repo-sync-2023-11-13T10:23:48+0800

CHANGELOGS.md

@@ -9,7 +9,7 @@
 ## [Unreleased]
 
 - [Feature] Add DGK cryptosystem
-- [Feature] Add Damgard-Juric cryptosystem
+- [Feature] Add Damgard-Jurik cryptosystem
 - [Feature] Add a new paillier implementation based on ClustarFPGA hardware from Clustar Technology
 - [Feature] Add an experimental implementation of GPU-based paillier cryptosystem
 - [Optimize] Optimize vectorized spi in mat mul

heu/library/algorithms/clean_template/public_key.h

@@ -25,7 +25,7 @@ class PublicKey {
 
   std::string ToString() const;
 
-  // Valid plaintext range: (max_int_, -max_int_)
+  // Valid plaintext range: [max_int_, -max_int_]
   const Plaintext &PlaintextBound() const &;
 
   yacl::Buffer Serialize() const;

heu/library/algorithms/dgk/dgk_test.cc

@@ -109,7 +109,7 @@ TEST_F(DGKTest, MinMaxDecrypt) {
   Plaintext plain = pk_.PlainModule();
   EXPECT_THROW(encryptor_->Encrypt(plain), std::exception);  // too many bits
 
-  plain = pk_.PlaintextBound();
+  plain = pk_.PlaintextBound() + 1_mp;
   EXPECT_THROW(encryptor_->Encrypt(plain), std::exception);  // too many bits
 
   Plaintext plain2;

heu/library/algorithms/dgk/encryptor.cc

@@ -21,7 +21,7 @@ namespace heu::lib::algorithms::dgk {
 Ciphertext Encryptor::EncryptZero() const { return Ciphertext{pk_.RandomHr()}; }
 
 Ciphertext Encryptor::Encrypt(const Plaintext &m) const {
-  YACL_ENFORCE(m.CompareAbs(pk_.PlaintextBound()) < 0,
+  YACL_ENFORCE(m.CompareAbs(pk_.PlaintextBound()) <= 0,
                "message number out of range, message={}, max (abs)={}", m,
                pk_.PlaintextBound());
   Ciphertext ctR;

heu/library/algorithms/dj/decryptor.cc

@@ -22,7 +22,7 @@ Plaintext Decryptor::Decrypt(const Ciphertext& ct) const {
   HE_ASSERT(!ct.c_.IsNegative() && ct.c_ < pk_.CipherModule(),
             "Decryptor: Invalid ciphertext");
   Plaintext m{sk_.Decrypt(pk_.MapBackToZSpace(ct.c_))};
-  return m >= pk_.PlaintextBound() ? m - pk_.PlainModule() : m;
+  return m > pk_.PlaintextBound() ? m - pk_.PlainModule() : m;
 }
 
 }  // namespace heu::lib::algorithms::dj

heu/library/algorithms/dj/dj_test.cc

@@ -99,7 +99,7 @@ TEST_F(DJTest, MinMaxDecrypt) {
   Plaintext plain = pk_.PlainModule();
   EXPECT_THROW(encryptor_->Encrypt(plain), std::exception);  // too many bits
 
-  plain = pk_.PlaintextBound();
+  plain = pk_.PlaintextBound() + 1_mp;
   EXPECT_THROW(encryptor_->Encrypt(plain), std::exception);  // too many bits
 
   Plaintext plain2;

heu/library/algorithms/dj/encryptor.cc

@@ -23,7 +23,7 @@ Ciphertext Encryptor::EncryptZero() const {
 }
 
 Ciphertext Encryptor::Encrypt(const Plaintext &m) const {
-  YACL_ENFORCE(m.CompareAbs(pk_.PlaintextBound()) < 0,
+  YACL_ENFORCE(m.CompareAbs(pk_.PlaintextBound()) <= 0,
                "message number out of range, message={}, max (abs)={}", m,
                pk_.PlaintextBound());
   Ciphertext ctR;

heu/library/algorithms/elgamal/elgamal_test.cc

@@ -61,7 +61,7 @@ TEST_F(ElGamalTest, EncDecWorks) {
   });
 
   // too big to decrypt
-  EXPECT_ANY_THROW(encryptor.Encrypt(pk_.PlaintextBound()));
+  EXPECT_ANY_THROW(encryptor.Encrypt(pk_.PlaintextBound() + 1_mp));
 }
 
 TEST_F(ElGamalTest, CiphertextEvaluate) {

heu/library/algorithms/elgamal/public_key.h

@@ -35,7 +35,7 @@ class PublicKey {
 
   std::string ToString() const;
 
-  // Valid plaintext range: (max_int_, -max_int_)
+  // Valid plaintext range: [max_int_, -max_int_]
   const Plaintext &PlaintextBound() const &;
 
   yacl::Buffer Serialize() const;

heu/library/algorithms/elgamal/scalar_encryptor.cc

@@ -30,7 +30,7 @@ Ciphertext Encryptor::EncryptZero() const {
 }
 
 Ciphertext Encryptor::Encrypt(const Plaintext& m) const {
-  YACL_ENFORCE(m.CompareAbs(pk_.PlaintextBound()) < 0,
+  YACL_ENFORCE(m.CompareAbs(pk_.PlaintextBound()) <= 0,
                "message number out of range, message={}, max (abs)={}", m,
                pk_.PlaintextBound());
 
@@ -42,7 +42,7 @@ Ciphertext Encryptor::Encrypt(const Plaintext& m) const {
 
 std::pair<Ciphertext, std::string> Encryptor::EncryptWithAudit(
     const Plaintext& m) const {
-  YACL_ENFORCE(m.CompareAbs(pk_.PlaintextBound()) < 0,
+  YACL_ENFORCE(m.CompareAbs(pk_.PlaintextBound()) <= 0,
                "message number out of range, message={}, max (abs)={}", m,
                pk_.PlaintextBound());
 

heu/library/algorithms/elgamal/utils/lookup_table.cc

@@ -25,7 +25,7 @@ constexpr static int64_t kTableMaxValue = 1LL << kLookupTableBits;
 constexpr static int64_t kSearchMaxValue = 1LL << kExtraSearchBits;
 
 const MPInt &LookupTable::MaxSupportedValue() {
-  const static MPInt max(kTableMaxValue * kSearchMaxValue);
+  const static MPInt max(kTableMaxValue * kSearchMaxValue - 1);
   return max;
 }
 

heu/library/algorithms/elgamal/utils/lookup_table_test.cc

@@ -44,7 +44,7 @@ TEST_F(LookupTableTest, MinMaxSearch) {
   LookupTable table;
   table.Init(ec_);
 
-  auto max_v = table.MaxSupportedValue() - 1_mp;
+  auto max_v = table.MaxSupportedValue();
   auto point = ec_->MulBase(max_v);
   EXPECT_EQ(table.Search(point), max_v.Get<int64_t>());
 

heu/library/algorithms/mock/encryptor.cc

@@ -24,7 +24,7 @@ Ciphertext Encryptor::EncryptZero() const {
 }
 
 Ciphertext Encryptor::Encrypt(const Plaintext& m) const {
-  YACL_ENFORCE(m.bn_.CompareAbs(pk_.PlaintextBound().bn_) < 0,
+  YACL_ENFORCE(m.bn_.CompareAbs(pk_.PlaintextBound().bn_) <= 0,
                "message number out of range, message={}, max (abs)={}", m.bn_,
                pk_.PlaintextBound());
 
@@ -35,7 +35,7 @@ Ciphertext Encryptor::Encrypt(const Plaintext& m) const {
 
 std::pair<Ciphertext, std::string> Encryptor::EncryptWithAudit(
     const Plaintext& m) const {
-  YACL_ENFORCE(m.bn_.CompareAbs(pk_.PlaintextBound().bn_) < 0,
+  YACL_ENFORCE(m.bn_.CompareAbs(pk_.PlaintextBound().bn_) <= 0,
                "message number out of range, message={}, max (abs)={}", m.bn_,
                pk_.PlaintextBound());
 
@@ -54,7 +54,7 @@ std::vector<Ciphertext> Encryptor::Encrypt(ConstSpan<Plaintext> pts) const {
   std::vector<Ciphertext> res;
   res.reserve(pts.size());
   for (size_t i = 0; i < pts.size(); ++i) {
-    YACL_ENFORCE(pts[i]->bn_.CompareAbs(pk_.PlaintextBound().bn_) < 0,
+    YACL_ENFORCE(pts[i]->bn_.CompareAbs(pk_.PlaintextBound().bn_) <= 0,
                  "message number out of range, pts={}, max (abs)={}",
                  pts[i]->bn_.ToHexString(), pk_.PlaintextBound());
 
@@ -70,7 +70,7 @@ Encryptor::EncryptWithAudit(ConstSpan<Plaintext> pts) const {
   std::vector<std::string> res_s(pts.size());
 
   for (size_t i = 0; i < pts.size(); ++i) {
-    YACL_ENFORCE(pts[i]->bn_.CompareAbs(pk_.PlaintextBound().bn_) < 0,
+    YACL_ENFORCE(pts[i]->bn_.CompareAbs(pk_.PlaintextBound().bn_) <= 0,
                  "message number out of range, pts={}, max (abs)={}",
                  pts[i]->bn_.ToHexString(), pk_.PlaintextBound());
 

heu/library/algorithms/mock/evaluator.cc

@@ -22,13 +22,13 @@ namespace heu::lib::algorithms::mock {
 void Evaluator::Randomize(Ciphertext *ct) const { (void)ct; }
 
 void CheckRange(const PublicKey &pk, const Ciphertext &, const Plaintext &p) {
-  YACL_ENFORCE(p.bn_.CompareAbs(pk.PlaintextBound().bn_) < 0,
+  YACL_ENFORCE(p.bn_.CompareAbs(pk.PlaintextBound().bn_) <= 0,
                "plaintext number out of range, message={}, max (abs)={}",
                p.ToHexString(), pk.PlaintextBound());
 }
 
 void CheckRange(const PublicKey &pk, const Plaintext &p, const Ciphertext &) {
-  YACL_ENFORCE(p.bn_.CompareAbs(pk.PlaintextBound().bn_) < 0,
+  YACL_ENFORCE(p.bn_.CompareAbs(pk.PlaintextBound().bn_) <= 0,
                "plaintext number out of range, message={}, max (abs)={}",
                p.ToHexString(), pk.PlaintextBound());
 }

heu/library/algorithms/mock/public_key.h

@@ -38,7 +38,7 @@ class PublicKey : public HeObject<PublicKey> {
     return fmt::format("Mock phe public key with {} bit length", key_size_);
   }
 
-  // Valid plaintext range: (max_int_, -max_int_)
+  // Valid plaintext range: [max_int_, -max_int_]
   // [SPI: Critical]
   [[nodiscard]] const Plaintext &PlaintextBound() const & { return max_int_; }
 

heu/library/algorithms/ou/encryptor.cc

@@ -107,7 +107,7 @@ Ciphertext Encryptor::EncryptZero() const { return Ciphertext(GetHr()); }
 template <bool audit>
 Ciphertext Encryptor::EncryptImpl(const MPInt &m,
                                   std::string *audit_str) const {
-  YACL_ENFORCE(m.CompareAbs(pk_.PlaintextBound()) < 0,
+  YACL_ENFORCE(m.CompareAbs(pk_.PlaintextBound()) <= 0,
                "message number out of range, message={}, max (abs)={}", m,
                pk_.PlaintextBound());
 

heu/library/algorithms/ou/evaluator.cc

@@ -45,7 +45,7 @@ void Evaluator::AddInplace(Ciphertext* a, const Ciphertext& b) const {
 
 Ciphertext Evaluator::Add(const Ciphertext& a, const MPInt& p) const {
   VALIDATE(a);
-  YACL_ENFORCE(p.CompareAbs(pk_.PlaintextBound()) < 0,
+  YACL_ENFORCE(p.CompareAbs(pk_.PlaintextBound()) <= 0,
                "plaintext number out of range, message={}, max (abs)={}",
                p.ToHexString(), pk_.PlaintextBound());
 

heu/library/algorithms/ou/ou_test.cc

@@ -133,7 +133,7 @@ TEST_F(OUTest, MinMaxDecrypt) {
   MPInt plain = sk_.p_ / MPInt::_2_;
   EXPECT_THROW(encryptor.Encrypt(plain), std::exception);  // too many bits
 
-  plain = pk_.PlaintextBound();
+  plain = pk_.PlaintextBound() + 1_mp;
   EXPECT_THROW(encryptor.Encrypt(plain), std::exception);  // too many bits
 
   MPInt plain2;
@@ -147,9 +147,8 @@ TEST_F(OUTest, MinMaxDecrypt) {
   decryptor.Decrypt(ct0, &plain2);
   EXPECT_EQ(plain, plain2);
 
-  plain.DecrOne();
-  EXPECT_THROW(encryptor.Encrypt(plain),
-               std::exception);  // too many bits
+  plain.DecrOne();  // too many bits
+  EXPECT_THROW(encryptor.Encrypt(plain), std::exception);
 }
 
 TEST_F(OUTest, PlaintextEvaluate1) {

heu/library/algorithms/ou/public_key.h

@@ -117,7 +117,7 @@ class PublicKey : public HeObject<PublicKey> {
     return !this->operator==(other);
   }
 
-  // Valid plaintext range: (max_plaintext_, -max_plaintext_)
+  // Valid plaintext range: [max_plaintext_, -max_plaintext_]
   [[nodiscard]] const MPInt &PlaintextBound() const & { return max_plaintext_; }
 };
 

heu/library/algorithms/paillier_clustar_fpga/public_key.h

@@ -46,7 +46,7 @@ class PublicKey : public HeObject<PublicKey> {
 
   std::string ToString() const override;
 
-  // Valid plaintext range: (-max_int_, max_int_)
+  // Valid plaintext range: [max_int_, -max_int_]
   const Plaintext& PlaintextBound() const&;
 
   // Serialize and Deserialize

heu/library/algorithms/paillier_clustar_fpga/vector_encryptor.cc

@@ -62,7 +62,7 @@ std::vector<Ciphertext> Encryptor::EncryptImpl(
   int idx = 0;
   for (auto item : pts) {
     YACL_ENFORCE(
-        item->CompareAbs(pub_key_.PlaintextBound()) < 0,
+        item->CompareAbs(pub_key_.PlaintextBound()) <= 0,
         "{} th msg number out of range, msg in hex={}, max in dec(abs)={}", idx,
         item->ToHexString(), pub_key_.PlaintextBound());
     idx++;

heu/library/algorithms/paillier_float/internal/codec.cc

@@ -19,7 +19,7 @@ namespace heu::lib::algorithms::paillier_f::internal {
 const MPInt Codec::kBaseCache = MPInt(Codec::kBase);
 
 EncodedNumber Codec::Encode(const MPInt& scalar, int exponent) const {
-  YACL_ENFORCE(scalar.CompareAbs(pk_.PlaintextBound()) < 0,
+  YACL_ENFORCE(scalar.CompareAbs(pk_.PlaintextBound()) <= 0,
                "integer scalar should in +/- {}, but get {}",
                pk_.PlaintextBound().ToHexString(), scalar.ToHexString());
 

heu/library/algorithms/paillier_float/public_key.h

@@ -37,7 +37,7 @@ class PublicKey : public HeObject<PublicKey> {
  public:
   PublicKey() = default;
 
-  // Valid plaintext range: (max_int_, -max_int_)
+  // Valid plaintext range: [max_int_, -max_int_]
   [[nodiscard]] const MPInt& PlaintextBound() const& { return max_int_; }
 
   [[nodiscard]] std::string ToString() const override;
@@ -75,7 +75,7 @@ class PublicKey : public HeObject<PublicKey> {
   // Maximum int that may safely be stored. This can be increased, if you are
   // happy to redefine "safely" and lower the chance of detecting an integer
   // overflow.
-  // Bound: (max_int_, -max_int_)
+  // Bound: [max_int_, -max_int_]
   MPInt max_int_;  // n_ / 3
 };
 

heu/library/algorithms/paillier_gpu/decryptor.cc

@@ -50,9 +50,9 @@ std::vector<Plaintext> Decryptor::Decrypt(ConstSpan<Ciphertext> cts) const {
     ptx_res[i].FromMagBytes(yacl::ByteContainerView((uint8_t*)(gpts[i].m), 512),
                             algorithms::Endian::little);
 
-    // if the value is negative (the judgment condition is greater than n/2-1),
+    // if the value is negative (the judgment condition is greater than n/2),
     // then -n
-    if (ptx_res[i] > pk_.n_ / MPInt(2) - MPInt(1)) {
+    if (ptx_res[i] > pk_.n_half_) {
       ptx_res[i] -= pk_.n_;
     }
   }
@@ -63,13 +63,9 @@ std::vector<Plaintext> Decryptor::Decrypt(ConstSpan<Ciphertext> cts) const {
 void Decryptor::Decrypt(ConstSpan<Ciphertext> in_cts,
                         Span<Plaintext> out_pts) const {
   std::vector<Plaintext> res = Decrypt(in_cts);
-  unsigned int count = in_cts.size();
-
-  Plaintext* ptArray[count];
-  for (unsigned int i = 0; i < count; i++) {
-    ptArray[i] = &res[i];
+  for (unsigned int i = 0; i < res.size(); i++) {
+    *out_pts[i] = res[i];
   }
-  out_pts = absl::MakeSpan(ptArray, count);
 }
 
 }  // namespace heu::lib::algorithms::paillier_g

heu/library/algorithms/paillier_gpu/encryptor.cc

@@ -22,13 +22,13 @@ int GetRdrand8Bytes(unsigned char* rand, int multiple) {
       "mov %1, %%edx          \n\t"
 
       "1:             		\n\t"
-      "rdrand %%rax      		\n\t"
+      "rdrand %%rax      	\n\t"
       "jnc 1b         		\n\t"  // retry
 
       "movq %%rax, (%%rcx)	\n\t"
-      "addq $8, %%rcx			\n\t"
-      "sub $1, %%edx			\n\t"
-      "jne 1b					\n\t"  // next 8 bytes
+      "addq $8, %%rcx		\n\t"
+      "sub $1, %%edx		\n\t"
+      "jne 1b			\n\t"  // next 8 bytes
       :
       : "r"(rand), "r"(multiple)
       : "memory", "cc", "%rax", "%rcx", "%edx");
@@ -135,8 +135,12 @@ std::vector<Ciphertext> Encryptor::EncryptImpl(
   auto res = std::make_unique<h_paillier_ciphertext_t[]>(count);
   auto gpts = std::make_unique<h_paillier_plaintext_t[]>(count);
 
+  Plaintext temp;
   for (unsigned int i = 0; i < count; i++) {
-    Plaintext temp;
+    YACL_ENFORCE(pts[i]->CompareAbs(pk_.PlaintextBound()) <= 0,
+                 "message number out of range, message={}, max (abs)={}",
+                 *pts[i], pk_.PlaintextBound());
+
     if (pts[i]->IsNegative()) {
       temp = (Plaintext)(*pts[i] + pk_.n_);
       temp.ToBytes(gpts[i].m, 512, algorithms::Endian::little);

heu/library/algorithms/paillier_gpu/key_generator.cc

@@ -56,7 +56,6 @@ void KeyGenerator::Generate(size_t key_size, SecretKey* sk, PublicKey* pk) {
   MPInt::InvertMod(sk->lambda_, n, &sk->mu_);
   sk->Init();
   // fill public key
-  pk->n_plus_ = (Plaintext)(n + Plaintext(1));  // g
   pk->h_s_ = (Plaintext)(sk->PowModNSquareCrt(h, n));
   pk->n_ = std::move(n);
   pk->Init();

heu/library/algorithms/paillier_gpu/paillier_gpu_test_con.cc

@@ -50,6 +50,29 @@ class GPUTest : public ::testing::Test {
   static const int128_t iMax = std::numeric_limits<int64_t>::max();
 };
 
+TEST_F(GPUTest, EncDecBigintTest) {
+  auto enc_dec_func = [&](const MPInt& plain) {
+    fmt::print("in = {}\n", plain);
+    std::vector<const MPInt*> in = {&plain};
+    auto cts = encryptor_->Encrypt(in);
+    auto plain_dec = decryptor_->Decrypt({&cts[0]});
+    fmt::print("out= {}\n", plain_dec[0]);
+    EXPECT_EQ(plain, plain_dec[0]);
+  };
+
+  enc_dec_func(0_mp);
+  enc_dec_func(1_mp);
+  enc_dec_func(100_mp);
+  enc_dec_func(MPInt(iLow));
+
+  fmt::print("{}\n", pk_.ToString());
+
+  auto plain = pk_.PlaintextBound();
+  enc_dec_func(plain.DecrOne());
+  plain.NegateInplace();
+  enc_dec_func(plain);
+}
+
 TEST_F(GPUTest, EncDecLongTest) {
   int num = 1e5;  // 10w. found num <= 208516 can PASS(test on
                   // 172.20.10.7(nvidia A100), 28/12/22)

heu/library/algorithms/paillier_gpu/public_key.cc

@@ -28,6 +28,7 @@ void SetCacheTableDensity(size_t density) {
 void PublicKey::Init() {
   n_square_ = (Plaintext)(n_ * n_);
   n_half_ = (Plaintext)(n_ / MPInt::_2_);
+  n_plus_ = n_ + 1_mp;
   key_size_ = n_.BitCount();
 
   m_space_ = std::make_shared<MontgomerySpace>(n_square_);