A high-performance Zig implementation of TFHE (Torus Fully Homomorphic Encryption).
zig-tfhe is a comprehensive homomorphic encryption library that enables computation on encrypted data without decryption, built in Zig for performance and safety.
Not the language you were looking for? Check out our Rust or Go sister projects.
- Multiple Security Levels: 80-bit, 110-bit, and 128-bit security parameters
- Specialized Uint Parameters: Optimized parameter sets for different message moduli (1-8 bits)
- Homomorphic Gates: Complete set of boolean operations (AND, OR, NAND, NOR, XOR, XNOR, NOT, MUX)
- Fast Arithmetic: Efficient multi-bit arithmetic operations using ripple-carry adders
- Proxy Reencryption: LWE-based secure delegation with asymmetric public keys (NEW in v0.2.0)
- Parallel Processing: Native Zig parallelization for batch operations
- Memory Safety: Zig's compile-time safety guarantees with comprehensive allocator tracking
- Zig 0.14.0 or later
- A C compiler (for linking math libraries)
git clone https://github.com/thedonutfactory/zig-tfhe
cd zig-tfhe
zig buildconst std = @import("std");
const tfhe = @import("main");
pub fn main() !void {
var gpa = std.heap.GeneralPurposeAllocator(.{}){};
defer _ = gpa.deinit();
const allocator = gpa.allocator();
// Generate keys
const secret_key = tfhe.key.SecretKey.new();
var cloud_key = try tfhe.key.CloudKey.new(allocator, &secret_key);
defer cloud_key.deinit(allocator);
// Encrypt two boolean values
const ct_a = try tfhe.tlwe.TLWELv0.encryptBool(
true,
tfhe.params.implementation.tlwe_lv0.ALPHA,
&secret_key.key_lv0
);
const ct_b = try tfhe.tlwe.TLWELv0.encryptBool(
false,
tfhe.params.implementation.tlwe_lv0.ALPHA,
&secret_key.key_lv0
);
// Perform homomorphic AND operation
const gates_inst = tfhe.gates.Gates.new();
const result = try gates_inst.andGate(&ct_a, &ct_b, &cloud_key);
// Decrypt result
const decrypted = result.decryptBool(&secret_key.key_lv0);
std.debug.print("true AND false = {}\n", .{decrypted}); // Prints: false
}The examples/ directory contains several demonstrations:
Demonstrates homomorphic integer addition using a full adder circuit:
zig build add_two_numbersThis example adds two 16-bit numbers (402 + 304 = 706) entirely in the encrypted domain using homomorphic XOR, AND, and OR gates. See examples/README.md for details.
Demonstrates secure delegation of encrypted data access:
zig build proxy_reenc_demoThis example shows:
- Asymmetric proxy reencryption (Bob never shares his secret key)
- Multi-hop delegation chains (Alice β Bob β Carol)
- Public key encryption
- Performance metrics (~1.1ms per reencryption)
- 100% accuracy verification
See PROXY_REENC.md for complete documentation.
Run all tests:
zig build testRun specific test modules:
zig test src/gates.zig --test-filter "gates all"
zig test src/utils.zig
zig test src/key.zig --test-filter "secret key"Note: The full test suite includes cloud key generation which takes ~30 seconds. Use test filters to run faster subsets during development.
params- Security parameter selection (80-bit, 110-bit, 128-bit, Uint1-8)key- Secret key and cloud key generationtlwe- TLWE (Torus Learning With Errors) encryptiontrlwe- TRLWE (Ring Learning With Errors) encryptiontrgsw- TRGSW encryption for bootstrappinggates- Homomorphic logic gates (AND, OR, NOT, XOR, etc.)lut- Programmable bootstrapping with lookup tablesfft- Fast Fourier Transform for polynomial operationsbootstrap- Noise refreshing operationsproxy_reenc- Proxy reencryption for secure delegation (NEW in v0.2.0)utils- Utility functions for torus operations and noise generationbit_utils- Bit manipulation and encryption helpersparallel- Thread pool for parallel operations
Choose security level based on your requirements:
const params = @import("params");
// High security (default)
const security = params.SECURITY_128_BIT;
// Balanced performance and security
const security = params.SECURITY_110_BIT;
// Development/testing (faster)
const security = params.SECURITY_80_BIT;
// Specialized for multi-bit messages
const security = params.SECURITY_UINT4; // 4-bit messagesAll boolean gates supported:
const gates_inst = tfhe.gates.Gates.new();
// Basic gates
const and_result = try gates_inst.andGate(&ct_a, &ct_b, &cloud_key);
const or_result = try gates_inst.orGate(&ct_a, &ct_b, &cloud_key);
const xor_result = try gates_inst.xorGate(&ct_a, &ct_b, &cloud_key);
const not_result = gates_inst.notGate(&ct_a);
// Advanced gates
const nand_result = try gates_inst.nandGate(&ct_a, &ct_b, &cloud_key);
const nor_result = try gates_inst.norGate(&ct_a, &ct_b, &cloud_key);
const mux_result = try gates_inst.muxNaive(&ct_cond, &ct_true, &ct_false, &cloud_key);Typical performance on modern hardware (M-series Mac, ~3-4 GHz):
- Gate Operation: ~40ms per gate (includes bootstrapping)
- Key Generation: ~100ms seconds for full cloud key
- 16-bit Addition: ~1 seconds (80 gates)
Performance is dominated by bootstrapping operations, which are necessary to keep noise levels manageable for continued computation.
TLWE (Level 0)
β (Bootstrap)
TRLWE (Level 1) β Uses FFT for efficiency
β
TRGSW (Gadget Decomposition)
β
Homomorphic Gates
- TLWE: Basic torus LWE encryption (smaller dimension)
- TRLWE: Ring-based LWE over polynomial rings (larger dimension)
- TRGSW: Gadget switching keys enabling external products
- Bootstrap: Noise reduction through homomorphic decryption
- FFT: Efficient polynomial multiplication in frequency domain
All modules include comprehensive inline documentation. Generate docs with:
zig build-lib src/main.zig -femit-docsOr browse the source files - each module has detailed header documentation explaining its purpose and usage.
Contributions are welcome! This library is a port of rs-tfhe with Zig-specific optimizations and idioms.
- Follow idiomatic Zig style (see
zig fmt) - Add tests for new functionality
- Document public APIs with
///doc comments - Use proper memory management with allocators
MIT License - see LICENSE for details.
This library is based on: