From fc0f7bba0356eafed5018ffc066dfd7ba94152b8 Mon Sep 17 00:00:00 2001 From: Jean-Philippe Bossuat Date: Thu, 8 Jun 2023 13:20:23 +0200 Subject: [PATCH] More CHANGELOG.md updates --- CHANGELOG.md | 137 ++++++++++++++++++---------- dbgv/sharing.go | 2 +- dckks/sharing.go | 2 +- drlwe/drlwe_test.go | 2 +- rlwe/rlwe_test.go | 2 - utils/bignum/approximation/utils.go | 1 - utils/buffer/utils.go | 1 - 7 files changed, 91 insertions(+), 56 deletions(-) delete mode 100644 utils/bignum/approximation/utils.go diff --git a/CHANGELOG.md b/CHANGELOG.md index c8ecbcc1..6ad9f0fa 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,43 +4,34 @@ All notable changes to this library are documented in this file. ## UNRELEASED [4.2.x] - xxxx-xx-xx (#341,#309,#292,#348,#378) - Go versions `1.14`, `1.15`, `1.16` and `1.17` are not supported anymore by the library due to `func (b *Writer) AvailableBuffer() []byte` missing. The minimum version is now `1.18`. -- ALL: - - Golang Security Checker pass. - - Removed the by default returned type as interfaces on most structs. - - Simplified and clarified many aspect of the code base using generics. - - Inlined all recursive algorithms. - - Removed all instances of secure default parameters as they hardly ever had any practical application, were putting additional security constraints on the library and were not used in the tests. - - Updated tests to use custom sets of parameters (instead of the default ones) that are more efficient while increasing the test coverage of the possible instantiations of the schemes. - - Changes to serialization: - - Low-entropy structs (such as parameters or rings) now all use `json.Marshal` as underlying marshaler. - - High-entropy structs, such as structs storing key material or encrypted values now all comply to the following interface: - - `BinarySize() int`: size in bytes when written to an `io.Writer` or to a slice of bytes using `Read`. - - `WriteTo(io.Writer) (int64, error)`: efficient writing on any `io.Writer`. - - `ReadFrom(io.Reader) (int64, error)`: efficient reading from any `io.Reader`. - - `Encode([]byte) (int, error)`: highly efficient encoding on preallocated slice of bytes. - - `Decode([]byte) (int, error)`: highly efficient decoding from a slice of bytes. - - Streamlined and simplified all test related to serialization. They can now be implemented with a single line of code. - - Structs that can be serialized now all implement the method V Equal(V) bool. - - Tests and benchmarks in package other than the `RLWE` and `DRLWE` packages that were merely wrapper of methods of the `RLWE` or `DRLWE` have been removed and/or moved to the `RLWE` and `DRLWE` packages. - -- BFV/BGV/CKKS: - - Simplified and uniformized the Evaluator API and increased the diversity of the accepted operands: - - Removed all methods that operated on specific plaintext operands (such as scalars). - - Add/Sub/Mul/MulThenAdd now accept `rlwe.Operands`, scalars and vectors of scalars as the middle operand. - - Changes to the Encoder: - - Encoding parameterization (scale, level, encoding domain, etc...) is now specified using the field `MetaData` of the `rlwe.Plaintext`. - - Uniformized the Encoder API between schemes, which now share the following subset of identical methods: - - `Encode(values interface{}, pt *rlwe.Plaintext)` - - `Decode(pt *rlwe.Plaintext, values interface{})` - - Removed the methods with the suffixes `New`, `Int` and `Uint`. +- Golang Security Checker pass. +- Simplified and clarified many aspect of the code base using generics. +- Changes to serialization: + - Low-entropy structs (such as parameters or rings) now all use `json.Marshal` as underlying marshaler. + - High-entropy structs, such as structs storing key material or encrypted values now all comply to the following interface: + - `BinarySize() int`: size in bytes when written to an `io.Writer` or to a slice of bytes using `Read`. + - `WriteTo(io.Writer) (int64, error)`: efficient writing on any `io.Writer`. + - `ReadFrom(io.Reader) (int64, error)`: efficient reading from any `io.Reader`. + - `Encode([]byte) (int, error)`: highly efficient encoding on preallocated slice of bytes. + - `Decode([]byte) (int, error)`: highly efficient decoding from a slice of bytes. + - Streamlined and simplified all test related to serialization. They can now be implemented with a single line of code with `RequireSerializerCorrect`. - DRLWE/DBFV/DBGV/DCKKS: - Renamed the protocols to reduce the number of acronyms used. - Arbitrary large smudging noise is now supported. - - replaced `[dbfv/dbfv/dckks].MaskedTransformShare` by `drlwe.RefreshShare`. - - added accurate noise bounds for the tests. - - fixed `CKS` and `PCKS` smudging noise to not be rescaled by `P`. - - improved the GoDoc of the protocols. + - Replaced `[dbfv/dbfv/dckks].MaskedTransformShare` by `drlwe.RefreshShare`. + - Added accurate noise bounds for the tests. + - Fixed `CKS` and `PCKS` smudging noise to not be rescaled by `P`. + - Tests and benchmarks in package other than the `RLWE` and `DRLWE` packages that were merely wrapper of methods of the `RLWE` or `DRLWE` have been removed and/or moved to the `RLWE` and `DRLWE` packages. + - Improved the GoDoc of the protocols. + +- DRLWE: + - Renamed: + - `NewCKGProtocol` to `NewPublicKeyGenProtocol` + - `NewRKGProtocol` to `NewRelinKeyGenProtocol` + - `NewCKSProtocol` to `NewGaloisKeyGenProtocol` + - `NewRTGProtocol` to `NewKeySwitchProtocol` + - `NewPCKSProtocol` to `NewPublicKeySwitchProtocol` - BFV: - The package `bfv` has been depreciated and is now a wrapper of the package `bgv`. @@ -50,6 +41,7 @@ All notable changes to this library are documented in this file. - The package `bgv` has been rewritten to implement a unification of the textbook BFV and BGV schemes under a single scheme - The unified scheme offers all the functionalities of the BFV and BGV schemes under a single scheme - Changes to the `Encoder`: + - `NewEncoder` now returns an `*Encoder` instead of an interface. - Removed: - `DecodeUint` - `DecodeInt` @@ -65,7 +57,11 @@ All notable changes to this library are documented in this file. - Added: - `Embed` - `Decode` + - Notes: + - The encoder will perform the encoding according to the plaintext `MetaData`. + - Changes to the `Evaluator`: + - `NewEvaluator` now returns an `*Evaluator` instead of an interface. - Removed: - `Neg` - `NegNew` @@ -87,13 +83,15 @@ All notable changes to this library are documented in this file. - `EvaluatePoly` to `Polynomial` and generalized the method signature. - Changes to the `Parameters`: - Enabled plaintext modulus with a smaller 2N-th root of unity than the ring degree. - - Removed the default parameters. + - Removed the default parameters as they hardly ever had any practical application, were putting additional security constraints on the library and are not used in the tests anymore. - Added a test parameter set with small plaintext modulus. - CKKS: - Changes to the `Encoder`: - Enabled the encoding of plaintexts of any sparsity (previously hard-capped at a minimum of 8 slots). - Unified `encoderComplex128` and `encoderBigComplex`. + + - `NewEncoder` now returns an `*Encoder` instead of an interface. - Removed: - `EncodeNew` - `EncodeSlots` @@ -115,9 +113,12 @@ All notable changes to this library are documented in this file. - Added: - Optional `precision` argument when instantiating the `Encoder` - `Prec` which returns the bit-precision of the encoder + - Notes: + - The encoder will perform the encoding according to the plaintext `MetaData`. - Changes to the `Evaluator`: - - Note that this list only incldues the changes specific to the `ckks.Evaluator` and not the changes specific to the `rlwe.Evaluator`, which automatically propagate to the `ckks.Evaluator`. + - Note that this list only includes the changes specific to the `ckks.Evaluator` and not the changes specific to the `rlwe.Evaluator`, which automatically propagate to the `ckks.Evaluator`. + - `NewEvaluator` now returns an `*Evaluator` instead of an interface. - Removed: - `Neg` - `NegNew` @@ -157,7 +158,7 @@ All notable changes to this library are documented in this file. - Improved and generalized the internal working of the `Evaluator` to enable arbitrary precision encrypted arithmetic. - Changes to the `Parameters`: - - Removed the default parameters. + - Removed the default parameters as they hardly ever had any practical application, were putting additional security constraints on the library and are not used in the tests anymore. - Renamed the field `LogScale` of the `ParametrsLiteralStruct` to `LogPlaintextScale`. - Changes to the tests: @@ -176,7 +177,10 @@ All notable changes to this library are documented in this file. - Added a method that prints the `LWE.Parameters` as defined by the lattice estimator of `https://github.com/malb/lattice-estimator`. - Changes to the `Encryptor`: - -`EncryptorPublicKey` and `EncryptorSecretKey` are now public. + - `EncryptorPublicKey` and `EncryptorSecretKey` are now public. + + - Changes to the `Decryptor`: + - `NewEncryptor` returns an `*Encryptor` instead of an interface. - Changes to the `Evaluator`: - Fixed all methods of the `Evaluator` to work with operands in and out of the NTT domain. @@ -184,16 +188,16 @@ All notable changes to this library are documented in this file. - Renamed `Evaluator.Merge` to `Evaluator.Pack` and generalized `Evaluator.Pack` to be able to take into account the packing `X^{N/n}` of the ciphertext. - `Evaluator.Pack` now gives the option to zero (or not) slots which are not multiples of `X^{N/n}`. - Added the methods `CheckAndGetGaloisKey` and `CheckAndGetRelinearizationKey` to safely check and get the corresponding `EvaluationKeys`. - - Added the scheme agnostic method `EvaluatePatersonStockmeyerPolynomialVector` - - - Changes to the Keys structs and `KeyGenerator`: + - Added the scheme agnostic method `EvaluatePatersonStockmeyerPolynomialVector`. + - `Merge` has beed inlined and remaned `Pack` + - Changes to the Keys structs: - Added `EvaluationKeySetInterface`, which enables users to provide custom loading/saving/persistence policies and implementation for the `EvaluationKeys`. - `SwitchingKey` has been renamed `EvaluationKey` to better convey that theses are public keys used during the evaluation phase of a circuit. All methods and variables names have been accordingly renamed. - The struct `RotationKeySet` holding a map of `SwitchingKeys` has been replaced by the struct `GaloisKey` holding a single `EvaluationKey`. - The `RelinearizationKey` has been simplfied to only store `s^2`, which is aligned with the capabilities of the schemes. - Changes to the `KeyGenerator`: - - The `KeyGenerator` is not returned as an interface anymore. + - The `NewKeyGenerator` returns a `*KeyGenerator` instead of an interface. - Simplified the `KeyGenerator`: methods to generate specific sets of `rlwe.GaloisKey` have been removed, instead the corresponding method on `rlwe.Parameters` allows to get the appropriate `GaloisElement`s. - Improved the API consistency of the `rlwe.KeyGenerator`. Methods that allocate elements have the suffix `New`. Added corresponding in place methods. @@ -209,10 +213,12 @@ All notable changes to this library are documented in this file. - Other changes: - Added `OperandQ` and `OperandQP` which serve as a common underlying type for all cryptographic objects. - - Removed the struct `CiphertextQP` (replaced by `OperandQP`) + - Changed `[]*ring.Poly` to `structs.Vector[ring.Poly]` and `[]ringqp.Poly` to `structs.Vector[ringqp.Poly]`. + - Removed the struct `CiphertextQP` (replaced by `OperandQP`). - Added the structs `Polynomial`, `PatersonStockmeyerPolynomial`, `PolynomialVector` and `PatersonStockmeyerPolynomialVector` with the related methods. - Added basic interfaces description for Parameters, Encryptor, PRNGEncryptor, Decryptor, Evaluator and PolynomialEvaluator. - - Added scheme agnostic `LinearTransform`, `Polynomial` and `PowerBasis` + - Added scheme agnostic `LinearTransform`, `Polynomial` and `PowerBasis`. + - Structs that can be serialized now all implement the method V Equal(V) bool. - RING: - Changes to sampling: @@ -227,15 +233,48 @@ All notable changes to this library are documented in this file. - Added non-NTT `Automorphism` support for the `ConjugateInvariant` ring. - UTILS: + - Updated methods with generics when applicable. + - Added subpackage `sampling` which regroups the various random bytes and number generator that were previously present in the package `utils`. - Added the package `utils/bignum` which provides arbitrary precision arithmetic. - Added the package `utils/bignum/polynomial` which provides tools to create and evaluate polynomials. - - Added the package `utils/bignum/approximation` which provide tools to perform polynomial approximations of functions. + - Added the package `utils/bignum/approximation` which provide tools to perform polynomial approximations of functions, notably Chebyshev and Multi-Interval Minimax approximations. - Added subpackage `buffer` which implement custom methods to efficiently write and read slice on any writer or reader implementing a subset interface of the `bufio.Writer` and `bufio.Reader`. - - Added subpackage `structs` which implements structs composed vectors and matrices of type `any`. - - Added subpackage `bignum`, which is a place holder for future support of arbitrary precision complex arithmetic, polynomials and functions approximation. - - Added subpackage `sampling` which regroups the various random bytes and number generator that were previously present in the package `utils`. - - Updated methods with generics when applicable. - + - Added `Writer` interface and the following related functions: + - `WriteInt` + - `WriteUint8` + - `WriteUint8Slice` + - `WriteUint16` + - `WriteUint16Slice` + - `WriteUint32` + - `WriteUint32Slice` + - `WriteUint64` + - `WriteUint64Slice` + - Added `Reader` interface and the following ralted functions: + - `ReadInt` + - `ReadUint8` + - `ReadUint8Slice` + - `ReadUint16` + - `ReadUint16Slice` + - `ReadUint32` + - `ReadUint32Slice` + - `ReadUint64` + - `ReadUint64Slice` + - Added `RequireSerializerCorrect` which checks that an object complies to `io.WriterTo`, `io.ReaderFrom`, `encoding.BinaryMarshaler` and `encoding.BinaryUnmarshaler`, and that these the backed behind these interfaces is correctly implemented. + - Added subpackage `structs`: + - New structs: + - `Map[K constraints.Integer, T any] map[K]*T` + - `Matrix[T any] [][]T` + - `Vector[T any] []T` + - All the above structs comply to the following interfaces: + - `(T) CopyNew() *T` + - `(T) WriteTo(io.Writer) (int64, error)` + - `(T) ReadFrom(io.Reader) (int64, error)` + - `(T) BinarySize() (int)` + - `(T) Encode([]byte) (int, error)` + - `(T) Decode([]byte) (int, error)` + - `(T) MarshalBinary() ([]byte, error)` + - `(T) UnmarshalBinary([]]byte) (error)` + ## UNRELEASED [4.1.x] - 2022-03-09 - CKKS: renamed the `Parameters` field `DefaultScale` to `LogScale`, which now takes a value in log2. - CKKS: the `Parameters` field `LogSlots` now has a default value which is the maximum number of slots possible for the given parameters. diff --git a/dbgv/sharing.go b/dbgv/sharing.go index 28b97fb8..995e26fe 100644 --- a/dbgv/sharing.go +++ b/dbgv/sharing.go @@ -155,7 +155,7 @@ func (s2e *ShareToEncProtocol) GenShare(sk *rlwe.SecretKey, crp drlwe.KeySwitchC } ct := &rlwe.Ciphertext{} - ct.Value = []ring.Poly{ring.Poly{}, crp.Value} + ct.Value = []ring.Poly{{}, crp.Value} ct.IsNTT = true s2e.KeySwitchProtocol.GenShare(s2e.zero, sk, ct, c0ShareOut) s2e.encoder.RingT2Q(crp.Value.Level(), true, &secretShare.Value, s2e.tmpPlaintextRingQ) diff --git a/dckks/sharing.go b/dckks/sharing.go index d274aad8..559629f3 100644 --- a/dckks/sharing.go +++ b/dckks/sharing.go @@ -228,7 +228,7 @@ func (s2e *ShareToEncProtocol) GenShare(sk *rlwe.SecretKey, crs drlwe.KeySwitchC // Generates an encryption share ct := &rlwe.Ciphertext{} - ct.Value = []ring.Poly{ring.Poly{}, crs.Value} + ct.Value = []ring.Poly{{}, crs.Value} ct.MetaData.IsNTT = true s2e.KeySwitchProtocol.GenShare(s2e.zero, sk, ct, c0ShareOut) diff --git a/drlwe/drlwe_test.go b/drlwe/drlwe_test.go index 5b643dca..0fd778e9 100644 --- a/drlwe/drlwe_test.go +++ b/drlwe/drlwe_test.go @@ -480,7 +480,7 @@ func testRefreshShare(tc *testContext, level int, t *testing.T) { params := tc.params ringQ := params.RingQ().AtLevel(level) ciphertext := &rlwe.Ciphertext{} - ciphertext.Value = []ring.Poly{ring.Poly{}, *ringQ.NewPoly()} + ciphertext.Value = []ring.Poly{{}, *ringQ.NewPoly()} tc.uniformSampler.AtLevel(level).Read(&ciphertext.Value[1]) cksp := NewKeySwitchProtocol(tc.params, tc.params.Xe()) share1 := cksp.AllocateShare(level) diff --git a/rlwe/rlwe_test.go b/rlwe/rlwe_test.go index 25d59cd2..6e007052 100644 --- a/rlwe/rlwe_test.go +++ b/rlwe/rlwe_test.go @@ -59,8 +59,6 @@ func TestRLWE(t *testing.T) { t.Fatal(err) } - fmt.Println(params.LatticeEstimatorSageMathCell()) - tc := NewTestContext(params) testParameters(tc, t) diff --git a/utils/bignum/approximation/utils.go b/utils/bignum/approximation/utils.go deleted file mode 100644 index 51a18ed4..00000000 --- a/utils/bignum/approximation/utils.go +++ /dev/null @@ -1 +0,0 @@ -package approximation diff --git a/utils/buffer/utils.go b/utils/buffer/utils.go index 75ac0d03..a10ebb33 100644 --- a/utils/buffer/utils.go +++ b/utils/buffer/utils.go @@ -51,7 +51,6 @@ func RequireSerializerCorrect(t *testing.T, input binarySerializer) { require.True(t, bytes.Equal(buf.Bytes(), data2), fmt.Errorf("invalid encoding: %T.WriteTo buffer != %T.MarshalBinary bytes generates", input, input)) // Check io.Reader - //fmt.Println(buf.Bytes()) bytesRead, err := output.ReadFrom(buf) require.NoError(t, err)