MOSFHET is a research-oriented highly-optimized implementation of TFHE. It includes the main techniques proposed so far for improving performance or error rate in TFHE. The library is fully portable with optional optimizations for Intel AVX2, FMA, AVX-512, and VAES.
@article{guimaraes_mosfhet_2024,
title = {{MOSFHET}: {Optimized} {Software} for {FHE} over the {Torus}},
issn = {2190-8516},
url = {https://doi.org/10.1007/s13389-024-00359-z},
doi = {10.1007/s13389-024-00359-z},
journal = {Journal of Cryptographic Engineering},
author = {Guimarães, Antonio and Borin, Edson and Aranha, Diego F.},
month = jul,
year = {2024},
}
-
The Functional [1] or Programmable [2] Bootstrap and its improved version [3].
-
The Full TRGSW bootstrap.
-
Three different approaches [3,12,13] for evaluating the Full-Domain Functional Bootstrap (FDFB).
-
Public Key compression using randomness seed [14].
-
BFV-like multiplication [3].
-
Bootstrap using Galois Automorphism [15], adapted to TFHE and optimized for an all-odd case.
For more details, see our paper. It considers the initial commit (0d58320559) of the library in this repository.
By default, we use the AVX-512 version of SPQLIOS for fast polynomial arithmetic. It requires AVX-512 support. You can use the option FFT_LIB to specify other libraries, and the option A_PRNG to choose the PRNG used to generate/expand a (options are: shake, vaes, xoshiro, and no).
Default compilation (using AVX-512 SPQLIOS):
make
AVX2/FMA build (without AVX512 or VAES):
make FFT_LIB=spqlios A_PRNG=none ENABLE_VAES=false
AVX2/FMA build (without AVX512 or VAES) with Xoshiro:
make FFT_LIB=spqlios A_PRNG=xoshiro ENABLE_VAES=false
FFNT library (pure-C, fully portable):
make FFT_LIB=ffnt A_PRNG=none ENABLE_VAES=false
For other compiling options, see the Makefile and Makefile.def.
There are two main ways of using MOSFHET:
- The most efficient is to compile your code and MOSFHET together. We do that for our benchmark.c and tests.c files, and for the examples in the applications folder. See the Makefile in our basic template for building an application.
- Dynamic or Static Link. After compiling MOSFHET as a library, you can dynamically/statically link it with your code. See MOSFHET_MCA for an example. Please note that this should add significant performance overhead (as function inlining is disabled for almost the entire library.)
For examples on how to use MOSFHET, see our unit tests file and the applications folder.
We provide a set of unit tests and a simple benchmark file for the library. They use parameters hard-coded at the beginning of each file. The default parameters are high memory consuming (they are the same as TFHEpp Level 2). The parameters can be reduced in exchange for performance (especially for the Key Switching) or error rate.
To run the unit tests (It is expected for many of the tests to fail depending on the parameters):
make test -B
make test FFT_LIB=spqlios -B
make test FFT_LIB=ffnt -B
To run the benchmark:
make bench -B
make bench FFT_LIB=spqlios -B
make bench FFT_LIB=ffnt -B
This repository includes code from the following third party libraries:
- FFNT: MIT License, Copyright (c) 2021 Jakub Klemsa
- SPQLIOS: Apache License Version 2.0, Copyright 2016 - Nicolas Gama nicolas.gama@gmail.com et al.
- Unity Test: MIT License, Copyright (c) 2007-21 Mike Karlesky, Mark VanderVoord, Greg Williams
- FIPS202 from Kyber: Public Domain
- xoshiro / xoroshiro: Public Domain, David Blackman and Sebastiano Vigna (vigna@acm.org)
Additionally, our library may contain small code snippets, variable names, or implementation logic based on or adapted from:
- TFHE: Apache License Version 2.0, Copyright 2016 - Nicolas Gama nicolas.gama@gmail.com et al.
- TFHEpp: Apache License Version 2.0, Copyright 2019 Kotaro MATSUOKA
- dbush: CC BY-SA 4.0
- Lattigo: Apache License Version 2.0