From 6bf1398ebec1c61d015ede855be254abbbeddd4f Mon Sep 17 00:00:00 2001 From: Kim Laine Date: Mon, 14 Oct 2019 11:54:47 -0700 Subject: [PATCH] Minor updates to Changes.md and CKKSENcoder.cs --- Changes.md | 52 +++++++++++++++++++++++---------------- dotnet/src/CKKSEncoder.cs | 3 ++- 2 files changed, 33 insertions(+), 22 deletions(-) diff --git a/Changes.md b/Changes.md index de79f6800..c2ec00b1f 100644 --- a/Changes.md +++ b/Changes.md @@ -11,28 +11,27 @@ mechanism in [README.md](README.md#zlib). Microsoft SEAL does not redistribute Z - AES-128 is replaced with the BLAKE2 family of hash functions in the pseudorandom number generator, as BLAKE2 provides better cross-platform support. Microsoft SEAL redistributes the [reference implementation of BLAKE2](https://github.com/BLAKE2/BLAKE2) -with light modifications to silent some misleading warnings in Visual Studio. The reference +with light modifications to silence some misleading warnings in Visual Studio. The reference implementation of BLAKE2 is licensed under [CC0 1.0 Universal](https://github.com/BLAKE2/BLAKE2/blob/master/COPYING); see license boilerplates in files [native/src/seal/util/blake*](native/src/seal/util/). -- The serialization functionality has been completely rewritten. Every serialized Microsoft SEAL -object starts with a 16-byte `Serialization::SEALHeader` struct, and then includes the data for -the object member variables. Every serializable object can now also be directly serialized into -a memory buffer instead of a C++ stream. This improves serialization for .NET and makes it much -easier to wrap the serialization functionality in other languages, e.g., Java. Unfortunately, -old serialized Microsoft SEAL objects are incompatible with the new format. If necessary, it should -be very easy to create a conversion utility. +- The serialization functionality has been completely rewritten to make it more safe and robust. +Every serialized Microsoft SEAL object starts with a 16-byte `Serialization::SEALHeader` struct, +and then includes the data for the object member variables. Every serializable object can now also +be directly serialized into a memory buffer instead of a C++ stream. This improves serialization +for .NET and makes it much easier to wrap the serialization functionality in other languages, e.g., +Java. Unfortunately, old serialized Microsoft SEAL objects are incompatible with the new format. - A ciphertext encrypted with a secret key, for example, a keyswitching key, has one component generated by the PRNG. By using a seeded PRNG, this component can be replaced with the random seed used by the PRNG to reduce data size. After transmitted to another party with Microsoft SEAL, the component can be restored (regenerated) with the same seed. The security of using seeded PRNG is -enhanced by switching to BLAKE2 hash function with a 512-bit seed from AES with a 128-bit key. +enhanced by switching to BLAKE2 hash function with a 512-bit seed. - `Encryptor` now can be constructed with a secret key. This enables symmetric key encryption which has methods that serialize ciphertexts (compressed with a seed) to a C++ stream or a memory buffer. - The CMake system has been improved. For example, multiple versions of Microsoft SEAL can now be installed on the same system easily, as the default installation directory and library filename now depend on the version of Microsoft SEAL. Examples and unit tests can now be built without installing -the library. +the library. [README.md](README.md) has been updated to reflect these changes. - `Encryptor::encrypt` operations in the BFV scheme are modified. Each coefficient of a plaintext message is first multiplied with the ciphertext modulus, then divided by the plaintext modulus, and rounded to the nearest integer. In comparison with the previous method, where each coefficient of a @@ -49,19 +48,23 @@ In all classes with `save` and `load` methods: Optionally, a compression mode can be chosen when saving an object. - Replaced the old `load` with two new methods that loads from either a C++ stream or a memory buffer. - Added a method `save_size` to get an upper bound on the size of the object as if it was written to -an output stream. -- New `safe` and `load` methods relies on the serialization class. +an output stream. To save to a buffer, the user must ensure that the buffer has at least size equal +to what the `save_size` member function returns. +- New `save` and `load` methods rely on the `Serialization` class declared in `serialization.h`. +This class unifies the serialization functionality for all serializable Microsoft SEAL classes. In class `Ciphertext`: - Added a method `int_array` for read-only access to the underlying `IntArray` object. -- Removed methods `uint64_count_capacity` and `uint64_count` +- Removed methods `uint64_count_capacity` and `uint64_count` that can now be accessed in a more +descriptive manner through the `int_arrar` return value. In class `CKKSEncoder`: added support for `gsl::span` type of input. In class `SEALContext::ContextData`: added method `coeff_mod_plain_modulus` for read-only access to the non-RNS version of `upper_half_increment`. -In class `EncryptionParameters`: an `EncryptionParameters` object can be constructed without `scheme_type` which by default is set to `scheme_type::none`. +In class `EncryptionParameters`: an `EncryptionParameters` object can be constructed without +`scheme_type` which by default is set to `scheme_type::none`. In class `Encryptor`: - An `Encryptor` object can now be constructed with a secret key to enable symmetric key encryption. @@ -72,6 +75,11 @@ the resulting `Ciphertext` to a C++ stream or a memory buffer. The resulting `Ci exists after serilization. In these methods, the second polynomial of a ciphertext is generated by the PRNG and is replaced with the random seed used. +In class `Evaluator`: +- Merged [PR 62](https://github.com/microsoft/SEAL/pull/62) that uses a NAF decomposition for +random rotations to perform them in a minimal way from power-of-two rotations in both directions. +This improves performance for random rotations. + In class `KeyGenerator`: - Added methods `relin_keys_save` and `galois_keys_save` that generate and directly serialize keys to a C++ stream or a memory buffer. The resulting keys no long exist after serilization. In these @@ -80,12 +88,14 @@ seed used. - Methods `galois_keys` and `galois_keys_save` throw an exception if `EncryptionParameters` do not support batching in the BFV scheme. -In class `Plaintext`: added a method `int_array` for read-only access to the underlying `IntArray` object. +In class `Plaintext`: added a method `int_array` for read-only access to the underlying `IntArray` +object. In class `UniformRandomGenerator` and `UniformRandomGeneratorFactory`: redesigned for users to -implement their own random number generators. +implement their own random number generators more easily. -In file `valcheck.h`: validity checks are finer partitioned into various methods. +In file `valcheck.h`: validity checks are partitioned into finer methods; the `is_valid_for(...)` +functions will validate all aspects fo the Microsoft SEAL ojects. New classes `BlakePRNG` and `BlakePRNGFactory`: uses Blake2 family of hash functions for PRNG. @@ -116,8 +126,9 @@ Removed files: #### .NET -API changes are identical in terms of functionality to those in C++ native. Naming conventions in -.Net are different from C++ native. +API changes are mostly identical in terms of functionality to those in C++ native, except only +the `IsValidFor` variant of the validity check functions is available in .NET, the more granular +checks are not exposed. New files: - [dotnet/src/Serialization.cs](dotnet/src/Serialization.cs) @@ -132,8 +143,7 @@ ciphertexts are fresh (reported in [issue 59](https://github.com/microsoft/SEAL/ reported in [issue 56](https://github.com/microsoft/SEAL/issues/56). - Fixed an error in examples as reported in [issue 61](https://github.com/microsoft/SEAL/issues/61). - `GaloisKeys` can no longer be created with encryption parameters that do not support batching. -- `IntArray::Load` methods requires a hint on the size of stream to be loaded to prevent unknowingly -allocating an unexpected large amount of memory. +- Security issues in deserialization were resolved. ## Version 3.3.2 (patch) diff --git a/dotnet/src/CKKSEncoder.cs b/dotnet/src/CKKSEncoder.cs index 3944e2ef6..42522dcb8 100644 --- a/dotnet/src/CKKSEncoder.cs +++ b/dotnet/src/CKKSEncoder.cs @@ -173,7 +173,8 @@ public void Encode(IEnumerable values, double scale, } /// - /// Encodes a vector of double-precision floating-point complex numbers into a plaintext polynomial. + /// Encodes a vector of double-precision floating-point complex numbers into a plaintext + /// polynomial. /// /// /// Append zeros if vector size is less than N/2. Dynamic memory allocations in the process