What's New in Concrete v0.1.10
Support for homomorphic boolean gates, new open source license, and more!
Concrete is an open source FHE development framework that implements Zama’s variant of TFHE. Its low-level library Concrete Core can be used to build higher-level libraries for various computing needs.
Concrete Core supports many FHE features, including Programmable Bootstrapping (PBS) –which allows homomorphic evaluation of non-linear functions– and leveled operations such as addition and constant multiplication for both LWE and RLWE ciphertexts.
As the only library that currently supports PBS, Concrete was used to demonstrate how deep neural networks with 20, 50 and 100 activation layers could be evaluated homomorphically in a matter of seconds.
Homomorphic Boolean Gates
Today, we are releasing Concrete Boolean, a new high-level library for homomorphic boolean gates, built on top of Concrete Core, and which implements TFHE’s gate bootstrapping. Concrete Boolean offers the same functionalities already proposed by TFHE lib, and adds new ones on top of it.
This new library is available via the Rust concrete-boolean crate, and includes the following boolean operators:
AND: the logic binary “and” gate;
OR: the logic binary “or” gate;
XOR: the logic binary “exclusive or” gate;
NOT: the logic unary “inverter” gate;
NAND: the logic binary “not and” gate;
NOR: the logic binary “not or” gate;
XNOR: the logic binary “exclusive nor” gate;
MUX: the logic ternary “multiplexer” gate.
Boolean circuits are commonly used in computer science and electronics and are a generic way to describe any deterministic algorithm. Thus, an FHE scheme that supports homomorphic boolean operators can be used to compute any program homomorphically.
Pre-computed parameter sets
One of the key difficulties in using FHE is the need to correctly set cryptographic parameters to achieve the right trade-off between correctness and performance, while maintaining a desired level of security. For boolean circuits, using a less efficient parameter set will usually imply a smaller risk of having an incorrect gate evaluation and vice versa. The choice of parameters ultimately depends on the application itself.
To help developers without a background in cryptography get up and running quickly, Concrete Boolean comes with two precomputed parameter sets, both of which achieve 128-bits of security according to the LWE estimator:
TFHE_LIB_PARAMETERS
corresponds to the original TFHE library parameters, while DEFAULT_PARAMETERS
is a new, more efficient parameter set introduced in Concrete. The measured time for a binary gate computation was obtained on a regular laptop with a 2,6 GHz 6-core Intel Core i7 processor helped with AVX2 and on a single thread.
Example usage
Here is a simple example showing how to use the Concrete Boolean (source):
extern crate concrete_boolean; | |
use concrete_boolean::gen_keys; | |
// We generate a set of client/server keys, using the default parameters: | |
let (client_key, server_key) = gen_keys(); | |
// We use the client secret key to encrypt two messages: | |
let ct_1 = client_key.encrypt(true); | |
let ct_2 = client_key.encrypt(false); | |
// We use the server public key to execute a boolean circuit: | |
// if ((NOT ct_2) NAND (ct_1 AND ct_2)) then (NOT ct_2) else (ct_1 AND ct_2) | |
let ct_3 = server_key.not(&ct_2); | |
let ct_4 = server_key.and(&ct_1, &ct_2); | |
let ct_5 = server_key.nand(&ct_3, &ct_4); | |
let ct_6 = server_key.mux(&ct_5, &ct_3, &ct_4); | |
// We use the client key to decrypt the output of the circuit: | |
let output = client_key.decrypt(&ct_6); | |
assert_eq!(output, true); |
Relicensing
The new version of Concrete will be released as open source using a new license, namely the BSD-3-clause-clear. This is to enable more flexibility for users who do not wish to carry the risk of the original AGPLv3 license, while still enabling Zama to build a business long-term. We will be publishing a post soon to explain our licensing approach and why we chose this particular one.
What’s next
This boolean library is just one example of the wide range of possibilities offered by homomorphic encryption. Some features we are exploring for future releases of Concrete:
new parameter sets to enable users to have more options to fine-tune the efficiency/error trade-off.
support for ciphertext metadata, such as the amount of noise present or encoding parameters. This makes it easier to compute algorithms on non-modular messages.
new homomorphic operators, such as LWE to GLWE key switching, the internal product between GGSW ciphertexts and public encryption keys.
Let us know what else you would like to see, and if you would like to contribute!
Contributors: Ilaria Chillotti, Ben Curtis, Damien Ligier, Alexandre Péré
Concrete Links: github | documentation | website
If you would like to join us at Zama and work on the cutting edge of FHE, we have some current open positions!