Safe Haskell	None
Language	Haskell2010

Crypto.Lol.RLWE.Continuous

Description

\( \def\Z{\mathbb{Z}} \) \( \def\R{\mathbb{R}} \) Functions and types for working with continuous ring-LWE samples.

Synopsis

Documentation

type Sample t m zq rrq = (Cyc t m zq, UCyc t m D rrq) Source #

A continuous RLWE sample \( (a,b) \in R_q \times K/(qR)\). (The second component is a UCyc because the base type rrq representing \(\R/(q\Z)\), is an additive group but not a ring, so we can't usefully work with a Cyc over it.)

type RLWECtx t m zq rrq = (Fact m, Ring zq, CElt t zq, Subgroup zq rrq, Lift' rrq, TElt t rrq, TElt t (LiftOf rrq)) Source #

Common constraints for working with continuous RLWE.

sample :: forall rnd v t m zq rrq. (RLWECtx t m zq rrq, Random zq, Random (LiftOf rrq), OrdFloat (LiftOf rrq), MonadRandom rnd, ToRational v) => v -> Cyc t m zq -> rnd (Sample t m zq rrq) Source #

A continuous RLWE sample with the given scaled variance and secret.

errorTerm :: RLWECtx t m zq rrq => Cyc t m zq -> Sample t m zq rrq -> UCyc t m D (LiftOf rrq) Source #

The error term of an RLWE sample, given the purported secret.

errorGSqNorm :: (RLWECtx t m zq rrq, Ring (LiftOf rrq)) => Cyc t m zq -> Sample t m zq rrq -> LiftOf rrq Source #

The gSqNorm of the error term of an RLWE sample, given the purported secret.

errorBound Source #

Arguments

:: (Ord v, Transcendental v, Fact m)
=> v	the scaled variance
-> v	\(\epsilon\)
-> Tagged m v

A bound such that the gSqNorm of a continuous error generated by tGaussian with scaled variance \(v\) (over the \(m\)th cyclotomic field) is less than the bound except with probability approximately \(\epsilon\).