I have been working with multiparty BFV and BGV in OpenFHE and noticed that the default setting is FIXED_NOISE_MULTIPARTY. My understanding is that this approach uses deterministic (fixed) noise rather than random noise. I have two main questions:
Security Guarantees:
Does FIXED_NOISE_MULTIPARTY still provide basic security guarantees, or is it only intended for reproducibility and debugging rather than real-world security scenarios? In other words, if I use FIXED_NOISE_MULTIPARTY, am I sacrificing core security properties?
Experimentation:
For running experiments, is it sufficient to stick with FIXED_NOISE_MULTIPARTY, or is it recommended to use NOISE_FLOODING_MULTIPARTY because FIXED_NOISE_MULTIPARTY is not considered secure?
Any guidance or best practices from the developers or experienced users would be greatly appreciated.
No, it is uses random (Gaussian) noise but the standard deviation of the noise is fixed (at 2^{20}). This provides some security (for a small number of decryption queries, like in the hundreds), but is not generally secure.
Yes.
NOISE_FLOODING_MULTIPARTY should be used for all experiments where the number of decryption queries is allowed to be large/arbitrary.
Just to make it more concrete: if I’m performing a relatively small number of decryptions in my experiments (for instance, fewer than 100 times or even fewer than 500), would it still be advisable to switch to NOISE_FLOODING_MULTIPARTY for better security? Or in such a constrained scenario, would FIXED_NOISE_MULTIPARTY be considered sufficient for the sake of better performance?
For strong security guarantees (related to provable security), it is advised to use NOISE_FLOODING_MULTIPARTY. For practical security (if it known that number of possible decryptions is bounded), FIXED_NOISE_MULTIPARTY may be sufficient. My suggestion would be to run experiments for both designs and report both numbers at least for some settings.