crypto

package
v0.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 16, 2026 License: MIT Imports: 7 Imported by: 0

Documentation

Overview

Package crypto provides homomorphic encryption operations using Lattigo CKKS scheme. CKKS is ideal for approximate arithmetic on encrypted real numbers.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewParameters 

func NewParameters() (hefloat.Parameters, error)

NewParameters creates CKKS parameters optimized for vector dot products. Uses 128-bit security with LogN=14 supporting vectors up to 8192 dimensions.

func NormalizeVector 

func NormalizeVector(vector []float64) []float64

NormalizeVector normalizes a vector to unit length

Types

type Engine 

type Engine struct {
	// contains filtered or unexported fields
}

Engine provides homomorphic encryption operations using CKKS scheme. CKKS allows approximate arithmetic on encrypted floating-point numbers, which is ideal for computing dot products for similarity search.

func NewClientEngine 

func NewClientEngine() (*Engine, error)

NewClientEngine creates an encryption engine for client-side operations. Generates a new key pair for encryption/decryption.

func NewServerEngine 

func NewServerEngine(publicKeyBytes []byte) (*Engine, error)

NewServerEngine creates an encryption engine for server-side operations. Does not have access to the secret key - can only perform homomorphic operations.

func (*Engine) DecryptBatchScalars 

func (e *Engine) DecryptBatchScalars(ct *rlwe.Ciphertext, numCentroids, dimension int) ([]float64, error)

DecryptBatchScalars decrypts and extracts multiple dot product results from a batch operation. Results are at positions [0, dim, 2*dim, ...] in the decrypted slots.

func (*Engine) DecryptScalar 

func (e *Engine) DecryptScalar(ct *rlwe.Ciphertext) (float64, error)

DecryptScalar decrypts a ciphertext containing a single scalar value (dot product result).

func (*Engine) DecryptVector 

func (e *Engine) DecryptVector(ct *rlwe.Ciphertext, length int) ([]float64, error)

DecryptVector decrypts a ciphertext back to a float64 vector.

func (*Engine) DeserializeCiphertext 

func (e *Engine) DeserializeCiphertext(data []byte) (*rlwe.Ciphertext, error)

DeserializeCiphertext deserializes bytes to a ciphertext

func (*Engine) EncryptVector 

func (e *Engine) EncryptVector(vector []float64) (*rlwe.Ciphertext, error)

EncryptVector encrypts a float64 vector using CKKS. Values should be normalized to [-1, 1] range for best precision. CKKS directly handles floating-point values without offset encoding.

func (*Engine) GetEncoder 

func (e *Engine) GetEncoder() *hefloat.Encoder

GetEncoder returns the HE encoder for external caching purposes.

func (*Engine) GetParams 

func (e *Engine) GetParams() hefloat.Parameters

GetParams returns the CKKS parameters

func (*Engine) GetPublicKeyBytes 

func (e *Engine) GetPublicKeyBytes() ([]byte, error)

GetPublicKeyBytes returns the serialized public key for distribution

func (*Engine) HomomorphicBatchDotProduct 

func (e *Engine) HomomorphicBatchDotProduct(encPackedQuery *rlwe.Ciphertext, packedCentroids *rlwe.Plaintext, numCentroids, dimension int) (*rlwe.Ciphertext, error)

HomomorphicBatchDotProduct computes multiple dot products in a single HE operation. The query should be packed (replicated across slot segments) to match packed centroids. Returns encrypted result where each dimension-sized segment contains one dot product.

Layout after operation:

  • slots[0..dim-1]: components of dot(q, c0)
  • slots[dim..2*dim-1]: components of dot(q, c1)
  • etc.

After partial sum within each segment:

  • slots[0]: dot(q, c0)
  • slots[dim]: dot(q, c1)
  • etc.

func (*Engine) HomomorphicDotProduct 

func (e *Engine) HomomorphicDotProduct(encQuery *rlwe.Ciphertext, vector []float64) (*rlwe.Ciphertext, error)

HomomorphicDotProduct computes E(q · v) from E(q) and plaintext v. This is the core operation for privacy-preserving similarity search. Returns encrypted dot product that only the client can decrypt. Note: Uses full lock because Lattigo evaluator is not thread-safe.

func (*Engine) HomomorphicDotProductCached 

func (e *Engine) HomomorphicDotProductCached(encQuery *rlwe.Ciphertext, encodedVector *rlwe.Plaintext) (*rlwe.Ciphertext, error)

HomomorphicDotProductCached computes E(q · v) using a pre-encoded plaintext. This is faster than HomomorphicDotProduct when centroids are cached as plaintexts. Note: Uses full lock because Lattigo evaluator is not thread-safe.

func (*Engine) SerializeCiphertext 

func (e *Engine) SerializeCiphertext(ct *rlwe.Ciphertext) ([]byte, error)

SerializeCiphertext serializes a ciphertext to bytes for transmission

type EnginePool 

type EnginePool struct {
	// contains filtered or unexported fields
}

EnginePool manages a pool of HE engines for parallel operations. Each engine has its own evaluator (not thread-safe), but shares keys. This allows parallel HE operations without the serialization bottleneck.

func NewEnginePool 

func NewEnginePool(n int) (*EnginePool, error)

NewEnginePool creates a pool of n HE engines. All engines share the same keys but have independent evaluators. Recommended: n = runtime.NumCPU() for optimal parallelism.

func (*EnginePool) Acquire 

func (p *EnginePool) Acquire() *Engine

Acquire gets an engine from the pool. Blocks if none available. The caller MUST call Release when done.

func (*EnginePool) DecryptBatchScalars 

func (p *EnginePool) DecryptBatchScalars(ct *rlwe.Ciphertext, numCentroids, dimension int) ([]float64, error)

DecryptBatchScalars decrypts and extracts multiple dot product results.

func (*EnginePool) DecryptScalar 

func (p *EnginePool) DecryptScalar(ct *rlwe.Ciphertext) (float64, error)

DecryptScalar decrypts a scalar result using the primary engine.

func (*EnginePool) EncryptVector 

func (p *EnginePool) EncryptVector(vector []float64) (*rlwe.Ciphertext, error)

EncryptVector encrypts a vector using the primary engine. This is typically called once per query, so serialization is acceptable.

func (*EnginePool) GetEncoder 

func (p *EnginePool) GetEncoder() *hefloat.Encoder

GetEncoder returns an encoder (from the primary engine). Note: Encoder may not be thread-safe for encoding, but is fine for reading params.

func (*EnginePool) GetParams 

func (p *EnginePool) GetParams() hefloat.Parameters

GetParams returns the CKKS parameters (same for all engines).

func (*EnginePool) GetPrimaryEngine 

func (p *EnginePool) GetPrimaryEngine() *Engine

GetPrimaryEngine returns the first engine (useful for encryption/decryption).

func (*EnginePool) HomomorphicBatchDotProduct 

func (p *EnginePool) HomomorphicBatchDotProduct(encPackedQuery *rlwe.Ciphertext, packedCentroids *rlwe.Plaintext, numCentroids, dimension int) (*rlwe.Ciphertext, error)

HomomorphicBatchDotProduct computes multiple dot products using SIMD.

func (*EnginePool) Release 

func (p *EnginePool) Release(e *Engine)

Release returns an engine to the pool.

func (*EnginePool) Size 

func (p *EnginePool) Size() int

Size returns the number of engines in the pool.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.