完成本教程后
使用HElib库: https://github.com/shaih/HElib
我得到以下输出:
输出已损坏。鉴于该示例具有级别16,应该有足够的空间来执行这些操作。
参数有问题吗?
代码:
#include "FHE.h"
#include "EncryptedArray.h"
#include <NTL/lzz_pXFactoring.h>
#include <fstream>
#include <sstream>
#include <sys/time.h>
using namespace std;
/**
*
*/
int main(int argc, char** argv) {
/* On our trusted system we generate a new key
* (or read one in) and encrypt the secret data set.
*/
long m=0, p=2, r=1; // Native plaintext space
// Computations will be 'modulo p'
long L=16; // Levels
long c=3; // Columns in key switching matrix
long w=64; // Hamming weight of secret key
long d=0;
long security = 128;
ZZX G;
m = FindM(security,L,c,p, d, 0, 0);
FHEcontext context(m, p, r);
// initialize context
buildModChain(context, L, c);
// modify the context, adding primes to the modulus chain
FHESecKey secretKey(context);
// construct a secret key structure
const FHEPubKey& publicKey = secretKey;
// an "upcast": FHESecKey is a subclass of FHEPubKey
//if(0 == d)
G = context.alMod.getFactorsOverZZ()[0];
secretKey.GenSecKey(w);
// actually generate a secret key with Hamming weight w
addSome1DMatrices(secretKey);
cout << "Generated key" << endl;
EncryptedArray ea(context, G);
// constuct an Encrypted array object ea that is
// associated with the given context and the polynomial G
long nslots = ea.size();
vector<long> v1;
for(int i = 0 ; i < nslots; i++) {
v1.push_back(i*2);
}
Ctxt ct1(publicKey);
ea.encrypt(ct1, publicKey, v1);
vector<long> v2;
Ctxt ct2(publicKey);
for(int i = 0 ; i < nslots; i++) {
v2.push_back(i*3);
}
ea.encrypt(ct2, publicKey, v2);
// On the public (untrusted) system we
// can now perform our computation
Ctxt ctSum = ct1;
Ctxt ctProd = ct1;
ctSum += ct2;
ctProd *= ct2;
vector<long> res;
ea.decrypt(ctSum, secretKey, res);
cout << "All computations are modulo " << p << "." << endl;
for(int i = 0; i < res.size(); i ++) {
cout << v1[i] << " + " << v2[i] << " = " << res[i] << endl;
}
ea.decrypt(ctProd, secretKey, res);
for(int i = 0; i < res.size(); i ++) {
cout << v1[i] << " * " << v2[i] << " = " << res[i] << endl;
}
return 0;
}
生成的密钥
所有计算都是模2。
0 + 0 = 0
2 + 3 = 1
4 + 6 = 0
6 + 9 = 1
8 + 12 = 0
10 + 15 = 1
12 + 18 = 0
14 + 21 = 1
16 + 24 = 0
18 + 27 = 1
20 + 30 = 0
22 + 33 = 1
24 + 36 = 0
26 + 39 = 1
28 + 42 = 0
30 + 45 = 1
32 + 48 = 0
34 + 51 = 1
36 + 54 = 0
38 + 57 = 1
40 + 60 = 0
42 + 63 = 1
44 + 66 = 0
46 + 69 = 1
48 + 72 = 0
50 + 75 = 1
52 + 78 = 0
54 + 81 = 1
56 + 84 = 0
58 + 87 = 1
60 + 90 = 0
...省略了一些总和输出
0 * 0 = 0 2 * 3 = 0 4 * 6 = 0 6 * 9 = 0 8 * 12 = 0 10 * 15 = 0 12 * 18 = 0 14 * 21 = 0 16 * 24 = 0 18 * 27 = 0 20 * 30 = 0 22 * 33 = 0 24 * 36 = 0 26 * 39 = 0 28 * 42 = 0 30 * 45 = 0 32 * 48 = 0 34 * 51 = 0 36 * 54 = 0 38 * 57 = 0 40 * 60 = 0 42 * 63 = 0 44 * 66 = 0 46 * 69 = 0 48 * 72 = 0 50 * 75 = 0 52 * 78 = 0 54 * 81 = 0 56 * 84 = 0 58 * 87 = 0 60 * 90 = 0 62 * 93 = 0 64 * 96 = 0 66 * 99 = 0 68 * 102 = 0 70 * 105 = 0 72 * 108 = 0 74 * 111 = 0 76 * 114 = 0 78 * 117 = 0 80 * 120 = 0 82 * 123 = 0 84 * 126 = 0 86 * 129 = 0
...
答案 0 :(得分:3)
啊,这是对正在执行的操作的误解。注意常量p=2。我有文字All computations are modulo 2.。也许还说明All inputs are modulo 2将有助于敲定这一点。让我们看看我们的一些计算:
0 + 0 mod 2 = 0
2 + 3 mod 2 = 1
4 + 6 mod 2 = 0
6 + 9 mod 2 = 1
一切看起来都不错 - 加成环2只是异或。乘法怎么样?在环2(二进制)中,它只是AND:
0 * 0 = 0
2 * 3 = 6 mod 2 = 0
4 * 6 = 24 mod 2 = 0
6 * 9 = 54 mod 2 = 0
所以所有人都检查出来。最后,回顾一下博客,看看我再次打电话给你,让你有办法对你认为更令人愉悦的事情进行操作:
在这种情况下,我正在构建GF(2) - 所以我的同态添加 是XOR,乘法是AND。改变这一点就像改变一样简单 p的值。想要看到2 + 2 = 4的人应该将p设置为某事 匹配他们想要的域,例如257以获得8位Ints。
然而,HELIB在这方面已经退步了 - 设置p等于大于2的任何内容在我上次尝试时都不起作用。 Shai证实这是一个已知的回归。