repo-sync-2023-11-28T19:05:47+0800 (#107)

secretflow · Nov 28, 2023 · cac7efa · cac7efa
1 parent 80f3ea2
commit cac7efa
Show file tree

Hide file tree

Showing 25 changed files with 382 additions and 172 deletions.
diff --git a/CHANGELOGS.md b/CHANGELOGS.md
@@ -15,17 +15,16 @@
 - [Feature] Add ic-paillier that meets CAICT interconnection standards
 - [Optimize] Optimize vectorized spi in mat mul
 - [Add] Add test case Mul in NpBenchmarks
+- [Add] New api: Create HeKit by pre-generated pk ans sk
 
 ## [0.4.4]
 
 - [Feature] Add EC ElGamal cryptosystem
 
 ## [0.4.3]
 
-- [Feature] New api: TreePredictWithIndices support prediction with non-complete
-  trees.
-- [Feature] New api: Add range check for OU on decryption to block plaintext
-  overflow attack
+- [Feature] New api: TreePredictWithIndices support prediction with non-complete trees.
+- [Feature] New api: Add range check for OU on decryption to block plaintext overflow attack
 - [Bugfix] Code improve: Make tree pred with indices safer and faster.
 - [other] Update libtommath to head version
 
@@ -36,27 +35,24 @@
 
 ## [0.4.1]
 
-- [Feature] New api: PMatrix/CMatrix add FeatureWiseBucketSum api for better
-  performance
+- [Feature] New api: PMatrix/CMatrix add FeatureWiseBucketSum api for better performance
 - [Feature] New api: pylib extension add TreePredict api for performance
 - [Optimize] Optimize CI.
 
 ## [0.4.0]
 
 - [Feature] Add Okamoto–Uchiyama cryptosystem
-- [Feature] New api: PMatrix/CMatrix add BatchSelectSum api for better
-  performance
+- [Feature] New api: PMatrix/CMatrix add BatchSelectSum api for better performance
 - [Docs] Add docs to help users choose algorithms
-- [Break change] Split BatchEncoder into BatchIntegerEncoder and
-  BatchFloatEncoder. Please see upgrade guide doc for details.
+- [Break change] Split BatchEncoder into BatchIntegerEncoder and BatchFloatEncoder. Please see
+  upgrade guide doc for details.
 
 ## [0.3.2]
 
 - [Optimize] MPInt serialize is 81x faster and deserialize is 53x faster.
 - [Feature] Add benchmark for numpy api
-- [Feature/experimental] Add a new PHE algorithm implementation - IPCL. IPCL has
-  very good performance on Intel AVX512-IFMA cpu instruction set and/or Intel
-  QAT accelerator
+- [Feature/experimental] Add a new PHE algorithm implementation - IPCL. IPCL has very good
+  performance on Intel AVX512-IFMA cpu instruction set and/or Intel QAT accelerator
 
 ## [0.3.1]
 
@@ -68,9 +64,9 @@
 - HEU supports a variety of big integer arithmetic libraries now
 - PHE algorithms: Add vectorized SPI support
 - add phe.parse_schema_type() to parse string to phe.SchemaType
-- [Break change] When creating an Encoder instance, you need to pass in schema
-  information, because different schemas may be based on completely different
-  integer operation libraries. Please see upgrade guide doc for details.
+- [Break change] When creating an Encoder instance, you need to pass in schema information, because
+  different schemas may be based on completely different integer operation libraries. Please see
+  upgrade guide doc for details.
 
 ## [0.2.0]
 
@@ -84,11 +80,9 @@
 
 ## [0.1.1]
 
-- [Break change] The encoder was divided into two types: IntegerEncoder and
-  FloatEncoder
+- [Break change] The encoder was divided into two types: IntegerEncoder and FloatEncoder
 - Add two new encoder type: phe.BigintEncoder and phe.BatchEncoder
-- Python lib: add numpy-like APIs, most of which have been implemented in a
-  parallelized way
+- Python lib: add numpy-like APIs, most of which have been implemented in a parallelized way
 - C++ lib: add support for matrix operations
 
 ## [0.1.0]
@@ -99,10 +93,8 @@
 
 ## [0.0.6]
 
-- phe.encryptor.encrypt_raw() and phe.decryptor.decrypt_raw() support high
-  precision integers
-- phe.Plaintext supports conversion to and from arbitrary precision python
-  integers
+- phe.encryptor.encrypt_raw() and phe.decryptor.decrypt_raw() support high precision integers
+- phe.Plaintext supports conversion to and from arbitrary precision python integers
 - Improve the security of paillier
 
 ## [0.0.5]
@@ -119,5 +111,4 @@
 
 ## [0.0.3]
 
-- Implement an efficient PHE library and provide easy-to-use C++, Python
-  interfaces
+- Implement an efficient PHE library and provide easy-to-use C++, Python interfaces
diff --git a/README.md b/README.md
@@ -3,64 +3,83 @@
 [![CircleCI](https://dl.circleci.com/status-badge/img/gh/secretflow/heu/tree/main.svg?style=svg)](https://dl.circleci.com/status-badge/redirect/gh/secretflow/heu/tree/main)
 ![PyPI version](https://img.shields.io/pypi/v/sf-heu)
 
-Homomorphic Encryption processing Unit (HEU) is a subproject of Secretflow that
-implements high-performance homomorphic encryption algorithms.
+[中文](README_cn.md)
 
-The purpose of HEU is to lower the threshold for the use of homomorphic
-encryption, so that users can use homomorphic encryption algorithms to build
-privacy-preserving applications without professional cryptography knowledge.
+HEU (Homomorphic Encryption processing Unit) is a user-friendly and high-performance homomorphic
+encryption library that supports multiple types and scalable hardware acceleration.
 
-## Documentation
+## document
 
 https://www.secretflow.org.cn/docs/heu/
 
-## Background
+## Repo status
 
-This project consists of two parts:
+Homomorphic encryption algorithms are mainly divided into two categories: partially homomorphic
+encryption (PHE) and fully homomorphic encryption (FHE). Currently, HEU supports most PHE
+algorithms, while FHE is still under development and will take some time.
 
-HE Library (currently implemented): This project can be used as a
-high-performance and complete homomorphic encryption library, which integrates
-almost all homomorphic encryption algorithms in the industry. At the same time,
-HEU encapsulates each algorithm and provides a uniform interface. You can switch
-between different HE algorithms at any time without modifying business code.
+Supported algorithms:
 
-HE device (in work): As a component of Secretflow, HEU abstracts the homomorphic
-encryption algorithms into a programmable device, making it easy for users to
-flexibly build applications using the homomorphic encryption technology without
-professional knowledge. HEU (device) aims to build a complete computing solution
-through HE, that is, based on HE, any type of computing can be completed.
-Compared with PPU, HEU's computation is purely local without any network
-communication, so HEU and PPU are complementary
+- Additive homomorphic encryption
+    - Paillier (recommended)
+    - Okamoto–Uchiyama (recommended)
+    - EC ElGamal
+    - Damgard-Jurik
+    - Damgard-Geisler-Krøigaard (DGK)
+- Fully homomorphic encryption
+    - Under development and is the current focus of work.
 
-Depending on the computing power, HEU has 4 working modes:
+Each algorithm includes a variety of different implementations, and some implementations support
+hardware accelerators. For more details, please refer to
+the [Document](https://www.secretflow.org.cn/docs/heu/latest/zh-Hans/getting_started/algo_choice )
 
-| working mode          | Supported calculation types               | Number of calculations | HE algorithms  | Calculating speed  | Ciphertext size     |
-|-----------------------|-------------------------------------------|------------------------|----------------|--------------------|---------------------|
-| PHEU                  | addition                                  | Unlimited              | Paillier, OU   | Fast               | Small               |
-| LHEU                  | addition, multiplication                  | Limited                | BGV, CKKS      | Fast (packed mode) | Least (packed mode) |
-| FHEU (low precision)  | addition, mux, LUT                        | Unlimited              | TFHE (Torus)   | Fastest            | Large               |
-| FHEU (high precision) | addition, multiplication, comparison, mux | Unlimited              | TFHE (Bitwise) | Very slow          | Largest             |
+## Compile and install
 
-## Repo status
+### Environmental requirements
+
+- CPU
+    - x86_64: minimum required AVX instruction set
+    - AArch64: ARMv8
+- OS
+    - Ubuntu 18.04+
+    - Centos 7
+    - macOS 11.1+ (macOS Big Sur+)
+- Python
+    - Python 3.8+
 
-PHE has been basically developed, LHE and FHE are under development
+### Install via Pip
 
-## Build & UnitTest
+```shell
+pip install sf-heu
+```
 
-Build all
+### Install from source
 
+The following command will automatically compile and install HEU into the default Python
+environment:
 
 ```shell
-# build all
-bazel build heu/...
+git clone [email protected]:secretflow/heu.git
+cd heu
+sh build_wheel_entrypoint.sh
 
-# test all (optional)
-bazel test heu/...
 ```
 
-Build python lib
+### Run unit tests (optional)
+
+
+
+
 
 ```shell
-# build and install python library
-sh build_wheel_entrypoint.sh
+# just compile, do not run any UT (optional)
+bazel build heu/...
+
+# compile and run all UTs
+bazel test heu/...
 ```
+
+## Contribution Guidelines
+
+SecretFlow is an open and inclusive community, and we welcome any kind of contribution. If you want
+to improve HEU, please refer to [Contribution Guide](CONTRIBUTING.md)
diff --git a/README_cn.md b/README_cn.md
@@ -0,0 +1,77 @@
+# HEU
+
+[![CircleCI](https://dl.circleci.com/status-badge/img/gh/secretflow/heu/tree/main.svg?style=svg)](https://dl.circleci.com/status-badge/redirect/gh/secretflow/heu/tree/main)
+![PyPI version](https://img.shields.io/pypi/v/sf-heu)
+
+HEU（Homomorphic Encryption processing Unit）是一个低门槛、高性能的同态加密库，支持多类型、可扩展的硬件加速生态。
+
+## 文档
+
+https://www.secretflow.org.cn/docs/heu/
+
+## 开发状态
+
+同态加密算法主要分为半同态（PHE）和全同态（FHE）两大类，目前 HEU 已支持大部分 PHE 算法，而 FHE 仍需要一段时间的开发
+
+支持的算法：
+
+- 加法同态加密
+    - Paillier （推荐）
+    - Okamoto–Uchiyama （推荐）
+    - EC ElGamal
+    - Damgard-Jurik
+    - Damgard-Geisler-Krøigaard (DGK)
+- 全同态加密
+    - 正在开发中，并且是当前 HEU 的工作重心
+
+其中每一类算法又包含多种不同的实现，部分实现支持硬件加速器，详见[文档](https://www.secretflow.org.cn/docs/heu/latest/zh-Hans/getting_started/algo_choice)
+
+## 编译和安装
+
+### 环境要求
+
+- CPU
+    - x86_64: 至少支持 AVX 指令集
+    - AArch64: ARMv8
+- OS
+    - Ubuntu 18.04+
+    - Centos 7
+    - macOS 11.1+ (macOS Big Sur+)
+- Python
+    - Python 3.8+
+
+### 通过 Pip 安装
+
+```shell
+pip install sf-heu
+```
+
+### 从源码安装
+
+以下命令将自动编译并安装 HEU 到默认 Python 环境：
+
+```shell
+git clone [email protected]:secretflow/heu.git
+cd heu
+sh build_wheel_entrypoint.sh
+
+```
+
+### 运行单元测试（可选）
+
+
+
+
+
+```shell
+# just compile, do not run any UT (optional)
+bazel build heu/...
+
+# compile and run all UTs
+bazel test heu/...
+```
+
+## 贡献指南
+
+隐语是一个非常包容和开放的社区，我们欢迎任何形式的贡献，如果您想要改进
+HEU，请参考[贡献指南](CONTRIBUTING.md)
diff --git a/heu/library/algorithms/ou/decryptor.cc b/heu/library/algorithms/ou/decryptor.cc
@@ -22,6 +22,13 @@ namespace heu::lib::algorithms::ou {
   HE_ASSERT(!(ct).c_.IsNegative() && (ct).c_ < pk_.n_, \
             "Decryptor: Invalid ciphertext")
 
+Decryptor::Decryptor(PublicKey pk, SecretKey sk)
+    : pk_(std::move(pk)), sk_(std::move(sk)) {
+  YACL_ENFORCE(sk_.p2_ * sk_.q_ == pk_.n_,
+               "pk and sk are not paired, {}^2 * {} != {}", sk_.p_, sk_.q_,
+               pk_.n_);
+}
+
 void Decryptor::Decrypt(const Ciphertext& ct, MPInt* out) const {
   VALIDATE(ct);
 

diff --git a/heu/library/algorithms/ou/decryptor.h b/heu/library/algorithms/ou/decryptor.h
@@ -24,8 +24,7 @@ namespace heu::lib::algorithms::ou {
 
 class Decryptor {
  public:
-  explicit Decryptor(PublicKey pk, SecretKey sk)
-      : pk_(std::move(pk)), sk_(std::move(sk)) {}
+  explicit Decryptor(PublicKey pk, SecretKey sk);
 
   void Decrypt(const Ciphertext& ct, MPInt* out) const;
   [[nodiscard]] MPInt Decrypt(const Ciphertext& ct) const;

diff --git a/heu/library/algorithms/paillier_zahlen/decryptor.cc b/heu/library/algorithms/paillier_zahlen/decryptor.cc
@@ -22,6 +22,13 @@ namespace heu::lib::algorithms::paillier_z {
   HE_ASSERT(!(ct).c_.IsNegative() && (ct).c_ < pk_.n_square_, \
             "Decryptor: Invalid ciphertext")
 
+Decryptor::Decryptor(PublicKey pk, SecretKey sk)
+    : pk_(std::move(pk)), sk_(std::move(sk)) {
+  YACL_ENFORCE(sk_.p_ * sk_.q_ == pk_.n_,
+               "pk and sk are not paired, {} * {} != {}", sk_.p_, sk_.q_,
+               pk_.n_);
+}
+
 void Decryptor::Decrypt(const Ciphertext& ct, MPInt* out) const {
   VALIDATE(ct);
 

diff --git a/heu/library/algorithms/paillier_zahlen/decryptor.h b/heu/library/algorithms/paillier_zahlen/decryptor.h
@@ -24,8 +24,7 @@ namespace heu::lib::algorithms::paillier_z {
 
 class Decryptor {
  public:
-  explicit Decryptor(PublicKey pk, SecretKey sk)
-      : pk_(std::move(pk)), sk_(std::move(sk)) {}
+  explicit Decryptor(PublicKey pk, SecretKey sk);
 
   void Decrypt(const Ciphertext& ct, MPInt* out) const;
   MPInt Decrypt(const Ciphertext& ct) const;

diff --git a/heu/library/numpy/eigen_traits.h b/heu/library/numpy/eigen_traits.h
@@ -34,6 +34,8 @@ struct NumTraits<Plaintext> : GenericNumTraits<Plaintext> {
 
   //  static inline Real epsilon() { return Real(0); }
   //  static inline Real dummy_precision() { return Real(0); }
+  static inline int digits() { return 0; }
+
   static inline int digits10() { return 0; }
 
   enum {
@@ -53,10 +55,12 @@ struct NumTraits<Ciphertext> : GenericNumTraits<Ciphertext> {
   typedef Ciphertext NonInteger;
   typedef Ciphertext Nested;
 
-  static inline int digits10() { return 0; }
+  static inline int digits() { return 32; }
+
+  static inline int digits10() { return 32; }
 
   enum {
-    IsInteger = 0,
+    IsInteger = 1,  // 0 means floating point
     IsSigned = 0,
     IsComplex = 0,
     RequireInitialization = 1,

diff --git a/heu/library/numpy/test/numpy_test.cc b/heu/library/numpy/test/numpy_test.cc
@@ -175,8 +175,8 @@ TEST_F(NumpyTest, BinSumWorks) {
                          {0, 0, 2, 2, 3, 3, 0, 3, 2, 2}});
   auto bucket_num = 5;
   auto sum = he_kit_.GetEvaluator()->FeatureWiseBucketSum(
-      m.GetItem(subgroup_indices, Eigen::all),
-      order_map(subgroup_indices, Eigen::all), bucket_num)(2, 0);
+      m.GetItem(subgroup_indices, Eigen::placeholders::all),
+      order_map(subgroup_indices, Eigen::placeholders::all), bucket_num)(2, 0);
   EXPECT_EQ(sum.GetValue<int64_t>(), 4);
 }