Exemple #1
0
// same as above, but assumes that c1 is already chosen by the caller
void RLWE1(DoubleCRT& c0, const DoubleCRT& c1, const DoubleCRT &s, long p)
{
  assert (p>0); // Can be used with p=1, but we always use with p>=2

  // choose a short error e, set c0 =  p*e - c1*s
  c0.sampleGaussian();
  c0 *= p;

  // It is assumed that c0,c1 are defined with respect to the same set of
  // primes, but s may be defined relative to a different set. Either way
  // the primes for of c0,c1 are unchanged.
  DoubleCRT tmp(c1);
  tmp.Mul(s, /*matchIndexSets=*/false); // multiply but don't mod-up
  c0 -= tmp;
}
Exemple #2
0
NTL_CLIENT

/******** Utility function to generate RLWE instances *********/

// Choose random c0,c1 such that c0+s*c1 = p*e for a short e
void RLWE(DoubleCRT& c0, DoubleCRT& c1, const DoubleCRT &s, long p,
          ZZ* prgSeed=NULL)
{
    assert (p>0); // Can be used with p=1, but we always use with p>=2

    // choose c1 at random (using prgSeed if not NULL)
    c1.randomize(prgSeed);

    // choose a short error e, set c0 =  p*e - c1*s
    c0.sampleGaussian();
    c0 *= p;

    // It is assumed that c0,c1 are defined with respect to the same set of
    // primes, but s may be defined relative to a different set. Either way
    // the primes for of c0,c1 are unchanged.
    DoubleCRT tmp(c1);
    tmp.Mul(s, /*matchIndexSets=*/false); // multiply but don't mod-up
    c0 -= tmp;
}