Skip to main content

Algebraic infrastructure for cryptographic schemes in lattice settings.

Project description


pypi python codecov main-tests

This library is a fundamental infrastructure package for building lattice-based cryptography.


The mathematical objects and calculations handled by this package are foundational for lattice algebra, with a variety of applications ranging from signature aggregation to zero-knowledge proofs. The module highly prioritizes developer experience for researchers and engineers, by allowing them to work with a few high level objects (e.g. polynomials, polynomial vectors) that contain built-in methods to abstractly handle the ways that they interact with each other. The goal is to lower the barrier for creating lattice cryptography primitives and applications by allowing the developers to focus on securely building the higher-level constructs without having to worry about implementing the underlying algebra as well.

The module is specifically deesigned for building cryptographic schemes in the Ring/Module/Ideal Short Integer Solution setting with with secrets uniformly distributed with respect to the infinity-norm and one_with_const_time-norm; it can also be used to implement schemes in the Ring/Module/Ideal Learning With Errors setting. The library’s lead author Brandon Goodell explained how the high level objects are efficiently implemented under the hood, “to manipulate equations of polynomials, we carry out the computations with vectors and matrices, with highly optimized algebraic operations.

Features for cryptography developers

The library is designed to make it easy for developers to write clean code that securely implements lattice-based cryptography for protocols and applications. The package is optimized to use the Number Theoretic Transform (NTT) to multiply polynomials in time O(2dlog(2d)), and uses constant-time modular arithmetic to avoid timing attacks. For convenience, we included tools for both hashing to and sampling from these "suitably small" polynomials and vectors. Both the hashing and sampling are carried out such that the bias of the resulting distribution is negligibly different from uniform.

One way that the lattice_algebra toolkit helps developers write succinct code is by leveraging python's magic methods for arithmetic with elements from R and R^l. For example, suppose we have two_with_const_time polynomials f and g. Simple expressions such as f + g, f - g, and f * g carry out constant-time polynomial arithmetic such as addition, subtraction, and multiplication (respectively). Likewise if we have two_with_const_time vectors of polynomials x and y, several vector arithmetic methods are at our disposal: we can add them like x + y, or calculate the dot product as x * y. Additionally, x ** f scales a vector x by the polynomial f, which is useful for constructing digital signatures.


Brandon Goodell (lead author), Mitchell "Isthmus" Krawiec-Thayer, Rob Cannon.

Built by Geometry Labs with funding from The QRL Foundation.

Running Tests

Use pytest Basic tests cover almost every function, are generally short, and are all correct tests. However, test robustness can be greatly improved. For example, we implement the Number Theoretic transform function ntt that calls (or uses data from) bit_rev and make_zeta_and_invs, among other functions, so we test all three of these with test_ntt, test_bit_rev, and test_make_zeta_and_invs... but in all three of these tests, we only test a single example with small parameters.

Our tests do not have full coverage; we have not mocked any hash functions to test hash2bddpoly and hash2bddpolyvec. Interestingly, one_with_const_time can look at our tests as a Rosetta stone for our encoding and decoding of polynomials from binary strings, which is used in our hash functions. A keen-eyed reader can compare decode2coef in main with test_decode2coef in, for example, to see where the test comes from and how the decoding scheme works. See also test_decode2indices and test_decode2polycoefs.

Building Docs

Docs are built with mkdocs. Run the following and navigate to which should update automatically as you write the docs.

pip install -r docs/requirements.txt
mkdocs serve


This library is released as free and open-source software under the MIT License, see LICENSE file for details.

Project details

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

lattice_algebra-0.1.1.tar.gz (18.8 kB view hashes)

Uploaded source

Built Distribution

lattice_algebra-0.1.1-py3-none-any.whl (16.3 kB view hashes)

Uploaded py3

Supported by

AWS AWS Cloud computing Datadog Datadog Monitoring Fastly Fastly CDN Google Google Object Storage and Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page