Understanding RLWE
While you do not need to fully understand RLWE to use Concrete, it is useful to know they exist, as they will be used under the hood to perform bootstrapping (which we will learn about later).
RLWE stands for Ring Learning With Errors and refers to the extension of LWE over the ring of polynomials with coefficients in a modular integer ring. It is also a computational problem conjectured to be hard to solve. RLWE enable packing multiple ciphertexts into a single polynomial, enabling SIMD-like homomorphic operations.
Concrete implements RLWE and VectorRLWE structs, but without the ability to perform SIMD-like operations on them. This will be available in a future release.
Extracting an RLWE coefficient as an LWE
Since RLWE is an extension of LWE, you can extract one of the RLWE ciphertext polynomial coefficient as an LWE ciphertext.
RLWE instances are 2-dimensional: they hold a vector of ciphertexts, in which each coefficient is itself a plaintext. Thus, when extracting an LWE, we need to both specify the coefficient we want as well as the ciphertext from which to extract that coefficient. This is done via the extract_1_lwe
function:
Converting an RLWE secret key into an LWE secret key
Converting an RLWESecretKey
instance into an LWESecretKey
is done using to_lwe_secret_key
function:
Converting an LWE secret key into an RLWE secret key
Last updated