bgv.bgv module¶

Implementation of an asymmetric encryption scheme based on ring learning with errors (RLWE). This scheme is partially homomorphic, by implementing part of a fully homomorphic scheme. Following the scheme as presented by Brakerski, Gentry and Vaikuntanathan, also known as BGV. This scheme has been described in (Leveled) Fully Homomorphic Encryption without Bootstrapping, as published in ACM Transactions on Computation Theory (TOCT), Volume 6, Issue 3, pages 1-36, https://doi.org/10.1145/2090236.2090262.

class bgv.bgv.BGV(public_key, secret_key, share_secret_key=False, debug=False)[source]¶

Bases: AsymmetricEncryptionScheme[tuple[BGVPublicKey, BGVSecretKey], int, Polynomial, tuple[Polynomial, Polynomial], BGVCiphertext, BGVPublicKey, BGVSecretKey], RandomizedEncryptionScheme[tuple[BGVPublicKey, BGVSecretKey], int, Polynomial, tuple[Polynomial, Polynomial], BGVCiphertext, tuple[Polynomial, Polynomial, Polynomial]]

BGV encryption scheme. This is an AsymmetricEncryptionScheme, with a public and secret key. This is also a RandomizedEncryptionScheme, thus having internal randomness generation and allowing for the use of precomputed randomness. This scheme can be used for the additively homomorphic encryption of integers.

class SerializedBGV[source]¶

Bases: TypedDict

pubkey: BGVPublicKey¶

scheme_id: int¶

seckey: BGVSecretKey | None¶

__eq__(other)[source]¶

Compare this BGV scheme with another object to determine (in)equality.

Parameters:: other (object) – Object to compare this BGV scheme with.
Return type:: bool
Returns:: Boolean representation of (in)equality of both objects.

__init__(public_key, secret_key, share_secret_key=False, debug=False)[source]¶

Construct a new BGV encryption scheme.

Parameters:

public_key (BGVPublicKey) – Public key for this BGV Scheme.
secret_key (BGVSecretKey | None) – Optional Secret Key for this BGV Scheme (None when unknown).
share_secret_key (bool) – Boolean value stating whether or not the secret key should be included in serialization. This should only be set to True if one is really sure of it.
debug (bool) – flag to determine whether debug information should be displayed.

add(ciphertext_1, ciphertext_2)[source]¶

Secure addition.

If ciphertext_2 is another BGVCiphertext, add the underlying plaintext value of ciphertext_1 to the underlying plaintext value of ciphertext_2. If it is a Plaintext, add the plaintext value to the underlying value of ciphertext_1.

The resulting ciphertext is fresh only if at least one of the inputs was fresh. Both inputs are marked as non-fresh after the operation.

Parameters:

ciphertext_1 (BGVCiphertext) – First BGVCiphertext object of which the underlying plaintext is added.
ciphertext_2 (BGVCiphertext | int) – Either an BGVCiphertext of which the underlying plaintext is used for addition or a Plaintext that is used for addition.

Raises:

AttributeError – When ciphertext_2 does not have the same public key as ciphertext_1.

Return type:

BGVCiphertext

Returns:

An BGVCiphertext containing the encryption of the addition.

decode(encoded_plaintext)[source]¶

Decode an encoded plaintext.

Parameters:: encoded_plaintext (EncodedPlaintext[Polynomial]) – Encoded plaintext to be decoded.
Return type:: int
Returns:: Decoded plaintext value.

static deserialize(obj, *, origin=None, **_kwargs)[source]¶

Deserialization function for BGV schemes, which will be passed to the communication module.

Parameters:

obj (SerializedBGV) – Serialized version of a BGV scheme.
origin (HTTPClient | None) – HTTPClient representing where the message came from if applicable
**_kwargs (Any) – optional extra keyword arguments

Raises:

SerializationError – When communication library is not installed.
ValueError – When a scheme is sent through ID without any prior communication of the scheme

Return type:

BGV

Returns:

Deserialized BGV scheme from the given dict. Might not have a secret key when that was not included in the received serialization.

encode(plaintext)[source]¶

Encode integers by converting to base t and using the bits as coefficients in a polynomial over $R_t$.

Parameters:: plaintext (int) – Plaintext to be encoded.
Raises:: ValueError – If the plaintext is outside the supported range of this BGV scheme.
Return type:: EncodedPlaintext[Polynomial]
Returns:: EncodedPlaintext object containing the encoded value.

static generate_key_material(q, n, t, error_distribution, secret_distribution=0.0)[source]¶

Method to generate key material (BGVSecretKey and BGVPublicKey), consisting of a polynomial $s in R_q = mathbb{Z}_q[x]/(x^n + 1)$ and a tuple $(a, b = as + te)$, where $a, e in R_q$.

The coefficients of $s$ are sampled from a ternary (-1, 0, 1) or discrete Gaussian distribution depending on the given value (0.0 for ternary, a positive standard deviation for the Gaussian distribution) and $e$ is sampled from a discrete Gaussian distribution with the given standard deviation. The coefficients of $a$ are sampled from a discrete uniform distribution over $mathbb{Z}_q$.

The values $n$ and $q$ should be chosen according to a chosen security level. In the README more information can be found on documentation that can help with this choice.

The value $t$ should be relatively small to $q$ in order to have ciphertext operations like addition or integer multiplication not result the coefficients of the ciphertext wrapping around $q$, otherwise it will result in incorrect decryption.

Parameters:

q (int) – Positive integer modulus of the coefficients.
n (int) – Power of 2, degree of ideal for quotient ring of which the polynomial is an element.
t (int) – Value in $mathbb{Z}_q^*$ such that the message space is $R_t = mathbb{Z}_t[x]/(x^n + 1)$.
error_distribution (float) – Standard deviation used for Gaussian sampling in rerandomization.
secret_distribution (float) – 0.0 for ternary distribution, otherwise standard deviation of the used Gaussian distribution, default is 0.0.

Raises:

ValueError – When $q$ or $t$ is smaller than 2, when $n$ is not a power of 2 or when $q$ and $t$ are not coprime.

Return type:

tuple[BGVPublicKey, BGVSecretKey]

Returns:

Tuple with first the public key and then the secret key.

classmethod id_from_arguments(public_key)[source]¶

Method that turns the arguments for the constructor into an identifier. This identifier is used to find constructor calls that would result in identical schemes.

Parameters:: public_key (BGVPublicKey) – BGVPublicKey of the BGV instance.
Return type:: int
Returns:: Identifier of the BGV instance.

mul(ciphertext, scalar)[source]¶

Multiply the underlying plaintext of this ciphertext with a scalar.

The resulting ciphertext is marked fresh only if the original ciphertext was fresh. The original ciphertext is marked as non-fresh after the operation.

Parameters:

ciphertext (BGVCiphertext) – BGVCiphertext of which the underlying plaintext is multiplied.
scalar (int) – A scalar with which the plaintext underlying the ciphertext is multiplied.

Return type:

BGVCiphertext

Returns:

BGVCiphertext containing the encryption of the product.

neg(ciphertext)[source]¶

Negate the underlying plaintext of this ciphertext.

The resulting ciphertext is fresh only if the original ciphertext was fresh. The original ciphertext is marked as non-fresh after the operation.

Parameters:: ciphertext (BGVCiphertext) – BGVCiphertext of which the underlying plaintext should be negated
Return type:: BGVCiphertext
Returns:: BGVCiphertext object corresponding to the negated plaintext.

serialize(*, destination=None, **_kwargs)[source]¶

Serialization function for BGV schemes, which will be passed to the communication module. The sharing of the secret key depends on the attribute share_secret_key.

Parameters:

destination (HTTPClient | list[HTTPClient] | None) – HTTPClient representing where the message will go if applicable, can also be a list of clients in case of a broadcast message.
**_kwargs (Any) – optional extra keyword arguments

Raises:

SerializationError – When communication library is not installed.

Return type:

SerializedBGV

Returns:

serialized version of this BGV scheme.

serialize_with_secret_key()[source]¶

Serialization function for BGV schemes, that does include the secret key.

Raises:: SerializationError – When communication library is not installed.
Return type:: SerializedBGV
Returns:: Serialized version of this BGV scheme.

serialize_without_secret_key()[source]¶

Serialization function for BGV schemes, that does not include the secret key.

Raises:: SerializationError – When communication library is not installed.
Return type:: SerializedBGV
Returns:: Serialized version of this BGV scheme (without the secret key).

class bgv.bgv.BGVCiphertext(raw_value, scheme, *, fresh=False)[source]¶

Bases: RandomizableCiphertext[tuple[BGVPublicKey, BGVSecretKey], int, Polynomial, tuple[Polynomial, Polynomial], tuple[Polynomial, Polynomial, Polynomial]]

Ciphertext for the BGV encryption scheme. This ciphertext is rerandomizable and supports additive homomorphic operations.

class SerializedBGVCiphertext[source]¶

Bases: TypedDict

Serialized BGV Ciphertext.

scheme: BGV¶

value: tuple[Polynomial, Polynomial]¶

__eq__(other)[source]¶

Compare this BGVCiphertext with another to determine (in)equality.

Parameters:: other (object) – Object to compare this BGVCiphertext with.
Raises:: TypeError – When other object is not an BGVCiphertext.
Return type:: bool
Returns:: Boolean value representing (in)equality of both objects.

__init__(raw_value, scheme, *, fresh=False)[source]¶

Construct a BGVCiphertext.

Parameters:

raw_value (tuple[Polynomial, Polynomial]) – Ciphertext pair $(c_0, c_1) in R_q^2$.
scheme (BGV) – BGV scheme that is used to encrypt this ciphertext.
fresh (bool) – Indicate whether fresh randomness is already applied to the raw_value.

Raises:

TypeError – When the given scheme is not a BGV scheme.

__str__()[source]¶

Give string representation of this BGVCiphertext.

Return type:: str
Returns:: String representation of ciphertext prepended by (c0, c1) =

apply_randomness(randomization_value)[source]¶

Rerandomize this ciphertext $(c_0, c_1) in R_q^2$ using the given random value triple $(v, e’, e’’) in R_q^3$ by taking $(c_0 + bv + te’, c_1 - av + te’’).

Parameters:: randomization_value (tuple[Polynomial, Polynomial, Polynomial]) – Random value used for rerandomization.
Return type:: None

static deserialize(obj, **_kwargs)[source]¶

Deserialization function for BGV ciphertexts, which will be passed to the communication module.

Parameters:

obj (SerializedBGVCiphertext) – serialized version of a BGVCiphertext.
**_kwargs (Any) – optional extra keyword arguments

Raises:

SerializationError – When communication library is not installed.

Return type:

BGVCiphertext

Returns:

Deserialized BGVCiphertext from the given dict.

scheme: BGV¶

serialize(**_kwargs)[source]¶

Serialization function for BGV ciphertexts, which will be passed to the communication module.

If the ciphertext is not fresh, it is randomized before serialization. After serialization, it is always marked as not fresh for security reasons.

Parameters:: **_kwargs (Any) – optional extra keyword arguments
Raises:: SerializationError – When communication library is not installed.
Return type:: SerializedBGVCiphertext
Returns:: serialized version of this BGVCiphertext.

class bgv.bgv.BGVPublicKey(a, b, t, error_distibution, secret_distribution=0.0)[source]¶

Bases: PublicKey

Public key $(a,b)$ for the BGV encryption scheme, which is a polynomial $a in R_q = mathbb{Z}_q[x]/(x^n + 1)$ along with polynomial $b in R_q = mathbb{Z}_q[x]/(x^n + 1)$ for which it holds that $b = as + te$, where $s$ is the secret key, $t in mathbb{Z}_q^*$ larger than 2 and coprime with $q$, $e$ a noise polynomial from a Gaussian distribution with a given standard deviation, $q$ a positive integer and $n$ a power of 2.

Parameters:

a (Polynomial) – Polynomial in $R_q = mathbb{Z}_q[x]/(x^n + 1)$.
b (Polynomial) – Polynomial in $R_q = mathbb{Z}_q[x]/(x^n + 1)$ such that $b = as + te$.
t (int) – Value in $mathbb{Z}_q^*$ larger than 2 such that the message space is $R_t = mathbb{Z}_t[x]/(x^n + 1)$.
error_distribution – Standard deviation used for Gaussian sampling in rerandomization.
secret_distribution (float) – 0.0 for ternary distribution, otherwise standard deviation of the used Gaussian distribution, default is 0.0.

__str__()[source]¶

Give string representation of this BGVPublicKey.

Return type:: str
Returns:: String representation of public key prepended by $(a, b = as + te) = $.

a: Polynomial¶

b: Polynomial¶

static deserialize(obj, **_kwargs)[source]¶

Deserialization function for public keys, which will be passed to the communication module

Parameters:

obj (dict[str, Any]) – serialized version of a BGVPublicKey.
**_kwargs (Any) – Optional extra keyword arguments.

Raises:

SerializationError – When communication library is not installed.

Return type:

BGVPublicKey

Returns:

Deserialized BGVPublicKey from the given dict.

error_distibution: float¶

secret_distribution: float = 0.0¶

serialize(**_kwargs)[source]¶

Serialization function for public keys, which will be passed to the communication module.

Parameters:: **_kwargs (Any) – Optional extra keyword arguments.
Raises:: SerializationError – When communication library is not installed.
Return type:: dict[str, Any]
Returns:: Serialized version of this BGVPublicKey.

t: int¶

class bgv.bgv.BGVSecretKey(s)[source]¶

Bases: SecretKey

Secret key $s$ for the BGV encryption scheme, which is a polynomial in $R_q = mathbb{Z}_q[x]/(x^n + 1)$, where $q$ is a positive integer and $n$ a power of 2.

__str__()[source]¶

Give string representation of this BGVSecretKey.

Return type:: str
Returns:: String representation of secret key prepended by $s = $.

static deserialize(obj, **_kwargs)[source]¶

Deserialization function for secret keys, which will be passed to the communication module.

Parameters:

obj (dict[str, Any]) – Serialized version of a BGVSecretKey.
**_kwargs (Any) – Optional extra keyword arguments.

Raises:

SerializationError – When communication library is not installed.

Return type:

BGVSecretKey

Returns:

Deserialized BGVSecretKey from the given dict.

s: Polynomial¶

serialize(**_kwargs)[source]¶

Serialization function for secret keys, which will be passed to the communication module.

Parameters:: **_kwargs (Any) – Optional extra keyword arguments.
Raises:: SerializationError – When communication library is not installed.
Return type:: dict[str, Any]
Returns:: Serialized version of this BGVSecretKey.