{"id":15037148,"url":"https://github.com/microsoft/seal","last_synced_at":"2026-04-29T05:05:38.512Z","repository":{"id":33634005,"uuid":"156787357","full_name":"microsoft/SEAL","owner":"microsoft","description":"Microsoft SEAL is an easy-to-use and powerful homomorphic encryption library.","archived":false,"fork":false,"pushed_at":"2025-04-02T18:41:34.000Z","size":4920,"stargazers_count":3750,"open_issues_count":118,"forks_count":730,"subscribers_count":92,"default_branch":"main","last_synced_at":"2025-04-23T20:57:33.092Z","etag":null,"topics":["cryptography","encryption","homomorphic-encryption"],"latest_commit_sha":null,"homepage":"https://www.microsoft.com/en-us/research/group/cryptography-research/","language":"C++","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/microsoft.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGES.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-11-09T00:33:14.000Z","updated_at":"2025-04-23T19:52:54.000Z","dependencies_parsed_at":"2023-01-15T01:45:21.030Z","dependency_job_id":"f4c225e3-196f-4ebb-bb4f-1778dde81994","html_url":"https://github.com/microsoft/SEAL","commit_stats":{"total_commits":1560,"total_committers":57,"mean_commits":27.36842105263158,"dds":0.5871794871794872,"last_synced_commit":"206648d0e4634e5c61dcf9370676630268290b59"},"previous_names":[],"tags_count":38,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/microsoft%2FSEAL","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/microsoft%2FSEAL/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/microsoft%2FSEAL/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/microsoft%2FSEAL/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/microsoft","download_url":"https://codeload.github.com/microsoft/SEAL/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":250514767,"owners_count":21443208,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cryptography","encryption","homomorphic-encryption"],"created_at":"2024-09-24T20:33:36.851Z","updated_at":"2026-04-29T05:05:38.496Z","avatar_url":"https://github.com/microsoft.png","language":"C++","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Microsoft SEAL\n\nMicrosoft SEAL is an easy-to-use open-source ([MIT licensed](LICENSE)) homomorphic encryption library developed by the Cryptography Research Group at Microsoft.\nMicrosoft SEAL is written in modern standard C++ and is easy to compile and run in many different environments.\nFor more information about the Microsoft SEAL project, see [sealcrypto.org](https://www.microsoft.com/en-us/research/project/microsoft-seal).\n\nThis document pertains to Microsoft SEAL version 4.3.\nUsers of previous versions of the library should look at the [list of changes](CHANGES.md).\n\n## Contents\n\n- [Introduction](#introduction)\n - [Core Concepts](#core-concepts)\n - [Homomorphic Encryption](#homomorphic-encryption)\n - [Microsoft SEAL](#microsoft-seal-1)\n- [Getting Started](#getting-started)\n - [Optional Dependencies](#optional-dependencies)\n - [Intel HEXL](#intel-hexl)\n - [Microsoft GSL](#microsoft-gsl)\n - [ZLIB and Zstandard](#zlib-and-zstandard)\n - [Installing from NuGet Package](#installing-from-nuget-package-windows-linux-macos-android-ios)\n - [Installing from vcpkg](#installing-from-vcpkg)\n - [Examples](#examples)\n - [CKKS Programming with EVA](#ckks-programming-with-eva)\n- [Building Microsoft SEAL Manually](#building-microsoft-seal-manually)\n - [Building C++ Components](#building-c-components)\n - [Requirements](#requirements)\n - [Building Microsoft SEAL](#building-microsoft-seal)\n - [Installing Microsoft SEAL](#installing-microsoft-seal)\n - [Building and Installing on Windows](#building-and-installing-on-windows)\n - [Building for Android and iOS](#building-for-android-and-ios)\n - [Building for WebAssembly](#building-for-webassembly)\n - [Basic CMake Options](#basic-cmake-options)\n - [Advanced CMake Options](#advanced-cmake-options)\n - [Linking with Microsoft SEAL through CMake](#linking-with-microsoft-seal-through-cmake)\n - [Examples, Tests, and Benchmarks](#examples-tests-and-benchmarks)\n - [Building .NET Components](#building-net-components)\n - [Windows, Linux, and macOS](#windows-linux-and-macos)\n - [Building Your Own NuGet Package for Windows, Linux, and macOS](#building-your-own-nuget-package-for-windows-linux-and-macos)\n - [Building Your Own NuGet Package for Android and iOS](#building-your-own-nuget-package-for-android-and-ios)\n- [Contributing](#contributing)\n- [Citing Microsoft SEAL](#citing-microsoft-seal)\n- [Acknowledgments](#acknowledgments)\n\n## Introduction\n\n### Core Concepts\n\nMost encryption schemes consist of three functionalities: key generation, encryption, and decryption.\nSymmetric-key encryption schemes use the same secret key for both encryption and decryption; public-key encryption schemes use separately a public key for encryption and a secret key for decryption.\nTherefore, public-key encryption schemes allow anyone who knows the public key to encrypt data, but only those who know the secret key can decrypt and read the data.\nSymmetric-key encryption can be used for efficiently encrypting very large amounts of data, and enables secure outsourced cloud storage.\nPublic-key encryption is a fundamental concept that enables secure online communication today, but is typically much less efficient than symmetric-key encryption.\n\nWhile traditional symmetric- and public-key encryption can be used for secure storage and communication, any outsourced computation will necessarily require such encryption layers to be removed before computation can take place.\nTherefore, cloud services providing outsourced computation capabilities must have access to the secret keys, and implement access policies to prevent unauthorized employees from getting access to these keys.\n\n### Homomorphic Encryption\n\nHomomorphic encryption refers to encryption schemes that allow the cloud to compute directly on the encrypted data, without requiring the data to be decrypted first.\nThe results of such encrypted computations remain encrypted, and can be only decrypted with the secret key (by the data owner).\nMultiple homomorphic encryption schemes with different capabilities and trade-offs have been invented over the past decade; most of these are public-key encryption schemes, although the public-key functionality may not always be needed.\n\nHomomorphic encryption is not a generic technology: only some computations on encrypted data are possible.\nIt also comes with a substantial performance overhead, so computations that are already very costly to perform on unencrypted data are likely to be infeasible on encrypted data.\nMoreover, data encrypted with homomorphic encryption is many times larger than unencrypted data, so it may not make sense to encrypt, e.g., entire large databases, with this technology.\nInstead, meaningful use-cases are in scenarios where strict privacy requirements prohibit unencrypted cloud computation altogether, but the computations themselves are fairly lightweight.\n\nTypically, homomorphic encryption schemes have a single secret key which is held by the data owner.\nFor scenarios where multiple different private data owners wish to engage in collaborative computation, homomorphic encryption is probably not a reasonable solution.\n\nHomomorphic encryption cannot be used to enable data scientists to circumvent GDPR.\nFor example, there is no way for a cloud service to use homomorphic encryption to draw insights from encrypted customer data.\nInstead, results of encrypted computations remain encrypted and can only be decrypted by the owner of the data, e.g., a cloud service customer.\n\nMost homomorphic encryption schemes provide weaker security guarantees than traditional encryption schemes. You need to read [SECURITY.md](SECURITY.md) if you are thinking of building production software using Microsoft SEAL.\n\n### Microsoft SEAL\n\nMicrosoft SEAL is a homomorphic encryption library that allows additions and multiplications to be performed on encrypted integers or real numbers.\nOther operations, such as encrypted comparison, sorting, or regular expressions, are in most cases not feasible to evaluate on encrypted data using this technology.\nTherefore, only specific privacy-critical cloud computation parts of programs should be implemented with Microsoft SEAL.\n\nIt is not always easy or straightforward to translate an unencrypted computation into a computation on encrypted data, for example, it is not possible to branch on encrypted data.\nMicrosoft SEAL itself has a steep learning curve and requires the user to understand many homomorphic encryption specific concepts, even though in the end the API is not too complicated.\nEven if a user is able to program and run a specific computation using Microsoft SEAL, the difference between efficient and inefficient implementations can be several orders of magnitude, and it can be hard for new users to know how to improve the performance of their computation.\n\nMicrosoft SEAL comes with two different homomorphic encryption schemes with very different properties.\nThe BFV and BGV schemes allow modular arithmetic to be performed on encrypted integers.\nThe CKKS scheme allows additions and multiplications on encrypted real or complex numbers, but yields only approximate results.\nIn applications such as summing up encrypted real numbers, evaluating machine learning models on encrypted data, or computing distances of encrypted locations CKKS is going to be by far the best choice.\nFor applications where exact values are necessary, the BFV and BGV schemes are more suitable.\n\n## Getting Started\n\nThere are multiple ways of installing Microsoft SEAL and starting to use it.\nThe easiest way is to use a package manager to download, build, and install the library.\nFor example, [vcpkg](https://github.com/microsoft/vcpkg) works on most platforms and will be up-to-date with the latest release of Microsoft SEAL (C++17 only).\nOn macOS you can also use [Homebrew](https://formulae.brew.sh/formula/seal).\nOn FreeBSD you can use `pkg install seal` to install [security/seal](https://www.freshports.org/security/seal/).\nThe .NET library is available as a multiplatform [NuGet package](https://www.nuget.org/packages/Microsoft.Research.SEALNet).\nFinally, one can build Microsoft SEAL manually with a multiplatform CMake build system; see [Building Microsoft SEAL Manually](#building-microsoft-seal-manually) for details.\n\n### Optional Dependencies\n\nMicrosoft SEAL has no required dependencies, but certain optional features can be enabled when compiling with support for specific third-party libraries.\n\nWhen [building manually](#building-microsoft-seal-manually), one can choose to have the Microsoft SEAL build system download and build the dependencies, or alternatively search the system directories for pre-installed dependencies.\nOn the other extreme, the downloadable [NuGet package](https://www.nuget.org/packages/Microsoft.Research.SEALNet) cannot be configured at all, but it is always possible to [build a custom NuGet package](#building-your-own-nuget-package-for-windows-linux-and-macos).\nOther package managers offer varying amounts of opportunities for configuring the dependencies and [other build options](#basic-cmake-options).\n\nThe optional dependencies and their tested versions (other versions may work as well) are as follows:\n\n| Optional dependency | Tested version | Use |\n| ------------------------------------------------------ | -------------- | ------------------------------------------------ |\n| [Intel HEXL](https://github.com/intel/hexl) | 1.2.6 | Acceleration of low-level kernels |\n| [Microsoft GSL](https://github.com/microsoft/GSL) | 4.2.0 | API extensions |\n| [ZLIB](https://github.com/madler/zlib) | 1.3.1 | Compressed serialization |\n| [Zstandard](https://github.com/facebook/zstd) | 1.5.7 | Compressed serialization (much faster than ZLIB) |\n| [GoogleTest](https://github.com/google/googletest) | 1.16.0 | For running tests |\n| [GoogleBenchmark](https://github.com/google/benchmark) | 1.9.2 | For running benchmarks |\n\n#### Intel HEXL\n\nIntel HEXL is a library providing efficient implementations of cryptographic primitives common in homomorphic encryption.\nThe acceleration is particularly evident on Intel processors with the Intel AVX512-IFMA52 instruction set.\n\n#### Microsoft GSL\n\nMicrosoft GSL (Guidelines Support Library) is a header-only library that implements `gsl::span`: a *view type* that provides safe (bounds-checked) array access to memory.\n\nFor example, if Microsoft GSL is available, Microsoft SEAL can allow `BatchEncoder` and `CKKSEncoder` to encode from and decode to a `gsl::span` instead of `std::vector`, which can in some cases have a significant performance benefit.\n\n#### ZLIB and Zstandard\n\nZLIB and Zstandard are widely used compression libraries. Microsoft SEAL can optionally use these libraries to compress data that is serialized.\n\nOne may ask how compression can help when ciphertext and key data is supposed to be indistinguishable from random.\nIn Microsoft SEAL `Ciphertext` objects consist of a large number of integers modulo specific prime numbers (`coeff_modulus` primes).\nWhen using the CKKS scheme in particular, these prime numbers can be quite small (e.g., 30 bits), but the data is nevertheless serialized as 64-bit integers.\nTherefore, it is not uncommon that almost half of the ciphertext bytes are zeros, and applying a general-purpose compression algorithm is a convenient way of getting rid this wasted space.\nThe BFV scheme benefits typically less from this technique, because the prime numbers used for the `coeff_modulus` encryption parameter tend to be larger, and integers modulo these prime numbers fill more of each 64-bit word.\nCompressed serialization can be applied to any serializable Microsoft SEAL object \u0026ndash; not just to `Ciphertext` and keys .\n\nIf Microsoft SEAL is compiled with ZLIB or Zstandard support, compression will automatically be used for serialization; see `Serialization::compr_mode_default` in [native/src/seal/serialization.h](native/src/seal/serialization.h).\nHowever, it is always possible to explicitly pass `compr_mode_type::none` to serialization methods to disable compression.\nIf both ZLIB and Zstandard support are enabled, Zstandard is used by default due to its much better performance.\n\n**Note:** The compression rate for a `SecretKey` can (in theory at least) reveal information about the key.\nIn most common applications of Microsoft SEAL the size of a `SecretKey` would not be deliberately revealed to untrusted parties.\nIf this is a concern, one can always save the `SecretKey` in an uncompressed form.\n\n### Installing from NuGet Package (Windows, Linux, macOS, Android, iOS)\n\n\u003e **Notice**: **No further releases of Microsoft SEAL will be published to NuGet.org.**\n\u003e The [existing package](https://www.nuget.org/packages/Microsoft.Research.SEALNet) will remain available but will not be updated to match newer versions of Microsoft SEAL.\n\u003e To use a newer version in a .NET project, build your own NuGet package from source.\n\u003e This is straightforward following the instructions in [Building Your Own NuGet Package for Windows, Linux, and macOS](#building-your-own-nuget-package-for-windows-linux-and-macos) and [Building Your Own NuGet Package for Android and iOS](#building-your-own-nuget-package-for-android-and-ios).\n\nFor .NET developers wanting to use a previously-published release, the multiplatform NuGet package is available at [NuGet.org](https://www.nuget.org/packages/Microsoft.Research.SEALNet).\nSimply add this package into your .NET project and you are ready to go.\nTo use Microsoft SEAL in mobile C# applications, just add the NuGet package to your [MAUI project](https://dotnet.microsoft.com/en-us/apps/maui).\nUnlike the Microsoft SEAL C++ library, the .NET wrapper library works only on 64-bit platforms, so only `arm64-v8a`/`x86_64` Android ABIs and `arm64`/`x86_64` iOS architectures are supported.\n\n### Installing from vcpkg\n\nYou can download and install seal using the [vcpkg](https://github.com/Microsoft/vcpkg) dependency manager.\n\n```shell\ngit clone https://github.com/Microsoft/vcpkg.git\ncd vcpkg\n./bootstrap-vcpkg.sh # ./bootstrap-vcpkg.bat for Windows\n./vcpkg integrate install\n./vcpkg install seal\n```\n\nThe \"seal\" port in vcpkg is kept up to date by Microsoft team members and community contributors.\nIf the version is out of date, please [create an issue or pull request](https://github.com/Microsoft/vcpkg) on the vcpkg repository.\n\n### Examples\n\nUsing Microsoft SEAL will require the user to invest some time in learning fundamental concepts in homomorphic encryption.\nThe code comes with heavily commented examples that are designed to gradually teach such concepts as well as demonstrate a large fraction of the API.\nThe examples are available (and identical) in C++ and C#, and are divided into several source files in `native/examples/` (C++) and `dotnet/examples/` (C#), as follows:\n\n| C++ | C# | Description |\n| --------------------- | -------------------- | ---------------------------------------------------------------------------- |\n| `examples.cpp` | `Examples.cs` | The example runner application |\n| `1_bfv_basics.cpp` | `1_BFV_Basics.cs` | Encrypted modular arithmetic using the BFV scheme |\n| `2_encoders.cpp` | `2_Encoders.cs` | Encoding more complex data into Microsoft SEAL plaintext objects |\n| `3_levels.cpp` | `3_Levels.cs` | Introduces the concept of levels; prerequisite for using the CKKS scheme |\n| `4_bgv_basics.cpp` | `4_BGV_Basics.cs` | Encrypted modular arithmetic using the BGV scheme |\n| `5_ckks_basics.cpp` | `5_CKKS_Basics.cs` | Encrypted real number arithmetic using the CKKS scheme |\n| `6_rotation.cpp` | `6_Rotation.cs` | Performing cyclic rotations on encrypted vectors in the BFV and CKKS schemes |\n| `7_serialization.cpp` | `7_Serialization.cs` | Serializing objects in Microsoft SEAL |\n| `8_performance.cpp` | `8_Performance.cs` | Performance tests |\n\nIt is recommended to read the comments and the code snippets along with command line printout from running an example.\nFor easier navigation, command line printout provides the line number in the associated source file where the associated code snippets start.\nTo build the examples, see [Examples, Tests, and Benchmark](#examples-tests-and-benchmarks) (C++) and [Building .NET Components](#building-net-components) (C#).\n\n**Note:** It is impossible to know how to use Microsoft SEAL correctly without studying examples 1\u0026ndash;6.\nThey are designed to provide the reader with the necessary conceptual background on homomorphic encryption.\nReusing code directly from the examples will not work well, as the examples are often demonstrating individual pieces of functionality, and are not optimized for performance.\nWriting Microsoft SEAL code without studying the examples in depth will inevitably result in code that is vulnerable, malfunctioning, or extremely slow.\n\n## Building Microsoft SEAL Manually\n\n### Building C++ Components\n\nOn all platforms Microsoft SEAL is built with CMake.\nWe recommend using out-of-source build although in-source build works.\nBelow we give instructions for how to configure, build, and install Microsoft SEAL either globally (system-wide), or locally (for a single user).\nA global install requires elevated (root or administrator) privileges.\n\n#### Requirements\n\n| System | Toolchain |\n|---|---|\n| Windows | Visual Studio 2022 with C++ CMake Tools for Windows |\n| Linux | Clang++ (\u003e= 5.0) or GNU G++ (\u003e= 6.0), CMake (\u003e= 3.22) |\n| macOS/iOS | Xcode toolchain (\u003e= 9.3), CMake (\u003e= 3.22) |\n| Android | Android Studio |\n| FreeBSD | CMake (\u003e= 3.22) |\n\n**Note:** Microsoft SEAL compiled with Clang++ has much better runtime performance than one compiled with GNU G++.\n\n#### Building Microsoft SEAL\n\nWe assume that Microsoft SEAL has been cloned into a directory called `SEAL` and all commands presented below are assumed to be executed in the directory `SEAL`.\n\nYou can build the Microsoft SEAL library (out-of-source) for your machine by executing the following commands:\n\n```PowerShell\ncmake -S . -B build\ncmake --build build\n```\n\nAfter the build completes, the output binaries can be found in `build/lib/` and `build/bin/` directories.\n\nVarious configuration options can be specified and passed to the CMake build system.\nThese are described below in sections [Basic CMake Options](#basic-cmake-options) and [Advanced CMake Options](#advanced-cmake-options).\n\n#### Installing Microsoft SEAL\n\nIf you have root access to the system you can install Microsoft SEAL globally as follows:\n\n```PowerShell\ncmake -S . -B build\ncmake --build build\nsudo cmake --install build\n```\n\nTo instead install Microsoft SEAL locally, e.g., to `~/mylibs/`, do the following:\n\n```PowerShell\ncmake -S . -B build -DCMAKE_INSTALL_PREFIX=~/mylibs\ncmake --build build\nsudo cmake --install build\n```\n\n#### Building and Installing on Windows\n\nOn Windows the same scripts above work in a developer command prompt for Visual Studio using either the Ninja or \"Visual Studio 17 2022\" generators.\n\nWhen using the Ninja generator, please use the appropriate command prompt depending on the platform you want to build for.\nIf you want to build for x64, please use the **x64 Native Tools Command Prompt for Visual Studio 2022** command prompt to configure and build the library.\nIf you want to build for x86, please use the **x86 Native Tools Command Prompt for Visual Studio 2022** command prompt to configure and build the library.\nTo build using Ninja, type\n\n```PowerShell\ncmake -S . -B build -G Ninja\ncmake --build build\n```\n\nWhen using the \"Visual Studio 17 2022\" generator you can use the **Developer Command Prompt for VS 2022** command prompt to configure and build the library.\nBy default the generated platform will be x64.\nYou can specify the desired platform using the architecture flag `-A \u003cx64|Win32\u003e` and the desired configuration using `--config \u003cDebug|Release\u003e`.\n\n```PowerShell\n# Generate and build for x64 in Release mode\ncmake -S . -B build -G \"Visual Studio 17 2022\" -A x64\ncmake --build build --config Release\n```\n\n```PowerShell\n# Generate and build for x86 in Release mode\ncmake -S . -B build -G \"Visual Studio 17 2022\" -A Win32\ncmake --build build --config Release\n```\n\nInstalling the library in Windows works as well.\nInstead of using the `sudo` command, however, you need to run `cmake --install build` from a command prompt with Administrator permissions.\nFiles will be installed by default to `C:\\Program Files (x86)\\SEAL\\`.\n\nVisual Studio 2022 provides support for CMake-based projects.\nYou can select the menu option `File / Open / Folder...` and navigate to the folder where the Microsoft SEAL repository is located.\nAfter opening the folder, Visual Studio will detect that this is a CMake-based project and will enable the menu command `Project / CMake settings for SEAL`.\nThis will open the CMake settings editor that provides a user interface where you can create different configurations and set different CMake options.\n\nAfter the build completes, the output static library `seal-\u003cversion\u003e.lib` can be found in `build\\lib\\` or `build\\lib\\Release\\`.\nWhen linking with applications, using CMake as is explained in [Linking with Microsoft SEAL through CMake](#linking-with-microsoft-seal-through-cmake) is highly recommended.\nAlternatively, you need to add `native\\src\\` (full path) and `build\\native\\src\\` as include directories to locate the Microsoft SEAL header files.\n\n#### Building for Android and iOS\n\nMicrosoft SEAL can be compiled for Android and iOS.\nUnder the [android/](android/) directory of the source tree you will find an [Android Studio](https://developer.android.com/studio) project that you can use to compile the library for Android.\n\nThe easiest way to build XCFrameworks for iOS is with the provided CMake script:\n\n```bash\n# Release build, XCFrameworks written to the project root (default):\ncmake -P cmake/ios_xcframework.cmake\n\n# Debug build, custom output directory:\ncmake -DBUILD_TYPE=Debug -DOUTPUT_DIR=./out -P cmake/ios_xcframework.cmake\n```\n\nThis configures and builds for both device (`iphoneos`) and simulator (`iphonesimulator`), installs both, and creates `libseal-4.3.xcframework` and `libsealc-4.3.xcframework`.\nBoth slices target `arm64`.\nIntermediate build files are placed in `out/ios-xcframework/` by default; override with `-DWORK_DIR=\u003cpath\u003e`.\n\nOnce you have the XCFrameworks, include them in your Xcode project as framework dependencies and call the C library functions from Swift or Objective C ([see here](https://developer.apple.com/documentation/swift/using-imported-c-functions-in-swift)).\n\n\u003cdetails\u003e\n\u003csummary\u003eManual build steps (without the script)\u003c/summary\u003e\n\n```bash\nD=out/ios-xcframework # working directory\n\n# Configure for device (iphoneos) and simulator (iphonesimulator), both arm64.\ncmake -S . -B $D/build-device -GXcode \\\n -DSEAL_BUILD_SEAL_C=ON \\\n -DSEAL_BUILD_STATIC_SEAL_C=ON \\\n -DCMAKE_SYSTEM_NAME=iOS \\\n -DCMAKE_OSX_SYSROOT=iphoneos \\\n -DCMAKE_OSX_ARCHITECTURES=arm64 \\\n -C cmake/functions.ios.cmake\ncmake -S . -B $D/build-simulator -GXcode \\\n -DSEAL_BUILD_SEAL_C=ON \\\n -DSEAL_BUILD_STATIC_SEAL_C=ON \\\n -DCMAKE_SYSTEM_NAME=iOS \\\n -DCMAKE_OSX_SYSROOT=iphonesimulator \\\n -DCMAKE_OSX_ARCHITECTURES=arm64 \\\n -C cmake/functions.ios.cmake\n\n# Build and install each.\ncmake --build $D/build-device --config Release\ncmake --build $D/build-simulator --config Release\ncmake --install $D/build-device --config Release --prefix $D/install-device\ncmake --install $D/build-simulator --config Release --prefix $D/install-simulator\n\n# Stage headers per slice. XCFramework requires separate header trees because\n# generated files (e.g. config.h) can differ between device and simulator.\nmkdir -p $D/staging/device $D/staging/simulator\nrsync -a $D/install-device/include/SEAL-4.3/ $D/staging/device/\nrsync -a $D/install-simulator/include/SEAL-4.3/ $D/staging/simulator/\n\n# xcodebuild refuses to overwrite an existing .xcframework output.\nrm -rf libseal-4.3.xcframework libsealc-4.3.xcframework\n\n# Create the XCFrameworks.\nxcodebuild -create-xcframework \\\n -library $D/install-device/lib/libseal-4.3.a \\\n -headers $D/staging/device \\\n -library $D/install-simulator/lib/libseal-4.3.a \\\n -headers $D/staging/simulator \\\n -output libseal-4.3.xcframework\nxcodebuild -create-xcframework \\\n -library $D/install-device/lib/libsealc-4.3.a \\\n -headers $D/staging/device \\\n -library $D/install-simulator/lib/libsealc-4.3.a \\\n -headers $D/staging/simulator \\\n -output libsealc-4.3.xcframework\n```\n\n\u003c/details\u003e\n\n#### Building for WebAssembly\n\nMicrosoft SEAL can be compiled for JavaScript and WebAssembly using [emscripten](https://emscripten.org) on Windows, Linux, and macOS.\nBuilding for the Web means SEAL can be run in any client/server environment such as all the major browsers (e.g. Edge, Chrome, Firefox, Safari) and NodeJS.\n\nBuilding for WebAssembly requires the emscripten toolchain to be installed.\nThe easiest way to configure the toolchain is to clone [emsdk](https://github.com/emscripten-core/emsdk) and follow the [instructions](https://emscripten.org/docs/getting_started/downloads.html#installation-instructions-using-the-emsdk-recommended) (with system-specific notes). For examples, on Linux and macOS, inside the `emsdk` repo, run the following:\n\n```PowerShell\n# Install the latest toolchain\n./emsdk install latest\n./emsdk activate latest\n# Source the environment\nsource ./emsdk_env.sh\n```\n**On Windows, better run from a developer command prompt for Visual Studio; and replace `./emsdk` and `source ./emsdk_env.sh` with `emsdk` and `emsdk_env.bat`, respectively.**\nIn other environments, `cmake` must be added to the path, and either \"Ninja\" or \"MinGW Makefiles\" should be specified as generator in the following configuration step.\n`emcmake` does not work with Visual Studio 17 2022 generator.\n\nWithin the same shell, navigate to the root directory of Microsoft SEAL, run the following commands to build for WebAssembly:\n\n```PowerShell\n# Configure CMake. Example flags for a release build\nemcmake cmake -S . -B build \\\n -DBUILD_SHARED_LIBS=OFF \\\n -DCMAKE_BUILD_TYPE=Release \\\n -DCMAKE_CXX_FLAGS_RELEASE=\"-DNDEBUG -flto -O3\" \\\n -DCMAKE_C_FLAGS_RELEASE=\"-DNDEBUG -flto -O3\" \\\n -DSEAL_BUILD_BENCH=OFF \\ # Benchmark can be built for WASM. Change this to ON.\n -DSEAL_BUILD_EXAMPLES=OFF \\\n -DSEAL_BUILD_TESTS=OFF \\\n -DSEAL_USE_CXX17=ON \\\n -DSEAL_USE_INTRIN=ON \\\n -DSEAL_USE_MSGSL=OFF \\\n -DSEAL_USE_ZLIB=ON \\\n -DSEAL_THROW_ON_TRANSPARENT_CIPHERTEXT=ON\n\n# Make the static library (shared libs are not supported with emscripten)\nemmake make -C build -j\n\n# Build the WebAssembly module\nemcc \\\n -Wall \\\n -flto \\\n -O3 \\\n build/lib/libseal-4.3.a \\\n --bind \\\n -o \"build/bin/seal_wasm.js\" \\\n -s WASM=1 \\\n -s ALLOW_MEMORY_GROWTH=1\n```\n\n**Note**: There are many flags to consider when building a WebAssembly module. Please refer to the [settings.js](https://github.com/emscripten-core/emscripten/blob/main/src/settings.js) file for advanced build flags.\n\nBuilding will generate two output files, `seal_wasm.js` and `seal_wasm.wasm`, in the `build/bin/` directory.\nThe file sizes for the artifacts are very small.\nThis is because that the optimization flags perform dead code elimination (DCE) as there are no bindings generated to JavaScript.\nDefining these bindings is **necessary** in order to call into WebAssembly from the JavaScript domain; however, Microsoft SEAL does not include any definitions at this time.\nThe build flag `--bind` expects the bindings to be specified using the [embind](https://emscripten.org/docs/porting/connecting_cpp_and_javascript/embind.html) syntax.\n\n#### Basic CMake Options\n\nThe following options can be used with CMake to configure the build. The default value for each option is denoted with boldface in the **Values** column.\n\n| CMake option | Values | Information |\n| ---------------------- | ------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |\n| CMAKE_BUILD_TYPE | **Release**\u003c/br\u003eDebug\u003c/br\u003eRelWithDebInfo\u003c/br\u003eMinSizeRel\u003c/br\u003e | `Debug` and `MinSizeRel` have worse run-time performance. `Debug` inserts additional assertion code. Set to `Release` unless you are developing Microsoft SEAL itself or debugging some complex issue. |\n| SEAL_BUILD_EXAMPLES | ON / **OFF** | Build the C++ examples in [native/examples](native/examples). |\n| SEAL_BUILD_TESTS | ON / **OFF** | Build the tests to check that Microsoft SEAL works correctly. |\n| SEAL_BUILD_BENCH | ON / **OFF** | Build the performance benchmark. |\n| SEAL_BUILD_DEPS | **ON** / OFF | Set to `ON` to automatically download and build [optional dependencies](#optional-dependencies); otherwise CMake will attempt to locate pre-installed dependencies. |\n| SEAL_USE_INTEL_HEXL | ON / **OFF** | Set to `ON` to use Intel HEXL for low-level kernels. |\n| SEAL_USE_MSGSL | **ON** / OFF | Build with Microsoft GSL support. |\n| SEAL_USE_ZLIB | **ON** / OFF | Build with ZLIB support. |\n| SEAL_USE_ZSTD | **ON** / OFF | Build with Zstandard support. |\n| BUILD_SHARED_LIBS | ON / **OFF** | Set to `ON` to build a shared library instead of a static library. Not supported in Windows. |\n| SEAL_BUILD_SEAL_C | ON / **OFF** | Build the C wrapper library SEAL_C. This is used by the C# wrapper and most users should have no reason to build it. |\n| SEAL_USE_CXX17 | **ON** / OFF | Set to `ON` to build Microsoft SEAL as C++17 for a positive performance impact. |\n| SEAL_USE_INTRIN | **ON** / OFF | Set to `ON` to use compiler intrinsics for improved performance. CMake will automatically detect which intrinsics are available and enable them accordingly. |\n\nAs usual, these options can be passed to CMake with the `-D` flag.\nFor example, one could run\n\n```PowerShell\ncmake -S . -B build -DSEAL_BUILD_EXAMPLES=ON\n```\n\nto configure a release build of a static Microsoft SEAL library and also build the examples.\n\n#### Advanced CMake Options\n\nThe following options can be used with CMake to further configure the build. Most users should have no reason to change these, which is why they are marked as advanced.\n\n| CMake option | Values | Information |\n| ------------------------------------ | ------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |\n| SEAL_THROW_ON_TRANSPARENT_CIPHERTEXT | **ON** / OFF | Set to `ON` to throw an exception when Microsoft SEAL produces a ciphertext with no key-dependent component. For example, subtracting a ciphertext from itself, or multiplying a ciphertext with a plaintext zero yield identically zero ciphertexts that should not be considered as valid ciphertexts. |\n| SEAL_BUILD_STATIC_SEAL_C | ON / **OFF** | Set to `ON` to build SEAL_C as a static library instead of a shared library. |\n| SEAL_DEFAULT_PRNG | **Blake2xb**\u003c/br\u003eShake256 | Microsoft SEAL supports both Blake2xb and Shake256 XOFs for generating random bytes. Blake2xb is much faster, but it is not standardized, whereas Shake256 is a FIPS standard. |\n| SEAL_USE_GAUSSIAN_NOISE | ON / **OFF** | Set to `ON` to use a non-constant time rounded continuous Gaussian for the error distribution; otherwise a centered binomial distribution \u0026ndash; with slightly larger standard deviation \u0026ndash; is used. |\n| SEAL_AVOID_BRANCHING | ON / **OFF** | Set to `ON` to eliminate branching in critical functions when compiler has maliciously inserted flags; otherwise assume `cmov` is used. |\n| SEAL_SECURE_COMPILE_OPTIONS | ON / **OFF** | Set to `ON` to compile/link with Control-Flow Guard (`/guard:cf`) and Spectre mitigations (`/Qspectre`). This has an effect only when compiling with MSVC. |\n| SEAL_USE_ALIGNED_ALLOC | **ON** / OFF | Set to `ON` to use 64-byte aligned memory allocations. This can improve performance of AVX512 primitives when Intel HEXL is enabled. This depends on C++17 and is disabled on Android. |\n\n#### Linking with Microsoft SEAL through CMake\n\nIt is very easy to link your own applications and libraries with Microsoft SEAL if you use CMake.\nSimply add the following to your `CMakeLists.txt`:\n\n```PowerShell\nfind_package(SEAL 4.3 REQUIRED)\ntarget_link_libraries(\u003cyour target\u003e SEAL::seal)\n```\n\nIf Microsoft SEAL was installed globally, the above `find_package` command will likely find the library automatically.\nTo link with a Microsoft SEAL installed locally, e.g., installed in `~/mylibs` as described above, you may need to tell CMake where to look for Microsoft SEAL when you configure your application by running:\n\n```PowerShell\ncd \u003cdirectory containing your CMakeLists.txt\u003e\ncmake . -DCMAKE_PREFIX_PATH=~/mylibs\n```\n\nIf Microsoft SEAL was installed using a package manager like vcpkg or Homebrew, please refer to their documentation for how to link with the installed library. For example, vcpkg requires you to specify the vcpkg CMake toolchain file when configuring your project.\n\n#### Examples, Tests, and Benchmarks\n\nWhen building Microsoft SEAL, examples, tests, and benchmarks can be built by setting `SEAL_BUILD_EXAMPLES=ON`, `SEAL_BUILD_TESTS=ON`, and `SEAL_BUILD_BENCH=ON`; see [Basic CMake Options](#basic-cmake-options).\nAlternatively, [examples](native/examples/CMakeLists.txt), [tests](native/tests/CMakeLists.txt), and [benchmark](native/bench/CMakeLists.txt) can be built as standalone CMake projects linked with Microsoft SEAL (installed in `~/mylibs`), by following the commands below.\nOmit setting `SEAL_ROOT` if the library is installed globally.\n\n```PowerShell\ncd native/\u003cexamples|tests|bench\u003e\ncmake -S . -B build -DSEAL_ROOT=~/mylibs\ncmake --build build\n```\n\nBy default, benchmarks run for a vector of parameters and primitives, which can be overwhelmingly informative.\nTo execute a subset of benchmark cases, see [Google Benchmark README](https://github.com/google/benchmark/blob/master/README.md#running-a-subset-of-benchmarks).\nFor advanced users, the `bm_parms_vec` variable in [native/bench/bench.cpp](native/bench/bench.cpp) can be overwritten with custom parameter sets.\n\n**Note**: The benchmark code is strictly for experimental purposes; it allows insecure parameters that must not be used in real applications.\nDo not follow the benchmarks as examples.\n\n### Building .NET Components\n\nMicrosoft SEAL provides a .NET Standard library that wraps the functionality in Microsoft SEAL for use in .NET development.\nUsing the existing [NuGet package](https://www.nuget.org/packages/Microsoft.Research.SEALNet) is highly recommended, unless development of Microsoft SEAL or building a custom NuGet package is intended.\nPrior to building .NET components, the C wrapper library SEAL_C must be built following [Building C++ Components](#building-c-components).\nThe SEAL_C library is meant to be used only by the .NET library, not by end-users.\n\n**Note**: SEAL_C and the .NET library only support 64-bit platforms.\n\n#### Windows, Linux, and macOS\n\nFor compiling .NET code you will need to install a [.NET SDK (\u003e= 10.0)](https://dotnet.microsoft.com/download).\nBuilding the SEAL_C library with CMake will generate project files for the .NET wrapper library, examples, and unit tests.\nThe SEAL_C library must be discoverable when running a .NET application, e.g., be present in the same directory as your executable, which is taken care of by the .NET examples and tests project files.\nRun the following scripts to build each project:\n\n```PowerShell\ndotnet build build/dotnet/src --configuration \u003cDebug|Release\u003e # Build .NET wrapper library\ndotnet test build/dotnet/tests # Build and run .NET unit tests\ndotnet run -p build/dotnet/examples # Build and run .NET examples\n```\n\nYou can use `--configuration \u003cDebug|Release\u003e` to run `Debug` or `Release` examples and unit tests.\nYou can use `--verbosity detailed` to print the list of unit tests that are being run.\n\nOn Windows, you can also use the Microsoft Visual Studio 2022 solution file, for example, `out/build/x64-Debug/dotnet/SEALNet.sln` to build all three projects.\n\n#### Building Your Own NuGet Package for Windows, Linux, and macOS\n\nYou can build your own NuGet package for Microsoft SEAL by following the instructions in [NUGET.md](dotnet/nuget/NUGET.md).\n\n#### Building Your Own NuGet Package for Android and iOS\n\nAndroid and iOS .NET developers can use the standard multiplatform [NuGet package](https://www.nuget.org/packages/Microsoft.Research.SEALNet), but if this is for some reason not appropriate, it is possible to build your own custom NuGet package.\nFirst, see [Building for Android and iOS](#building-for-android-and-ios) for building the native components.\nYou can then use the multiplatform nuspec file that is prepared by CMake from [this template](dotnet/nuget/SEALNet-multi.nuspec.in).\nAfter configuring, the actual nuspec file will be located, e.g., in `build/dotnet/nuget/SEALNet-multi.nuspec`.\nSee our [packaging pipeline](pipelines/nuget.yml) for an example of how to build the NuGet package.\n\n## Contributing\n\nFor contributing to Microsoft SEAL, please see [CONTRIBUTING.md](CONTRIBUTING.md).\n\n## Citing Microsoft SEAL\n\nTo cite Microsoft SEAL in academic papers, please use the following BibTeX entries.\n\n### Version 4.3\n\n```tex\n @misc{sealcrypto,\n title = {{M}icrosoft {SEAL} (release 4.3)},\n howpublished = {\\url{https://github.com/Microsoft/SEAL}},\n month = apr,\n year = 2026,\n note = {Microsoft Research, Redmond, WA.},\n key = {SEAL}\n }\n```\n\n### Version 4.2\n\n```tex\n @misc{sealcrypto,\n title = {{M}icrosoft {SEAL} (release 4.2)},\n howpublished = {\\url{https://github.com/Microsoft/SEAL}},\n month = sep,\n year = 2025,\n note = {Microsoft Research, Redmond, WA.},\n key = {SEAL}\n }\n```\n\n### Version 4.1\n\n```tex\n @misc{sealcrypto,\n title = {{M}icrosoft {SEAL} (release 4.1)},\n howpublished = {\\url{https://github.com/Microsoft/SEAL}},\n month = jan,\n year = 2023,\n note = {Microsoft Research, Redmond, WA.},\n key = {SEAL}\n }\n```\n\n### Version 4.0\n\n```tex\n @misc{sealcrypto,\n title = {{M}icrosoft {SEAL} (release 4.0)},\n howpublished = {\\url{https://github.com/Microsoft/SEAL}},\n month = mar,\n year = 2022,\n note = {Microsoft Research, Redmond, WA.},\n key = {SEAL}\n }\n```\n\n### Version 3.7\n\n```tex\n @misc{sealcrypto,\n title = {{M}icrosoft {SEAL} (release 3.7)},\n howpublished = {\\url{https://github.com/Microsoft/SEAL}},\n month = sep,\n year = 2021,\n note = {Microsoft Research, Redmond, WA.},\n key = {SEAL}\n }\n```\n\n### Version 3.6\n\n```tex\n @misc{sealcrypto,\n title = {{M}icrosoft {SEAL} (release 3.6)},\n howpublished = {\\url{https://github.com/Microsoft/SEAL}},\n month = nov,\n year = 2020,\n note = {Microsoft Research, Redmond, WA.},\n key = {SEAL}\n }\n```\n\n### Version 3.5\n\n```tex\n @misc{sealcrypto,\n title = {{M}icrosoft {SEAL} (release 3.5)},\n howpublished = {\\url{https://github.com/Microsoft/SEAL}},\n month = apr,\n year = 2020,\n note = {Microsoft Research, Redmond, WA.},\n key = {SEAL}\n }\n```\n\n### Version 3.4\n\n```tex\n @misc{sealcrypto,\n title = {{M}icrosoft {SEAL} (release 3.4)},\n howpublished = {\\url{https://github.com/Microsoft/SEAL}},\n month = oct,\n year = 2019,\n note = {Microsoft Research, Redmond, WA.},\n key = {SEAL}\n }\n```\n\n### Version 3.3\n\n```tex\n @misc{sealcrypto,\n title = {{M}icrosoft {SEAL} (release 3.3)},\n howpublished = {\\url{https://github.com/Microsoft/SEAL}},\n month = jun,\n year = 2019,\n note = {Microsoft Research, Redmond, WA.},\n key = {SEAL}\n }\n```\n\n### Version 3.2\n\n```tex\n @misc{sealcrypto,\n title = {{M}icrosoft {SEAL} (release 3.2)},\n howpublished = {\\url{https://github.com/Microsoft/SEAL}},\n month = feb,\n year = 2019,\n note = {Microsoft Research, Redmond, WA.},\n key = {SEAL}\n }\n```\n\n### Version 3.1\n\n```tex\n @misc{sealcrypto,\n title = {{M}icrosoft {SEAL} (release 3.1)},\n howpublished = {\\url{https://github.com/Microsoft/SEAL}},\n month = dec,\n year = 2018,\n note = {Microsoft Research, Redmond, WA.},\n key = {SEAL}\n }\n```\n\n### Version 3.0\n\n```tex\n @misc{sealcrypto,\n title = {{M}icrosoft {SEAL} (release 3.0)},\n howpublished = {\\url{http://sealcrypto.org}},\n month = oct,\n year = 2018,\n note = {Microsoft Research, Redmond, WA.},\n key = {SEAL}\n }\n```\n\n## Acknowledgments\n\nMany people have contributed substantially to Microsoft SEAL without being represented in the Git history.\nWe wish to express special gratitude to [John Wernsing](https://github.com/wernsingj), [Hao Chen](https://github.com/haochenuw), [Yongsoo Song](https://yongsoosong.github.io), [Olli Saarikivi](https://github.com/olsaarik), [Rachel Player](https://github.com/rachelplayer), [Gizem S. Cetin](https://github.com/gizemscetin), [Peter Rindal](https://github.com/ladnir), [Amir Jalali](https://github.com/amirjalali65), [Kyoohyung Han](https://github.com/KyoohyungHan), [Sadegh Riazi](https://www.sadeghr.com), [Ilia Iliashenko](https://homes.esat.kuleuven.be/~ilia), [Roshan Dathathri](https://roshandathathri.github.io), [Pardis Emami-Naeini](https://homes.cs.washington.edu/~pemamina), [Sangeeta Chowdhary](https://github.com/sangeeta0201), [Deepika Natarajan](https://github.com/dnat112), and [Michael Rosenberg](https://github.com/rozbb).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmicrosoft%2Fseal","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmicrosoft%2Fseal","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmicrosoft%2Fseal/lists"}