# Functions
AddScalarNoModAndNegTwoQiNoModVec returns p2 = 2*qi - p1 + scalar.
AddScalarNoModVec returns p2 = p1 + scalar.
AddScalarVec returns p2 = p1 + scalar mod qi.
AddVec returns p3 = p1 + p2 mod qi.
AddVecNoMod returns p3 = p1 + p2.
AddVecNoModAndMulScalarMontgomeryVec returns p3 = (p1+p2)*scalarMont mod qi.
BRed computes x*y mod q.
BRedAdd computes a mod q.
BRedAddConstant computes a mod q in constant time.
BRedConstant computes x*y mod q in constant time.
BRedParams computes the parameters for the BRed algorithm.
Copy copies the coefficients of p0 on p1 within the given Ring.
CopyLvl copies the coefficients of p0 on p1 within the given Ring for the moduli from 0 to level.
CopyValues copies the coefficients of p0 on p1 within the given Ring.
CopyValuesLvl copies the coefficients of p0 on p1 within the given Ring for the moduli from 0 to level.
Cos implements the arbitrary precision computation of Cos(x) Iterative process with an error of ~10^{−0.60206*k} after k iterations.
CRed reduce returns a mod q where a is between 0 and 2*q-1.
DecodeCoeffs converts a byte array to a matrix of coefficients.
DecodeCoeffsNew converts a byte array to a matrix of coefficients.
DecodeCoeffsNew32 converts a byte array to a matrix of coefficients.
DivRound sets the target i to round(a/b).
GenerateNTTPrimes generates n NthRoot NTT friendly primes given logQ = size of the primes.
GenerateNTTPrimesP generates "levels" different NthRoot NTT-friendly primes starting from 2**LogP and downward.
GenerateNTTPrimesQ generates "levels" different NthRoot NTT-friendly primes starting from 2**LogQ and alternating between upward and downward.
GenGaloisParams generates the generators for the Galois endomorphisms.
InvMForm switches a from the Montgomery domain back to the standard domain by computing a*(1/2^64) mod q.
InvMFormConstant switches a from the Montgomery domain back to the standard domain by computing a*(1/2^64) mod q in constant time.
InvMFormVec returns p2 = p1 * (2^64)^-1 mod qi.
InvNTT computes the InvNTT transformation on the input coefficients using the input parameters.
InvNTTConjugateInvariant computes the InvNTT in the closed sub-ring Z[X + X^-1]/(X^2N +1) of Z[X]/(X^2N+1).
InvNTTConjugateInvariantLazy computes the InvNTT in the closed sub-ring Z[X + X^-1]/(X^2N +1) of Z[X]/(X^2N+1) with output values in the range [0, 2q-1].
InvNTTLazy computes the InvNTT transformation on the input coefficients using the input parameters with output values in the range [0, 2q-1].
IsPrime applies the Baillie-PSW, which is 100% accurate for numbers bellow 2^64.
MapSmallDimensionToLargerDimensionNTT maps Y = X^{N/n} -> X directly in the NTT domain.
MForm switches a to the Montgomery domain by computing a*2^64 mod q.
MFormConstant switches a to the Montgomery domain by computing a*2^64 mod q in constant time.
MFormConstantVec returns p2 = p1 * 2^64 mod qi with result in the range [0, 2q-1].
MFormVec returns p2 = p1 * 2^64 mod qi.
Min returns the minimum between to int.
ModExp performs the modular exponentiation x^e mod p, x and p are required to be at most 64 bits to avoid an overflow.
ModexpMontgomery performs the modular exponentiation x^e mod p, where x is in Montgomery form, and returns x^e in Montgomery form.
ModVec returns p2 = p1 mod m.
MRed computes x * y * (1/2^64) mod q.
MRedConstant computes x * y * (1/2^64) mod q in constant time.
MRedParams computes the parameter qInv = (q^-1) mod 2^64, required for MRed.
MulByPow2Vec returns p2 = p1 * 2^pow2 mod qi.
MulCoeffsAndAddNoModVec returns p3 = p3 + (p1*p2 mod qi).
MulCoeffsAndAddVec returns p3 = p3 + (p1*p2) mod qi.
MulCoeffsConstantVec returns p3 = p1*p2 mod qi with output coefficients in range [0, 2qi-1].
MulCoeffsMontgomeryAndAddNoModVec returns p3 = p3 + (p1*p2 mod qi).
MulCoeffsMontgomeryAndAddVec returns p3 = p3 + (p1*p2) mod qi.
MulCoeffsMontgomeryAndSubNoMod returns p3 = p3 - p1*p2 mod qi with output coefficients in range [0, 2qi-2].
MulCoeffsMontgomeryAndSubVec returns p3 = p3 - p1*p2 mod qi.
MulCoeffsMontgomeryConstantAndAddNoModVec returns p3 = p3 + p1*p2 mod qi with output coefficients in range [0, 3qi-2].
MulCoeffsMontgomeryConstantAndNeg returns p3 = - p1*p2 mod qi with output coefficients in range [0, 2qi-2].
MulCoeffsMontgomeryConstantAndSubNoMod returns p3 = p3 - p1*p2 mod qi with output coefficients in range [0, 3qi-2].
MulCoeffsMontgomeryConstantVec returns p3 = p1*p2 mod qi with output coefficients in range [0, 2qi-1].
MulCoeffsMontgomeryVec returns p3 = p1*p2 mod qi.
MulCoeffsVec returns p3 = p1*p2 mod qi.
MulScalarMontgomeryAndAddVec returns p2 = p2 + p1*scalarMont mod qi.
MulScalarMontgomeryConstantVec returns p2 = p1*scalarMont mod qi with output coefficients in range [0, 2qi-1].
MulScalarMontgomeryVec returns p2 = p1*scalarMont mod qi.
NegVec returns p2 = -p1 mod qi.
NewComplex creates a new arbitrary precision complex number.
NewComplexMultiplier creates a new ComplexMultiplier.
NewDecomposer creates a new Decomposer.
NewFastBasisExtender creates a new FastBasisExtender, enabling RNS basis extension from Q to P and P to Q.
NewFloat creates a new big.Float element with "logPrecision" bits of precision.
NewGaussianSampler creates a new instance of GaussianSampler from a PRNG, a ring definition and the truncated Gaussian distribution parameters.
NewInt creates a new Int with a given int64 value.
NewIntFromString creates a new Int from a string.
NewPoly creates a new polynomial with N coefficients set to zero and nbModuli moduli.
NewRing creates a new RNS Ring with degree N and coefficient moduli Moduli with Standard NTT.
NewRingConjugateInvariant creates a new RNS Ring with degree N and coefficient moduli Moduli with Conjugate Invariant NTT.
NewRingFromType creates a new RNS Ring with degree N and coefficient moduli Moduli for which the type of NTT is determined by the ringType argument.
NewRingWithCustomNTT creates a new RNS Ring with degree N and coefficient moduli Moduli with user-defined NTT transform and primitive Nth root of unity.
NewRNSScaler creates a new SimpleScaler from t, the modulus under which the reconstruction is returned, the Ring in which the polynomial to reconstruct is represented.
NewSimpleScaler creates a new SimpleScaler from t, the modulus under which the reconstruction is returned, and ringQ, the Ring in which the polynomial to reconstruct is represented.
NewTernarySampler creates a new instance of TernarySampler from a PRNG, the ring definition and the distribution parameters: p is the probability of a coefficient being 0, (1-p)/2 is the probability of 1 and -1.
NewTernarySamplerSparse creates a new instance of a fixed-hamming-weight TernarySampler from a PRNG, the ring definition and the desired hamming weight for the output polynomials.
NewUint creates a new Int with a given uint64 value.
NewUniformSampler creates a new instance of UniformSampler from a PRNG and ring definition.
NextNTTPrime returns the next NthRoot NTT prime after q.
NTT computes the NTT on the input coefficients using the input parameters.
NTTConjugateInvariant computes the NTT in the closed sub-ring Z[X + X^-1]/(X^2N +1) of Z[X]/(X^2N+1).
NTTConjugateInvariantLazy computes the NTT in the closed sub-ring Z[X + X^-1]/(X^2N +1) of Z[X]/(X^2N+1) with output values in the range [0, 2q-1].
NTTLazy computes the NTT on the input coefficients using the input parameters with output values in the range [0, 2q-1].
PadDefaultRingToConjuateInvariant converts a polynomial in Z[X]/(X^N +1) to a polynomial in Z[X+X^-1]/(X^2N+1).
PowerOf2 returns (x*2^n)%q where x is in Montgomery form.
PreviousNTTPrime returns the previous NthRoot NTT prime after q.
RandInt generates a random Int in [0, max-1].
RandUniform samples a uniform randomInt variable in the range [0, mask] until randomInt is in the range [0, v-1].
ReduceConstantVec returns p2 = p1 mod qi with output coefficients range [0, 2qi-1].
ReduceVec returns p2 = p1 mod qi.
SubScalarVec returns p2 = p1 - scalar mod qi.
SubVec returns p3 = p1 - p2 mod qi.
SubVecAndMulScalarMontgomeryTwoQiVec returns p3 = (p1 + twoqi - p2) * scalarMont mod qi.
SubVecNomod returns p3 = p1 + qi - p2.
WriteCoeffsTo converts a matrix of coefficients to a byte array.
WriteCoeffsTo32 converts a matrix of coefficients to a byte array.
# Constants
Z[X+X^-1]/(X^2N + 1).
SimpleScalerFloatPrecision is the precision in bits for the big.Float in the scaling by t/Q.
Z[X]/(X^N + 1) (Default).
# Variables
DefaultParams is a struct storing default test parameters of the Qi and Pi moduli for the package Ring.
Pi60 are the next [32:64] 61-bit close to 2^{62} NTT-friendly primes for N up to 2^{17}.
Qi60 are the first [0:32] 61-bit close to 2^{62} NTT-friendly primes for N up to 2^{17}.
# Structs
ComplexMultiplier is a struct for the multiplication or division of two arbitrary precision complex numbers.
Decomposer is a structure that stores the parameters of the arbitrary decomposer.
FastBasisExtender stores the necessary parameters for RNS basis extension.
GaussianSampler keeps the state of a truncated Gaussian polynomial sampler.
NumberTheoreticTransformerConjugateInvariant computes the NTT in the ring Z[X+X^-1]/(X^2N+1).
NumberTheoreticTransformerStandard computes the standard nega-cyclic NTT in the ring Z[X]/(X^N+1).
Parameters is a struct storing test parameters for the package Ring.
Poly is the structure that contains the coefficients of a polynomial.
Ring is a structure that keeps all the variables required to operate on a polynomial represented in this ring.
RNSScaler implements the Scaler interface by performing a scaling by t/Q in the RNS domain.
SimpleScaler implements the Scaler interface by performing an RNS reconstruction and scaling by t/Q.
TernarySampler keeps the state of a polynomial sampler in the ternary distribution.
UniformSampler wraps a util.PRNG and represents the state of a sampler of uniform polynomials.
# Interfaces
NumberTheoreticTransformer is an interface to provide flexibility on what type of NTT is used by the struct Ring.
Sampler is an interface for random polynomial samplers.
Scaler is an interface that rescales polynomial coefficients by a fraction t/Q.