Manage Keys
Concrete generates keys for you implicitly when they are needed and if they have not already been generated. This is useful for development, but it's not flexible (or secure!) for production. Explicit key management API is introduced to be used in such cases to easily generate and re-use keys.
Definition
Let's start by defining a circuit:
Circuits have a property called keys
of type fhe.Keys
, which has several utility functions dedicated to key management!
Generation
To explicitly generate keys for a circuit, you can use:
Generated keys are stored in memory upon generation, unencrypted.
And it's possible to set a custom seed for reproducibility:
Do not specify the seed manually in a production environment!
Serialization
To serialize keys, say to send it across the network:
Keys are not serialized in encrypted form! Please make sure you keep them in a safe environment, or encrypt them manually after serialization.
Deserialization
To deserialize the keys back, after receiving serialized keys:
Assignment
Once you have a valid fhe.Keys
object, you can directly assign it to the circuit:
If assigned keys are generated for a different circuit, an exception will be raised.
Saving
You can also use the filesystem to store the keys directly, without needing to deal with serialization and file management yourself:
Keys are not saved encrypted! Please make sure you store them in a safe environment, or encrypt them manually after saving.
Loading
After keys are saved to disk, you can load them back via:
Automatic Management
If you want to generate keys in the first run and reuse the keys in consecutive runs:
Last updated