Trait concrete_core::specification::engines::LweCiphertextDiscardingKeyswitchEngine

source · []
pub trait LweCiphertextDiscardingKeyswitchEngine<KeyswitchKey, InputCiphertext, OutputCiphertext>: AbstractEngine where
    KeyswitchKey: LweKeyswitchKeyEntity,
    InputCiphertext: LweCiphertextEntity<KeyDistribution = KeyswitchKey::InputKeyDistribution>,
    OutputCiphertext: LweCiphertextEntity<KeyDistribution = KeyswitchKey::OutputKeyDistribution>, {
    fn discard_keyswitch_lwe_ciphertext(
        &mut self,
        output: &mut OutputCiphertext,
        input: &InputCiphertext,
        ksk: &KeyswitchKey
    ) -> Result<(), LweCiphertextDiscardingKeyswitchError<Self::EngineError>>;
    unsafe fn discard_keyswitch_lwe_ciphertext_unchecked(
        &mut self,
        output: &mut OutputCiphertext,
        input: &InputCiphertext,
        ksk: &KeyswitchKey
    );
}
Expand description

A trait for engines keyswitching (discarding) LWE ciphertexts.

Semantics

This discarding operation fills the output LWE ciphertext with the keyswitch of the input LWE ciphertext, using the ksk LWE keyswitch key.

Formal Definition

LWE Keyswitch

This homomorphic procedure transforms an input LWE ciphertext $\mathsf{ct}_{\mathsf{in}} = \left( \vec{a}_{\mathsf{in}} , b_{\mathsf{in}}\right) \in \mathsf{LWE}^{n_{\mathsf{in}}}_{
vec{s}_{\mathsf{in}}}( \mathsf{pt} ) \subseteq \mathbb{Z}_q^{(n_{\mathsf{in}}+1)}$ into an output LWE ciphertext $\mathsf{ct}_{\mathsf{out}} = \left( \vec{a}_{\mathsf{out}} , b_{\mathsf{out}}\right) \in \mathsf{LWE}^{n_{\mathsf{out}}}_{\vec{s}_{\mathsf{out}}}( \mathsf{pt} )\subseteq \mathbb{Z}_q^{(n_{\mathsf{out}}+1)}$ where $n_{\mathsf{in}} = |\vec{s}_{\mathsf{in}}|$ and $n_{\mathsf{out}} = |\vec{s}_{\mathsf{out}}|$. It requires a key switching key. The input ciphertext is encrypted under the LWE secret key $\vec{s}_{\mathsf{in}}$ and the output ciphertext is encrypted under the LWE secret key $\vec{s}_{\mathsf{out}}$.

$$\mathsf{ct}_{\mathsf{in}} \in \mathsf{LWE}^{n_{\mathsf{in}}}_{\vec{s}_{\mathsf{in}}}( \mathsf{pt} ) ~~~~~~~~~~\mathsf{KSK}_{\vec{s}_{\mathsf{in}}\rightarrow \vec{s}_{\mathsf{out}}}$$ $$ \mathsf{keyswitch}\left(\mathsf{ct}_{\mathsf{in}} , \mathsf{KSK} \right) \rightarrow \mathsf{ct}_{\mathsf{out}} \in \mathsf{LWE}^{n_{\mathsf{out}}}_{\vec{s}_{\mathsf{out}}} \left( \mathsf{pt} \right)$$

Algorithm

inputs:
  • $\mathsf{ct}_{\mathsf{in}} = \left( \vec{a}_{\mathsf{in}} , b_{\mathsf{in}}\right) \in \mathsf{LWE}^{n_{\mathsf{in}}}_{\vec{s}_{\mathsf{in}}}( \mathsf{pt} )$: an LWE ciphertext with $\vec{a}_{\mathsf{in}}=\left(a_0, \cdots a_{n_{\mathsf{in}}-1}\right)$
  • $\mathsf{KSK}_{\vec{s}_{\mathsf{in}}\rightarrow \vec{s}_{\mathsf{out}}}$: a key switching key
outputs:
  • $\mathsf{ct}_{\mathsf{out}} \in \mathsf{LWE}^{n_{\mathsf{out}}}_{\vec{s}_{\mathsf{out}}} \left( \mathsf{pt} \right)$: an LWE ciphertext
algorithm:
  1. set $\mathsf{ct}=\left( 0 , \cdots , 0 , b_{\mathsf{in}} \right) \in \mathbb{Z}_q^{(n_{\mathsf{out}}+1)}$
  2. compute $\mathsf{ct}_{\mathsf{out}} = \mathsf{ct} - \sum_{i=0}^{n_{\mathsf{in}}-1} \mathsf{decompProduct}\left( a_i , \overline{\mathsf{ct}_i} \right)$
  3. output $\mathsf{ct}_{\mathsf{out}}$

Required Methods

Keyswitch an LWE ciphertext.

Unsafely keyswitch an LWE ciphertext.

Safety

For the general safety concerns regarding this operation, refer to the different variants of LweCiphertextDiscardingKeyswitchError. For safety concerns specific to an engine, refer to the implementer safety section.

Implementors