Microsoft SEAL is an easy-to-use and powerful homomorphic encryption library.
MIT License
Bot releases are hidden (Show)
Published by kimlaine over 4 years ago
std::void_t
was introduced only in C++17; switched to using a custom implementation (Issue 180).native/src/CMakeConfig.cmd
: The first prevented SEAL to be built in a directory with spaces in the path due to missing quotation marks. Another issue caused MSVC to fail when building SEAL for multiple architectures.RNSBase::decompose_array
had incorrect semantics that caused Evaluator::multiply_plain_normal
and Evaluator::transform_to_ntt_inplace
(for Plaintext
) to behave incorrectly for some plaintexts.seal::util::PtrIter<T *>
now dereferences correctly to T &
instead of T *
.SEAL_ITERATE
lambda functions dereferences of seal::util::PtrIter<T *>
do not need to be dereferenced a second time, as was particularly common when iterating over ModulusIter
and NTTTablesIter
types.seal::util::IterTuple
now dereferences to an std::tuple
of dereferences of its component iterators, so it is no longer possible to directly pass a dereferenced seal::util::IterTuple
to an inner lambda function in nested SEAL_ITERATE
calls.seal::util::iter
before passed on to the inner SEAL_ITERATE
to produce an appropriate seal::util::IterTuple
.Published by kimlaine over 4 years ago
seal::util::IterTuple<...>
where a part of the value_type
was constructed incorrectly.Evaluator::mod_switch_drop_to_next
that caused non-inplace modulus switching to fail (Issue 179). Thanks s0l0ist!Published by kimlaine over 4 years ago
seal::util::iter
and seal::util::reverse_iter
functions that can create any type of iterator from appropriate parameters.seal::util::SeqIter<T>
iterator for iterating a sequence of numbers for convenient iteration indexing.seal/util/polyarithsmallmod.*
to use iterators; this is to reduce the layers of iteration in higher level code.SEAL_ITERATE
that should be used instead of for_each_n
.Published by kimlaine over 4 years ago
Changed version to 3.5.1.
Published by kimlaine over 4 years ago
Evaluator::multiply_plain_inplace
. Thanks s0l0ist!CMakeLists.txt
.CMakeLists.txt
that builds all native components.SEAL::seal
(static library), SEAL::seal_shared
(shared library; optional), SEAL::sealc
(C export library; optional).native/src/gsl
and installed with Microsoft SEAL.Serialization::SEALHeader
layout has been changed. SEAL 3.4 objects can still be loaded by SEAL 3.5, and the headers are automatically converted to SEAL 3.5 format.Serialization::SEALHeader
captures version number information.Encryptor
's symmetric-key encryption and KeyGenerator
's RelinKeys
and GaloisKeys
generation now output Serializable
objects. See more details in API Changes below.We have created a set of C++ iterators that easily allows looping over polynomials in a ciphertext, over RNS components in a polynomial, and over coefficients in an RNS component. There are also a few other iterators that can come in handy. Currently Evaluator
fully utilizes these, and in the future the rest of the library will as well.
The iterators are primarily intended to be used with std::for_each_n
to simplify existing code and help with code correctness. Please see native/src/seal/util/iterator.h for guidance on how to use these.
We have also completely rewritten the RNS tools that were previously in the util::BaseConverter
class. This functionality is now split between two classes: util::BaseConverter
whose sole purpose is to perform the FastBConv
computation of [BEHZ16] and util::RNSTool
that handles almost everything else. RNS bases are now represented by the new util::RNSBase
class.
The following changes are explained in C++ syntax and are introduced to .NET wrappers similarly:
Serializable
wraps Ciphertext
, RelinKeys
, and GaloisKeys
objects to provide a more flexible approach to the functionality provided in release 3.4 by KeyGenerator::[relin|galois]_keys_save
and Encryptor::encrypt_[zero_]symmetric_save
functions. Specifically, these functions have been removed and replaced with overloads of KeyGenerator::[relin|galois]_keys
and Encryptor::encrypt_[zero_]symmetric
that return Serializable
objects. The KeyGenerator::[relin|galois]_keys
methods in release 3.4 are renamed to KeyGenerator::[relin|galois]_keys_local
. The Serializable
objects cannot be used directly by the API, and are only intended to be serialized, which activates the compression functionalities introduced earlier in release 3.4.SmallModulus
class is renamed to Modulus
, and is relocated to native/src/seal/modulus.h.*coeff_mod_count*
methods are renamed to *coeff_modulus_size*
, which applies to many classes.parameter_error_name
and parameter_error_message
methods are added to EncryptionParameterQualifiers
and SEALContext
classes to explain why an EncryptionParameters
object is invalid.Serialization::SEALHeader
have changed.The following changes are specific to C++:
SEAL_POLY_MOD_DEGREE_MAX
is increased to 131072; values bigger than 32768 require the security check to be disabled by passing sec_level_type::none
to SEALContext::Create
.SEAL_COEFF_MOD_COUNT_MAX
is increased to 64.SEAL_MOD_BIT_COUNT_MAX
and SEAL_MOD_BIT_COUNT_MIN
are added and set to 61 and 2, respectively.SEAL_INTERNAL_MOD_BIT_COUNT
is added and set to 61.EncryptionParameterQualifiers
now has an error code parameter_error
that interprets the reason why an EncryptionParameters
object is invalid.bool parameters_set()
is added to replace the previous bool parameters_set
member.The following changes are specific to .NET:
SEALVersion
class.SEAL_POLY_MOD_DEGREE_MAX
and SEAL_COEFF_MOD_COUNT_MAX
in native/src/seal/util/defines.h.(Issue 150, Issue 84)std::invalid_argument
(native) or ArgumentException
(.NET)..clang-format
for automated formatting of C++ (.cpp
and .h
) files. Execute tools/scripts/clang-format-all.sh
for easy formatting (UNIX-like systems only). This is compatible with clang-format-9 and above. Formatting for C# is not yet supported.(Issue 93)
dotnet/native/
is moved to native/src/seal/c/ and renamed to SEAL_C to support building of wrapper libraries in languages like .NET, Java, Python, etc.Evaluator
are in general improved.(PR 148) This is compiler-dependent, however, and currently Clang seems to produce the fastest running code for Microsoft SEAL.Renamed files and directories:
dotnet/examples/6_Performance.cs
native/examples/6_performance.cpp
dotnet/native/sealnet
.native/src/seal/util/smallntt.h
.native/src/seal/util/smallntt.cpp
.native/tests/seal/util/smallntt.cpp
.New files:
Removed files:
dotnet/src/SmallModulus.cs
is merged to dotnet/src/ModulusTests.cs.dotnet/tests/SmallModulusTests.cs
is merged to dotnet/tests/ModulusTests.cs.native/src/seal/util/baseconverter.h
native/src/seal/util/baseconverter.cpp
native/src/seal/smallmodulus.h
is merged to native/src/seal/modulus.h.native/src/seal/smallmodulus.cpp
is merged to native/src/seal/modulus.cpp.native/src/seal/c/smallmodulus.h
is merged to native/src/seal/c/modulus.h.native/src/seal/c/smallmodulus.cpp
is merged to native/src/seal/c/modulus.cpp.native/tests/seal/smallmodulus.cpp
is merged to native/tests/seal/modulus.cpp.native/tests/seal/util/baseconverter.cpp
Published by kimlaine almost 5 years ago
Published by kimlaine almost 5 years ago
Published by kimlaine almost 5 years ago
Published by kimlaine almost 5 years ago
Published by kimlaine almost 5 years ago
In this version, we have significantly improved the usability of the CKKS
scheme in Microsoft SEAL and many of these improvements apply to the BFV
scheme as well. Homomorphic operations that are based on key switching,
i.e., relinearization and rotation, do not consume any noise budget (BFV)
or impact accuracy (CKKS). The implementations of these operations are
significantly simplified and unified, and no longer use bit decomposition,
so decomposition bit count is gone. Moreover, fresh ciphertexts now have
lower noise. These changes have an effect on the API and it will
be especially worthwhile for users of older versions of the library to study
the examples and comments in
native/examples/3_levels.cpp (C++) or
dotnet/examples/3_Levels.cs (C#).
The setup of EncryptionParameters
has been made both easier and safer
(see API Changes below).
The examples in native/examples/ and
dotnet/examples/ have been redesigned to better teach
the multiple technical concepts required to use Microsoft SEAL correctly and
efficiently, and more compactly demonstrate the API.
Deleted header files:
New header files:
RelinKeys
and GaloisKeys
)In class SEALContext
:
context_data(parms_id_type)
with get_context_data(parms_id_type)
;context_data()
;key_context_data()
, key_parms_id()
, first_context_data()
, andlast_context_data()
;using_keyswitching()
that indicates whether key switching is supportedSEALContext
;Create(...)
in C++, and constructor in C#, now accepts an optional securityprev_context_data()
method to class ContextData
(doubly linked modulusSEALContext
now has a public constructor.Parameter selection:
DefaultParams
class;coeff_modulus
for the BFV scheme are now accessed through the functionCoeffModulus::BFVDefault(...)
. These moduli are not recommended for the CKKS scheme;coeff_modulus
for the CKKS scheme can be created usingCoeffModulus::Create(...)
which takes the poly_modulus_degree
and a vector ofSmallModulus
elements.PlainModulus::Batching(...)
can be used to sample a prime for plain_modulus
BatchEncoder
for the BFV scheme.Other important changes:
size_capacity
function and data members from Ciphertext
class;is_valid_for
and is_metadata_valid_for
valcheck.h
;decomposition_bit_count
from methods relin_keys(...)
andgalois_keys(...)
in class KeyGenerator
;Encryptor
;SmallModulus
;RelinKeys
and GaloisKeys
are now derived from a common base classKSwitchKeys
;Published by kimlaine almost 5 years ago
Published by kimlaine almost 5 years ago
find_package(seal QUIET)
).[[nodiscard]]
attribute when compiling as C++17.Evaluator::multiply_many
where the input vector was changed.Published by kimlaine almost 5 years ago
Microsoft SEAL can use ZLIB, a data compression library,
to automatically compress data that is serialized. This applies to every serializable object
in Microsoft SEAL. This feature must be enabled by the user. See more explanation of the compression
mechanism in README.md. Microsoft SEAL does not redistribute ZLIB.
AES-128 is replaced with the BLAKE2 family of hash functions in the pseudorandom number generator,
as BLAKE2 provides better cross-platform support. Microsoft SEAL redistributes the
reference implementation of BLAKE2
with light modifications to silence some misleading warnings in Visual Studio. The reference
implementation of BLAKE2 is licensed under
CC0 1.0 Universal; see license boilerplates
in files native/src/seal/util/blake*.
The serialization functionality has been completely rewritten to make it more safe and robust.
Every serialized Microsoft SEAL object starts with a 16-byte Serialization::SEALHeader
struct,
and then includes the data for the object member variables. Every serializable object can now also
be directly serialized into a memory buffer instead of a C++ stream. This improves serialization
for .NET and makes it much easier to wrap the serialization functionality in other languages, e.g.,
Java. Unfortunately, old serialized Microsoft SEAL objects are incompatible with the new format.
A ciphertext encrypted with a secret key, for example, a keyswitching key, has one component
generated by the PRNG. By using a seeded PRNG, this component can be replaced with the random seed
used by the PRNG to reduce data size. After transmitted to another party with Microsoft SEAL, the
component can be restored (regenerated) with the same seed. The security of using seeded PRNG is
enhanced by switching to BLAKE2 hash function with a 512-bit seed.
Encryptor
now can be constructed with a secret key. This enables symmetric key encryption which
has methods that serialize ciphertexts (compressed with a seed) to a C++ stream or a memory buffer.
The CMake system has been improved. For example, multiple versions of Microsoft SEAL can now be
installed on the same system easily, as the default installation directory and library filename now
depend on the version of Microsoft SEAL. Examples and unit tests can now be built without installing
the library. README.md has been updated to reflect these changes.
Encryptor::encrypt
operations in the BFV scheme are modified. Each coefficient of a plaintext
message is first multiplied with the ciphertext modulus, then divided by the plaintext modulus, and
rounded to the nearest integer. In comparison with the previous method, where each coefficient of a
plaintext message is multiplied with the flooring of the coefficient modulus divided by the plaintext
modulus, the new method reduces the noise introduced in encryption, increases a noise budget of a
fresh encryption, slightly slows down encryption, and has no impact on the security at all.
Merged PR 62 that uses a non-adjacent form (NAF)
decomposition of random rotations to perform them in a minimal way from power-of-two rotations in
both directions. This improves performance of random rotations.
In all classes with save
and load
methods:
save
with two new methods that saves to either a C++ stream or a memory buffer.load
with two new methods that loads from either a C++ stream or a memory buffer.save_size
to get an upper bound on the size of the object as if it was written tosave_size
member function returns.save
and load
methods rely on the Serialization
class declared in serialization.h
.In class Ciphertext
:
int_array
for read-only access to the underlying IntArray
object.uint64_count_capacity
and uint64_count
that can now be accessed in a moreint_arrar
return value.In class CKKSEncoder
: added support for gsl::span
type of input.
In class SEALContext::ContextData
: added method coeff_mod_plain_modulus
for read-only access to
the non-RNS version of upper_half_increment
.
In class EncryptionParameters
: an EncryptionParameters
object can be constructed without
scheme_type
which by default is set to scheme_type::none
.
In class Encryptor
:
Encryptor
object can now be constructed with a secret key to enable symmetric key encryption.encrypt_symmetric
and encrypt_zero_symmetric
that generate a Ciphertext
usingencrypt_symmetric_save
and encrypt_zero_symmetric_save
that directly serializeCiphertext
to a C++ stream or a memory buffer. The resulting Ciphertext
no longIn class KeyGenerator
:
relin_keys_save
and galois_keys_save
that generate and directly serialize keysgalois_keys
and galois_keys_save
throw an exception if EncryptionParameters
do notIn class Plaintext
: added a method int_array
for read-only access to the underlying IntArray
object.
In class UniformRandomGenerator
and UniformRandomGeneratorFactory
: redesigned for users to
implement their own random number generators more easily.
In file valcheck.h
: validity checks are partitioned into finer methods; the is_valid_for(...)
functions will validate all aspects fo the Microsoft SEAL ojects.
New classes BlakePRNG
and BlakePRNGFactory
: uses Blake2 family of hash functions for PRNG.
New class Serialization
:
New files:
Removed files:
API changes are mostly identical in terms of functionality to those in C++ native, except only
the IsValidFor
variant of the validity check functions is available in .NET, the more granular
checks are not exposed.
New files:
encrypt_zero_asymmetric
in native/src/seal/util/rlwe.his_ntt_form == false
correctly.GaloisKeys
can no longer be created with encryption parameters that do not support batching.Published by kimlaine almost 5 years ago
This patch fixes a few issues with ZLIB support on Windows. Specifically,
native/src/CMakeConfig.cmd
where the CMake library search pathPublished by kimlaine almost 5 years ago
find_package(SEAL 3.4)
works correctly and selects the newest version 3.4.x
it canPublished by kimlaine almost 5 years ago
Encryptor.EncryptSymmetric...
, where asymmetric encryptionKeyGenerator::galois_keys
and KeyGenerator::relin_keys
from being called when theDecryptor::invariant_noise_budget
where the computed noise budget waslog(plain_modulus)
bits smaller than it was supposed to be.gsl::multi_span
, as it was recently deprecated in GSL.Published by kimlaine almost 5 years ago
SEALNet.targets
file and SEALNet.nuspec.in
.README.md
with information about existing multi-platformPublished by WeiDaiWD almost 5 years ago
unordered_map
storing SEALContext
pointers wasSEALContext
objects.