Key switching on encrypted data

[j-bo]

Hi,
First of all thanks for the work you've done and the quality of it's presentation 👏 .

I have the following working scenario which currently uses the SEAL library :

• Generate pair of keys (Ppub, Ppriv)
• Encrypt data V1 using Ppub and send it to server
• Encrypt data V2 using Ppub and send it to server
• Perform operations using V1 and V2 on server and return Result to client
• Decrypt Result client side using Ppriv

I would like to know if the following scenario, which I understood should be working in theory, can be implemented using SEAL library :

• Step 1 :
  • Generate pair of keys (P1pub, P1priv)
  • Encrypt data V1 using P1pub and send it to server along with P1pub
• Step 2 :
  • Generate new pair of keys (P2pub, P2priv)
  • Encrypt data V2 using P2pub and send it to server along with P2pub
• Step 3 :
  • Perform key switching on V2 to use P1pub
  • Perform operations using V1 and V2 on server to get result
  • Perform key switching on Result to use P2pub and return to client
• Step 4 :
  • Decrypt result client side using P2priv

What I could not find in the SEAL library are the mechanisms to perform the public key switching on encrypted data.

Many thanks for your answers and help,
Jérémy

[WeiDaiWD]

Hi Jeremy,

Your scenario can be implemented with SEAL, however, you need to write your own key switching function. In Evaluator we provided a general method switch_key_inplace that performs key switching using a KSwitchKeys. In public API we only expose relinearization and rotation that both utilize key switching. In your scenario, you would want to:

1. generate a new key switching key that correspond to the encryption of P1priv using P2priv,
2. create a new method (wrapper) that calls switch_key_inplace with your desired type of inputs.

A few comments on your scenario:

Perform key switching on V2 to use P1pub

This is less correct. We perform key switching on V2 to make it decryptable using P1priv.

the mechanisms to perform the public key switching on encrypted data

Keyswitching switches the private/secret key required for decryption.

• Step 3 :
  • Perform key switching on V2 to use P1pub
  • Perform operations using V1 and V2 on server to get result
  • Perform key switching on Result to use P2pub and return to client

This whole step can be simplified as following. Generate a key switching key that corresponds to the encryption of P1priv using P2priv. Perform key switching on V1 to make it decryptable using P2priv. Perform operation on V1 and V2 and return the result to client.

[j-bo]

Hi Wai,
Thanks for your answer and for the correction of my desired scenario.

[felixpk]

Hi, I am currently researching the usability of HE-libraries.
I am particularly interested in the previously mentioned use case.
Is there any resource which could help me implement the key switching part in MS SEAL?
I appreciate any feedback and or resources that help me understand this topic.

[Shaedul]

Hi,
@j-bo @WeiDaiWD
I am confused about key switching. Can I get an example of key switching function?
Thanks in advance

[ekampp]

For future reference, @WeiDaiWD, this is the method you're referring to, right?