Skip to content

Commit

Permalink
docs(frontend): renaming
Browse files Browse the repository at this point in the history
  • Loading branch information
aquint-zama committed Apr 29, 2024
1 parent fc41998 commit 6f83c98
Show file tree
Hide file tree
Showing 5 changed files with 16 additions and 15 deletions.
7 changes: 4 additions & 3 deletions .gitbook.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -36,17 +36,18 @@ redirects:
howto/debug: execution-analysis/debug.md
howto/call_from_other_language: explanations/call_from_other_language.md
dev/fusing: explanations/fusing.md
dev/backends/README: explanations/backends/README.md
dev/backends: explanations/backends/README.md
dev/backends/new_backend: explanations/backends/new_backend.md
dev/compilation: dev/compilation/compiler_workflow.md
dev/compilation/optimizer: explanations/optimizer.md
dev/compilation/dialects: explanations/dialects.md
dev/compilation/README: explanations/compilation/README.md
dev/compilation/FHELinalgDialect: explanations/FHELinalgDialect.md
dev/compilation/FHEDialect: explanations/FHEDialect.md
dev/compilation/TFHEDialect: explanations/TFHEDialect.md
dev/compilation/ConcreteDialect: explanations/ConcreteDialect.md
dev/compilation/TracingDialect: explanations/TracingDialect.md
dev/compilation/RTDialect: explanations/RTDialect.md
dev/compilation/SDFGDialect: explanations/SDFGDialect.md
dev/security/security_curves: explanations/security_curves.md
dev/security/security_curves: explanations/security.md
explanations/security_curves: explanations/security.md
dev/setup/layout: explanations/layout.md
4 changes: 2 additions & 2 deletions docs/SUMMARY.md
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,7 @@

## Explanations

* [Compiler workflow](dev/compilation/README.md)
* [Compiler workflow](dev/compilation/compiler_workflow.md)
* [Frontend fusing](explanations/fusing.md)
* [Compiler backend](explanations/backends/README.md)
* [Adding a new backend](explanations/backends/new_backend.md)
Expand All @@ -75,7 +75,7 @@
* [Tracing dialect](explanations/TracingDialect.md)
* [Runtime dialect](explanations/RTDialect.md)
* [SDFG dialect](explanations/SDFGDialect.md)
* [Security](explanations/security_curves.md)
* [Security](explanations/security.md)
* [Call FHE circuits from other languages](explanations/call_from_other_language.md)
* [Project layout](explanations/layout.md)

Expand Down
File renamed without changes.
4 changes: 2 additions & 2 deletions docs/explanations/optimizer.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

`concrete-optimizer` is a tool that selects appropriate cryptographic parameters for a given fully homomorphic encryption (FHE) computation. These parameters have an impact on the security, correctness, and efficiency of the computation.

The computation is guaranteed to be secure with the given level of security (see [here](./security_curves.md) for details) which is typically 128 bits. The correctness of the computation is guaranteed up to a given failure probability. A surrogate of the execution time is minimized which allows for efficient FHE computation.
The computation is guaranteed to be secure with the given level of security (see [here](./security.md) for details) which is typically 128 bits. The correctness of the computation is guaranteed up to a given failure probability. A surrogate of the execution time is minimized which allows for efficient FHE computation.

The cryptographic parameters are degrees of freedom in the FHE algorithms (bootstrapping, keyswitching, etc.) that need to be fixed. The search space for possible crypto-parameters is finite but extremely large. The role of the optimizer is to quickly find the most efficient crypto-parameters possible while guaranteeing security and correctness.

Expand All @@ -14,7 +14,7 @@ The security level is chosen by the user. We typically operate at a fixed securi

An independent public research tool, the [lattice estimator](https://github.com/malb/lattice-estimator), is used to estimate the security level. The lattice estimator is maintained by FHE experts. For a given set of crypto-parameters, this tool considers all possible attacks and returns a security level.

For each security level, a parameter curve of the appropriate minimal error level is pre-computed using the lattice estimator, and is used as an input to the optimizer. Learn more about the parameter curves [here](./security_curves.md).
For each security level, a parameter curve of the appropriate minimal error level is pre-computed using the lattice estimator, and is used as an input to the optimizer. Learn more about the parameter curves [here](./security.md).

### Correctness

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -5,17 +5,17 @@
To select secure cryptographic parameters for usage in Concrete, we utilize the [Lattice-Estimator](https://github.com/malb/lattice-estimator). In particular, we use the following workflow:

1. Data Acquisition
- For a given value of $$(n, q = 2^{64}, \sigma)$$ we obtain raw data from the Lattice Estimator, which ultimately leads to a security level $$\lambda$$. All relevant attacks in the Lattice Estimator are considered.
- Increase the value of $$\sigma$$, until the tuple $$(n, q = 2^{64}, \sigma)$$ satisfies the target level of security $$\lambda_{target}$$.
- For a given value of $$(n, q = 2^{64}, \sigma)$$ we obtain raw data from the Lattice Estimator, which ultimately leads to a security level $$\lambda$$. All relevant attacks in the Lattice Estimator are considered.
- Increase the value of $$\sigma$$, until the tuple $$(n, q = 2^{64}, \sigma)$$ satisfies the target level of security $$\lambda_{target}$$.
- Repeat for several values of $$n$$.

2. Model Generation for $$\lambda = \lambda_{target}$$.
2. Model Generation for $$\lambda = \lambda_{target}$$.
- At this point, we have several sets of points $$\{(n, q = 2^{64}, \sigma)\}$$ satisfying the target level of security $$\lambda_{target}$$. From here, we fit a model to this raw data ($$\sigma$$ as a function of $$n$$).

3. Model Verification.
- For each model, we perform a verification check to ensure that the values output from the function $$\sigma(n)$$ provide the claimed level of security, $$\lambda_{target}$$.
- For each model, we perform a verification check to ensure that the values output from the function $$\sigma(n)$$ provide the claimed level of security, $$\lambda_{target}$$.

These models are then used as input for Concrete, to ensure that the parameter space explored by the compiler attains the required security level. Note that we consider the `RC.BDGL16` lattice reduction cost model within the Lattice Estimator.
These models are then used as input for Concrete, to ensure that the parameter space explored by the compiler attains the required security level. Note that we consider the `RC.BDGL16` lattice reduction cost model within the Lattice Estimator.
Therefore, when computing our security estimates, we use the call `LWE.estimate(params, red_cost_model = RC.BDGL16)` on the input parameter set `params`.

{% hint style="warning" %}
Expand All @@ -36,7 +36,7 @@ To compare the current curves with the output of the lattice estimator, use:

make compare-curves

this will compare the four curves generated above against the output of the version of the lattice estimator found in the [third_party folder](https://github.com/zama-ai/concrete/tree/main/third_party).
this will compare the four curves generated above against the output of the version of the lattice estimator found in the [third_party folder](https://github.com/zama-ai/concrete/tree/main/third_party).

To generate the associated cpp and rust code, use::

Expand All @@ -47,7 +47,7 @@ further advanced options can be found inside the Makefile.
## Example

To look at the raw data gathered in step 1., we can look in the [sage-object folder](https://github.com/zama-ai/concrete/tree/main/tools/parameter-curves/sage-object). These objects can be loaded in the following way using SageMath:

sage: X = load("128.sobj")

entries are tuples of the form: $$(n, log_2(q), log_2(\sigma), \lambda)$$. We can view individual entries via::
Expand All @@ -68,5 +68,5 @@ Here we can see the linear model parameters $$(a = -0.026599462343105267, b = 2.

$$ \sigma = a * n + b = -37.85 $$

This value corresponds to the logarithm of the relative error size. Using the parameter set $$(n, log(q), \sigma = 2^{64 - 37.85})$$ in the Lattice Estimator confirms a 128-bit security level.
This value corresponds to the logarithm of the relative error size. Using the parameter set $$(n, log(q), \sigma = 2^{64 - 37.85})$$ in the Lattice Estimator confirms a 128-bit security level.

0 comments on commit 6f83c98

Please sign in to comment.