parallel gauss sieve algorithm solving the ideal
play

Parallel Gauss Sieve Algorithm : Solving the Ideal T.Takagi Lattice - PowerPoint PPT Presentation

Jan 30, 2023 •199 likes •528 views

Parallel Gauss Sieve Algorithm T.Ishiguro, S.Kiyomoto, Y.Miyake, Parallel Gauss Sieve Algorithm : Solving the Ideal T.Takagi Lattice Challenge of 128 dimensions Outline Background Proposed Tsukasa Ishiguro 1 Shinsaku Kiyomoto 1 Algorithm

  1. Parallel Gauss Sieve Algorithm T.Ishiguro, S.Kiyomoto, Y.Miyake, Parallel Gauss Sieve Algorithm : Solving the Ideal T.Takagi Lattice Challenge of 128 dimensions Outline Background Proposed Tsukasa Ishiguro 1 Shinsaku Kiyomoto 1 Algorithm Improvements Yutaka Miyake 1 Tsuyoshi Takagi 2 Experiment KDDI R&D Laboratories Inc. 1 Institute of Mathematics for Industry, Kyushu University 2 2014/3/28 1 / 15

  2. Parallel Gauss Background Sieve Algorithm • Some contests from TU Darmstadt T.Ishiguro, S.Kiyomoto, - SVP Challenge, Ideal Lattice Challenge, Lattice Challenge Y.Miyake, T.Takagi Outline Background Proposed Algorithm Improvements Experiment 2 / 15

  3. Parallel Gauss Background Sieve Algorithm • Some contests from TU Darmstadt T.Ishiguro, S.Kiyomoto, - SVP Challenge, Ideal Lattice Challenge, Lattice Challenge Y.Miyake, T.Takagi Outline Background Proposed Algorithm Improvements Experiment Our contributions · A parallel version of an algorithm for solving SVP · Improvements using ideal structures · Solving the 128 dimensional SVP over ideal lattice 2 / 15

  4. b b b b b b b b b b b b b b b b b b b b b b b b b b b b b b b b b b b b b b b b b b Parallel Gauss n dimensional lattice and SVP Sieve Algorithm T.Ishiguro, S.Kiyomoto, • Lattice basis Y.Miyake, T.Takagi ( b 1 , . . . , b n ) ∈ Z n × n , B = Outline b i ∈ Z n Background Proposed Algorithm • Lattice b 1 Improvements b 2 Experiment � � � L ( B ) = α i b i , α i ∈ Z 1 ≤ i ≤ n Shortest vectors • (Euclidean) norm of v = ( v 1 , .., v n ) � � v 2 || v || = i 1 ≤ i ≤ n Definition (Shortest Vector Problem(SVP)) Given a lattice L ( B ) , find a shortest non-zero vector in L ( B ) . 3 / 15

  5. b b b b b b b b b b b b b b b b b b b b b b b b b b b b b b b b b b b b b b b b b b Parallel Gauss n dimensional ideal lattice Sieve Algorithm T.Ishiguro, S.Kiyomoto, • Polynomial representation Y.Miyake, T.Takagi v = ( v 1 , . . . , v n ) ∈ L ( B ) Outline v i x i − 1 ∈ Z [ x ] � Background ⇔ v ( x ) = Proposed 1 ≤ i ≤ n Algorithm Improvements • Vector rotation v Experiment rot ( v ) = x v ( x ) mod g ( x ) rot(v) g ( x ) : monic, deg( g ( x )) = n rot 2 (v) • If rot ( v ) ∈ L ( B ) for all v ∈ L ( B ) , then the L ( B ) is called ideal lattice 4 / 15

  6. Parallel Gauss Gauss-reduced Sieve Algorithm T.Ishiguro, Definition (Gauss-reduced) S.Kiyomoto, Y.Miyake, If two different vectors a , b ∈ L ( B ) satisfy T.Takagi || a ± b || ≥ max( || a || , || b || ) , then a , b are called Gauss-reduced. Outline Background Proposed Algorithm a + b Improvements a + b ′ Reduce Experiment b − a a a − b ′ a b b b ′ = a − b a , b are not Gauss-reduced. a , b ′ are Gauss-reduced. We say that b (or b ′ ) was reduced by a . 5 / 15

  7. Parallel Gauss Pairwise-reduced Sieve Algorithm T.Ishiguro, Definition (Pairwise-reduced) S.Kiyomoto, Y.Miyake, Let A be a set of d vectors in L ( B ) . If every pair of two vectors T.Takagi ( a i , a j ) in A for i , j = 1 , . . . , d , i � j is Gauss-reduced, then the A Outline is called pairwise-reduced. Background Proposed Algorithm Improvements Experiment Any pair of vectors are Gauss-reduced Set of vectors 6 / 15

  8. Parallel Gauss Gauss Sieve Algorithm[Micciancio, 2009] Sieve Algorithm L is always pairwise-reduced T.Ishiguro, S.Kiyomoto, Y.Miyake, T.Takagi ℓ 1 Outline Background ℓ 2 ℓ 5 Proposed Algorithm Improvements Experiment ℓ 4 ℓ 3 Stack S Vector v List L (1) chosen at random or popped from stack S 7 / 15

  9. Parallel Gauss Gauss Sieve Algorithm[Micciancio, 2009] Sieve Algorithm L is always pairwise-reduced T.Ishiguro, S.Kiyomoto, Y.Miyake, T.Takagi ℓ 1 Outline Background ℓ 2 ℓ 5 Proposed Algorithm (2) check and reduce v Improvements (3) if v was reduced, move v into stack S Experiment ℓ 4 ℓ 3 Stack S Vector v List L 7 / 15

  10. Parallel Gauss Gauss Sieve Algorithm[Micciancio, 2009] Sieve Algorithm L is always pairwise-reduced T.Ishiguro, (4) check and reduce ℓ i S.Kiyomoto, Y.Miyake, (5) if ℓ i was reduced, move ℓ i into stack S T.Takagi ℓ 1 Outline Background ℓ 2 ℓ 5 Proposed Algorithm Improvements Experiment ℓ 4 ℓ 3 Stack S Vector v List L 7 / 15

  11. Parallel Gauss Gauss Sieve Algorithm[Micciancio, 2009] Sieve Algorithm L is always pairwise-reduced T.Ishiguro, S.Kiyomoto, Y.Miyake, T.Takagi ℓ 1 Outline Background ℓ 2 ℓ 5 Proposed Algorithm Improvements Experiment ℓ 4 (6) append v to L ℓ 3 Stack S Vector v List L 7 / 15

  12. Parallel Gauss Gauss Sieve Algorithm[Micciancio, 2009] Sieve Algorithm L is always pairwise-reduced T.Ishiguro, S.Kiyomoto, Y.Miyake, T.Takagi ℓ 1 Outline Background ℓ 2 ℓ 5 Proposed Algorithm Improvements Experiment ℓ 4 ℓ 3 Stack S Vector v List L Gauss Sieve algorithm constructs a big list L of lattice vectors, which is always pairwise-reduced. Finally, a shortest vector appeared in the list L . 7 / 15

  13. Parallel Gauss Parallelization? Sieve Algorithm T.Ishiguro, • The Gauss Sieve algorithm is not easy to be parallelized S.Kiyomoto, Y.Miyake, • Milde and Schneider proposed a parallel implementation T.Takagi of the Gauss Sieve[Milde and Schneider, ’10] Outline • Them algorithm does not keep the list L pairwise-reduced Background • When they used 10 threads, the list L doubled size of Proposed Algorithm original algorithm Improvements Experiment 8 / 15

  14. Parallel Gauss Parallelization? Sieve Algorithm T.Ishiguro, • The Gauss Sieve algorithm is not easy to be parallelized S.Kiyomoto, Y.Miyake, • Milde and Schneider proposed a parallel implementation T.Takagi of the Gauss Sieve[Milde and Schneider, ’10] Outline • Them algorithm does not keep the list L pairwise-reduced Background • When they used 10 threads, the list L doubled size of Proposed Algorithm original algorithm Improvements Experiment Our goal We propose a fully parallelized Gauss Sieve algorithm. 8 / 15

  15. Parallel Gauss Parallelization? Sieve Algorithm T.Ishiguro, • The Gauss Sieve algorithm is not easy to be parallelized S.Kiyomoto, Y.Miyake, • Milde and Schneider proposed a parallel implementation T.Takagi of the Gauss Sieve[Milde and Schneider, ’10] Outline • Them algorithm does not keep the list L pairwise-reduced Background • When they used 10 threads, the list L doubled size of Proposed Algorithm original algorithm Improvements Experiment Our goal We propose a fully parallelized Gauss Sieve algorithm. Our strategy Our algorithm always keeps the list L pairwise-reduced without reference to the number of threads. 8 / 15

  16. Parallel Gauss Parallel Gauss Sieve Algorithm Sieve Algorithm L is always pairwise-reduced T.Ishiguro, S.Kiyomoto, Y.Miyake, T.Takagi ℓ 1 Outline Background ℓ 5 ℓ 2 Proposed v 4 Algorithm Improvements v 3 Experiment ℓ 4 v 2 ℓ 3 v 1 Stack S List V List L (1) choose at random or popped from stack S 9 / 15

  17. Parallel Gauss Parallel Gauss Sieve Algorithm Sieve Algorithm L is always pairwise-reduced T.Ishiguro, S.Kiyomoto, Y.Miyake, T.Takagi ℓ 1 (2) check and reduce v i Outline (3) if v i was reduced, move v i into stack S Background ℓ 5 ℓ 2 Proposed v 4 Algorithm Improvements v 3 Experiment ℓ 4 v 2 ℓ 3 v 1 Stack S List V List L 9 / 15

  18. Parallel Gauss Parallel Gauss Sieve Algorithm Sieve Algorithm L is always pairwise-reduced T.Ishiguro, S.Kiyomoto, Y.Miyake, T.Takagi ℓ 1 (4) check and reduce v i Outline (5) if v i was reduced, move v i into stack S Background ℓ 5 ℓ 2 Proposed v 4 Algorithm Improvements v 3 Experiment ℓ 4 v 2 ℓ 3 v 1 Stack S List V List L 9 / 15

  19. Parallel Gauss Parallel Gauss Sieve Algorithm Sieve Algorithm L is always pairwise-reduced T.Ishiguro, S.Kiyomoto, Y.Miyake, T.Takagi ℓ 1 (6) check and reduce ℓ i Outline (7) if ℓ i was reduced, move ℓ i into stack S Background ℓ 5 ℓ 2 Proposed v 4 Algorithm Improvements v 3 Experiment ℓ 4 v 2 ℓ 3 v 1 Stack S List V List L 9 / 15

  20. Parallel Gauss Parallel Gauss Sieve Algorithm Sieve Algorithm L is always pairwise-reduced T.Ishiguro, S.Kiyomoto, Y.Miyake, T.Takagi ℓ 1 Outline (8) append v i to L Background ℓ 5 v 4 ℓ 2 Proposed v 4 Algorithm v 3 Improvements v 3 Experiment v 2 ℓ 4 v 2 v 1 ℓ 3 v 1 Stack S List V List L 9 / 15

  21. Parallel Gauss Is a new L pairwise-reduced? Sieve Algorithm T.Ishiguro, S.Kiyomoto, ℓ 1 ℓ 1 Y.Miyake, T.Takagi ℓ 5 ℓ 5 v 4 Outline ℓ 2 ℓ 2 Background v 4 v 3 Proposed Algorithm v 3 v 2 Improvements + ℓ 4 ℓ 4 Experiment v 2 v 1 ℓ 3 ℓ 3 v 1 List L a new L = List V ∪ L List V · L and V are pairwise-reduced, respectivery · All pairs ( ℓ i , v j ) are Gauss-reduced → V ∪ L is pairwise-reduced 10 / 15

  22. Parallel Gauss Solving the 72 dimensional SVP Sieve Algorithm T.Ishiguro, 1200 S.Kiyomoto, Total time Y.Miyake, T.Takagi 1000 Outline 800 Background Time (minutes) Proposed Algorithm 600 Improvements 400 Experiment 200 0 4 8 12 16 20 24 28 32 The number of threads · This instance has 16 cores · The running time dereases until 16 threads · The sizes of the list L are most of the same 11 / 15

Recommend

PARALLEL THINKING: THE SIEVE OF ERATOSTHENES 2 1 26 07 2015 THE SIEVE OF ERATOSTHENES

PARALLEL THINKING: THE SIEVE OF ERATOSTHENES 2 1 26 07 2015 THE SIEVE OF ERATOSTHENES

26 07 2015 PARALLEL AND DISTRIBUTED ALGORITHMS BY DEBDEEP MUKHOPADHYAY AND ABHISHEK SOMANI http://cse.iitkgp.ac.in/~debdeep/courses_iitkgp/PAlgo/index.htm PARALLEL THINKING: THE SIEVE OF ERATOSTHENES 2 1 26 07 2015 THE

468 views • 11 slides
Algorithm Configuration for Portfolio-based Parallel SAT-Solving Holger Hoos 1 , Kevin

Algorithm Configuration for Portfolio-based Parallel SAT-Solving Holger Hoos 1 , Kevin

Algorithm Configuration for Portfolio-based Parallel SAT-Solving Holger Hoos 1 , Kevin Leyton-Brown 1 , Torsten Schaub 2 , Marius Schneider 2 1 Department of Computer Science University of British Columbia Vancouver, BC, Canada 2 Institute of

511 views • 15 slides
P M 2 1 Ideal Distributed-Memory Parallel Computer P+M P+M P+M P+M P+M

P M 2 1 Ideal Distributed-Memory Parallel Computer P+M P+M P+M P+M P+M

Hypercubic Networks Charles E. Leiserson 6.895 Theory of Parallel Systems November 2, 2003 1 Ideal Parallel Computer P M P M P M P M 2 1 Ideal Distributed-Memory Parallel Computer P+M P+M P+M P+M P+M P+M

324 views • 18 slides
A subfield-logarithm attack against ideal lattices, part 1: the number-field sieve D. J.

A subfield-logarithm attack against ideal lattices, part 1: the number-field sieve D. J.

A subfield-logarithm attack against ideal lattices, part 1: the number-field sieve D. J. Bernstein University of Illinois at Chicago & Technische Universiteit Eindhoven Sieving small integers 0 using primes 2 3 5 7: 1

646 views • 42 slides
and problem-solving techniques 2 Some mathematical principles and problem-solving techniques

and problem-solving techniques 2 Some mathematical principles and problem-solving techniques

Problem Solving Skills (14021601-3 ) Part 2 Some mathematical principles and problem-solving techniques 2 Some mathematical principles and problem-solving techniques Invariant Principle 3 1 Gauss When Karl Friedrich Gauss was still in

1.11k views • 77 slides
Introduction to Parallel Computing George Karypis Principles of Parallel Algorithm Design

Introduction to Parallel Computing George Karypis Principles of Parallel Algorithm Design

Introduction to Parallel Computing George Karypis Principles of Parallel Algorithm Design Outline Overview of some Serial Algorithms Parallel Algorithm vs Parallel Formulation Elements of a Parallel Algorithm/Formulation Common

873 views • 52 slides
Part 2 Some mathematical principles and problem-solving techniques 2 1 Some mathematical

Part 2 Some mathematical principles and problem-solving techniques 2 1 Some mathematical

Problem Solving Skills (14021601-3 ) Part 2 Some mathematical principles and problem-solving techniques 2 1 Some mathematical principles and problem-solving techniques Invariant Principle 3 Gauss When Karl Friedrich Gauss was still in

1.41k views • 115 slides
Individual Discrete Logarithm in GF( p k ) (last step of the Number Field Sieve algorithm) Aurore

Individual Discrete Logarithm in GF( p k ) (last step of the Number Field Sieve algorithm) Aurore

Individual Discrete Logarithm in GF( p k ) (last step of the Number Field Sieve algorithm) Aurore Guillevic INRIA Saclay / GRACE Team Ecole Polytechnique / LIX Asiacrypt 2015 Conference, Auckland, New Zealand, November 30 Aurore Guillevic

711 views • 51 slides
Cooperation control in Parallel SAT Solving N. Lazaar, Y. Hamadi, S. Jabbour, M. Sebag Parallel

Cooperation control in Parallel SAT Solving N. Lazaar, Y. Hamadi, S. Jabbour, M. Sebag Parallel

Cooperation control in Parallel SAT Solving N. Lazaar, Y. Hamadi, S. Jabbour, M. Sebag Parallel SAT Solving Decentralized resolution Each core: conflict-directed clause learning Cooperation: each core sends the learned clauses to other

277 views • 11 slides
Parallel Numerical Algorithms Chapter 2 Parallel Thinking Section 2.1 Parallel Algorithm

Parallel Numerical Algorithms Chapter 2 Parallel Thinking Section 2.1 Parallel Algorithm

Computational Model Design Methodology Example Parallel Numerical Algorithms Chapter 2 Parallel Thinking Section 2.1 Parallel Algorithm Design Michael T. Heath and Edgar Solomonik Department of Computer Science University of Illinois

595 views • 35 slides
New Complexity Trade-Offs for the (Multiple) Number Field Sieve Algorithm in Non-Prime Fields

New Complexity Trade-Offs for the (Multiple) Number Field Sieve Algorithm in Non-Prime Fields

New Complexity Trade-Offs for the (Multiple) Number Field Sieve Algorithm in Non-Prime Fields Palash Sarkar and Shashank Singh Indian Statistical Institute, Kolkata May, 2016 Eurocrypt 2016 N UMBER F IELD S IEVE FOR DLP IN F p n Choose f ( x )

615 views • 46 slides
PARALLEL ALGORITHM DESIGN FOR PARALLEL PLATFORMS 2 1 31 10 2015 OVERVIEW Task and

PARALLEL ALGORITHM DESIGN FOR PARALLEL PLATFORMS 2 1 31 10 2015 OVERVIEW Task and

31 10 2015 PARALLEL AND DISTRIBUTED ALGORITHMS BY DEBDEEP MUKHOPADHYAY AND ABHISHEK SOMANI http://cse.iitkgp.ac.in/~debdeep/courses_iitkgp/PAlgo/index.htm PARALLEL ALGORITHM DESIGN FOR PARALLEL PLATFORMS 2 1 31 10 2015

390 views • 13 slides
Quiz I Give the SVD-based algorithm for solving least squares, and I justify the algorithm by that

Quiz I Give the SVD-based algorithm for solving least squares, and I justify the algorithm by that

Quiz I Give the SVD-based algorithm for solving least squares, and I justify the algorithm by that showing it outputs the correct answer. I Under what circumstances would this algorithm be preferred over the QR-based algorithm? The Eigenvector

905 views • 18 slides
Outline'Talk'6' 1. Introduc*on:!Concepts!and!defini*ons!of!sieve!effects!/!sieve!analysis!

Outline'Talk'6' 1. Introduc*on:!Concepts!and!defini*ons!of!sieve!effects!/!sieve!analysis!

Outline'Talk'6' 1. Introduc*on:!Concepts!and!defini*ons!of!sieve!effects!/!sieve!analysis! Vaccine!efficacy!versus!par*cular!pathogen!strains! Sieve!effects!and!other!effects! Some!immunological!considera*ons!

383 views • 15 slides
Dijkstras Algorithm Problem Solving Club February 1, 2017 Dijkstras algorithm

Dijkstras Algorithm Problem Solving Club February 1, 2017 Dijkstras algorithm

Dijkstras Algorithm Problem Solving Club February 1, 2017 Dijkstras algorithm Dijkstras is a greedy algorithm that finds shortest paths from a single source to every other vertex in the graph. As usually implemented: Works

360 views • 22 slides
+ Design of Parallel Algorithms Parallel Algorithm Analysis Tools + Topic Overview n Sources

+ Design of Parallel Algorithms Parallel Algorithm Analysis Tools + Topic Overview n Sources

+ Design of Parallel Algorithms Parallel Algorithm Analysis Tools + Topic Overview n Sources of Overhead in Parallel Programs n Performance Metrics for Parallel Systems n Effect of Granularity on Performance n Scalability of Parallel

1.39k views • 50 slides
SYLLABUS The Idea of Parallelism: A Parallelised version of the Sieve of Eratosthenes PRAM Model

SYLLABUS The Idea of Parallelism: A Parallelised version of the Sieve of Eratosthenes PRAM Model

26 07 2015 PARALLEL AND DISTRIBUTED ALGORITHMS BY DEBDEEP MUKHOPADHYAY AND ABHISHEK SOMANI http://cse.iitkgp.ac.in/~debdeep/courses_iitkgp/PAlgo/index.htm SYLLABUS The Idea of Parallelism: A Parallelised version of the Sieve of

449 views • 17 slides
Problem Solving & Algorithm Design 01-1 Problem solving The act of finding a solution

Problem Solving & Algorithm Design 01-1 Problem solving The act of finding a solution

Problem Solving & Algorithm Design 01-1 Problem solving The act of finding a solution to a perplexing, distressing, vexing, or unsettled question 01-2 How to Solve it Written by George Polya in 1945 01-3 How to Solve it

907 views • 31 slides
+ Design of Parallel Algorithms Parallel Algorithm Analysis Tools + Topic Overview n Sources of

+ Design of Parallel Algorithms Parallel Algorithm Analysis Tools + Topic Overview n Sources of

+ Design of Parallel Algorithms Parallel Algorithm Analysis Tools + Topic Overview n Sources of Overhead in Parallel Programs n Performance Metrics for Parallel Systems n Effect of Granularity on Performance n Scalability of Parallel Systems n

645 views • 50 slides
1 AP Physics C E & M Gauss's Law 20160109 www.njctl.org 2 Gauss's Law Click on

1 AP Physics C E & M Gauss's Law 20160109 www.njctl.org 2 Gauss's Law Click on

1 AP Physics C E & M Gauss's Law 20160109 www.njctl.org 2 Gauss's Law Click on the topic to go to that section Electric Flux Gauss's Law Sphere Infinite Rod of Charge Infinite Plane of Charge Electrostatic

1.08k views • 71 slides
Parallel Numerical Algorithms Solution of Boundary Value Problems 1 Overview of Lecture

Parallel Numerical Algorithms Solution of Boundary Value Problems 1 Overview of Lecture

Parallel Numerical Algorithms Solution of Boundary Value Problems 1 Overview of Lecture General solution methods Relaxation methods Jacobi algorithm testing for convergence Gauss Seidel over-relaxation Notes

438 views • 29 slides
Adaptive wavelet algorithms for solving operator equations Tsogtgerel Gantumur General

Adaptive wavelet algorithms for solving operator equations Tsogtgerel Gantumur General

Adaptive wavelet algorithms for solving operator equations Tsogtgerel Gantumur General Mathematical Colloquium Mathematisch Instituut 21 September 2006 Overview Ideal benchmark: Nonlinear approximation Optimal adaptive wavelet algorithm

426 views • 20 slides
workflow TRIZ "a problem-solving, analysis and Ideal final result (IFR) - the

workflow TRIZ "a problem-solving, analysis and Ideal final result (IFR) - the

Tools available to use in a DFAM workflow TRIZ "a problem-solving, analysis and Ideal final result (IFR) - the ultimate forecasting tool derived from the idealistic solution of a problem study of patterns of invention in when the

359 views • 18 slides
Parallel QBF Solving: State of the Art Techniques and Future Perspectives Florian Lonsing

Parallel QBF Solving: State of the Art Techniques and Future Perspectives Florian Lonsing

Parallel QBF Solving: State of the Art Techniques and Future Perspectives Florian Lonsing Knowledge-Based Systems Group, Vienna University of Technology, Austria http://www.kr.tuwien.ac.at/staff/lonsing/ First Workshop on Parallel Constraint

716 views • 45 slides

More recommend