Bug Report: Incomplete Fix for Issue #110 - HYBRID Public Keys Always Use Q×P Basis

BurakK · January 12, 2026, 1:28pm

Summary

The fix implemented in commit 64ed308 (September 2022) for Issue #110 never worked. All HYBRID key switching users that does not need PRE pay unnecessary storage and performance overhead on public keys because PREMode defaults to INDCPA instead of NOT_SET.

The Problem

Issue #110 identified that GetParamsPK() returns the extended Q×P basis for all HYBRID scenarios, even when PRE functionality isn’t needed. Commit 64ed308 attempted to fix this by adding a check in rns-cryptoparameters.h:

if ((m_ksTechnique == HYBRID) && (m_PREMode != NOT_SET))
    return m_paramsQP;

However, the default value for PREMode in gen-cryptocontext-params-defaults.h is INDCPA, not NOT_SET:

namespace CKKSRNS_SCHEME_DEFAULTS {
    constexpr ProxyReEncryptionMode PREMode = INDCPA;
};
// Same for BFVRNS_SCHEME_DEFAULTS and BGVRNS_SCHEME_DEFAULTS

Since INDCPA != NOT_SET is always true, GetParamsPK() always returns m_paramsQP for HYBRID - the fix never worked.

Timeline

Date	Commit	Change
Aug 3, 2022	`8e1a341`	`PREMode = INDCPA` added as default
Sep 6, 2022	`64ed308`	Fix attempted with `m_PREMode != NOT_SET` check
Present	-	Bug persists (fix was dead on arrival)

Impact

Larger public keys for all HYBRID users (overhead depends on parameters)
Slower key generation and encryption
No security impact (purely optimization issue)
Affected users: Everyone using HYBRID key switching (default for CKKS and BGV)

Proposed Fix

Change the default PREMode from INDCPA to NOT_SET in src/pke/include/scheme/gen-cryptocontext-params-defaults.h:

namespace CKKSRNS_SCHEME_DEFAULTS {
    constexpr ProxyReEncryptionMode PREMode = NOT_SET;  // was INDCPA
};

namespace BFVRNS_SCHEME_DEFAULTS {
    constexpr ProxyReEncryptionMode PREMode = NOT_SET;  // was INDCPA
};

namespace BGVRNS_SCHEME_DEFAULTS {
    constexpr ProxyReEncryptionMode PREMode = NOT_SET;  // was INDCPA
};

Also update pre-buffer.cpp to explicitly set PREMode = INDCPA since PRE now requires opt-in.

I Have a Fix Ready

I have implemented and tested this fix locally:

All unit tests pass (make testall)
PRE examples (pre-buffer, pre-hra-secure) work correctly

I tried to submit a PR but cannot create one directly. My fork with the fix is at:

How can I submit this fix?

Thanks!

Thank you for spotting the bug. I’ve added you access to create issues and PRs. I am concerned about the side effects resulting from the proposed solution. For instance, some existing PRE-based applications, e.g., GitHub - openfheorg/openfhe-network-examples: OpenFHE Experiments in Encrypted Network Control and Secure Data Distribution with Proxy Re-Encryption, might be using the default. Please create an issue and let us continue the discussion there to figure out the right way to fix it.

BurakK · January 20, 2026, 1:19pm

Incomplete Fix for Issue #110 - PREMode default causes public keys to always use Q×P basis when using HYBRID key switching · Issue #1108 · openfheorg/openfhe-development

Done

Topic		Replies	Views
Supported Proxy Re-Encryption schemes Library Questions	2	176	May 7, 2024
Decompose operation of ckks-hybrid-KS FHE Questions	1	352	July 24, 2023
Proxy Re-Encryption (PRE) for BinFHE Library Questions	5	215	April 14, 2023
V1.0.4 (bugfix update) is released Announcements development-release	0	175	June 19, 2023
Is there a reference to CKKS proxy re-encryption used in openFHE? FHE Questions questions	6	240	March 26, 2025