github/concrete
1
1
Fork 0
mirror of https://github.com/zama-ai/concrete.git synced 2026-02-15 07:05:09 -05:00
Code Issues Packages Projects Releases Wiki Activity
38 Commits 185 Branches 425 Tags
c113551dbb8e3665e24aa0d7cfcf099ea58c6fa4
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Ben c113551dbb add ct modulus
2021-08-11 11:26:03 +01:00
cpp
add ct modulus
2021-08-11 11:26:03 +01:00
data
organise
2021-08-09 13:03:11 +01:00
figs
organise figs
2021-06-03 10:07:56 +01:00
lwe-estimator @ 96354891d6
add zama estimator (param-curves branch)
2021-08-09 13:21:39 +01:00
.gitmodules
add zama estimator (param-curves branch)
2021-08-09 13:21:39 +01:00
concrete_params.py
missing ,
2021-05-20 10:10:09 +01:00
estimator.py
precision error in dual
2021-05-19 09:43:21 +01:00
hybrid_decoding.py
sd values for n \in [256, 2048]
2021-05-27 13:18:16 +01:00
README.rst
update
2021-08-09 12:57:26 +01:00
scripts.py
keep local copy on repo
2021-08-09 09:33:29 +01:00

README.rst 

Parameter curves for Concrete
=============

This Github repository contains the code needed to generate the Parameter curves used inside Zama. The repository contains the following files:

- estimator.py, a copy of the LWE Estimator 
- scripts.py, a copy of all scripts required to generate the parameter curves
- data/, a folder containing the data generated for previous curves. This folder currently contains "v0.sobj", i.e. the data used for the v0 curves

Example
-------------------
This is an example of how to generate the parameter curves using the v0.sobj data file.


::

    sage: load("scripts.py")
    sage: interps = []
    sage: results = load("v0.sobj")
    sage: for result in results:
    sage:     interps.append(interpolate_result(result, log_q = 64))
    sage: interps
    [(-0.040476778656126484, 1.143346508563902),
     (-0.03417207792207793, 1.4805194805194737),
     (-0.029681716023268107, 1.752723426758335),
     (-0.0263748887657055, 2.0121439233304894),
     (-0.023730136557783763, 2.1537066948924095),
     (-0.021604493958972515, 2.2696862472846204),
     (-0.019897520946588438, 2.4423829771964796),
     (-0.018504919354426233, 2.6634073426215745),
     (-0.017254242957361113, 2.7353702447139026),
     (-0.016178309410530816, 2.8493969373734758),
     (-0.01541034709414119, 3.1982749283836283),
     (-0.014327640360322604, 2.899270827311096)]
::

Finding the value of n_{alpha} is done manually. We can also verify the interpolants which are generated at the same time:

::

    # verify the interpolant used for lambda = 256 (which is interps[-1])
    sage: z = verify_interpolants(interps[-1], (128,2048), 64)
    [... code runs, can take ~10 mins ...]
    # find the index corresponding to n_alpha, which is where security drops below the target security level (256 here)
    sage: n_alpha = find_nalpha(z, 256)
    653
    
    # so the model in this case is 
    (-0.014327640360322604, 2.899270827311096, 653)
    # which corresponds to
    # sd(n) = max(-0.014327640360322604 * n +  2.899270827311096, -logq + 2), n >= 653
::

TODO List
-------------------

There are several updates which are still required.
    1. Consider Hybrid attacks (WIP, Michael + Ben are coding up hybrid-dual/hybrid-decoding estimates)
    2. Consider MITM attacks for small values of n (WIP, Michael has coded this up in the Zama internal estimator, I just need to add it to the parameter curves code).
    3. As part of (2), the version of the LWE Estimator used needs to be edited to use Zama's internal estimator.
    4. Add an example of how to _generate_ the parameter curves in the first place.
    5. CI/CD stuff for new pushes to the external LWE Estimator.
    6. Fully automate the process of finding n_{alpha} for each curve.
    7. Functionality for q =! 64? This is covered by the curve, but we currently don't account for it in the models, and it needs to be done manually.
Reference in New Issue View Git Blame Copy Permalink
Description
No description provided
Readme 148 MiB
Languages
C++ 34.3%
Python 23.1%
MLIR 22.9%
Rust 14.6%
C 2.2%
Other 2.8%