public void SaveLoadTest()
{
SEALContext context = GlobalContext.Context;
KeyGenerator keygen = new KeyGenerator(context);
RelinKeys keys = keygen.RelinKeys(decompositionBitCount: 30, count: 2);
Assert.IsNotNull(keys);
Assert.AreEqual(30, keys.DecompositionBitCount);
Assert.AreEqual(2ul, keys.Size);
RelinKeys other = new RelinKeys();
MemoryPoolHandle handle = other.Pool;
Assert.AreEqual(0, other.DecompositionBitCount);
Assert.AreEqual(0ul, other.Size);
ulong alloced = handle.AllocByteCount;
using (MemoryStream ms = new MemoryStream())
{
keys.Save(ms);
ms.Seek(offset: 0, loc: SeekOrigin.Begin);
other.Load(context, ms);
}
Assert.AreEqual(30, other.DecompositionBitCount);
Assert.AreEqual(2ul, other.Size);
Assert.IsTrue(other.IsMetadataValidFor(context));
Assert.IsTrue(handle.AllocByteCount > 0ul);
List <IEnumerable <Ciphertext> > keysData = new List <IEnumerable <Ciphertext> >(keys.Data);
List <IEnumerable <Ciphertext> > otherData = new List <IEnumerable <Ciphertext> >(other.Data);
Assert.AreEqual(keysData.Count, otherData.Count);
for (int i = 0; i < keysData.Count; i++)
{
List <Ciphertext> keysCiphers = new List <Ciphertext>(keysData[i]);
List <Ciphertext> otherCiphers = new List <Ciphertext>(otherData[i]);
Assert.AreEqual(keysCiphers.Count, otherCiphers.Count);
for (int j = 0; j < keysCiphers.Count; j++)
{
Ciphertext keysCipher = keysCiphers[j];
Ciphertext otherCipher = otherCiphers[j];
Assert.AreEqual(keysCipher.Size, otherCipher.Size);
Assert.AreEqual(keysCipher.PolyModulusDegree, otherCipher.PolyModulusDegree);
Assert.AreEqual(keysCipher.CoeffModCount, otherCipher.CoeffModCount);
ulong coeffCount = keysCipher.Size * keysCipher.PolyModulusDegree * keysCipher.CoeffModCount;
for (ulong k = 0; k < coeffCount; k++)
{
Assert.AreEqual(keysCipher[k], otherCipher[k]);
}
}
}
}
/// <summary>
/// Convert a RelinKeys object to a Base64 string
/// </summary>
/// <param name="rlk">RelinKeys to convert</param>
/// <returns>Base64 string representing the RelinKeys</returns>
public static string RelinKeysToBase64(RelinKeys rlk)
{
using (MemoryStream ms = new MemoryStream())
{
rlk.Save(ms);
byte[] bytes = ms.ToArray();
return(Convert.ToBase64String(bytes));
}
}
public void SaveLoadTest()
{
SEALContext context = GlobalContext.BFVContext;
KeyGenerator keygen = new KeyGenerator(context);
RelinKeys keys = keygen.RelinKeysLocal();
Assert.IsNotNull(keys);
Assert.AreEqual(1ul, keys.Size);
RelinKeys other = new RelinKeys();
MemoryPoolHandle handle = other.Pool;
Assert.AreEqual(0ul, other.Size);
ulong alloced = handle.AllocByteCount;
using (MemoryStream ms = new MemoryStream())
{
keys.Save(ms);
ms.Seek(offset: 0, loc: SeekOrigin.Begin);
other.Load(context, ms);
}
Assert.AreEqual(1ul, other.Size);
Assert.IsTrue(ValCheck.IsValidFor(other, context));
Assert.IsTrue(handle.AllocByteCount > 0ul);
List <IEnumerable <PublicKey> > keysData = new List <IEnumerable <PublicKey> >(keys.Data);
List <IEnumerable <PublicKey> > otherData = new List <IEnumerable <PublicKey> >(other.Data);
Assert.AreEqual(keysData.Count, otherData.Count);
for (int i = 0; i < keysData.Count; i++)
{
List <PublicKey> keysCiphers = new List <PublicKey>(keysData[i]);
List <PublicKey> otherCiphers = new List <PublicKey>(otherData[i]);
Assert.AreEqual(keysCiphers.Count, otherCiphers.Count);
for (int j = 0; j < keysCiphers.Count; j++)
{
PublicKey keysCipher = keysCiphers[j];
PublicKey otherCipher = otherCiphers[j];
Assert.AreEqual(keysCipher.Data.Size, otherCipher.Data.Size);
Assert.AreEqual(keysCipher.Data.PolyModulusDegree, otherCipher.Data.PolyModulusDegree);
Assert.AreEqual(keysCipher.Data.CoeffModulusSize, otherCipher.Data.CoeffModulusSize);
ulong coeffCount = keysCipher.Data.Size * keysCipher.Data.PolyModulusDegree * keysCipher.Data.CoeffModulusSize;
for (ulong k = 0; k < coeffCount; k++)
{
Assert.AreEqual(keysCipher.Data[k], otherCipher.Data[k]);
}
}
}
}
/*
* In this example we show how serialization works in Microsoft SEAL. Specifically,
* we present important concepts that enable the user to optimize the data size when
* communicating ciphertexts and keys for outsourced computation. Unlike the previous
* examples, we organize this one in a client-server style for maximal clarity. The
* server selects encryption parameters, the client generates keys, the server does
* the encrypted computation, and the client decrypts.
*/
private static void ExampleSerialization()
{
Utilities.PrintExampleBanner("Example: Serialization");
/*
* We require ZLIB support for this example to be available.
*/
if (!Serialization.IsSupportedComprMode(ComprModeType.Deflate))
{
Console.WriteLine("ZLIB support is not enabled; this example is not available.");
Console.WriteLine();
return;
}
/*
* To simulate client-server interaction, we set up a shared C# stream. In real
* use-cases this can be a network stream, a filestream, or any shared resource.
*
* It is critical to note that all data serialized by Microsoft SEAL is in binary
* form, so it is not meaningful to print the data as ASCII characters. Encodings
* such as Base64 would increase the data size, which is already a bottleneck in
* homomorphic encryption. Hence, serialization into text is not supported or
* recommended.
*
* In this example we use a couple of shared MemoryStreams.
*/
MemoryStream parmsStream = new MemoryStream();
MemoryStream dataStream = new MemoryStream();
MemoryStream skStream = new MemoryStream();
/*
* The server first determines the computation and sets encryption parameters
* accordingly.
*/
{
ulong polyModulusDegree = 8192;
using EncryptionParameters parms = new EncryptionParameters(SchemeType.CKKS);
parms.PolyModulusDegree = polyModulusDegree;
parms.CoeffModulus = CoeffModulus.Create(
polyModulusDegree, new int[] { 50, 20, 50 });
/*
* Serialization of the encryption parameters to our shared stream is very
* simple with the EncryptionParameters.Save function.
*/
long size = parms.Save(parmsStream);
/*
* Seek the parmsStream head back to beginning of the stream.
*/
parmsStream.Seek(0, SeekOrigin.Begin);
/*
* The return value of this function is the actual byte count of data written
* to the stream.
*/
Utilities.PrintLine();
Console.WriteLine($"EncryptionParameters: wrote {size} bytes");
/*
* Before moving on, we will take some time to discuss further options in
* serialization. These will become particularly important when the user
* needs to optimize communication and storage sizes.
*/
/*
* It is possible to enable or disable ZLIB ("deflate") compression for
* serialization by providing EncryptionParameters.Save with the desired
* compression mode as in the following examples:
*
* long size = parms.Save(sharedStream, ComprModeType.None);
* long size = parms.Save(sharedStream, ComprModeType.Deflate);
*
* If Microsoft SEAL is compiled with ZLIB support, the default is to use
* ComprModeType.Deflate, so to instead disable compression one would use
* the first version of the two.
*/
/*
* In many cases, when working with fixed size memory, it is necessary
* to know ahead of time an upper bound on the serialized data size to
* allocate enough memory. This information is returned by the
* EncryptionParameters.SaveSize function. This function accepts the
* desired compression mode, with ComprModeType.Deflate being the default
* when Microsoft SEAL is compiled with ZLIB support.
*
* In more detail, the output of EncryptionParameters.SaveSize is as follows:
*
* - Exact buffer size required for ComprModeType.None;
* - Upper bound on the size required for ComprModeType.Deflate.
*
* As we can see from the print-out, the sizes returned by these functions
* are significantly larger than the compressed size written into the shared
* stream in the beginning. This is normal: compression yielded a significant
* improvement in the data size, yet it is hard to estimate the size of the
* compressed data.
*/
Utilities.PrintLine();
Console.Write("EncryptionParameters: data size upper bound (ComprModeType.None): ");
Console.WriteLine(parms.SaveSize(ComprModeType.None));
Console.Write(" ");
Console.Write("EncryptionParameters: data size upper bound (ComprModeType.Deflate): ");
Console.WriteLine(parms.SaveSize(ComprModeType.Deflate));
/*
* As an example, we now serialize the encryption parameters to a fixed
* size buffer.
*/
MemoryStream buffer = new MemoryStream(new byte[parms.SaveSize()]);
parms.Save(buffer);
/*
* To illustrate deserialization, we load back the encryption parameters
* from our buffer into another instance of EncryptionParameters. First
* we need to seek our stream back to the beginning.
*/
buffer.Seek(0, SeekOrigin.Begin);
using EncryptionParameters parms2 = new EncryptionParameters();
parms2.Load(buffer);
/*
* We can check that the saved and loaded encryption parameters indeed match.
*/
Utilities.PrintLine();
Console.WriteLine($"EncryptionParameters: parms == parms2: {parms.Equals(parms2)}");
}
/*
* Client starts by loading the encryption parameters, sets up the SEALContext,
* and creates the required keys.
*/
{
using EncryptionParameters parms = new EncryptionParameters();
parms.Load(parmsStream);
/*
* Seek the parmsStream head back to beginning of the stream because we
* will use the same stream to read the parameters repeatedly.
*/
parmsStream.Seek(0, SeekOrigin.Begin);
using SEALContext context = new SEALContext(parms);
using KeyGenerator keygen = new KeyGenerator(context);
using SecretKey sk = keygen.SecretKey;
using PublicKey pk = keygen.PublicKey;
/*
* We need to save the secret key so we can decrypt later.
*/
sk.Save(skStream);
skStream.Seek(0, SeekOrigin.Begin);
/*
* In this example we will also use relinearization keys. For realinearization
* and Galois keys the KeyGenerator.RelinKeys and KeyGenerator.GaloisKeys
* functions return special Serializable<T> objects. These objects are meant
* to be serialized and never used locally. On the other hand, for local use
* of RelinKeys and GaloisKeys, the functions KeyGenerator.RelinKeysLocal
* and KeyGenerator.GaloisKeysLocal can be used to create the RelinKeys
* and GaloisKeys objects directly. The difference is that the Serializable<T>
* objects contain a partly seeded version of the RelinKeys (or GaloisKeys)
* that will result in a significantly smaller size when serialized. Using
* this method has no impact on security. Such seeded RelinKeys (GaloisKeys)
* must be expanded before being used in computations; this is automatically
* done by deserialization.
*/
using Serializable <RelinKeys> rlk = keygen.RelinKeys();
/*
* Before continuing, we demonstrate the significant space saving from this
* method.
*/
long sizeRlk = rlk.Save(dataStream);
using RelinKeys rlkLocal = keygen.RelinKeysLocal();
long sizeRlkLocal = rlkLocal.Save(dataStream);
/*
* Now compare the serialized sizes of rlk and rlkLocal.
*/
Utilities.PrintLine();
Console.WriteLine($"Serializable<RelinKeys>: wrote {sizeRlk} bytes");
Console.Write(" ");
Console.WriteLine($"RelinKeys (local): wrote {sizeRlkLocal} bytes");
/*
* Seek back in dataStream to where rlk data ended, i.e., sizeRlkLocal
* bytes backwards from current position.
*/
dataStream.Seek(-sizeRlkLocal, SeekOrigin.Current);
/*
* Next set up the CKKSEncoder and Encryptor, and encrypt some numbers.
*/
double scale = Math.Pow(2.0, 20);
CKKSEncoder encoder = new CKKSEncoder(context);
using Plaintext plain1 = new Plaintext(),
plain2 = new Plaintext();
encoder.Encode(2.3, scale, plain1);
encoder.Encode(4.5, scale, plain2);
using Encryptor encryptor = new Encryptor(context, pk);
using Ciphertext encrypted1 = new Ciphertext(),
encrypted2 = new Ciphertext();
encryptor.Encrypt(plain1, encrypted1);
encryptor.Encrypt(plain2, encrypted2);
/*
* Now, we could serialize both encrypted1 and encrypted2 to dataStream
* using Ciphertext.Save. However, for this example, we demonstrate another
* size-saving trick that can come in handy.
*
* As you noticed, we set up the Encryptor using the public key. Clearly this
* indicates that the CKKS scheme is a public-key encryption scheme. However,
* both BFV and CKKS can operate also in a symmetric-key mode. This can be
* beneficial when the public-key functionality is not exactly needed, like
* in simple outsourced computation scenarios. The benefit is that in these
* cases it is possible to produce ciphertexts that are partly seeded, hence
* significantly smaller. Such ciphertexts must be expanded before being used
* in computations; this is automatically done by deserialization.
*
* To use symmetric-key encryption, we need to set up the Encryptor with the
* secret key instead.
*/
using Encryptor symEncryptor = new Encryptor(context, sk);
using Serializable <Ciphertext> symEncrypted1 = symEncryptor.EncryptSymmetric(plain1);
using Serializable <Ciphertext> symEncrypted2 = symEncryptor.EncryptSymmetric(plain2);
/*
* Before continuing, we demonstrate the significant space saving from this
* method.
*/
long sizeSymEncrypted1 = symEncrypted1.Save(dataStream);
long sizeEncrypted1 = encrypted1.Save(dataStream);
/*
* Now compare the serialized sizes of encrypted1 and symEncrypted1.
*/
Utilities.PrintLine();
Console.Write("Serializable<Ciphertext> (symmetric-key): ");
Console.WriteLine($"wrote {sizeSymEncrypted1} bytes");
Console.Write(" ");
Console.WriteLine($"Ciphertext (public-key): wrote {sizeEncrypted1} bytes");
/*
* Seek back in dataStream to where symEncrypted1 data ended, i.e.,
* sizeEncrypted1 bytes backwards from current position and write
* symEncrypted2 right after symEncrypted1.
*/
dataStream.Seek(-sizeEncrypted1, SeekOrigin.Current);
symEncrypted2.Save(dataStream);
dataStream.Seek(0, SeekOrigin.Begin);
/*
* We have seen how using KeyGenerator.RelinKeys (KeyGenerator.GaloisKeys)
* can result in huge space savings over the local variants when the objects
* are not needed for local use. We have seen how symmetric-key encryption
* can be used to achieve much smaller ciphertext sizes when the public-key
* functionality is not needed.
*
* We would also like to draw attention to the fact there we could easily
* serialize multiple Microsoft SEAL objects sequentially in a stream. Each
* object writes its own size into the stream, so deserialization knows
* exactly how many bytes to read. We will see this working next.
*
* Finally, we would like to point out that none of these methods provide any
* space savings unless Microsoft SEAL is compiled with ZLIB support, or when
* serialized with ComprModeType.None.
*/
}
/*
* The server can now compute on the encrypted data. We will recreate the
* SEALContext and set up an Evaluator here.
*/
{
using EncryptionParameters parms = new EncryptionParameters();
parms.Load(parmsStream);
parmsStream.Seek(0, SeekOrigin.Begin);
using SEALContext context = new SEALContext(parms);
using Evaluator evaluator = new Evaluator(context);
/*
* Next we need to load relinearization keys and the ciphertexts from our
* dataStream.
*/
using RelinKeys rlk = new RelinKeys();
using Ciphertext encrypted1 = new Ciphertext(),
encrypted2 = new Ciphertext();
/*
* Deserialization is as easy as serialization.
*/
rlk.Load(context, dataStream);
encrypted1.Load(context, dataStream);
encrypted2.Load(context, dataStream);
/*
* Compute the product, rescale, and relinearize.
*/
using Ciphertext encryptedProd = new Ciphertext();
evaluator.Multiply(encrypted1, encrypted2, encryptedProd);
evaluator.RelinearizeInplace(encryptedProd, rlk);
evaluator.RescaleToNextInplace(encryptedProd);
/*
* We use dataStream to communicate encryptedProd back to the client. There
* is no way to save the encryptedProd as Serializable<Ciphertext> even
* though it is still a symmetric-key encryption: only freshly encrypted
* ciphertexts can be seeded. Note how the size of the result ciphertext is
* smaller than the size of a fresh ciphertext because it is at a lower level
* due to the rescale operation.
*/
dataStream.Seek(0, SeekOrigin.Begin);
long sizeEncryptedProd = encryptedProd.Save(dataStream);
dataStream.Seek(0, SeekOrigin.Begin);
Utilities.PrintLine();
Console.Write($"Ciphertext (symmetric-key): ");
Console.WriteLine($"wrote {sizeEncryptedProd} bytes");
}
/*
* In the final step the client decrypts the result.
*/
{
using EncryptionParameters parms = new EncryptionParameters();
parms.Load(parmsStream);
parmsStream.Seek(0, SeekOrigin.Begin);
using SEALContext context = new SEALContext(parms);
/*
* Load back the secret key from skStream.
*/
using SecretKey sk = new SecretKey();
sk.Load(context, skStream);
using Decryptor decryptor = new Decryptor(context, sk);
using CKKSEncoder encoder = new CKKSEncoder(context);
using Ciphertext encryptedResult = new Ciphertext();
encryptedResult.Load(context, dataStream);
using Plaintext plainResult = new Plaintext();
decryptor.Decrypt(encryptedResult, plainResult);
List <double> result = new List <double>();
encoder.Decode(plainResult, result);
Utilities.PrintLine();
Console.WriteLine("Result: ");
Utilities.PrintVector(result, 3, 7);
}
/*
* Finally, we give a little bit more explanation of the structure of data
* serialized by Microsoft SEAL. Serialized data always starts with a 16-byte
* SEALHeader struct, as defined in dotnet/src/Serialization.cs, and is
* followed by the possibly compressed data for the object.
*
* A SEALHeader contains the following data:
*
* [offset 0] 2-byte magic number 0xA15E (Serialization.SEALMagic)
* [offset 2] 1-byte indicating the header size in bytes (always 16)
* [offset 3] 1-byte indicating the Microsoft SEAL major version number
* [offset 4] 1-byte indicating the Microsoft SEAL minor version number
* [offset 5] 1-byte indicating the compression mode type
* [offset 6] 2-byte reserved field (unused)
* [offset 8] 8-byte size in bytes of the serialized data, including the header
*
* Currently Microsoft SEAL supports only little-endian systems.
*
* As an example, we demonstrate the SEALHeader created by saving a plaintext.
* Note that the SEALHeader is never compressed, so there is no need to specify
* the compression mode.
*/
using Plaintext pt = new Plaintext("1x^2 + 3");
MemoryStream stream = new MemoryStream();
long dataSize = pt.Save(stream);
/*
* Seek the stream head back to beginning of the stream.
*/
stream.Seek(0, SeekOrigin.Begin);
/*
* We can now load just the SEALHeader back from the stream as follows.
*/
Serialization.SEALHeader header = new Serialization.SEALHeader();
Serialization.LoadHeader(stream, header);
/*
* Now confirm that the size of data written to stream matches with what is
* indicated by the SEALHeader.
*/
Utilities.PrintLine();
Console.WriteLine($"Size written to stream: {dataSize} bytes");
Console.Write(" ");
Console.WriteLine($"Size indicated in SEALHeader: {header.Size} bytes");
Console.WriteLine();
}
