本文整理汇总了C++中Ctxt类的典型用法代码示例。如果您正苦于以下问题:C++ Ctxt类的具体用法?C++ Ctxt怎么用?C++ Ctxt使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
在下文中一共展示了Ctxt类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: fastPower
NTL_CLIENT
#include "FHE.h"
#include "timing.h"
#include "EncryptedArray.h"
#include <cassert>
#include <cstdio>
// computes ctxt^{2^d-1} using a method that takes
// O(log d) automorphisms and multiplications
void fastPower(Ctxt& ctxt, long d)
{
if (d == 1) return;
Ctxt orig = ctxt;
long k = NumBits(d);
long e = 1;
for (long i = k-2; i >= 0; i--) {
Ctxt tmp1 = ctxt;
tmp1.smartAutomorph(1L << e);
ctxt.multiplyBy(tmp1);
e = 2*e;
if (bit(d, i)) {
ctxt.smartAutomorph(2);
ctxt.multiplyBy(orig);
e += 1;
}
}
}示例2: findBaseLevel
void Ctxt::multiplyBy2(const Ctxt& other1, const Ctxt& other2)
{
// Special case: if *this is empty then do nothing
if (this->isEmpty()) return;
long lvl = findBaseLevel();
long lvl1 = other1.findBaseLevel();
long lvl2 = other2.findBaseLevel();
if (lvl<lvl1 && lvl<lvl2){ // if both others at higher levels than this,
Ctxt tmp = other1; // multiply others by each other, then by this
if (&other1 == &other2) tmp *= tmp; // squaring rather than multiplication
else tmp *= other2;
*this *= tmp;
}
else if (lvl<lvl2) { // lvl1<=lvl<lvl2, multiply by other2, then by other1
*this *= other2;
*this *= other1;
}
else { // multiply first by other1, then by other2
*this *= other1;
*this *= other2;
}
reLinearize(); // re-linearize after all the multiplications
}示例3: degPowerOfTwo
// This procedure assumes that k*(2^e +1) > deg(poly) > k*(2^e -1),
// and that babyStep contains >= k + (deg(poly) mod k) powers
static void
degPowerOfTwo(Ctxt& ret, const ZZX& poly, long k,
DynamicCtxtPowers& babyStep, DynamicCtxtPowers& giantStep)
{
if (deg(poly)<=babyStep.size()) { // Edge condition, use simple eval
simplePolyEval(ret, poly, babyStep);
return;
}
long n = deg(poly)/k; // We assume n=2^e or n=2^e -1
n = 1L << NextPowerOfTwo(n); // round up to n=2^e
ZZX r = trunc(poly, (n-1)*k); // degree <= k(2^e-1)-1
ZZX q = RightShift(poly, (n-1)*k); // 0 < degree < 2k
SetCoeff(r, (n-1)*k); // monic, degree == k(2^e-1)
q -= 1;
PatersonStockmeyer(ret, r, k, n/2, 0, babyStep, giantStep);
Ctxt tmp(ret.getPubKey(), ret.getPtxtSpace());
simplePolyEval(tmp, q, babyStep); // evaluate q
// multiply by X^{k(n-1)} with minimum depth
for (long i=1; i<n; i*=2) {
tmp.multiplyBy(giantStep.getPower(i));
}
ret += tmp;
}示例4: mapTo01
NTL_CLIENT
#include "FHE.h"
#include "timing.h"
#include "EncryptedArray.h"
#include <cstdio>
// Map all non-zero slots to 1, leaving zero slots as zero.
// Assumes that r=1, and that all the slot contain elements from GF(p^d).
//
// We compute x^{p^d-1} = x^{(1+p+...+p^{d-1})*(p-1)} by setting y=x^{p-1}
// and then outputting y * y^p * ... * y^{p^{d-1}}, with exponentiation to
// powers of p done via Frobenius.
// FIXME: the computation of the "norm" y * y^p * ... * y^{p^{d-1}}
// can be done using O(log d) automorphisms, rather than O(d).
void mapTo01(const EncryptedArray& ea, Ctxt& ctxt)
{
long p = ctxt.getPtxtSpace();
if (p != ea.getPAlgebra().getP()) // ptxt space is p^r for r>1
throw helib::LogicError("mapTo01 not implemented for r>1");
if (p>2)
ctxt.power(p-1); // set y = x^{p-1}
long d = ea.getDegree();
if (d>1) { // compute the product of the d automorphisms
std::vector<Ctxt> v(d, ctxt);
for (long i=1; i<d; i++)
v[i].frobeniusAutomorph(i);
totalProduct(ctxt, v);
}
}示例5: incrementalZeroTest
// incrementalZeroTest sets each res[i], for i=0..n-1, to
// a ciphertext in which each slot is 0 or 1 according
// to whether or not bits 0..i of corresponding slot in ctxt
// is zero (1 if not zero, 0 if zero).
// It is assumed that res and each res[i] is already initialized
// by the caller.
// Complexity: O(d + n log d) smart automorphisms
// O(n d)
void incrementalZeroTest(Ctxt* res[], const EncryptedArray& ea,
const Ctxt& ctxt, long n)
{
FHE_TIMER_START;
long nslots = ea.size();
long d = ea.getDegree();
// compute linearized polynomial coefficients
vector< vector<ZZX> > Coeff;
Coeff.resize(n);
for (long i = 0; i < n; i++) {
// coeffients for mask on bits 0..i
// L[j] = X^j for j = 0..i, L[j] = 0 for j = i+1..d-1
vector<ZZX> L;
L.resize(d);
for (long j = 0; j <= i; j++)
SetCoeff(L[j], j);
vector<ZZX> C;
ea.buildLinPolyCoeffs(C, L);
Coeff[i].resize(d);
for (long j = 0; j < d; j++) {
// Coeff[i][j] = to the encoding that has C[j] in all slots
// FIXME: maybe encrtpted array should have this functionality
// built in
vector<ZZX> T;
T.resize(nslots);
for (long s = 0; s < nslots; s++) T[s] = C[j];
ea.encode(Coeff[i][j], T);
}
}
vector<Ctxt> Conj(d, ctxt);
// initialize Cong[j] to ctxt^{2^j}
for (long j = 0; j < d; j++) {
Conj[j].smartAutomorph(1L << j);
}
for (long i = 0; i < n; i++) {
res[i]->clear();
for (long j = 0; j < d; j++) {
Ctxt tmp = Conj[j];
tmp.multByConstant(Coeff[i][j]);
*res[i] += tmp;
}
// *res[i] now has 0..i in each slot
// next, we raise to the power 2^d-1
fastPower(*res[i], d);
}
FHE_TIMER_STOP;
}示例6: rotateLeft32
void rotateLeft32(Ctxt &x, int n) {
Ctxt other = x;
global_ea->shift(x, n);
global_ea->shift(other, -(32-n));
x.multByConstant(*global_maxint);
other.multByConstant(*global_maxint);
x += other;
}示例7: Encrypt
void Encrypt(Ctxt &ctxt, const NTL::ZZ &plain) const {
assert(*this == ctxt.GetPk());
auto bits = NTL::NumBits(n);
NTL::ZZ r, res;
NTL::RandomBits(r, bits);
NTL::PowerMod(r, r, n, n2);
NTL::PowerMod(res, g, plain, n2);
NTL::MulMod(res, r, n2);
ctxt.SetCtxt(res);
}示例8: assert
// Constructor
Ctxt::Ctxt(ZeroCtxtLike_type, const Ctxt& ctxt):
context(ctxt.getPubKey().getContext()), pubKey(ctxt.getPubKey()),
ptxtSpace(ctxt.getPtxtSpace()),
noiseVar(to_xdouble(0.0))
{
// same body as previous constructor
if (ptxtSpace<=0) ptxtSpace = pubKey.getPtxtSpace();
else assert (GCD(ptxtSpace, pubKey.getPtxtSpace()) > 1); // sanity check
primeSet=context.ctxtPrimes;
}示例9: extractDigits
void extractDigits(vector<Ctxt>& digits, const Ctxt& c, long r)
{
const FHEcontext& context = c.getContext();
long rr = c.effectiveR();
if (r<=0 || r>rr) r = rr; // how many digits to extract
long p = context.zMStar.getP();
ZZX x2p;
if (p>3) {
buildDigitPolynomial(x2p, p, r);
}
Ctxt tmp(c.getPubKey(), c.getPtxtSpace());
digits.resize(r, tmp); // allocate space
#ifdef DEBUG_PRINTOUT
fprintf(stderr, "***\n");
#endif
for (long i=0; i<r; i++) {
tmp = c;
for (long j=0; j<i; j++) {
if (p==2) digits[j].square();
else if (p==3) digits[j].cube();
else polyEval(digits[j], x2p, digits[j]);
// "in spirit" digits[j] = digits[j]^p
#ifdef DEBUG_PRINTOUT
fprintf(stderr, "%5ld", digits[j].bitCapacity());
#endif
tmp -= digits[j];
tmp.divideByP();
}
digits[i] = tmp; // needed in the next round
#ifdef DEBUG_PRINTOUT
if (dbgKey) {
double ratio =
log(embeddingLargestCoeff(digits[i], *dbgKey)/digits[i].getNoiseBound())/log(2.0);
fprintf(stderr, "%5ld [%f]", digits[i].bitCapacity(), ratio);
if (ratio > 0) fprintf(stderr, " BAD-BOUND");
fprintf(stderr, "\n");
}
else {
fprintf(stderr, "%5ld\n", digits[i].bitCapacity());
}
#endif
}
#ifdef DEBUG_PRINTOUT
fprintf(stderr, "***\n");
#endif
}示例10: assert
void EncryptedArrayDerived<type>::rotate1D(Ctxt& ctxt, long i, long amt, bool dc) const
{
FHE_TIMER_START;
const PAlgebra& al = context.zMStar;
const vector< vector< RX > >& maskTable = tab.getMaskTable();
RBak bak; bak.save(); tab.restoreContext();
assert(&context == &ctxt.getContext());
assert(i >= 0 && i < (long)al.numOfGens());
// Make sure amt is in the range [1,ord-1]
long ord = al.OrderOf(i);
amt %= ord;
if (amt == 0) return;
long signed_amt = amt;
if (amt < 0) amt += ord;
// DIRT: the above assumes division with remainder
// follows C++11 and C99 rules
if (al.SameOrd(i)) { // a "native" rotation
long val = PowerMod(al.ZmStarGen(i), amt, al.getM());
ctxt.smartAutomorph(val);
}
else if (dc) {
// the "don't care" case...it is presumed that any shifts
// "off the end" are zero. For this, we have to use
// the "signed" version of amt.
long val = PowerMod(al.ZmStarGen(i), signed_amt, al.getM());
ctxt.smartAutomorph(val);
}
else {
// more expensive "non-native" rotation
assert(maskTable[i].size() > 0);
long val = PowerMod(al.ZmStarGen(i), amt, al.getM());
long ival = PowerMod(al.ZmStarGen(i), amt-ord, al.getM());
const RX& mask = maskTable[i][ord-amt];
DoubleCRT m1(conv<ZZX>(mask), context, ctxt.getPrimeSet());
Ctxt tmp(ctxt); // a copy of the ciphertext
tmp.multByConstant(m1); // only the slots in which m1=1
ctxt -= tmp; // only the slots in which m1=0
ctxt.smartAutomorph(val); // shift left by val
tmp.smartAutomorph(ival); // shift right by ord-val
ctxt += tmp; // combine the two parts
}
FHE_TIMER_STOP;
}示例11: recursivePolyEval
static void
recursivePolyEval(Ctxt& ret, const ZZX& poly, long k,
DynamicCtxtPowers& babyStep, DynamicCtxtPowers& giantStep)
{
if (deg(poly)<=babyStep.size()) { // Edge condition, use simple eval
simplePolyEval(ret, poly, babyStep);
return;
}
long delta = deg(poly) % k; // deg(poly) mod k
long n = divc(deg(poly),k); // ceil( deg(poly)/k )
long t = 1L<<(NextPowerOfTwo(n)); // t >= n, so t*k >= deg(poly)
// Special case for deg(poly) = k * 2^e +delta
if (n==t) {
degPowerOfTwo(ret, poly, k, babyStep, giantStep);
return;
}
// When deg(poly) = k*(2^e -1) we use the Paterson-Stockmeyer recursion
if (n == t-1 && delta==0) {
PatersonStockmeyer(ret, poly, k, t/2, delta, babyStep, giantStep);
return;
}
t = t/2;
// In any other case we have kt < deg(poly) < k(2t-1). We then set
// u = deg(poly) - k*(t-1) and poly = q*X^u + r with deg(r)<u
// and recurse on poly = (q-1)*X^u + (X^u+r)
long u = deg(poly) - k*(t-1);
ZZX r = trunc(poly, u); // degree <= u-1
ZZX q = RightShift(poly, u); // degree == k*(t-1)
q -= 1;
SetCoeff(r, u); // degree == u
PatersonStockmeyer(ret, q, k, t/2, 0, babyStep, giantStep);
Ctxt tmp = giantStep.getPower(u/k);
if (delta!=0) { // if u is not divisible by k then compute it
tmp.multiplyBy(babyStep.getPower(delta));
}
ret.multiplyBy(tmp);
recursivePolyEval(tmp, r, k, babyStep, giantStep);
ret += tmp;
}示例12: SelectRange
// selects range of slots [lo..hi)
static
void SelectRange(const EncryptedArray& ea, Ctxt& ctxt, long lo, long hi)
{
ZZX mask;
SelectRange(ea, mask, lo, hi);
ctxt.multByConstant(mask);
}示例13: applyLinPolyLL
void applyLinPolyLL(Ctxt& ctxt, const vector<P>& encodedC, long d)
{
assert(d == lsize(encodedC));
ctxt.cleanUp(); // not sure, but this may be a good idea
Ctxt tmp(ctxt);
ctxt.multByConstant(encodedC[0]);
for (long j = 1; j < d; j++) {
Ctxt tmp1(tmp);
tmp1.frobeniusAutomorph(j);
tmp1.multByConstant(encodedC[j]);
ctxt += tmp1;
}
}示例14: rotateLeft32Old
void rotateLeft32Old(Ctxt &x, int n) {
Ctxt other = x;
global_ea->shift(x, n);
global_ea->shift(other, -(32-n));
negate32(x); // bitwise OR
negate32(other);
x.multiplyBy(other);
negate32(x);
}示例15: add_noise_to_coeff
void add_noise_to_coeff(Ctxt& res, long n, long p, long except) {
NTL::ZZX noise;
for (long i = 0; i < n; i++) {
NTL::SetCoeff(noise, i, NTL::RandomBnd(p));
}
NTL::SetCoeff(noise, except, 0);
res.addConstant(noise);
}