BGV addition 2

In HomomorphicEncryption: BFV, BGV, CKKS Schema for Fully Homomorphic Encryption

knitr::opts_chunk$set(
  collapse = TRUE,
  comment = "#>"
)

library(polynom)
library(HomomorphicEncryption)

Set some parameters.

d  =   4
n  =   2^d
p  =   (n/2)-1
q  = 868

Set a working seed for random numbers

set.seed(123)

Here we create the polynomial modulo.

pm = polynomial( coef=c(1, rep(0, n-1), 1 ) )
print(pm)

Create the secret key.

# generate a secret key
s = polynomial( sample.int(3, n, replace=TRUE)-2 )
print(s)

Create a (part of the public key)

# generate a
a = polynomial(sample.int(q, n, replace=TRUE))
print(a)

Create the error term e to be used to generate the public key.

# generate the error
e = polynomial( coef=round(stats::rnorm(n, 0, n/3)) )
print(e)

Generate Part 1 of the Public Key.

pk1 = -(a*s + p*e)
pk1 = pk1 %% pm
pk1 = CoefMod(pk1, q)
print(pk1)

Generate Part 2 of the Public Key (which is actually just equal to a).

pk2 = a

Create a polynomial message

# create a message
m = polynomial( coef=c(3, 2, 1) )

Create polynomials for the encryption of the message. Since e1 and e2 are constructed the same way as e, we don't print them, we just print u.

# polynomials for encryption
e1 = polynomial( coef=round(stats::rnorm(n, 0, n/3)) )
e2 = polynomial( coef=round(stats::rnorm(n, 0, n/3)) )
u  = polynomial( coef=sample.int(3, (n-1), replace=TRUE)-2 )
print(u)

Generate Part 1 of the ciphertext version of the message.

ct1 = pk1*u + p*e1 + m
ct1 = ct1 %% pm
ct1 = CoefMod(ct1, q)
print(ct1)

Generate Part 2 of the ciphertext version of the message.

ct2 = pk2*u + p*e2
ct2 = ct2 %% pm
ct2 = CoefMod(ct2, q)
print(ct2)

Now we take our message (3,2,1) and add it to itself - while encrypted:

ct1sum = ct1 + ct1
ct2sum = ct2 + ct2

Decrypt

decrypt = (ct2sum * s) + ct1sum
decrypt = decrypt %% pm
decrypt = CoefMod(decrypt, q)
decrypt = CoefMod(round(decrypt), p)
print(decrypt)

HomomorphicEncryption documentation built on May 29, 2024, 9:59 a.m.