Updated the list of cryptocontext params and their descriptions

src/pke/examples/README.md

@@ -111,68 +111,80 @@ Now your code should look like this:
     ...........................................
 ```
 
-## Description of the CryptoContext parameters
+## Description of the CryptoContext parameters, their limitations and schemes where they are used
 Choosing the CryptoContext parameters is important for obtaining the best performance for your encrypted application, while maintaining the desired level of security. We strongly recommend that you specify the security level and have OpenFHE automatically select the other parameters, unless you are an expert in homomorphic encryption. If you would like to modify the parameters to understand how they affect noise growth and performance, we provide descriptions below.
 
 The default values for all the parameters can be found in [gen-cryptocontext-params-defaults.h](../include/scheme/gen-cryptocontext-params-defaults.h)
 
-**PlaintextModulus ptModulus** - plaintext modulus(for BGV/BFV), which impacts noise growth
+If the set function is called for a parameter which is not available for the given scheme then an exception will be thrown at run-time.
 
-**uint32_t digitSize** - for BV key switching only (when KeySwitchTechnique = BV). We use digit size in digit decomposition, which impacts noise growth
+**PlaintextModulus ptModulus (BGV/BFV)** - impacts noise growth and has to be set by user as it can not be zero.
 
-**float standardDeviation** - used for Gaussian error generation
+**uint32_t digitSize** - used in digit decomposition and impacts noise growth
+
+**float standardDeviation** - error distribution parameter (recommended for advanced users), used for Gaussian error generation
 
 **SecretKeyDist secretKeyDist** - secret key distribution: GAUSSIAN, UNIFORM_TERNARY, etc.
 
 **uint32_t maxRelinSkDeg** - max relinearization degree of secret key polynomial (used for lazy relinearization)
 
-**KeySwitchTechnique ksTech (BV or HYBRID currently)**:
+**KeySwitchTechnique ksTech**:  BV or HYBRID currently
 - For BV we do not have extra modulus, so the security depends on ciphertext modulus Q
 - For BV we need digitSize - digit size in digit decomposition
 - For HYBRID we do have extra modulus P, so the security depends on modulus P*Q
 - For HYBRID we need numLargeDigits - number of digits in digit decomposition
 
-**ScalingTechnique scalTech (for CKKS/BGV)** - rescaling/modulus switching technique FLEXIBLEAUTOEXT, FIXEDMANUAL, FLEXIBLEAUTO, etc. see https://eprint.iacr.org/2022/915 for additional details
+**ScalingTechnique scalTech (CKKS/BGV)** - rescaling/modulus switching technique FLEXIBLEAUTOEXT, FIXEDMANUAL, FLEXIBLEAUTO, etc. NORESCALE is not allowed. see https://eprint.iacr.org/2022/915 for additional details.
 
 **uint32_t batchSize** - max batch size of messages to be packed in encoding (number of slots)
 
-**ProxyReEncryptionMode PREMode** - PRE security mode IND-CPA, FIXED_NOISE_HRA, etc
+**ProxyReEncryptionMode PREMode** - PRE security mode IND-CPA, FIXED_NOISE_HRA, etc. NOISE_FLOODING_HRA supported only in BGV for scalTech=FIXEDMANUAL
 
-**MultipartyMode multipartyMode** - multiparty security mode in BFV/BGV. The NOISE_FLOODING_MULTIPARTY mode adds extra noise and gives enhanced security compared to the FIXED_NOISE_MULTIPARTY mode
+**MultipartyMode multipartyMode (BFV/BGV)** - multiparty security mode. The NOISE_FLOODING_MULTIPARTY mode adds extra noise and gives enhanced security compared to the FIXED_NOISE_MULTIPARTY mode. Can't set it for CKKS, but FIXED_NOISE_MULTIPARTY is used for CKKS internally
 
-**DecryptionNoiseMode decryptionNoiseMode** - decryption noise mode in CKKS. NOISE_FLOODING_DECRYPT mode is more secure than FIXED_NOISE_DECRYPT, but it requires executing all computations twice
+**DecryptionNoiseMode decryptionNoiseMode (CKKS)** - NOISE_FLOODING_DECRYPT mode is more secure than FIXED_NOISE_DECRYPT, but it requires executing all computations twice
 
-**ExecutionMode executionMode** - execution mode in CKKS. The execution mode is only used in NOISE_FLOODING_DECRYPT mode:
+**ExecutionMode executionMode (CKKS)** - The execution mode is only used in NOISE_FLOODING_DECRYPT mode:
 - EXEC_NOISE_ESTIMATION - we estimate the noise we need to add to the actual computation to guarantee good security
 - EXEC_EVALUATION - we input our noise estimate and perform the desired secure encrypted computation
+- Can't set it for BGV/BFV, but EXEC_EVALUATION is used for these schemes internally
+
+**double noiseEstimate (CKKS)** - This estimate is obtained from running the computation in EXEC_NOISE_ESTIMATION mode. It is only used in NOISE_FLOODING_DECRYPT mode
 
-**double noiseEstimate** -  noise estimate in CKKS. This estimate is obtained from running the computation in EXEC_NOISE_ESTIMATION mode. It is only used in NOISE_FLOODING_DECRYPT mode
+**double desiredPrecision (CKKS)** - desired precision for 128-bit. We use this value in NOISE_FLOODING_DECRYPT mode to determine the scaling factor
 
-**double desiredPrecision** - desired precision for 128-bit CKKS. We use this value in NOISE_FLOODING_DECRYPT mode to determine the scaling factor
+**uint32_t statisticalSecurity (BGV/CKKS)** - statistical security of CKKS in NOISE_FLOODING_DECRYPT mode. This is the bound on the probability of success that any adversary can have. Specifically, they have a probability of success of at most 2^(-statisticalSecurity). Used for BGV when PREMode=NOISE_FLOODING_HRA and for CKKS when multipartyMode=NOISE_FLOODING_MULTIPARTY
 
-**uint32_t statisticalSecurity** - statistical security of CKKS in NOISE_FLOODING_DECRYPT mode. This is the bound on the probability of success that any adversary can have. Specifically, they have a probability of success of at most 2^(-statisticalSecurity)
+**uint32_t numAdversarialQueries (BGV/CKKS)** - this is the number of adversarial queries a user is expecting for their application, which we use to ensure security of CKKS in NOISE_FLOODING_DECRYPT mode. Used for BGV when PREMode=NOISE_FLOODING_HRA and for CKKS when multipartyMode=NOISE_FLOODING_MULTIPARTY
 
-**uint32_t numAdversarialQueries** - this is the number of adversarial queries a user is expecting for their application, which we use to ensure security of CKKS in NOISE_FLOODING_DECRYPT mode
+**uint32_t thresholdNumOfParties (BGV/BFV)** - number of parties in a threshold application, which is used for bound on the joint secret key
 
-**uint32_t firstModSize and uint32_t scalingModSize** - are used to calculate ciphertext modulus. The ciphertext modulus should be seen as: Q = q_0 * q_1 * ... * q_n * q':
+**uint32_t firstModSize (CKKS/BGV) and uint32_t scalingModSize** - are used to calculate ciphertext modulus. The ciphertext modulus should be seen as: Q = q_0 * q_1 * ... * q_n * q':
 - q_0 is first prime, and it's number of bits is firstModSize
 - q_i have same number of bits and is equal to scalingModSize
 - the prime q' is not explicitly given, but it is used internally in CKKS and BGV schemes (in *EXT scaling methods)
+- **firstModSize** is allowed for BGV with **scalTech = FIXEDMANUAL** only
+- **scalingModSize** is allowed for BGV with **scalTech = FIXEDMANUAL** and **scalingModSize** must be < 60 for CKKS and NATIVEINT=64.
 
 **uint32_t numLargeDigits** - number of digits in HYBRID key switching (see KeySwitchTechnique)
 
-**uint32_t multiplicativeDepth** - the maximum number of multiplication we can perform before bootstrapping
+**uint32_t multiplicativeDepth** - the maximum number of multiplication we can perform before bootstrapping. Must be 0 for BGV if PREMode=NOISE_FLOODING_HRA
 
 **SecurityLevel securityLevel** - We use the values from the security standard at http://homomorphicencryption.org/wp-content/uploads/2018/11/HomomorphicEncryptionStandardv1.1.pdf. For given ring dimension and security level we have upper bound of possible highest modulus (Q for BV or P*Q for HYBRID)
 
 **uint32_t ringDim** - ring dimension N of the scheme : the ring is Z_Q[x] / (X^N+1)
 
-**uint32_t evalAddCount** - number of additions (used for setting noise in BGV and BFV)
+**uint32_t evalAddCount (BGV/BFV)** - number of additions (used for setting noise)
+
+**EncryptionTechnique encryptionTechnique (BFV)** - STANDARD or EXTENDED mode for BFV encryption; EXTENDED slightly reduces the size of Q (by few bits) but makes encryption somewhat slower (see https://eprint.iacr.org/2022/915 for details). Can't be set up for CKKS/BGV, but STANDARD is used for these 2 schemes internally
 
-**uint32_t keySwitchCount** - number of key switching operations (used for setting noise in BGV and BFV)
+**MultiplicationTechnique multiplicationTechnique (BFV)** - multiplication method in BFV: BEHZ, HPS, etc. (see https://eprint.iacr.org/2022/915 for details).
 
-**uint32_t PRENumHops** - number of hops for PRE in the provable HRA setting (BGV only)
+**uint32_t keySwitchCount (BGV/BFV)** - number of key switching operations (used for setting noise)
 
-**EncryptionTechnique encryptionTechnique** - STANDARD or EXTENDED mode for BFV encryption; EXTENDED slightly reduces the size of Q (by few bits) but makes encryption somewhat slower (see https://eprint.iacr.org/2022/915 for details)
+**uint32_t PRENumHops (BGV)** - size of moduli used for PRE in the provable HRA setting:
+- used only with multipartyMode=NOISE_FLOODING_MULTIPARTY
+- if PREMode=NOISE_FLOODING_HRA, then **PRENumHops** must be > 0
 
-**MultiplicationTechnique multiplicationTechnique** - multiplication method in BFV: BEHZ, HPS, etc. (see https://eprint.iacr.org/2022/915 for details)
+**COMPRESSION_LEVEL interactiveBootCompressionLevel (CKKS)** - interactive multi-party bootstrapping parameter which sets the compression level in
+ ciphertext SLACK (has weaker security assumption, thus less efficient) or COMPACT (has stronger security assumption, thus more efficient)