TFHE-rs v0.7.1

Summary

TFHE-rs v0.7.1 adds compression parameters for the default 2_2 parameters from the shortint API.

TFHE-rs v0.7.0

Summary

TFHE-rs v0.7.0 includes several enhancements and new features, here are the highlights:

• Parameters: Probability of failure is now 2^-64 by default. This drastically improves the correctness ratio over a long period of time at a negligible performance cost.
• New vector and array operations: Add new vector and array operations for more efficient data handling, e.g. test equality of two arrays and test whether an array contains another array.
• Compact Public Key encryption parameters: You can now select dedicated parameters for Compact Public Key encryption to reduce size and improve generation time for Zero Knowledge (ZK) proofs.
• Improved Zero-Knowledge Proofs: Through optimizations and dedicated parameter sets for the Compact Public Key Encryption, the commitment size as well as the proof and verification time have been reduced.
• Post-computation compression: Introduce a new form of post-computation compression to limit data size on disk and in transit. This is especially useful for storing encrypted computation results using less storage space.
• Multi-GPU support: The CUDA backend v0.3.0 now supports multi-GPU configurations with more integer operations. It also brings performance improvements across operations.

What's Changed

Breaking Changes

Warning

• The Zero Knowledge proofs CRS format has changed and is not compatible with older CRS formats.
• The encrypted PRF now uses sha3 to generate the random input of the PRF
• CompactFheUintX and CompactFheUintXList are replaced by the new heterogeneous CompactCiphertextList

New features

• High Level API/Integer: allow CompactCiphertextList to store heterogeneous types
• High Level API/Integer: add the ability to use dedicated Compact Public Key parameters and keyswitch to compute parameters upon expand
• High Level API/Integer: add the ability to compress data after computation
• High Level API/Integer/C API: add 512, 1024 and 2048 bits FheUint types
• High Level API/Integer: add boolean select
• Integer/Core crypto/CUDA: compute the PBS and KS on multiple GPUs when possible
• Integer/CUDA: add unsigned div_rem
• Integer/CUDA: add unsigned scalar div
• Integer/CUDA: add unsigned overflowing add
• Integer/CUDA: add unsigned overflowing scalar add
• Integer/CUDA: add signed scalar comparisons
• Integer/CUDA: add cast signed/unsigned and signed/signed
• Integer: add vector match_value/index_of/contains/is_in
• Integer: add an eq_slice function
• Integer: add contains_sub_slice
• Shortint: make the PRF use sha3 as it's random oracle
• Core crypto: add an NTT based PBS
• Core crypto: add keyswitch that changes the scalar type from input to output
• Core crypto: add the ability to change the scalar type from input to output to the PBS
• Core crypto: add support for multi bit to the modulus switch compression
• Core crypto: add (G)lweCiphertextList::from_fn/from_elem methods
• Core crypto/CUDA: use a PBS implementation that makes use of thread block clusters and distributed shared memory on H100
• C API: add C API for some array functions (array_eq, array_contains_sub_slice)
• All: add new evolutive data format to avoid breaking changes of data formats when possible
• ZK: improve performance of the PKE proof

Improvements

• Integer: add packing in carry for modulus switch compression
• Integer/CUDA: change bitnot to not use the PBS
• Core crypto: the non-native decomposer formulas have been updated for use with the NTT PBS
• Core crypto: refactor fallible RNG to have a 2^-128 probability of failing to generate a coefficient
• Core crypto/CUDA: improve keyswitch performance

TFHE-rs 0.6.4

Summary

TFHE-rs v0.6.4 adds versioning to data structure to avoid breaking changes during serialization with future TFHE-rs versions. See https://docs.zama.ai/tfhe-rs/v/0.6-3/guides/data_versioning for more information

What's Changed

New features

• Add data versioning to structures for forward compatible data serialization

TFHE-rs v0.6.3

Summary

TFHE-rs v0.6.3 adds a missing encryption primitive for the CompactFheUintList2048 for the C API

What's Changed

New features

• High Level API/C API: add the encryption primitive for CompactFheUintList2048

TFHE-rs v0.6.2

Summary

TFHE-rs v0.6.2 introduces some QoL changes, a new 2048 bits type and a few array operations

What's Changed

New features

• High Level API: add the ability to get raw parts from an FheBool
• High Level API/C API: add an unsigned 2048 bits type
• High Level API/C API: add support for array operations: eq/ne, contains

TFHE-rs v0.5.4

Summary

TFHE-rs v0.5.4 adds code to update data format from 0.5 to 0.6 known as "forward compatibility".

Read more about it here: https://docs.zama.ai/tfhe-rs/v/0.5-3/how-to/migrate_data

This is the last release to use this update strategy, newer releases will use an evolutive data format to avoid dependency chains and make updating data easier.

TFHE-rs v0.6.1

Summary

TFHE-rs v0.6.1 adds a missing serialization breaking change in 0.6.0, as a result 0.6.0 will be yanked to keep consistency across 0.6 versions.

What's Changed

Breaking Changes

Warning

The global serialization version has been updated to reflect the breaking changes in 0.6
Shortint: The CompressedServerKey now properly carries the MaxNoiseLevel from the parameters it was built with

TFHE-rs v0.6.0

Summary

TFHE-rs v0.6.0 adds Zero Knowledge (ZK) proofs to the Compact Public Key encryption. This feature enables server-side verification of the correctness of the ciphertext encrypted in this manner without knowing the content of the ciphertexts.

This release also introduces a new form of post-computation compression that limits the size of data on disk/in transit. It’s particularly useful when storing computation results in their encrypted forms.

The CUDA backend v0.2.0 now supports more integer operations, including shift, rotate, scalar multiplication, and the corresponding signed operations.

What's Changed

Breaking Changes

Warning

The Compact Public Key encryption is not backward compatible due to the change of layout, preventing from updating older ciphertexts to the newer format.

New features

• High Level API: added the FHE oblivious pseudo random generation
• High Level API/Integer: added leading/trailing zeros/ones, ilog2 and checked ilog2
• Integer: added checked division, returning a flag to indicate if the divisor was non-zero
• Integer: added smart variant for the neg_assign function
• Integer/CUDA: added support for unsigned cast
• Integer/CUDA: added overflowing sub
• Integer/CUDA: added support for signed add/sub/mul, bitops, shifts and rotations
• Integer/CUDA: added decompression from compressed CPU server key to GPU server key
• Shortint/Integer: total count of executed PBS can now be queried with get_pbs_count with feature pbs-stats
• Shortint: added the "many LUT" construction allowing to evaluate several functions in case where the ciphertext has unused message bits
• Core crypto: added support keyswitch with a modulus switching as well
• Core crypto: added parallelized private functional packing keyswitch over a list of LWE ciphertexts
• All: added support for TUniform distribution for noise distributions
• All: added modulus switching for post computation compression
• C API: added CUDA support
• C API: allow configuration of the number of threads used by integer API calls

Improvements

• Integer: improved carry propagation and sum algorithm
• Integer: bitnot is now PBS free improving performance
• Integer/CUDA: improved performance of the term reduction in the multiplication
• Core crypto: faster PBS 128 with usage of new version of concrete-fft

Fixes

• Integer: fix cast in scalar_shift/rotate
• Integer: is_scalar_out_of_bounds handles bigger ciphertext case
• Integer: correct degree in small comparisons
• Integer: fix parallel carry propagation on empty input
• Integer: fix the wopbs CRT LUT generation
• Integer/CUDA: fix 40 bit integer multiplication
• Integer/CUDA: fix scalar eq for booleans
• Integer/CUDA: fix bug in integer mult when k > 1
• Integer/CUDA: replace hardcoded degrees in multiplication.cuh
• CUDA: fix cuda_memset with size 0
• CUDA: fix memory bug in multi-bit PBS
• Core crypto: ignore value already present in the body when doing LWE encryption
• Core crypto: fix unsigned noise addition for custom modulus
• Core crypto: fix empty extracted bits list rejected as invalid by the wopbs
• C API: add missing function on FheBool

Resources

• Documentation:

  • Encrypted PRF
  • PBS stats

• Blog Post:

  • TFHE-rs v0.6: Zero-Knowledge Support and Signed Integer Operations on GPU

TFHE-rs v0.4.4

Fixed build by unpinning bytemuck and updating dependencies to side step rust's simd_stdarch breakage

TFHE-rs v0.5.3

TFHE-rs v0.5.3 includes:

Shortint API: Fix a special case of compact public key encryption for list