-
Notifications
You must be signed in to change notification settings - Fork 43
Installation
A docker file is provided to ease the installation of Cingulata. The following steps suppose that you have a functional docker installation. For more details about docker and its installation steps refer to docker install.
Build a docker image with packages required for Cingulata in B/FV mode build:
docker build -t cingulata:bfv -f Dockerfile.bfv --build-arg uid=$(id -u) .
Create a container from cingulata:bfv
image with current folder as a docker volume
and run it with no command:
docker run -it --rm -v $(pwd):/cingu cingulata:bfv
The default command of this docker image compiles Cingulata and all its tests. So each time you modify Cingulata code you should call this command to recompile the changes.
After this step, in the current directory a folder build_bfv
is created.
This folder contains compilation outputs and artifacts.
Cingulata in TFHE mode is compiled equivalently:
docker build -t cingulata:tfhe -f Dockerfile.tfhe --build-arg uid=$(id -u) .
docker run -it --rm -v $(pwd):/cingu cingulata:tfhe
Similarly, a folder build_tfhe
is created containing compilation outputs and artifacts.
Congratulations!
If you arrived at this point, you successfully installed Cingulata and are ready to take at look at our examples.
Their input codes and the running scripts are situated in the tests
directory.
More precisely:
-
tests/bfv
-- tests using B/FV homomorphic encryption scheme -
tests/tfhe
-- tests using TFHE homomorphic encryption library -
tests/old_bfv
-- tests using B/FV homomorphic encryption scheme and the old circuit front-end (these tests will be removed in next release)
Suppose now that you want to run your first -- homomorphic hello world -- test.
You can do it directly using the following docker command:
docker run -it --rm -v $(pwd):/cingu cingulata:bfv bash -c "cd build_bfv/tests/bfv/hello && bash run.sh"
Or...
You can enter the docker container:
docker run -it --rm -v $(pwd):/cingu cingulata:bfv bash
You should go to the corresponding directory from build_bfv/tests/bfv
:
cd build_bfv/tests/bfv/hello
And finally, execute the test:
bash run.sh
In both cases and if all went well, you should obtain an execution trace similar to the one below:
FHE key generation
Input encryption
Command line arguments:
FHE parameters file fhe_params.xml
Public key file fhe_key.pk
Encrypting message [1] into file input/i:a_0.ct
Encrypting message [0] into file input/i:a_1.ct
Encrypting message [1] into file input/i:a_2.ct
Encrypting message [0] into file input/i:a_3.ct
Encrypting message [0] into file input/i:a_4.ct
Encrypting message [0] into file input/i:a_5.ct
Encrypting message [0] into file input/i:a_6.ct
Encrypting message [0] into file input/i:a_7.ct
Command line arguments:
FHE parameters file fhe_params.xml
Public key file fhe_key.pk
Encrypting message [1] into file input/i:b_0.ct
Encrypting message [1] into file input/i:b_1.ct
Encrypting message [0] into file input/i:b_2.ct
Encrypting message [0] into file input/i:b_3.ct
Encrypting message [0] into file input/i:b_4.ct
Encrypting message [0] into file input/i:b_5.ct
Encrypting message [0] into file input/i:b_6.ct
Encrypting message [0] into file input/i:b_7.ct
Homomorphic execution...
Total execution real time 4.66193 seconds
CPU time:
READ time 0.0661443 seconds, #execs 16
COPY time 0.0380457 seconds, #execs 71
XOR gates execution time 0.0448051 seconds, #execs 24
NOT gates execution time 0.0138237 seconds, #execs 20
AND gates execution time 4.17691 seconds, #execs 18
OR gates execution time 0.240259 seconds, #execs 1
WRITE time 0.0249645 seconds, #execs 16
Maximal number of simultaneously allocated ciphertexts 23
real 0m4.694s
user 0m4.601s
sys 0m0.092s
Output decryption
8
So the decrypted result is 8, since the test hello
performs a simple addition of two integers: 5 and 3!
Running the hello world application with TFHE crypto-system is almost the same in Cingulata. Use the following docker command:
docker run -it --rm -v $(pwd):/cingu cingulata:tfhe bash -c "cd build_tfhe/tests/tfhe/hello && bash run.sh"
The output after for TFHE mode is more sober but the execution is faster:
Input encryption
TFHE key generation
Homomorphic execution...
real 0m0.615s
user 0m0.543s
sys 0m0.072s
Output decryption
8
If you want to go further and see how you can write and execute a program using Cingulata, check our tutorial page.
- BKZ reduction model cost defaults to bkz_sieve.
- Required minimum security defaults to 128.
These values are CMake cache entries. To change the default security level, replace line
cmake -DUSE_BFV=ON ..
in Cingulata B/FV dockerfile Dockerfile.bfv
with
cmake -DUSE_BFV=ON -DMIN_SECU=192 -DMODEL=bkz_enum ..
Database values are given at: https://github.com/CEA-LIST/CinguParam/wiki#database-values
-
Location:
runtime/fhe\_fv/script
-
Usage: The script is called during build phase.
-
Goal: It searches for a parameter set in the database suited for three constraints:
- multiplicative depth
- BKZ reduction model cost
- required security level lambda
There are two modes of selection : static (default value) and interactive. Both are described below.
The mode is hard-coded in selectParams.sh
.
You can modify it manually.
If no parameter set is found with given constraints, it establishes the list of parameter sets in the database with:
- given multiplicative depth
- given bkz reduction cost model
- security level in the interval [lambda-8,lambda+56]
It picks a parameter set into it. If the list is empty, it switches to the interactive mode.
If no parameter set is found with given constraints, it lets the user select with yad
tool, a parameter set in the database. It is flexible, the user can modify the three constraints.
Additionally, it permits the database to be updated using the HEAD commit of the LWE-Estimator, if new version is available.