0%

GPQHE

GPQHE initial released. GPQHE is a reference implementation of CKKS homomorphic encryption scheme. It is a free software under the terms of the GNU Lesser General Public License version 2.1, and its architecture is designed analog to HEAAN, NewHope and Crystal-Kyber. This is the reason for its name: “G” stands for LGPL series license, “PQ” stands for post-quantum, and “HE” stands for homomorphic encryption. Except using Libgcrypt for multi-precision integer management, GPQHE does not rely on any existing HE library. The architecture and design details of GPQHE are explained in Section 3.4 (the polynomial arithmetics), Chapter 4 (Leveled Homomorphic Encryption for Approximate Numbers) and Section 6.2.1 (Obtaining Primes for RNS and its Linked-list Management) in my thesis.

Architecture

enc/dec
RLWE CPAKEM
sample polynomial arithmetics
zero center hwt discrete Gaussian poly-mpi & poly-rns
rng ntt rns
Montgomery Barrett thread
Used for ... Keys or Functions
Advanced linear transformation gemv(A,ct,rk), sum(ct,rk), idx(ct,i,rk), nrm22(ct,rlk,rk,ck)
nonlinear functions exp(ct,rlk), ln(ct,rlk), sigmoid(ct,rlk)
Comparison inv(ct,rlk,d), sqrt(ct,rlk,d), cmp(ct1,ct2,rlk,d,α)
Primitives addition addpt(ct,pt), add(ct1,ct2), neg(ct)
subpt(ct,pt), sub(ct1,ct2)
level switch rsℓ → ℓ′(ct), moddownℓ → ℓ′(ct)
multiplication multpt(ct,pt), mult(ct1,ct2,rlk)
automorphism rot(ct,r,rk), conj(ct,ck)
Encryptor encrypt/decrypt ct = encpk/sk(pt,pk/sk), pt = dec(ct,sk)
Encoder encode/decode pt = ecd(z,Δ), z = dcd(pt,Δ)
KEM public key, secret key pk, sk = keypair(ctx)
evaluation keys rlk = genswk(sk⋅sk,sk)
rkr = genswk(τ5rmod2n(sk),sk), 0 ≤ r < ⋯nslots
ck = genswk(τ−1(sk),sk)

Welcome to my other publishing channels