A Lightweight Partially Homomorphic Encryption Library for Python
Project description
LightPHE
LightPHE is a lightweight partially homomorphic encryption library for python. It is a hybrid homomoprhic encryption library wrapping many schemes such as RSA, ElGamal, Exponential ElGamal, Elliptic Curve ElGamal, Paillier, Damgard-Jurik, Okamoto–Uchiyama, Benaloh, Naccache–Stern, Goldwasser–Micali.
Partially vs Fully Homomorphic Encryption
Even though fully homomorphic encryption (FHE) has become available in recent times, but when considering the trade-offs, LightPHE emerges as a more efficient and practical choice. If your specific task doesn't demand the full homomorphic capabilities, opting for partial homomorphism with LightPHE is the logical decision.
- 🏎️ Notably faster
- 💻 Demands fewer computational resources
- 📏 Generating much smaller ciphertexts
- 🔑 Distributing much smaller keys
- 🧠 Well-suited for memory-constrained environments
- ⚖️ Strikes a favorable balance for practical use cases
Installation 
The easiest way to install the LightPHE package is to install it from python package index (PyPI).
pip install lightphe
Then you will be able to import the library and use its functionalities.
from lightphe import LightPHE
Summary of Homomorphic Features of Different Cryptosystems in LightPHE
In summary, LightPHE is covering following algorithms and these are partially homomorphic with respect to the operations mentioned in the following table.
| Algorithm | Multiplicatively Homomorphic |
Additively Homomorphic |
Multiplication with a Plain Constant | Exclusively Homomorphic |
Regeneration of Ciphertext |
|---|---|---|---|---|---|
| RSA | ✅ | ❌ | ❌ | ❌ | ❌ |
| ElGamal | ✅ | ❌ | ❌ | ❌ | ✅ |
| Exponential ElGamal | ❌ | ✅ | ✅ | ❌ | ✅ |
| Elliptic Curve ElGamal | ❌ | ✅ | ✅ | ❌ | ❌ |
| Paillier | ❌ | ✅ | ✅ | ❌ | ✅ |
| Damgard-Jurik | ❌ | ✅ | ✅ | ❌ | ✅ |
| Benaloh | ❌ | ✅ | ✅ | ❌ | ✅ |
| Naccache-Stern | ❌ | ✅ | ✅ | ❌ | ✅ |
| Okamoto-Uchiyama | ❌ | ✅ | ✅ | ❌ | ✅ |
| Goldwasser-Micali | ❌ | ❌ | ❌ | ✅ | ❌ |
Building cryptosystem
Once you imported the library, then you can build a cryptosystem for several algorithms. This basically generates private and public key pair.
algorithms = [
"RSA",
"ElGamal",
"Exponential-ElGamal",
"Paillier",
"Damgard-Jurik",
"Okamoto-Uchiyama",
"Benaloh",
"Naccache-Stern",
"Goldwasser-Micali",
"EllipticCurve-ElGamal"
]
cs = LightPHE(algorithm_name = algorithms[0])
Encryption & Decryption
Once you built your cryptosystem, you will be able to encrypt and decrypt messages with the built cryptosystem.
# define plaintext
m = 17
# calculate ciphertext
c = cs.encrypt(m)
assert cs.decrypt(c) == m
Homomorphic Operations
Once you have the ciphertext, you will be able to perform homomorphic operations on encrypted data. For instance, Paillier is homomorphic with respect to the addition. In other words, decryption of the addition of two ciphertexts is equivalent to addition of plaintexts.
cs = LightPHE(algorithm_name = "Paillier")
# define plaintexts
m1 = 17
m2 = 23
# calculate ciphertexts
c1 = cs.encrypt(m1)
c2 = cs.encrypt(m2)
# homomorphic addition - private key is not required!
c3 = c1 + c2
# proof of work
assert cs.decrypt(c3) == m1 + m2
⚡ Notice that once can perform c1 + c2 here without holding private key. However, just the data owner with private key can perform encryption and decryption. This is the basic definition of homomorphic encryption.
Besides, Paillier is supporting multiplying ciphertexts by a known plain constant. Simply put, decryption of scalar multiplication of ciphertext is equivalent to that constant times plaintext as well.
# increasing something 5%
k = 1.05
# scalar multiplication - private key is not required!
c4 = k * c1
# proof of work
assert cs.decrypt(c4) == k * m1
⚡ Herein, k * c1 operation can be performed by anyone without holding private key.
Similar to the most of additively homomorphic algorithms, Paillier lets you to regenerate ciphertext while you are not breaking its plaintext restoration. You may consider to do this re-generation many times to have stronger ciphertexts.
c1_prime = cs.regenerate_ciphertext(c1)
assert c1_prime.value != c1.value
assert cs.decrypt(c1_prime) == m1
assert cs.decrypt(c1) == m1
Finally, if you try to perform an operation that algorithm does not support, then an exception will be thrown. For instance, Paillier is not homomorphic with respect to the multiplication or xor. To put it simply, you cannot multiply two ciphertexts. If you enforce this calculation, you will have an exception.
# pailier is not multiplicatively homomorphic
with pytest.raises(ValueError, match="Paillier is not homomorphic with respect to the multiplication"):
c1 * c2
# pailier is not exclusively homomorphic
with pytest.raises(ValueError, match="Paillier is not homomorphic with respect to the exclusive or"):
c1 ^ c2
However, if you tried to multiply ciphertexts with RSA, or xor ciphertexts with Goldwasser-Micali, these will be succeeded because those cryptosystems support those homomorphic operations.
Working with vectors
You can encrypt the output vectors of machine learning models with LightPHE. These encrypted tensors come with homomorphic operation support including homomorphic addition, element-wise multiplication and scalar multiplication.
# build an additively homomorphic cryptosystem
cs = LightPHE(algorithm_name="Paillier")
# define plain tensors
t1 = [1.005, 2.05, 3.5, 4]
t2 = [5, 6.2, 7.002, 8.02]
# encrypt tensors
c1 = cs.encrypt(t1)
c2 = cs.encrypt(t2)
# perform homomorphic addition
c3 = c1 + c2
# perform homomorphic element-wise multiplication
c4 = c1 * c2
# perform homomorphic scalar multiplication
k = 5
c5 = k * c1
# decrypt the addition tensor
t3 = cs.decrypt(c3)
# decrypt the element-wise multiplied tensor
t4 = cs.decrypt(c4)
# decrypt the scalar multiplied tensor
t5 = cs.decrypt(c5)
# data validations
threshold = 0.5
for i in range(0, len(t1)):
assert abs((t1[i] + t2[i]) - t3[i]) < threshold
assert abs((t1[i] * t2[i]) - t4[i]) < threshold
assert abs((t1[i] * k) - t5[i]) < threshold
Unfortunately, vector multiplication (dot product) requires both homomorphic addition and homomorphic multiplication and this cannot be done with partially homomorphic encryption algorithms.
Contributing
All PRs are more than welcome! If you are planning to contribute a large patch, please create an issue first to get any upfront questions or design decisions out of the way first.
You should be able run make test and make lint commands successfully before committing. Once a PR is created, GitHub test workflow will be run automatically and unit test results will be available in GitHub actions before approval. Besides, workflow will evaluate the code with pylint as well.
Support
There are many ways to support a project - starring⭐️ the GitHub repo is just one 🙏
You can also support this work on Patreon or GitHub Sponsors.
Citation
Please cite LightPHE in your publications if it helps your research. Here is its BibTex entry:
@misc{serengil2023lightphe,
abstract = {A Lightweight Partially Homomorphic Encryption Library for Python},
author = {Serengil, Sefik Ilkin},
title = {LightPHE},
howpublished = {https://github.com/serengil/LightPHE},
year = {2023}
}
Also, if you use LightPHE in your projects, please add lightphe in the requirements.txt.
License
LightPHE is licensed under the MIT License - see LICENSE for more details.
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
