Generating a new set of keys and crs is necessary when creating a new FHE Co-processor.
To do so one can use the TKMS cli tool packaged in the following docker image.
The configuration file of the CLI will need to be modified or mounted to a volume accessible within the Docker container. The accessible/modified file must include:
Insecure key generation is the fastest way to generate a new key. The key is generated by a single party and shared with the other parties. Hence it is not directly insecure, but instead only generated with a centralized trust assumption.
Secure key generation takes a lot longer and is a two step process. For development purposes insecure key generation is the recommended way since it is much faster.
This will do some pre-processing needed for key-generation. The pre-processing id will be needed to then launch a distributed key generation.
The CRS is a public object used to generate zero-knowledge-proofs of plaintext knowledge (required to add a new ciphertext). The max-num-bits
argument specifies the maximum number of bits provable with a given CRS, usually 2048 is used, since this is the size of the largest data-type currently supported.
As for the insecure key-generation this operation will be done by a single party.
This will launch a distributed CRS generation.