add iSHE algorithm to HEU

heu/algorithms/incubator/ishe/BUILD.bazel

@@ -0,0 +1,81 @@
+# Copyright 2024 CyberChangAn Group, Xidian University.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+load("@yacl//bazel:yacl.bzl", "yacl_cc_library", "yacl_cc_test")
+
+package(default_visibility = ["//visibility:public"])
+
+test_suite(
+    name = "ishe_tests",
+)
+
+yacl_cc_library(
+    name = "ishe",
+    srcs = ["he_kit.cc"],
+    hdrs = ["he_kit.h"],
+    deps = [
+        ":base",
+        ":decryptor",
+        ":encryptor",
+        ":evaluator",
+    ],
+    alwayslink = 1,
+)
+
+yacl_cc_library(
+    name = "base",
+    srcs = ["base.cc"],
+    hdrs = ["base.h"],
+    deps = [
+        "//heu/spi/he/sketches/scalar/phe",
+        "//heu/spi/utils:formater",
+        "@yacl//yacl/utils:serializer",
+    ],
+)
+
+yacl_cc_library(
+    name = "encryptor",
+    srcs = ["encryptor.cc"],
+    hdrs = ["encryptor.h"],
+    deps = [
+        ":base",
+        "//heu/spi/utils:formater",
+    ],
+)
+
+yacl_cc_library(
+    name = "decryptor",
+    srcs = ["decryptor.cc"],
+    hdrs = ["decryptor.h"],
+    deps = [
+        ":base",
+    ],
+)
+
+yacl_cc_library(
+    name = "evaluator",
+    srcs = ["evaluator.cc"],
+    hdrs = ["evaluator.h"],
+    deps = [
+        ":encryptor",
+    ],
+)
+
+yacl_cc_test(
+    name = "ishe_test",
+    srcs = ["ishe_test.cc"],
+    deps = [
+        ":ishe",
+    ],
+)

heu/algorithms/incubator/ishe/README.md

@@ -0,0 +1,52 @@
+# iSHE
+
+## 简介
+
+iSHE(improved SHE)，是一种对主流的对称同态加密技术的改进的对称同态加密技术(Symmetric Homomorphic Encryption,SHE)而提出的新的同态加密技术，它可以在不损害安全性的情况下提高原始SHE的性能，并在一些解决方案中作为加密原语。SHE被证明是CPA安全的，被广泛应用于可搜索的加密方案中，而iSHE是原始SHE在抵抗AGCD(Approximate Greatest Common Divisor)攻击的同时提高性能的一个新版本。
+
+
+## 同态性质
+
+### Mul-1
+
+Ciphertext mul ciphertext:
+
+iSHE.Dec(sk,(⟦m1⟧·⟦m_2⟧) mod N, d) = m1· m2
+
+### Mul-2
+
+Ciphertext mul plaintext:
+
+iSHE.Dec(sk,(⟦m1⟧·m2) mod N, d) = m1·m2
+
+### Add-1
+
+Ciphertext add ciphertext:
+
+iSHE.Dec(sk,(⟦m1⟧+ ⟦m2⟧) mod N, d) = m1+m2
+
+### Add-2
+
+Ciphertext add plaintext:
+
+iSHE.Dec(sk,(⟦m1⟧+ m2) mod N, d) = m1+m2
+
+## 相关文献
+
+### 安全性和详细证明请参考文献：
+
+https://ieeexplore.ieee.org/document/10517763
+
+Performance Enhanced Secure Spatial Keyword Similarity Query With Arbitrary Spatial Ranges (TIFS’24)
+
+section Ⅴ.A on page 5280
+
+### AGCD攻击相关定义和理论：
+
+https://eprint.iacr.org/2009/616.pdf
+
+Fully Homomorphic Encryption over the Integers
+
+https://eprint.iacr.org/2016/215.pdf
+
+Algorithms for the Approximate Common Divisor Problem

heu/algorithms/incubator/ishe/base.cc

@@ -0,0 +1,96 @@
+// Copyright 2024 CyberChangAn Group, Xidian University.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#include "heu/algorithms/incubator/ishe/base.h"
+
+namespace heu::algos::ishe {
+
+Plaintext ItemTool::Clone(const Plaintext &pt) const { return pt; }
+
+Ciphertext ItemTool::Clone(const Ciphertext &ct) const {
+  return Ciphertext(ct.n_, ct.d_);
+}
+
+size_t Ciphertext::Serialize(uint8_t *buf, size_t buf_len) const {
+  return yacl::SerializeVarsTo(buf, buf_len, n_, d_);
+}
+
+yacl::Buffer Ciphertext::Serialize() const {
+  return yacl::SerializeVars(n_, d_);
+}
+
+void Ciphertext::Deserialize(yacl::ByteContainerView buffer) {
+  DeserializeVarsTo(buffer, &n_, &d_);
+}
+
+std::string Ciphertext::ToString() const {
+  return fmt::format("CT: ({},{})", n_, d_);
+}
+
+SecretKey::SecretKey(MPInt s, MPInt p, MPInt L) {
+  this->s_ = std::move(s);
+  this->p_ = std::move(p);
+  this->L_ = std::move(L);
+}
+
+size_t SecretKey::Serialize(uint8_t *buf, size_t buf_len) const {
+  return yacl::SerializeVarsTo(buf, buf_len, s_, p_, L_);
+}
+
+std::shared_ptr<SecretKey> SecretKey::LoadFrom(yacl::ByteContainerView in) {
+  auto sk = std::make_shared<SecretKey>();
+  DeserializeVarsTo(in, &sk->s_, &sk->p_, &sk->L_);
+  return sk;
+}
+
+PublicParameters::PublicParameters(int64_t k_0, int64_t k_r, int64_t k_M,
+                                   const MPInt &N) {
+  this->k_0 = k_0;
+  this->k_r = k_r;
+  this->k_M = k_M;
+  Init();
+  this->N = N;
+}
+
+PublicParameters::PublicParameters(int64_t k_0, int64_t k_r, int64_t k_M,
+                                   const MPInt &N,
+                                   const std::vector<MPInt> &ADDONES,
+                                   const std::vector<MPInt> &ONES,
+                                   const std::vector<MPInt> &NEGS)
+    : PublicParameters(k_0, k_r, k_M, N) {
+  this->ADDONES = ADDONES;
+  this->ONES = ONES;
+  this->NEGS = NEGS;
+}
+
+size_t PublicParameters::Serialize(uint8_t *buf, size_t buf_len) const {
+  return yacl::SerializeVarsTo(buf, buf_len, k_0, k_r, k_M, N, ADDONES, ONES,
+                               NEGS);
+}
+
+void PublicParameters::Init() {
+  MPInt::Pow(MPInt(2), k_M - 1, &this->M[1]);
+  this->M[0] = -this->M[1];
+}
+
+std::shared_ptr<PublicParameters> PublicParameters::LoadFrom(
+    yacl::ByteContainerView in) {
+  auto pp = std::make_shared<PublicParameters>();
+  DeserializeVarsTo(in, &pp->k_0, &pp->k_r, &pp->k_M, &pp->N, &pp->ADDONES,
+                    &pp->ONES, &pp->NEGS);
+  pp->Init();
+  return pp;
+}
+
+}  // namespace heu::algos::ishe

heu/algorithms/incubator/ishe/base.h

@@ -0,0 +1,122 @@
+// Copyright 2024 CyberChangAn Group, Xidian University.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#pragma once
+
+#include <map>
+#include <string>
+#include <utility>
+
+#include "yacl/base/byte_container_view.h"
+#include "yacl/math/mpint/mp_int.h"
+#include "yacl/utils/serializer.h"
+
+#include "heu/spi/he/sketches/common/keys.h"
+#include "heu/spi/he/sketches/scalar/item_tool.h"
+
+namespace heu::algos::ishe {
+
+using yacl::math::MPInt;
+using Plaintext = MPInt;
+
+class Ciphertext {
+ public:
+  // default constructor
+  Ciphertext() = default;
+
+  explicit Ciphertext(MPInt n) : n_(std::move(n)) { d_ = MPInt(1); }
+
+  explicit Ciphertext(MPInt n, MPInt d) : n_(std::move(n)), d_(std::move(d)) {}
+
+  size_t Serialize(uint8_t *buf, size_t buf_len) const;
+  [[nodiscard]] yacl::Buffer Serialize() const;
+  void Deserialize(yacl::ByteContainerView buffer);
+  [[nodiscard]] std::string ToString() const;
+
+  bool operator==(const Ciphertext &other) const {
+    return n_ == other.n_ && d_ == other.d_;
+  }
+
+  MPInt n_, d_;
+};
+
+class SecretKey : public spi::KeySketch<spi::HeKeyType::SecretKey> {
+ private:
+  MPInt s_, p_, L_;
+
+ public:
+  SecretKey(MPInt s, MPInt p, MPInt L);
+
+  SecretKey() = default;
+
+  [[nodiscard]] size_t Serialize(uint8_t *buf, size_t buf_len) const;
+  static std::shared_ptr<SecretKey> LoadFrom(yacl::ByteContainerView in);
+
+  [[nodiscard]] std::map<std::string, std::string> ListParams() const override {
+    return {
+        {"s_", s_.ToString()}, {"p_", p_.ToString()}, {"L_", L_.ToString()}};
+  }
+
+  [[nodiscard]] MPInt getS() const { return this->s_; }
+
+  [[nodiscard]] MPInt getP() const { return this->p_; }
+
+  [[nodiscard]] MPInt getL() const { return this->L_; }
+};
+
+class PublicParameters : public spi::KeySketch<heu::spi::HeKeyType::PublicKey> {
+ private:
+  MPInt N, M[2];
+
+ public:
+  int64_t k_M = 128;
+  int64_t k_r = 160;
+  int64_t k_0 = 4096;
+  std::vector<MPInt> ADDONES;
+  std::vector<MPInt> ONES;
+  std::vector<MPInt> NEGS;
+  PublicParameters() = default;
+
+  PublicParameters(int64_t k_0, int64_t k_r, int64_t k_M, const MPInt &N);
+
+  PublicParameters(int64_t k_0, int64_t k_r, int64_t k_M, const MPInt &N,
+                   const std::vector<MPInt> &ADDONES,
+                   const std::vector<MPInt> &ONES,
+                   const std::vector<MPInt> &NEGS);
+  [[nodiscard]] size_t Serialize(uint8_t *buf, size_t buf_len) const;
+  static std::shared_ptr<PublicParameters> LoadFrom(yacl::ByteContainerView in);
+
+  [[nodiscard]] size_t Maxsize() const { return k_M - 1; }
+
+  [[nodiscard]] MPInt *MessageSpace() { return M; }
+
+  [[nodiscard]] std::map<std::string, std::string> ListParams() const override {
+    return {{"key_size", fmt::to_string(k_0)},
+            {"random_number_size", fmt::to_string(k_r)},
+            {"message_space_size", M[1].ToString()}};
+  }
+
+  void Init();
+
+  [[nodiscard]] MPInt getN() const { return N; }
+};
+
+class ItemTool : public spi::ItemToolScalarSketch<Plaintext, Ciphertext,
+                                                  SecretKey, PublicParameters> {
+ public:
+  [[nodiscard]] Plaintext Clone(const Plaintext &pt) const override;
+  [[nodiscard]] Ciphertext Clone(const Ciphertext &ct) const override;
+};
+
+}  // namespace heu::algos::ishe

heu/algorithms/incubator/ishe/decryptor.cc

@@ -0,0 +1,41 @@
+// Copyright 2024 CyberChangAn Group, Xidian University.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#include "heu/algorithms/incubator/ishe/decryptor.h"
+
+namespace heu::algos::ishe {
+
+void Decryptor::Decrypt(const Ciphertext &ct, Plaintext *out) const {
+  *out = Decrypt(ct);
+}
+
+Plaintext Decryptor::Decrypt(const Ciphertext &ct) const {
+  /**
+   * decrypt
+   * m: plaintext
+   * d: s's exponent
+   */
+  MPInt tmp;
+  MPInt::PowMod(sk_->getS(), ct.d_, pk_->getN(), &tmp);  // m = s^d
+  MPInt::InvertMod(tmp, pk_->getN(), &tmp);              // (s^d)^-1
+  MPInt::MulMod(ct.n_, tmp, pk_->getN(), &tmp);          // (s^d)^-1 * m mod N
+  MPInt::Mod(tmp, sk_->getP(), &tmp);
+  MPInt::Mod(tmp, sk_->getL(), &tmp);  // (((s^d)^-1 * m mod N ) mod p) mod L
+  if (tmp < sk_->getL() / MPInt(2)) {  // case 1 : m' < L/2
+    return tmp;
+  }
+  return tmp - sk_->getL();  // case 2 : else
+}
+
+}  // namespace heu::algos::ishe