Multiplying a ciphertext by a constant
Multiplying a ciphertext by a constant means multiplying a ciphertext by a constant (plaintext value). This is a leveled operation that increases noise, optionally consume padding, and optionally changes the encoding.
Operation | |
Type | Leveled |
Side effects | Increases noise Potentially consumes padding Potentially modifies encoding |
Multiplying an LWE by a integer constant
By default, LWE ciphertexts can only be multiplied by integer constants. Under the hood, this is done by multiplying the ciphertext's body and mask by the constant. This is only currently implemented statically, i.e. without modifying the encoder, via the mul_constant_static_encoder
method (and its mutable form mul_constant_static_encoder_inplace
).
Because integer constant addition is implemented using a static encoder, the result of the multiplication should be in the interval of the ciphertext's encoder to avoid wrapping around with undefined behavior.
Here is an example using the mutable form:
This operation is also available in vectorized form for VectorLWE
instances, simply by passing a vector of integers to the mul_constant_static_encoder
method:
Multiplying an LWE by a real constant
Multiplying a ciphertext by a real-valued constant is supported in Concrete thanks to the use of padding in the encoder, via the mul_constant_with_padding
method (and its mutable counterpart mul_constant_with_padding_inplace
). The method take 3 arguments:
constant
: the constant to multiply the ciphertext by, as a float64max_constant
: the maximum value the constant can take. This is necessary to determine the encoding of the result of the multiplication, and particularly useful when multiplying several ciphertexts by different constants (for example when working withVectorLWE
), as the output encoding of the ciphertexts will end up being the same.nb_bit_padding
: the number of bits of padding to be consumed by the multiplication, which also represents the precision of the constant being multiplied. This cannot be bigger than the remaining bits of padding in the ciphertext being multiplied.
Here is an example code:
And in vectorized form, where all ciphertexts end up with the same encoder interval:
Last updated