PALISADE Lattice Crypto Library: lbcrypto::DCRTPolyImpl< VecType

Ideal lattice for the double-CRT representation. The implementation contains a vector of underlying native-integer lattices The double-CRT representation of polynomials is a common optimization for lattice encryption operations. Basically, it allows large-modulus polynomials to be represented as multiple smaller-modulus polynomials. The double-CRT representations are discussed theoretically here: More...

#include <dcrtpoly.h>

Inheritance diagram for lbcrypto::DCRTPolyImpl< VecType >:

[legend]

Collaboration diagram for lbcrypto::DCRTPolyImpl< VecType >:

[legend]

Public Types
using	Integer = typename VecType::Integer

using	Params = ILDCRTParams< Integer >

typedef VecType	Vector

typedef DCRTPolyImpl< VecType >	DCRTPolyType

typedef DiscreteGaussianGeneratorImpl< NativeVector >	DggType

typedef DiscreteUniformGeneratorImpl< NativeVector >	DugType

typedef TernaryUniformGeneratorImpl< NativeVector >	TugType

typedef BinaryUniformGeneratorImpl< NativeVector >	BugType

using	PolyType = PolyImpl< NativeVector >

typedef PolyImpl< VecType >	PolyLargeType

Public Member Functions
	DCRTPolyImpl ()
	Constructor that initialized m_format to EVALUATION and calls m_params to nothing.

	DCRTPolyImpl (const shared_ptr< Params > params, Format format=EVALUATION, bool initializeElementToZero=false)

const DCRTPolyType &	operator= (const PolyLargeType &element)

const DCRTPolyType &	operator= (const NativePoly &element)

	DCRTPolyImpl (const DggType &dgg, const shared_ptr< Params > params, Format format=EVALUATION)
	Constructor based on discrete Gaussian generator. More...

	DCRTPolyImpl (const BugType &bug, const shared_ptr< Params > params, Format format=EVALUATION)
	Constructor based on binary distribution generator. This is not implemented. Will throw an error. More...

	DCRTPolyImpl (const TugType &tug, const shared_ptr< Params > params, Format format=EVALUATION, uint32_t h=0)
	Constructor based on ternary distribution generator. More...

	DCRTPolyImpl (DugType &dug, const shared_ptr< Params > params, Format format=EVALUATION)
	Constructor based on discrete uniform generator. More...

	DCRTPolyImpl (const PolyLargeType &element, const shared_ptr< Params > params)
	Construct using a single Poly. The Poly is copied into every tower. Each tower will be reduced to it's corresponding modulus via GetModuli(at tower index). The format is derived from the passed in Poly. More...

	DCRTPolyImpl (const NativePoly &element, const shared_ptr< Params > params)
	Construct using a single NativePoly. The NativePoly is copied into every tower. Each tower will be reduced to it's corresponding modulus via GetModuli(at tower index). The format is derived from the passed in NativePoly. More...

	DCRTPolyImpl (const std::vector< PolyType > &elements)
	Construct using an tower of ILVectro2ns. The params and format for the DCRTPoly will be derived from the towers. More...

	DCRTPolyImpl (const DCRTPolyType &element)
	Copy constructor. More...

	DCRTPolyImpl (const DCRTPolyType &&element)
	Move constructor. More...

DCRTPolyType	Clone () const
	Clone the object by making a copy of it and returning the copy. More...

DCRTPolyType	CloneTowers (uint32_t startTower, uint32_t endTower) const
	Makes a copy of the DCRTPoly, but it includes only a sequential subset of the towers that the original holds. More...

DCRTPolyType	CloneEmpty () const
	Clone the object, but have it contain nothing. More...

DCRTPolyType	CloneParametersOnly () const
	Clone method creates a new DCRTPoly and clones only the params. The tower values are empty. The tower values can be filled by another process/function or initializer list.

DCRTPolyType	CloneWithNoise (const DiscreteGaussianGeneratorImpl< VecType > &dgg, Format format=EVALUATION) const
	Clone with noise. This method creates a new DCRTPoly and clones the params. The tower values will be filled up with noise based on the discrete gaussian. More...

	~DCRTPolyImpl ()
	Destructor.

const shared_ptr< Params >	GetParams () const
	returns the parameters of the element. More...

usint	GetCyclotomicOrder () const
	returns the element's cyclotomic order More...

usint	GetRingDimension () const
	returns the element's ring dimension More...

const Integer &	GetModulus () const
	returns the element's modulus More...

const Integer &	GetOriginalModulus () const
	returns the element's original modulus, derived from Poly More...

const Integer &	GetRootOfUnity () const
	returns the element's root of unity. More...

usint	GetLength () const
	Get method for length of each component element. NOTE assumes all components are the same size. More...

Integer &	at (usint i)
	Get interpolated value of elements at all tower index i. Note this operation is computationally intense. More...

const Integer &	at (usint i) const

Integer &	operator[] (usint i)
	Get interpolated value of element at index i. Note this operation is computationally intense. More...

const Integer &	operator[] (usint i) const

const PolyType &	GetElementAtIndex (usint i) const
	Get method of individual tower of elements. Note this behavior is different than poly. More...

usint	GetNumOfElements () const
	Get method of the number of component elements, also known as the number of towers. More...

const std::vector< PolyType > &	GetAllElements () const
	Get method that returns a vector of all component elements. More...

Format	GetFormat () const
	Get method of the format. More...

std::vector< DCRTPolyType >	BaseDecompose (usint baseBits, bool evalModeAnswer=true) const
	Write the element as $\sum\limits{i=0}^{\lfloor {\log q/base} \rfloor} {(base^i u_i)}$ and return the vector of $\left\{u_0, u_1,...,u_{\lfloor {\log q/base} \rfloor} \right\} \in R_{{base}^{\lceil {\log q/base} \rceil}}$ ; This is used as a subroutine in the relinearization procedure. More...

std::vector< DCRTPolyType >	PowersOfBase (usint baseBits) const
	Generate a vector of PolyImpl's as $\left\{x, {base}x, {base}^2x, ..., {base}^{\lfloor {\log q/{base}} \rfloor} \right\}*x$ , where is the current PolyImpl object; used as a subroutine in the relinearization procedure to get powers of a certain "base" for the secret key element. More...

std::vector< DCRTPolyType >	CRTDecompose (uint32_t baseBits=0) const

const DCRTPolyType &	operator= (const DCRTPolyType &rhs)
	Assignment Operator. More...

const DCRTPolyType &	operator= (DCRTPolyType &&rhs)
	Move Assignment Operator. More...

DCRTPolyType &	operator= (std::initializer_list< uint64_t > rhs)
	Initalizer list. More...

DCRTPolyType &	operator= (uint64_t val)
	Assignment Operator. The usint val will be set at index zero and all other indices will be set to zero. More...

DCRTPolyType &	operator= (const std::vector< int64_t > &rhs)
	Creates a Poly from a vector of signed integers (used for trapdoor sampling) More...

DCRTPolyType &	operator= (const std::vector< int32_t > &rhs)
	Creates a Poly from a vector of signed integers (used for trapdoor sampling) More...

DCRTPolyType &	operator= (std::initializer_list< std::string > rhs)
	Initalizer list. More...

DCRTPolyType	operator- () const
	Unary minus on a element. More...

bool	operator== (const DCRTPolyType &rhs) const
	Equality operator. More...

const DCRTPolyType &	operator+= (const DCRTPolyType &rhs)
	Performs an entry-wise addition over all elements of each tower with the towers of the element on the right hand side. More...

const DCRTPolyType &	operator-= (const DCRTPolyType &rhs)
	Performs an entry-wise subtraction over all elements of each tower with the towers of the element on the right hand side. More...

DCRTPolyType	AutomorphismTransform (const usint &i) const
	Permutes coefficients in a polynomial. Moves the ith index to the first one, it only supports odd indices. More...

DCRTPolyType	AutomorphismTransform (usint i, const std::vector< usint > &map) const
	Performs an automorphism transform operation using precomputed bit reversal indices. More...

DCRTPolyType	Transpose () const
	Transpose the ring element using the automorphism operation. More...

DCRTPolyType	Plus (const DCRTPolyType &element) const
	Performs an addition operation and returns the result. More...

DCRTPolyType	Times (const DCRTPolyType &element) const
	Performs a multiplication operation and returns the result. More...

DCRTPolyType	Minus (const DCRTPolyType &element) const
	Performs a subtraction operation and returns the result. More...

DCRTPolyType	Plus (const Integer &element) const
	Scalar addition - add an element to the first index of each tower. More...

DCRTPolyType	Plus (const vector< Integer > &element) const
	Scalar addition for elements in CRT format. CRT elements are represented as vector of integer elements which correspond to the represented number modulo the primes in the tower chain (in same order). More...

DCRTPolyType	Minus (const Integer &element) const
	Scalar subtraction - subtract an element to all entries. More...

DCRTPolyType	Minus (const vector< Integer > &element) const
	Scalar subtraction for elements in CRT format. CRT elements are represented as vector of integer elements which correspond to the represented number modulo the primes in the tower chain (in same order). More...

DCRTPolyType	Times (const Integer &element) const
	Scalar multiplication - multiply all entries. More...

DCRTPolyType	Times (bigintnat::NativeInteger::SignedNativeInt element) const
	Scalar multiplication - multiply by a signed integer. More...

DCRTPolyType	Times (int64_t element) const
	Scalar multiplication - multiply by a signed integer. More...

DCRTPolyType	Times (const std::vector< NativeInteger > &element) const
	Scalar multiplication by an integer represented in CRT Basis. More...

DCRTPolyType	Times (const std::vector< Integer > &element) const
	Scalar modular multiplication by an integer represented in CRT Basis. More...

DCRTPolyType	MultiplyAndRound (const Integer &p, const Integer &q) const
	Scalar multiplication followed by division and rounding operation - operation on all entries. More...

DCRTPolyType	DivideAndRound (const Integer &q) const
	Scalar division followed by rounding operation - operation on all entries. More...

DCRTPolyType	Negate () const
	Performs a negation operation and returns the result. More...

const DCRTPolyType &	operator+= (const Integer &element)
	Performs += operation with a BigInteger and returns the result. More...

const DCRTPolyType &	operator-= (const Integer &element)
	Performs a subtraction operation and returns the result. More...

const DCRTPolyType &	operator*= (const Integer &element)
	Performs a multiplication operation and returns the result. More...

const DCRTPolyType &	operator*= (const DCRTPolyType &element)
	Performs an multiplication operation and returns the result. More...

PolyType &	ElementAtIndex (usint i)
	Get value of element at index i. More...

DCRTPolyType	MultiplicativeInverse () const
	Performs a multiplicative inverse operation and returns the result. More...

DCRTPolyType	ModByTwo () const
	Perform a modulus by 2 operation. Returns the least significant bit. More...

DCRTPolyType	Mod (const Integer &modulus) const
	Modulus - perform a modulus operation. Does proper mapping of [-modulus/2, modulus/2) to [0, modulus) More...

const VecType &	GetValues () const
	Get method that should not be used. More...

void	SetValues (const VecType &values, Format format)
	Set method that should not be used, will throw an error. More...

void	SetElementAtIndex (usint index, const PolyType &element)
	Sets element at index. More...

void	SetElementAtIndex (usint index, PolyType &&element)
	Sets element at index. More...

void	SetValuesToZero ()
	Sets all values of element to zero.

void	AddILElementOne ()
	Adds "1" to every entry in every tower.

DCRTPolyType	AddRandomNoise (const Integer &modulus) const
	Add uniformly random values to all components except for the first one.

void	MakeSparse (const uint32_t &wFactor)
	Make DCRTPoly Sparse. Sets every index of each tower not equal to zero mod the wFactor to zero. More...

bool	IsEmpty () const
	Returns true if ALL the tower(s) are empty. More...

void	DropLastElement ()
	Drops the last element in the double-CRT representation. The resulting DCRTPoly element will have one less tower.

void	DropLastElements (size_t i)
	Drops the last i elements in the double-CRT representation.

void	DropLastElementAndScale (const std::vector< NativeInteger > &QlQlInvModqlDivqlModq, const std::vector< NativeInteger > &QlQlInvModqlDivqlModqPrecon, const std::vector< NativeInteger > &qlInvModq, const std::vector< NativeInteger > &qlInvModqPrecon)
	Drops the last element in the double-CRT representation and scales down by the last CRT modulus. The resulting DCRTPoly element will have one less tower. More...

void	ModReduce (const NativeInteger &t, const std::vector< NativeInteger > &tModqPrecon, const NativeInteger &negtInvModq, const NativeInteger &negtInvModqPrecon, const std::vector< NativeInteger > &qlInvModq, const std::vector< NativeInteger > &qlInvModqPrecon)
	ModReduces reduces the DCRTPoly element's composite modulus by dropping the last modulus from the chain of moduli as well as dropping the last tower. More...

PolyLargeType	CRTInterpolate () const
	Interpolates the DCRTPoly to an Poly based on the Chinese Remainder Transform Interpolation. and then returns a Poly with that single element. More...

PolyType	DecryptionCRTInterpolate (PlaintextModulus ptm) const

NativePoly	ToNativePoly () const

PolyLargeType	CRTInterpolateIndex (usint i) const
	Interpolates the DCRTPoly to an Poly based on the Chinese Remainder Transform Interpolation, only at element index i, all other elements are zero. and then returns a Poly with that single element. More...

BigInteger	GetWorkingModulus () const
	Computes and returns the product of primes in the current moduli chain. Compared to GetModulus, which always returns the product of all primes in the crypto parameters, this method will return a different modulus, based on the towers/moduli that are currently in the chain (some towers are dropped along the way). More...

shared_ptr< Params >	GetExtendedCRTBasis (std::shared_ptr< Params > paramsP) const
	Returns the element parameters for DCRTPoly elements in an extended CRT basis, which is the concatenation of the towers currently in "this" DCRTPoly, and the moduli in ParamsP. More...

DCRTPolyType	ApproxSwitchCRTBasis (const std::shared_ptr< Params > paramsQ, const std::shared_ptr< Params > paramsP, const std::vector< NativeInteger > &QHatInvModq, const std::vector< NativeInteger > &QHatInvModqPrecon, const std::vector< std::vector< NativeInteger >> &QHatModp, const std::vector< DoubleNativeInt > &modpBarrettMu) const
	Performs approximate CRT basis switching: {X}_{Q} -> {X'}_{P} X' = X + alpha*Q for small alpha {Q} = {q_1,...,q_l} {P} = {p_1,...,p_k}. More...

void	ApproxModUp (const shared_ptr< Params > paramsQ, const shared_ptr< Params > paramsP, const shared_ptr< Params > paramsQP, const vector< NativeInteger > &QHatInvModq, const vector< NativeInteger > &QHatInvModqPrecon, const vector< vector< NativeInteger >> &QHatModp, const vector< DoubleNativeInt > &modpBarrettMu)
	Performs approximate modulus raising: {X}_{Q} -> {X'}_{Q,P}. X' = X + alpha*Q for small alpha {Q} = {q_1,...,q_l} {P} = {p_1,...,p_k}. More...

DCRTPolyType	ApproxModDown (const shared_ptr< Params > paramsQ, const shared_ptr< Params > paramsP, const vector< NativeInteger > &PInvModq, const vector< NativeInteger > &PInvModqPrecon, const vector< NativeInteger > &PHatInvModp, const vector< NativeInteger > &PHatInvModpPrecon, const vector< vector< NativeInteger >> &PHatModq, const vector< DoubleNativeInt > &modqBarrettMu, const vector< NativeInteger > &tInvModp=vector< NativeInteger >(), const vector< NativeInteger > &tInvModpPrecon=vector< NativeInteger >(), const NativeInteger &t=0, const vector< NativeInteger > &tModqPrecon=vector< NativeInteger >()) const
	Performs approximate modulus reduction: {X}_{Q,P} -> {(X/P)}_{Q}. {Q} = {q_1,...,q_l} {P} = {p_1,...,p_k}. More...

DCRTPolyType	SwitchCRTBasis (const shared_ptr< Params > paramsP, const std::vector< NativeInteger > &QHatInvModq, const std::vector< NativeInteger > &QHatInvModqPrecon, const std::vector< std::vector< NativeInteger >> &QHatModp, const std::vector< std::vector< NativeInteger >> &alphaQModp, const std::vector< DoubleNativeInt > &modpBarrettMu, const std::vector< double > &qInv) const
	Performs CRT basis switching: {X}_{Q} -> {X}_{P} {Q} = {q_1,...,q_l} {P} = {p_1,...,p_k}. More...

void	ExpandCRTBasis (const shared_ptr< Params > paramsQP, const shared_ptr< Params > paramsP, const std::vector< NativeInteger > &QHatInvModq, const std::vector< NativeInteger > &QHatInvModqPrecon, const std::vector< std::vector< NativeInteger >> &QHatModp, const std::vector< std::vector< NativeInteger >> &alphaQModp, const std::vector< DoubleNativeInt > &modpBarrettMu, const std::vector< double > &qInv, Format resultFormat=EVALUATION)
	Performs modulus raising: {X}_{Q} -> {X}_{Q,P} {Q} = {q_1,...,q_l} {P} = {p_1,...,p_k}. More...

PolyType	ScaleAndRound (const NativeInteger &t, const std::vector< NativeInteger > &tQHatInvModqDivqModt, const std::vector< NativeInteger > &tQHatInvModqDivqModtPrecon, const std::vector< NativeInteger > &tQHatInvModqBDivqModt, const std::vector< NativeInteger > &tQHatInvModqBDivqModtPrecon, const std::vector< double > &tQHatInvModqDivqFrac, const std::vector< double > &tQHatInvModqBDivqFrac) const
	Performs scale and round: {X}_{Q} -> {(t/Q*X)}_t {Q} = {q_1,...,q_l} {P} = {p_1,...,p_k}. More...

DCRTPolyType	ApproxScaleAndRound (const shared_ptr< Params > paramsP, const std::vector< std::vector< NativeInteger >> &tPSHatInvModsDivsModp, const std::vector< DoubleNativeInt > &modpBarretMu) const
	Computes approximate scale and round: {X}_{Q,P} -> {{t/Q * X}}_{P} {Q} = {q_1,...,q_l} {P} = {p_1,...,p_k}. More...

DCRTPolyType	ScaleAndRound (const shared_ptr< Params > paramsP, const std::vector< std::vector< NativeInteger >> &tPSHatInvModsDivsModp, const std::vector< double > &tPSHatInvModsDivsFrac, const std::vector< DoubleNativeInt > &modpBarretMu) const
	Computes scale and round: {X}_{Q,P} -> {t/Q * X}_{P} {Q} = {q_1,...,q_l} {P} = {p_1,...,p_k}. More...

PolyType	ScaleAndRound (const std::vector< NativeInteger > &moduliQ, const NativeInteger &t, const NativeInteger &tgamma, const std::vector< NativeInteger > &tgammaQHatModq, const std::vector< NativeInteger > &tgammaQHatModqPrecon, const std::vector< NativeInteger > &negInvqModtgamma, const std::vector< NativeInteger > &negInvqModtgammaPrecon) const
	Computes scale and round for fast rounding: {X}_{Q} -> {(t/Q * X)}_t {Q} = {q_1,...,q_l}. More...

void	FastBaseConvqToBskMontgomery (const shared_ptr< Params > paramsBsk, const std::vector< NativeInteger > &moduliQ, const std::vector< NativeInteger > &moduliBsk, const std::vector< DoubleNativeInt > &modbskBarrettMu, const std::vector< NativeInteger > &mtildeQHatInvModq, const std::vector< NativeInteger > &mtildeQHatInvModqPrecon, const std::vector< std::vector< NativeInteger >> &QHatModbsk, const std::vector< uint16_t > &QHatModmtilde, const std::vector< NativeInteger > &QModbsk, const std::vector< NativeInteger > &QModbskPrecon, const uint16_t &negQInvModmtilde, const std::vector< NativeInteger > &mtildeInvModbsk, const std::vector< NativeInteger > &mtildeInvModbskPrecon)
	Expands basis: {X}_{Q} -> {X}_{Q,Bsk,mtilde} mtilde is a redundant modulus used to remove q overflows generated from fast conversion. Outputs the resulting polynomial in CRT/RNS {Q} = {q_1,...,q_l} {Bsk} = {bsk_1,...,bsk_k}. More...

void	FastRNSFloorq (const NativeInteger &t, const std::vector< NativeInteger > &moduliQ, const std::vector< NativeInteger > &moduliBsk, const std::vector< DoubleNativeInt > &modbskBarrettMu, const std::vector< NativeInteger > &tQHatInvModq, const std::vector< NativeInteger > &tQHatInvModqPrecon, const std::vector< std::vector< NativeInteger >> &QHatModbsk, const std::vector< std::vector< NativeInteger >> &qInvModbsk, const std::vector< NativeInteger > &tQInvModbsk, const std::vector< NativeInteger > &tQInvModbskPrecon)
	Computes scale and floor: {X}_{Q,Bsk} -> {{t/Q * X}}_{Bsk} {Q} = {q_1,...,q_l} {Bsk} = {bsk_1,...,bsk_k} Outputs the resulting polynomial in CRT/RNS. More...

void	FastBaseConvSK (const std::vector< NativeInteger > &moduliQ, const std::vector< DoubleNativeInt > &modqBarrettMu, const std::vector< NativeInteger > &moduliBsk, const std::vector< DoubleNativeInt > &modbskBarrettMu, const std::vector< NativeInteger > &BHatInvModb, const std::vector< NativeInteger > &BHatInvModbPrecon, const std::vector< NativeInteger > &BHatModmsk, const NativeInteger &BInvModmsk, const NativeInteger &BInvModmskPrecon, const std::vector< std::vector< NativeInteger >> &BHatModq, const std::vector< NativeInteger > &BModq, const std::vector< NativeInteger > &BModqPrecon)
	Converts basis: {X}_{Q,Bsk} -> {X}_{Bsk} {Q} = {q_1,...,q_l} {Bsk} = {bsk_1,...,bsk_k} using Shenoy Kumaresan method. Outputs the resulting polynomial in CRT/RNS. More...

void	SwitchFormat ()
	Convert from Coefficient to CRT or vice versa; calls FFT and inverse FFT.

void	SwitchModulus (const Integer &modulus, const Integer &rootOfUnity, const Integer &modulusArb=Integer(0), const Integer &rootOfUnityArb=Integer(0))
	Switch modulus and adjust the values. More...

void	SwitchModulusAtIndex (usint index, const Integer &modulus, const Integer &rootOfUnity)
	Switch modulus at tower i and adjust the values. More...

bool	InverseExists () const
	Determines if inverse exists. More...

double	Norm () const
	Returns the infinity norm, basically the largest value in the ring element. More...

double	EuclideanNorm () const
	Returns the euclidean norm, basically the sqrt of the sum of the squares of the values in the ring element. More...

template<class Archive >
void	save (Archive &ar, std::uint32_t const version) const

template<class Archive >
void	load (Archive &ar, std::uint32_t const version)

std::string	SerializedObjectName () const

Public Member Functions inherited from lbcrypto::ILElement< DCRTPolyImpl< VecType >, VecType >
virtual	~ILElement ()
	Standard destructor.

bool	operator!= (const DCRTPolyImpl< VecType > &element) const
	Inequality operator. Compares values of element to be compared to. More...

void	SetFormat (const Format format)
	Sets the format/representation of the element. More...

Static Public Member Functions
static const std::string	GetElementName ()

static function< DCRTPolyType()>	Allocator (const shared_ptr< Params > params, Format format)
	Create lambda that allocates a zeroed element for the case when it is called from a templated class. More...

static function< DCRTPolyType()>	MakeDiscreteGaussianCoefficientAllocator (shared_ptr< Params > params, Format resultFormat, double stddev)
	Allocator for discrete uniform distribution. More...

static function< DCRTPolyType()>	MakeDiscreteUniformAllocator (shared_ptr< Params > params, Format format)
	Allocator for discrete uniform distribution. More...

static uint32_t	SerializedVersion ()

Friends
std::ostream &	operator<< (std::ostream &os, const DCRTPolyType &vec)
	ostream operator More...

DCRTPolyType	operator+ (const DCRTPolyType &a, const DCRTPolyType &b)
	Element-element addition operator. More...

DCRTPolyType	operator+ (const DCRTPolyType &a, const Integer &b)
	Element-integer addition operator. More...

DCRTPolyType	operator+ (const Integer &a, const DCRTPolyType &b)
	Integer-element addition operator. More...

DCRTPolyType	operator+ (const DCRTPolyType &a, const vector< Integer > &b)
	Element-integer addition operator with CRT integer. More...

DCRTPolyType	operator+ (const vector< Integer > &a, const DCRTPolyType &b)
	Integer-element addition operator with CRT integer. More...

DCRTPolyType	operator- (const DCRTPolyType &a, const DCRTPolyType &b)
	Element-element subtraction operator. More...

DCRTPolyType	operator- (const DCRTPolyType &a, const vector< Integer > &b)
	Element-integer subtraction operator with CRT integer. More...

DCRTPolyType	operator- (const vector< Integer > &a, const DCRTPolyType &b)
	Integer-element subtraction operator with CRT integer. More...

DCRTPolyType	operator- (const DCRTPolyType &a, const Integer &b)
	Element-integer subtraction operator. More...

DCRTPolyType	operator* (const DCRTPolyType &a, const DCRTPolyType &b)
	Element-element multiplication operator. More...

DCRTPolyType	operator* (const DCRTPolyType &a, const Integer &b)
	Element-integer multiplication operator. More...

DCRTPolyType	operator* (const DCRTPolyType &a, const vector< Integer > &b)
	Element-CRT number multiplication operator. More...

DCRTPolyType	operator* (const Integer &a, const DCRTPolyType &b)
	Integer-element multiplication operator. More...

DCRTPolyType	operator* (const DCRTPolyType &a, int64_t b)
	Element-signed-integer multiplication operator. More...

DCRTPolyType	operator* (int64_t a, const DCRTPolyType &b)
	signed-Integer-element multiplication operator. More...

Detailed Description

template<typename VecType>
class lbcrypto::DCRTPolyImpl< VecType >

Gentry C., Halevi S., Smart N.P. (2012) Homomorphic Evaluation of the AES Circuit. In: Safavi-Naini R., Canetti R. (eds) Advances in Cryptology – CRYPTO 2012. Lecture Notes in Computer Science, vol 7417. Springer, Berlin, Heidelberg

Constructor & Destructor Documentation

◆ DCRTPolyImpl() [1/10]

template<typename VecType >

lbcrypto::DCRTPolyImpl< VecType >::DCRTPolyImpl	(	const shared_ptr< Params >	params,
		Format	format = `EVALUATION`,
		bool	initializeElementToZero = `false`
	)

Constructor that initializes parameters.

Parameters

params	parameter set required for DCRTPoly.
format	the input format fixed to EVALUATION. Format is a enum type that indicates if the polynomial is in Evaluation representation or Coefficient representation. It is defined in inttypes.h.
initializeElementToZero

◆ DCRTPolyImpl() [2/10]

template<typename VecType >

lbcrypto::DCRTPolyImpl< VecType >::DCRTPolyImpl	(	const DggType &	dgg,
		const shared_ptr< Params >	params,
		Format	format = `EVALUATION`
	)

Constructor based on discrete Gaussian generator.

Parameters

&dgg	the input discrete Gaussian generator. The dgg will be the seed to populate the towers of the DCRTPoly with random numbers.
params	parameter set required for DCRTPoly.
format	the input format fixed to EVALUATION. Format is a enum type that indicates if the polynomial is in Evaluation representation or Coefficient representation. It is defined in inttypes.h.

◆ DCRTPolyImpl() [3/10]

template<typename VecType >

lbcrypto::DCRTPolyImpl< VecType >::DCRTPolyImpl	(	const BugType &	bug,
		const shared_ptr< Params >	params,
		Format	format = `EVALUATION`
	)

Constructor based on binary distribution generator. This is not implemented. Will throw an error.

Parameters

&bug	the input binary uniform generator. The bug will be the seed to populate the towers of the DCRTPoly with random numbers.
params	parameter set required for DCRTPoly.
format	the input format fixed to EVALUATION. Format is a enum type that indicates if the polynomial is in Evaluation representation or Coefficient representation. It is defined in inttypes.h.

◆ DCRTPolyImpl() [4/10]

template<typename VecType >

lbcrypto::DCRTPolyImpl< VecType >::DCRTPolyImpl	(	const TugType &	tug,
		const shared_ptr< Params >	params,
		Format	format = `EVALUATION`,
		uint32_t	h = `0`
	)

Constructor based on ternary distribution generator.

Parameters

&tug	the input ternary uniform generator. The bug will be the seed to populate the towers of the DCRTPoly with random numbers.
params	parameter set required for DCRTPoly.
format	the input format fixed to EVALUATION. Format is a enum type that indicates if the polynomial is in Evaluation representation or Coefficient representation. It is defined in inttypes.h.
h	- Hamming weight for sparse ternary distribution (by default, when h = 0, the distribution is NOT sparse)

◆ DCRTPolyImpl() [5/10]

template<typename VecType >

lbcrypto::DCRTPolyImpl< VecType >::DCRTPolyImpl	(	DugType &	dug,
		const shared_ptr< Params >	params,
		Format	format = `EVALUATION`
	)

Constructor based on discrete uniform generator.

Parameters

&dug	the input discrete Uniform Generator.
params	the input params.
&format	the input format fixed to EVALUATION. Format is a enum type that indicates if the polynomial is in Evaluation representation or Coefficient representation. It is defined in inttypes.h.

◆ DCRTPolyImpl() [6/10]

template<typename VecType >

lbcrypto::DCRTPolyImpl< VecType >::DCRTPolyImpl	(	const PolyLargeType &	element,
		const shared_ptr< Params >	params
	)

Construct using a single Poly. The Poly is copied into every tower. Each tower will be reduced to it's corresponding modulus via GetModuli(at tower index). The format is derived from the passed in Poly.

Parameters

&element	Poly to build other towers from.
params	parameter set required for DCRTPoly.

◆ DCRTPolyImpl() [7/10]

template<typename VecType >

lbcrypto::DCRTPolyImpl< VecType >::DCRTPolyImpl	(	const NativePoly &	element,
		const shared_ptr< Params >	params
	)

Construct using a single NativePoly. The NativePoly is copied into every tower. Each tower will be reduced to it's corresponding modulus via GetModuli(at tower index). The format is derived from the passed in NativePoly.

Parameters

&element	Poly to build other towers from.
params	parameter set required for DCRTPoly.

◆ DCRTPolyImpl() [8/10]

template<typename VecType >

lbcrypto::DCRTPolyImpl< VecType >::DCRTPolyImpl ( const std::vector< PolyType > & elements )

explicit

Construct using an tower of ILVectro2ns. The params and format for the DCRTPoly will be derived from the towers.

Parameters

&towers vector of Polys which correspond to each tower of DCRTPoly.

◆ DCRTPolyImpl() [9/10]

template<typename VecType >

lbcrypto::DCRTPolyImpl< VecType >::DCRTPolyImpl ( const DCRTPolyType & element )

Copy constructor.

Parameters

&element DCRTPoly to copy from

◆ DCRTPolyImpl() [10/10]

template<typename VecType >

lbcrypto::DCRTPolyImpl< VecType >::DCRTPolyImpl ( const DCRTPolyType && element )

explicit

Move constructor.

Parameters

&&element DCRTPoly to move from

Member Function Documentation

◆ Allocator()

template<typename VecType>

static function<DCRTPolyType()> lbcrypto::DCRTPolyImpl< VecType >::Allocator	(	const shared_ptr< Params >	params,
		Format	format
	)

inlinestatic

Create lambda that allocates a zeroed element for the case when it is called from a templated class.

Parameters

params	the params to use.
format	- EVALUATION or COEFFICIENT

◆ ApproxModDown()

template<typename VecType >

DCRTPolyImpl< VecType > lbcrypto::DCRTPolyImpl< VecType >::ApproxModDown	(	const shared_ptr< Params >	paramsQ,
		const shared_ptr< Params >	paramsP,
		const vector< NativeInteger > &	PInvModq,
		const vector< NativeInteger > &	PInvModqPrecon,
		const vector< NativeInteger > &	PHatInvModp,
		const vector< NativeInteger > &	PHatInvModpPrecon,
		const vector< vector< NativeInteger >> &	PHatModq,
		const vector< DoubleNativeInt > &	modqBarrettMu,
		const vector< NativeInteger > &	tInvModp = `vector<NativeInteger>()`,
		const vector< NativeInteger > &	tInvModpPrecon = `vector<NativeInteger>()`,
		const NativeInteger &	t = `0`,
		const vector< NativeInteger > &	tModqPrecon = `vector<NativeInteger>()`
	)		const

Performs approximate modulus reduction: {X}_{Q,P} -> {(X/P)}_{Q}. {Q} = {q_1,...,q_l} {P} = {p_1,...,p_k}.

Brief algorithm: 1) use DCRTPoly::ApproxSwitchCRTBasis : {X}_{P} -> {X'}_{Q} 2) compute : {(X-X') * P^{-1}}_{Q}

Source: "A full RNS variant of approximate homomorphic encryption" by Cheon, et. al.

Parameters

&paramsQ	parameters for the CRT basis {q_1,...,q_l}
&paramsP	parameters for the CRT basis {p_1,...,p_k}
&PInvModq	precomputed values for (P^{-1} mod q_j)
&PInvModqPrecon	NTL-specific precomputations
&PHatInvModp	precomputed values for [(P/p_j)^{-1}]_{p_j}
&PHatInvModpPrecon	NTL-specific precomputations
&PHatModq	precomputed values for [P/p_j]_{q_i}
&modqBarrettMu	128-bit Barrett reduction precomputed values for q_i
&tInvModp	precomputed values for [t^{-1}]_{p_j} used in BGVrns
t	often corresponds to the plaintext modulus used in BGVrns

Returns: the representation of {(X/P)}_{Q}

◆ ApproxModUp()

template<typename VecType >

void lbcrypto::DCRTPolyImpl< VecType >::ApproxModUp	(	const shared_ptr< Params >	paramsQ,
		const shared_ptr< Params >	paramsP,
		const shared_ptr< Params >	paramsQP,
		const vector< NativeInteger > &	QHatInvModq,
		const vector< NativeInteger > &	QHatInvModqPrecon,
		const vector< vector< NativeInteger >> &	QHatModp,
		const vector< DoubleNativeInt > &	modpBarrettMu
	)

Performs approximate modulus raising: {X}_{Q} -> {X'}_{Q,P}. X' = X + alpha*Q for small alpha {Q} = {q_1,...,q_l} {P} = {p_1,...,p_k}.

Brief algorithm: {X}_{Q} -> {X'}_Q : trivial {X}_{Q} -> {X'}_P : use DCRTPoly::ApproxSwitchCRTBasis

Source: "A full RNS variant of approximate homomorphic encryption" by Cheon, et. al.

Parameters

&paramsQ	parameters for the CRT basis {q_1,...,q_l}
&paramsP	parameters for the CRT basis {p_1,...,p_k}
&QHatInvModq	precomputed values for [(Q/q_i)^{-1}]_{q_i}
&QHatInvModqPrecon	NTL-specific precomputations
&QHatModp	precomputed values for [Q/q_i]_{p_j}
&modpBarrettMu	128-bit Barrett reduction precomputed values for p_j

Returns: the representation of {X + alpha*Q} in basis {Q,P}.

◆ ApproxScaleAndRound()

template<typename VecType >

DCRTPolyImpl< VecType > lbcrypto::DCRTPolyImpl< VecType >::ApproxScaleAndRound	(	const shared_ptr< Params >	paramsP,
		const std::vector< std::vector< NativeInteger >> &	tPSHatInvModsDivsModp,
		const std::vector< DoubleNativeInt > &	modpBarretMu
	)		const

Computes approximate scale and round: {X}_{Q,P} -> {{t/Q * X}}_{P} {Q} = {q_1,...,q_l} {P} = {p_1,...,p_k}.

Brief algorithm: Let S = {Q,P} 1) [ x_k * alpha_k]_{p_j} 2) alpha_k = [Floor[t*P*[[SHatInv_k]_{s_k}/s_k]]_{p_j}

Source: Halevi S., Polyakov Y., and Shoup V. An Improved RNS Variant of the BFV Homomorphic Encryption Scheme. Cryptology ePrint Archive, Report 2018/117. (https://eprint.iacr.org/2018/117)

Parameters

&paramsP	parameters for the CRT basis {p_1,...,p_k}
&tPSHatInvModsDivsModp	precomputed values for [[tP[[SHatInv_k]_{s_k}/s_k]]_{p_j}
&modpBarretMu	128-bit Barrett reduction precomputed values for p_j

Returns: the result {{t/Q * X}}_{P}

◆ ApproxSwitchCRTBasis()

template<typename VecType>

DCRTPolyImpl< VecType > lbcrypto::DCRTPolyImpl< VecType >::ApproxSwitchCRTBasis	(	const std::shared_ptr< Params >	paramsQ,
		const std::shared_ptr< Params >	paramsP,
		const std::vector< NativeInteger > &	QHatInvModq,
		const std::vector< NativeInteger > &	QHatInvModqPrecon,
		const std::vector< std::vector< NativeInteger >> &	QHatModp,
		const std::vector< DoubleNativeInt > &	modpBarrettMu
	)		const

Performs approximate CRT basis switching: {X}_{Q} -> {X'}_{P} X' = X + alpha*Q for small alpha {Q} = {q_1,...,q_l} {P} = {p_1,...,p_k}.

Brief algorithm: [X']_{p_j} = [([x_i*(Q/q_i)^{-1}]_{q_i}*(Q/q_i)]_{p_j}

Source: "A full RNS variant of approximate homomorphic encryption" by Cheon, et. al.

Parameters

&paramsQ	parameters for the CRT basis {q_1,...,q_l}
&paramsP	parameters for the CRT basis {p_1,...,p_k}
&QHatinvModq	precomputed values for [(Q/q_i)^{-1}]_{q_i}
&QHatinvModqPrecon	NTL-specific precomputations
&QHatModp	precomputed values for [Q/q_i]_{p_j}
&modpBarrettMu	128-bit Barrett reduction precomputed values

Returns: the representation of {X + alpha*Q} in basis {P}.

◆ at()

template<typename VecType >

DCRTPolyImpl< VecType >::Integer & lbcrypto::DCRTPolyImpl< VecType >::at ( usint i )

virtual

Get interpolated value of elements at all tower index i. Note this operation is computationally intense.

Returns: interpolated value at index i.

Reimplemented from lbcrypto::ILElement< DCRTPolyImpl< VecType >, VecType >.

◆ AutomorphismTransform() [1/2]

template<typename VecType>

DCRTPolyType lbcrypto::DCRTPolyImpl< VecType >::AutomorphismTransform ( const usint & i ) const

inlinevirtual

Permutes coefficients in a polynomial. Moves the ith index to the first one, it only supports odd indices.

Parameters

&i	is the element to perform the automorphism transform with.

Returns: is the result of the automorphism transform.

Implements lbcrypto::ILElement< DCRTPolyImpl< VecType >, VecType >.

◆ AutomorphismTransform() [2/2]

template<typename VecType>

DCRTPolyType lbcrypto::DCRTPolyImpl< VecType >::AutomorphismTransform	(	usint	i,
		const std::vector< usint > &	map
	)		const

inlinevirtual

Performs an automorphism transform operation using precomputed bit reversal indices.

Parameters

&i	is the element to perform the automorphism transform with.
&map	a vector with precomputed indices

Returns: is the result of the automorphism transform.

Implements lbcrypto::ILElement< DCRTPolyImpl< VecType >, VecType >.

◆ BaseDecompose()

template<typename VecType >

std::vector< DCRTPolyImpl< VecType > > lbcrypto::DCRTPolyImpl< VecType >::BaseDecompose	(	usint	baseBits,
		bool	evalModeAnswer = `true`
	)		const

virtual

Write the element as $\sum\limits{i=0}^{\lfloor {\log q/base} \rfloor} {(base^i u_i)}$ and return the vector of $\left\{u_0, u_1,...,u_{\lfloor {\log q/base} \rfloor} \right\} \in R_{{base}^{\lceil {\log q/base} \rceil}}$ ; This is used as a subroutine in the relinearization procedure.

Parameters

baseBits is the number of bits in the base, i.e., $base = 2^{baseBits}$ .

Returns: is the pointer where the base decomposition vector is stored

Implements lbcrypto::ILElement< DCRTPolyImpl< VecType >, VecType >.

◆ Clone()

template<typename VecType>

DCRTPolyType lbcrypto::DCRTPolyImpl< VecType >::Clone ( ) const

inlinevirtual

Clone the object by making a copy of it and returning the copy.

Returns: new Element

Implements lbcrypto::ILElement< DCRTPolyImpl< VecType >, VecType >.

◆ CloneEmpty()

template<typename VecType>

DCRTPolyType lbcrypto::DCRTPolyImpl< VecType >::CloneEmpty ( ) const

inlinevirtual

Clone the object, but have it contain nothing.

Returns: new Element

Implements lbcrypto::ILElement< DCRTPolyImpl< VecType >, VecType >.

◆ CloneTowers()

template<typename VecType>

DCRTPolyType lbcrypto::DCRTPolyImpl< VecType >::CloneTowers	(	uint32_t	startTower,
		uint32_t	endTower
	)		const

inline

Makes a copy of the DCRTPoly, but it includes only a sequential subset of the towers that the original holds.

Parameters

startTower	The index number of the first tower to clone
endTower	The index number of the last tower to clone

Returns: new Element

◆ CloneWithNoise()

template<typename VecType>

DCRTPolyImpl< VecType > lbcrypto::DCRTPolyImpl< VecType >::CloneWithNoise	(	const DiscreteGaussianGeneratorImpl< VecType > &	dgg,
		Format	format = `EVALUATION`
	)		const

virtual

Clone with noise. This method creates a new DCRTPoly and clones the params. The tower values will be filled up with noise based on the discrete gaussian.

Parameters

&dgg	the input discrete Gaussian generator. The dgg will be the seed to populate the towers of the DCRTPoly with random numbers.
format	the input format fixed to EVALUATION. Format is a enum type that indicates if the polynomial is in Evaluation representation or Coefficient representation. It is defined in inttypes.h.

Implements lbcrypto::ILElement< DCRTPolyImpl< VecType >, VecType >.

◆ CRTDecompose()

template<typename VecType >

std::vector< DCRTPolyImpl< VecType > > lbcrypto::DCRTPolyImpl< VecType >::CRTDecompose ( uint32_t baseBits = 0 ) const

CRT basis decomposition of c as [c qi/q]_qi

Parameters

&baseBits bits in the base for additional digit decomposition if base > 0

Returns: is the pointer where the resulting vector is stored

◆ CRTInterpolate()

template<typename VecType >

DCRTPolyImpl< VecType >::PolyLargeType lbcrypto::DCRTPolyImpl< VecType >::CRTInterpolate ( ) const

Interpolates the DCRTPoly to an Poly based on the Chinese Remainder Transform Interpolation. and then returns a Poly with that single element.

Returns: the interpolated ring element as a Poly object.

◆ CRTInterpolateIndex()

template<typename VecType >

DCRTPolyImpl< VecType >::PolyLargeType lbcrypto::DCRTPolyImpl< VecType >::CRTInterpolateIndex ( usint i ) const

Interpolates the DCRTPoly to an Poly based on the Chinese Remainder Transform Interpolation, only at element index i, all other elements are zero. and then returns a Poly with that single element.

Returns: the interpolated ring element as a Poly object.

◆ DivideAndRound()

template<typename VecType >

DCRTPolyImpl< VecType > lbcrypto::DCRTPolyImpl< VecType >::DivideAndRound ( const Integer & q ) const

virtual

Scalar division followed by rounding operation - operation on all entries.

Parameters

&q	is the element to divide entry-wise.

Returns: is the return value of the divide, followed by rounding operation.

Implements lbcrypto::ILElement< DCRTPolyImpl< VecType >, VecType >.

◆ DropLastElementAndScale()

template<typename VecType >

void lbcrypto::DCRTPolyImpl< VecType >::DropLastElementAndScale	(	const std::vector< NativeInteger > &	QlQlInvModqlDivqlModq,
		const std::vector< NativeInteger > &	QlQlInvModqlDivqlModqPrecon,
		const std::vector< NativeInteger > &	qlInvModq,
		const std::vector< NativeInteger > &	qlInvModqPrecon
	)

Drops the last element in the double-CRT representation and scales down by the last CRT modulus. The resulting DCRTPoly element will have one less tower.

Parameters

&QlQlInvModqlDivqlModq	precomputed values for [Q^(l)*[Q^(l)^{-1}]_{q_l}/q_l]_{q_i}
&QlQlInvModqlDivqlModqPrecon	NTL-specific precomputations
&qlInvModq	precomputed values for [q_l^{-1}]_{q_i}
&qlInvModqPrecon	NTL-specific precomputations

◆ ElementAtIndex()

template<typename VecType >

PolyImpl< NativeVector > & lbcrypto::DCRTPolyImpl< VecType >::ElementAtIndex ( usint i )

Get value of element at index i.

Returns: value at index i.

◆ EuclideanNorm()

template<typename VecType >

double lbcrypto::DCRTPolyImpl< VecType >::EuclideanNorm ( ) const

virtual

Returns the euclidean norm, basically the sqrt of the sum of the squares of the values in the ring element.

Returns: is the euclidean norm, basically the sqrt of the sum of the squares of the values in the ring element.

Implements lbcrypto::ILElement< DCRTPolyImpl< VecType >, VecType >.

◆ ExpandCRTBasis()

template<typename VecType >

void lbcrypto::DCRTPolyImpl< VecType >::ExpandCRTBasis	(	const shared_ptr< Params >	paramsQP,
		const shared_ptr< Params >	paramsP,
		const std::vector< NativeInteger > &	QHatInvModq,
		const std::vector< NativeInteger > &	QHatInvModqPrecon,
		const std::vector< std::vector< NativeInteger >> &	QHatModp,
		const std::vector< std::vector< NativeInteger >> &	alphaQModp,
		const std::vector< DoubleNativeInt > &	modpBarrettMu,
		const std::vector< double > &	qInv,
		Format	resultFormat = `EVALUATION`
	)

Performs modulus raising: {X}_{Q} -> {X}_{Q,P} {Q} = {q_1,...,q_l} {P} = {p_1,...,p_k}.

Brief algorithm: {X}_{Q} -> {X}_P : use DCRTPoly::SwitchCRTBasis combine {X}_{Q} and {X}_{P} Outputs the resulting polynomial in CRT/RNS

Source: Halevi S., Polyakov Y., and Shoup V. An Improved RNS Variant of the BFV Homomorphic Encryption Scheme. Cryptology ePrint Archive, Report 2018/117. (https://eprint.iacr.org/2018/117)

Parameters

&paramsQP	parameters for the CRT basis {q_1,...,q_l,p_1,...,p_k}
&paramsP	parameters for the CRT basis {p_1,...,p_k}
&QHatInvModq	precomputed values for [QInv_i]_{q_i}
&QHatInvModqPrecon	NTL-specific precomputations
&QHatModp	precomputed values for [QHat_i]_{p_j}
&alphaQModp	precomputed values for [alpha*Q]_{p_j}
&modpBarrettMu	128-bit Barrett reduction precomputed values for p_j &qInv precomputed values for 1/q_i
resultFormat	Specifies the format we want the result to be in

◆ FastBaseConvqToBskMontgomery()

template<typename VecType >

void lbcrypto::DCRTPolyImpl< VecType >::FastBaseConvqToBskMontgomery	(	const shared_ptr< Params >	paramsBsk,
		const std::vector< NativeInteger > &	moduliQ,
		const std::vector< NativeInteger > &	moduliBsk,
		const std::vector< DoubleNativeInt > &	modbskBarrettMu,
		const std::vector< NativeInteger > &	mtildeQHatInvModq,
		const std::vector< NativeInteger > &	mtildeQHatInvModqPrecon,
		const std::vector< std::vector< NativeInteger >> &	QHatModbsk,
		const std::vector< uint16_t > &	QHatModmtilde,
		const std::vector< NativeInteger > &	QModbsk,
		const std::vector< NativeInteger > &	QModbskPrecon,
		const uint16_t &	negQInvModmtilde,
		const std::vector< NativeInteger > &	mtildeInvModbsk,
		const std::vector< NativeInteger > &	mtildeInvModbskPrecon
	)

Expands basis: {X}_{Q} -> {X}_{Q,Bsk,mtilde} mtilde is a redundant modulus used to remove q overflows generated from fast conversion. Outputs the resulting polynomial in CRT/RNS {Q} = {q_1,...,q_l} {Bsk} = {bsk_1,...,bsk_k}.

Source: Jean-Claude Bajard and Julien Eynard and Anwar Hasan and Vincent Zucca. A Full RNS Variant of FV like Somewhat Homomorphic Encryption Schemes. Cryptology ePrint Archive: Report 2016/510. (https://eprint.iacr.org/2016/510)

Parameters

paramsBsk	container of Bsk moduli and roots on unity
&moduliQ	basis {Q} = {q_1,q_2,...,q_l}
&moduliBsk	basis {Bsk U mtilde} ...
&modbskBarrettMu	128-bit Barrett reduction precomputed values for bsk_j
&mtildeQHatInvModq	[mtilde*(Q/q_i)^{-1}]_{q_i}
&mtildeQHatInvModqPrecon	NTL-specific precomputations
&QHatModbsk	[Q/q_i]_{bsk_j}
&QHatModmtilde	[Q/q_i]_{mtilde}
&QModbsk	[Q]_{bsk_j}
&QModbskPrecon	NTL-specific precomputations
&negQInvModmtilde	[-Q^{-1}]_{mtilde}
&mtildeInvModbsk	[mtilde^{-1}]_{bsk_j}
&mtildeInvModbskPrecon	NTL-specific precomputations

◆ FastBaseConvSK()

template<typename VecType >

void lbcrypto::DCRTPolyImpl< VecType >::FastBaseConvSK	(	const std::vector< NativeInteger > &	moduliQ,
		const std::vector< DoubleNativeInt > &	modqBarrettMu,
		const std::vector< NativeInteger > &	moduliBsk,
		const std::vector< DoubleNativeInt > &	modbskBarrettMu,
		const std::vector< NativeInteger > &	BHatInvModb,
		const std::vector< NativeInteger > &	BHatInvModbPrecon,
		const std::vector< NativeInteger > &	BHatModmsk,
		const NativeInteger &	BInvModmsk,
		const NativeInteger &	BInvModmskPrecon,
		const std::vector< std::vector< NativeInteger >> &	BHatModq,
		const std::vector< NativeInteger > &	BModq,
		const std::vector< NativeInteger > &	BModqPrecon
	)

Converts basis: {X}_{Q,Bsk} -> {X}_{Bsk} {Q} = {q_1,...,q_l} {Bsk} = {bsk_1,...,bsk_k} using Shenoy Kumaresan method. Outputs the resulting polynomial in CRT/RNS.

Note in the source paper, B is referred to by M.

Parameters

&moduliQ	basis Q = {q_1,...,q_l}
&modqBarrettMu	precomputed Barrett Mu for q_i
&moduliBsk	basis {Bsk} = {bsk_1,...,bsk_k}
&modbskBarrettMu	precomputed Barrett Mu for bsk_j
&BHatInvModb	[(B/b_j)^{-1}]_{b_j}
&BHatInvModbPrecon	NTL precomptations for [(B/b_j)^{-1}]_{b_j}
&BHatModmsk	[B/b_j]_{msk}
&BInvModmsk	[B^{-1}]_{msk}
&BInvModmskPrecon	NTL precomptation for [B^{-1}]_{msk}
&BHatModq	[B/b_j]_{q_i}
&BModq	[B]_{q_i}
&BModqPrecon	NTL precomptations for [B]_{q_i}

◆ FastRNSFloorq()

template<typename VecType >

void lbcrypto::DCRTPolyImpl< VecType >::FastRNSFloorq	(	const NativeInteger &	t,
		const std::vector< NativeInteger > &	moduliQ,
		const std::vector< NativeInteger > &	moduliBsk,
		const std::vector< DoubleNativeInt > &	modbskBarrettMu,
		const std::vector< NativeInteger > &	tQHatInvModq,
		const std::vector< NativeInteger > &	tQHatInvModqPrecon,
		const std::vector< std::vector< NativeInteger >> &	QHatModbsk,
		const std::vector< std::vector< NativeInteger >> &	qInvModbsk,
		const std::vector< NativeInteger > &	tQInvModbsk,
		const std::vector< NativeInteger > &	tQInvModbskPrecon
	)

Computes scale and floor: {X}_{Q,Bsk} -> {{t/Q * X}}_{Bsk} {Q} = {q_1,...,q_l} {Bsk} = {bsk_1,...,bsk_k} Outputs the resulting polynomial in CRT/RNS.

Parameters

&t	plaintext modulus
&moduliQ	{Q} = {q_1,...,q_l}
&moduliBsk	{Bsk} = {bsk_1,...,bsk_k}
&modbskBarrettMu	128-bit Barrett reduction precomputed values for bsk_j
&tQHatInvModq	[(Q/q_i)^{-1}]_{q_i}
&tQHatInvModqPrecon	NTL-specific precomputations
&QHatModbsk	[Q/q_i]_{bsk_i}
&qInvModbsk	[(q_i)^{-1}]_{bsk_j}
&tQInvModbsk	[t*Q^{-1}]_{bsk_j}
&tQInvModbskPrecon	NTL-specific precomputations

◆ GetAllElements()

template<typename VecType >

const std::vector< typename DCRTPolyImpl< VecType >::PolyType > & lbcrypto::DCRTPolyImpl< VecType >::GetAllElements ( ) const

Get method that returns a vector of all component elements.

Returns: a vector of the component elements.

◆ GetCyclotomicOrder()

template<typename VecType>

usint lbcrypto::DCRTPolyImpl< VecType >::GetCyclotomicOrder ( ) const

inlinevirtual

returns the element's cyclotomic order

Returns: returns the cyclotomic order of the element.

Implements lbcrypto::ILElement< DCRTPolyImpl< VecType >, VecType >.

◆ GetElementAtIndex()

template<typename VecType >

const DCRTPolyImpl< VecType >::PolyType & lbcrypto::DCRTPolyImpl< VecType >::GetElementAtIndex ( usint i ) const

Get method of individual tower of elements. Note this behavior is different than poly.

Parameters

i	index of tower to be returned.

Returns: a reference to the returned tower

◆ GetExtendedCRTBasis()

template<typename VecType>

shared_ptr< typename DCRTPolyImpl< VecType >::Params > lbcrypto::DCRTPolyImpl< VecType >::GetExtendedCRTBasis ( std::shared_ptr< Params > paramsP ) const

Returns the element parameters for DCRTPoly elements in an extended CRT basis, which is the concatenation of the towers currently in "this" DCRTPoly, and the moduli in ParamsP.

Returns: element parameters of the extended basis.

◆ GetFormat()

template<typename VecType >

Format lbcrypto::DCRTPolyImpl< VecType >::GetFormat ( ) const

virtual

Get method of the format.

Returns: the format, either COEFFICIENT or EVALUATION

Implements lbcrypto::ILElement< DCRTPolyImpl< VecType >, VecType >.

◆ GetLength()

template<typename VecType>

usint lbcrypto::DCRTPolyImpl< VecType >::GetLength ( ) const

inlinevirtual

Get method for length of each component element. NOTE assumes all components are the same size.

Returns: length of the component element

Implements lbcrypto::ILElement< DCRTPolyImpl< VecType >, VecType >.

◆ GetModulus()

template<typename VecType>

const Integer& lbcrypto::DCRTPolyImpl< VecType >::GetModulus ( ) const

inlinevirtual

returns the element's modulus

Returns: returns the modulus of the element.

Implements lbcrypto::ILElement< DCRTPolyImpl< VecType >, VecType >.

◆ GetNumOfElements()

template<typename VecType >

usint lbcrypto::DCRTPolyImpl< VecType >::GetNumOfElements ( ) const

Get method of the number of component elements, also known as the number of towers.

Returns: the number of component elements.

◆ GetOriginalModulus()

template<typename VecType>

const Integer& lbcrypto::DCRTPolyImpl< VecType >::GetOriginalModulus ( ) const

inline

returns the element's original modulus, derived from Poly

Returns: returns the modulus of the element.

◆ GetParams()

template<typename VecType>

const shared_ptr<Params> lbcrypto::DCRTPolyImpl< VecType >::GetParams ( ) const

inline

returns the parameters of the element.

Returns: the element parameter set.

◆ GetRingDimension()

template<typename VecType>

usint lbcrypto::DCRTPolyImpl< VecType >::GetRingDimension ( ) const

inline

returns the element's ring dimension

Returns: returns the ring dimension of the element.

◆ GetRootOfUnity()

template<typename VecType>

const Integer& lbcrypto::DCRTPolyImpl< VecType >::GetRootOfUnity ( ) const

inline

returns the element's root of unity.

Returns: the element's root of unity.

◆ GetValues()

template<typename VecType>

const VecType& lbcrypto::DCRTPolyImpl< VecType >::GetValues ( ) const

inlinevirtual

Get method that should not be used.

Returns: will throw an error.

Implements lbcrypto::ILElement< DCRTPolyImpl< VecType >, VecType >.

◆ GetWorkingModulus()

template<typename VecType >

BigInteger lbcrypto::DCRTPolyImpl< VecType >::GetWorkingModulus ( ) const

Computes and returns the product of primes in the current moduli chain. Compared to GetModulus, which always returns the product of all primes in the crypto parameters, this method will return a different modulus, based on the towers/moduli that are currently in the chain (some towers are dropped along the way).

Returns: the product of moduli in the current towers.

◆ InverseExists()

template<typename VecType >

bool lbcrypto::DCRTPolyImpl< VecType >::InverseExists ( ) const

virtual

Determines if inverse exists.

Returns: is the Boolean representation of the existence of multiplicative inverse.

Implements lbcrypto::ILElement< DCRTPolyImpl< VecType >, VecType >.

◆ IsEmpty()

template<typename VecType >

bool lbcrypto::DCRTPolyImpl< VecType >::IsEmpty ( ) const

virtual

Returns true if ALL the tower(s) are empty.

Returns: true if all towers are empty

Implements lbcrypto::ILElement< DCRTPolyImpl< VecType >, VecType >.

◆ MakeDiscreteGaussianCoefficientAllocator()

template<typename VecType>

static function<DCRTPolyType()> lbcrypto::DCRTPolyImpl< VecType >::MakeDiscreteGaussianCoefficientAllocator	(	shared_ptr< Params >	params,
		Format	resultFormat,
		double	stddev
	)

inlinestatic

Allocator for discrete uniform distribution.

Parameters

params	Params instance that is is passed.
resultFormat	resultFormat for the polynomials generated.
stddev	standard deviation for the discrete gaussian generator.

Returns: the resulting vector.

◆ MakeDiscreteUniformAllocator()

template<typename VecType>

static function<DCRTPolyType()> lbcrypto::DCRTPolyImpl< VecType >::MakeDiscreteUniformAllocator	(	shared_ptr< Params >	params,
		Format	format
	)

inlinestatic

Allocator for discrete uniform distribution.

Parameters

params	Params instance that is is passed.
format	format for the polynomials generated.

Returns: the resulting vector.

◆ MakeSparse()

template<typename VecType >

void lbcrypto::DCRTPolyImpl< VecType >::MakeSparse ( const uint32_t & wFactor )

virtual

Make DCRTPoly Sparse. Sets every index of each tower not equal to zero mod the wFactor to zero.

Parameters

&wFactor ratio between the sparse and none-sparse values.

Implements lbcrypto::ILElement< DCRTPolyImpl< VecType >, VecType >.

◆ Minus() [1/3]

template<typename VecType >

DCRTPolyImpl< VecType > lbcrypto::DCRTPolyImpl< VecType >::Minus ( const DCRTPolyType & element ) const

virtual

Performs a subtraction operation and returns the result.

Parameters

&element is the element to subtract from.

Returns: is the result of the subtraction.

Implements lbcrypto::ILElement< DCRTPolyImpl< VecType >, VecType >.

◆ Minus() [2/3]

template<typename VecType >

DCRTPolyImpl< VecType > lbcrypto::DCRTPolyImpl< VecType >::Minus ( const Integer & element ) const

virtual

Scalar subtraction - subtract an element to all entries.

Parameters

&element is the element to subtract entry-wise.

Returns: is the return value of the minus operation.

Implements lbcrypto::ILElement< DCRTPolyImpl< VecType >, VecType >.

◆ Minus() [3/3]

template<typename VecType >

DCRTPolyImpl< VecType > lbcrypto::DCRTPolyImpl< VecType >::Minus ( const vector< Integer > & element ) const

Scalar subtraction for elements in CRT format. CRT elements are represented as vector of integer elements which correspond to the represented number modulo the primes in the tower chain (in same order).

Parameters

&element is the element to subtract entry-wise.

Returns: is the result of the subtraction operation.

◆ Mod()

template<typename VecType>

DCRTPolyType lbcrypto::DCRTPolyImpl< VecType >::Mod ( const Integer & modulus ) const

inlinevirtual

Modulus - perform a modulus operation. Does proper mapping of [-modulus/2, modulus/2) to [0, modulus)

Parameters

modulus is the modulus to use.

Returns: is the return value of the modulus.

Implements lbcrypto::ILElement< DCRTPolyImpl< VecType >, VecType >.

◆ ModByTwo()

template<typename VecType >

DCRTPolyImpl< VecType > lbcrypto::DCRTPolyImpl< VecType >::ModByTwo ( ) const

virtual

Perform a modulus by 2 operation. Returns the least significant bit.

Returns: is the resulting value.

Implements lbcrypto::ILElement< DCRTPolyImpl< VecType >, VecType >.

◆ ModReduce()

template<typename VecType >

void lbcrypto::DCRTPolyImpl< VecType >::ModReduce	(	const NativeInteger &	t,
		const std::vector< NativeInteger > &	tModqPrecon,
		const NativeInteger &	negtInvModq,
		const NativeInteger &	negtInvModqPrecon,
		const std::vector< NativeInteger > &	qlInvModq,
		const std::vector< NativeInteger > &	qlInvModqPrecon
	)

ModReduces reduces the DCRTPoly element's composite modulus by dropping the last modulus from the chain of moduli as well as dropping the last tower.

Parameters

&t	is the plaintextModulus used for the DCRTPoly
&tModqPrecon	NTL-specific precomputations for [t]_{q_i}
&negtInvModq	precomputed values for [-t^{-1}]_{q_i}
&negtInvModqPrecon	NTL-specific precomputations for [-t^{-1}]_{q_i}
&qlInvModq	precomputed values for [q_{l}^{-1}]_{q_i}
&qlInvModqPrecon	NTL-specific precomputations for [q_{l}^{-1}]_{q_i}

Used for BGVrns modulus switching This function performs ModReduce on ciphertext element and private key element. The algorithm computes ct' <- round( ct/qt ).

Modulus reduction reduces a ciphertext from modulus q to a smaller modulus q/qt where qt is generally the last moduli of the tower. ModReduce is written for DCRTPolyImpl and it drops the last tower while updating the necessary parameters.

The rounding is actually computed as a flooring by computing delta such that delta = -ct mod qt and delta = 0 [t]

The steps taken here are as follows:

compute delta <- -ct/ptm mod qt
compute delta <- ptm*delta in Z. E.g., all of delta's integer coefficients can be in the range [-ptm*qt/2, ptm*qt/2).
let d' = c + delta mod q/qt. By construction, d' is divisible by qt and congruent to 0 mod ptm.
output (d'/q') in R(q/q').

◆ MultiplicativeInverse()

template<typename VecType >

DCRTPolyImpl< VecType > lbcrypto::DCRTPolyImpl< VecType >::MultiplicativeInverse ( ) const

virtual

Performs a multiplicative inverse operation and returns the result.

Returns: is the result of the multiplicative inverse.

Implements lbcrypto::ILElement< DCRTPolyImpl< VecType >, VecType >.

◆ MultiplyAndRound()

template<typename VecType >

DCRTPolyImpl< VecType > lbcrypto::DCRTPolyImpl< VecType >::MultiplyAndRound	(	const Integer &	p,
		const Integer &	q
	)		const

virtual

Scalar multiplication followed by division and rounding operation - operation on all entries.

Parameters

&p	is the element to multiply entry-wise.
&q	is the element to divide entry-wise.

Returns: is the return value of the multiply, divide and followed by rounding operation.

Implements lbcrypto::ILElement< DCRTPolyImpl< VecType >, VecType >.

◆ Negate()

template<typename VecType >

DCRTPolyImpl< VecType > lbcrypto::DCRTPolyImpl< VecType >::Negate ( ) const

Performs a negation operation and returns the result.

Returns: is the result of the negation.

◆ Norm()

template<typename VecType >

double lbcrypto::DCRTPolyImpl< VecType >::Norm ( ) const

virtual

Returns the infinity norm, basically the largest value in the ring element.

Returns: is the largest value in the ring element.

Implements lbcrypto::ILElement< DCRTPolyImpl< VecType >, VecType >.

◆ operator*=() [1/2]

template<typename VecType >

const DCRTPolyImpl< VecType > & lbcrypto::DCRTPolyImpl< VecType >::operator*= ( const Integer & element )

virtual

Performs a multiplication operation and returns the result.

Parameters

&element is the element to multiply by.

Returns: is the result of the multiplication.

Implements lbcrypto::ILElement< DCRTPolyImpl< VecType >, VecType >.

◆ operator*=() [2/2]

template<typename VecType >

const DCRTPolyImpl< VecType > & lbcrypto::DCRTPolyImpl< VecType >::operator*= ( const DCRTPolyType & element )

virtual

Performs an multiplication operation and returns the result.

Parameters

&element is the element to multiply with.

Returns: is the result of the multiplication.

Implements lbcrypto::ILElement< DCRTPolyImpl< VecType >, VecType >.

◆ operator+=() [1/2]

template<typename VecType >

const DCRTPolyImpl< VecType > & lbcrypto::DCRTPolyImpl< VecType >::operator+= ( const DCRTPolyType & rhs )

virtual

Performs an entry-wise addition over all elements of each tower with the towers of the element on the right hand side.

Parameters

&rhs	is the element to add with.

Returns: is the result of the addition.

Implements lbcrypto::ILElement< DCRTPolyImpl< VecType >, VecType >.

◆ operator+=() [2/2]

template<typename VecType>

const DCRTPolyType& lbcrypto::DCRTPolyImpl< VecType >::operator+= ( const Integer & element )

inlinevirtual

Performs += operation with a BigInteger and returns the result.

Parameters

&element is the element to add

Returns: is the result of the addition.

Implements lbcrypto::ILElement< DCRTPolyImpl< VecType >, VecType >.

◆ operator-()

template<typename VecType>

DCRTPolyType lbcrypto::DCRTPolyImpl< VecType >::operator- ( ) const

inlinevirtual

Unary minus on a element.

Returns: additive inverse of the an element.

Implements lbcrypto::ILElement< DCRTPolyImpl< VecType >, VecType >.

◆ operator-=() [1/2]

template<typename VecType >

const DCRTPolyImpl< VecType > & lbcrypto::DCRTPolyImpl< VecType >::operator-= ( const DCRTPolyType & rhs )

virtual

Performs an entry-wise subtraction over all elements of each tower with the towers of the element on the right hand side.

Parameters

&rhs	is the element to subtract from.

Returns: is the result of the addition.

Implements lbcrypto::ILElement< DCRTPolyImpl< VecType >, VecType >.

◆ operator-=() [2/2]

template<typename VecType>

const DCRTPolyType& lbcrypto::DCRTPolyImpl< VecType >::operator-= ( const Integer & element )

inlinevirtual

Performs a subtraction operation and returns the result.

Parameters

&element is the element to subtract from.

Returns: is the result of the subtraction.

Implements lbcrypto::ILElement< DCRTPolyImpl< VecType >, VecType >.

◆ operator=() [1/7]

template<typename VecType >

const DCRTPolyImpl< VecType > & lbcrypto::DCRTPolyImpl< VecType >::operator= ( const DCRTPolyType & rhs )

virtual

Assignment Operator.

Parameters

&rhs	the copied element.

Returns: the resulting element.

Implements lbcrypto::ILElement< DCRTPolyImpl< VecType >, VecType >.

◆ operator=() [2/7]

template<typename VecType >

const DCRTPolyImpl< VecType > & lbcrypto::DCRTPolyImpl< VecType >::operator= ( DCRTPolyType && rhs )

virtual

Move Assignment Operator.

Parameters

&rhs	the copied element.

Returns: the resulting element.

Implements lbcrypto::ILElement< DCRTPolyImpl< VecType >, VecType >.

◆ operator=() [3/7]

template<typename VecType >

DCRTPolyImpl< VecType > & lbcrypto::DCRTPolyImpl< VecType >::operator= ( std::initializer_list< uint64_t > rhs )

virtual

Initalizer list.

Parameters

&rhs	the list to initalized the element.

Returns: the resulting element.

Implements lbcrypto::ILElement< DCRTPolyImpl< VecType >, VecType >.

◆ operator=() [4/7]

template<typename VecType >

DCRTPolyImpl< VecType > & lbcrypto::DCRTPolyImpl< VecType >::operator= ( uint64_t val )

Assignment Operator. The usint val will be set at index zero and all other indices will be set to zero.

Parameters

val	is the usint to assign to index zero.

Returns: the resulting vector.

◆ operator=() [5/7]

template<typename VecType >

DCRTPolyImpl< VecType > & lbcrypto::DCRTPolyImpl< VecType >::operator= ( const std::vector< int64_t > & rhs )

Creates a Poly from a vector of signed integers (used for trapdoor sampling)

Parameters

&rhs	the vector to set the PolyImpl to.

Returns: the resulting PolyImpl.

◆ operator=() [6/7]

template<typename VecType >

DCRTPolyImpl< VecType > & lbcrypto::DCRTPolyImpl< VecType >::operator= ( const std::vector< int32_t > & rhs )

Creates a Poly from a vector of signed integers (used for trapdoor sampling)

Parameters

&rhs	the vector to set the PolyImpl to.

Returns: the resulting PolyImpl.

◆ operator=() [7/7]

template<typename VecType >

DCRTPolyImpl< VecType > & lbcrypto::DCRTPolyImpl< VecType >::operator= ( std::initializer_list< std::string > rhs )

Initalizer list.

Parameters

&rhs	the list to set the PolyImpl to.

Returns: the resulting PolyImpl.

◆ operator==()

template<typename VecType >

bool lbcrypto::DCRTPolyImpl< VecType >::operator== ( const DCRTPolyType & rhs ) const

virtual

Equality operator.

Parameters

&rhs	is the specified element to be compared with this element.

Returns: true if this element represents the same values as the specified element, false otherwise

Implements lbcrypto::ILElement< DCRTPolyImpl< VecType >, VecType >.

◆ operator[]()

template<typename VecType >

DCRTPolyImpl< VecType >::Integer & lbcrypto::DCRTPolyImpl< VecType >::operator[] ( usint i )

virtual

Get interpolated value of element at index i. Note this operation is computationally intense.

Returns: interpolated value at index i.

Reimplemented from lbcrypto::ILElement< DCRTPolyImpl< VecType >, VecType >.

◆ Plus() [1/3]

template<typename VecType >

DCRTPolyImpl< VecType > lbcrypto::DCRTPolyImpl< VecType >::Plus ( const DCRTPolyType & element ) const

virtual

Performs an addition operation and returns the result.

Parameters

&element is the element to add with.

Returns: is the result of the addition.

Implements lbcrypto::ILElement< DCRTPolyImpl< VecType >, VecType >.

◆ Plus() [2/3]

template<typename VecType >

DCRTPolyImpl< VecType > lbcrypto::DCRTPolyImpl< VecType >::Plus ( const Integer & element ) const

virtual

Scalar addition - add an element to the first index of each tower.

Parameters

&element is the element to add entry-wise.

Returns: is the result of the addition operation.

Implements lbcrypto::ILElement< DCRTPolyImpl< VecType >, VecType >.

◆ Plus() [3/3]

template<typename VecType >

DCRTPolyImpl< VecType > lbcrypto::DCRTPolyImpl< VecType >::Plus ( const vector< Integer > & element ) const

Scalar addition for elements in CRT format. CRT elements are represented as vector of integer elements which correspond to the represented number modulo the primes in the tower chain (in same order).

Parameters

&element is the element to add entry-wise.

Returns: is the result of the addition operation.

◆ PowersOfBase()

template<typename VecType >

std::vector< DCRTPolyImpl< VecType > > lbcrypto::DCRTPolyImpl< VecType >::PowersOfBase ( usint baseBits ) const

virtual

Generate a vector of PolyImpl's as $\left\{x, {base}*x, {base}^2*x, ..., {base}^{\lfloor {\log q/{base}} \rfloor} \right\}*x$ , where $ x $ is the current PolyImpl object; used as a subroutine in the relinearization procedure to get powers of a certain "base" for the secret key element.

Parameters

baseBits is the number of bits in the base, i.e., $base = 2^{baseBits}$ .

Returns: is the pointer where the base decomposition vector is stored

Implements lbcrypto::ILElement< DCRTPolyImpl< VecType >, VecType >.

◆ ScaleAndRound() [1/3]

template<typename VecType >

PolyImpl< NativeVector > lbcrypto::DCRTPolyImpl< VecType >::ScaleAndRound	(	const NativeInteger &	t,
		const std::vector< NativeInteger > &	tQHatInvModqDivqModt,
		const std::vector< NativeInteger > &	tQHatInvModqDivqModtPrecon,
		const std::vector< NativeInteger > &	tQHatInvModqBDivqModt,
		const std::vector< NativeInteger > &	tQHatInvModqBDivqModtPrecon,
		const std::vector< double > &	tQHatInvModqDivqFrac,
		const std::vector< double > &	tQHatInvModqBDivqFrac
	)		const

Performs scale and round: {X}_{Q} -> {(t/Q*X)}_t {Q} = {q_1,...,q_l} {P} = {p_1,...,p_k}.

Brief algorithm: [ x_i*[t*QHatInv_i/q_i]_t + Round( x_i*{t*QHatInv_i/q_i})]_t

Source: Halevi S., Polyakov Y., and Shoup V. An Improved RNS Variant of the BFV Homomorphic Encryption Scheme. Cryptology ePrint Archive, Report 2018/117. (https://eprint.iacr.org/2018/117)

Parameters

&t	often corresponds to the plaintext modulus
&tQHatInvModqDivqModt	precomputed values for [Floor{t*QHatInv_i/q_i}]_t
&tQHatInvModqDivqModtPrecon	NTL-specific precomputations
&tQHatInvModqBDivqModt	precomputed values for [Floor{tQHatInv_iB/q_i}]_t used when CRT moduli are 45..60 bits long
&tQHatInvBDivqModtPrecon	NTL-specific precomputations used when CRT moduli are 45..60 bits long
&tQHatInvModqDivqFrac	precomputed values for Frac{t*QHatInv_i/q_i}
&tQHatInvBDivqFrac	precomputed values for Frac{tQHatInv_iB/q_i} used when CRT moduli are 45..60 bits long

Returns: the result of computation as a polynomial with native 64-bit coefficients

◆ ScaleAndRound() [2/3]

template<typename VecType >

DCRTPolyImpl< VecType > lbcrypto::DCRTPolyImpl< VecType >::ScaleAndRound	(	const shared_ptr< Params >	paramsP,
		const std::vector< std::vector< NativeInteger >> &	tPSHatInvModsDivsModp,
		const std::vector< double > &	tPSHatInvModsDivsFrac,
		const std::vector< DoubleNativeInt > &	modpBarretMu
	)		const

Computes scale and round: {X}_{Q,P} -> {t/Q * X}_{P} {Q} = {q_1,...,q_l} {P} = {p_1,...,p_k}.

Brief algorithm: Let S = {Q,P} 1) [ x_k * alpha_k + Round( beta_k * x_k)]_{p_j} 2) alpha_k = [Floor[t*P*[[SHatInv_k]_{s_k}/s_k]]_{p_j} 3) beta_k = {t*P*[[SHatInv_k]_{s_k}/s_k}

Source: Halevi S., Polyakov Y., and Shoup V. An Improved RNS Variant of the BFV Homomorphic Encryption Scheme. Cryptology ePrint Archive, Report 2018/117. (https://eprint.iacr.org/2018/117)

Parameters

&paramsP	parameters for the CRT basis {p_1,...,p_k}
&tPSHatInvModsDivsModp	precomputed values for [[tP[[SHatInv_k]_{s_k}/s_k]]_{p_j}
&tPSHatInvModsDivsFrac	precomputed values for {tP[[SHatInv_k]_{s_k}/s_k}
&modpBarretMu	128-bit Barrett reduction precomputed values for p_j

Returns: the result {t/Q * X}_{P}

◆ ScaleAndRound() [3/3]

template<typename VecType >

PolyImpl< NativeVector > lbcrypto::DCRTPolyImpl< VecType >::ScaleAndRound	(	const std::vector< NativeInteger > &	moduliQ,
		const NativeInteger &	t,
		const NativeInteger &	tgamma,
		const std::vector< NativeInteger > &	tgammaQHatModq,
		const std::vector< NativeInteger > &	tgammaQHatModqPrecon,
		const std::vector< NativeInteger > &	negInvqModtgamma,
		const std::vector< NativeInteger > &	negInvqModtgammaPrecon
	)		const

Computes scale and round for fast rounding: {X}_{Q} -> {(t/Q * X)}_t {Q} = {q_1,...,q_l}.

Brief algorithm:

Parameters

&moduliQ	moduli {q_1,...,q_l}
&t	often corresponds to the plaintext modulus
&tgamma	t * gamma : t * 2^26 reduction
&tgammaQHatModq	[tgamma(Q/q_i)]_{q_i}
&tgammaQHatModqPrecon	NTL-specific precomputations
&negInvqModtgamma	[-q^{-1}]_{t*gamma}
&negInvqModtgammaPrecon	NTL-specific precomputations

Returns

◆ SetElementAtIndex() [1/2]

template<typename VecType>

void lbcrypto::DCRTPolyImpl< VecType >::SetElementAtIndex	(	usint	index,
		const PolyType &	element
	)

inline

Sets element at index.

Parameters

index	where the element should be set
element	The element to store

◆ SetElementAtIndex() [2/2]

template<typename VecType>

void lbcrypto::DCRTPolyImpl< VecType >::SetElementAtIndex	(	usint	index,
		PolyType &&	element
	)

inline

Sets element at index.

Parameters

index	where the element should be set
element	The element to store

◆ SetValues()

template<typename VecType>

void lbcrypto::DCRTPolyImpl< VecType >::SetValues	(	const VecType &	values,
		Format	format
	)

inline

Set method that should not be used, will throw an error.

Parameters

&values
format

◆ SwitchCRTBasis()

template<typename VecType >

DCRTPolyImpl< VecType > lbcrypto::DCRTPolyImpl< VecType >::SwitchCRTBasis	(	const shared_ptr< Params >	paramsP,
		const std::vector< NativeInteger > &	QHatInvModq,
		const std::vector< NativeInteger > &	QHatInvModqPrecon,
		const std::vector< std::vector< NativeInteger >> &	QHatModp,
		const std::vector< std::vector< NativeInteger >> &	alphaQModp,
		const std::vector< DoubleNativeInt > &	modpBarrettMu,
		const std::vector< double > &	qInv
	)		const

Performs CRT basis switching: {X}_{Q} -> {X}_{P} {Q} = {q_1,...,q_l} {P} = {p_1,...,p_k}.

Brief algorithm: 1) X=[x_i*(Q/q_i)^{-1}]_{q_i}*(Q/q_i)-alpha*Q 2) compute round[[x_i*(Q/q_i)^{-1}]_{q_i} / q_i] to find alpha 3) [X]_{p_j}=[[x_i*(Q/q_i)^{-1}]_{q_i}*(Q/q_i)]_{p_j}-[alpha*Q]_{p_j}

Source: Halevi S., Polyakov Y., and Shoup V. An Improved RNS Variant of the BFV Homomorphic Encryption Scheme. Cryptology ePrint Archive, Report 2018/117. (https://eprint.iacr.org/2018/117)

Parameters

&paramsP	parameters for the CRT basis {p_1,...,p_k}
&QHatInvModq	precomputed values for [(Q/q_i)^{-1}]_{q_i}
&QHatInvModqPrecon	NTL-specific precomputations
&QHatModp	precomputed values for [Q/q_i]_{p_j}
&alphaQModp	precomputed values for [alpha*Q]_{p_j}
&modpBarrettMu	128-bit Barrett reduction precomputed values for p_j &qInv precomputed values for 1/q_i

Returns: the representation of {X}_{P}

◆ SwitchModulus()

template<typename VecType>

void lbcrypto::DCRTPolyImpl< VecType >::SwitchModulus	(	const Integer &	modulus,
		const Integer &	rootOfUnity,
		const Integer &	modulusArb = `Integer(0)`,
		const Integer &	rootOfUnityArb = `Integer(0)`
	)

inlinevirtual

Switch modulus and adjust the values.

Parameters

&modulus	is the modulus to be set
&rootOfUnity	is the corresponding root of unity for the modulus
&modulusArb	is the modulus used for arbitrary cyclotomics CRT
&rootOfUnityArb	is the corresponding root of unity for the modulus ASSUMPTION: This method assumes that the caller provides the correct rootOfUnity for the modulus

Implements lbcrypto::ILElement< DCRTPolyImpl< VecType >, VecType >.

◆ SwitchModulusAtIndex()

template<typename VecType >

void lbcrypto::DCRTPolyImpl< VecType >::SwitchModulusAtIndex	(	usint	index,
		const Integer &	modulus,
		const Integer &	rootOfUnity
	)

Switch modulus at tower i and adjust the values.

Parameters

index	is the index for the tower
&modulus	is the modulus to be set
&rootOfUnity	is the corresponding root of unity for the modulus ASSUMPTION: This method assumes that the caller provides the correct rootOfUnity for the modulus

◆ Times() [1/6]

template<typename VecType >

DCRTPolyImpl< VecType > lbcrypto::DCRTPolyImpl< VecType >::Times ( const DCRTPolyType & element ) const

virtual

Performs a multiplication operation and returns the result.

Parameters

&element is the element to multiply with.

Returns: is the result of the multiplication.

Implements lbcrypto::ILElement< DCRTPolyImpl< VecType >, VecType >.

◆ Times() [2/6]

template<typename VecType >

DCRTPolyImpl< VecType > lbcrypto::DCRTPolyImpl< VecType >::Times ( const Integer & element ) const

virtual

Scalar multiplication - multiply all entries.

Parameters

&element is the element to multiply entry-wise.

Returns: is the return value of the times operation.

Implements lbcrypto::ILElement< DCRTPolyImpl< VecType >, VecType >.

◆ Times() [3/6]

template<typename VecType >

DCRTPolyImpl< VecType > lbcrypto::DCRTPolyImpl< VecType >::Times ( bigintnat::NativeInteger::SignedNativeInt element ) const

virtual

Scalar multiplication - multiply by a signed integer.

Parameters

&element is the element to multiply entry-wise.

Returns: is the return value of the times operation.

Implements lbcrypto::ILElement< DCRTPolyImpl< VecType >, VecType >.

◆ Times() [4/6]

template<typename VecType>

DCRTPolyType lbcrypto::DCRTPolyImpl< VecType >::Times ( int64_t element ) const

inline

Scalar multiplication - multiply by a signed integer.

Parameters

&element is the element to multiply entry-wise.

Returns: is the return value of the times operation.

◆ Times() [5/6]

template<typename VecType >

DCRTPolyImpl< VecType > lbcrypto::DCRTPolyImpl< VecType >::Times ( const std::vector< NativeInteger > & element ) const

Scalar multiplication by an integer represented in CRT Basis.

Parameters

&element is the element to multiply entry-wise.

Returns: is the return value of the times operation.

◆ Times() [6/6]

template<typename VecType >

DCRTPolyImpl< VecType > lbcrypto::DCRTPolyImpl< VecType >::Times ( const std::vector< Integer > & element ) const

Scalar modular multiplication by an integer represented in CRT Basis.

Parameters

&element is the element to multiply entry-wise.

Returns: is the return value of the times operation.

◆ Transpose()

template<typename VecType>

DCRTPolyType lbcrypto::DCRTPolyImpl< VecType >::Transpose ( ) const

inlinevirtual

Transpose the ring element using the automorphism operation.

Returns: is the result of the transposition.

Implements lbcrypto::ILElement< DCRTPolyImpl< VecType >, VecType >.

Friends And Related Function Documentation

◆ operator* [1/6]

template<typename VecType>

DCRTPolyType operator*	(	const DCRTPolyType &	a,
		const DCRTPolyType &	b
	)

friend

Element-element multiplication operator.

Parameters

a	element to multiply.
b	element to multiply.

Returns: the result of the multiplication operation.

◆ operator* [2/6]

template<typename VecType>

DCRTPolyType operator*	(	const DCRTPolyType &	a,
		const Integer &	b
	)

friend

Element-integer multiplication operator.

Parameters

a	element to multiply.
b	integer to multiply.

Returns: the result of the multiplication operation.

◆ operator* [3/6]

template<typename VecType>

DCRTPolyType operator*	(	const DCRTPolyType &	a,
		const vector< Integer > &	b
	)

friend

Element-CRT number multiplication operator.

Parameters

a	element to multiply.
b	integer to multiply, in CRT format.

Returns: the result of the multiplication operation.

◆ operator* [4/6]

template<typename VecType>

DCRTPolyType operator*	(	const Integer &	a,
		const DCRTPolyType &	b
	)

friend

Integer-element multiplication operator.

Parameters

a	integer to multiply.
b	element to multiply.

Returns: the result of the multiplication operation.

◆ operator* [5/6]

template<typename VecType>

DCRTPolyType operator*	(	const DCRTPolyType &	a,
		int64_t	b
	)

friend

Element-signed-integer multiplication operator.

Parameters

a	element to multiply.
b	integer to multiply.

Returns: the result of the multiplication operation.

◆ operator* [6/6]

template<typename VecType>

DCRTPolyType operator*	(	int64_t	a,
		const DCRTPolyType &	b
	)

friend

signed-Integer-element multiplication operator.

Parameters

a	integer to multiply.
b	element to multiply.

Returns: the result of the multiplication operation.

◆ operator+ [1/5]

template<typename VecType>

DCRTPolyType operator+	(	const DCRTPolyType &	a,
		const DCRTPolyType &	b
	)

friend

Element-element addition operator.

Parameters

a	first element to add.
b	second element to add.

Returns: the result of the addition operation.

◆ operator+ [2/5]

template<typename VecType>

DCRTPolyType operator+	(	const DCRTPolyType &	a,
		const Integer &	b
	)

friend

Element-integer addition operator.

Parameters

a	first element to add.
b	integer to add.

Returns: the result of the addition operation.

◆ operator+ [3/5]

template<typename VecType>

DCRTPolyType operator+	(	const Integer &	a,
		const DCRTPolyType &	b
	)

friend

Integer-element addition operator.

Parameters

a	integer to add.
b	element to add.

Returns: the result of the addition operation.

◆ operator+ [4/5]

template<typename VecType>

DCRTPolyType operator+	(	const DCRTPolyType &	a,
		const vector< Integer > &	b
	)

friend

Element-integer addition operator with CRT integer.

Parameters

a	first element to add.
b	integer to add.

Returns: the result of the addition operation.

◆ operator+ [5/5]

template<typename VecType>

DCRTPolyType operator+	(	const vector< Integer > &	a,
		const DCRTPolyType &	b
	)

friend

Integer-element addition operator with CRT integer.

Parameters

a	integer to add.
b	element to add.

Returns: the result of the addition operation.

◆ operator- [1/4]

template<typename VecType>

DCRTPolyType operator-	(	const DCRTPolyType &	a,
		const DCRTPolyType &	b
	)

friend

Element-element subtraction operator.

Parameters

a	element to subtract from.
b	element to subtract.

Returns: the result of the subtraction operation.

◆ operator- [2/4]

template<typename VecType>

DCRTPolyType operator-	(	const DCRTPolyType &	a,
		const vector< Integer > &	b
	)

friend

Element-integer subtraction operator with CRT integer.

Parameters

a	first element to subtract.
b	integer to subtract.

Returns: the result of the subtraction operation.

◆ operator- [3/4]

template<typename VecType>

DCRTPolyType operator-	(	const vector< Integer > &	a,
		const DCRTPolyType &	b
	)

friend

Integer-element subtraction operator with CRT integer.

Parameters

a	integer to subtract.
b	element to subtract.

Returns: the result of the subtraction operation.

◆ operator- [4/4]

template<typename VecType>

DCRTPolyType operator-	(	const DCRTPolyType &	a,
		const Integer &	b
	)

friend

Element-integer subtraction operator.

Parameters

a	element to subtract from.
b	integer to subtract.

Returns: the result of the subtraction operation.

◆ operator<<

template<typename VecType>

std::ostream& operator<<	(	std::ostream &	os,
		const DCRTPolyType &	vec
	)

friend

ostream operator

Parameters

os	the input preceding output stream
vec	the element to add to the output stream.

Returns: a resulting concatenated output stream

The documentation for this class was generated from the following files:

src/core/include/lattice/backend.h
src/core/include/lattice/dcrtpoly.h
src/core/lib/lattice/dcrtpoly.cpp

Public Types

Public Member Functions

Static Public Member Functions

Friends

Detailed Description

template<typename VecType> class lbcrypto::DCRTPolyImpl< VecType >

Constructor & Destructor Documentation

◆ DCRTPolyImpl() [1/10]

◆ DCRTPolyImpl() [2/10]

◆ DCRTPolyImpl() [3/10]

◆ DCRTPolyImpl() [4/10]

◆ DCRTPolyImpl() [5/10]

◆ DCRTPolyImpl() [6/10]

◆ DCRTPolyImpl() [7/10]

◆ DCRTPolyImpl() [8/10]

◆ DCRTPolyImpl() [9/10]

◆ DCRTPolyImpl() [10/10]

Member Function Documentation

◆ Allocator()

◆ ApproxModDown()

◆ ApproxModUp()

◆ ApproxScaleAndRound()

◆ ApproxSwitchCRTBasis()

◆ at()

◆ AutomorphismTransform() [1/2]

◆ AutomorphismTransform() [2/2]

◆ BaseDecompose()

◆ Clone()

◆ CloneEmpty()

◆ CloneTowers()

◆ CloneWithNoise()

◆ CRTDecompose()

◆ CRTInterpolate()

◆ CRTInterpolateIndex()

◆ DivideAndRound()

◆ DropLastElementAndScale()

◆ ElementAtIndex()

◆ EuclideanNorm()

◆ ExpandCRTBasis()

◆ FastBaseConvqToBskMontgomery()

◆ FastBaseConvSK()

◆ FastRNSFloorq()

◆ GetAllElements()

◆ GetCyclotomicOrder()

◆ GetElementAtIndex()

◆ GetExtendedCRTBasis()

◆ GetFormat()

◆ GetLength()

◆ GetModulus()

◆ GetNumOfElements()

◆ GetOriginalModulus()

◆ GetParams()

◆ GetRingDimension()

◆ GetRootOfUnity()

◆ GetValues()

◆ GetWorkingModulus()

◆ InverseExists()

◆ IsEmpty()

◆ MakeDiscreteGaussianCoefficientAllocator()

◆ MakeDiscreteUniformAllocator()

◆ MakeSparse()

◆ Minus() [1/3]

◆ Minus() [2/3]

◆ Minus() [3/3]

◆ Mod()

◆ ModByTwo()

◆ ModReduce()

◆ MultiplicativeInverse()

◆ MultiplyAndRound()

◆ Negate()

◆ Norm()

◆ operator*=() [1/2]

◆ operator*=() [2/2]

◆ operator+=() [1/2]

◆ operator+=() [2/2]

◆ operator-()

◆ operator-=() [1/2]

◆ operator-=() [2/2]

◆ operator=() [1/7]

◆ operator=() [2/7]

template<typename VecType>
class lbcrypto::DCRTPolyImpl< VecType >