Skip to content

TFHE-rs v0.11.0

Latest
Latest
Compare
Choose a tag to compare
@IceTDrinker IceTDrinker released this 13 Jan 12:15
· 61 commits to main since this release
tfhe-rs-0.11.0
This tag was signed with the committer’s verified signature.
IceTDrinker Arthur Meyre
GPG key ID: 452CF7F2155A3AA9
Learn about vigilant mode.
bc742e9

Summary

TFHE-rs v0.11.0 introduces significant improvements and new features, including enhanced Zero Knowledge proof performance, a new FheAsciiString type for secure string operations, and a 28% CPU performance boost for shift/rotate operations on 64-bit values. On the GPU side, we've improved GPU performance by 30% for 64-bit addition and expanded GPU support to arrays of ciphertexts. In addition, TFHE-rs v0.11 introduces noise assertions for debugging, new default parameters, and several fixes and optimizations to enhance overall usability and reliability.

What's Changed

Breaking Changes

Warning

Incompatible data structures:
Data compatibility is not guaranteed for versions older than 0.10.
The following structures and their seeded variants are incompatible:

  • All GgswCiphertext and its Fourier and NTT variants
  • GgswCiphertextList, LweBootstrapKey and its Fourier and NTT variants
  • LweKeyswitchKey, LweMultiBitBootstrapKey and its Fourier variant
  • LwePackingKeyswitchKey, LwePrivateFunctionalPackingKeyswitchKey
  • LwePrivateFunctionalPackingKeyswitchKeyList
  • All the shortint, integer and High Level API keys using those lower level primitives, including ServerKey types and their compressed variants.

Parameter and function changes:

  • The DispersionParameter trait in core_crypto now returns new types for all its functions instead of raw f64.
  • Zero Knowledge proofs can now only be used with dedicated parameters.
  • ZkVerificationOutCome has been renamed to ZkVerificationOutcome
  • CompactPkePublicParams has been deprecated; use CompactPkeCrs instead.
  • Arch specific features (like x86_64-unix) have been dropped in favor of auto-detection.
  • Default parameters are now TUniform parameters.
  • ActivatedRandomGenerator has been renamed to DefaultRandomGenerator.

Please update your code accordingly.

New features

CPU

  • Add strings module, usable in the HL API via the FheAsciiString type
  • Add Zero Knowledge v2 with vastly improved performance
  • LweSecretKey and GlweSecretKey now support safe serialization
  • Add safe_serialized_size to get the seriliazed size of entities supporting safe serialization
  • Add a batched PBS loading the key only once and processing all ciphertexts at once
  • Add the safe_deserialize method for CompactPkeCrs in the Javascript API
  • Add C API primitives to get/clear the last error from TFHE-rs as a const char * and enable/disable automatic printing of errors to stderr
  • Add debug noise-asserts feature to verify shortint noise levels are valid with respect to a user-provided maximum noise level

GPU

  • Add absolute value
  • Add signed division
  • Add array types
  • Add comparison of arrays and array search

Improvements

CPU

  • Encrypted shift and rotate have improved performance (+28% for 64 bits values)
  • Conformance checks for Zero Knowledge proofs now also verify the validity of elliptic curve points

GPU

  • Modify double to u64 cast in some kernels to use intrinsics.
  • Optimize integer multiplication when one of the input ciphertexts holds a boolean value.
  • Improve single carry propagation performance.
  • Add a function to check if a cuda device is available on the machine.

Fixes

CPU

  • High Level API CompressedCiphertextListBuilder now uses the current ServerKey device when compressing data instead of panicking when mixing CPU and GPU usage
  • Fix compact public key encryption of a single ciphertext in core_crypto, shortint, integer and the High Level API were not affected by the bug
  • Fix serialized_size_limit to include header sizes of entities
  • Fix gadget decomposition over one level to be balanced
  • Fix Zero Knowledge proof compatibility between 32 bits (WASM) and 64 bits plaftorm
  • Fix a corner-case for carry propagation for signed sub with overflow which could only be triggered by manually selecting propagation algorithm
  • Fix a corner-case for comparisons in case of an empty (no blocks) integer ciphertext
  • Fix full_propagate_parallelized to also reset the noise of blocks not part of the carry propagation
  • Fix encoding during compression which was pessimizing the failure probability

GPU

  • Fixes to compression.
  • Fix sample extract for the many LUT use case.
  • Fix many LUT with multiple GPUs.
  • Fix memory error in cg classical PBS.
  • Fix gadget decomposition over one level to be balanced.
  • General fixes and improvements to the multi-bit PBS.
  • Fix signed overflowing subtraction for one block case.
  • Fix equal and scalar ne.
  • Fix single GPU execution on a device other than 0 for all functions.
  • Fix ct degree / noise level tracking in several operations.
Assets 3
Loading