OpenFHE 源码解析：BinFHE 部分

本文主要是介绍OpenFHE 源码解析：BinFHE 部分，希望对大家解决编程问题提供一定的参考价值，需要的开发者们随着小编来一起学习吧！

参考文献：

1. [ABB+22] Al Badawi A, Bates J, Bergamaschi F, et al. Openfhe: Open-source fully homomorphic encryption library[C]//Proceedings of the 10th Workshop on Encrypted Computing & Applied Homomorphic Cryptography. 2022: 53-63.
2. openfheorg/openfhe-development
3. Welcome to OpenFHE’s documentation!
4. 编译 OpenFHE

param

class BinFHECryptoParams : public Serializable，描述 RGSW / RLWE 的参数

• BinFHECryptoParams(const std::shared_ptr<LWECryptoParams>& lweparams,const std::shared_ptr<RingGSWCryptoParams>& rgswparams);
  

  构造器，根据 LWE 和 RGSW 的参数去设置 BinFHE 的参数

• std::shared_ptr<LWECryptoParams> m_LWEParams{nullptr};	// shared pointer to an instance of LWECryptoParams
  std::shared_ptr<RingGSWCryptoParams> m_RGSWParams{nullptr};	// shared pointer to an instance of RGSWCryptoParams
  

  私有成员，分别存储：LWE 参数、RGSW 参数

context

class BinFHEContext : public Serializable，存储上下文信息

• void GenerateBinFHEContext(uint32_t n, uint32_t N, const NativeInteger& q, const NativeInteger& Q, double std,uint32_t baseKS, uint32_t baseG, uint32_t baseR, SecretKeyDist keyDist = UNIFORM_TERNARY,BINFHE_METHOD method = GINX, uint32_t numAutoKeys = 10);
  

  根据设置的参数，生成上下文

• std::shared_ptr<LWEEncryptionScheme> m_LWEscheme{nullptr};	// Shared pointer to the underlying additive LWE scheme
  std::shared_ptr<BinFHEScheme> m_binfhescheme{nullptr};	// Shared pointer to the underlying RingGSW/RLWE scheme
  

  私钥成员，记录了 LWE 以及 RGSW / RLWE 的参数和接口

• LWEPrivateKey KeyGen() const;
  LWEPublicKey PubKeyGen(ConstLWEPrivateKey& sk) const;
  

  生成 LWE 的私钥、公钥

• LWECiphertext Encrypt(ConstLWEPrivateKey& sk, LWEPlaintext m, BINFHE_OUTPUT output = BOOTSTRAPPED,LWEPlaintextModulus p = 4, const NativeInteger& mod = 0) const;
  void Decrypt(ConstLWEPrivateKey& sk, ConstLWECiphertext& ct, LWEPlaintext* result, LWEPlaintextModulus p = 4) const;
  

  LWE 的加密/解密

• LWEPrivateKey KeyGenN() const;
  LWESwitchingKey KeySwitchGen(ConstLWEPrivateKey& sk, ConstLWEPrivateKey& skN) const;
  

  生成 RLWE 私钥，以及从 $(Q,N)$-RLWE 到 $(q,n)$-LWE 的 KSK

• LWECiphertext SwitchCTtoqn(ConstLWESwitchingKey& ksk, ConstLWECiphertext& ct) const;
  

  执行从 $(Q,N)$-RLWE 到 $(q,n)$-LWE 的密钥切换

• void BTKeyGen(ConstLWEPrivateKey& sk, KEYGEN_MODE keygenMode = SYM_ENCRYPT);
  

  生成对应的 BK 并存储为数据成员，它的格式：

  typedef struct {// refreshing keyRingGSWACCKey BSkey;// switching keyLWESwitchingKey KSkey;// public keyLWEPublicKey Pkey;
  } RingGSWBTKey;
  

• GetPublicKey, GetSwitchKey, GetRefreshKey，获取 BK 中存储的三种密钥

• LWECiphertext Bootstrap(ConstLWECiphertext& ct) const;
  

  自举，包括 [DM15]、[CGGI16]、[LMK+23] 三种盲旋转算法

• LWECiphertext EvalBinGate(BINGATE gate, ConstLWECiphertext& ct1, ConstLWECiphertext& ct2) const;
  LWECiphertext EvalBinGate(BINGATE gate, const std::vector<LWECiphertext>& ctvector) const;
  LWECiphertext EvalNOT(ConstLWECiphertext& ct) const;
  LWECiphertext EvalConstant(bool value) const;
  

  前者计算 $2$ 扇入，后者计算 $3,4$ 扇入，支持的布尔门：OR, AND, NOR, NAND, XOR_FAST, XNOR_FAST, MAJORITY, AND3, OR3, AND4, OR4, CMUX, XOR, XNOR，以及 NOT 和 Constant

• std::vector<NativeInteger> GenerateLUTviaFunction(NativeInteger (*f)(NativeInteger m, NativeInteger p), NativeInteger p);
  

  根据任意函数 $f:{\mathbb{Z}}_p\to {\mathbb{Z}}_p$ 生成 LUT：设置 ${\Delta }_{in}={\Delta }_{out}=q/p$，其中 $p\le q\le 2N$ 都是二的幂次，令 $TV[i]={\Delta }_{out}\cdot f(\lfloor i/{\Delta }_{in}\rfloor ),i=0,1,\cdots ,q-1$

• LWECiphertext EvalFunc(ConstLWECiphertext& ct, const std::vector<NativeInteger>& LUT) const;
  

  [LMP22] 的 FDFB，它会自动检查 LUT 的性质（反循环、周期、任意）。

  • 如果是反循环的：简单执行一次 PBS 即可

  • 如果是 $q/2$-周期的：先执行 PBS 提取出符号位把它减去，再执行一次 PBS 完成函数计算

  • 如果是任意的：进一步要求 $q\le N$，强行提升 $1$-bit 模数，先执行 PBS 提取出符号位把它减去，再执行一次 PBS 完成函数计算，最后模切换回到 $q$ 上

• LWECiphertext EvalSign(ConstLWECiphertext& ct, bool schemeSwitch = false);
  

  [LMP22] 的高精度符号函数

• LWECiphertext EvalFloor(ConstLWECiphertext& ct, uint32_t roundbits = 0) const;
  std::vector<LWECiphertext> EvalDecomp(ConstLWECiphertext& ct);
  

  [LMP22] 的同态舍入、同态数字分解

constants

定义了一些参数选项，用于

enum BINFHE_PARAMSET {TOY,                // no securityMEDIUM,             // 108 bits of security for classical and 100 bits for quantumSTD128_LMKCDEY,     // Optimized for LMKCDEY (using Gaussian secrets) -// more than 128 bits of security for classical computer attacks -// optimize runtime by finding a non-power-of-two nSTD128_AP,          // Optimized for AP (has higher failure probability for GINX) -// more than 128 bits of security for classical computer attacks -// optimize runtime by finding a non-power-of-two nSTD128,             // more than 128 bits of security for classical computer attacks -// optimize runtime by finding a non-power-of-two nSTD192,             // more than 192 bits of security for classical computer attacks -// optimize runtime by finding a non-power-of-two nSTD256,             // more than 256 bits of security for classical computer attacks -// optimize runtime by finding a non-power-of-two nSTD128Q,            // more than 128 bits of security for quantum attacks -// optimize runtime by finding a non-power-of-two nSTD128Q_LMKCDEY,    // Optimized for LMKCDEY (using Gaussian secrets) -// more than 128 bits of security for quantum attacks -// optimize runtime by finding a non-power-of-two nSTD192Q,            // more than 192 bits of security for quantum attacks -// optimize runtime by finding a non-power-of-two nSTD256Q,            // more than 256 bits of security for quantum attacks -// optimize runtime by finding a non-power-of-two nSTD128_3,           // more than 128 bits of security for classical computer attacks -// optimize runtime by finding a non-power-of-two n for 3 binary inputsSTD128_3_LMKCDEY,   // Optimized for LMKCDEY (using Gaussian secrets) -// more than 128 bits of security for classical computer attacks -// optimize runtime by finding a non-power-of-two n for 3 binary inputsSTD128Q_3,          // more than 128 bits of security for quantum computer attacks -// optimize runtime by finding a non-power-of-two n for 3 binary inputsSTD128Q_3_LMKCDEY,  // Optimized for LMKCDEY (using Gaussian secrets) -// more than 128 bits of security for quantum computer attacks -// optimize runtime by finding a non-power-of-two n for 3 binary inputsSTD192Q_3,          // more than 192 bits of security for quantum computer attacks -// optimize runtime by finding a non-power-of-two n for 3 binary inputsSTD256Q_3,          // more than 256 bits of security for quantum computer attacks -// optimize runtime by finding a non-power-of-two n for 3 binary inputsSTD128_4,           // more than 128 bits of security for classical computer attacks -// optimize runtime by finding a non-power-of-two n for 4 binary inputsSTD128_4_LMKCDEY,   // Optimized for LMKCDEY (using Gaussian secrets) -// more than 128 bits of security for classical computer attacks -// optimize runtime by finding a non-power-of-two n for 4 binary inputsSTD128Q_4,          // more than 128 bits of security for quantum computer attacks -// optimize runtime by finding a non-power-of-two n for 4 binary inputsSTD128Q_4_LMKCDEY,  // Optimized for LMKCDEY (using Gaussian secrets) -// more than 128 bits of security for quantum computer attacks -// optimize runtime by finding a non-power-of-two n for 4 binary inputsSTD192Q_4,          // more than 192 bits of security for quantum computer attacks -// optimize runtime by finding a non-power-of-two n for 4 binary inputsSTD256Q_4,          // more than 256 bits of security for quantum computer attacks -// optimize runtime by finding a non-power-of-two n for 4 binary inputsSIGNED_MOD_TEST     // special parameter set for confirming the signed modular// reduction in the accumulator updates works correctly
};

具体的参数是：

constexpr double STD_DEV = 3.19;
const std::unordered_map<BINFHE_PARAMSET, BinFHEContextParams> paramsMap({
//               numberBits|cyclOrder|latticeParam|  mod|   modKS|  stdDev| baseKS| gadgetBase| baseRK| numAutoKeys| keyDist
{ TOY,               { 27,     1024,          64,  512,   PRIME, STD_DEV,     25,    1 <<  9,  23,     9,  UNIFORM_TERNARY} },
{ MEDIUM,            { 28,     2048,         422, 1024, 1 << 14, STD_DEV, 1 << 7,    1 << 10,  32,    10,  UNIFORM_TERNARY} },
{ STD128_LMKCDEY,    { 28,     2048,         446, 1024, 1 << 13, STD_DEV, 1 << 5,    1 << 10,  32,    10,  GAUSSIAN       } },
{ STD128_AP,         { 27,     2048,         503, 1024, 1 << 14, STD_DEV, 1 << 5,    1 <<  9,  32,    10,  UNIFORM_TERNARY} },
{ STD128,            { 27,     2048,         503, 1024, 1 << 14, STD_DEV, 1 << 5,    1 <<  9,  32,    10,  UNIFORM_TERNARY} },
{ STD192,            { 37,     4096,         805, 1024, 1 << 15, STD_DEV,     32,    1 << 13,  32,    10,  UNIFORM_TERNARY} },
{ STD256,            { 29,     4096,         990, 2048, 1 << 14, STD_DEV, 1 << 7,    1 <<  8,  46,    10,  UNIFORM_TERNARY} },
{ STD128Q,           { 25,     2048,         534, 1024, 1 << 14, STD_DEV,     32,    1 <<  7,  32,    10,  UNIFORM_TERNARY} },
{ STD128Q_LMKCDEY,   { 27,     2048,         448, 1024, 1 << 13, STD_DEV,     32,    1 <<  9,  32,    10,  GAUSSIAN       } },
{ STD192Q,           { 35,     4096,         875, 1024, 1 << 15, STD_DEV,     32,    1 << 12,  32,    10,  UNIFORM_TERNARY} },
{ STD256Q,           { 27,     4096,        1225, 1024, 1 << 16, STD_DEV,     16,    1 <<  7,  32,    10,  UNIFORM_TERNARY} },
{ STD128_3,          { 27,     2048,         541, 1024, 1 << 15, STD_DEV,     32,    1 <<  7,  32,    10,  UNIFORM_TERNARY} },
{ STD128_3_LMKCDEY,  { 28,     2048,         485, 1024, 1 << 15, STD_DEV,     32,    1 << 10,  32,    10,  GAUSSIAN       } },
{ STD128Q_3,         { 50,     4096,         575, 2048, 1 << 15, STD_DEV,     32,    1 << 25,  32,    10,  UNIFORM_TERNARY} },
{ STD128Q_3_LMKCDEY, { 27,     2048,         524, 1024, 1 << 15, STD_DEV,     32,    1 <<  9,  32,    10,  GAUSSIAN       } },
{ STD192Q_3,         { 34,     4096,         922, 2048, 1 << 16, STD_DEV,     16,    1 << 12,  32,    10,  UNIFORM_TERNARY} },
{ STD256Q_3,         { 27,     4096,        1400, 4096, 1 << 16, STD_DEV,     21,    1 <<  6,  32,    10,  UNIFORM_TERNARY} },
{ STD128_4,          { 27,     2048,         541, 2048, 1 << 15, STD_DEV,     32,    1 <<  7,  32,    10,  UNIFORM_TERNARY} },
{ STD128_4_LMKCDEY,  { 28,     2048,         522, 2048, 1 << 15, STD_DEV,     32,    1 << 10,  32,    10,  GAUSSIAN       } },
{ STD128Q_4,         { 50,     4096,         647, 2048, 1 << 16, STD_DEV,     16,    1 << 25,  32,    10,  UNIFORM_TERNARY} },
{ STD128Q_4_LMKCDEY, { 27,     2048,         524, 2048, 1 << 15, STD_DEV,     32,    1 <<  7,  32,    10,  GAUSSIAN       } },
{ STD192Q_4,         { 34,     4096,         980, 2048, 1 << 17, STD_DEV,     16,    1 << 12,  32,    10,  UNIFORM_TERNARY} },
{ STD256Q_4,         { 27,     4096,        1625, 4096, 1 << 21, STD_DEV,     16,    1 <<  6,  32,    10,  UNIFORM_TERNARY} },
{ SIGNED_MOD_TEST,   { 28,     2048,         512, 1024,   PRIME, STD_DEV,     25,    1 <<  7,  23,    10,  UNIFORM_TERNARY} },
});

BinFHE

class BinFHEScheme，实现了 TFHE / FHEW 方案

• explicit BinFHEScheme(BINFHE_METHOD method);
  

  构造器，自举方法有三种：

  enum BINFHE_METHOD {INVALID_METHOD = 0,AP,       // Ducas-Micciancio variantGINX,     // Chillotti-Gama-Georgieva-Izabachene variantLMKCDEY,  // Lee-Micciancio-Kim-Choi-Deryabin-Eom-Yoo variant, ia.cr/2022/198
  };
  

• RingGSWBTKey KeyGen(const std::shared_ptr<BinFHECryptoParams>& params, ConstLWEPrivateKey& LWEsk,KEYGEN_MODE keygenMode) const;
  

  根据 LWE 和 RGSW 的参数，以及 LWE 私钥，生成对应的自举密钥

• Bootstrap, EvalBinGate, EvalNOT, EvalFunc, EvalFloor, EvalSign, EvalDecomp，执行 BTS / PBS / FDFB

• BootstrapGateCore, BootstrapFuncCore, BootstrapFunc，私有接口，最底层的自举实现

• static uint32_t checkInputFunction(const std::vector<NativeInteger>& lut, NativeInteger mod);
  

  判断 LUT 的性质：反循环（0），周期（1），任意（2）

LWE

param

class LWECryptoParams : public Serializable，描述 LWE 的参数

• explicit LWECryptoParams(uint32_t n, uint32_t N, const NativeInteger& q, const NativeInteger& Q,const NativeInteger& q_KS, double std, uint32_t baseKS,SecretKeyDist keyDist = UNIFORM_TERNARY)
  

  构造器

• NativeInteger m_q{};	// modulus for the additive LWE scheme
  NativeInteger m_Q{};	// modulus for the RingGSW/RingLWE scheme
  NativeInteger m_qKS{};	// modulus for key-switching
  uint32_t m_n{};	// lattice parameter for the additive LWE scheme
  uint32_t m_N{};	// ring dimension for RingGSW/RingLWE scheme
  uint32_t m_baseKS{};	// Base used in key switching
  SecretKeyDist m_keyDist{SecretKeyDist::UNIFORM_TERNARY};	// Secret key distribution: GAUSSIAN, UNIFORM_TERNARY, etc.
  DiscreteGaussianGeneratorImpl<NativeVector> m_dgg;	// Error distribution generator
  DiscreteGaussianGeneratorImpl<NativeVector> m_ks_dgg;	// Error distribution generator for key switching
  

  私有属性：三个密文模数（$q\le q_{KS}\le Q$），两个维度（$n$ 任意，$N$ 是二的幂次），数字分解基，私钥分布，噪声采样器

PKE

class LWEEncryptionScheme，定义了 LWE 加密方案

• LWEPrivateKey KeyGen(usint size, const NativeInteger& modulus) const;
  

  生成 $(q,n)$-LWE 的私钥（用于加密数据）

• LWEKeyPair KeyGenPair(const std::shared_ptr<LWECryptoParams>& params) const;
  

  生成 $(Q,N)$-LWE 的公私钥（用于自举）

• LWECiphertext Encrypt(const std::shared_ptr<LWECryptoParams>& params, ConstLWEPrivateKey& sk, LWEPlaintext m,LWEPlaintextModulus p = 4, NativeInteger mod = 0) const;
  LWECiphertext EncryptN(const std::shared_ptr<LWECryptoParams>& params, ConstLWEPublicKey& pk, LWEPlaintext m,LWEPlaintextModulus p = 4, NativeInteger mod = 0) const;
  

  对称加密、公钥加密

• LWECiphertext NoiselessEmbedding(const std::shared_ptr<LWECryptoParams>& params, LWEPlaintext m) const;
  

  无噪声的密文

• EvalAddEq, EvalAddConstEq, EvalSubEq, EvalSubEq2, valMultConstEq，线性同态

• LWECiphertext ModSwitch(NativeInteger q, ConstLWECiphertext& ctQ) const;
  

  模切换，从 $Q$ 到 $q$（除法 + 舍入）

• LWESwitchingKey KeySwitchGen(const std::shared_ptr<LWECryptoParams>& params, ConstLWEPrivateKey& sk,ConstLWEPrivateKey& skN) const;
  LWECiphertext KeySwitch(const std::shared_ptr<LWECryptoParams>& params, ConstLWESwitchingKey& K,ConstLWECiphertext& ctQN) const;
  

  密钥切换，从 $N$ 到 $n$，使用 BV-type KS 过程， 机器字的 Digit-decomposition（不必使用 RNS）

ciphertext

class LWECiphertextImpl : public Serializable，密文格式

• LWECiphertextImpl(const NativeVector& a, const NativeInteger& b);
  

  构造器

• NativeVector m_a{};
  NativeInteger m_b{};
  NativeInteger m_p = 4;  // pt modulus
  

  私有成员，存储数据

• GetA, GetB, SetA, SetB，密文的读写

priv-key

class LWEPrivateKeyImpl : public Serializable，私钥的结构

• NativeVector m_s{};
  

  私有成员，存储私钥向量

pub-key

class LWEPublicKeyImpl : public Serializable，公钥的结构

• std::vector<NativeVector> m_A;
  NativeVector m_v;
  

  私有成员，零消息的若干个 LWE 密文

KSK

class LWESwitchingKeyImpl : public Serializable，密钥切换密钥的结构

• std::vector<std::vector<std::vector<NativeVector>>> m_keyA;
  std::vector<std::vector<std::vector<NativeInteger>>> m_keyB;
  

  私有成员，私钥的 Powers-of-base 的若干个 LWE 密文

RGSW

param

class RingGSWCryptoParams : public Serializable，描述 RGSW / RLWE 的参数

• explicit RingGSWCryptoParams(uint32_t N, NativeInteger Q, NativeInteger q, uint32_t baseG, uint32_t baseR,BINFHE_METHOD method, double std, SecretKeyDist keyDist = UNIFORM_TERNARY,bool signEval = false, uint32_t numAutoKeys = 10);
  

  构造器

• void RingGSWCryptoParams::PreCompute(bool signEval);
  

  预计算：Powers-of-base（AP-type 的分解 $B_R^i$、RGSW 的分解 $B_G^j$），gate-constants（布尔门的 PBS 用到），多项式 $NTT(X^k-1)$（GINX-type 中的 CMux）

eval-key

class RingGSWEvalKeyImpl : public Serializable，定义了 Eval-Key（使用 RLWE 加密某个单项式 $c_i{X}^i$ 及其和私钥乘积 $c_i{X}^i\cdot s{k}_N$ 的 Powers-of-base，组成一个 RGSW 密文）

• std::vector<std::vector<NativePoly>> m_elements;
  

  私有成员，存储了单个 RGSW 密文（分解 + 内积 = 强线性同态）

• explicit RingGSWEvalKeyImpl(const std::vector<std::vector<NativePoly>>& elements);
  

  构造器

• void SetFormat(const Format format);
  

  实现 m_elements 的 NTT/INTT 转换，其中 enum Format { EVALUATION = 0, COEFFICIENT = 1 };

acc-key

class RingGSWACCKeyImpl : public Serializable，定义了 ACC-Key（使用 GSW 加密许多的单项式组成自举密钥，[DM15] 加密 $X^{s_{i}v{B}_R^j}$，[CGGI16] 加密 $s_i^{(u)}$，[LMK+23] 加密 $X^{s_i}$）

• std::vector<std::vector<std::vector<RingGSWEvalKey>>> m_key;
  

  RingGSWEvalKey（RGSW 密文）的三维数组（FHEW 分别枚举 $s_i,i=1,\cdots ,n$ 和 $v=1,\cdots ,B_R-1$ 以及 $B_R^j,j=0,1,\cdots ,\lfloor \log q\rfloor$）

• explicit RingGSWACCKeyImpl(const std::vector<std::vector<std::vector<RingGSWEvalKey>>>& key);
  

  构造器

ACC

class RingGSWAccumulator，定义了盲旋转的接口

• virtual RingGSWACCKey KeyGenAcc(const std::shared_ptr<RingGSWCryptoParams>& params, const NativePoly& skNTT,ConstLWEPrivateKey& LWEsk) const;
  

  生成自举密钥，虚拟的

• virtual void EvalAcc(const std::shared_ptr<RingGSWCryptoParams>& params, ConstRingGSWACCKey& ek,RLWECiphertext& acc, const NativeVector& a) const;
  

  执行盲旋转，虚拟的

• void SignedDigitDecompose(const std::shared_ptr<RingGSWCryptoParams>& params, const const NativePoly& inputstd::vector<NativePoly>& output) const;
  

  将环元素做 approximate gadget decomposition，用于 RGSW 同态乘法。对于系数 $c\in [-q/2,q/2)$，首先把 $[c{]}_B$ 删除（这是干嘛？），然后对 $(c-[c{]}_B)/B$ 执行 $B$-进制数字分解。

DM

class RingGSWAccumulatorDM final : public RingGSWAccumulator，实现了 [DM15] 的盲旋转算法

• RingGSWACCKey KeyGenAcc(const std::shared_ptr<RingGSWCryptoParams>& params, const NativePoly& skNTT,ConstLWEPrivateKey& LWEsk) const override;
  

  生成自举密钥，形如 $RGSW(X^{s_{i}v{B}_R^j})$，其中 $v\in [B_R]$

• void EvalAcc(const std::shared_ptr<RingGSWCryptoParams>& params, ConstRingGSWACCKey& ek, RLWECiphertext& acc,const NativeVector& a) const override;
  

  执行盲旋转（数字分解 + 子集和）

CGGI

class RingGSWAccumulatorCGGI final : public RingGSWAccumulator，实现了 [CGGI16] 的盲旋转算法

• RingGSWACCKey KeyGenAcc(const std::shared_ptr<RingGSWCryptoParams>& params, const NativePoly& skNTT,ConstLWEPrivateKey& LWEsk) const override;
  

  生成自举密钥，仅支持 ternary secrets，选取 U = { 1 , − 1 } U=\{1,-1\} U={1,−1}，形如 $RGSW(s_i^{(u)})$，满足 $s_i=s_i^{(1)}-s_i^{(-1)}$

• void EvalAcc(const std::shared_ptr<RingGSWCryptoParams>& params, ConstRingGSWACCKey& ek, RLWECiphertext& acc,const NativeVector& a) const override;
  

  执行盲旋转（CMux-based OBDD），分别关于 $s_i^{(1)},s_i^{(1)}$ 执行外积，并没有合并

LMK+

class RingGSWAccumulatorLMKCDEY final : public RingGSWAccumulator，实现了 [LMK+23] 的盲旋转算法

• RingGSWACCKey KeyGenAcc(const std::shared_ptr<RingGSWCryptoParams>& params, const NativePoly& skNTT,ConstLWEPrivateKey& LWEsk) const override;
  

  生成自举密钥，一部分形如 $RGSW(X^{s_i})$，另一部分形如 $RGSW(s{k}_N(X^{-g}))$ 以及 $RGSW(s{k}_N(X^{g^i}))$，其中 $i=1,2,\cdots ,w$，窗口大小 $w$

• void EvalAcc(const std::shared_ptr<RingGSWCryptoParams>& params, ConstRingGSWACCKey& ek, RLWECiphertext& acc,const NativeVector& a) const override;
  

  执行盲旋转（Galois 自同构）

这篇关于OpenFHE 源码解析：BinFHE 部分的文章就介绍到这儿，希望我们推荐的文章对编程师们有所帮助！

---