I was looking at the 2024/116 and 2024/127 attacks against BGV/BFV and was trying to see where the prior average-case noise analysis logic was fixed or should mitigation be implemented heuristically or through worse-case analysis?
For addition in BGV/BFV, OpenFHE uses worst-case noise estimation – this is not the reason why the attack goes through. The reason is that OpenFHE currently does not support a sufficiently granular description of the circuits to be evaluated, e.g., SetEvalAddCount assumes the specified additions are all performed at the same additive level (so independent inputs) – with the currently supported description, the number of additions specified should have been 2^n instead of n. Please see https://eprint.iacr.org/2024/203.pdf for in depth discussions. We are updating the manuscript and will propose OpenFHE changes to address this.