tfhe-rs-0.11.1

Summary

TFHE-rs v0.11.1 fixes a data backward compatibility issue with CompactPkeCrs that were serialized in previous versions as CompactPkePublicParams.

TFHE-rs v0.11.0

Summary

TFHE-rs v0.11.0 introduces significant improvements and new features, including enhanced Zero Knowledge proof performance, a new FheAsciiString type for secure string operations, and a 28% CPU performance boost for shift/rotate operations on 64-bit values. On the GPU side, we've improved GPU performance by 30% for 64-bit addition and expanded GPU support to arrays of ciphertexts. In addition, TFHE-rs v0.11 introduces noise assertions for debugging, new default parameters, and several fixes and optimizations to enhance overall usability and reliability.

What's Changed

Breaking Changes

Warning

Incompatible data structures:
Data compatibility is not guaranteed for versions older than 0.10.
The following structures and their seeded variants are incompatible:

• All GgswCiphertext and its Fourier and NTT variants
• GgswCiphertextList, LweBootstrapKey and its Fourier and NTT variants
• LweKeyswitchKey, LweMultiBitBootstrapKey and its Fourier variant
• LwePackingKeyswitchKey, LwePrivateFunctionalPackingKeyswitchKey
• LwePrivateFunctionalPackingKeyswitchKeyList
• All the shortint, integer and High Level API keys using those lower level primitives, including ServerKey types and their compressed variants.

Parameter and function changes:

• The DispersionParameter trait in core_crypto now returns new types for all its functions instead of raw f64.
• Zero Knowledge proofs can now only be used with dedicated parameters.
• ZkVerificationOutCome has been renamed to ZkVerificationOutcome
• CompactPkePublicParams has been deprecated; use CompactPkeCrs instead.
• Arch specific features (like x86_64-unix) have been dropped in favor of auto-detection.
• Default parameters are now TUniform parameters.
• ActivatedRandomGenerator has been renamed to DefaultRandomGenerator.

Please update your code accordingly.

New features

CPU

• Add strings module, usable in the HL API via the FheAsciiString type
• Add Zero Knowledge v2 with vastly improved performance
• LweSecretKey and GlweSecretKey now support safe serialization
• Add safe_serialized_size to get the seriliazed size of entities supporting safe serialization
• Add a batched PBS loading the key only once and processing all ciphertexts at once
• Add the safe_deserialize method for CompactPkeCrs in the Javascript API
• Add C API primitives to get/clear the last error from TFHE-rs as a const char * and enable/disable automatic printing of errors to stderr
• Add debug noise-asserts feature to verify shortint noise levels are valid with respect to a user-provided maximum noise level

GPU

• Add absolute value
• Add signed division
• Add array types
• Add comparison of arrays and array search

Improvements

CPU

• Encrypted shift and rotate have improved performance (+28% for 64 bits values)
• Conformance checks for Zero Knowledge proofs now also verify the validity of elliptic curve points

GPU

• Modify double to u64 cast in some kernels to use intrinsics.
• Optimize integer multiplication when one of the input ciphertexts holds a boolean value.
• Improve single carry propagation performance.
• Add a function to check if a cuda device is available on the machine.

Fixes

CPU

• High Level API CompressedCiphertextListBuilder now uses the current ServerKey device when compressing data instead of panicking when mixing CPU and GPU usage
• Fix compact public key encryption of a single ciphertext in core_crypto, shortint, integer and the High Level API were not affected by the bug
• Fix serialized_size_limit to include header sizes of entities
• Fix gadget decomposition over one level to be balanced
• Fix Zero Knowledge proof compatibility between 32 bits (WASM) and 64 bits plaftorm
• Fix a corner-case for carry propagation for signed sub with overflow which could only be triggered by manually selecting propagation algorithm
• Fix a corner-case for comparisons in case of an empty (no blocks) integer ciphertext
• Fix full_propagate_parallelized to also reset the noise of blocks not part of the carry propagation
• Fix encoding during compression which was pessimizing the failure probability

GPU

• Fixes to compression.
• Fix sample extract for the many LUT use case.
• Fix many LUT with multiple GPUs.
• Fix memory error in cg classical PBS.
• Fix gadget decomposition over one level to be balanced.
• General fixes and improvements to the multi-bit PBS.
• Fix signed overflowing subtraction for one block case.
• Fix equal and scalar ne.
• Fix single GPU execution on a device other than 0 for all functions.
• Fix ct degree / noise level tracking in several operations.

TFHE-rs v0.10.0

Summary

TFHE-rs v0.10.0 introduces breaking data changes for older data that was deprecated and to avoid having to manage too much legacy code for certain structures.

The levels for primitives involving decomposition now all follow the natural decomposition order, storing decomposition levels from the highest level to the lowest level, matching the order of decomposition when using a decomposer.

What's Changed

Breaking Changes

Warning

• data compatibility is not guaranteed for version older than 0.8 for Ciphertexts
• All GgswCiphertext and its Fourier and NTT variants, GgswCiphertextList, LweBootstrapKey and its Fourier and NTT variants, LweKeyswitchKey, LweMultiBitBootstrapKey and its Fourier variant, LwePackingKeyswitchKey, LwePrivateFunctionalPackingKeyswitchKey and LwePrivateFunctionalPackingKeyswitchKeyList are all incompatible with 0.9 and older.
• The seeded variants of these structures are incompatible as well.
• All the shortint, integer and High Level API keys using those lower level primitives are incompatible as well.

TFHE-rs v0.9.1

Summary

TFHE-rs v0.9.1 fixes zk proof compatibility between 32bits and 64bits architectures.

TFHE-rs v0.8.7

Summary

TFHE-rs v0.8.7 fixes zk proof compatibility between 32bits and 64bits architectures.

TFHE-rs v0.7.5

Summary

TFHE-rs v0.7.5 fixes zk proof compatibility between 32bits and 64bits architectures.

TFHE-rs v0.9.0

Summary

TFHE-rs v0.9.0 introduces breaking data changes for older data that was deprecated and to avoid having to manage too much legacy code for certain structures.

What's Changed

Breaking Changes

Warning

• data compatibility is not guaranteed for version older than 0.8
• SeededLweKeyswitchKey and SeededLwePackingKeyswitchKey are incompatible between version 0.8 and 0.9, the CompressedServerKey from shortint, integer and the High Level API are therefore incompatible as well as the CompressedCompressionKey from shortint and integer.
• LweKeyswitchKey and LwePackingKeyswitchKey have had an update to their layout that can be loaded from 0.8 using the versioning primitives, the ServerKey from shortint, integer and the High Level API as well as the CompressionKey from shortint and integer are loadable using versioning.

TFHE-rs v0.8.6

Summary

TFHE-rs v0.8.6 adds wasm bindings for safe_serialize and safe_deserialize for the CompactPkePublicParams

TFHE-rs v0.8.5

Summary

TFHE-rs v0.8.5 fixes some serialization issues.

What's changed

In safe serialization, the serialized size limit is an upper bound on the serialized size.
With TFHE-rs v0.8.5, it includes header size.

The unlimited size option did not work. It is now fixed.

TFHE-rs v0.8.4

Summary

TFHE-rs v0.8.4 add a new function to get the size of serialized data before serializing them: safe_serialization::safe_serialized_size.
MSRV has been updated to 1.81.