lifting techniques for polynomial system solving
play

Lifting techniques for polynomial system solving Eric Schost - PowerPoint PPT Presentation

Oct 30, 2022 •675 likes •885 views

Lifting techniques for polynomial system solving Eric Schost ORCCA UWO Goals Genus 1 computing the th CCR modular equation time: O ( 3 ) output size Genus 2 computing the -torsion output size 4 time:

  1. Lifting techniques for polynomial system solving ´ Eric Schost ORCCA UWO

  2. Goals Genus 1 • computing the ℓ th CCR modular equation time: O ˜( ℓ 3 ) • output size ℓ Genus 2 • computing the ℓ -torsion • output size ℓ 4 time: O ˜( ℓ 6 ) Genus 3 • computing the ℓ -torsion • output size ℓ 6 time: O ˜( ℓ 12 )? Today: what could we expect using homotopy techniques?

  3. Deformation techniques Basic idea • we want to solve a system f ( p , x ) = f i ( p 1 , . . . , p m , x 1 , . . . , x n ) i ≤ n , zero-dimensional over K ( p ) • set up a homotopy between the target f ( p , x ) and an initial system f ( p ′ , x ) for which we know the solutions • done by letting p t = (1 − t ) p ′ + t p , computing a description of the solution curve and let t = 1.

  4. Deformation techniques Basic idea • we want to solve a system f ( p , x ) = f i ( p 1 , . . . , p m , x 1 , . . . , x n ) i ≤ n , zero-dimensional over K ( p ) • set up a homotopy between the target f ( p , x ) and an initial system f ( p ′ , x ) for which we know the solutions • done by letting p t = (1 − t ) p ′ + t p , computing a description of the solution curve and let t = 1. p p ′

  5. Deformation techniques Basic idea • we want to solve a system f ( p , x ) = f i ( p 1 , . . . , p m , x 1 , . . . , x n ) i ≤ n , zero-dimensional over K ( p ) • set up a homotopy between the target f ( p , x ) and an initial system f ( p ′ , x ) for which we know the solutions • done by letting p t = (1 − t ) p ′ + t p , computing a description of the solution curve and let t = 1. p p ′

  6. Deformation techniques Basic idea • we want to solve a system f ( p , x ) = f i ( p 1 , . . . , p m , x 1 , . . . , x n ) i ≤ n , zero-dimensional over K ( p ) • set up a homotopy between the target f ( p , x ) and an initial system f ( p ′ , x ) for which we know the solutions • done by letting p t = (1 − t ) p ′ + t p , computing a description of the solution curve and let t = 1. p p ′

  7. Deformation techniques Basic idea • we want to solve a system f ( p , x ) = f i ( p 1 , . . . , p m , x 1 , . . . , x n ) i ≤ n , zero-dimensional over K ( p ) • set up a homotopy between the target f ( p , x ) and an initial system f ( p ′ , x ) for which we know the solutions • done by letting p t = (1 − t ) p ′ + t p , computing a description of the solution curve and let t = 1. p p ′

  8. Deformation techniques Basic idea • we want to solve a system f ( p , x ) = f i ( p 1 , . . . , p m , x 1 , . . . , x n ) i ≤ n , zero-dimensional over K ( p ) • set up a homotopy between the target f ( p , x ) and an initial system f ( p ′ , x ) for which we know the solutions • done by letting p t = (1 − t ) p ′ + t p , computing a description of the solution curve and let t = 1. p p ′

  9. Triangular representation Let f t = f ( p t , x ) in K ( t )[ x ] Intermediate data structure: n polynomials in x 1 , . . . , x n over K ( t ), of the form � T n ( t, x 1 , . . . , x n ) � � . � . � . � T t � � T 2 ( t, x 1 , x 2 ) � � T 1 ( t, x 1 ) , � � with T i monic in x i , such that � T t � = � f t � • T t is a Gr¨ obner basis of f t in K ( t )[ x ] • we can let t = 1 in T t to get the solutions at t = 1. notation • ν = number of solutions = � i deg( T i , x i ) • δ = max of deg( T i , t )

  10. Degree bounds Suppose that deg( f i ) ≤ d for all i . • Bound on the x -degree: ν ≤ d n . • Bound on the t -degree of the coefficients: δ ≤ d 2 n . • Modified representation: instead of T 1 , . . . , T n , work with S 1 , . . . , S n S i = ∂T 1 · · · ∂T i − 1 T i mod � T 1 , . . . , T i − 1 � . ∂x 1 ∂x i − 1 Then δ ′ ≤ d n .

  11. Lifting one root If x 0 ∈ K n is a root of f ( p ′ , x ), we can compute x i +1 = x i − Jac( f t )( x i ) − 1 f t ( x i ) mod t 2 i +1 (we need some non-degeneracy assumptions). x i is a vector of n series of precision 2 i Cost: x i can be computed in ( Ln + n 3 ) M (2 i ) � � O operations in K , where: • L is such that f can be evaluated in L operations • M is the cost of univariate polynomial multiplication Summary: n O (1) O ˜( Lδ ) to lift one root to precision δ

  12. Computing T t 1. All roots are rational • they can all be lifted to K [[ t ]] • one can reconstruct T t by: – interpolation from its (power series) roots – rational reconstruction of its coefficients • time: n O (1) O ˜( Lδν ) 2. Lift T t • we can lift T t at once • requires multivariate polynomial arithmetic • time: O ˜( c n Lδν )

  13. Computing T t 3. Aside: using only one root • for T 1 : find the minimal polynomial of an algebraic power series – linear algebra (block Toeplitz matrix): σ -bases [Beckermann-Labahn] or structured matrices [Bitmead-Anderson, Morf] – no quasi-linear time algorithm – if δ = ν , O ˜( Lδ + δ ω ) • for T 2 , . . . , T n : a mixture of this and interpolation – ?

  14. Example 1 Point counting in genus 2 (with P. Gaudry) • finding a secure curve of genus 2 over F 2 127 − 1 . • Schoof algorithm � computing torsion divisors � solving polynomial systems – ℓ -torsion for ℓ = 2 , 3 , 5 , 7 , . . . , 31 – ℓ k -torsion for ℓ = 2 , 3 , 5 Computing 3 k -torsion While (possible==true) do • given P k of 3 k -torsion • consider the equations [3] P k +1 = P k 81 solutions; 3 → 3 2 → 3 3 → · · · • extend the base field with one solution

  15. Using the 3-torsion We solve [3] P = Q using lifting techniques, starting from known solutions of a system [3] E = F . • there are many (81) curve branches to lift; • but they are all conjugate: – if [3] P = Q and [3] P ′ = 0 – then [3]( P + P ′ ) = Q . So after computing the 3-torsion , we can • lift a single curve branche; • and add all the 3-torsion points to it – this is addition in the Jacobian, – with power series coordinates.

  16. Results Over F p 810 , p = 2 127 − 1 • lifting one branch 4300 sec. • deducing all other branches 11000 sec. • interpolation 17000 sec. • all other things 25000 sec.

  17. Example 2 (a bit speculative) Computing CCR modular equations (in genus 1) If E is an elliptic curve, the non-zero solutions of [ ℓ ]( x, y ) = 0 can be described by � y 2 − f ( x ) � � � ψ ℓ ( x ) � � Charlap-Coley-Robbins: let κ ℓ ( x, y ) = � 1 ≤ i<ℓ abscissa of [ i ]( x, y ) . Then the non-zero solutions of [ ℓ ]( x, y ) = 0 , u = κ ℓ ( x, y ) can be described by y 2 − f ( x ) � � � � φ ℓ ( x, u ) � � � Ξ ℓ ( u ) �

  18. Cost analysis Deformation techniques • replace E by E t , parametrized by a new parameter t : E : y 2 = x 3 + ax + b, E t : y 2 = x 3 + ax + tb + ( t − 1) b 0 • we want Ξ( u ) for E 1 • assume that all the torsion of E 0 is known Cost analysis: • the system can be evaluated in O (log( ℓ )) ops • ν = ℓ 2 , δ = ℓ • time: O ˜( ℓ 3 )

  19. Example 3 (even more speculative) Computing torsion in higher (fixed) genus Let now C be hyperelliptic. We want to solve [ ℓ ] D = 0. • embed C into a one-parameter family C t , with C = C 1 • assume that the ℓ -torsion of C 0 is known Cost analysis • the system can be evaluated in O (log( ℓ )) ops • ν = ℓ 2 g , δ = ℓ 2 g (?) • time: O ˜( ℓ 4 g ), i.e., g = 2 : ℓ 8 , g = 3 : ℓ 12

  20. About the starting point (100% speculative) Changing prime • hopeless to store one curve per F p • just store one, for some F p 0 • when needed over F p 1 , lift it to Q and reduce mod p 1

Recommend

Polynomial Linear System Solving with Errors by Simultaneous Polynomial Reconstruction of

Polynomial Linear System Solving with Errors by Simultaneous Polynomial Reconstruction of

Polynomial Linear System Solving with Errors by Simultaneous Polynomial Reconstruction of Interleaved Reed-Solomon Codes. Ilaria Zappatore a joint work with Eleonora Guerrini LIRMM, Montpellier Journes Nationales de Calcul Formel 2019

930 views • 49 slides
Introduction The MP Problem Solving a system of m multivariate polynomial equations in n variables

Introduction The MP Problem Solving a system of m multivariate polynomial equations in n variables

Fast Exhaustive Search for Quadratic Systems in F 2 on FPGAs Charles Bouillaguet, Chen-Mou Cheng, Tung Chou, Ruben Niederhagen, Bo- Yin Yang August 15, 2013 Introduction The MP Problem Solving a system of m multivariate polynomial equations in

790 views • 32 slides
Finding one root of a polynomial system A brief review of Smales 17th problem Pierre Lairez

Finding one root of a polynomial system A brief review of Smales 17th problem Pierre Lairez

Finding one root of a polynomial system A brief review of Smales 17th problem Pierre Lairez Inria Saclay SIAM AG 17 SIAM conference on applied algebraic geometry 2 august 2017, Atlanta Solving polynomial systems in polynomial time? degree

395 views • 26 slides
Back to the Roots Polynomial System Solving Using Linear Algebra Philippe Dreesen KU Leuven

Back to the Roots Polynomial System Solving Using Linear Algebra Philippe Dreesen KU Leuven

Motivation and History Univariate Polynomials Multivariate Polynomials Algebraic Optimization Conclusions Back to the Roots Polynomial System Solving Using Linear Algebra Philippe Dreesen KU Leuven Department of Electrical Engineering

795 views • 42 slides
and problem-solving techniques 2 Some mathematical principles and problem-solving techniques

and problem-solving techniques 2 Some mathematical principles and problem-solving techniques

Problem Solving Skills (14021601-3 ) Part 2 Some mathematical principles and problem-solving techniques 2 Some mathematical principles and problem-solving techniques Invariant Principle 3 1 Gauss When Karl Friedrich Gauss was still in

1.11k views • 77 slides
Computational complexity of solving polynomial differential equations over unbounded domains

Computational complexity of solving polynomial differential equations over unbounded domains

Computational complexity of solving polynomial differential equations over unbounded domains Amaury Pouly Joint work with Daniel Graa 10 May 2018 / 19 Ordinary Differential Equations (ODEs) System of ODEs: y 1 ( 0 )= y 0 , 1

1.19k views • 88 slides
Software Development @ PolSys (Elias @ PolSys . lip6 . FR) Software @ PolSys JNCF @ CIRM 2014

Software Development @ PolSys (Elias @ PolSys . lip6 . FR) Software @ PolSys JNCF @ CIRM 2014

Software Development @ PolSys (Elias @ PolSys . lip6 . FR) Software @ PolSys JNCF @ CIRM 2014 while true ++i; Polynomial System Solving Solving efficiently polynomial system of equations is a fundamental problem in Computer Algebra with many

412 views • 38 slides
Finding Small Roots of Bivariate Integer Polynomial Equations Revisited Jean-S ebastien Coron

Finding Small Roots of Bivariate Integer Polynomial Equations Revisited Jean-S ebastien Coron

Finding Small Roots of Bivariate Integer Polynomial Equations Revisited Jean-S ebastien Coron Gemplus Card International Issy-les-Moulineaux, France Solving polynomial equations Let p ( x ) be a polynomial and N an RSA modulus. Solving

495 views • 27 slides
Finding one root of a polynomial system Smales 17th problem Pierre Lairez Inria Saclay FoCM

Finding one root of a polynomial system Smales 17th problem Pierre Lairez Inria Saclay FoCM

Finding one root of a polynomial system Smales 17th problem Pierre Lairez Inria Saclay FoCM 2017 Foundations of computational mathematics 15 july 2017, Barcelona Solving polynomial systems subdivision finding one root finding all roots

362 views • 33 slides
DESIGN OF LIFTING OPERATION SYSTEM (HYDRAULIC SYSTEM-SPUD CAN JETTING SYSTEM- LEG MECHANISM) AT

DESIGN OF LIFTING OPERATION SYSTEM (HYDRAULIC SYSTEM-SPUD CAN JETTING SYSTEM- LEG MECHANISM) AT

DESIGN OF LIFTING OPERATION SYSTEM (HYDRAULIC SYSTEM-SPUD CAN JETTING SYSTEM- LEG MECHANISM) AT LIFTBOAT CASE STUDY L/B CAMERON CLASS 200 FIRMAN NORMA AKHMAD 4212 105 002 PROBLEM DEFINITION a. How to design spud can jetting system to ease

439 views • 26 slides
Lifting techniques in covering graphs and applications Shaofei Du School of Mathematical Sciences

Lifting techniques in covering graphs and applications Shaofei Du School of Mathematical Sciences

Lifting techniques in covering graphs and applications Shaofei Du School of Mathematical Sciences Capital Normal University Beijing, 100048, China 8th PhD Summer School in Discrete Mathematics (UP) Rogla, Slovenia July 6, 2018 Shaofei Du

518 views • 51 slides
Computational complexity of solving polynomial differential equations over unbounded domains

Computational complexity of solving polynomial differential equations over unbounded domains

Computational complexity of solving polynomial differential equations over unbounded domains Amaury Pouly , Daniel Graa , Ecole Polytechnique, LIX, 91128 Palaiseau Cedex, France CEDMES/FCT, Universidade do Algarve, C.

977 views • 75 slides
Solving Parametric Polynomial Systems by RealComprehensiveTriangularize Changbo Chen 1 and Marc

Solving Parametric Polynomial Systems by RealComprehensiveTriangularize Changbo Chen 1 and Marc

Solving Parametric Polynomial Systems by RealComprehensiveTriangularize Changbo Chen 1 and Marc Moreno Maza 2 1 Chongqing Institute of Green and Intelligent Technology, Chinese Academy of Sciences 2 ORCCA, University of Western Ontario August 8,

643 views • 36 slides
Iterative Techniques in Matrix Algebra Relaxation Techniques for Solving Linear Systems Numerical

Iterative Techniques in Matrix Algebra Relaxation Techniques for Solving Linear Systems Numerical

Iterative Techniques in Matrix Algebra Relaxation Techniques for Solving Linear Systems Numerical Analysis (9th Edition) R L Burden &amp; J D Faires Beamer Presentation Slides prepared by John Carroll Dublin City University 2011

1.17k views • 93 slides
Part 2 Some mathematical principles and problem-solving techniques 2 1 Some mathematical

Part 2 Some mathematical principles and problem-solving techniques 2 1 Some mathematical

Problem Solving Skills (14021601-3 ) Part 2 Some mathematical principles and problem-solving techniques 2 1 Some mathematical principles and problem-solving techniques Invariant Principle 3 Gauss When Karl Friedrich Gauss was still in

1.41k views • 115 slides
Solving Evacuation Problems in Polynomial Space Miriam Schlter &amp; Martin Skutella

Solving Evacuation Problems in Polynomial Space Miriam Schlter &amp; Martin Skutella

Solving Evacuation Problems in Polynomial Space Miriam Schlter &amp; Martin Skutella Solving Evacuation Problems in Polynomial Space Flows over Time Definition Solving Evacuation Problems in Polynomial Space Flows over Time Definition

650 views • 40 slides
Solving sparse polynomial systems using Gr obner basis Mat as R. Bender Sorbonne

Solving sparse polynomial systems using Gr obner basis Mat as R. Bender Sorbonne

Solving sparse polynomial systems using Gr obner basis Mat as R. Bender Sorbonne Universit e, CNRS , INRIA , Laboratoire dInformatique de Paris 6, LIP6 , Equipe PolSys , 4 place Jussieu, F-75005, Paris, France Joint work with :

893 views • 74 slides
Solving Multivariate Polynomial Systems and an Invariant from Commutative Algebra Alessio

Solving Multivariate Polynomial Systems and an Invariant from Commutative Algebra Alessio

Solving Multivariate Polynomial Systems and an Invariant from Commutative Algebra Alessio Caminata (Universitat de Barcelona) joint work with Elisa Gorla PQCrypto 2017 Utrecht, 2628 June 2017 Algebraic attack with Gr obner bases

376 views • 6 slides
Section1.6 Solving Linear Inequalities Introduction Inquality Solving Techniques 1. You can add

Section1.6 Solving Linear Inequalities Introduction Inquality Solving Techniques 1. You can add

Section1.6 Solving Linear Inequalities Introduction Inquality Solving Techniques 1. You can add or subtract any number from both sides of an inequality. Inquality Solving Techniques 1. You can add or subtract any number from both sides of an

608 views • 42 slides
Solving a Nonlinear Equation Problem: Given f ( x ), find a root (solution) of f ( x ) = 0. If

Solving a Nonlinear Equation Problem: Given f ( x ), find a root (solution) of f ( x ) = 0. If

Solving a Nonlinear Equation Problem: Given f ( x ), find a root (solution) of f ( x ) = 0. If f is a polynomial with degree 4 or less, formulas for roots exist. If f is a polynomial with degree larger than 4, no finite formula exists

482 views • 12 slides
Reconstructing Chemical Reaction Networks by Solving Boolean Polynomial Systems Chenqi Mou Wei

Reconstructing Chemical Reaction Networks by Solving Boolean Polynomial Systems Chenqi Mou Wei

Reconstructing Chemical Reaction Networks by Solving Boolean Polynomial Systems Chenqi Mou Wei Niu LMIB-School of Mathematics Ecole Centrale P ekin and Systems Science Beihang University, Beijing 100191, China chenqi.mou,

351 views • 23 slides
Lifting the curse of dimensionality in nonlinear system identification with tensor networks. Kim

Lifting the curse of dimensionality in nonlinear system identification with tensor networks. Kim

Lifting the curse of dimensionality in nonlinear system identification with tensor networks. Lifting the curse of dimensionality in nonlinear system identification with tensor networks. Kim Batselier, Zhongming Chen, Ching-Yun Ko, Ngai Wong 1 /

568 views • 53 slides
Practical SAT Solving: Look-ahead Techniques Marijn J.H. Heule Warren A. Hunt Jr. The University

Practical SAT Solving: Look-ahead Techniques Marijn J.H. Heule Warren A. Hunt Jr. The University

Practical SAT Solving: Look-ahead Techniques Marijn J.H. Heule Warren A. Hunt Jr. The University of Texas at Austin Heule &amp; Hunt (UT Austin) Look-ahead Techniques 1 / 1 Sat solving: DPLL Davis Putnam Logemann Loveland [DP60,DLL62]

687 views • 65 slides
Polynomial-time reductions We have seen several reductions: Polynomial-time reductions Informal

Polynomial-time reductions We have seen several reductions: Polynomial-time reductions Informal

Polynomial-time reductions We have seen several reductions: Polynomial-time reductions Informal explanation of reductions: We have two problems, X and Y. Suppose we have a black-box solving problem X in polynomial-time. Can we use the black-box

1.38k views • 32 slides

More recommend