π Generate FHE Keys
To interact with FHE modules, it is essential to generate a set of cryptographic keys: public key, server key, and private key. These keys enable encrypted transactions and computations in a secure environment.
Why Generating FHE Keys is Necessary
FHE allows computations to be performed directly on encrypted data, ensuring that sensitive information remains private throughout the process. Generating these keys is the first step in enabling FHE modules in Cyferio SDK, as they allow:
- Encryption: The public key is used to encrypt data.
- Computation: The server key is needed to execute computations on encrypted data.
- Decryption: The private key is used to decrypt the final results of the computations.
Important Security Considerations
- Public Key: Can be shared widely as it is used for encryption.
- Server Key: Should be handled securely, as it allows computations but does not reveal the original data.
- Private Key: Must be kept secure at all times. In production environments, store it in a secure location, such as a Hardware Security Module (HSM) or using secure multiparty computation (MPC) protocols.
In a demo environment, these keys can be generated and stored in a simple JSON file, but in production environments, secure storage is critical to ensure privacy and data integrity. Our team is working on the integration with Zamaβs Threshold Key Management Service to enable secure and robust FHE key generations and decryption.
Instructions
Run the following command to generate the FHE keys in the project root directory:
cargo run --release --bin fhe-keygenThis will generate the key pair {public key, server key, private key}. These keys will be stored in a JSON file.
Note: For demo purposes, this method stores keys insecurely in a file. In production environments:
- Store the public key securely on-chain.
- Store the server key and private key within the node, using secure key management techniques like MPC or HSM.