Am/fix/0 4 compact

tfhe/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "tfhe"
-version = "0.4.2"
+version = "0.4.3"
 edition = "2021"
 readme = "../README.md"
 keywords = ["fully", "homomorphic", "encryption", "fhe", "cryptography"]
@@ -79,7 +79,7 @@ js-sys = { version = "0.3", optional = true }
 console_error_panic_hook = { version = "0.1.7", optional = true }
 serde-wasm-bindgen = { version = "0.6.0", optional = true }
 getrandom = { version = "0.2.8", optional = true }
-bytemuck = "1.13.1"
+bytemuck = "=1.14.1"
 
 [features]
 forward_compatibility = [

tfhe/docs/core_crypto/tutorial.md

@@ -9,7 +9,7 @@ Welcome to this tutorial about `TFHE-rs` `core_crypto` module.
 To use `TFHE-rs`, it first has to be added as a dependency in the `Cargo.toml`:
 
 ```toml
-tfhe = { version = "0.4.2", features = [ "x86_64-unix" ] }
+tfhe = { version = "0.4.3", features = [ "x86_64-unix" ] }
 ```
 
 This enables the `x86_64-unix` feature to have efficient implementations of various algorithms for `x86_64` CPUs on a Unix-like system. The 'unix' suffix indicates that the `UnixSeeder`, which uses `/dev/random` to generate random numbers, is activated as a fallback if no hardware number generator is available (like `rdseed` on `x86_64` or if the [`Randomization Services`](https://developer.apple.com/documentation/security/1399291-secrandomcopybytes?language=objc) on Apple platforms are not available). To avoid having the `UnixSeeder` as a potential fallback or to run on non-Unix systems (e.g., Windows), the `x86_64` feature is sufficient.
@@ -19,19 +19,19 @@ For Apple Silicon, the `aarch64-unix` or `aarch64` feature should be enabled. `a
 In short: For `x86_64`-based machines running Unix-like OSes:
 
 ```toml
-tfhe = { version = "0.4.2", features = ["x86_64-unix"] }
+tfhe = { version = "0.4.3", features = ["x86_64-unix"] }
 ```
 
 For Apple Silicon or aarch64-based machines running Unix-like OSes:
 
 ```toml
-tfhe = { version = "0.4.2", features = ["aarch64-unix"] }
+tfhe = { version = "0.4.3", features = ["aarch64-unix"] }
 ```
 
 For `x86_64`-based machines with the [`rdseed instruction`](https://en.wikipedia.org/wiki/RDRAND) running Windows:
 
 ```toml
-tfhe = { version = "0.4.2", features = ["x86_64"] }
+tfhe = { version = "0.4.3", features = ["x86_64"] }
 ```
 
 ### Commented code to double a 2-bit message in a leveled fashion and using a PBS with the `core_crypto` module.

tfhe/docs/getting_started/installation.md

@@ -8,12 +8,12 @@ To use `TFHE-rs` in your project, you first need to add it as a dependency in yo
 
 If you are using an `x86` machine:
 ```toml
-tfhe = { version = "0.4.2", features = [ "boolean", "shortint", "integer", "x86_64-unix" ] }
+tfhe = { version = "0.4.3", features = [ "boolean", "shortint", "integer", "x86_64-unix" ] }
 ```
 
 If you are using an `ARM` machine:
 ```toml
-tfhe = { version = "0.4.2", features = [ "boolean", "shortint", "integer", "aarch64-unix" ] }
+tfhe = { version = "0.4.3", features = [ "boolean", "shortint", "integer", "aarch64-unix" ] }
 ```
 
 {% hint style="info" %}

tfhe/docs/getting_started/quick_start.md

@@ -46,7 +46,7 @@ fn main() {
 
 The default configuration for x86 Unix machines:
 ```toml
-tfhe = { version = "0.4.2", features = ["integer", "x86_64-unix"]}
+tfhe = { version = "0.4.3", features = ["integer", "x86_64-unix"]}
 ```
 
 Configuration options for different platforms can be found [here](../getting_started/installation.md). Other rust and homomorphic types features can be found [here](../how_to/rust_configuration.md).

tfhe/docs/how_to/migrate_data.md

@@ -1,6 +1,6 @@
 # Managing Data Through Various TFHE-rs Versions
 
-In what follows, the process to manage data when upgrading the TFHE-rs version (starting from the 0.4.2 release) is given. This page details the methods to make data, which have initially been generated with an older version of TFHE-rs, usable with a newer version.
+In what follows, the process to manage data when upgrading the TFHE-rs version (starting from the 0.4.3 release) is given. This page details the methods to make data, which have initially been generated with an older version of TFHE-rs, usable with a newer version.
 
 ## Forward Compatibility Strategy
 
@@ -18,12 +18,12 @@ To be able to use older serialized data with newer versions, the following is do
 In practice, if we take the 0.5 release as a concrete example, here is what will happen:
 
 - 0.5.0 is released with breaking changes to the serialization;
-- 0.4.2 has [email protected] as optional dependency gated by the `forward_compatibility` feature;
-- Conversion code is added to 0.4.2, if possible without any user input, but some data migration will likely require some information to be provided by the developer writing the migration code;
-- 0.4.2 is released.
+- 0.4.3 has [email protected] as optional dependency gated by the `forward_compatibility` feature;
+- Conversion code is added to 0.4.3, if possible without any user input, but some data migration will likely require some information to be provided by the developer writing the migration code;
+- 0.4.3 is released.
 
 {% hint style="info" %}
-Note that if you do not need forward compatibility 0.4.2 will be equivalent to 0.4.1 from a usability perspective and you can safely update.
+Note that if you do not need forward compatibility 0.4.3 will be equivalent to 0.4.1 from a usability perspective and you can safely update.
 Note also that the 0.5.0 has no knowledge of previous releases.
 {% endhint %}
 
@@ -36,10 +36,10 @@ Examples to migrate data:
 An `Application` uses TFHE-rs 0.4.1 and needs/wants to upgrade to 0.5.0 to benefit from various improvements.
 
 Example timeline of the data migration or `Bulk Data Migration`:
-- A new transition version of the `Application` is compiled with the 0.4.2 release of TFHE-rs;
+- A new transition version of the `Application` is compiled with the 0.4.3 release of TFHE-rs;
 - The transition version of the `Application` adds code to read previously stored data, convert it to the proper format for 0.5.0 and save it back to disk;
 - The service enters a maintenance period (if relevant);
-- Migration of data from 0.4.2 to 0.5.0 is done with the transition version of the `Application`, note that depending on the volume of data this transition can take a significant amount of time;
+- Migration of data from 0.4.3 to 0.5.0 is done with the transition version of the `Application`, note that depending on the volume of data this transition can take a significant amount of time;
 - The updated version of the `Application` is compiled with the 0.5.0 release of TFHE-rs and put in production;
 - Service is resumed with the updated `Application` (if relevant).
 
@@ -48,18 +48,18 @@ The above case is describing a simple use case, where only a single version of d
 In order to manage more complicated cases, another method called `Migrate On Read` can be used.
 
 Here is an example timeline where data is migrated only as needed with the `Migrate On Read` approach:
-- A new version of the `Application` is compiled, it has [email protected].2 as dependency (the dependency will have to be renamed to avoid conflicts, a possible name is to use the major version like `tfhe_0_4`) and [email protected] which will not be renamed and can be accessed as `tfhe`
+- A new version of the `Application` is compiled, it has [email protected].3 as dependency (the dependency will have to be renamed to avoid conflicts, a possible name is to use the major version like `tfhe_0_4`) and [email protected] which will not be renamed and can be accessed as `tfhe`
 - Code to manage reading the data is added to the `Application`:
 - The code determines whether the data was saved with the 0.4 `Application` or the 0.5 `Application`, if the data is already up to date with the 0.5 format it can be loaded right away, if it's in the 0.4 format the `Application` can check if an updated version of the data is already available in the 0.5 format and loads that if it's available, otherwise it converts the data to 0.5, saves the converted data to avoid having to convert it every time it is accessed and continue processing with the 0.5 data
 
 The above is more complicated to manage as data will be present on disk with several versions, however it allows to run the service continuously or near-continuously once the new `Application` is deployed (it will require careful routing or error handling as nodes with outdated `Application` won't be able to process the 0.5 data).
 
 Also, if required, several version of TFHE-rs can be "chained" to upgrade very old data to newer formats.
-The above pattern can be extended to have `tfhe_0_4` ([email protected].2 renamed), `tfhe_0_5` ([email protected] renamed) and `tfhe` being [email protected], this will require special handling from the developers so that their protocol can handle data from 0.4.2, 0.5.0 and 0.6.0 using all the conversion tooling from the relevant version.
+The above pattern can be extended to have `tfhe_0_4` ([email protected].3 renamed), `tfhe_0_5` ([email protected] renamed) and `tfhe` being [email protected], this will require special handling from the developers so that their protocol can handle data from 0.4.3, 0.5.0 and 0.6.0 using all the conversion tooling from the relevant version.
 
-E.g., if some computation requires data from version 0.4.2 a conversion function could be called `upgrade_data_from_0_4_to_0_6` and do:
+E.g., if some computation requires data from version 0.4.3 a conversion function could be called `upgrade_data_from_0_4_to_0_6` and do:
 
-- read data from 0.4.2
+- read data from 0.4.3
 - convert to 0.5.0 format using `tfhe_0_4`
 - convert to 0.6.0 format using `tfhe_0_5`
 - save to disk in 0.6.0 format
@@ -80,8 +80,8 @@ edition = "2021"
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
 
 [dependencies]
-# The project used tfhe 0.4.1, it now depends on the 0.4.2 with the forward compatibility code
-tfhe_0_4 = { package = "tfhe", version = "0.4.2", features = [
+# The project used tfhe 0.4.1, it now depends on the 0.4.3 with the forward compatibility code
+tfhe_0_4 = { package = "tfhe", version = "0.4.3", features = [
     "x86_64-unix",
     "boolean",
     "shortint",
@@ -137,6 +137,6 @@ The noise level here is set at `usize::MAX` on a 64 bits system, it corresponds
 
 ## Breaking changes and additional migration information
 
-The main breaking change going from 0.4.2 to 0.5.0 with respect to data migration is that the High Level API dropped support for `shortint`. The `boolean` format has changed to use `integer`'s `BooleanBlock` under the hood.
+The main breaking change going from 0.4.3 to 0.5.0 with respect to data migration is that the High Level API dropped support for `shortint`. The `boolean` format has changed to use `integer`'s `BooleanBlock` under the hood.
 
 This means that any data coming from the High Level API which previously used `boolean` or `shortint` is not supported for the data migration.

tfhe/docs/how_to/serialization.md

@@ -11,7 +11,7 @@ To serialize our data, a [data format](https://serde.rs/#data-formats) should be
 
 [dependencies]
 # ...
-tfhe = { version = "0.4.2", features = ["integer","x86_64-unix"]}
+tfhe = { version = "0.4.3", features = ["integer","x86_64-unix"]}
 bincode = "1.3.3"
 ```
 

tfhe/docs/tutorials/ascii_fhe_string.md

@@ -24,7 +24,7 @@ To use the `FheUint8` type, the `integer` feature must be activated:
 
 [dependencies]
 # Default configuration for x86 Unix machines:
-tfhe = { version = "0.4.2", features = ["integer", "x86_64-unix"]}
+tfhe = { version = "0.4.3", features = ["integer", "x86_64-unix"]}
 ```
 
 Other configurations can be found [here](../getting_started/installation.md).

tfhe/docs/tutorials/parity_bit.md

@@ -21,7 +21,7 @@ To use Booleans, the `booleans` feature in our Cargo.toml must be enabled:
 # Cargo.toml
 
 # Default configuration for x86 Unix machines:
-tfhe = { version = "0.4.2", features = ["boolean", "x86_64-unix"]}
+tfhe = { version = "0.4.3", features = ["boolean", "x86_64-unix"]}
 ```
 
 Other configurations can be found [here](../getting_started/installation.md).

tfhe/js_on_wasm_tests/test-hlapi-panic.js

@@ -0,0 +1,43 @@
+const test = require('node:test');
+const assert = require('node:assert').strict;
+const {
+    init_panic_hook,
+    TfheClientKey,
+    TfheConfigBuilder,
+    FheUint8,
+} = require("../pkg/tfhe.js");
+
+
+const U256_MAX = BigInt("115792089237316195423570985008687907853269984665640564039457584007913129639935");
+const U128_MAX = BigInt("340282366920938463463374607431768211455");
+const U32_MAX = 4294967295;
+
+// This is useful to debug test
+//
+// Note that the test hlapi_panic
+// purposefully creates a panic, to some panic message
+// will be printed and tess will be ok
+init_panic_hook();
+
+// Here integers are not enabled
+// but we try to use them, so an error should be returned
+// as the underlying panic should have been trapped
+
+// Put in its own file as some async access is causing panics, to be investigated
+test('hlapi_panic', (t) => {
+    let config = TfheConfigBuilder.all_disabled()
+        .build();
+
+    let clientKey = TfheClientKey.generate(config);
+
+    let clear = 73;
+
+    console.log("\nThe following log is an expected error log:\n=======================\n")
+
+    try {
+        let _ = FheUint8.encrypt_with_client_key(clear, clientKey);
+        assert(false);
+    } catch (e) {
+        assert(true);
+    }
+});

tfhe/js_on_wasm_tests/test-hlapi-unsigned.js

@@ -36,27 +36,6 @@ const U32_MAX = 4294967295;
 // will be printed and tess will be ok
 init_panic_hook();
 
-// Here integers are not enabled
-// but we try to use them, so an error should be returned
-// as the underlying panic should have been trapped
-test('hlapi_panic', (t) => {
-    let config = TfheConfigBuilder.all_disabled()
-        .build();
-
-    let clientKey = TfheClientKey.generate(config);
-
-    let clear = 73;
-
-    console.log("\nThe following log is an expected error log:\n=======================\n")
-
-    try {
-        let _ = FheUint8.encrypt_with_client_key(clear, clientKey);
-        assert(false);
-    } catch (e) {
-        assert(true);
-    }
-});
-
 test('hlapi_key_gen_big', (t) => {
     let config = TfheConfigBuilder.all_disabled()
         .enable_default_integers()

tfhe/src/integer/wopbs/mod.rs

@@ -425,12 +425,12 @@ impl WopbsKey {
     /// # Example
     /// ```rust
     /// use tfhe::integer::gen_keys;
-    /// use tfhe::integer::parameters::PARAM_4_BITS_5_BLOCKS;
     /// use tfhe::integer::wopbs::WopbsKey;
+    /// use tfhe::shortint::parameters::parameters_wopbs_message_carry::WOPBS_PARAM_MESSAGE_4_CARRY_4_KS_PBS;
     ///
     /// let basis: Vec<u64> = vec![9, 11];
     ///
-    /// let param = PARAM_4_BITS_5_BLOCKS;
+    /// let param = WOPBS_PARAM_MESSAGE_4_CARRY_4_KS_PBS;
     /// //Generate the client key and the server key:
     /// let (cks, sks) = gen_keys(param);
     /// let wopbs_key = WopbsKey::new_wopbs_key_only_for_wopbs(&cks, &sks);
@@ -629,12 +629,12 @@ impl WopbsKey {
     ///
     /// ```rust
     /// use tfhe::integer::gen_keys;
-    /// use tfhe::integer::parameters::PARAM_4_BITS_5_BLOCKS;
     /// use tfhe::integer::wopbs::WopbsKey;
+    /// use tfhe::shortint::parameters::parameters_wopbs_message_carry::WOPBS_PARAM_MESSAGE_4_CARRY_4_KS_PBS;
     ///
     /// let basis: Vec<u64> = vec![9, 11];
     ///
-    /// let param = PARAM_4_BITS_5_BLOCKS;
+    /// let param = WOPBS_PARAM_MESSAGE_4_CARRY_4_KS_PBS;
     /// //Generate the client key and the server key:
     /// let (cks, sks) = gen_keys(param);
     /// let wopbs_key = WopbsKey::new_wopbs_key_only_for_wopbs(&cks, &sks);
@@ -941,12 +941,12 @@ impl WopbsKey {
     ///
     /// ```rust
     /// use tfhe::integer::gen_keys;
-    /// use tfhe::integer::parameters::PARAM_4_BITS_5_BLOCKS;
     /// use tfhe::integer::wopbs::WopbsKey;
+    /// use tfhe::shortint::parameters::parameters_wopbs_message_carry::WOPBS_PARAM_MESSAGE_4_CARRY_4_KS_PBS;
     ///
     /// let basis: Vec<u64> = vec![9, 11];
     ///
-    /// let param = PARAM_4_BITS_5_BLOCKS;
+    /// let param = WOPBS_PARAM_MESSAGE_4_CARRY_4_KS_PBS;
     /// //Generate the client key and the server key:
     /// let (cks, sks) = gen_keys(param);
     /// let wopbs_key = WopbsKey::new_wopbs_key_only_for_wopbs(&cks, &sks);
@@ -1013,12 +1013,12 @@ impl WopbsKey {
     ///
     /// ```rust
     /// use tfhe::integer::gen_keys;
-    /// use tfhe::integer::parameters::PARAM_4_BITS_5_BLOCKS;
     /// use tfhe::integer::wopbs::WopbsKey;
+    /// use tfhe::shortint::parameters::parameters_wopbs_message_carry::WOPBS_PARAM_MESSAGE_4_CARRY_4_KS_PBS;
     ///
     /// let basis: Vec<u64> = vec![9, 11];
     ///
-    /// let param = PARAM_4_BITS_5_BLOCKS;
+    /// let param = WOPBS_PARAM_MESSAGE_4_CARRY_4_KS_PBS;
     /// //Generate the client key and the server key:
     /// let (cks, sks) = gen_keys(param);
     /// let wopbs_key = WopbsKey::new_wopbs_key_only_for_wopbs(&cks, &sks);

tfhe/src/shortint/public_key/compact.rs

@@ -141,6 +141,11 @@ impl CompactPublicKey {
             self.parameters.ciphertext_modulus(),
         );
 
+        let encryption_noise = match self.pbs_order {
+            crate::shortint::PBSOrder::KeyswitchBootstrap => self.parameters.glwe_modular_std_dev(),
+            crate::shortint::PBSOrder::BootstrapKeyswitch => self.parameters.lwe_modular_std_dev(),
+        };
+
         // No parallelism allowed
         #[cfg(all(feature = "__wasm_api", not(feature = "parallel-wasm-api")))]
         {
@@ -150,8 +155,8 @@ impl CompactPublicKey {
                     &self.key,
                     &mut ct_list,
                     &plaintext_list,
-                    self.parameters.glwe_modular_std_dev(),
-                    self.parameters.lwe_modular_std_dev(),
+                    encryption_noise,
+                    encryption_noise,
                     &mut engine.secret_generator,
                     &mut engine.encryption_generator,
                 );
@@ -167,8 +172,8 @@ impl CompactPublicKey {
                     &self.key,
                     &mut ct_list,
                     &plaintext_list,
-                    self.parameters.glwe_modular_std_dev(),
-                    self.parameters.lwe_modular_std_dev(),
+                    encryption_noise,
+                    encryption_noise,
                     &mut engine.secret_generator,
                     &mut engine.encryption_generator,
                 );

tfhe/src/shortint/wopbs/mod.rs

@@ -309,11 +309,11 @@ impl WopbsKey {
     /// ```rust
     /// use rand::Rng;
     /// use tfhe::shortint::gen_keys;
-    /// use tfhe::shortint::parameters::parameters_wopbs::WOPBS_PARAM_MESSAGE_3_NORM2_2_KS_PBS;
+    /// use tfhe::shortint::parameters::parameters_wopbs_message_carry::WOPBS_PARAM_MESSAGE_3_CARRY_3_KS_PBS;
     /// use tfhe::shortint::wopbs::WopbsKey;
     ///
     /// // Generate the client key and the server key:
-    /// let (cks, sks) = gen_keys(WOPBS_PARAM_MESSAGE_3_NORM2_2_KS_PBS);
+    /// let (cks, sks) = gen_keys(WOPBS_PARAM_MESSAGE_3_CARRY_3_KS_PBS);
     /// let wopbs_key = WopbsKey::new_wopbs_key_only_for_wopbs(&cks, &sks);
     /// let message_modulus = 5;
     /// let m = 2;
@@ -444,10 +444,10 @@ impl WopbsKey {
     ///
     /// ```rust
     /// use tfhe::shortint::gen_keys;
-    /// use tfhe::shortint::parameters::parameters_wopbs::WOPBS_PARAM_MESSAGE_3_NORM2_2_KS_PBS;
+    /// use tfhe::shortint::parameters::parameters_wopbs_message_carry::WOPBS_PARAM_MESSAGE_3_CARRY_3_KS_PBS;
     /// use tfhe::shortint::wopbs::*;
     ///
-    /// let (cks, sks) = gen_keys(WOPBS_PARAM_MESSAGE_3_NORM2_2_KS_PBS);
+    /// let (cks, sks) = gen_keys(WOPBS_PARAM_MESSAGE_3_CARRY_3_KS_PBS);
     /// let wopbs_key = WopbsKey::new_wopbs_key_only_for_wopbs(&cks, &sks);
     /// let msg = 2;
     /// let modulus = 5;