17 KiB
List of Changes
Version 3.5.0
API changes
- New generic class
Serializable
wrapsCiphertext
,RelinKeys
, andGaloisKeys
objects to provide a more flexible approach to the functionality provided in release 3.4 byKeyGenerator::[relin|galois]_keys_save
andEncryptor::encrypt_[zero_]symmetric_save
functions. Specifically, these functions have been removed and replaced with overloads ofKeyGenerator::[relin|galois]_keys
andEncryptor::encrypt_[zero_]symmetric
that returnSerializable
objects. TheSerializable
objects cannot be used directly by Microsoft SEAL, and are instead intended to be serialized, which activates the compression functionalities introduced earlier in release 3.4. - Added examples for serialization.
New files
- native/src/seal/serializable.h
- native/src/seal/util/streambuf.h
- native/examples/6_serialization.cpp
- dotnet/src/Serializable.cs
- dotnet/examples/6_Serialization.cs
Other changes
- Microsoft SEAL now compiles also in FreeBSD (PR 113).
- In serialization, unsupported compression mode now throws
std::invalid_argument
(native) orArgumentException
(.NET). - Examples for serialization have been added.
Version 3.4.5
- Fixed a concurrency issue in SEALNet: the
unordered_map
storingSEALContext
pointers was not locked appropriately on construction and destruction of newSEALContext
objects. - Fixed a few typos in examples (PR 71).
- Added include guard to config.h.in.
Version 3.4.4
- Fixed issues with
SEALNet.targets
file andSEALNet.nuspec.in
. - Updated
README.md
with information about existing multi-platform NuGet package.
Version 3.4.3
- Fixed bug in .NET serialization code where an incorrect number of bytes was written when using ZLIB compression.
- Fixed an issue with .NET functions
Encryptor.EncryptSymmetric...
, where asymmetric encryption was done instead of symmetric encryption. - Prevented
KeyGenerator::galois_keys
andKeyGenerator::relin_keys
from being called when the encryption parameters do not support keyswitching. - Fixed a bug in
Decryptor::invariant_noise_budget
where the computed noise budget waslog(plain_modulus)
bits smaller than it was supposed to be. - Removed support for Microsoft GSL
gsl::multi_span
, as it was recently deprecated in GSL.
Version 3.4.2
- Fixed bug reported in Issue 66 on GitHub.
- CMake does version matching now (correctly) only on major and minor version, not patch version,
so writing
find_package(SEAL 3.4)
works correctly and selects the newest version3.4.x
it can find.
Version 3.4.1
This patch fixes a few issues with ZLIB support on Windows. Specifically,
- Fixed a mistake in
native/src/CMakeConfig.cmd
where the CMake library search path suffix was incorrect. - Switched to using a static version of ZLIB on Windows.
- Corrected instructions in README.md for enabling ZLIB support on Windows.
Version 3.4.0
New Features
-
Microsoft SEAL can use ZLIB, a data compression library, to automatically compress data that is serialized. This applies to every serializable object in Microsoft SEAL. This feature must be enabled by the user. See more explanation of the compression mechanism in README.md. Microsoft SEAL does not redistribute ZLIB.
-
AES-128 is replaced with the BLAKE2 family of hash functions in the pseudorandom number generator, as BLAKE2 provides better cross-platform support. Microsoft SEAL redistributes the reference implementation of BLAKE2 with light modifications to silence some misleading warnings in Visual Studio. The reference implementation of BLAKE2 is licensed under CC0 1.0 Universal; see license boilerplates in files native/src/seal/util/blake*.
-
The serialization functionality has been completely rewritten to make it more safe and robust. Every serialized Microsoft SEAL object starts with a 16-byte
Serialization::SEALHeader
struct, and then includes the data for the object member variables. Every serializable object can now also be directly serialized into a memory buffer instead of a C++ stream. This improves serialization for .NET and makes it much easier to wrap the serialization functionality in other languages, e.g., Java. Unfortunately, old serialized Microsoft SEAL objects are incompatible with the new format. -
A ciphertext encrypted with a secret key, for example, a keyswitching key, has one component generated by the PRNG. By using a seeded PRNG, this component can be replaced with the random seed used by the PRNG to reduce data size. After transmitted to another party with Microsoft SEAL, the component can be restored (regenerated) with the same seed. The security of using seeded PRNG is enhanced by switching to BLAKE2 hash function with a 512-bit seed.
-
Encryptor
now can be constructed with a secret key. This enables symmetric key encryption which has methods that serialize ciphertexts (compressed with a seed) to a C++ stream or a memory buffer. -
The CMake system has been improved. For example, multiple versions of Microsoft SEAL can now be installed on the same system easily, as the default installation directory and library filename now depend on the version of Microsoft SEAL. Examples and unit tests can now be built without installing the library. README.md has been updated to reflect these changes.
-
Encryptor::encrypt
operations in the BFV scheme are modified. Each coefficient of a plaintext message is first multiplied with the ciphertext modulus, then divided by the plaintext modulus, and rounded to the nearest integer. In comparison with the previous method, where each coefficient of a plaintext message is multiplied with the flooring of the coefficient modulus divided by the plaintext modulus, the new method reduces the noise introduced in encryption, increases a noise budget of a fresh encryption, slightly slows down encryption, and has no impact on the security at all. -
Merged PR 62 that uses a non-adjacent form (NAF) decomposition of random rotations to perform them in a minimal way from power-of-two rotations in both directions. This improves performance of random rotations.
API Changes
C++ Native
In all classes with save
and load
methods:
- Replaced the old
save
with two new methods that saves to either a C++ stream or a memory buffer. Optionally, a compression mode can be chosen when saving an object. - Replaced the old
load
with two new methods that loads from either a C++ stream or a memory buffer. - Added a method
save_size
to get an upper bound on the size of the object as if it was written to an output stream. To save to a buffer, the user must ensure that the buffer has at least size equal to what thesave_size
member function returns. - New
save
andload
methods rely on theSerialization
class declared inserialization.h
. This class unifies the serialization functionality for all serializable Microsoft SEAL classes.
In class Ciphertext
:
- Added a method
int_array
for read-only access to the underlyingIntArray
object. - Removed methods
uint64_count_capacity
anduint64_count
that can now be accessed in a more descriptive manner through theint_array
return value.
In class CKKSEncoder
: added support for gsl::span
type of input.
In class SEALContext::ContextData
: added method coeff_mod_plain_modulus
for read-only access to
the non-RNS version of upper_half_increment
.
In class EncryptionParameters
: an EncryptionParameters
object can be constructed without
scheme_type
which by default is set to scheme_type::none
.
In class Encryptor
:
- An
Encryptor
object can now be constructed with a secret key to enable symmetric key encryption. - Added methods
encrypt_symmetric
andencrypt_zero_symmetric
that generate aCiphertext
using the secret key. - Added methods
encrypt_symmetric_save
andencrypt_zero_symmetric_save
that directly serialize the resultingCiphertext
to a C++ stream or a memory buffer. The resultingCiphertext
no long exists after serilization. In these methods, the second polynomial of a ciphertext is generated by the PRNG and is replaced with the random seed used.
In class KeyGenerator
:
- Added methods
relin_keys_save
andgalois_keys_save
that generate and directly serialize keys to a C++ stream or a memory buffer. The resulting keys no long exist after serilization. In these methods, half of the polynomials in keys are generated by the PRNG and is replaced with the random seed used. - Methods
galois_keys
andgalois_keys_save
throw an exception ifEncryptionParameters
do not support batching in the BFV scheme.
In class Plaintext
: added a method int_array
for read-only access to the underlying IntArray
object.
In class UniformRandomGenerator
and UniformRandomGeneratorFactory
: redesigned for users to
implement their own random number generators more easily.
In file valcheck.h
: validity checks are partitioned into finer methods; the is_valid_for(...)
functions will validate all aspects fo the Microsoft SEAL ojects.
New classes BlakePRNG
and BlakePRNGFactory
: uses Blake2 family of hash functions for PRNG.
New class Serialization
:
- Gives a uniform serialization in Microsoft SEAL to save objects to a C++ stream or a memory buffer.
- Can be configured to use ZLIB compression.
New files:
- native/src/seal/util/rlwe.h
- native/src/seal/util/blake2.h
- native/src/seal/util/blake2-impl.h
- native/src/seal/util/blake2b.c
- native/src/seal/util/blake2xb.c
- native/src/seal/util/croots.cpp
- native/src/seal/util/croots.h
- native/src/seal/util/scalingvariant.cpp
- native/src/seal/util/scalingvariant.h
- native/src/seal/util/ztools.cpp
- native/src/seal/util/ztools.h
- native/src/seal/serialization.cpp
- native/src/seal/serialization.h
- native/tests/seal/serialization.cpp
- dotnet/native/sealnet/serialization_wrapper.cpp
- dotnet/native/sealnet/serialization_wrapper.h
Removed files:
.NET
API changes are mostly identical in terms of functionality to those in C++ native, except only
the IsValidFor
variant of the validity check functions is available in .NET, the more granular
checks are not exposed.
New files:
Minor Bug and Typo Fixes
- Function
encrypt_zero_asymmetric
in native/src/seal/util/rlwe.h handles the conditionis_ntt_form == false
correctly. - Invariant noise calculation in BFV is now correct when the plaintext modulus is large and ciphertexts are fresh (reported in issue 59).
- Fixed comments in native/src/seal/util/smallntt.cpp as reported in issue 56.
- Fixed an error in examples as reported in issue 61.
GaloisKeys
can no longer be created with encryption parameters that do not support batching.- Security issues in deserialization were resolved.
Version 3.3.2 (patch)
Minor Bug and Typo Fixes
- Switched to using RNS rounding instead of RNS flooring to fix the CKKS accuracy issue reported in issue 52.
- Added support for QUIET option in CMake (
find_package(seal QUIET)
). - Using
[[nodiscard]]
attribute when compiling as C++17. - Fixed a bug in
Evaluator::multiply_many
where the input vector was changed.
Version 3.3.1 (patch)
Minor Bug and Typo Fixes
- A bug was fixed that introduced significant extra inaccuracy in CKKS when compiled on Linux, at least with some versions of glibc; Windows and macOS were not affected.
- A bug was fixed where, on 32-bit platforms, some versions of GCC resolved the util::reverse_bits function to the incorrect overload.
Version 3.3.0
New Features
In this version, we have significantly improved the usability of the CKKS scheme in Microsoft SEAL and many of these improvements apply to the BFV scheme as well. Homomorphic operations that are based on key switching, i.e., relinearization and rotation, do not consume any noise budget (BFV) or impact accuracy (CKKS). The implementations of these operations are significantly simplified and unified, and no longer use bit decomposition, so decomposition bit count is gone. Moreover, fresh ciphertexts now have lower noise. These changes have an effect on the API and it will be especially worthwhile for users of older versions of the library to study the examples and comments in native/examples/3_levels.cpp (C++) or dotnet/examples/3_Levels.cs (C#).
The setup of EncryptionParameters
has been made both easier and safer
(see API Changes below).
The examples in native/examples/ and dotnet/examples/ have been redesigned to better teach the multiple technical concepts required to use Microsoft SEAL correctly and efficiently, and more compactly demonstrate the API.
API Changes
Deleted header files:
- native/defaultparameters.h
New header files:
- native/src/seal/kswitchkeys.h: new base
class for
RelinKeys
andGaloisKeys
) - native/src/seal/modulus.h: static helper functions for parameter selection
- native/src/seal/valcheck.h: object validity check functionality
- native/src/seal/util/rlwe.h
In class SEALContext
:
- Replaced
context_data(parms_id_type)
withget_context_data(parms_id_type)
; - Removed
context_data()
; - Added
key_context_data()
,key_parms_id()
,first_context_data()
, andlast_context_data()
; - Added
using_keyswitching()
that indicates whether key switching is supported in thisSEALContext
; Create(...)
in C++, and constructor in C#, now accepts an optional security level based on HomomorphicEncryption.org security standard, causing it to enforce the specified security level. By default a 128-bit security level is used.- Added
prev_context_data()
method to classContextData
(doubly linked modulus switching chain); - In C#
SEALContext
now has a public constructor.
Parameter selection:
- Removed the
DefaultParams
class; - Default
coeff_modulus
for the BFV scheme are now accessed through the functionCoeffModulus::BFVDefault(...)
. These moduli are not recommended for the CKKS scheme; - Customized
coeff_modulus
for the CKKS scheme can be created usingCoeffModulus::Create(...)
which takes thepoly_modulus_degree
and a vector of bit-lengths of the prime factors as arguments. It samples suitable primes close to 2^bit_length and returns a vector ofSmallModulus
elements. PlainModulus::Batching(...)
can be used to sample a prime forplain_modulus
that supportsBatchEncoder
for the BFV scheme.
Other important changes:
- Removed
size_capacity
function and data members fromCiphertext
class; - Moved all validation methods such as
is_valid_for
andis_metadata_valid_for
tovalcheck.h
; - Removed argument
decomposition_bit_count
from methodsrelin_keys(...)
andgalois_keys(...)
in classKeyGenerator
; - It is no longer possible to create more than one relinearization key. This is to simplify the API and reduce confusion. We have never seen a real use-case where more relinearization keys would be a good idea;
- Added methods to generate an encryption of zero to
Encryptor
; - Added comparison methods and primality check for
SmallModulus
; - Classes
RelinKeys
andGaloisKeys
are now derived from a common base classKSwitchKeys
; - GoogleTest framework is now included as a Git submodule;
- Numerous bugs have been fixed, particularly in the .NET wrappers.