SEAL3.4.5.rar

# Microsoft SEAL Microsoft SEAL is an easy-to-use open-source ([MIT licensed](LICENSE)) homomorphic encryption library developed by the Cryptography and Privacy Research group at Microsoft. Microsoft SEAL is written in modern standard C++ and has no external dependencies, making it easy to compile and run in many different environments. For more information about the Microsoft SEAL project, see [sealcrypto.org](https://www.microsoft.com/en-us/research/project/microsoft-seal). This document pertains to Microsoft SEAL version 3.4. Users of previous versions of the library should look at the [list of changes](Changes.md). # Contents - [Introduction](#introduction) - [Core Concepts](#core-concepts) - [Homomorphic Encryption](#homomorphic-encryption) - [Microsoft SEAL](#microsoft-seal-1) - [Installing Microsoft SEAL](#installing-microsoft-seal) - [Windows](#windows) - [Linux and macOS](#linux-and-macos) - [From NuGet package](#from-nuget-package) - [Enabling Optional Dependencies](#enabling-optional-dependencies) - [Microsoft GSL](#microsoft-gsl) - [ZLIB](#zlib) - [Building Microsoft SEAL for .NET](#building-microsoft-seal-for-net) - [Windows](#windows-1) - [Linux and macOS](#linux-and-macos-1) - [Getting Started](#getting-started) - [Contributing](#contributing) - [Citing Microsoft SEAL](#citing-microsoft-seal) # Introduction ## Core Concepts Most encryption schemes consist of three functionalities: key generation, encryption, and decryption. Symmetric-key encryption schemes use the same secret key for both encryption and decryption; public-key encryption schemes use separately a public key for encryption and a secret key for decryption. Therefore, public-key encryption schemes allow anyone who knows the public key to encrypt data, but only those who know the secret key can decrypt and read the data. Symmetric-key encryption can be used for efficiently encrypting very large amounts of data, and enables secure outsourced cloud storage. Public-key encryption is a fundamental concept that enables secure online communication today, but is typically much less efficient than symmetric-key encryption. While traditional symmetric- and public-key encryption can be used for secure storage and communication, any outsourced computation will necessarily require such encryption layers to be removed before computation can take place. Therefore, cloud services providing outsourced computation capabilities must have access to the secret keys, and implement access policies to prevent unauthorized employees from getting access to these keys. ## Homomorphic Encryption Homomorphic encryption refers to encryption schemes that allow the cloud to compute directly on the encrypted data, without requiring the data to be decrypted first. The results of such encrypted computations remain encrypted, and can be only decrypted with the secret key (by the data owner). Multiple homomorphic encryption schemes with different capabilities and trade-offs have been invented over the past decade; most of these are public-key encryption schemes, although the public-key functionality may not always be needed. Homomorphic encryption is not a generic technology: only some computations on encrypted data are possible. It also comes with a substantial performance overhead, so computations that are already very costly to perform on unencrypted data are likely to be infeasible on encrypted data. Moreover, data encrypted with homomorphic encryption is many times larger than unencrypted data, so it may not make sense to encrypt, e.g., entire large databases, with this technology. Instead, meaningful use-cases are in scenarios where strict privacy requirements prohibit unencrypted cloud computation altogether, but the computations themselves are fairly lightweight. Typically, homomorphic encryption schemes have a single secret key which is held by the data owner. For scenarios where multiple different private data owners wish to engage in collaborative computation, homomorphic encryption is probably not a reasonable solution. Homomorphic encryption cannot be used to enable data scientist to circumvent GDPR. For example, there is no way for a cloud service to use homomorphic encryption to draw insights from encrypted customer data. Instead, results of encrypted computations remain encrypted and can only be decrypted by the owner of the data, e.g., a cloud service customer. ## Microsoft SEAL Microsoft SEAL is a homomorphic encryption library that allows additions and multiplications to be performed on encrypted integers or real numbers. Other operations, such as encrypted comparison, sorting, or regular expressions, are in most cases not feasible to evaluate on encrypted data using this technology. Therefore, only specific privacy-critical cloud computation parts of programs should be implemented with Microsoft SEAL. It is not always easy or straightfoward to translate an unencrypted computation into a computation on encrypted data, for example, it is not possible to branch on encrypted data. Microsoft SEAL itself has a steep learning curve and requires the user to understand many homomorphic encryption specific concepts, even though in the end the API is not too complicated. Even if a user is able to program and run a specific computation using Microsoft SEAL, the difference between efficient and inefficient implementations can be several orders of magnitude, and it can be hard for new users to know how to improve the performance of their computation. Microsoft SEAL comes with two different homomorphic encryption schemes with very different properties. The BFV scheme allows modular arithmetic to be performed on encrypted integers. The CKKS scheme allows additions and multiplications on encrypted real or complex numbers, but yields only approximate results. In applications such as summing up encrypted real numbers, evaluating machine learning models on encrypted data, or computing distances of encrypted locations CKKS is going to be by far the best choice. For applications where exact values are necessary, the BFV scheme is the only choice. # Installing Microsoft SEAL ## Windows Microsoft SEAL comes with a Microsoft Visual Studio 2019 solution file `SEAL.sln` that can be used to conveniently build the library, examples, and unit tests. Visual Studio 2017 version 15.3 or newer is required to build Microsoft SEAL. #### Platform The Visual Studio solution `SEAL.sln` is configured to build Microsoft SEAL both for `Win32` and `x64` platforms. Please choose the right platform before building Microsoft SEAL. The `SEALNetNative` project or the .NET wrapper library `SEALNet` can only be built for `x64`. #### Debug and Release builds You can easily switch from Visual Studio build configuration menu whether Microsoft SEAL should be built in `Debug` mode (no optimizations) or in `Release` mode. Please note that `Debug` mode should not be used except for debugging Microsoft SEAL itself, as the performance will be orders of magnitude worse than in `Release` mode. #### Building Microsoft SEAL Build the SEAL project `native\src\SEAL.vcxproj` from `SEAL.sln`. This results in the static library `seal.lib` to be created in `native\lib\$(Platform)\$(Configuration)`. When linking with applications, you need to add `native\src\` (full path) as an include directory for Microsoft SEAL header files. #### Building Examples Build the SEALExamples project `native\examples\SEALExamples.vcxproj` from `SEAL.sln`. This results in an executable `sealexamples.exe` to be created in `native\bin\$(Platform)\$(Configuration)`. #### Building Unit Tests The unit tests require the Google Test framework to be installed. The appropriate NuGet package is already listed in `native\tests\packages.config`, so once you attempt to build the SEALTest project `native\tests\SEALTest.vcxproj` from `SEAL.sln` Visual Studio will automatically download and install it for you. ## Linux and macOS Microsoft SEAL