github/tfhe-rs
1
1
Fork 0
mirror of https://github.com/zama-ai/tfhe-rs.git synced 2026-01-08 22:28:01 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
59181d4717a327356befa23a75a170521ddf532f
tfhe-rs/ci/lattice_estimator.sage
David Testé 59181d4717 chore(ci): add workflow to check security of parameters sets 
Cryptographic parameters sets security is checked automatically
with a lattice estimator. The first step is to collect all the
parameters that need to be checked in in a file with a format
understable by Sagemath. Second, a lattice estimator is run in
a Sage script. Each parameters set is run against two attacks and
then security level is estimated from that.
These steps have been put into a GitHub workflow to perform
automatic checks.

Co-authored-by: Ben <ben.curtis@zama.ai>
2023-08-10 16:42:40 +02:00

71 lines
2.3 KiB
Python
Executable File
Raw Blame History

"""
lattice_estimator
-----------------
Test cryptographic parameters set against several attacks to estimate their security level.
"""
import pathlib
import sys
sys.path.insert(1, 'lattice-estimator')
from estimator import *
model = RC.BDGL16
def check_security(filename):
"""
Run lattice estimator to determine if a parameters set is secure or not.
:param filename: name of the file containing parameters set
:return: :class:`list` of parameters to update
"""
filepath = pathlib.Path("ci", filename)
load(filepath)
print(f"Parsing parameters in {filepath}")
to_update = []
for param in all_params:
print(f"\t{param.tag}...\t", end= "")
try:
# The lattice estimator is not able to manage such large dimension.
# If we have the security for smaller `n` then we have security for larger ones.
if param.n == 32768:
param = param.updated(n = 16384)
usvp_level = LWE.primal_usvp(param, red_cost_model = model)
dual_level = LWE.dual_hybrid(param, red_cost_model = model)
estimator_level = log(min(usvp_level["rop"], dual_level["rop"]),2 )
if estimator_level < 127:
print("FAIL")
reason = f"attained security level = {estimator_level} bits target is 128 bits"
to_update.append((param, reason))
continue
except Exception as err:
print("FAIL")
to_update.append((param, f"{repr(err)}"))
else:
print("OK")
return to_update
if __name__ == "__main__":
params_to_update = []
for params_filename in ("boolean_parameters_lattice_estimator.sage",
"shortint_classic_parameters_lattice_estimator.sage",
"shortint_multi_bit_parameters_lattice_estimator.sage"):
params_to_update.extend(check_security(params_filename))
if params_to_update:
print("Some parameters need update")
print("----------------------------")
for param, reason in params_to_update:
print(f"[{param.tag}] reason: {reason} (param)")
sys.exit(int(1)) # Explicit conversion is needed to make this call work
else:
print("All parameters passed the security check")
Reference in New Issue View Git Blame Copy Permalink