| Safe Haskell | None |
|---|---|
| Language | Haskell2010 |
Crypto.Lol.Applications.SymmSHE
Contents
Description
Symmetric-key somewhat homomorphic encryption.
- data SK r
- type PT rp = rp
- data CT m zp r'q
- genSK :: (GenSKCtx t m z v, MonadRandom rnd) => v -> rnd (SK (Cyc t m z))
- encrypt :: forall t m m' z zp zq e rnd. (EncryptCtx t m m' z zp zq, MonadRandom rnd) => SK (Cyc t m' z) -> PT (Cyc t m zp) -> rnd (CT m zp (Cyc t m' zq))
- errorTerm :: ErrorTermCtx t m' z zp zq => SK (Cyc t m' z) -> CT m zp (Cyc t m' zq) -> Cyc t m' (LiftOf zq)
- errorTermUnrestricted :: (Reduce z zq, Lift' zq, CElt t z, ToSDCtx t m' zp zq) => SK (Cyc t m' z) -> CT m zp (Cyc t m' zq) -> Cyc t m' (LiftOf zq)
- decrypt :: forall t m m' z zp zq. DecryptCtx t m m' z zp zq => SK (Cyc t m' z) -> CT m zp (Cyc t m' zq) -> PT (Cyc t m zp)
- decryptUnrestricted :: (Fact m, Fact m', CElt t zp, m `Divides` m', Reduce z zq, Lift' zq, CElt t z, ToSDCtx t m' zp zq, Reduce (LiftOf zq) zp) => SK (Cyc t m' z) -> CT m zp (Cyc t m' zq) -> PT (Cyc t m zp)
- toMSD :: ToSDCtx t m' zp zq => CT m zp (Cyc t m' zq) -> CT m zp (Cyc t m' zq)
- toLSD :: ToSDCtx t m' zp zq => CT m zp (Cyc t m' zq) -> CT m zp (Cyc t m' zq)
- addScalar :: AddScalarCtx t m' zp zq => zp -> CT m zp (Cyc t m' zq) -> CT m zp (Cyc t m' zq)
- addPublic :: forall t m m' zp zq. AddPublicCtx t m m' zp zq => Cyc t m zp -> CT m zp (Cyc t m' zq) -> CT m zp (Cyc t m' zq)
- mulPublic :: forall t m m' zp zq. MulPublicCtx t m m' zp zq => Cyc t m zp -> CT m zp (Cyc t m' zq) -> CT m zp (Cyc t m' zq)
- embedSK :: (CElt t z, m `Divides` m') => SK (Cyc t m z) -> SK (Cyc t m' z)
- embedCT :: (CElt t zq, r `Divides` r', s `Divides` s', r `Divides` s, r' `Divides` s') => CT r zp (Cyc t r' zq) -> CT s zp (Cyc t s' zq)
- twaceCT :: (CElt t zq, r `Divides` r', s' `Divides` r', s ~ FGCD s' r) => CT r zp (Cyc t r' zq) -> CT s zp (Cyc t s' zq)
- rescaleLinearCT :: (RescaleCyc (Cyc t) zq zq', ToSDCtx t m' zp zq) => CT m zp (Cyc t m' zq) -> CT m zp (Cyc t m' zq')
- modSwitchPT :: ModSwitchPTCtx t m' zp zp' zq => CT m zp (Cyc t m' zq) -> CT m zp' (Cyc t m' zq)
- keySwitchLinear :: forall gad t m' zp zq zq' z rnd m. (KeySwitchCtx gad t m' zp zq zq', KSHintCtx gad t m' z zq', MonadRandom rnd) => SK (Cyc t m' z) -> SK (Cyc t m' z) -> TaggedT (gad, zq') rnd (CT m zp (Cyc t m' zq) -> CT m zp (Cyc t m' zq))
- keySwitchQuadCirc :: forall gad t m' zp zq zq' z m rnd. (KeySwitchCtx gad t m' zp zq zq', KSHintCtx gad t m' z zq', MonadRandom rnd) => SK (Cyc t m' z) -> TaggedT (gad, zq') rnd (CT m zp (Cyc t m' zq) -> CT m zp (Cyc t m' zq))
- tunnelCT :: forall gad t e r s e' r' s' z zp zq zq' rnd. (TunnelCtx t e r s e' r' s' z zp zq zq' gad, MonadRandom rnd) => Linear t zp e r s -> SK (Cyc t s' z) -> SK (Cyc t r' z) -> TaggedT (gad, zq') rnd (CT r zp (Cyc t r' zq) -> CT s zp (Cyc t s' zq))
- type AddPublicCtx t m m' zp zq = (Lift' zp, Reduce (LiftOf zp) zq, m `Divides` m', CElt t zp, CElt t (LiftOf zp), ToSDCtx t m' zp zq)
- type MulPublicCtx t m m' zp zq = (Lift' zp, Reduce (LiftOf zp) zq, Ring zq, m `Divides` m', CElt t zp, CElt t (LiftOf zp), CElt t zq)
- type KeySwitchCtx gad t m' zp zq zq' = (ToSDCtx t m' zp zq, RescaleCyc (Cyc t) zq' zq, RescaleCyc (Cyc t) zq zq', Decompose gad zq', KnapsackCtx t m' (DecompOf zq') zq')
- type KSHintCtx gad t m' z zq = (LWECtx t m' z zq, Reduce (DecompOf zq) zq, Gadget gad zq, CElt t (DecompOf zq))
- type ModSwitchPTCtx t m' zp zp' zq = (Lift' zp, Reduce (LiftOf zp) zp', ToSDCtx t m' zp zq)
- type ToSDCtx t m' zp zq = (Encode zp zq, Fact m', CElt t zq)
- type EncryptCtx t m m' z zp zq = (Mod zp, Ring zp, Ring zq, Lift zp (ModRep zp), Reduce z zq, Reduce (LiftOf zp) zq, CElt t zq, CElt t zp, CElt t z, CElt t (LiftOf zp), m `Divides` m')
- type TunnelCtx t e r s e' r' s' z zp zq zq' gad = (ExtendLinIdx e r s e' r' s', KSHintCtx gad t r' z zq', Reduce z zq, Lift zp z, CElt t zp, KeySwitchCtx gad t s' zp zq zq')
- type GenSKCtx t m z v = (ToInteger z, Fact m, CElt t z, ToRational v, NFData v)
- type DecryptCtx t m m' z zp zq = (ErrorTermCtx t m' z zp zq, Reduce (LiftOf zq) zp, m `Divides` m', CElt t zp)
- type ErrorTermCtx t m' z zp zq = (Reduce z zq, Lift' zq, CElt t z, CElt t (LiftOf zq), ToSDCtx t m' zp zq)
Algorithm inputs
Ciphertext over R'_q, encrypting a plaintext in R_p (R=O_m).
Encryption functions
genSK :: (GenSKCtx t m z v, MonadRandom rnd) => v -> rnd (SK (Cyc t m z)) Source
Generates a secret key with (index-independent) scaled variance
parameter v; see errorRounded.
encrypt :: forall t m m' z zp zq e rnd. (EncryptCtx t m m' z zp zq, MonadRandom rnd) => SK (Cyc t m' z) -> PT (Cyc t m zp) -> rnd (CT m zp (Cyc t m' zq)) Source
Encrypt a plaintext under a secret key.
Decryption functions
errorTerm :: ErrorTermCtx t m' z zp zq => SK (Cyc t m' z) -> CT m zp (Cyc t m' zq) -> Cyc t m' (LiftOf zq) Source
Extract the error term of a ciphertext.
errorTermUnrestricted :: (Reduce z zq, Lift' zq, CElt t z, ToSDCtx t m' zp zq) => SK (Cyc t m' z) -> CT m zp (Cyc t m' zq) -> Cyc t m' (LiftOf zq) Source
More general form of errorTerm that works for unrestricted
output coefficient types.
decrypt :: forall t m m' z zp zq. DecryptCtx t m m' z zp zq => SK (Cyc t m' z) -> CT m zp (Cyc t m' zq) -> PT (Cyc t m zp) Source
Decrypt a ciphertext.
decryptUnrestricted :: (Fact m, Fact m', CElt t zp, m `Divides` m', Reduce z zq, Lift' zq, CElt t z, ToSDCtx t m' zp zq, Reduce (LiftOf zq) zp) => SK (Cyc t m' z) -> CT m zp (Cyc t m' zq) -> PT (Cyc t m zp) Source
More general form of decrypt that works for unrestricted output
coefficient types.
Functions for changing representation of a ciphertext
toMSD :: ToSDCtx t m' zp zq => CT m zp (Cyc t m' zq) -> CT m zp (Cyc t m' zq) Source
Convert a ciphertext to MSD encoding.
toLSD :: ToSDCtx t m' zp zq => CT m zp (Cyc t m' zq) -> CT m zp (Cyc t m' zq) Source
Convert a ciphertext to LSD encoding.
Arithmetic with public values
addScalar :: AddScalarCtx t m' zp zq => zp -> CT m zp (Cyc t m' zq) -> CT m zp (Cyc t m' zq) Source
Homomorphically add a public Z_p value to an encrypted value. The
ciphertext must not carry any g factors.
addPublic :: forall t m m' zp zq. AddPublicCtx t m m' zp zq => Cyc t m zp -> CT m zp (Cyc t m' zq) -> CT m zp (Cyc t m' zq) Source
Homomorphically add a public R_p value to an encrypted value.
mulPublic :: forall t m m' zp zq. MulPublicCtx t m m' zp zq => Cyc t m zp -> CT m zp (Cyc t m' zq) -> CT m zp (Cyc t m' zq) Source
Homomorphically multiply an encrypted value by a public R_p value.
Embedding/Twacing for keys and ciphertexts
embedSK :: (CElt t z, m `Divides` m') => SK (Cyc t m z) -> SK (Cyc t m' z) Source
Embed a secret key from a subring into a superring.
embedCT :: (CElt t zq, r `Divides` r', s `Divides` s', r `Divides` s, r' `Divides` s') => CT r zp (Cyc t r' zq) -> CT s zp (Cyc t s' zq) Source
Embed a ciphertext in R' encrypting a plaintext in R to a ciphertext in T' encrypting a plaintext in T. The target ciphertext ring T' must contain both the the source ciphertext ring R' and the target plaintext ring T.
twaceCT :: (CElt t zq, r `Divides` r', s' `Divides` r', s ~ FGCD s' r) => CT r zp (Cyc t r' zq) -> CT s zp (Cyc t s' zq) Source
"Tweaked trace" function for ciphertexts. Mathematically, the
target plaintext ring S must contain the intersection of the
source plaintext ring T and the target ciphertext ring S'.
Here we make the stricter requirement that s = gcd(s', t).
Functions for changing the CT/PT modulus
rescaleLinearCT :: (RescaleCyc (Cyc t) zq zq', ToSDCtx t m' zp zq) => CT m zp (Cyc t m' zq) -> CT m zp (Cyc t m' zq') Source
Rescale a linear ciphertext.
modSwitchPT :: ModSwitchPTCtx t m' zp zp' zq => CT m zp (Cyc t m' zq) -> CT m zp' (Cyc t m' zq) Source
Homomorphically divide a plaintext that is known to be a multiple
of (p/p') by that factor, thereby scaling the plaintext modulus
from p to p'.
Key switching
keySwitchLinear :: forall gad t m' zp zq zq' z rnd m. (KeySwitchCtx gad t m' zp zq zq', KSHintCtx gad t m' z zq', MonadRandom rnd) => SK (Cyc t m' z) -> SK (Cyc t m' z) -> TaggedT (gad, zq') rnd (CT m zp (Cyc t m' zq) -> CT m zp (Cyc t m' zq)) Source
Switch a linear ciphertext under s_in to a linear one under s_out
keySwitchQuadCirc :: forall gad t m' zp zq zq' z m rnd. (KeySwitchCtx gad t m' zp zq zq', KSHintCtx gad t m' z zq', MonadRandom rnd) => SK (Cyc t m' z) -> TaggedT (gad, zq') rnd (CT m zp (Cyc t m' zq) -> CT m zp (Cyc t m' zq)) Source
Switch a quadratic ciphertext (i.e., one with three components) to a linear one under the same key.
Ring switching
tunnelCT :: forall gad t e r s e' r' s' z zp zq zq' rnd. (TunnelCtx t e r s e' r' s' z zp zq zq' gad, MonadRandom rnd) => Linear t zp e r s -> SK (Cyc t s' z) -> SK (Cyc t r' z) -> TaggedT (gad, zq') rnd (CT r zp (Cyc t r' zq) -> CT s zp (Cyc t s' zq)) Source
Homomorphically apply the E-linear function that maps the
elements of the decoding basis of R/E to the corresponding
S-elements in the input array.
Constraint synonyms
type AddPublicCtx t m m' zp zq = (Lift' zp, Reduce (LiftOf zp) zq, m `Divides` m', CElt t zp, CElt t (LiftOf zp), ToSDCtx t m' zp zq) Source
Constraint synonym for adding a public value to an encrypted value
type MulPublicCtx t m m' zp zq = (Lift' zp, Reduce (LiftOf zp) zq, Ring zq, m `Divides` m', CElt t zp, CElt t (LiftOf zp), CElt t zq) Source
Constraint synonym for multiplying a public value with an encrypted value
type KeySwitchCtx gad t m' zp zq zq' = (ToSDCtx t m' zp zq, RescaleCyc (Cyc t) zq' zq, RescaleCyc (Cyc t) zq zq', Decompose gad zq', KnapsackCtx t m' (DecompOf zq') zq') Source
Constraint synonym for key switching.
type KSHintCtx gad t m' z zq = (LWECtx t m' z zq, Reduce (DecompOf zq) zq, Gadget gad zq, CElt t (DecompOf zq)) Source
Constraint synonym for generating key-switch hints.
type ModSwitchPTCtx t m' zp zp' zq = (Lift' zp, Reduce (LiftOf zp) zp', ToSDCtx t m' zp zq) Source
Constraint synonym for modulus switching.
type ToSDCtx t m' zp zq = (Encode zp zq, Fact m', CElt t zq) Source
Constraint synonym for converting between ciphertext encodings.
type EncryptCtx t m m' z zp zq = (Mod zp, Ring zp, Ring zq, Lift zp (ModRep zp), Reduce z zq, Reduce (LiftOf zp) zq, CElt t zq, CElt t zp, CElt t z, CElt t (LiftOf zp), m `Divides` m') Source
Constraint synonym for encryption.
type TunnelCtx t e r s e' r' s' z zp zq zq' gad = (ExtendLinIdx e r s e' r' s', KSHintCtx gad t r' z zq', Reduce z zq, Lift zp z, CElt t zp, KeySwitchCtx gad t s' zp zq zq') Source
Constraint synonym for ring tunneling.
type GenSKCtx t m z v = (ToInteger z, Fact m, CElt t z, ToRational v, NFData v) Source
Constraint synonym for generating a secret key.
type DecryptCtx t m m' z zp zq = (ErrorTermCtx t m' z zp zq, Reduce (LiftOf zq) zp, m `Divides` m', CElt t zp) Source
Constraint synonym for decryption.