lol- A library for lattice cryptography.

Safe HaskellNone



Functions from one cyclotomic ring to another that are linear over a common subring.



data Linear t z e r s Source

An E-linear function from R to S.


NFData (Cyc t s z) => NFData (Linear t z e r s) Source 
Additive (Cyc t s z) => C (Linear t z e r s) Source 
(CElt t zp, CElt t z, (~) * z (LiftOf zp), Lift zp z, Fact s) => Lift' (Linear t zp e r s) Source 
(Reduce z zq, Fact s, CElt t z, CElt t zq) => Reduce (Linear t z e r s) (Linear t zq e r s) Source 
type LiftOf (Linear t zp e r s) = Linear t (LiftOf zp) e r s Source 

type ExtendLinIdx e r s e' r' s' = (Fact r, e ~ FGCD r e', r' ~ FLCM r e', e' `Divides` s', s `Divides` s') Source

A convenient constraint synonym for extending a linear function to larger rings.

linearDec :: forall t z e r s. (e `Divides` r, e `Divides` s, CElt t z) => [Cyc t s z] -> Linear t z e r s Source

Construct an E-linear function given a list of its output values (in S) on the relative decoding basis of R/E. The number of elements in the list must not exceed the size of the basis.

evalLin :: forall t z e r s. (e `Divides` r, e `Divides` s, CElt t z) => Linear t z e r s -> Cyc t r z -> Cyc t s z Source

Evaluates the given linear function on the input.

extendLin :: (ExtendLinIdx e r s e' r' s', CElt t z) => Linear t z e r s -> Linear t z e' r' s' Source

Extend an E-linear function R->S to an E'-linear function R'->S'. (Mathematically, such extension only requires lcm(r,e') | r' (not equality), but this generality would significantly complicate the implementation, and for our purposes there's no reason to use any larger r'.)