bquast/BFV-in-R.R

## BFV-in-R.R
# HE illustrated primer

# define some parameters (small as an example)
# N.B. these parameters are not secure, they are completely insecure
d =   4
n =   2^d
t =   (n/2)-1
q = 874

# load library to create polynomials
library(polynom)

# polymod
pm = polynomial( coef=c(1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1 ) )

# create secret key
s = polynomial( coef=c(-1, -1, 0, 0, -1, 1, 0, 0, 0, 1, 0, -1, -1, 1, -1, 0 ) )

# define a
a = polynomial( coef=c(136, 239, 313, 241, 615, 37, 233, 408, 570, 8, 356, 132, 558, 110, 706, 327) )

# define the error
e = polynomial( coef=c(2, 7, -2, -2, 8, 1, 0, 3, 6, -2, -2, 6, 3, 4, -3) )

# create the public key
pk0 = -(a*s + e)
pk0 = pk0 %% pm

# define helper function
library(HEtools)

pk0 =  CoefMod(pk0, q)
pk1 =  a

# remove the error term
rm(e)

# create a message
m = polynomial( coef=c(1, 1, 1) )

# polynomials for encryption
e1 = polynomial( coef=c( 6, -1,  3,  3, 9,  0, 3, -3, -5, 0, -7, 1, -5, 0, 4, 1) )
e2 = polynomial( coef=c(-5, -3, -1, -1, 1, -7, 2,  0,  2, 0, -2, 6,  0, 1, 0, 1) )
u  = polynomial( coef=c(1, -1, 1, -1, 1, 1, 0, 0, -1, 0, 1, 1, 0, 1) )

# create ciphertext
ct0 = pk0*u +e1  + floor(q/t) * m
ct0 = ct0 %% pm
ct0 = CoefMod(ct0, q)
ct1 = (pk1*u +e2) %% pm
ct1 = CoefMod(ct1, q)

# decryption
decrypt = (ct1 * s) + ct0
decrypt = decrypt %% pm
decrypt = CoefMod(decrypt, q)

# rescale
decrypt = decrypt * t/q

# round then mod t
decrypt = CoefMod(round(decrypt), t)
	# HE illustrated primer

	# define some parameters (small as an example)
	# N.B. these parameters are not secure, they are completely insecure
	d = 4
	n = 2^d
	t = (n/2)-1
	q = 874

	# load library to create polynomials
	library(polynom)

	# polymod
	pm = polynomial( coef=c(1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1 ) )

	# create secret key
	s = polynomial( coef=c(-1, -1, 0, 0, -1, 1, 0, 0, 0, 1, 0, -1, -1, 1, -1, 0 ) )

	# define a
	a = polynomial( coef=c(136, 239, 313, 241, 615, 37, 233, 408, 570, 8, 356, 132, 558, 110, 706, 327) )

	# define the error
	e = polynomial( coef=c(2, 7, -2, -2, 8, 1, 0, 3, 6, -2, -2, 6, 3, 4, -3) )

	# create the public key
	pk0 = -(a*s + e)
	pk0 = pk0 %% pm

	# define helper function
	library(HEtools)

	pk0 = CoefMod(pk0, q)
	pk1 = a

	# remove the error term
	rm(e)

	# create a message
	m = polynomial( coef=c(1, 1, 1) )

	# polynomials for encryption
	e1 = polynomial( coef=c( 6, -1, 3, 3, 9, 0, 3, -3, -5, 0, -7, 1, -5, 0, 4, 1) )
	e2 = polynomial( coef=c(-5, -3, -1, -1, 1, -7, 2, 0, 2, 0, -2, 6, 0, 1, 0, 1) )
	u = polynomial( coef=c(1, -1, 1, -1, 1, 1, 0, 0, -1, 0, 1, 1, 0, 1) )

	# create ciphertext
	ct0 = pk0u +e1 + floor(q/t) m
	ct0 = ct0 %% pm
	ct0 = CoefMod(ct0, q)
	ct1 = (pk1*u +e2) %% pm
	ct1 = CoefMod(ct1, q)

	# decryption
	decrypt = (ct1 * s) + ct0
	decrypt = decrypt %% pm
	decrypt = CoefMod(decrypt, q)

	# rescale
	decrypt = decrypt * t/q

	# round then mod t
	decrypt = CoefMod(round(decrypt), t)