forked from microsoft/SEAL
-
Notifications
You must be signed in to change notification settings - Fork 0
/
ntt.h
306 lines (263 loc) · 9.95 KB
/
ntt.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
// Copyright (c) Microsoft Corporation. All rights reserved.
// Licensed under the MIT license.
#pragma once
#include "seal/memorymanager.h"
#include "seal/modulus.h"
#include "seal/util/defines.h"
#include "seal/util/iterator.h"
#include "seal/util/pointer.h"
#include "seal/util/uintarithsmallmod.h"
#include "seal/util/uintcore.h"
#include <stdexcept>
namespace seal
{
namespace util
{
class NTTTables
{
public:
NTTTables(NTTTables &&source) = default;
NTTTables(NTTTables ©)
: pool_(copy.pool_), root_(copy.root_), coeff_count_power_(copy.coeff_count_power_),
coeff_count_(copy.coeff_count_), modulus_(copy.modulus_), inv_degree_modulo_(copy.inv_degree_modulo_)
{
root_powers_ = allocate<MultiplyUIntModOperand>(coeff_count_, pool_);
inv_root_powers_ = allocate<MultiplyUIntModOperand>(coeff_count_, pool_);
std::copy_n(copy.root_powers_.get(), coeff_count_, root_powers_.get());
std::copy_n(copy.inv_root_powers_.get(), coeff_count_, inv_root_powers_.get());
}
NTTTables(int coeff_count_power, const Modulus &modulus, MemoryPoolHandle pool = MemoryManager::GetPool());
SEAL_NODISCARD inline std::uint64_t get_root() const
{
return root_;
}
SEAL_NODISCARD inline MultiplyUIntModOperand get_from_root_powers(std::size_t index) const
{
#ifdef SEAL_DEBUG
if (index >= coeff_count_)
{
throw std::out_of_range("index");
}
#endif
return root_powers_[index];
}
SEAL_NODISCARD inline MultiplyUIntModOperand get_from_inv_root_powers(std::size_t index) const
{
#ifdef SEAL_DEBUG
if (index >= coeff_count_)
{
throw std::out_of_range("index");
}
#endif
return inv_root_powers_[index];
}
SEAL_NODISCARD inline const MultiplyUIntModOperand &inv_degree_modulo() const
{
return inv_degree_modulo_;
}
SEAL_NODISCARD inline const Modulus &modulus() const
{
return modulus_;
}
SEAL_NODISCARD inline int coeff_count_power() const
{
return coeff_count_power_;
}
SEAL_NODISCARD inline std::size_t coeff_count() const
{
return coeff_count_;
}
private:
NTTTables &operator=(const NTTTables &assign) = delete;
NTTTables &operator=(NTTTables &&assign) = delete;
void initialize(int coeff_count_power, const Modulus &modulus);
// Computed bit-scrambled vector of first 1 << coeff_count_power powers
// of a primitive root.
void ntt_powers_of_primitive_root(std::uint64_t root, MultiplyUIntModOperand *destination) const;
MemoryPoolHandle pool_;
std::uint64_t root_ = 0;
int coeff_count_power_ = 0;
std::size_t coeff_count_ = 0;
Modulus modulus_;
MultiplyUIntModOperand inv_degree_modulo_;
// Size coeff_count_
Pointer<MultiplyUIntModOperand> root_powers_;
// Size coeff_count_
Pointer<MultiplyUIntModOperand> inv_root_powers_;
};
/**
Allocate and construct an array of NTTTables each with different a modulus.
@throws std::invalid_argument if modulus is empty, modulus does not support NTT, coeff_count_power is invalid,
or pool is uninitialized.
*/
void CreateNTTTables(
int coeff_count_power, const std::vector<Modulus> &modulus, Pointer<NTTTables> &tables,
MemoryPoolHandle pool);
void ntt_negacyclic_harvey_lazy(CoeffIter operand, const NTTTables &tables);
inline void ntt_negacyclic_harvey_lazy(
RNSIter operand, std::size_t coeff_modulus_size, ConstNTTTablesIter tables)
{
#ifdef SEAL_DEBUG
if (!operand)
{
throw std::invalid_argument("operand");
}
if (!tables)
{
throw std::invalid_argument("tables");
}
#endif
SEAL_ITERATE(iter(operand, tables), coeff_modulus_size, [&](auto I) {
ntt_negacyclic_harvey_lazy(get<0>(I), get<1>(I));
});
}
inline void ntt_negacyclic_harvey_lazy(PolyIter operand, std::size_t size, ConstNTTTablesIter tables)
{
#ifdef SEAL_DEBUG
if (!operand)
{
throw std::invalid_argument("operand");
}
if (!tables)
{
throw std::invalid_argument("tables");
}
#endif
SEAL_ITERATE(
operand, size, [&](auto I) { ntt_negacyclic_harvey_lazy(I, operand.coeff_modulus_size(), tables); });
}
inline void ntt_negacyclic_harvey(CoeffIter operand, const NTTTables &tables)
{
ntt_negacyclic_harvey_lazy(operand, tables);
// Finally maybe we need to reduce every coefficient modulo q, but we
// know that they are in the range [0, 4q).
// Since word size is controlled this is fast.
std::uint64_t modulus = tables.modulus().value();
std::uint64_t two_times_modulus = modulus * 2;
std::size_t n = std::size_t(1) << tables.coeff_count_power();
SEAL_ITERATE(operand, n, [&](auto &I) {
// Note: I must be passed to the lambda by reference.
if (I >= two_times_modulus)
{
I -= two_times_modulus;
}
if (I >= modulus)
{
I -= modulus;
}
});
}
inline void ntt_negacyclic_harvey(RNSIter operand, std::size_t coeff_modulus_size, ConstNTTTablesIter tables)
{
#ifdef SEAL_DEBUG
if (!operand)
{
throw std::invalid_argument("operand");
}
if (!tables)
{
throw std::invalid_argument("tables");
}
#endif
SEAL_ITERATE(iter(operand, tables), coeff_modulus_size, [&](auto I) {
ntt_negacyclic_harvey(get<0>(I), get<1>(I));
});
}
inline void ntt_negacyclic_harvey(PolyIter operand, std::size_t size, ConstNTTTablesIter tables)
{
#ifdef SEAL_DEBUG
if (!operand)
{
throw std::invalid_argument("operand");
}
if (!tables)
{
throw std::invalid_argument("tables");
}
#endif
SEAL_ITERATE(
operand, size, [&](auto I) { ntt_negacyclic_harvey(I, operand.coeff_modulus_size(), tables); });
}
void inverse_ntt_negacyclic_harvey_lazy(CoeffIter operand, const NTTTables &tables);
inline void inverse_ntt_negacyclic_harvey_lazy(
RNSIter operand, std::size_t coeff_modulus_size, ConstNTTTablesIter tables)
{
#ifdef SEAL_DEBUG
if (!operand)
{
throw std::invalid_argument("operand");
}
if (!tables)
{
throw std::invalid_argument("tables");
}
#endif
SEAL_ITERATE(iter(operand, tables), coeff_modulus_size, [&](auto I) {
inverse_ntt_negacyclic_harvey_lazy(get<0>(I), get<1>(I));
});
}
inline void inverse_ntt_negacyclic_harvey_lazy(PolyIter operand, std::size_t size, ConstNTTTablesIter tables)
{
#ifdef SEAL_DEBUG
if (!operand)
{
throw std::invalid_argument("operand");
}
if (!tables)
{
throw std::invalid_argument("tables");
}
#endif
SEAL_ITERATE(operand, size, [&](auto I) {
inverse_ntt_negacyclic_harvey_lazy(I, operand.coeff_modulus_size(), tables);
});
}
inline void inverse_ntt_negacyclic_harvey(CoeffIter operand, const NTTTables &tables)
{
inverse_ntt_negacyclic_harvey_lazy(operand, tables);
std::uint64_t modulus = tables.modulus().value();
std::size_t n = std::size_t(1) << tables.coeff_count_power();
// Final adjustments; compute a[j] = a[j] * n^{-1} mod q.
// We incorporated the final adjustment in the butterfly. Only need to reduce here.
SEAL_ITERATE(operand, n, [&](auto &I) {
// Note: I must be passed to the lambda by reference.
if (I >= modulus)
{
I -= modulus;
}
});
}
inline void inverse_ntt_negacyclic_harvey(
RNSIter operand, std::size_t coeff_modulus_size, ConstNTTTablesIter tables)
{
#ifdef SEAL_DEBUG
if (!operand)
{
throw std::invalid_argument("operand");
}
if (!tables)
{
throw std::invalid_argument("tables");
}
#endif
SEAL_ITERATE(iter(operand, tables), coeff_modulus_size, [&](auto I) {
inverse_ntt_negacyclic_harvey(get<0>(I), get<1>(I));
});
}
inline void inverse_ntt_negacyclic_harvey(PolyIter operand, std::size_t size, ConstNTTTablesIter tables)
{
#ifdef SEAL_DEBUG
if (!operand)
{
throw std::invalid_argument("operand");
}
if (!tables)
{
throw std::invalid_argument("tables");
}
#endif
SEAL_ITERATE(
operand, size, [&](auto I) { inverse_ntt_negacyclic_harvey(I, operand.coeff_modulus_size(), tables); });
}
} // namespace util
} // namespace seal