Lib.rs

Cryptography
#encryption-key #homomorphic-encryption #encryption

tfhe

TFHE-rs is a fully homomorphic encryption (FHE) library that implements Zama's variant of TFHE

by Arthur Meyre, tmontaigu, David Testé, mayeul-zama, Agnès Leroy and 20 contributors. Owned by Zama Bot.

21 unstable releases (6 breaking)

new 0.6.1 Apr 11, 2024
0.5.3 Feb 28, 2024
0.4.1 Oct 23, 2023
0.3.0 Jul 26, 2023
0.1.4 Nov 16, 2022

#71 in Cryptography

Download history 177/week @ 2023-12-23 227/week @ 2023-12-30 130/week @ 2024-01-06 213/week @ 2024-01-13 254/week @ 2024-01-20 270/week @ 2024-01-27 226/week @ 2024-02-03 415/week @ 2024-02-10 360/week @ 2024-02-17 765/week @ 2024-02-24 463/week @ 2024-03-02 375/week @ 2024-03-09 314/week @ 2024-03-16 182/week @ 2024-03-23 379/week @ 2024-03-30 574/week @ 2024-04-06

1,552 downloads per month
Used in 2 crates

BSD-3-Clause-Clear

8MB
146K SLoC

📒 Documentation | 💛 Community support | 📚 FHE resources by Zama

About

What is TFHE-rs

TFHE-rs is a pure Rust implementation of TFHE for boolean and integer arithmetics over encrypted data.

It includes:

  • a Rust API
  • a C API
  • and a client-side WASM API

TFHE-rs is designed for developers and researchers who want full control over what they can do with TFHE, while not having to worry about the low-level implementation. The goal is to have a stable, simple, high-performance, and production-ready library for all the advanced features of TFHE.

Main features

  • Low-level cryptographic library that implements Zama’s variant of TFHE, including programmable bootstrapping
  • Implementation of the original TFHE boolean API that can be used as a drop-in replacement for other TFHE libraries
  • Short integer API that enables exact, unbounded FHE integer arithmetics with up to 8 bits of message space
  • Size-efficient public key encryption
  • Ciphertext and server key compression for efficient data transfer
  • Full Rust API, C bindings to the Rust High-Level API, and client-side Javascript API using WASM.

Learn more about TFHE-rs features in the documentation.

Table of Contents

Getting Started

Cargo.toml configuration

To use the latest version of TFHE-rs in your project, you first need to add it as a dependency in your Cargo.toml:

  • For x86_64-based machines running Unix-like OSes:
tfhe = { version = "*", features = ["boolean", "shortint", "integer", "x86_64-unix"] }
  • For Apple Silicon or aarch64-based machines running Unix-like OSes:
tfhe = { version = "*", features = ["boolean", "shortint", "integer", "aarch64-unix"] }

tfhe = { version = "*", features = ["boolean", "shortint", "integer", "x86_64"] }

[!Note] Note: You need to use a Rust version >= 1.73 to compile TFHE-rs.

[!Note] Note: aarch64-based machines are not yet supported for Windows as it's currently missing an entropy source to be able to seed the CSPRNGs used in TFHE-rs.

↑ Back to top

A simple example

Here is a full example:

use tfhe::prelude::*;
use tfhe::{generate_keys, set_server_key, ConfigBuilder, FheUint32, FheUint8};

fn main() -> Result<(), Box<dyn std::error::Error>> {
    // Basic configuration to use homomorphic integers
    let config = ConfigBuilder::default().build();

    // Key generation
    let (client_key, server_keys) = generate_keys(config);

    let clear_a = 1344u32;
    let clear_b = 5u32;
    let clear_c = 7u8;

    // Encrypting the input data using the (private) client_key
    // FheUint32: Encrypted equivalent to u32
    let mut encrypted_a = FheUint32::try_encrypt(clear_a, &client_key)?;
    let encrypted_b = FheUint32::try_encrypt(clear_b, &client_key)?;

    // FheUint8: Encrypted equivalent to u8
    let encrypted_c = FheUint8::try_encrypt(clear_c, &client_key)?;

    // On the server side:
    set_server_key(server_keys);

    // Clear equivalent computations: 1344 * 5 = 6720
    let encrypted_res_mul = &encrypted_a * &encrypted_b;

    // Clear equivalent computations: 6720 >> 5 = 210
    encrypted_a = &encrypted_res_mul >> &encrypted_b;

    // Clear equivalent computations: let casted_a = a as u8;
    let casted_a: FheUint8 = encrypted_a.cast_into();

    // Clear equivalent computations: min(210, 7) = 7
    let encrypted_res_min = &casted_a.min(&encrypted_c);

    // Operation between clear and encrypted data:
    // Clear equivalent computations: 7 & 1 = 1
    let encrypted_res = encrypted_res_min & 1_u8;

    // Decrypting on the client side:
    let clear_res: u8 = encrypted_res.decrypt(&client_key);
    assert_eq!(clear_res, 1_u8);

    Ok(())
}

To run this code, use the following command:

cargo run --release

[!Note] Note that when running code that uses TFHE-rs, it is highly recommended to run in release mode with cargo's --release flag to have the best performances possible.

Find an example with more explanations in this part of the documentation

↑ Back to top

Resources

TFHE deep dive

Tutorials

Explore more useful resources in TFHE-rs tutorials and Awesome Zama repo

Documentation

Full, comprehensive documentation is available here: https://docs.zama.ai/tfhe-rs.

↑ Back to top

Working with TFHE-rs

Disclaimers

Security Estimation

Security estimations are done using the Lattice Estimator with red_cost_model = reduction.RC.BDGL16.

When a new update is published in the Lattice Estimator, we update parameters accordingly.

Security Model

The default parameters for the TFHE-rs library are chosen considering the IND-CPA security model, and are selected with a bootstrapping failure probability fixed at p_error = $2^{-40}$. In particular, it is assumed that the results of decrypted computations are not shared by the secret key owner with any third parties, as such an action can lead to leakage of the secret encryption key. If you are designing an application where decryptions must be shared, you will need to craft custom encryption parameters which are chosen in consideration of the IND-CPA^D security model [1].

[1] Li, Baiyu, et al. "Securing approximate homomorphic encryption using differential privacy." Annual International Cryptology Conference. Cham: Springer Nature Switzerland, 2022. https://eprint.iacr.org/2022/816.pdf

Side-Channel Attacks

Mitigation for side-channel attacks has not yet been implemented in TFHE-rs, and will be released in upcoming versions.

Citations

To cite TFHE-rs in academic papers, please use the following entry:

@Misc{TFHE-rs,
  title={{TFHE-rs: A Pure Rust Implementation of the TFHE Scheme for Boolean and Integer Arithmetics Over Encrypted Data}},
  author={Zama},
  year={2022},
  note={\url{https://github.com/zama-ai/tfhe-rs}},
}

Contributing

There are two ways to contribute to TFHE-rs:

  • Open issues to report bugs and typos, or to suggest new ideas
  • Request to become an official contributor by emailing hello@zama.ai.

Becoming an approved contributor involves signing our Contributor License Agreement (CLA). Only approved contributors can send pull requests, so please make sure to get in touch before you do!

License

This software is distributed under the BSD-3-Clause-Clear license. If you have any questions, please contact us at hello@zama.ai.

↑ Back to top

Support

🌟 If you find this project helpful or interesting, please consider giving it a star on GitHub! Your support helps to grow the community and motivates further development.

↑ Back to top

Dependencies

~5.5–10MB
~186K SLoC