node-seal

by morfix-io
4.6.2

Homomorphic Encryption for TypeScript or JavaScript - Microsoft SEAL

Readme

node-seal

node-seal is a homomorphic encryption library for TypeScript or JavaScript.

  • Web Assembly: Fastest web implementation of the C++ Microsoft SEAL library
  • Zero dependencies: Very lean, only contains a low level API which is very close to the C++ calls from Microsoft SEAL.
  • Node.js, Browser: Install once, work in any server/client configuration.

Now supporting Microsoft SEAL 3.7.2

Installation

node-seal can be installed with your favorite package manager:

npm install node-seal

yarn add node-seal

Import the library using import or require syntax:

// Auto-detects browser or nodejs.
// Defaults to "node-seal/throws_wasm_node_umd" for NodeJS
// Defaults to "node-seal/throws_wasm_web_umd" for Browsers
// Defaults to "node-seal/throws_wasm_web_es" for Modules
import SEAL from 'node-seal'
const SEAL = require('node-seal')

You may also specify a deep import to target your environment better. This is useful for environments that aren't detected properly or do not support WebAssembly. In addition, there are two separate bundles for throwing on transparent ciphertexts and another for allowing transparent ciphertexts. If you're unsure what you need, start with the build that throws on transparent ciphertexts. This is also the default import that is used.

The deep import link is structured like the following:

node-seal / <throws|allows>_<wasm|js>_<node|web|worker>_<umd|es>

// Always Pick a variant which throws on transparent ciphertexts unless you
// have a specific reason to allow the use of transparent ciphertexts.
import SEAL from 'node-seal/throws_wasm_node_umd'

// Or pick a variant which allows transparent ciphertexts (only use this if you know what you're doing)
import SEAL from 'node-seal/allows_wasm_node_umd'

React-Native

React-native does not support WASM libraries; however, it is possible to run a WASM library, including node-seal by using a WebView to load both the library and a simple interface to communicate with on top of the built-in postMessage API. Instead of publicly hosting the web application to be rendered by the WebView, it is possible to bundle the mini web application into a single HTML file (with JS inlined) and load the HTML file directly to the WebView.

Demo

Go to morfix.io/sandbox

This sandbox was built for users to experiment and learn how to use Microsoft SEAL featuring node-seal.

  • Encryption Parameters: experiment with many settings to prototype a context.
  • Keys: Create, download, upload Secret/Public Keys - even for Relinearization and Galois Keys.
  • Variables: Create, download, upload PlainTexts or CipherTexts
  • Functions: Create a list of HE functions to execute!
  • Code Generation: After your experimentation is complete, generate working code to use!

Usage

Checkout the basics

Documentation

View the latest docs here

Examples

Check out the Sandbox to run HE functions and even generate working code!

If you'd rather read an example, take a look here.

For more exhaustive examples, view the tests or the benchmarks.

Changes

For changes in this library, take a look here.

For changes in Microsoft SEAL, take a look at their list of changes.

Benchmarking

Microsoft SEAL has a native benchmark tool that we compile directly to WASM.

  1. npm run seal:build:bench
  2. npm run benchmark

Performance

Microsoft SEAL now comes with a benchmark binary that can be directly compiled to WASM.

Test specs:

  • MacBook Pro (16-inch, 2019)
  • MacOS Big Sur 11.2.3
  • 16 GB 2667 MHz DDR4

Versions:

  • Microsoft Seal v3.6.3
  • Node-seal v4.5.4
  • NodeJS v14.16.0
  • Chrome Version 89.0.4389.114 (Official Build) (x86_64)
  • Firefox Version 87.0 (64-bit)
  • Safari Version 14.0.3 (16610.4.3.1.7)

Note: NodeJS and Chrome have the ability to increase WASM memory past 2GB; however, Safari and FireFox's does not allow WASM memory be increased beyond 2GB and therefore crashes at the point in the benchmark where the memory allocations exceed that capacity. It is worth to mention the benchmark was not originally designed to be run under the 2GB constraint.

Native (No HEXL)NodeChromeSafariFireFox
n=1024log(q)=27KeyGenSecretiterations:10125203501200100.0
n=1024log(q)=27KeyGenPubliciterations:10137251878200200
n=1024log(q)=27BFVEncryptSecretiterations:1015843213381000400
n=1024log(q)=27BFVEncryptPubliciterations:102515511224900600
n=1024log(q)=27BFVDecryptiterations:1044.2146222800200
n=1024log(q)=27BFVEncodeBatchiterations:109.9629.343.0100.00.000
n=1024log(q)=27BFVDecodeBatchiterations:1017.540.747.0200100.0
n=1024log(q)=27BFVEvaluateAddCtiterations:103.669.8010.5100.00.000
n=1024log(q)=27BFVEvaluateAddPtiterations:1017.9174274300300
n=1024log(q)=27BFVEvaluateMulCtiterations:104321497242929001500
n=1024log(q)=27BFVEvaluateMulPtiterations:1050.6192226300100
n=1024log(q)=27BFVEvaluateSquareiterations:10323119317942100900
n=1024log(q)=27CKKSEncryptSecretiterations:10139259737200200
n=1024log(q)=27CKKSEncryptPubliciterations:10250486914400400
n=1024log(q)=27CKKSDecryptiterations:106.6720.928.50.000100.0
n=1024log(q)=27CKKSEncodeDoubleiterations:1043.678.6154800100
n=1024log(q)=27CKKSDecodeDoubleiterations:1036.967.21435000.000
n=1024log(q)=27CKKSEvaluateAddCtiterations:103.319.8810.00.0000.000
n=1024log(q)=27CKKSEvaluateAddPtiterations:102.505.563.50100.00.000
n=1024log(q)=27CKKSEvaluateMulCtiterations:1021.357.681.5200100.0
n=1024log(q)=27CKKSEvaluateMulPtiterations:107.2025.037.00.0000.000
n=1024log(q)=27CKKSEvaluateSquareiterations:1011.843.257.51000.000
n=2048log(q)=54KeyGenSecretiterations:10204310642300200
n=2048log(q)=54KeyGenPubliciterations:102334211304400400
n=2048log(q)=54BFVEncryptSecretiterations:1028380819251000700
n=2048log(q)=54BFVEncryptPubliciterations:104781112231012001100
n=2048log(q)=54BFVDecryptiterations:1088.7290436400100
n=2048log(q)=54BFVEncodeBatchiterations:1019.461.888.02000.000
n=2048log(q)=54BFVDecodeBatchiterations:1027.080.089.0100100.0
n=2048log(q)=54BFVEvaluateAddCtiterations:105.2019.018.50.0000.000
n=2048log(q)=54BFVEvaluateAddPtiterations:1033.6399585500500
n=2048log(q)=54BFVEvaluateMulCtiterations:1010033173500436003100
n=2048log(q)=54BFVEvaluateMulPtiterations:10106392460200400
n=2048log(q)=54BFVEvaluateSquareiterations:106682326366225001900
n=2048log(q)=54CKKSEncryptSecretiterations:102414191345300400
n=2048log(q)=54CKKSEncryptPubliciterations:104737401688500600
n=2048log(q)=54CKKSDecryptiterations:1010.972.155.00.0000.000
n=2048log(q)=54CKKSEncodeDoubleiterations:10108175337100.0200
n=2048log(q)=54CKKSDecodeDoubleiterations:1075.6146313100.0100
n=2048log(q)=54CKKSEvaluateAddCtiterations:105.1818.718.51000.000
n=2048log(q)=54CKKSEvaluateAddPtiterations:103.3710.49.000.0000.000
n=2048log(q)=54CKKSEvaluateMulCtiterations:1030.9116169200200
n=2048log(q)=54CKKSEvaluateMulPtiterations:1012.650.178.5100.00.000
n=2048log(q)=54CKKSEvaluateSquareiterations:1021.692.3117200100
n=4096log(q)=109KeyGenSecretiterations:104919191612800700
n=4096log(q)=109KeyGenPubliciterations:107731555477215001300
n=4096log(q)=109KeyGenReliniterations:1015453166962829002700
n=4096log(q)=109KeyGenGaloisiterations:1016293135961630002800
n=4096log(q)=109BFVEncryptSecretiterations:107222229492322001700
n=4096log(q)=109BFVEncryptPubliciterations:1013373548637338002800
n=4096log(q)=109BFVDecryptiterations:1030410701471900800
n=4096log(q)=109BFVEncodeBatchiterations:1044.31381800.000100
n=4096log(q)=109BFVDecodeBatchiterations:1056.0170213200100.0
n=4096log(q)=109BFVEvaluateAddCtiterations:1017.995.371.0100100
n=4096log(q)=109BFVEvaluateAddPtiterations:101027991168800800
n=4096log(q)=109BFVEvaluateMulCtiterations:103228109521612694009600
n=4096log(q)=109BFVEvaluateMulPtiterations:104421627200219001300
n=4096log(q)=109BFVEvaluateSquareiterations:10229078961202471007300
n=4096log(q)=109BFVEvaluateModSwitchInplaceiterations:1039.6158174100.0200
n=4096log(q)=109BFVEvaluateRelinInplaceiterations:105862254292957001600
n=4096log(q)=109BFVEvaluateRotateRowsiterations:105992252313623001900
n=4096log(q)=109BFVEvaluateRotateColsiterations:105972260333120002000
n=4096log(q)=109CKKSEncryptSecretiterations:10608115635691000900
n=4096log(q)=109CKKSEncryptPubliciterations:1015103600618532003300
n=4096log(q)=109CKKSDecryptiterations:1038.6164223200200
n=4096log(q)=109CKKSEncodeDoubleiterations:10236555912400500
n=4096log(q)=109CKKSDecodeDoubleiterations:1033574114081000800
n=4096log(q)=109CKKSEvaluateAddCtiterations:1019.373.764.00.0000.000
n=4096log(q)=109CKKSEvaluateAddPtiterations:1010.340.532.02000.000
n=4096log(q)=109CKKSEvaluateMulCtiterations:10132460658600600
n=4096log(q)=109CKKSEvaluateMulPtiterations:1070.3207273300200
n=4096log(q)=109CKKSEvaluateSquareiterations:1087.7345476300500
n=4096log(q)=109CKKSEvaluateRescaleInplaceiterations:10165624755600200
n=4096log(q)=109CKKSEvaluateRelinInplaceiterations:106452371304420001900
n=4096log(q)=109CKKSEvaluateRotateiterations:106402294315919001900
n=8192log(q)=218KeyGenSecretiterations:1012162502411419001900
n=8192log(q)=218KeyGenPubliciterations:10230044251427440003900
n=8192log(q)=218KeyGenReliniterations:10913017811546801490016400
n=8192log(q)=218KeyGenGaloisiterations:10890217592548161470016200
n=8192log(q)=218BFVEncryptSecretiterations:10232963611532259005700
n=8192log(q)=218BFVEncryptPubliciterations:103651100081608882008500
n=8192log(q)=218BFVDecryptiterations:109933856542631003300
n=8192log(q)=218BFVEncodeBatchiterations:1088.23173980.000500
n=8192log(q)=218BFVDecodeBatchiterations:101133634194000.000
n=8192log(q)=218BFVEvaluateAddCtiterations:10100349270200100.0
n=8192log(q)=218BFVEvaluateAddPtiterations:103361912276121001800
n=8192log(q)=218BFVEvaluateMulCtiterations:101230141927665503570038500
n=8192log(q)=218BFVEvaluateMulPtiterations:1020026889810351005300
n=8192log(q)=218BFVEvaluateSquareiterations:10911631535499212700028300
n=8192log(q)=218BFVEvaluateModSwitchInplaceiterations:10212670887700900
n=8192log(q)=218BFVEvaluateRelinInplaceiterations:103126118611500187009100
n=8192log(q)=218BFVEvaluateRotateRowsiterations:102969116611528587009400
n=8192log(q)=218BFVEvaluateRotateColsiterations:103079114311554886009600
n=8192log(q)=218CKKSEncryptSecretiterations:10179936501142931003200
n=8192log(q)=218CKKSEncryptPubliciterations:104201118171689278008700
n=8192log(q)=218CKKSDecryptiterations:10154698848100.0800
n=8192log(q)=218CKKSEncodeDoubleiterations:107391918308525001500
n=8192log(q)=218CKKSDecodeDoubleiterations:1013253128548347002900
n=8192log(q)=218CKKSEvaluateAddCtiterations:1067.63352590.0000.000
n=8192log(q)=218CKKSEvaluateAddPtiterations:1046.3173107100.0100.0
n=8192log(q)=218CKKSEvaluateMulCtiterations:105501949255022002200
n=8192log(q)=218CKKSEvaluateMulPtiterations:1019580611008001000
n=8192log(q)=218CKKSEvaluateSquareiterations:103761473181216001600
n=8192log(q)=218CKKSEvaluateRescaleInplaceiterations:107492701335819001900
n=8192log(q)=218CKKSEvaluateRelinInplaceiterations:103224116681498687009400
n=8192log(q)=218CKKSEvaluateRotateiterations:103098116301498691009300
n=16384log(q)=438KeyGenSecretiterations:10346080701207956006100
n=16384log(q)=438KeyGenPubliciterations:10770315024448521290014500
n=16384log(q)=438KeyGenReliniterations:1058779119280369311
n=16384log(q)=438KeyGenGaloisiterations:1057529118681363953
n=16384log(q)=438BFVEncryptSecretiterations:1089972345151869
n=16384log(q)=438BFVEncryptPubliciterations:10120293277147392
n=16384log(q)=438BFVDecryptiterations:1040281570920084
n=16384log(q)=438BFVEncodeBatchiterations:10186631816
n=16384log(q)=438BFVDecodeBatchiterations:10242744840
n=16384log(q)=438BFVEvaluateAddCtiterations:1038912531052
n=16384log(q)=438BFVEvaluateAddPtiterations:10154546625843
n=16384log(q)=438BFVEvaluateMulCtiterations:1049965185973296308
n=16384log(q)=438BFVEvaluateMulPtiterations:1080612907534189
n=16384log(q)=438BFVEvaluateSquareiterations:1037019137812230896
n=16384log(q)=438BFVEvaluateModSwitchInplaceiterations:1097432544025
n=16384log(q)=438BFVEvaluateRelinInplaceiterations:10182687124091871
n=16384log(q)=438BFVEvaluateRotateRowsiterations:10185377110390900
n=16384log(q)=438BFVEvaluateRotateColsiterations:10186437152190580
n=16384log(q)=438CKKSEncryptSecretiterations:1065901384840833
n=16384log(q)=438CKKSEncryptPubliciterations:10136363988352729
n=16384log(q)=438CKKSDecryptiterations:1080526343334
n=16384log(q)=438CKKSEncodeDoubleiterations:102501712410073
n=16384log(q)=438CKKSDecodeDoubleiterations:1057351536525753
n=16384log(q)=438CKKSEvaluateAddCtiterations:1036812951014
n=16384log(q)=438CKKSEvaluateAddPtiterations:10194666434
n=16384log(q)=438CKKSEvaluateMulCtiterations:102188747110411
n=16384log(q)=438CKKSEvaluateMulPtiterations:1078331464279
n=16384log(q)=438CKKSEvaluateSquareiterations:10149755617197
n=16384log(q)=438CKKSEvaluateRescaleInplaceiterations:1028231154713768
n=16384log(q)=438CKKSEvaluateRelinInplaceiterations:10177457118689405
n=16384log(q)=438CKKSEvaluateRotateiterations:10180757234890717
n=32768log(q)=881KeyGenSecretiterations:10114512942136442
n=32768log(q)=881KeyGenPubliciterations:102636156594158626
n=32768log(q)=881KeyGenReliniterations:103860148024502385523
n=32768log(q)=881KeyGenGaloisiterations:103772547970202378326
n=32768log(q)=881BFVEncryptSecretiterations:103254376962186449
n=32768log(q)=881BFVEncryptPubliciterations:1042415114184148914
n=32768log(q)=881BFVDecryptiterations:10173335844575091
n=32768log(q)=881BFVEncodeBatchiterations:1041112521664
n=32768log(q)=881BFVDecodeBatchiterations:1051317761830
n=32768log(q)=881BFVEvaluateAddCtiterations:10184751534244
n=32768log(q)=881BFVEvaluateAddPtiterations:1054041269114776
n=32768log(q)=881BFVEvaluateMulCtiterations:102276278072441357129
n=32768log(q)=881BFVEvaluateMulPtiterations:1031524115310134943
n=32768log(q)=881BFVEvaluateSquareiterations:101702136097161027222
n=32768log(q)=881BFVEvaluateModSwitchInplaceiterations:1042631432215895
n=32768log(q)=881BFVEvaluateRelinInplaceiterations:10111049443974575684
n=32768log(q)=881BFVEvaluateRotateRowsiterations:10112213443623584722
n=32768log(q)=881BFVEvaluateRotateColsiterations:10113158447828558419
n=32768log(q)=881CKKSEncryptSecretiterations:102408951807146027
n=32768log(q)=881CKKSEncryptPubliciterations:1048190147791181788
n=32768log(q)=881CKKSDecryptiterations:1032371014412763
n=32768log(q)=881CKKSEncodeDoubleiterations:10105652580833770
n=32768log(q)=881CKKSDecodeDoubleiterations:102589275720129281
n=32768log(q)=881CKKSEvaluateAddCtiterations:10170152524061
n=32768log(q)=881CKKSEvaluateAddPtiterations:10115027751819
n=32768log(q)=881CKKSEvaluateMulCtiterations:1097002889939094
n=32768log(q)=881CKKSEvaluateMulPtiterations:1033031226415796
n=32768log(q)=881CKKSEvaluateSquareiterations:1063892148326827
n=32768log(q)=881CKKSEvaluateRescaleInplaceiterations:10120604560352907
n=32768log(q)=881CKKSEvaluateRelinInplaceiterations:10110248472238552677
n=32768log(q)=881CKKSEvaluateRotateiterations:10112866544871603159

Caveats

Conversion from C++ to Web Assembly has some limitations:

  • ±2^53 bit numbers: JavaScript uses 2^53 numbers (not true 64 bit). Values higher than these will typically result in inaccuracies. If you're using the CKKS scheme, you need to keep this in mind. BFV users will inherently adhere to these limitations due to the Int32Array/Uint32Array TypedArrays. Recently, BFV users now have support for BigInt64Array/BigUint64Array TypedArrays but at a significant encode/decode penalty - encyption/evaluation/decryption performance is the same.

  • Memory: Generating large keys and saving them in the browser could be problematic. We can control NodeJS heap size, but not inside a user's browser.

    Saving keys is very memory intensive especially for polyModulusDegreess above 16384. This is because there's currently no way (that we have found) to use io streams across JS and Web Assembly code, so the strings have to be buffered completely in RAM and they can be very, very large when using the default zstd compression. User's who are experiencing OOM exceptions when saving GaloisKeys should try specifying a compression override such as none or the less performant zlib. Ex: galoisKeys.save(seal.ComprModeType.zlib)

  • Garbage Collection: Unfortunately, the typical way of cleaning up dereferenced JS objects will leave behind a the Web Assembly (C++) object in memory. There is no way to automatically call the destructors on C++ objects. JavaScript code must explicitly delete any C++ object handles it has received, or the heap will grow indefinitely.

    <instance>.delete()

Contributing

The main purpose of this library is to continue to evolve and promote the adoption of homomorphic encryption (using Microsoft SEAL) in modern web applications today. Development of node-seal happens in the open on GitHub, and we are grateful to the community for contributing bugfixes and improvements.

See CONTRIBUTING.md.

License

node-seal is MIT licensed.

FOSSA Status

100
Nick AngelouAustin, Texas, USA4 Ratings0 Reviews
November 26, 2020

