Hi,
I’ve recently built a FHE-compliant model using a fitted scikit-learn model (XGBClassifier) and I’ve obtained the client.zip and server.zip files.
I’d like to explore the relationship between the specific keyset was generated and the circuit. I’d like to understand why I have a certain number of lweSecretKeys, lweBootstrapKeys, lweKeyswitchKeys and packingKeyswitchKeys and where they come in.
I seem to get that it depends on the circuit, so is there a way to clearly see and understand this connection?
The goal of concrete is to relieve the user from the burden of thinking about the cryptographic details, so you don’t strictly need to understand all those details if you just intend to use concrete. That being said, there is nothing wrong in asking, and I’ll try to give a comprehensive answer
Here is a quick overview of the compilation process performed by concrete:
The program is traced, to create an in-memory representation of the operations.
This representation is transformed into an equivalent circuit that uses the operations available in the TFHE scheme, while preserving the semantic of the circuit.
The crypto parameters are optimized so as to guarantee a certain level of security, while guaranteeing a certain level of correctness (up to a certain probability of error). Those two objectives are in tension.
There are roughly two kinds of keys in your applications:
The secret keys. Those are used on the client to encrypt the inputs and decrypt the outputs.
The evaluation keys. Those are used to execute some TFHE operations: Bootstrap keys, keyswitch keys, packing keyswitch keys and the likes. Those keys are public and are sent to the server to be used for the execution.
Basically, the more precision is needed for an operation in the original circuit, the bigger the evaluation keys to perform the same operation in FHE.
