假设我有两个数组 x = [1,2,3,4,5] 和 xMean = [3,3,3,3,3] 。我使用PolyCRTBuilder(xCiphertext和xMeanCiphertext)组成并加密了这两个数组。如果我减去两个密文(xCiphertext减去xMeanCiphertext),我应该得到 xResult = [-2,-1、0、1、2] ,但是在同态减法之后,我得到的是 xResultDecrypted = [40959,40960,0,1,2] 。我可以将溢出结果与普通模数集相关联,但是可以解决此问题。这是代码:
int main() {
EncryptionParameters parms;
parms.set_poly_modulus("1x^4096 + 1");
parms.set_coeff_modulus(coeff_modulus_128(4096));
parms.set_plain_modulus(40961);
SEALContext context(parms);
KeyGenerator keygen(context);
auto public_key = keygen.public_key();
auto secret_key = keygen.secret_key();
Encryptor encryptor(context, public_key);
Evaluator evaluator(context);
Decryptor decryptor(context, secret_key);
PolyCRTBuilder crtbuilder(context);
int slot_count = crtbuilder.slot_count();
int row_size = slot_count / 2;
vector<uint64_t> x_pod_matrix(slot_count, 0);
x_pod_matrix[0] = 1;
x_pod_matrix[1] = 2;
x_pod_matrix[2] = 3;
x_pod_matrix[3] = 4;
x_pod_matrix[4] = 5;
Plaintext x_plain_matrix;
crtbuilder.compose(x_pod_matrix, x_plain_matrix);
Ciphertext x_encrypted_matrix;
encryptor.encrypt(x_plain_matrix, x_encrypted_matrix);
vector<uint64_t> x_mean_pod_matrix(slot_count, 0);
x_mean_pod_matrix[0] = 3;
x_mean_pod_matrix[1] = 3;
x_mean_pod_matrix[2] = 3;
x_mean_pod_matrix[3] = 3;
x_mean_pod_matrix[4] = 3;
Plaintext x_mean_plain_matrix;
crtbuilder.compose(x_mean_pod_matrix, x_mean_plain_matrix);
Ciphertext x_mean_encrypted_matrix;
encryptor.encrypt(x_mean_plain_matrix, x_mean_encrypted_matrix);
evaluator.sub_plain(x_encrypted_matrix, x_mean_encrypted_matrix);
// Decrypt x_encrypted_matrix
Plaintext x_plain_result;
decryptor.decrypt(x_encrypted_matrix, x_plain_result);
vector<uint64_t> pod_result;
crtbuilder.decompose(x_plain_result, pod_result);
for(int i = 0; i < 5; i++) {
std::cout << pod_result[i] << '\n';
}
/*
Expected output:
-2
-1
0
1
2
*/
/*
Actual output:
40959
40960
0
1
2
*/
return 0;
}
evaluator.negate()不会帮助解决我的问题。
答案 0 :(得分:1)
因此,您得到的结果是正确的,因为纯文本仅以plain_modulus为模定义。 PolyCRTBuilder::decompose的重载采用std::int64_t的向量,并将自动进行您希望看到的转换。