This document provides instructions on how to decrypt data.
To decrypt data, use the decrypt method from the FheDecrypt trait:
This document explains how to encrypt data.
To encrypt data, use the encrypt method from the FheEncrypt trait. This crate provides types that implement either FheEncrypt or FheTryEncrypt or both, to enable encryption.
Here is an example:
This document explains how to call the function set_server_key.
This function will move the server key to an internal state of the crate and manage the details for a simpler interface.
Here is an example:
This document describes how to perform computation on encrypted data.
With TFHE-rs, the program can be as straightforward as conventional Rust coding by using operator overloading.
The following example illustrates the complete process of encryption, computation using Rust’s built-in operators, and decryption:
This document explains how the choice of cryptographic parameters impacts both the security and efficiency of FHE algorithms. The chosen parameters determine the error probability (sometimes referred to failure probability) and overall performance of computations using fully homomorphic encryption. This error probability is due to the noisy nature of FHE computations (see here for more details about the encryption process).
All parameter sets provide at least 128-bits of security according to the Lattice-Estimator.
Currently, the default parameters use blocks that contain 2 bits of message and 2 bits of carry - a tweaked uniform (TUniform, defined here) noise distribution, and have a bootstrapping failure probability . These are particularly suitable for applications that need to be secure in the IND-CPA^D model (see here for more details). The GPU backend still uses an error probability smaller than by default. Those will be updated soon.
When using the high-level API of TFHE-rs, you can create a key pair using the default recommended set of parameters. For example:
These default parameters may be updated with in future releases of TFHE-rs, potentially causing incompatibilities between versions. For production systems, it is therefore recommended to specify a fixed parameter set.
Parameter sets are versioned for backward compatibility. This means that each set of parameters can be tied to a specific version of TFHE-rs, so that they remain unchanged and compatible after an upgrade.
All parameter sets are stored as variables inside the tfhe::shortint::parameters module, with submodules named after the versions of TFHE-rs in which these parameters where added. For example, parameters added in TFHE-rs v1.0 can be found inside tfhe::shortint::parameters::v1_0.
The naming convention of these parameters indicates their capabilities. Taking tfhe::parameters::v1_0::V1_0_PARAM_MESSAGE_2_CARRY_2_KS_PBS_TUNIFORM_2M128 as an example:
V1_0: these parameters were introduced in TFHE-rs v1.0
MESSAGE_2: LWE blocks include 2 bits of message
CARRY_2: LWE blocks include 2 bits of carry
KS_PBS: the keyswitch is computed before the bootstrap
TUNIFORM: the tweaked uniform noise distribution is used
For convenience, aliases are provided for the most used sets of parameters and stored in the module tfhe::shortint::parameters::aliases. Note, however, that these parameters are not stable over time and are always updated to the latest TFHE-rs version. For this reason, they should only be used for prototyping and are not suitable for production use cases.
You can override the default parameters with the with_custom_parameters(block_parameters) method of the Config object. For example, to use a Gaussian distribution instead of the TUniform one, you can modify your configuration as follows:
This document explains how to initialize the configuration and generate keys.
The configuration specifies the selected data types and their custom crypto-parameters. You should only use custom parameters for advanced usage and/or testing.
To create a configuration, use the ConfigBuilder type. The following example shows the setup using 8-bit unsigned integers with default parameters. Additionally, ensure the integers feature is enabled, as indicated in the table on .
The configuration is initialized by creating a builder with all types deactivated. Then, the integer types with default parameters are activated, for using FheUint8 values.
The generate_keys command returns a client key and a server key:
Client_key: this key should remain private and never leave the client.
Server_key: this key can be public and sent to a server to enable FHE computations.
2M128: the probability of failure for the bootstrap is