pir.cpp 9.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321
  1. #include "pir.hpp"
  2. using namespace std;
  3. using namespace seal;
  4. using namespace seal::util;
  5. std::vector<std::uint64_t> get_dimensions(std::uint64_t num_of_plaintexts, std::uint32_t d) {
  6. assert(d > 0);
  7. assert(num_of_plaintexts > 0);
  8. std::uint64_t root = max(static_cast<uint32_t>(2),static_cast<uint32_t>(floor(pow(num_of_plaintexts, 1.0/d))));
  9. std::vector<std::uint64_t> dimensions(d, root);
  10. for(int i = 0; i < d; i++){
  11. if(accumulate(dimensions.begin(), dimensions.end(), 1, multiplies<uint64_t>()) > num_of_plaintexts){
  12. break;
  13. }
  14. dimensions[i] += 1;
  15. }
  16. std::uint32_t prod = accumulate(dimensions.begin(), dimensions.end(), 1, multiplies<uint64_t>());
  17. cout << "Total:" << num_of_plaintexts << endl << "Prod: "
  18. << prod << endl;
  19. assert(prod > num_of_plaintexts);
  20. return dimensions;
  21. }
  22. void gen_encryption_params(std::uint32_t N, std::uint32_t logt,
  23. seal::EncryptionParameters &enc_params){
  24. enc_params.set_poly_modulus_degree(N);
  25. enc_params.set_coeff_modulus(CoeffModulus::BFVDefault(N));
  26. enc_params.set_plain_modulus(PlainModulus::Batching(N, logt));
  27. }
  28. void verify_encryption_params(const seal::EncryptionParameters &enc_params){
  29. SEALContext context(enc_params, true);
  30. if(!context.parameters_set()){
  31. throw invalid_argument("SEAL parameters not valid.");
  32. }
  33. if(!context.using_keyswitching()){
  34. throw invalid_argument("SEAL parameters do not support key switching.");
  35. }
  36. if(!context.first_context_data()->qualifiers().using_batching){
  37. throw invalid_argument("SEAL parameters do not support batching.");
  38. }
  39. BatchEncoder batch_encoder(context);
  40. size_t slot_count = batch_encoder.slot_count();
  41. if(slot_count != enc_params.poly_modulus_degree()){
  42. throw invalid_argument("Slot count not equal to poly modulus degree - this will cause issues downstream.");
  43. }
  44. return;
  45. }
  46. void gen_pir_params(uint64_t ele_num, uint64_t ele_size, uint32_t d,
  47. const EncryptionParameters &enc_params, PirParams &pir_params,
  48. bool enable_symmetric, bool enable_batching){
  49. std::uint32_t N = enc_params.poly_modulus_degree();
  50. Modulus t = enc_params.plain_modulus();
  51. std::uint32_t logt = floor(log2(t.value()));
  52. cout << "logt: " << logt << endl << "N: " << N << endl <<
  53. "ele_num: " << ele_num << endl << "ele_size: " << ele_size << endl;
  54. std::uint64_t elements_per_plaintext;
  55. std::uint64_t num_of_plaintexts;
  56. if(enable_batching){
  57. elements_per_plaintext = elements_per_ptxt(logt, N, ele_size);
  58. num_of_plaintexts = plaintexts_per_db(logt, N, ele_num, ele_size);
  59. }
  60. else{
  61. elements_per_plaintext = 1;
  62. num_of_plaintexts = ele_num;
  63. }
  64. vector<uint64_t> nvec = get_dimensions(num_of_plaintexts, d);
  65. uint32_t expansion_ratio = 0;
  66. for (uint32_t i = 0; i < enc_params.coeff_modulus().size(); ++i) {
  67. double logqi = log2(enc_params.coeff_modulus()[i].value());
  68. cout << "PIR: logqi = " << logqi << endl;
  69. expansion_ratio += ceil(logqi / logt);
  70. }
  71. pir_params.enable_symmetric = enable_symmetric;
  72. pir_params.enable_batching = enable_batching;
  73. pir_params.ele_num = ele_num;
  74. pir_params.ele_size = ele_size;
  75. pir_params.elements_per_plaintext = elements_per_plaintext;
  76. pir_params.num_of_plaintexts = num_of_plaintexts;
  77. pir_params.d = d;
  78. pir_params.expansion_ratio = expansion_ratio << 1;
  79. pir_params.nvec = nvec;
  80. pir_params.n = num_of_plaintexts;
  81. pir_params.slot_count = N;
  82. }
  83. void print_pir_params(const PirParams &pir_params){
  84. cout << "Pir Params: " << endl;
  85. cout << "num_of_elements: " << pir_params.ele_num << endl;
  86. cout << "ele_size: " << pir_params.ele_size << endl;
  87. cout << "elements_per_plaintext: " << pir_params.elements_per_plaintext << endl;
  88. cout << "num_of_plaintexts: " << pir_params.num_of_plaintexts << endl;
  89. cout << "dimension: " << pir_params.d << endl;
  90. cout << "expansion ratio: " << pir_params.expansion_ratio << endl;
  91. cout << "n: " << pir_params.n << endl;
  92. cout << "slot count: " << pir_params.slot_count << endl;
  93. }
  94. uint32_t plainmod_after_expansion(uint32_t logt, uint32_t N, uint32_t d,
  95. uint64_t ele_num, uint64_t ele_size) {
  96. // Goal: find max logtp such that logtp + ceil(log(ceil(d_root(n)))) <= logt
  97. // where n = ceil(ele_num / floor(N*logtp / ele_size *8))
  98. for (uint32_t logtp = logt; logtp >= 2; logtp--) {
  99. uint64_t n = plaintexts_per_db(logtp, N, ele_num, ele_size);
  100. if (logtp == logt && n == 1) {
  101. return logtp - 1;
  102. }
  103. if ((double)logtp + ceil(log2(ceil(pow(n, 1.0/(double)d)))) <= logt) {
  104. return logtp;
  105. }
  106. }
  107. assert(0); // this should never happen
  108. return logt;
  109. }
  110. // Number of coefficients needed to represent a database element
  111. uint64_t coefficients_per_element(uint32_t logtp, uint64_t ele_size) {
  112. return ceil(8 * ele_size / (double)logtp);
  113. }
  114. // Number of database elements that can fit in a single FV plaintext
  115. uint64_t elements_per_ptxt(uint32_t logt, uint64_t N, uint64_t ele_size) {
  116. uint64_t coeff_per_ele = coefficients_per_element(logt, ele_size);
  117. uint64_t ele_per_ptxt = N / coeff_per_ele;
  118. assert(ele_per_ptxt > 0);
  119. return ele_per_ptxt;
  120. }
  121. // Number of FV plaintexts needed to represent the database
  122. uint64_t plaintexts_per_db(uint32_t logtp, uint64_t N, uint64_t ele_num, uint64_t ele_size) {
  123. uint64_t ele_per_ptxt = elements_per_ptxt(logtp, N, ele_size);
  124. return ceil((double)ele_num / ele_per_ptxt);
  125. }
  126. vector<uint64_t> bytes_to_coeffs(uint32_t limit, const uint8_t *bytes, uint64_t size) {
  127. uint64_t size_out = coefficients_per_element(limit, size);
  128. vector<uint64_t> output(size_out);
  129. uint32_t room = limit;
  130. uint64_t *target = &output[0];
  131. for (uint32_t i = 0; i < size; i++) {
  132. uint8_t src = bytes[i];
  133. uint32_t rest = 8;
  134. while (rest) {
  135. if (room == 0) {
  136. target++;
  137. room = limit;
  138. }
  139. uint32_t shift = rest;
  140. if (room < rest) {
  141. shift = room;
  142. }
  143. *target = *target << shift;
  144. *target = *target | (src >> (8 - shift));
  145. src = src << shift;
  146. room -= shift;
  147. rest -= shift;
  148. }
  149. }
  150. *target = *target << room;
  151. return output;
  152. }
  153. void coeffs_to_bytes(uint32_t limit, const vector<uint64_t> &coeffs, uint8_t *output, uint32_t size_out) {
  154. uint32_t room = 8;
  155. uint32_t j = 0;
  156. uint8_t *target = output;
  157. for (uint32_t i = 0; i < coeffs.size(); i++) {
  158. uint64_t src = coeffs[i];
  159. uint32_t rest = limit;
  160. while (rest && j < size_out) {
  161. uint32_t shift = rest;
  162. if (room < rest) {
  163. shift = room;
  164. }
  165. target[j] = target[j] << shift;
  166. target[j] = target[j] | (src >> (limit - shift));
  167. src = src << shift;
  168. room -= shift;
  169. rest -= shift;
  170. if (room == 0) {
  171. j++;
  172. room = 8;
  173. }
  174. }
  175. }
  176. }
  177. void vector_to_plaintext(const vector<uint64_t> &coeffs, Plaintext &plain) {
  178. uint32_t coeff_count = coeffs.size();
  179. plain.resize(coeff_count);
  180. util::set_uint(coeffs.data(), coeff_count, plain.data());
  181. }
  182. vector<uint64_t> compute_indices(uint64_t desiredIndex, vector<uint64_t> Nvec) {
  183. uint32_t num = Nvec.size();
  184. uint64_t product = 1;
  185. for (uint32_t i = 0; i < num; i++) {
  186. product *= Nvec[i];
  187. }
  188. uint64_t j = desiredIndex;
  189. vector<uint64_t> result;
  190. for (uint32_t i = 0; i < num; i++) {
  191. product /= Nvec[i];
  192. uint64_t ji = j / product;
  193. result.push_back(ji);
  194. j -= ji * product;
  195. }
  196. return result;
  197. }
  198. uint64_t invert_mod(uint64_t m, const seal::Modulus& mod) {
  199. if (mod.uint64_count() > 1) {
  200. cout << "Mod too big to invert";
  201. }
  202. uint64_t inverse = 0;
  203. if (!seal::util::try_invert_uint_mod(m, mod.value(), inverse)) {
  204. cout << "Could not invert value";
  205. }
  206. return inverse;
  207. }
  208. inline Ciphertext deserialize_ciphertext(string s, shared_ptr<SEALContext> context) {
  209. Ciphertext c;
  210. std::istringstream input(s);
  211. c.unsafe_load(*context, input);
  212. return c;
  213. }
  214. vector<Ciphertext> deserialize_ciphertexts(uint32_t count, string s, uint32_t len_ciphertext,
  215. shared_ptr<SEALContext> context) {
  216. vector<Ciphertext> c;
  217. for (uint32_t i = 0; i < count; i++) {
  218. c.push_back(deserialize_ciphertext(s.substr(i * len_ciphertext, len_ciphertext), context));
  219. }
  220. return c;
  221. }
  222. PirQuery deserialize_query(uint32_t d, uint32_t count, string s, uint32_t len_ciphertext,
  223. shared_ptr<SEALContext> context) {
  224. vector<vector<Ciphertext>> c;
  225. for (uint32_t i = 0; i < d; i++) {
  226. c.push_back(deserialize_ciphertexts(
  227. count,
  228. s.substr(i * count * len_ciphertext, count * len_ciphertext),
  229. len_ciphertext, context)
  230. );
  231. }
  232. return c;
  233. }
  234. inline string serialize_ciphertext(Ciphertext c) {
  235. std::ostringstream output;
  236. c.save(output);
  237. return output.str();
  238. }
  239. string serialize_ciphertexts(vector<Ciphertext> c) {
  240. string s;
  241. for (uint32_t i = 0; i < c.size(); i++) {
  242. s.append(serialize_ciphertext(c[i]));
  243. }
  244. return s;
  245. }
  246. string serialize_query(vector<vector<Ciphertext>> c) {
  247. string s;
  248. for (uint32_t i = 0; i < c.size(); i++) {
  249. for (uint32_t j = 0; j < c[i].size(); j++) {
  250. s.append(serialize_ciphertext(c[i][j]));
  251. }
  252. }
  253. return s;
  254. }
  255. string serialize_galoiskeys(GaloisKeys g) {
  256. std::ostringstream output;
  257. g.save(output);
  258. return output.str();
  259. }
  260. GaloisKeys *deserialize_galoiskeys(string s, shared_ptr<SEALContext> context) {
  261. GaloisKeys *g = new GaloisKeys();
  262. std::istringstream input(s);
  263. g->unsafe_load(*context, input);
  264. return g;
  265. }