c++ - Simple Encrypted Arithmetic Library (SEAL) and the seal::Ciphertext variable

Question

I'm using the Simple Encrypted Arithmetic Library (SEAL) library from Microsoft Cryptography Research Group. Is there a way to get the content of seal::Ciphertext variable? I've tried to understand the ciphertext.h and ciphertext.cpp and found the:

/**
Saves the ciphertext to an output stream. The output is in binary format and not 
human-readable. The output stream must have the "binary" flag set.

@param[in] stream The stream to save the ciphertext to
@see load() to load a saved ciphertext.
*/
void save(std::ostream &stream) const;

/**
Loads a ciphertext from an input stream overwriting the current ciphertext.

@param[in] stream The stream to load the ciphertext from
@see save() to save a ciphertext.
*/
void load(std::istream &stream);

But I coudn't find another option to get the content of anyseal::Ciphertext variable that is not a binary stream or just a pointer to some memory address and save it a string.

If any of you have download the SEAL library from the link above and extracted it without changing anything. You can find all the allowed operations on seal::Ciphertext in SEAL_2.3.1SEALsealciphertext.h and SEAL_2.3.1SEALsealciphertext.cpp

Answer 1

Short answer is that there are no other ways of accessing the ciphertext data in SEAL. The pointer returned by Ciphertext::data will give you direct access to the ciphertext data and in that sense allows you to do any kind of computation on it, e.g. converting to a human-readable string if for some reason you would want to do that.

Of course to do anything intelligible you need to know the data layout of the ciphertext. In the BFV scheme a ciphertext consists of a pair of polynomials (c₀, c₁) with large (size coeff_modulus) coefficients. Since operating on polynomials with such large coefficients is inconvenient, SEAL 2.3.1 instead uses a composite coeff_modulus and stores both c₀ and c₁ modulo each of the prime factors specified in the coeff_modulus (denote these factors q₁,q₂,...,q_k). Each q_i fits into a 64-bit word, so all of these 2k polynomials have word-size coefficients.

The ciphertext coefficient data layout is as follows (contiguous in memory):

[ c₀ mod q₁ ][ c₀ mod q₂ ]...[ c₀ mod q_k ][ c₁ mod q₁ ][ c₁ mod q₂ ]...[ c₁ mod q_k ]

where each [ c_i mod q_j ] looks like

[ c₀[0] mod q_j ][ c₁[0] mod q_j ]...[ c_n-1[0] mod q_j ]

Here I used c_i[k] to denote the degree k coefficient of c_i. Note that each coefficient is stored in a uint64_t.

Ciphertext::data returns a pointer to the constant coefficient of the c₀ polynomial with respect to the first modulus in your coeff_modulus, i.e. to c₀[0] mod q₁. In addition to this coefficient data, a Ciphertext contains a few other fields that you can read using the member functions.