seal_fhe 0.8.1

This crate contains Rust bindings for Microsoft's SEAL Fully Homomorphic Encryption (FHE) library.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407

use std::ffi::c_void;
use std::ptr::null_mut;

use crate::bindgen;
use crate::error::*;
use crate::{Ciphertext, Context, Plaintext, RelinearizationKeys};

/**
 * Provides operations on ciphertexts. Due to the properties of the encryption scheme, the arithmetic operations
 * pass through the encryption layer to the underlying plaintext, changing it according to the type of the
 * operation. Since the plaintext elements are fundamentally polynomials in the polynomial quotient ring
 * Z_T[x]/(X^N+1), where T is the plaintext modulus and X^N+1 is the polynomial modulus, this is the ring where
 * the arithmetic operations will take place. BatchEncoder (batching) provider an alternative possibly more
 * convenient view of the plaintext elements as 2-by-(N2/2) matrices of integers modulo the plaintext modulus. In
 * the batching view the arithmetic operations act on the matrices element-wise. Some of the operations only apply
 * in the batching view, such as matrix row and column rotations. Other operations such as relinearization have no
 * semantic meaning but are necessary for performance reasons.
 *
 * # Arithmetic Operations
 * The core operations are arithmetic operations, in particular multiplication and addition of ciphertexts. In
 * addition to these, we also provide negation, subtraction, squaring, exponentiation, and multiplication and
 * addition of several ciphertexts for convenience. in many cases some of the inputs to a computation are plaintext
 * elements rather than ciphertexts. For this we provide fast "plain" operations: plain addition, plain
 * subtraction, and plain multiplication.
 *
 * # Relinearization
 * One of the most important non-arithmetic operations is relinearization, which takes as input a ciphertext of
 * size K+1 and relinearization keys (at least K-1 keys are needed), and changes the size of the ciphertext down
 * to 2 (minimum size). For most use-cases only one relinearization key suffices, in which case relinearization
 * should be performed after every multiplication. Homomorphic multiplication of ciphertexts of size K+1 and L+1
 * outputs a ciphertext of size K+L+1, and the computational cost of multiplication is proportional to K*L. Plain
 * multiplication and addition operations of any type do not change the size. Relinearization requires
 * relinearization keys to have been generated.
 *
 * # Rotations
 * When batching is enabled, we provide operations for rotating the plaintext matrix rows cyclically left or right,
 * and for rotating the columns (swapping the rows). Rotations require Galois keys to have been generated.
 *
 * # Other Operations
 * We also provide operations for transforming ciphertexts to NTT form and back, and for transforming plaintext
 * polynomials to NTT form. These can be used in a very fast plain multiplication variant, that assumes the inputs
 * to be in NTT form. Since the NTT has to be done in any case in plain multiplication, this function can be used
 * when e.g. one plaintext input is used in several plain multiplication, and transforming it several times would
 * not make sense.
 *
 * # NTT form
 * When using the BFV scheme (SchemeType.BFV), all plaintexts and ciphertexts should remain by default in the usual
 * coefficient representation, i.e., not in NTT form. When using the CKKS scheme (SchemeType.CKKS), all plaintexts
 * and ciphertexts should remain by default in NTT form. We call these scheme-specific NTT states the "default NTT
 * form". Some functions, such as add, work even if the inputs are not in the default state, but others, such as
 * multiply, will throw an exception. The output of all evaluation functions will be in the same state as the
 * input(s), with the exception of the TransformToNTT and TransformFromNTT functions, which change the state.
 * Ideally, unless these two functions are called, all other functions should "just work".
*/
pub struct EvaluatorBase {
    handle: *mut c_void,
}

unsafe impl Sync for EvaluatorBase {}
unsafe impl Send for EvaluatorBase {}

impl Drop for EvaluatorBase {
    fn drop(&mut self) {
        convert_seal_error(unsafe { bindgen::Evaluator_Destroy(self.handle) })
            .expect("Internal error in Evaluator::drop()");
    }
}

impl EvaluatorBase {
    /**
     * Creates an Evaluator instance initialized with the specified Context.
     * * `ctx` - The context.
     */
    pub(crate) fn new(ctx: &Context) -> Result<Self> {
        let mut handle = null_mut();

        convert_seal_error(unsafe { bindgen::Evaluator_Create(ctx.get_handle(), &mut handle) })?;

        Ok(Self { handle })
    }

    /**
     * Gets the handle to the internal SEAL object.
     */
    pub fn get_handle(&self) -> *mut c_void {
        self.handle
    }

    pub(crate) fn negate_inplace(&self, a: &mut Ciphertext) -> Result<()> {
        convert_seal_error(unsafe {
            bindgen::Evaluator_Negate(self.handle, a.get_handle(), a.get_handle())
        })?;

        Ok(())
    }

    pub(crate) fn negate(&self, a: &Ciphertext) -> Result<Ciphertext> {
        let out = Ciphertext::new()?;

        convert_seal_error(unsafe {
            bindgen::Evaluator_Negate(self.handle, a.get_handle(), out.get_handle())
        })?;

        Ok(out)
    }

    pub(crate) fn add_inplace(&self, a: &mut Ciphertext, b: &Ciphertext) -> Result<()> {
        convert_seal_error(unsafe {
            bindgen::Evaluator_Add(self.handle, a.get_handle(), b.get_handle(), a.get_handle())
        })?;

        Ok(())
    }

    pub(crate) fn add(&self, a: &Ciphertext, b: &Ciphertext) -> Result<Ciphertext> {
        let c = Ciphertext::new()?;

        convert_seal_error(unsafe {
            bindgen::Evaluator_Add(self.handle, a.get_handle(), b.get_handle(), c.get_handle())
        })?;

        Ok(c)
    }

    pub(crate) fn add_many(&self, a: &[Ciphertext]) -> Result<Ciphertext> {
        let c = Ciphertext::new()?;

        let mut a = a
            .iter()
            .map(|x| x.get_handle())
            .collect::<Vec<*mut c_void>>();

        convert_seal_error(unsafe {
            bindgen::Evaluator_AddMany(self.handle, a.len() as u64, a.as_mut_ptr(), c.get_handle())
        })?;

        Ok(c)
    }

    pub(crate) fn multiply_many(
        &self,
        a: &[Ciphertext],
        relin_keys: &RelinearizationKeys,
    ) -> Result<Ciphertext> {
        let c = Ciphertext::new()?;

        let mut a = a
            .iter()
            .map(|x| x.get_handle())
            .collect::<Vec<*mut c_void>>();

        convert_seal_error(unsafe {
            bindgen::Evaluator_MultiplyMany(
                self.handle,
                a.len() as u64,
                a.as_mut_ptr(),
                relin_keys.get_handle(),
                c.get_handle(),
                null_mut(),
            )
        })?;

        Ok(c)
    }

    pub(crate) fn sub_inplace(&self, a: &mut Ciphertext, b: &Ciphertext) -> Result<()> {
        convert_seal_error(unsafe {
            bindgen::Evaluator_Sub(self.handle, a.get_handle(), b.get_handle(), a.get_handle())
        })?;

        Ok(())
    }

    pub(crate) fn sub(&self, a: &Ciphertext, b: &Ciphertext) -> Result<Ciphertext> {
        let c = Ciphertext::new()?;

        convert_seal_error(unsafe {
            bindgen::Evaluator_Sub(self.handle, a.get_handle(), b.get_handle(), c.get_handle())
        })?;

        Ok(c)
    }

    pub(crate) fn multiply_inplace(&self, a: &mut Ciphertext, b: &Ciphertext) -> Result<()> {
        convert_seal_error(unsafe {
            bindgen::Evaluator_Multiply(
                self.handle,
                a.get_handle(),
                b.get_handle(),
                a.get_handle(),
                null_mut(),
            )
        })?;

        Ok(())
    }

    pub(crate) fn multiply(&self, a: &Ciphertext, b: &Ciphertext) -> Result<Ciphertext> {
        let c = Ciphertext::new()?;

        convert_seal_error(unsafe {
            bindgen::Evaluator_Multiply(
                self.handle,
                a.get_handle(),
                b.get_handle(),
                c.get_handle(),
                null_mut(),
            )
        })?;

        Ok(c)
    }

    pub(crate) fn square_inplace(&self, a: &mut Ciphertext) -> Result<()> {
        convert_seal_error(unsafe {
            bindgen::Evaluator_Square(self.handle, a.get_handle(), a.get_handle(), null_mut())
        })?;

        Ok(())
    }

    pub(crate) fn square(&self, a: &Ciphertext) -> Result<Ciphertext> {
        let c = Ciphertext::new()?;

        convert_seal_error(unsafe {
            bindgen::Evaluator_Square(self.handle, a.get_handle(), c.get_handle(), null_mut())
        })?;

        Ok(c)
    }

    pub(crate) fn mod_switch_to_next(&self, a: &Ciphertext) -> Result<Ciphertext> {
        let c = Ciphertext::new()?;

        convert_seal_error(unsafe {
            bindgen::Evaluator_ModSwitchToNext1(
                self.get_handle(),
                a.get_handle(),
                c.get_handle(),
                null_mut(),
            )
        })?;

        Ok(c)
    }

    pub(crate) fn mod_switch_to_next_inplace(&self, a: &Ciphertext) -> Result<()> {
        convert_seal_error(unsafe {
            bindgen::Evaluator_ModSwitchToNext1(
                self.get_handle(),
                a.get_handle(),
                a.get_handle(),
                null_mut(),
            )
        })?;

        Ok(())
    }

    pub(crate) fn mod_switch_to_next_plaintext(&self, a: &Plaintext) -> Result<Plaintext> {
        let p = Plaintext::new()?;

        convert_seal_error(unsafe {
            bindgen::Evaluator_ModSwitchToNext2(self.get_handle(), a.get_handle(), p.get_handle())
        })?;

        Ok(p)
    }

    pub(crate) fn mod_switch_to_next_inplace_plaintext(&self, a: &Plaintext) -> Result<()> {
        convert_seal_error(unsafe {
            bindgen::Evaluator_ModSwitchToNext2(self.get_handle(), a.get_handle(), a.get_handle())
        })?;

        Ok(())
    }

    pub(crate) fn exponentiate(
        &self,
        a: &Ciphertext,
        exponent: u64,
        relin_keys: &RelinearizationKeys,
    ) -> Result<Ciphertext> {
        let c = Ciphertext::new()?;

        convert_seal_error(unsafe {
            bindgen::Evaluator_Exponentiate(
                self.get_handle(),
                a.get_handle(),
                exponent,
                relin_keys.get_handle(),
                c.get_handle(),
                null_mut(),
            )
        })?;

        Ok(c)
    }

    pub(crate) fn exponentiate_inplace(
        &self,
        a: &Ciphertext,
        exponent: u64,
        relin_keys: &RelinearizationKeys,
    ) -> Result<()> {
        convert_seal_error(unsafe {
            bindgen::Evaluator_Exponentiate(
                self.get_handle(),
                a.get_handle(),
                exponent,
                relin_keys.get_handle(),
                a.get_handle(),
                null_mut(),
            )
        })?;

        Ok(())
    }

    pub(crate) fn add_plain(&self, a: &Ciphertext, b: &Plaintext) -> Result<Ciphertext> {
        let c = Ciphertext::new()?;

        convert_seal_error(unsafe {
            bindgen::Evaluator_AddPlain(
                self.get_handle(),
                a.get_handle(),
                b.get_handle(),
                c.get_handle(),
            )
        })?;

        Ok(c)
    }

    pub(crate) fn add_plain_inplace(&self, a: &mut Ciphertext, b: &Plaintext) -> Result<()> {
        convert_seal_error(unsafe {
            bindgen::Evaluator_AddPlain(
                self.get_handle(),
                a.get_handle(),
                b.get_handle(),
                a.get_handle(),
            )
        })?;

        Ok(())
    }

    pub(crate) fn sub_plain(&self, a: &Ciphertext, b: &Plaintext) -> Result<Ciphertext> {
        let c = Ciphertext::new()?;

        convert_seal_error(unsafe {
            bindgen::Evaluator_SubPlain(
                self.get_handle(),
                a.get_handle(),
                b.get_handle(),
                c.get_handle(),
            )
        })?;

        Ok(c)
    }

    pub(crate) fn sub_plain_inplace(&self, a: &mut Ciphertext, b: &Plaintext) -> Result<()> {
        convert_seal_error(unsafe {
            bindgen::Evaluator_SubPlain(
                self.get_handle(),
                a.get_handle(),
                b.get_handle(),
                a.get_handle(),
            )
        })?;

        Ok(())
    }

    pub(crate) fn multiply_plain(&self, a: &Ciphertext, b: &Plaintext) -> Result<Ciphertext> {
        let c = Ciphertext::new()?;

        convert_seal_error(unsafe {
            bindgen::Evaluator_MultiplyPlain(
                self.get_handle(),
                a.get_handle(),
                b.get_handle(),
                c.get_handle(),
                null_mut(),
            )
        })?;

        Ok(c)
    }

    pub(crate) fn multiply_plain_inplace(&self, a: &mut Ciphertext, b: &Plaintext) -> Result<()> {
        convert_seal_error(unsafe {
            bindgen::Evaluator_MultiplyPlain(
                self.get_handle(),
                a.get_handle(),
                b.get_handle(),
                a.get_handle(),
                null_mut(),
            )
        })?;

        Ok(())
    }

    // TODO: NTT transform.
}