Release 3.4.0

Changes

New Features

• Microsoft SEAL can use ZLIB, a data compression library,
  to automatically compress data that is serialized. This applies to every serializable object
  in Microsoft SEAL. This feature must be enabled by the user. See more explanation of the compression
  mechanism in README.md. Microsoft SEAL does not redistribute ZLIB.

• AES-128 is replaced with the BLAKE2 family of hash functions in the pseudorandom number generator,
  as BLAKE2 provides better cross-platform support. Microsoft SEAL redistributes the
  reference implementation of BLAKE2
  with light modifications to silence some misleading warnings in Visual Studio. The reference
  implementation of BLAKE2 is licensed under
  CC0 1.0 Universal; see license boilerplates
  in files native/src/seal/util/blake*.

• The serialization functionality has been completely rewritten to make it more safe and robust.
  Every serialized Microsoft SEAL object starts with a 16-byte Serialization::SEALHeader struct,
  and then includes the data for the object member variables. Every serializable object can now also
  be directly serialized into a memory buffer instead of a C++ stream. This improves serialization
  for .NET and makes it much easier to wrap the serialization functionality in other languages, e.g.,
  Java. Unfortunately, old serialized Microsoft SEAL objects are incompatible with the new format.

• A ciphertext encrypted with a secret key, for example, a keyswitching key, has one component
  generated by the PRNG. By using a seeded PRNG, this component can be replaced with the random seed
  used by the PRNG to reduce data size. After transmitted to another party with Microsoft SEAL, the
  component can be restored (regenerated) with the same seed. The security of using seeded PRNG is
  enhanced by switching to BLAKE2 hash function with a 512-bit seed.

• Encryptor now can be constructed with a secret key. This enables symmetric key encryption which
  has methods that serialize ciphertexts (compressed with a seed) to a C++ stream or a memory buffer.

• The CMake system has been improved. For example, multiple versions of Microsoft SEAL can now be
  installed on the same system easily, as the default installation directory and library filename now
  depend on the version of Microsoft SEAL. Examples and unit tests can now be built without installing
  the library. README.md has been updated to reflect these changes.

• Encryptor::encrypt operations in the BFV scheme are modified. Each coefficient of a plaintext
  message is first multiplied with the ciphertext modulus, then divided by the plaintext modulus, and
  rounded to the nearest integer. In comparison with the previous method, where each coefficient of a
  plaintext message is multiplied with the flooring of the coefficient modulus divided by the plaintext
  modulus, the new method reduces the noise introduced in encryption, increases a noise budget of a
  fresh encryption, slightly slows down encryption, and has no impact on the security at all.

• Merged PR 62 that uses a non-adjacent form (NAF)
  decomposition of random rotations to perform them in a minimal way from power-of-two rotations in
  both directions. This improves performance of random rotations.

API Changes

C++ Native

In all classes with save and load methods:

• Replaced the old save with two new methods that saves to either a C++ stream or a memory buffer.
  Optionally, a compression mode can be chosen when saving an object.
• Replaced the old load with two new methods that loads from either a C++ stream or a memory buffer.
• Added a method save_size to get an upper bound on the size of the object as if it was written to
  an output stream. To save to a buffer, the user must ensure that the buffer has at least size equal
  to what the save_size member function returns.
• New save and load methods rely on the Serialization class declared in serialization.h.
  This class unifies the serialization functionality for all serializable Microsoft SEAL classes.

In class Ciphertext:

• Added a method int_array for read-only access to the underlying IntArray object.
• Removed methods uint64_count_capacity and uint64_count that can now be accessed in a more
  descriptive manner through the int_arrar return value.

In class CKKSEncoder: added support for gsl::span type of input.

In class SEALContext::ContextData: added method coeff_mod_plain_modulus for read-only access to
the non-RNS version of upper_half_increment.

In class EncryptionParameters: an EncryptionParameters object can be constructed without
scheme_type which by default is set to scheme_type::none.

In class Encryptor:

• An Encryptor object can now be constructed with a secret key to enable symmetric key encryption.
• Added methods encrypt_symmetric and encrypt_zero_symmetric that generate a Ciphertext using
  the secret key.
• Added methods encrypt_symmetric_save and encrypt_zero_symmetric_save that directly serialize
  the resulting Ciphertext to a C++ stream or a memory buffer. The resulting Ciphertext no long
  exists after serilization. In these methods, the second polynomial of a ciphertext is generated by
  the PRNG and is replaced with the random seed used.

In class KeyGenerator:

• Added methods relin_keys_save and galois_keys_save that generate and directly serialize keys
  to a C++ stream or a memory buffer. The resulting keys no long exist after serilization. In these
  methods, half of the polynomials in keys are generated by the PRNG and is replaced with the random
  seed used.
• Methods galois_keys and galois_keys_save throw an exception if EncryptionParameters do not
  support batching in the BFV scheme.

In class Plaintext: added a method int_array for read-only access to the underlying IntArray
object.

In class UniformRandomGenerator and UniformRandomGeneratorFactory: redesigned for users to
implement their own random number generators more easily.

In file valcheck.h: validity checks are partitioned into finer methods; the is_valid_for(...)
functions will validate all aspects fo the Microsoft SEAL ojects.

New classes BlakePRNG and BlakePRNGFactory: uses Blake2 family of hash functions for PRNG.

New class Serialization:

• Gives a uniform serilization in Microsoft SEAL to save objects to a C++ stream or a memory buffer.
• Can be configured to use ZLIB compression.

New files:

• native/src/seal/util/rlwe.h
• native/src/seal/util/blake2.h
• native/src/seal/util/blake2-impl.h
• native/src/seal/util/blake2b.c
• native/src/seal/util/blake2xb.c
• native/src/seal/util/croots.cpp
• native/src/seal/util/croots.h
• native/src/seal/util/scalingvariant.cpp
• native/src/seal/util/scalingvariant.h
• native/src/seal/util/ztools.cpp
• native/src/seal/util/ztools.h
• native/src/seal/serialization.cpp
• native/src/seal/serialization.h
• native/tests/seal/serialization.cpp
• dotnet/native/sealnet/serialization_wrapper.cpp
• dotnet/native/sealnet/serialization_wrapper.h

Removed files:

• native/src/seal/util/hash.cpp

.NET

API changes are mostly identical in terms of functionality to those in C++ native, except only
the IsValidFor variant of the validity check functions is available in .NET, the more granular
checks are not exposed.

New files:

• dotnet/src/Serialization.cs

Minor Bug and Typo Fixes

• Function encrypt_zero_asymmetric in native/src/seal/util/rlwe.h
  handles the condition is_ntt_form == false correctly.
• Invariant noise calculation in BFV is now correct when the plaintext modulus is large and
  ciphertexts are fresh (reported in issue 59).
• Fixed comments in native/src/seal/util/smallntt.cpp as
  reported in issue 56.
• Fixed an error in examples as reported in issue 61.
• GaloisKeys can no longer be created with encryption parameters that do not support batching.
• Security issues in deserialization were resolved.

Release 3.2.2

v3.2.2

Changed version to 3.2.2

Release 3.3.2

Changes

• Switched to using RNS rounding instead of RNS flooring to fix the CKKS
  accuracy issue reported in issue 52.
• Added support for QUIET option in CMake (find_package(seal QUIET)).
• Using [[nodiscard]] attribute when compiling as C++17.
• Fixed a bug in Evaluator::multiply_many where the input vector was changed.

Release 3.2.1

v3.2.1

Changed version to 3.2.1

Release 3.3.1

Changes

• A bug was fixed that introduced significant extra inaccuracy in CKKS when
  compiled on Linux, at least with some versions of glibc; Windows and macOS
  were not affected.
• A bug was fixed where, on 32-bit platforms, some versions of GCC resolved
  the util::reverse_bits function to the incorrect overload.

Release 3.3.0

Changes

New Features

In this version, we have significantly improved the usability of the CKKS
scheme in Microsoft SEAL and many of these improvements apply to the BFV
scheme as well. Homomorphic operations that are based on key switching,
i.e., relinearization and rotation, do not consume any noise budget (BFV)
or impact accuracy (CKKS). The implementations of these operations are
significantly simplified and unified, and no longer use bit decomposition,
so decomposition bit count is gone. Moreover, fresh ciphertexts now have
lower noise. These changes have an effect on the API and it will
be especially worthwhile for users of older versions of the library to study
the examples and comments in
native/examples/3_levels.cpp (C++) or
dotnet/examples/3_Levels.cs (C#).

The setup of EncryptionParameters has been made both easier and safer
(see API Changes below).

The examples in native/examples/ and
dotnet/examples/ have been redesigned to better teach
the multiple technical concepts required to use Microsoft SEAL correctly and
efficiently, and more compactly demonstrate the API.

API Changes

Deleted header files:

• native/defaultparameters.h

New header files:

• native/src/seal/kswitchkeys.h: new base
  class for RelinKeys and GaloisKeys)
• native/src/seal/modulus.h: static helper
  functions for parameter selection
• native/src/seal/valcheck.h: object validity check
  functionality
• native/src/seal/util/rlwe.h

In class SEALContext:

• Replaced context_data(parms_id_type) with get_context_data(parms_id_type);
• Removed context_data();
• Added key_context_data(), key_parms_id(), first_context_data(), and
  last_context_data();
• Added using_keyswitching() that indicates whether key switching is supported
  in this SEALContext;
• Create(...) in C++, and constructor in C#, now accepts an optional security
  level based on
  HomomorphicEncryption.org security standard,
  causing it to enforce the specified security level. By default a 128-bit
  security level is used.
• Added prev_context_data() method to class ContextData (doubly linked modulus
  switching chain);
• In C# SEALContext now has a public constructor.

Parameter selection:

• Removed the DefaultParams class;
• Default coeff_modulus for the BFV scheme are now accessed through the function
  CoeffModulus::BFVDefault(...). These moduli are not recommended for the CKKS scheme;
• Customized coeff_modulus for the CKKS scheme can be created using
  CoeffModulus::Create(...) which takes the poly_modulus_degree and a vector of
  bit-lengths of the prime factors as arguments. It samples suitable primes close to
  2^bit_length and returns a vector of SmallModulus elements.
• PlainModulus::Batching(...) can be used to sample a prime for plain_modulus
  that supports BatchEncoder for the BFV scheme.

Other important changes:

• Removed size_capacity function and data members from Ciphertext class;
• Moved all validation methods such as is_valid_for and is_metadata_valid_for
  to valcheck.h;
• Removed argument decomposition_bit_count from methods relin_keys(...) and
  galois_keys(...) in class KeyGenerator;
• It is no longer possible to create more than one relinearization key. This is
  to simplify the API and reduce confusion. We have never seen a real use-case where
  more relinearization keys would be a good idea;
• Added methods to generate an encryption of zero to Encryptor;
• Added comparison methods and primality check for SmallModulus;
• Classes RelinKeys and GaloisKeys are now derived from a common base class
  KSwitchKeys;
• GoogleTest framework is now included as a Git submodule;
• Numerous bugs have been fixed, particularly in the .NET wrappers.

Release 3.2.0

v3.2.0

Changed name in SEALNet.nuspec

Release 3.1.0

v3.1.0

Update README.md