fast integer multiplication with sch onhage strassen s
play

Fast Integer Multiplication with Sch onhage-Strassens Algorithm - PowerPoint PPT Presentation

Dec 03, 2022 •358 likes •667 views

Fast Integer Multiplication with Sch onhage-Strassens Algorithm Alexander Kruppa CACAO team at LORIA, Nancy s eminaire Algorithms INRIA Rocquencourt Contents Contents Contents of this talk: 1. Basics of Integer Multiplication (a)

  1. Fast Integer Multiplication with Sch¨ onhage-Strassen’s Algorithm Alexander Kruppa CACAO team at LORIA, Nancy s´ eminaire Algorithms INRIA Rocquencourt

  2. Contents Contents Contents of this talk: 1. Basics of Integer Multiplication (a) by polynomial multiplication (b) Evaluation/Interpolation (c) Karatsuba’s method (d) Toom-Cook method (e) FFT and weighted transforms (f) Sch¨ onhage-Strassen’s Algorithm Alexander Kruppa 2 INRIA Rocquencourt

  3. Contents 2. Motivation for Improving SSA 3. Sch¨ onhage-Strassen’s Algorithm 4. High-Level Improvements (a) Mersenne Transform (b) CRT Reconstruction √ 2 Trick (c) 5. Low-Level Improvements (a) Arithmetic modulo 2 n + 1 (b) Cache Locality (c) Fine-Grained Tuning 6. Timings, Comparisons and Untested Ideas Alexander Kruppa 3 INRIA Rocquencourt

  4. Integer Multiplication Integer Multiplication • Problem: given two n -word (word base β ) integers n − 1 � a i β i , a = i =0 0 ≤ a i < β and likewise for b , compute 2 n − 1 � c i β i c = ab = i =0 n − 1 n − 1 � � a i b j β i + j , = i =0 j =0 with 0 ≤ c i < β . Alexander Kruppa 4 INRIA Rocquencourt

  5. by Polynomial Multiplication by Polynomial Multiplication • We can rewrite the problem as polynomial arithmetic: n − 1 � a i x i A ( x ) = i =0 so that a = A ( β ) , likewise for B ( x ) , then C ( x ) = A ( x ) B ( x ) n − 1 n − 1 � � a i b j x i + j = i =0 j =0 so that c = ab = C ( β ) . • Double sum has complexity O ( n 2 ) (Grammar School Algorithm), we can do much better Alexander Kruppa 5 INRIA Rocquencourt

  6. Evaluation/Interpolation Evaluation/Interpolation • Unisolvence Theorem: Polynomial of degree d − 1 is determined uniquely by values at d distinct points • Since C ( k ) = A ( k ) B ( k ) for all k ∈ R for ring R , reduce the polynomial multiplication to: 1. Evaluate A ( x ) , B ( x ) at 2 n − 1 points k 0 , . . . , k 2 n − 2 2. Pairwise multiply to get C ( k i ) = A ( k i ) B ( k i ) 3. Interpolate C ( x ) from its values C ( k i ) Alexander Kruppa 6 INRIA Rocquencourt

  7. Karatsuba’s Method Karatsuba’s Method • First algorithm to use this principle (Karatsuba and Ofman, 1962) • Multiplies polynomials of degree 1 : A ( x ) = a 0 + a 1 x • Suggested points of evaluation: 0 , 1 , ∞ • A (0) = a 0 , A (1) = a 0 + a 1 , A ( ∞ ) = a 1 (same for B ( x ) ) • C (0) = a 0 b 0 , C (1) = ( a 0 + a 1 )( b 0 + b 1 ) , C ( ∞ ) = a 1 b 1 • c 0 = C (0) , c 2 = C ( ∞ ) , c 1 = C (1) − c 0 − c 2 • Product of 2 n words computed with 3 pointwise multiplications of n words each, applied recursively: O ( n log 2 (3) ) = O ( n 1 . 585 ) Alexander Kruppa 7 INRIA Rocquencourt

  8. Toom-Cook Method Toom-Cook Method • Generalized to polynomials of larger degree (Toom, 1963, Cook, 1966) • Product of two n word integers with A ( x ) , B ( x ) of degree d : 2 d + 1 products of n/ ( d + 1) word integers • For fixed d : complexity O ( n log d +1 (2 d +1) ) , e.g. d = 2 : O ( n 1 . 465 ) • Interpolation/Evaluation costly ( O ( dn log( d )) ), cannot increase d arbitrarily for given n • Choosing d as function of n allows algorithm in O ( n 1+ ǫ ) , for any ǫ > 0 . Small exponents need very large n Alexander Kruppa 8 INRIA Rocquencourt

  9. Evaluation/Interpolation with FFT Evaluation/Interpolation with FFT • FFT solves problem of costly evaluation/interpolation a j = A ( ω j • Length- ℓ DFT of a 0 , ..., a ℓ − 1 in R computes ˜ ℓ ) , 0 ≤ j < ℓ , with ω ℓ an ℓ -th principal root of unity in R : ℓ -point polynomial evaluation • Length- ℓ IDFT computes a i from given ˜ a j : ℓ -point polynomial interpolation • With FFT algorithm, algebraic complexity only O ( ℓ log( ℓ )) • Problem: R needs to support length- ℓ FFT (preferably ℓ a power of 2 ): needs ℓ -th principal root of unity, ℓ a unit Alexander Kruppa 9 INRIA Rocquencourt

  10. Weighted Transform Weighted Transform ℓ ) ℓ = 1 for all j ∈ N , C 1 ( x ) x ℓ + C 0 ( x ) has same DFT • Since ( ω j coefficients as C 1 ( x ) + C 0 ( x ) : implicit modulus x ℓ − 1 in DFT • FFT convolution gives C ( x ) = ( A ( x ) B ( x )) mod ( x ℓ − 1) : cyclic convolution • Can change that modulus with weighed transform: compute C ( wx ) = ( A ( wx ) B ( wx )) mod ( x ℓ − 1) . Then A ( wx ) B ( wx ) = C 1 ( wx ) x ℓ w ℓ + C 0 ( wx ) C ( wx ) = C 1 ( wx ) x ℓ w ℓ + C 0 ( wx ) mod ( x ℓ − 1) = C 1 ( wx ) w ℓ + C 0 ( wx ) so that C ( x ) = ( A ( x ) B ( x )) mod ( x ℓ − w ℓ ) • With w ℓ = − 1 , we get modulus x ℓ +1 : negacyclic convolution, but need 2 ℓ -th root of unity in R Alexander Kruppa 10 INRIA Rocquencourt

  11. Sch¨ onhage-Strassen’s Algorithm: Basic Idea Sch¨ onhage-Strassen’s Algorithm: Basic Idea • First algorithms to use FFT (Sch¨ onhage and Strassen 1971) • Uses ring R n = Z / (2 n + 1) Z for transform, with ℓ = 2 k | n • Then 2 n/ℓ ≡ − 1 (mod 2 n +1) : so 2 n/ℓ ∈ R n is 2 ℓ -th root of unity, multiplication by powers of 2 is fast! ( O ( n ) ) • Allows length ℓ weighted transform for negacyclic convolution • Write input a = A (2 M ) , b = B (2 M ) , compute C ( x ) = A ( x ) B ( x ) (mod x ℓ + 1) . Then c = C (2 M ) = ab (mod 2 Mℓ + 1) • Point-wise products modulo 2 n + 1 use SSA recursively: choose next level’s ℓ ′ , M ′ so that M ′ ℓ ′ = n Alexander Kruppa 11 INRIA Rocquencourt

  12. Improvements to Sch¨ onhage- Strassen’s Algorithm Alexander Kruppa 12 INRIA Rocquencourt

  13. Motivation for Improving SSA Motivation for Improving SSA • Integer multiplication is fundamental to arithmetic, used in PRP testing, ECPP , polynomial multiplication • Sch¨ onhage-Strassen’s algorithm [SSA]: good asymptotic complexity O ( n log n log log n ) , fast in practice for large operands, exact (only integer arithmetic) • Used in GMP , widely deployed • We improved algorithmic aspects of Sch¨ onhage-Strassen • Validated by implementation based on GMP 4.2.1 [GMP] Alexander Kruppa 13 INRIA Rocquencourt

  14. Sch¨ onhage-Strassen’s Algorithm Sch¨ onhage-Strassen’s Algorithm • SSA reduces multiplication of two S -bit integers to ℓ multiplications of approx. 4 S/ℓ -bit integers • Example: multiply two numbers a, b of 2 20 bits each ⇒ product has at most 2 21 bits 1. Choose N = 2 21 and a good ℓ , for this example ℓ = 512 . We compute ab mod (2 N + 1) 2. Write a as polynomial of degree ℓ , coefficients a i < 2 M with M = N/ℓ , a = a (2 M ) . Same for b 3. ab = a (2 M ) b (2 M ) mod (2 N + 1) , compute c ( x ) = a ( x ) b ( x ) mod ( x ℓ + 1) 4. Convolution theorem: Fourier transform and pointwise multiplication Alexander Kruppa 14 INRIA Rocquencourt

  15. Sch¨ onhage-Strassen’s Algorithm 5. FFT needs ℓ -th root of unity: map to Z / (2 n + 1) Z [ x ] with ℓ | n . Then 2 2 n/ℓ has order ℓ 6. We need 2 n + 1 > c i : choose n ≥ 2 M + log 2 ( ℓ ) + 1 7. Compute c ( x ) = a ( x ) b ( x ) mod ( x ℓ + 1) , evaluate ab = c (2 M ) - and we’re done! 8. Benefits: - Root of unity is power of 2 - Reduction mod(2 n + 1) is fast - Point-wise products can use SSA recursively without padding ⇒ Z [ x ] mod ( x ℓ + 1) = ⇒ Z 2 n +1 [ x ] mod ( x ℓ + 1) = Z = ⇒ Z 2 N +1 = ⇒ Z 2 n +1 ✻ ❄ ✟ ❍ ✟✟✟✟ ❍ n ❍ ❍ No, recurse ❍ ❍❍❍❍ ✟ small? ✟ ✟ ✟ ❍ ✟ ❄ Yes, multiply Alexander Kruppa 15 INRIA Rocquencourt

  16. High-Level Optimizations High-Level Optimizations Alexander Kruppa 16 INRIA Rocquencourt

  17. Mersenne Transform Mersenne Transform • Convolution theorem implies reduction mod( x ℓ − 1) • Convolution mod( x ℓ + 1) needs weights θ i with ord ( θ ) = 2 ℓ , needs ℓ | n to get 2 ℓ -th root of unity in R n • Computing ab mod (2 N + 1) to allows recursive use of SSA, but is not required at top level • Map a and b to Z / (2 N − 1) Z instead: compute c ( x ) = a ( x ) b ( x ) mod ( x ℓ − 1) • Condition relaxes to ℓ | 2 n . Twice the transform length, smaller n • No need to apply/unapply weights Alexander Kruppa 17 INRIA Rocquencourt

  18. CRT Reconstruction CRT Reconstruction a, b a, b Z / (2 N + 1) Z Z / (2 rN + 1) Z Z / (2 sN − 1) Z Convolution Convolution Convolution ab CRT with 2 N + 1 > ab ab with (2 rN + 1)(2 sN − 1) > ab Alexander Kruppa 18 INRIA Rocquencourt

  19. CRT Reconstruction • At least one of (2 rN − 1 , 2 sN +1) and (2 rN +1 , 2 sN − 1) is coprime • Our implementation uses (2 rN +1 , 2 N − 1) : always coprime, good speed • Smaller convolution, finer-grained parameter selection Alexander Kruppa 19 INRIA Rocquencourt

  20. √ 2 Trick The √ The 2 Trick • If 4 | n , 2 is a quadratic residue in Z / (2 n + 1) Z √ √ 2 ≡ 2 3 n/ 4 − 2 n/ 4 : simple form, multiplication by • In that case, 2 takes only 2 shift, 1 subtraction modulo 2 n + 1 • Offers root of unity of order 4 n , allows ℓ | 2 n for Fermat transform, ℓ | 4 n for Mersenne transform • Sadly, higher roots of 2 usually not available in Z / (2 n + 1) Z , or have no simple form Alexander Kruppa 20 INRIA Rocquencourt

  21. Low-Level Optimizations Low-Level Optimizations Alexander Kruppa 21 INRIA Rocquencourt

Recommend

lecture 7 Integer multiplication (grade school) How to do (unsigned) integer multiplication in

lecture 7 Integer multiplication (grade school) How to do (unsigned) integer multiplication in

lecture 7 Integer multiplication (grade school) How to do (unsigned) integer multiplication in binary ? Sequential circuits 3 multiplicand - integer multiplication and division multiplier - floating point arithmetic product - finite

183 views • 3 slides
On fast multiplication of a matrix by its transpose Jean-Guillaume Dumas Cl ement Pernet

On fast multiplication of a matrix by its transpose Jean-Guillaume Dumas Cl ement Pernet

On fast multiplication of a matrix by its transpose Jean-Guillaume Dumas Cl ement Pernet Alexandre Sedoglavic Luminy, 3 Mars 2020 Centre de Recherche en Informatique, Signal et Automatique de Lille Strassen-Winograd fast multiplication

958 views • 67 slides
Fast Fourier Transform Integer multiplication Multiplying two n-bit integers A and B: Grade

Fast Fourier Transform Integer multiplication Multiplying two n-bit integers A and B: Grade

15-252: More Great Ideas in Theoretical Computer Science Spring 2017 Fast Fourier Transform Integer multiplication Multiplying two n-bit integers A and B: Grade School Method: O(n 2 ) time. Karatsubas Algorithm: O(n log 2 3 ) = O(n 1.58

952 views • 72 slides
CS 401 Integer Multiplication / Matrix Multiplication Xiaorui Sun 1 Integer Multiplication

CS 401 Integer Multiplication / Matrix Multiplication Xiaorui Sun 1 Integer Multiplication

CS 401 Integer Multiplication / Matrix Multiplication Xiaorui Sun 1 Integer Multiplication Integer Arithmetic 1 1 1 1 1 1 0 1 Add: Given two ! -bit integers 1 1 0 1 0 1 0 1 &quot; and # , compute &quot; + # . Add + 0 1 1 1

468 views • 19 slides
lecture 7 Sequential circuits 3 - integer multiplication and division - floating point

lecture 7 Sequential circuits 3 - integer multiplication and division - floating point

lecture 7 Sequential circuits 3 - integer multiplication and division - floating point arithmetic - finite state machines February 1, 2016 Integer multiplication (grade school) How to do (unsigned) integer multiplication in binary ?

402 views • 24 slides
MA/CSSE 473 Day 17 Divide-and-conquer Convex Hull Strassen's Algorithm: Matrix Multiplication

MA/CSSE 473 Day 17 Divide-and-conquer Convex Hull Strassen's Algorithm: Matrix Multiplication

MA/CSSE 473 Day 17 Divide-and-conquer Convex Hull Strassen's Algorithm: Matrix Multiplication MA/CSSE 473 Day 17 Student Questions Convex Hull (Divide and Conquer) Matrix Multiplication (Strassen) 1 Reminder: The Master Theorem

411 views • 6 slides
CS 1501 www.cs.pitt.edu/~nlf4/cs1501/ Integer Multiplication Integer multiplication Say we have

CS 1501 www.cs.pitt.edu/~nlf4/cs1501/ Integer Multiplication Integer multiplication Say we have

CS 1501 www.cs.pitt.edu/~nlf4/cs1501/ Integer Multiplication Integer multiplication Say we have 5 baskets with 8 apples in each How do we determine how many apples we have? Count them all? That would take awhile Since

580 views • 22 slides
MA/CSSE 473 Day 14 Strassen's Algorithm: Matrix Multiplication Decrease and Conquer DFS

MA/CSSE 473 Day 14 Strassen's Algorithm: Matrix Multiplication Decrease and Conquer DFS

MA/CSSE 473 Day 14 Strassen's Algorithm: Matrix Multiplication Decrease and Conquer DFS MA/CSSE 473 Day 14 HW 6 is due Tuesday In class exam (Tuesday, October 5) will cover through Chapter 4 and HW 7. Student Questions

426 views • 20 slides
Secure Strassen-Winograd Matrix Multiplication with MapReduce Radu Ciucanu 1 Matthieu Giraud 2

Secure Strassen-Winograd Matrix Multiplication with MapReduce Radu Ciucanu 1 Matthieu Giraud 2

Secure Strassen-Winograd Matrix Multiplication with MapReduce Radu Ciucanu 1 Matthieu Giraud 2 Pascal Lafourcade 2 Lihua Ye 3 1 LIFO, INSA Centre Val de Loire Universit e dOrl eans 2 LIMOS University Clermont Auvergne, France 3 School of

297 views • 25 slides
MA/CSSE 473 Day 17 Divide-and-conquer Convex Hull Strassen's Algorithm: Matrix Multiplication

MA/CSSE 473 Day 17 Divide-and-conquer Convex Hull Strassen's Algorithm: Matrix Multiplication

MA/CSSE 473 Day 17 Divide-and-conquer Convex Hull Strassen's Algorithm: Matrix Multiplication (if time, Shell's Sort) MA/CSSE 473 Day 17 Student Questions Exam 2 specification Levitin 3 rd Edition Closest Pairs algorithm

261 views • 10 slides
Divide and Conquer Chapter 4 1 Integer Multiplication 2 Integer Multiplication =

Divide and Conquer Chapter 4 1 Integer Multiplication 2 Integer Multiplication =

Divide and Conquer Chapter 4 1 Integer Multiplication 2 Integer Multiplication = Each with n bits x= 1 0 1 1 y= 1 1 0 0 0 0 0 0 0 0 0 0 1 0 1 1 1 0 1 1 Z= 1 0 0 0 0 1 0 0 3 Integer

640 views • 45 slides
EE 457 Unit 2c Fast Multipliers 2 Multiplication Overview Multiplication approaches:

EE 457 Unit 2c Fast Multipliers 2 Multiplication Overview Multiplication approaches:

1 EE 457 Unit 2c Fast Multipliers 2 Multiplication Overview Multiplication approaches: Sequential: Shift-and-Add produces one product bit per clock cycle time (usually slow) Combinational: Array multiplier uses an array of adders

407 views • 15 slides
Complexity of matrix multiplication (For Hierarchical matrix) For Usual matrix The

Complexity of matrix multiplication (For Hierarchical matrix) For Usual matrix The

Complexity of matrix multiplication (For Hierarchical matrix) For Usual matrix The naive multiplication algorithm for nxn matrix needs n^3 multiplications (and n^3 additions) Is it Optimal ? No! [Strassen] do better (n^log2

579 views • 26 slides
Proposing a Fast and Scalable Systolic Array for Matrix Multiplication Bahar Asgari , , Ra

Proposing a Fast and Scalable Systolic Array for Matrix Multiplication Bahar Asgari , , Ra

Proposing a Fast and Scalable Systolic Array for Matrix Multiplication Bahar Asgari , , Ra Ramyad Ha Hadidi, , Hy Hyesoon esoon Ki Kim Click to edit Master subtitle style Matrix Multiplication 2 Matrix multiplication is the key operation

1.1k views • 44 slides
Fast, uniform scalar multiplication for genus 2 Jacobians with fast Kummers Ping Ngai (Brian)

Fast, uniform scalar multiplication for genus 2 Jacobians with fast Kummers Ping Ngai (Brian)

Fast, uniform scalar multiplication for genus 2 Jacobians with fast Kummers Ping Ngai (Brian) Chung Craig Costello Benjamin Smith University of Chicago Microsoft Research INRIA + Laboratoire dInformatique de l Ecole polytechnique

498 views • 20 slides
Representing integer multiplication using BDDs Hvard Raddum and Srimathi Varadharajan

Representing integer multiplication using BDDs Hvard Raddum and Srimathi Varadharajan

Representing integer multiplication using BDDs Hvard Raddum and Srimathi Varadharajan Simula@UiB What is a BDD? Can be defined and understood in different ways Only one description given here BDD explained A BDD is a directed acyclic

613 views • 32 slides
New Constructions of RIP Matrices with Fast Multiplication and Fewer Rows aka, sparse recovery

New Constructions of RIP Matrices with Fast Multiplication and Fewer Rows aka, sparse recovery

New Constructions of RIP Matrices with Fast Multiplication and Fewer Rows aka, sparse recovery from Fourier -like measurements with applications to fast Johnson-Lindenstrauss transforms , etc. Jelani Nelson, Eric Price, and Mary Wootters February

394 views • 24 slides
Multiplication by an Integer Constant: Lower Bounds on the Code Length Vincent L EFVRE Loria,

Multiplication by an Integer Constant: Lower Bounds on the Code Length Vincent L EFVRE Loria,

Multiplication by an Integer Constant: Lower Bounds on the Code Length Vincent L EFVRE Loria, INRIA Lorraine RNC5 September 3 5, 2003 Vincent L EFVRE Multiplication by an Integer Constant: Lower Bounds on the Code Length 1.0

339 views • 17 slides
Multiplication and Division Instructions Multiplication and Division Instructions MUL

Multiplication and Division Instructions Multiplication and Division Instructions MUL

Multiplication and Division Instructions Multiplication and Division Instructions MUL Instruction IMUL Instruction DIV Instruction Signed Integer Division Implementing Arithmetic Expressions 1 Irvine, Kip R. Assembly

746 views • 36 slides
Integer multiplication with generalized Fermat primes Svyatoslav Covanov CARAMEL Team, LORIA,

Integer multiplication with generalized Fermat primes Svyatoslav Covanov CARAMEL Team, LORIA,

Integer multiplication with generalized Fermat primes Svyatoslav Covanov CARAMEL Team, LORIA, University of Lorraine Supervised by: Emmanuel Thom and Jrmie Detrey Journes nationales du Calcul Formel 2015 (Cluny) November 4, 2015

670 views • 44 slides
Error Correction in Fast Matrix Multiplication and Inverse Daniel S. Roche Computer Science

Error Correction in Fast Matrix Multiplication and Inverse Daniel S. Roche Computer Science

Introduction Matrix Multiplication Matrix Inverse Perspective Error Correction in Fast Matrix Multiplication and Inverse Daniel S. Roche Computer Science Department United States Naval Academy Annapolis, Maryland, U.S.A. ISSAC 2018 19

566 views • 55 slides
Fast sparse matrixvector multiplication by partitioning and reordering Albert-Jan Yzelman

Fast sparse matrixvector multiplication by partitioning and reordering Albert-Jan Yzelman

Fast sparse matrixvector multiplication by partitioning and reordering Fast sparse matrixvector multiplication by partitioning and reordering Albert-Jan Yzelman June, 2011 Albert-Jan Yzelman Fast sparse matrixvector multiplication by

1.2k views • 118 slides
Fast multiplication D. J. Bernstein University of Illinois at Chicago Part 1: polynomial

Fast multiplication D. J. Bernstein University of Illinois at Chicago Part 1: polynomial

Fast multiplication D. J. Bernstein University of Illinois at Chicago Part 1: polynomial multiplication Commutative ring A . Given coefficients of f ; g A [ x ]. Want coefficients of h = f g . e.g. f = f 0 + f 1 x , g = g 0 + g 1 x : h = h 0

803 views • 20 slides
Fast Integer Resonance Crossing in a Scaling FFAG A. Osanai, Y. Ishi, Y. Kuriyama, Y. Mori, T.

Fast Integer Resonance Crossing in a Scaling FFAG A. Osanai, Y. Ishi, Y. Kuriyama, Y. Mori, T.

Fast Integer Resonance Crossing in a Scaling FFAG A. Osanai, Y. Ishi, Y. Kuriyama, Y. Mori, T. Uesugi*, Kyoto University Research Reactor Institute (KURRI) Purpose To verify experimentally Integer resonance can be crossed, when the crossing

411 views • 14 slides

More recommend