Hello, I have checked the code of openfhe-development/src/pke/examples/scheme-switching.cpp and found through testing that after FHEW is converted to CKKS, the ciphertext level of CKKS is 11. Can the ciphertext of CKKS be specified after ciphertext conversion? If so, how should it be set?
The conversion from FHEW to CKKS consumes a number of levels, depending on some parameters (e.g., whether you know the encrypted message is binary, on the scaling technique etc). You can control the total number of levels, i.e., how many levels you can still consume after the conversion to CKKS, by specifying the multiplicative depth of the CKKS cryptocontext.
Yes, I know about CKKS comparison, but all FHEW don’t know much about it, I see OpenFHE provides EvalCompareSchemeSwitching this function in the library, I want to specify in the function run results of the level of the ciphertext
You cannot specify how many levels this function consumes, because it is determined by some parameters. What you can do, is to specify the number of levels to support in the CKKS crypto context, such that you will have sufficient additional levels after you obtain the resulting ciphertext from e.g., EvalCompareSchemeSwitching. The comparison through scheme switching consumes 12 levels (you observed 11 levels, but if you print the noise scale degree, that shows 2), so you should specify a multiplicative depth of 12 + x in the cryptocontext generation, where x is the number of remaining levels you want.
You can look at the code of EvalCompareSchemeSwitching if you are interested to see why these many levels are consumed: there is a polynomial approximation for the light bootstrapping consuming 8 levels, there are 3 iterations of the double angle formula also consuming 3 levels, and finally there is a scaling consuming another level.
Oh, I understand EvalCompareSchemeSwitching function. So if I want to implement my own level, I’ll use EvalCKKStoFHEW and EvalFHEWtoCKKS if I need to so that I can control the CKKS level of ciphertext, right?
If you want to use scheme switching for a functionality that it not yet implemented, then yes, you should use EvalCKKStoFHEW and EvalFHEWtoCKKS and whatever else you need in between. But again, the number of levels consumed by these functions is fixed, and you control how many levels remain from the CKKS cryptocontext.
Can you tell me the principle behind implementing the EvalCompareSchemeSwitching function?
EvalCompareSchemeSwitching has 4 steps:
- Subtract the two CKKS input ciphertexts to obtain the difference.
- Convert the difference to FHEW ciphertexts.
- Evaluate the sign of each of these ciphertexts (encrypts 0 if positive and 1 if negative)
- Convert the encrypted signs back to CKKS.
Please create a new thread if you have additional questions, since this one is on a different topic and has been marked as solved.