Closed Drenches closed 1 month ago
Hello. Actually we use none of BFV or BGV, but TFHE. You will see several of our videos who explain TFHE, https://www.youtube.com/@zama_fhe/videos
And for the cryptographic parameters: actually, Concrete (and on top, Concrete ML) aims to simplify the user experience. And here, our typical user is a data scientist or a ML practitioner. So, they write Python and they don't know / want to know anything about cryptography: they just want that it works.
So, we'll normally not show the parameters to them, nor let them the complicated task to find them (has to be secure, accurate and optimal, which is very difficult).
But if you really want to see, there is an option that you could find in the documentation https://docs.zama.ai/concrete . In particular, there is a show_optimizer
option in the compilation, which will print things like:
Optimizer
-------------------------------------------------------------------------------------------------------------------------------------------------------
### Optimizer display
--- Circuit
4 bits integers
0 manp (maxi log2 norm2)
--- User config
1.000000e+00 error per pbs call
1.000000e-05 error per circuit call
-- Solution correctness
For each pbs call: 1/150879, p_error (6.627801e-06)
For the full circuit: 1/103675 global_p_error(9.645478e-06)
--- Complexity for the full circuit
6.200000e+01 Millions Operations
-- Circuit Solution
CircuitSolution {
circuit_keys: CircuitKeys {
secret_keys: [
SecretLweKey {
identifier: 0,
polynomial_size: 1024,
glwe_dimension: 1,
description: "big-secret[#0 : partitions [0]]",
},
SecretLweKey {
identifier: 1,
polynomial_size: 738,
glwe_dimension: 1,
description: "small-secret[#1 : partitions [1]]",
},
],
keyswitch_keys: [
KeySwitchKey {
identifier: 0,
input_key: SecretLweKey {
identifier: 0,
polynomial_size: 1024,
glwe_dimension: 1,
description: "big-secret[#0 : partitions [0]]",
},
output_key: SecretLweKey {
identifier: 1,
polynomial_size: 738,
glwe_dimension: 1,
description: "small-secret[#1 : partitions [1]]",
},
ks_decomposition_parameter: KsDecompositionParameters {
level: 4,
log2_base: 3,
},
description: "ks[#0 : partitions [0] -> [1]]",
},
],
bootstrap_keys: [
BootstrapKey {
identifier: 0,
input_key: SecretLweKey {
identifier: 1,
polynomial_size: 738,
glwe_dimension: 1,
description: "small-secret[#1 : partitions [1]]",
},
output_key: SecretLweKey {
identifier: 0,
polynomial_size: 1024,
glwe_dimension: 1,
description: "big-secret[#0 : partitions [0]]",
},
br_decomposition_parameter: BrDecompositionParameters {
level: 2,
log2_base: 8,
},
description: "pbs[#0 : partitions [1] -> [0]]",
},
],
conversion_keyswitch_keys: [],
circuit_bootstrap_keys: [],
private_functional_packing_keys: [],
},
instructions_keys: [],
crt_decomposition: [],
complexity: 61979934.0,
p_error: 6.627800740887001e-6,
global_p_error: 9.645477781347605e-6,
is_feasible: true,
error_msg: "",
}###
Thanks for your quick reply! It's very helpful for me.
Of course. Do you mind if we close the issue?
Sure, I don't mind. Thank you.
Hello! Thanks for the great project. The HE part is user-oblivious and very easy to use in my application. But I want to know what exact HE algorithm is used in https://github.com/zama-ai/concrete-ml/tree/main/use_case_examples/cifar/cifar_brevitas_training. Is that BFV or BGV? How can I locate the parameters of encryption scheme in the source code?