Trait BGFVCiphertextRing

pub trait BGFVCiphertextRing:
    PreparedMultiplicationRing
    + FreeAlgebra
    + RingExtension<BaseRing = Zn<Zn, BigIntRing>> {
    type NumberRing: HECyclotomicNumberRing;

    // Required methods
    fn number_ring(&self) -> &Self::NumberRing;
    fn drop_rns_factor(&self, drop_rns_factors: &[usize]) -> Self;
    fn drop_rns_factor_element(
        &self,
        from: &Self,
        dropped_rns_factors: &[usize],
        value: Self::Element,
    ) -> Self::Element;
    fn drop_rns_factor_prepared(
        &self,
        from: &Self,
        dropped_rns_factors: &[usize],
        value: Self::PreparedMultiplicant,
    ) -> Self::PreparedMultiplicant;
    fn small_generating_set_len(&self) -> usize;
    fn as_representation_wrt_small_generating_set<V>(
        &self,
        x: &Self::Element,
        output: SubmatrixMut<'_, V, ZnEl>,
    )
       where V: AsPointerToSlice<ZnEl>;
    fn partial_representation_wrt_small_generating_set<V>(
        &self,
        x: &Self::Element,
        row_indices: &[usize],
        output: SubmatrixMut<'_, V, ZnEl>,
    )
       where V: AsPointerToSlice<ZnEl>;
    fn from_representation_wrt_small_generating_set<V>(
        &self,
        data: Submatrix<'_, V, ZnEl>,
    ) -> Self::Element
       where V: AsPointerToSlice<ZnEl>;

    // Provided method
    fn two_by_two_convolution(
        &self,
        lhs: [&Self::Element; 2],
        rhs: [&Self::Element; 2],
    ) -> [Self::Element; 3] { ... }
}

Trait for rings R/qR with a number ring R and modulus q = p1 ... pr represented as RNS basis, which provide all necessary operations for use as ciphertext ring in BFV/BGV-style HE schemes.

Required Associated Types

type NumberRing: HECyclotomicNumberRing

Required Methods

fn number_ring(&self) -> &Self::NumberRing

fn drop_rns_factor(&self, drop_rns_factors: &[usize]) -> Self

Computes the ring R_q', where q' is the product of all RNS factors of q, except those whose indices are mentioned in drop_rns_factors.

fn drop_rns_factor_element( &self, from: &Self, dropped_rns_factors: &[usize], value: Self::Element, ) -> Self::Element

Reduces an element of from modulo q, where q must divide the modulus of from.

More concretely, the RNS factors of q must be exactly the RNS factors of from.rns_base(), except for the RNS factors whose indices occur in dropped_rns_factors.

fn drop_rns_factor_prepared( &self, from: &Self, dropped_rns_factors: &[usize], value: Self::PreparedMultiplicant, ) -> Self::PreparedMultiplicant

Reduces a PreparedMultiplicant of from modulo q, where q must divide the modulus of from.

More concretely, the RNS factors of q must be exactly the RNS factors of from.rns_base(), except for the RNS factors whose indices occur in dropped_rns_factors.

fn small_generating_set_len(&self) -> usize

Returns the length of the small generating set used for BGFVCiphertextRing::as_representation_wrt_small_generating_set() and BGFVCiphertextRing::from_representation_wrt_small_generating_set().

fn as_representation_wrt_small_generating_set<V>( &self, x: &Self::Element, output: SubmatrixMut<'_, V, ZnEl>, )

where V: AsPointerToSlice<ZnEl>,

Returns a view on the underlying representation of x.

This is the counterpart of BGFVCiphertextRing::from_representation_wrt_small_generating_set().

More concretely, for some Zq-linear generating set { a_i | i } consisting of ring elements of small canonical norm, each column of the returned matrix contains the RNS representation of some x_i, satisfying x = sum_i a_i x_i. The actual choice of the a_i is left to the ring implementation, and may change in future releases. The order of the rows (corresponding to the RNS factors of Zq) is the same as the order of the RNS factors in self.base_ring().

This function is a compromise between encapsulating the storage of ring elements and exposing it (which is sometimes necessary for performance). Hence, it is recommended to instead use FreeAlgebra::wrt_canonical_basis() and FreeAlgebra::from_canonical_basis(), whose result is uniquely defined. However, note that these may incur costs for internal representation conversion, which may not always be acceptable.

Concrete representations:

• single_rns_ring::SingleRNSRing will currently return the coefficients of a polynomial of degree < n (not necessarily < phi(n)) that gives the element when evaluated at 𝝵
• double_rns_managed::ManagedDoubleRNSRing will currently return the coefficients w.r.t. the powerful basis representation

fn partial_representation_wrt_small_generating_set<V>( &self, x: &Self::Element, row_indices: &[usize], output: SubmatrixMut<'_, V, ZnEl>, )

where V: AsPointerToSlice<ZnEl>,

Computes a subset of the rows of the representation that would be returned by BGFVCiphertextRing::as_representation_wrt_small_generating_set(). Since not all rows have to be computed, this may be faster than as_representation_wrt_small_generating_set().

This function is a compromise between encapsulating the storage of ring elements and exposing it (which is sometimes necessary for performance). Hence, it is recommended to instead use FreeAlgebra::wrt_canonical_basis() and FreeAlgebra::from_canonical_basis(), whose result is uniquely defined. However, note that these may incur costs for internal representation conversion, which may not always be acceptable.

fn from_representation_wrt_small_generating_set<V>( &self, data: Submatrix<'_, V, ZnEl>, ) -> Self::Element

where V: AsPointerToSlice<ZnEl>,

Creates a ring element from its underlying representation.

This is the counterpart of BGFVCiphertextRing::as_representation_wrt_small_generating_set(), which contains a more detailed documentation.

This function is a compromise between encapsulating the storage of ring elements and exposing it (which is sometimes necessary for performance). Hence, it is recommended to instead use FreeAlgebra::wrt_canonical_basis() and FreeAlgebra::from_canonical_basis(), whose result is uniquely defined. However, note that these may incur costs for internal representation conversion, which may not always be acceptable.

Provided Methods

fn two_by_two_convolution( &self, lhs: [&Self::Element; 2], rhs: [&Self::Element; 2], ) -> [Self::Element; 3]

Computes [lhs[0] * rhs[0], lhs[0] * rhs[1] + lhs[1] * rhs[0], lhs[1] * rhs[1]], but might be faster than the naive way of evaluating this.

Dyn Compatibility

This trait is not dyn compatible.

In older versions of Rust, dyn compatibility was called "object safety", so this trait is not object safe.

Implementors

impl<NumberRing, A> BGFVCiphertextRing for ManagedDoubleRNSRingBase<NumberRing, A>

where NumberRing: HECyclotomicNumberRing, A: Allocator + Clone,

type NumberRing = NumberRing

impl<NumberRing, A, C> BGFVCiphertextRing for SingleRNSRingBase<NumberRing, A, C>

where NumberRing: HECyclotomicNumberRing, A: Allocator + Clone, C: PreparedConvolutionAlgorithm<ZnBase>,

type NumberRing = NumberRing