Scribd
Upload
20 views

Seal

Uploaded by

Amal Abid
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
20 views

Seal

Uploaded by

Amal Abid
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 25

Introduction to Microsoft SEAL

Homomorphic Encryption Library


January 2022
Ahmet Can Mert
[email protected]
Microsoft SEAL Homomorphic Encryption Library (1)
• Microsoft SEAL is an open-source and highly optimized HE library developed by
the Cryptography Research Group at Microsoft Research
• https://www.microsoft.com/en-us/research/project/microsoft-seal/

• Open-source
• https://github.com/microsoft/SEAL
Microsoft SEAL Homomorphic Encryption Library (2)
• Supports two homomorphic encryption schemes
• BFV (allows homomorphic computations on encrypted integers)
• CKKS or HEAAN (allows homomorphic computations on real numbers)

• Works with RNS variants of BFV and CKKS


• Residue Number System (RNS) enables parallelism at algorithmic level for
modular integer arithmetic
• Instead of working with a very large coefficient modulus q (i.e., 280-bits), a
set of smaller coprime moduli qi (i.e., seven 40-bits) can be used.

• Arithmetic operations modulo q can be mapped into smaller operations in


modulo qi
Microsoft SEAL Homomorphic Encryption Library (3)
• BFV Implementation In Microsoft SEAL
• Parameters:
• n: degree of polynomial modulus
• q: coefficient modulus, T: plain modulus

• Given these three parameters, SEAL will create all necessary parameters
• BFV Hom. Multiplication routine needs extra coefficient modulus

• SEAL allows batching


• Packing n plaintext message (in mod T) to a single ciphertext (in form of
a matrix of 2 by (n/2))

• For a given parameter set, each ciphertext starts with a 'noise budget'
Microsoft SEAL Homomorphic Encryption Library (4)
• BFV Implementation In Microsoft SEAL
• Using given parameters, Microsoft SEAL creates a modulus switching chain
• n = 8192, qis = (set by SEAL), T = 20-bit
EncryptionParameters parms(scheme_type::bfv);
parms.set_poly_modulus_degree(8192);
parms.set_coeff_modulus(CoeffModulus::BFVDefault(poly_modulus_degree));
parms.set_plain_modulus(PlainModulus::Batching(poly_modulus_degree, 20));

SEALContext context(parms); // Create SEAL Context

• Modulus switching chain

Level-1 Encryption Level-2 Mod. Switch Level-3


(L qs) (L-1 qs) (L-2 qs)
Microsoft SEAL Homomorphic Encryption Library (5)
• CKKS Implementation In Microsoft SEAL
• Parameters:
• n: degree of polynomial modulus
• q: coefficient modulus
• scale: scaling factor for plaintext message inputs

• Given these three parameters, SEAL will create all necessary parameters

• SEAL allows batching


• Packing (n/2) plaintext message (integer or real number) to a single
ciphertext

• For a given parameter set, each ciphertext starts with a 'multiplicative depth'
Microsoft SEAL Homomorphic Encryption Library (6)
• CKKS Implementation In Microsoft SEAL
• Using given parameters, Microsoft SEAL creates a modulus switching chain
• n = 8192, qis = {60-bit, 40-bit, 40-bit, 60-bit}, scale
EncryptionParameters parms(scheme_type::ckks);
parms.set_poly_modulus_degree(8192);
parms.set_coeff_modulus(CoeffModulus::Create(poly_modulus_degree, {60,40,40,60}));
Double scale = pow(2.0, 40);

SEALContext context(parms); // Create SEAL Context

• Modulus switching chain

Level-1 Rescaling Level-2 Rescaling Level-3


(4 qs) (3 qs) (2 qs)
Microsoft SEAL Homomorphic Encryption Library (7)
• High-level Operations
• Client-side Operations
• Secret key generation
• Public key generation
• Evaluation key generation
• Galois key generation
• Encryption/Decrypt
• Encode/Decode
• Server-side Operations
• Hom. Addition
• Hom. Multiplication
• Relinearization
• Rotation
• Rescaling/Modulus Switching
HE Application Setting (1)
Server Client
1- Sets HE parameters and sends to Client
(n, q, …)
HE Application Setting (2)
Server Client
1- Sets HE parameters and sends to Client
(n, q, …)
2- Generates keys with HE parameters and
sends evaluation and galois keys to Server
(sk, pk, evaluation keys, galois keys)
HE Application Setting (3)
Server Client
1- Sets HE parameters and sends to Client
(n, q, …)
2- Generates keys with HE parameters and
sends evaluation and galois keys to Server
(sk, pk, evaluation keys, galois keys)

3- Encode the data, encrypt the encoded


data using pk and sends to Server
m_e = Encode(m) and ct = Enc(m, pk)
HE Application Setting (4)
Server Client
1- Sets HE parameters and sends to Client
(n, q, …)
2- Generates keys with HE parameters and
sends evaluation and galois keys to Server
(sk, pk, evaluation keys, galois keys)

3- Encode the data, encrypt the


encoded data using pk and sends to Server
m_e = Encode(m) and ct = Enc(m, pk)
4- Perform homomorphic computation
and sends result to Client
ct_2 = f(ct, evk, gk)
HE Application Setting (5)
Server Client
1- Sets HE parameters and sends to Client
(n, q, …)
2- Generates keys with HE parameters and
sends evaluation and galois keys to Server
(sk, pk, evaluation keys, galois keys)

3- Encode the data, encrypt the


encoded data using pk and sends to Server
me = Encode(m) and ct = Enc(me, pk)
4- Perform homomorphic computation
and sends result to Client
ct_2 = f(ct, evk, gk)
5- Decrypt and decode the result
me_2 = Dec(ct_2, sk) and m_2 = Decode(me_2)
Microsoft SEAL Use Cases (1)
• Microsoft SEAL can be used in a wide range of applications
• Secure processing of sensitive health data
• IDASH competition (http://www.humangenomeprivacy.org/)

• Applications in Education system

• Secure processing of financial data


• Fraud detection
• Personal credit rating system

* Ima ge is retrieved from https://www.fintechdirect.net/2020/07/14/south-korea-beefs-up-personal-credit-rating-system/


Microsoft SEAL Use Case (2)
• Password Monitor: Safeguarding passwords on Microsoft Edge
• User is notified if one of his/her saved password has been found in a breach

• When a password is saved, Microsoft Edge should contact a server to check if the
password is in a breached list.
• Neither Microsoft Edge nor a third-party should learn user's password or
username while performing this operation

• For details:
• Chen et al. "Fast Private Set Intersection from Homomorphic Encryption" at
CCS'17
• Chen et al. "Labeled PSI from Fully Homomorphic Encryption with Malicious
Security" at ACM SIGSAC'18
Microsoft SEAL Use Case (3)
• Password Monitor: Safeguarding passwords on Microsoft Edge

* Ima ge is retrieved from https://www.microsoft.com/en-us/research/blog/password-monitor-safeguarding-passwords-in-microsoft-edge/


Other Notable Libraries
• PALISADE by Duality Technologies
• Supports BFV, CKKS, BGV ...
• https://gitlab.com/palisade/palisade-release

• Concrete by ZAMA
• Written in Rust
• Supports TFHE (allows homomorphic computation on gate level)
• https://github.com/zama-ai/concrete

• HElib by IBM
• Supports BGV and CKKS
• https://github.com/HomEnc/HElib
How to install/run Microsoft SEAL (1)
• Installation steps
• Download/Clone Microsoft SEAL from its GitHub repository to a directory
• Use commands below to install SEAL globally on your system with SEAL
Examples (which explains fundamental concepts in homomorphic encryption
and SEAL):
cmake -S . -B build -DSEAL_BUILD_EXAMPLES=ON
cmake --build build
sudo cmake --install build

• Navigate to /build/bin and run sealexamples for SEAL Examples


cd build/bin
./sealexamples
How to install/run Microsoft SEAL (2)
• sealexamples
• Teaches basics of HE and SEAL
• Example codes are in native/examples/
How to use Microsoft SEAL in your code (1)
• You can use following sample CMakeList.txt file with your custom sealtutorial.cpp.
• CMakeLists.txt

cmake_minimum_required(VERSION 3.13)
project(SEALTutorial VERSION 1.0)
add_executable(sealtutorial sealtutorial.cpp)
find_package(SEAL 3.7.2)
target_link_libraries(sealtutorial SEAL::seal)
How to use Microsoft SEAL in your code (2)
• You can use following sample CMakeList.txt file with your custom sealtutorial.cpp.
• sealtutorial.cpp
#include "seal/seal.h"

#include <vector>

using namespace std;


using namespace seal;

int main()
{

return 0;
}
How to use Microsoft SEAL in your code (3)
• Finally, you can run your code with:

cmake .
make
./sealtutorial
Exercise (1)
• Comparison of two 2-bit unsigned integers homomorphically using BFV scheme
• A = (a1, a0)
• B = (b1, b0)

• Compute A<B

• A<B : a1'b1 + a0'b0(a1⊕b1)'

• Boolen operation to arithmetic operation


• not(a) = 1-a
• and(a, b) = a*b
• xor(a, b) = a+b - 2*a*b
Exercise (2)
• Comparison of two 2-bit unsigned integers homomorphically using BFV scheme
• A = (a1, a0)
• B = (b1, b0)

• Compute A<B

• A<B : a1'b1 + a0'b0(a1⊕b1)'

• Boolen operation to arithmetic operation

• A<B : (1 – a1)*b1 + (1 – a0)*b0*(1 - (a1+b1 – 2*a1*b1))


• A<B : (b1 – a1*b1) + (b0 – a0*b0)*(1 - (a1+b1 – a1*b1 - a1*b1))
Exercise (3)
• A<B : (b1 – a1*b1) + (b0 – a0*b0)*(1 - (a1+b1 – a1*b1 - a1*b1))

a1 a0
* a1*b1 a0*b0 - b1 - a1*b1 b0 - a0*b0
b1 b0 C

+ a1+b1 a0+b0 - - a1+b1 - a1*b1 - a1*b1 ...

1 -

1 - (a1+b1 - a1*b1 - a1*b1) ...

D
(C>>1) + C * (D >> 1)

You might also like