Template Class RLWETrapdoorUtility

Defined in File trapdoor.h

Page Contents

Template Parameter Order
Class Documentation

Template Parameter Order

class Element

Class Documentation

template<class Element> class lbcrypto::RLWETrapdoorUtility

Static class implementing lattice trapdoor construction in Algorithm 1 of https://eprint.iacr.org/2017/844.pdf.

Public Functions

std::pair<Matrix<DCRTPoly>, RLWETrapdoorPair<DCRTPoly>> TrapdoorGen(std::shared_ptr<ParmType> params, double stddev, int64_t base, bool bal)

std::pair<Matrix<DCRTPoly>, RLWETrapdoorPair<DCRTPoly>> TrapdoorGenSquareMat(std::shared_ptr<ParmType> params, double stddev, size_t d, int64_t base, bool bal)

Matrix<DCRTPoly> GaussSamp(size_t n, size_t k, const Matrix<DCRTPoly> &A, const RLWETrapdoorPair<DCRTPoly> &T, const DCRTPoly &u, DggType &dgg, DggType &dggLargeSigma, int64_t base)

Matrix<DCRTPoly> GaussSampSquareMat(size_t n, size_t k, const Matrix<DCRTPoly> &A, const RLWETrapdoorPair<DCRTPoly> &T, const Matrix<DCRTPoly> &U, DggType &dgg, DggType &dggLargeSigma, int64_t base)

std::pair<Matrix<Poly>, RLWETrapdoorPair<Poly>> TrapdoorGen(std::shared_ptr<typename Poly::Params> params, double stddev, int64_t base, bool bal)

std::pair<Matrix<NativePoly>, RLWETrapdoorPair<NativePoly>> TrapdoorGen(std::shared_ptr<typename NativePoly::Params> params, double stddev, int64_t base, bool bal)

std::pair<Matrix<Poly>, RLWETrapdoorPair<Poly>> TrapdoorGenSquareMat(std::shared_ptr<typename Poly::Params> params, double stddev, size_t d, int64_t base, bool bal)

std::pair<Matrix<NativePoly>, RLWETrapdoorPair<NativePoly>> TrapdoorGenSquareMat(std::shared_ptr<typename NativePoly::Params> params, double stddev, size_t d, int64_t base, bool bal)

Matrix<Poly> GaussSamp(size_t n, size_t k, const Matrix<Poly> &A, const RLWETrapdoorPair<Poly> &T, const Poly &u, typename Poly::DggType &dgg, typename Poly::DggType &dggLargeSigma, int64_t base)

Matrix<NativePoly> GaussSamp(size_t n, size_t k, const Matrix<NativePoly> &A, const RLWETrapdoorPair<NativePoly> &T, const NativePoly &u, typename NativePoly::DggType &dgg, typename NativePoly::DggType &dggLargeSigma, int64_t base)

Matrix<Poly> GaussSampSquareMat(size_t n, size_t k, const Matrix<Poly> &A, const RLWETrapdoorPair<Poly> &T, const Matrix<Poly> &U, typename Poly::DggType &dgg, typename Poly::DggType &dggLargeSigma, int64_t base)

Matrix<NativePoly> GaussSampSquareMat(size_t n, size_t k, const Matrix<NativePoly> &A, const RLWETrapdoorPair<NativePoly> &T, const Matrix<NativePoly> &U, typename NativePoly::DggType &dgg, typename NativePoly::DggType &dggLargeSigma, int64_t base)

inline void ZSampleSigmaP(size_t n, double s, double sigma, const RLWETrapdoorPair<DCRTPoly> &Tprime, const DCRTPoly::DggType &dgg, const DCRTPoly::DggType &dggLargeSigma, std::shared_ptr<Matrix<DCRTPoly>> perturbationVector)

Public Static Functions

static std::pair<Matrix<Element>, RLWETrapdoorPair<Element>> TrapdoorGen(std::shared_ptr<ParmType> params, double stddev, int64_t base = 2, bool bal = false)

Trapdoor generation method as described in Algorithm 1 of https://eprint.iacr.org/2017/844.pdf

Parameters

params – ring element parameters
sttdev – distribution parameter used in sampling noise polynomials of the trapdoor
base – base of gadget matrix
bal – flag for balanced (true) versus not-balanced (false) digit representation

Returns

the trapdoor pair including the public key (matrix of rings) and trapdoor itself

static std::pair<Matrix<Element>, RLWETrapdoorPair<Element>> TrapdoorGenSquareMat(std::shared_ptr<ParmType> params, double stddev, size_t dimension, int64_t base = 2, bool bal = false)

Generalized trapdoor generation method (described in “Implementing

Token-Based Obfuscation under (Ring) LWE”)

Parameters

params – ring element parameters
sttdev – distribution parameter used in sampling noise polynomials of the trapdoor
dimension – of square matrix
base – base of gadget matrix
bal – flag for balanced (true) versus not-balanced (false) digit representation

Returns

the trapdoor pair including the public key (matrix of rings) and trapdoor itself

static Matrix<Element> GaussSamp(size_t n, size_t k, const Matrix<Element> &A, const RLWETrapdoorPair<Element> &T, const Element &u, DggType &dgg, DggType &dggLargeSigma, int64_t base = 2)

Gaussian sampling as described in Alogorithm 2 of https://eprint.iacr.org/2017/844.pdf

Parameters

n – ring dimension
k – matrix sample dimension; k = log2(q)/log2(base) + 2
&A – public key of the trapdoor pair
&T – trapdoor itself
&u – syndrome vector where gaussian that Gaussian sampling is centered around
&dgg – discrete Gaussian generator for integers
&dggLargeSigma – discrete Gaussian generator for perturbation vector sampling (only used in Peikert’s method)
base – base of gadget matrix

Returns

the sampled vector (matrix)

static Matrix<Element> GaussSampSquareMat(size_t n, size_t k, const Matrix<Element> &A, const RLWETrapdoorPair<Element> &T, const Matrix<Element> &U, DggType &dgg, DggType &dggLargeSigma, int64_t base = 2)

Gaussian sampling (described in “Implementing Token-Based Obfuscation under

(Ring) LWE”)

Parameters

n – ring dimension
k – matrix sample dimension; k = log2(q)/log2(base) + 2
&A – public key of the trapdoor pair
&T – trapdoor itself
&U – syndrome matrix that Gaussian sampling is centered around
&dgg – discrete Gaussian generator for integers
&dggLargeSigma – discrete Gaussian generator for perturbation vector sampling (only used in Peikert’s method)
base – base of gadget matrix

Returns

the sampled vector (matrix)

static Matrix<Element> GaussSampOnline(size_t n, size_t k, const Matrix<Element> &A, const RLWETrapdoorPair<Element> &T, const Element &u, DggType &dgg, const std::shared_ptr<Matrix<Element>> perturbationVector, int64_t base = 2)

On-line stage of pre-image sampling (includes only G-sampling)

Parameters

n – ring dimension
k – matrix sample dimension; k = log2(q)/log2(base) + 2
&A – public key of the trapdoor pair
&T – trapdoor itself
&u – syndrome vector where gaussian that Gaussian sampling is centered around
&dgg – discrete Gaussian generator for integers
&perturbationVector – perturbation vector generated during the offline stage
&base – base for G-lattice

Returns

the sampled vector (matrix)

static std::shared_ptr<Matrix<Element>> GaussSampOffline(size_t n, size_t k, const RLWETrapdoorPair<Element> &T, DggType &dgg, DggType &dggLargeSigma, int64_t base = 2)

Offline stage of pre-image sampling (perturbation sampling)

Parameters

n – ring dimension
k – matrix sample dimension; k = logq + 2
&T – trapdoor itself
&dgg – discrete Gaussian generator for integers
&dggLargeSigma – discrete Gaussian generator for perturbation vector sampling
&base – base for G-lattice

Returns

the sampled vector (matrix)

static inline void ZSampleSigmaP(size_t n, double s, double sigma, const RLWETrapdoorPair<Element> &Tprime, const DggType &dgg, const DggType &dggLargeSigma, std::shared_ptr<Matrix<Element>> perturbationVector)

Method for perturbation generation as described in Algorithm 4 of https://eprint.iacr.org/2017/844.pdf

Parameters

n – ring dimension
s – parameter Gaussian distribution
sigma – standard deviation
&Tprime – compact trapdoor matrix
&dgg – discrete Gaussian generator for error sampling
&dggLargeSigma – discrete Gaussian generator for perturbation vector sampling
*perturbationVector – perturbation vector;output of the function

static inline void SamplePertSquareMat(size_t n, double s, double sigma, const RLWETrapdoorPair<Element> &Tprime, const DggType &dgg, const DggType &dggLargeSigma, std::shared_ptr<Matrix<Element>> perturbationVector)

Method for perturbation generation as described in “Implementing

Token-Based Obfuscation under (Ring) LWE”

Parameters

n – ring dimension
s – spectral norm
sigma – standard deviation
&Tprime – compact trapdoor matrix
&dgg – discrete Gaussian generator for error sampling
&dggLargeSigma – discrete Gaussian generator for perturbation vector sampling
*perturbationVector – perturbation vector;output of the function