrypting the LWEPlaintext (i.e., int64_t) variables into RGSW ciphertexts; and thus we need a switching key fromskNtoLWEsk(which is the secret key to decrypt the final LWE ciphertext after extracting the constant term). Could you please tell me if my understanding is correct?r, which we suppose is the result of inner product on the power of X. I wonder if there will be some error due to the encryption of LWEPlaintext into the evaluation keys of RGSW form? I.e, if the result is 7 (=a-bs), will it be actually 6? Basically I want to make the underlying LWE plaintext space larger than binary and would like to know what is the range of the error during decryption.X^r, i.e., the extraction of constant term would be zero, and the extraction ofr-th term would be one. Could you please provide some instructions on how to change the code? I removed the factor ofGpowin https://github.com/openfheorg/openfhe-development/blob/main/src/binfhe/lib/rgsw-acc-dm.cpp#L107-L109 (so that it would be an encryption ofX^m, instead ofG*X^m), and it seems now the extraction of constant term indeed results in around 0. Am I doing this correctly? But again, this has some error (sometimes I get 0, sometimes I get -1/1/2 instead), could I apply a functional mapping on the coefficient to make it binary?Sorry for the detailed questions; any insights here would be really helpful to me. Great thanks!!