Implementation of encryption and decryption

.github/workflows/ci-bench-changes.yml

@@ -52,7 +52,7 @@ jobs:
        run: |
          export RUSTFLAGS="-D warnings"
          echo "Warning: benchmark timings are unreliable in CI due to virtualization"
-         cargo bench --features benchmark -- 'match|mul|inv|keygen' --output-format bencher | tee output.txt
+         cargo bench --features benchmark -- 'match|mul|inv|keygen|enc|dec' --output-format bencher | tee output.txt
          echo "Warning: benchmark timings are unreliable in CI due to virtualization"
 
      # Download previous benchmark result from the most recent `main` branch cache (if any exists).

Cargo.toml

@@ -28,6 +28,7 @@ ark-ff = "0.4.2"
 ark-poly = "0.4.2"
 ark-std = "0.4.0"
 num-bigint = "0.4.4"
+num-traits = "0.2.19"
 
 bitvec = "1.0.1"
 itertools = "0.10.5"

eyelid-match-ops/Cargo.toml

@@ -28,6 +28,7 @@ itertools.workspace = true
 ark-ff.workspace = true
 ark-poly.workspace = true
 num-bigint.workspace = true
+num-traits.workspace = true
 
 bitvec.workspace = true
 

eyelid-match-ops/benches/match-ops.rs

@@ -25,7 +25,7 @@ use eyelid_match_ops::{
     },
     primitives::{
         poly::{self, test::gen::rand_poly, IrisBits, Poly, PolyConf, TestRes},
-        yashe::{self, Yashe},
+        yashe::{self, Ciphertext, Message, Yashe},
     },
 };
 
@@ -79,6 +79,22 @@ criterion_group! {
     targets = bench_keygen
 }
 
+criterion_group! {
+    name = bench_encryption;
+    // This can be any expression that returns a `Criterion` object.
+    config = Criterion::default().sample_size(10);
+    // List encryption implementations here.
+    targets = bench_enc
+}
+
+criterion_group! {
+    name = bench_decryption;
+    // This can be any expression that returns a `Criterion` object.
+    config = Criterion::default().sample_size(10);
+    // List decryption implementations here.
+    targets = bench_dec
+}
+
 // Iris-length polynomial benchmarks.
 // These benchmarks provide an upper bound for the performance of iris operations.
 // They also help us decide if we need smaller or larger polynomial sizes.
@@ -127,6 +143,8 @@ criterion_main!(
     bench_polynomial_modulus,
     bench_inverse,
     bench_key_generation,
+    bench_encryption,
+    bench_decryption,
     bench_cyclotomic_multiplication_iris,
 );
 
@@ -368,7 +386,7 @@ pub fn bench_inv(settings: &mut Criterion) {
 
     let ctx: Yashe<TestRes> = Yashe::new();
 
-    let p = ctx.sample_gaussian(&mut rng);
+    let p = ctx.sample_key(&mut rng);
 
     settings.bench_with_input(
         BenchmarkId::new("Inverse poly", SMALL_RANDOM_NAME),
@@ -395,7 +413,7 @@ pub fn bench_inv_iris(settings: &mut Criterion) {
 
     let ctx: Yashe<IrisBits> = Yashe::new();
 
-    let p = ctx.sample_gaussian(&mut rng);
+    let p = ctx.sample_gaussian(params.delta, &mut rng);
 
     settings.bench_with_input(
         BenchmarkId::new("Inverse full poly", SMALL_RANDOM_NAME),
@@ -429,6 +447,49 @@ pub fn bench_keygen(settings: &mut Criterion) {
     );
 }
 
+/// Run [`Yashe::enc()`] as a Criterion benchmark with random data.
+pub fn bench_enc(settings: &mut Criterion) {
+    // Setup parameters
+    let mut rng = rand::thread_rng();
+    let ctx: Yashe<TestRes> = Yashe::new();
+
+    let (_private_key, public_key) = ctx.keygen(&mut rng);
+    let m = ctx.sample_message(&mut rng);
+
+    settings.bench_with_input(
+        BenchmarkId::new("YASHE enc", SMALL_RANDOM_NAME),
+        &ctx,
+        |benchmark, ctx| {
+            // To avoid timing dropping the return value, we require it to be returned from the closure.
+            benchmark.iter_with_large_drop(|| -> Ciphertext<TestRes> {
+                ctx.encrypt(m.clone(), public_key.clone(), &mut rng)
+            })
+        },
+    );
+}
+
+/// Run [`Yashe::dec()`] as a Criterion benchmark with random data.
+pub fn bench_dec(settings: &mut Criterion) {
+    // Setup parameters
+    let mut rng = rand::thread_rng();
+    let ctx: Yashe<TestRes> = Yashe::new();
+
+    let (private_key, public_key) = ctx.keygen(&mut rng);
+    let m = ctx.sample_message(&mut rng);
+    let c = ctx.encrypt(m, public_key, &mut rng);
+
+    settings.bench_with_input(
+        BenchmarkId::new("YASHE dec", SMALL_RANDOM_NAME),
+        &ctx,
+        |benchmark, ctx| {
+            // To avoid timing dropping the return value, we require it to be returned from the closure.
+            benchmark.iter_with_large_drop(|| -> Message<TestRes> {
+                ctx.decrypt(c.clone(), private_key.clone())
+            })
+        },
+    );
+}
+
 /// Run [`Yashe::keygen()`] as a Criterion benchmark with random data on the full number of iris bits.
 #[cfg(slow_benchmarks)]
 pub fn bench_keygen_iris(settings: &mut Criterion) {
@@ -453,3 +514,5 @@ pub fn bench_keygen_iris(settings: &mut Criterion) {
         },
     );
 }
+
+// TODO: add iris-length encryption and decryption benchmarks

eyelid-match-ops/src/primitives/poly/modular_poly.rs

@@ -97,6 +97,18 @@ impl<C: PolyConf> Poly<C> {
         Self::from_coefficients_vec(coeffs.to_vec())
     }
 
+    /// Returns the coefficients of `self` as a mutable slice.
+    /// `use ark_poly::DenseUVPolynomial` for the read-only `coeffs()` method.
+    ///
+    /// After using this low-level accessor, callers must ensure the polynomial is in a canonical
+    /// form, by calling either:
+    /// - [`Poly::reduce_mod_poly()`], if the degree could have increased, or
+    /// - [`Poly::truncate_to_canonical_form()`], if the degree has not increased, but coefficients
+    ///   could have been set to zero.
+    pub fn coeffs_mut(&mut self) -> &mut [C::Coeff] {
+        self.coeffs.as_mut_slice()
+    }
+
     // Shadow DensePolynomial methods, so the types are all `Poly`
 
     /// Perform a naive `O(n^2)` multiplication of `self` by `other`.

eyelid-match-ops/src/primitives/poly/modular_poly/conf.rs

@@ -58,7 +58,7 @@ pub trait PolyConf: Copy + Clone + Debug + Eq + PartialEq {
 pub struct IrisBits;
 
 impl PolyConf for IrisBits {
-    const MAX_POLY_DEGREE: usize = crate::IRIS_BIT_LENGTH;
+    const MAX_POLY_DEGREE: usize = crate::IRIS_BIT_LENGTH.next_power_of_two();
 
     type Coeff = Fq79;
 

eyelid-match-ops/src/primitives/poly/modular_poly/mul.rs

@@ -19,6 +19,7 @@ impl<C: PolyConf> MulAssign<C::Coeff> for Poly<C> {
         for coeff in &mut self.0.coeffs {
             *coeff *= rhs;
         }
+        self.truncate_to_canonical_form();
     }
 }
 
@@ -27,6 +28,7 @@ impl<C: PolyConf> MulAssign<C::Coeff> for &mut Poly<C> {
         for coeff in &mut self.0.coeffs {
             *coeff *= rhs;
         }
+        self.truncate_to_canonical_form();
     }
 }
 

eyelid-match-ops/src/primitives/poly/test/inv.rs

@@ -51,7 +51,7 @@ fn test_key_generation_and_inverse() {
     let mut rng = rand::thread_rng();
 
     let ctx: Yashe<TestRes> = Yashe::new();
-    let f = ctx.sample_gaussian(&mut rng);
+    let f = ctx.sample_key(&mut rng);
 
     // REMARK: For our parameter choices it is very likely to find
     // the inverse in the first attempt.