🧱Cipher
The enVector Python SDK provides the Cipher class as the primary interface for handling Fully Homomorphic Encryption (FHE) related features. This class enables you to perform core cryptographic operations, including the encryption of data into ciphertext and its subsequent decryption back to plaintext.
Additionally, all encrypted data is managed through the specialized CipherBlock class, which provides a structured way to handle and interact with ciphertexts within the SDK.
Initialize Cipher Class
To perform encryption or decryption, you must first initialize an instance of the Cipher class. The constructor configures the FHE (Fully Homomorphic Encryption) context and loads the necessary keys for the operations you intend to perform.
You can flexibly initialize the class for encryption only, decryption only, or both, depending on which key paths you provide.
from pyenvector import Cipher
# Example: Initialize the Cipher for both encryption and decryption
cipher = Cipher(
enc_key_path="keys/EncKey.json",
sec_key_path="keys/SecKey.json",
preset="ip",
dim=512,
eval_mode="RMP",
seal_mode=None,
seal_kek_path=None,
)Parameters
enc_key_path(str, optional): Path to the encryption key file. You can specify this path when initializing the Cipher, or provide it directly incipher.encrypt()if you prefer not to store the path within the class.sec_key_path(str, optional): Path to the Secret key file. You can specify this path when initializing the Cipher, or provide it directly incipher.decrypt()if you prefer not to store the path within the class.preset(str, optional): A string specifying a pre-configured set of cryptographic parameters (e.g.,"ip"). This simplifies the FHE context setup.dim(int): Required. The dimension of the data vectors you will be working with. This value is critical for setting up the FHE context and must be between 32 and 4096.eval_mode(str, optional): Specifies the evaluation mode (e.g "rmp").seal_mode(str, optional): An advanced option for securely loading the secret key. Use this if your secret key is "sealed" or encrypted.seal_kek_path(str, optional): The path to the Key Encryption Key (KEK) required when using aseal_mode. This parameter is only necessary ifseal_modeis active.
Once you initialize Cipher, you can encrypt plaintext vector to CipherBlock.
The SDK offers two flexible ways to provide the required encryption and decryption keys:
Pre-loading Keys: You can provide key paths when you initialize the
Cipherobject. This is convenient when you plan to use the same key for multiple operations.On-the-fly: You can initialize the
Cipherobject without any keys and then provide the key path directly to theencrypt()ordecrypt()method. This is ideal if you need to manage multiple keys with a singleCipherinstance.
Method 1: Pre-loading Keys at Initialization
Provide the enc_key_path and/or sec_key_path arguments when creating the Cipher object. The object will then "hold on" to these keys for all subsequent method calls.
Example
from pyenvector import Cipher
# Initialize the Cipher with pre-loaded keys
cipher = Cipher(
dim=1024,
enc_key_path="keys/user_A/EncKey.json",
sec_key_path="keys/user_A/SecKey.json"
)
encode_type="item" # this determines db type encoding and query type encoding
# Now, encrypt() and decrypt() use the keys provided during initialization
encrypted_data = cipher.encrypt(my_data, encode_type=encode_type)
decrypted_data = cipher.decrypt(encrypted_data)Method 2: Providing Keys Per-Operation
Initialize the Cipher object with only the context parameters (like dim). Then, pass the key path as an argument to each encrypt() or decrypt() call.
Example
from pyenvector import Cipher
# Initialize a general-purpose Cipher object without specific keys
cipher = Cipher(dim=1024)
# Provide the key path directly to the method
encrypted_data = cipher.encrypt(data_A, encode_type=encode_type, enc_key_path="keys/user_A/EncKey.json")
# The same pattern applies to decryption
decrypted_data = cipher.decrypt(encrypted_data, sec_key_path="keys/user_A/SecKey.json")Last updated