Microsoft SEAL

Microsoft SEAL

Publications

Videos

Overview

Microsoft SEAL—powered by open-source homomorphic encryption technology—provides a set of encryption libraries that allow computations to be performed directly on encrypted data. This enables software engineers to build end-to-end encrypted data storage and computation services where the customer never needs to share their key with the service.

Microsoft SEAL is open-source (MIT license). Start using it today!

Download

Citing Microsoft SEAL | Contact us

 

Homomorphic Encryption

Homomorphic Encryption refers to a new type of encryption technology that allows computation to be directly on encrypted data, without requiring any decryption in the process. The first homomorphic encryption scheme was invented in 2009 and several improved schemes were created over the following years. There were a few notable and publicly available implementations, but their use required extensive understanding of the complicated mathematics underlying homomorphic encryption and were not easily usable by normal software developers.

Our goal was different: making homomorphic encryption easy to use and available for everyone. Today, Microsoft SEAL reaches this goal by providing a simple and convenient API with state-of-the-art performance. Microsoft SEAL comes with several detailed and thoroughly commented examples, demonstrating how the library can be used correctly and securely, and explaining any necessary background material.

Scenarios

Secure Cloud Storage and Computation

In traditional cloud storage and computation solution customers need to trust the service provider to store and manage their data appropriately, e.g., not to share it with third parties without the customer’s consent. Microsoft SEAL replaces this trust with state-of-the-art cryptography, allowing cloud services to provide both encrypted storage and computation capabilities, while still guaranteeing that their customer’s data will never be exposed to anyone in unencrypted form.

Traditional Cloud Storage and Computation

Traditional cloud storage and computation

In traditional cloud storage and computation solutions the cloud need to have unencrypted access to customer data to compute on it, necessarily exposing the data to the cloud operators. Data privacy relies on access control policies implemented by the cloud and trusted by the customer.

Microsoft SEAL Cloud Storage and Computation

Microsoft SEAL cloud storage and computation

With Microsoft SEAL, the cloud operators will never have unencrypted access to the data they are storing and computing on. This is possible through homomorphic encryption technology, that allows computations to be performed directly on encrypted data. Data privacy relies on state-of-the-art cryptography (mathematics) and all information release will be controlled by the customer.

People

News

Microsoft Research

The Microsoft Simple Encrypted Arithmetic Library goes open source | Microsoft Research Blog | December 2018

 


In the news

Microsoft Open-Sources Its SEAL Encryption Technology Allowing Computations on Encrypted Data
CardRates | January 31, 2019

Intel, Microsoft Push Homomorphic Encryption with Open-Source Moves
Toolbox | January 10, 2019

Microsoft Open Sources Homomorphic Encryption Library “SEAL”
Computer Business Review | January 2, 2019

SEAL up your data just like Microsoft: Redmond open-sources ‘simple’ homomorphic encryption blueprints
The Register | December 4, 2018

Microsoft Open Sources SEAL Homomorphic Encryption Library
Decipher | December 3, 2018

HE-Transformer for nGraph: Enabling Deep Learning on Encrypted Data
Intel AI | December 3, 2018

 


Release news

12/2/2018: SEAL 3.1.0 released on GitHub under MIT license

In addition to the license change, this release brings many internal and a few API updates.

  • Changed to use Google Test framework for unit tests
  • Added support for 32-bit platforms
  • Cleaned up source code from unnecessary files and functions; improved build time
  • Changed directory structure to be more descriptive
  • Visual Studio solution now uses CMake to configure SEAL on Windows
  • Fixed multiple bugs
  • New capabilities, including:
    • Option of not expanding modulus chain when it is not needed
    • Easier to generate Galois keys for specific rotations
    • Loading now validates the correctness of plaintexts, ciphertexts, and keys for given SEALContext
    • New EncryptionParameterQualifiers flag indicating HomomorphicEncryption.org security standard compliance for parameters; option of enforcing the security standard
    • Secret key data is now cleared automatically from memory by destructors of SecretKey, KeyGenerator, and Decryptor

 

10/19/2018: Hotfix to SEAL 3.0

Due to a minor mistake SEAL 3.0 did not compile with OS X toolchains. This problem has now been fixed.

 

10/17/2018: SEAL 3.0 released

SEAL 3.0 is finally ready! Among other things, this major release adds support for the `FullRNS’ variant of the Cheon-Kim-Kim-Song (CKKS) approximate arithmetic scheme.

Main changes:

  • Added support for the CKKS encryption scheme (https://eprint.iacr.org/2016/421);
  • SEAL can now be compiled purely as C++14 if necessary although C++17 is recommended;
  • Added support for modulus switching (for both BFV and CKKS schemes);
  • Added seeded AES-NI-based PRNG for faster pseudo-randomness.
  • Improved performance when compiling on g++ and clang++;
  • Big improvements to the memory pooling system: the MemoryManager class now automatically hands out MemoryPoolHandle objects according to a customizable profile (MMProf class);
  • Big improvements to SEALExamples, e.g. multiple new examples;
  • Renamed `hash_block’ to `parms_id’;
  • Renamed EvaluationKeys to RelinKeys;
  • Renamed PolyCRTBuilder to BatchEncoder;
  • Removed Simulation, and Chooser, and related classes;
  • Removed .NET Framework wrappers and related projects;
  • Many bug fixes and improvements to the internals.

Let us know if you have any comments! For technical questions that can be of general interest, please ask on StackOverflow using the tag [seal]. For other communication, contact us at sealcrypto@microsoft.com.

P.S.: A big thank you to everyone who submitted bug reports for SEAL 2.3.1 and earlier versions.

 

6/20/2018: SEAL 2.3.1 released

A shiny new version of SEAL is now available! Here are the main changes:

  • SEAL requires C++17; it has been tested on Visual Studio 2017, g++-6 and newer, and clang++-5.0 and newer.
  • Added support for clang++ and fixed bug that caused incorrect results with g++-8.
  • Added CMake support for Linux and OS X. See INSTALL.txt for instructions for installing SEAL on Linux and OS X, and SEALExamples/CMakeLists.txt for an example of linking it with your projects.
  • Added performance tests to SEALNETExamples.
  • Enabled all Galois automorphisms in Evaluator/KeyGenerator.
  • Fixed bug that caused incorrect results with large plaintext modulus.
  • Simplified many class constructors: MemoryPoolHandle is no longer an optional parameter.
  • Thread-unsafe memory pools are no longer available by default (too dangerous).
  • Added experimental support for Microsoft GSL (gsl::span and gsl::multi_span).
  • Of course a huge number of internal bug fixes and improvements have been made.

Feel free to email sealcrypto@microsoft.com if you find any bugs, or if you have feature requests or other suggestions.

 

12/1/2017: SEAL v2.3.0-4 available

A new update v2.3.0-4 fixing several major bugs and issues has been released. Important changes include:

  • The problem with GCC-7.2 has been fixed. SEAL also works with GCC-5 now and uses only C++11 (no C++14).
  • Homomorphic multiplication of ciphertexts of size larger than 2 gave incorrect results. This problem has been fixed now.
  • SEALNET EvaluationKeys|GaloisKeys::Save|Load now work correctly.
  • Problems with global memory pool in SEALNET have been fixed. There is no longer need to manually destroy the global memory pool on application exit.
  • In SEALNET, EncryptionParameters::SetX(…) functions have been removed and changed into setters for the corresponding properties.
  • Downloadable Linux (.tar.gz) and Windows (.zip) versions are available separately.

 

11/17/2017: Small updates

As some of you may have noticed, we’ve been pushing a lot of small (and big) bug fixes and other updates since the initial release of v2.3.0. We just released SEAL v2.3.0-3 which—in addition to the bug fixes—brings substantial improvements to memory locality and subsequently has a major impact on performance with larger parameters.

 

11/9/2017: Direct download link

SEAL v2.3.0-2 can now be downloaded directly from https://www.microsoft.com/en-us/download/details.aspx?id=56202.

 

11/7/2017: SEAL v2.3.0 released

A new version of SEAL is available! This is the biggest update since the first release, and contains a huge number of improvements, including:

  • Implementation of the FullRNS variant of the FV scheme by Bajard et al. (SAC 2016)
  • Redesigned and improved memory management
  • Improved support for multi-threaded applications
  • Massive number of optimizations and improvements throughout the library
  • Row and column rotations of encrypted matrices (batching)
  • Completely revised SEALExamples/main.cpp; new example demonstrating multi-threaded use of SEAL
  • Better directory structure
  • Lots of bug fixes

A new SEAL manual will be available shortly.

We highly recommend all users (especially those familiar with older versions of SEAL) to go carefully over the examples in SEALExamples/main.cpp. There are several subtle but critical differences to SEAL v2.2, which are necessary to know to achieve the best performance.

 

7/21/2017: SEAL has found a new home

SEAL is now available at http://sealcrypto.visualstudio.com. To get access, send us an email at sealcrypto@microsoft.com, include an email address associated to your Microsoft Live Account, and tell us briefly what you are planning on using SEAL for. SEAL v2.3 will be available only through the new repository.

 

6/4/2017: SEAL v2.2 released

SEAL v2.2 has been released. It includes the changes from the experimental branch, and many other improvements. We have big plans for major improvements to be implemented this summer, so stay tuned!

 

10/13/2016: Experimental Branch

A new experimental branch has been created. This branch will get much more frequent updates than the master branch, but these updates may not have been tested as thoroughly as the code in the master branch, may introduce frequent API changes, and may contain incomplete functionality. This first experimental commit contains some significant performance improvements over SEAL v2.1.

 

9/30/2016: SEAL v2.1 released

Again a new version of SEAL has been released. This is a fairly large update, which focuses mostly on performance, but also introduces some small API changes.

To accompany the release and to explain the changes in SEAL v2.1, we have released a new version of the documentation, available here.

Webinar

Homomorphic Encryption with Microsoft SEAL Webinar

HE and SEAL webinar with Kim LaineIn this webinar led by researcher Kim Laine of the Cryptography and Privacy Research group at Microsoft, you’ll learn how SEAL can help software engineers develop data storage and computation services that customers can feel safe using because their personal information is never exposed…

Microsoft Research Webinar Series | August 2019