diff --git a/src/main.rs b/src/main.rs index 3066464..52bc502 100644 --- a/src/main.rs +++ b/src/main.rs @@ -1,9 +1,17 @@ use rug::Integer; use crate::matrix::Matrix; -use lll_rs::lll::biglll; +use lll_rs::l2::bigl2; mod lll; mod matrix; +fn abs(i: Integer) -> Integer { + if i < 0 { + -i + } else { + i + } +} + fn main() { // 1. Build lattice matrix basis let ciphertexts = vec![ @@ -18,11 +26,13 @@ Integer::from(26181), let noise_bits = 2; let basis_matrix = Matrix::new_lattice(noise_bits, ciphertexts.clone()).unwrap(); - println!("matrix: {:?}", basis_matrix); + // println!("matrix: {:?}", basis_matrix); // 2. reduce with LLL let mut lll_matrix = basis_matrix.to_lll_matrix(); - biglll::lattice_reduce(&mut lll_matrix); + println!("matrix: {:?}", lll_matrix); + bigl2::lattice_reduce(&mut lll_matrix, 0.51, 0.75); + println!("matrix: {:?}", lll_matrix); // 3. Extract shortest vector let shortest_vector = &lll_matrix[0]; @@ -30,13 +40,16 @@ Integer::from(26181), // 4. q0 candidate let q0 = &shortest_vector[0] / (Integer::from(1) << (noise_bits + 1)); + println!("q0: {}", q0); // 5. Find p // compute r0 = x0 (mod q0) // and p = (x0 − r0)/q0. let x0 = &ciphertexts[0]; + println!("x0: {}", x0); let r0 = x0 % q0.clone(); - let p_guess = (x0 - r0) / q0; + println!("r0: {}", r0); + let p_guess = abs((x0 - r0) / q0); println!("Recovered p: {}", p_guess); } diff --git a/src/matrix.rs b/src/matrix.rs index f3fefbb..7b4224f 100644 --- a/src/matrix.rs +++ b/src/matrix.rs @@ -33,11 +33,11 @@ impl Matrix { values.push(int!(2u64).pow(noise_bits as u32 + 1)); values.extend_from_slice(&ciphertexts[1..]); - // -x0 on diagonal, 0 everywhere else + // x0 on diagonal, 0 everywhere else let x0 = &ciphertexts[0]; for i in 1..n { let mut row = vec![int!(0); n]; - row[i] = -x0.clone(); + row[i] = x0.clone(); values.extend(row); }