Your search keyword '"Polynomial arithmetic"' showing total 290 results

1. On sets of rational functions which locally represent all of [formula omitted].

Author

Klahn, Benjamin and König, Joachim

Subjects

*SET functions, *GALOIS theory, *POLYNOMIALS

Abstract

We investigate finite sets of rational functions { f 1 , f 2 , ... , f r } defined over some number field K satisfying that any t 0 ∈ K is a K p -value of one of the functions f i for almost all primes p of K. We give strong necessary conditions on the shape of functions appearing in a minimal set with this property, as well as numerous concrete examples showing that these necessary conditions are in a way also close to sufficient. We connect the problem to well-studied concepts such as intersective polynomials and arithmetically exceptional functions. [ABSTRACT FROM AUTHOR]

Published

2024

2. MCSat-Based Finite Field Reasoning in the Yices2 SMT Solver (Short Paper)

Author

Hader, Thomas, Kaufmann, Daniela, Irfan, Ahmed, Graham-Lengrand, Stéphane, Kovács, Laura, Hartmanis, Juris, Founding Editor, van Leeuwen, Jan, Series Editor, Hutchison, David, Editorial Board Member, Kanade, Takeo, Editorial Board Member, Kittler, Josef, Editorial Board Member, Kleinberg, Jon M., Editorial Board Member, Kobsa, Alfred, Series Editor, Mattern, Friedemann, Editorial Board Member, Mitchell, John C., Editorial Board Member, Naor, Moni, Editorial Board Member, Nierstrasz, Oscar, Series Editor, Pandu Rangan, C., Editorial Board Member, Sudan, Madhu, Series Editor, Terzopoulos, Demetri, Editorial Board Member, Tygar, Doug, Editorial Board Member, Weikum, Gerhard, Series Editor, Vardi, Moshe Y, Series Editor, Goos, Gerhard, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Woeginger, Gerhard, Editorial Board Member, Benzmüller, Christoph, editor, Heule, Marijn J.H., editor, and Schmidt, Renate A., editor

Published

2024

3. Faster Implementation of Ideal Lattice-Based Cryptography Using AVX512.

Author

DOUWEI LEI, DEBIAO HE, CONG PENG, MIN LUO, ZHE LIU, and XINYI HUANG

Subjects

QUANTUM computing, CRYPTOGRAPHY, ARITHMETIC, POLYNOMIALS, PUBLIC key cryptography

Abstract

With the development of quantum computing, the existing cryptography schemes based on classical cryptographic primitives will no longer be secure. Hence, cryptographers are designing post-quantum cryptographic (PQC) schemes, and ideal lattice-based cryptography has emerged as a prime candidate. Today, as ideal lattice-based cryptography becomes more mature, its performance becomes an important optimization goal. In ideal lattice-based cryptography, polynomial arithmetic and polynomial sampling are the most time-consuming operations and therefore need to be accelerated. In this article, taking advantage of the parallelism of new 512-bit advanced vector instructions (AVX512), we present parallel implementations of polynomial arithmetic and polynomial sampling, thus comprehensively improving their performance. We conduct experiments with the Dilithium scheme(one scheme of NIST PQC Standardization Process Round-4). Our implementation gets a nice performance boost compared to its pure C language and 256-bit advanced vector instructions (AVX2) implementation. [ABSTRACT FROM AUTHOR]

Published

2023

4. Efficient Hardware Arithmetic for Inverted Binary Ring-LWE Based Post-Quantum Cryptography.

Author

Imana, Jose L., He, Pengzhou, Bao, Tianyou, Tu, Yazheng, and Xie, Jiafeng

Subjects

*ARITHMETIC, *POLYNOMIAL rings, *ELLIPTIC curve cryptography, *SHIFT registers, *COMPUTATIONAL complexity, *QUANTUM cryptography, *CRYPTOGRAPHY

Abstract

Ring learning-with-errors (RLWE)-based encryption scheme is a lattice-based cryptographic algorithm that constitutes one of the most promising candidates for Post-Quantum Cryptography (PQC) standardization due to its efficient implementation and low computational complexity. Binary Ring-LWE (BRLWE) is a new optimized variant of RLWE, which achieves smaller computational complexity and higher efficient hardware implementations. In this paper, two efficient architectures based on Linear-Feedback Shift Register (LFSR) for the arithmetic used in Inverted Binary Ring-LWE (InvBRLWE)-based encryption scheme are presented, namely the operation of $A\cdot B+C$ over the polynomial ring $\mathbb {Z}_{q}/(x^{n}+1)$. The first architecture optimizes the resource usage for major computation and has a novel input processing setup to speed up the overall processing latency with minimized input loading cycles. The second architecture deploys an innovative serial-in serial-out processing format to reduce the involved area usage further yet maintains a regular input loading time-complexity. Experimental results show that the architectures presented here improve the complexities obtained by competing schemes found in the literature, e.g., involving 71.23% less area-delay product than recent designs. Both architectures are highly efficient in terms of area-time complexities and can be extended for deploying in different lightweight application environments. [ABSTRACT FROM AUTHOR]

Published

2022

5. A Deterministic Algorithm for Computing Divisors in an Interval

Author

Peng, Liqiang, Lu, Yao, Kunihiro, Noboru, Zhang, Rui, Hu, Lei, Hutchison, David, Editorial Board Member, Kanade, Takeo, Editorial Board Member, Kittler, Josef, Editorial Board Member, Kleinberg, Jon M., Editorial Board Member, Mattern, Friedemann, Editorial Board Member, Mitchell, John C., Editorial Board Member, Naor, Moni, Editorial Board Member, Pandu Rangan, C., Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Terzopoulos, Demetri, Editorial Board Member, Tygar, Doug, Editorial Board Member, Weikum, Gerhard, Series Editor, Goos, Gerhard, Founding Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Woeginger, Gerhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Susilo, Willy, editor, and Yang, Guomin, editor

Published

2018

6. Modular strategic SMT solving with SMT-RAT

Author

Kremer Gereon and Ábrahám Erika

Subjects

satisfiability modulo theories, polynomial arithmetic, strategic combination, 68-04, Electronic computers. Computer science, QA75.5-76.95

Abstract

In this paper we present the latest developments in SMT-RAT, a tool for the automated check of quantifier-free real and integer arithmetic formulas for satisfiability. As a distinguishing feature, SMT-RAT provides a set of solving modules and supports their strategic combination. We describe our CArL library for arithmetic computations, the available modules implemented on top of CArL, and how modules can be combined to satisfiability-modulo-theories (SMT) solvers. Besides the traditional SMT approach, some new modules support also the recently proposed and highly promising model-constructing satisfiability calculus approach.

Published

2018

7. Faster Implementation of Ideal Lattice-Based Cryptography Using AVX512

Author

Lei, Douwei, He, Debiao, Peng, Cong, Luo, Min, Liu, Zhe, Huang, Xinyi, Lei, Douwei, He, Debiao, Peng, Cong, Luo, Min, Liu, Zhe, and Huang, Xinyi

Abstract

With the development of quantum computing, the existing cryptography schemes based on classical cryptographic primitives will no longer be secure. Hence, cryptographers are designing post-quantum cryptographic (PQC) schemes, and ideal lattice-based cryptography has emerged as a prime candidate. Today, as ideal lattice-based cryptography becomes more mature, its performance becomes an important optimization goal. In ideal lattice-based cryptography, polynomial arithmetic and polynomial sampling are the most timeconsuming operations and therefore need to be accelerated. In this article, taking advantage of the parallelism of new 512-bit advanced vector instructions (AVX512), we present parallel implementations of polynomial arithmetic and polynomial sampling, thus comprehensively improving their performance. We conduct experiments with the Dilithium scheme(one scheme of NIST PQC Standardization Process Round-4). Our implementation gets a nice performance boost compared to its pure C language and 256-bit advanced vector instructions (AVX2) implementation.

Published

2023

8. Dense Arithmetic over Finite Fields with the CUMODP Library

Author

Haque, Sardar Anisul, Li, Xin, Mansouri, Farnam, Maza, Marc Moreno, Pan, Wei, Xie, Ning, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Kobsa, Alfred, Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Nierstrasz, Oscar, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Hong, Hoon, editor, and Yap, Chee, editor

Published

2014

9. The Basic Polynomial Algebra Subprograms

Author

Chen, Changbo, Covanov, Svyatoslav, Mansouri, Farnam, Maza, Marc Moreno, Xie, Ning, Xie, Yuzhen, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Kobsa, Alfred, Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Nierstrasz, Oscar, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Hong, Hoon, editor, and Yap, Chee, editor

Published

2014

10. Algorithms and Data Structures for Sparse Polynomial Arithmetic

Author

Mohammadali Asadi, Alexander Brandt, Robert H. C. Moir, and Marc Moreno Maza

Subjects

sparse polynomials, polynomial arithmetic, normal form, pseudo-division, pseudo-remainder, sparse data structures, Mathematics, QA1-939

Abstract

We provide a comprehensive presentation of algorithms, data structures, and implementation techniques for high-performance sparse multivariate polynomial arithmetic over the integers and rational numbers as implemented in the freely available Basic Polynomial Algebra Subprograms (BPAS) library. We report on an algorithm for sparse pseudo-division, based on the algorithms for division with remainder, multiplication, and addition, which are also examined herein. The pseudo-division and division with remainder operations are extended to multi-divisor pseudo-division and normal form algorithms, respectively, where the divisor set is assumed to form a triangular set. Our operations make use of two data structures for sparse distributed polynomials and sparse recursively viewed polynomials, with a keen focus on locality and memory usage for optimized performance on modern memory hierarchies. Experimentation shows that these new implementations compare favorably against competing implementations, performing between a factor of 3 better (for multiplication over the integers) to more than 4 orders of magnitude better (for pseudo-division with respect to a triangular set).

Published

2019

11. Efficient hardware arithmetic for inverted binary ring-LWE based post-quantum cryptography

Author

Imaña Pascual, José Luis, He, Pengzhou, Bao, Tianyou, Tu, Yazheng, Imaña Pascual, José Luis, He, Pengzhou, Bao, Tianyou, and Tu, Yazheng

Abstract

©2022 IEEE The work of José L. Imaña was supported in part by the Spanish Government Ministerio de Economia y Competitividad (MINECO) under Grant RTI2018-093684-B-I00 and in part by the Comunidad de Madrid under Grant S2018/TCS-4423. The work of Jiafeng Xie was supported by the National Science Foundation (NSF) Award under Grant SaTC-2020625 and Grant NIST-60NANB20D203., Ring learning-with-errors (RLWE)-based encryption scheme is a lattice-based cryptographic algorithm that constitutes one of the most promising candidates for Post-Quantum Cryptography (PQC) standardization due to its efficient implementation and low computational complexity. Binary Ring-LWE (BRLWE) is a new optimized variant of RLWE, which achieves smaller computational complexity and higher efficient hardware implementations. In this paper, two efficient architectures based on Linear-Feedback Shift Register (LFSR) for the arithmetic used in Inverted Binary Ring-LWE (InvBRLWE)-based encryption scheme are presented, namely the operation of A center dot B+C over the polynomial ring ${Z}_q/(x<^>n+1)$ . The first architecture optimizes the resource usage for major computation and has a novel input processing setup to speed up the overall processing latency with minimized input loading cycles. The second architecture deploys an innovative serial-in serial-out processing format to reduce the involved area usage further yet maintains a regular input loading time-complexity. Experimental results show that the architectures presented here improve the complexities obtained by competing schemes found in the literature, e.g., involving 71.23% less area-delay product than recent designs. Both architectures are highly efficient in terms of area-time complexities and can be extended for deploying in different lightweight application environments., Ministerio de Ciencia e Innovación (MICINN), Comunidad de Madrid, Sección Deptal. de Arquitectura de Computadores y Automática (Físicas), Fac. de Ciencias Físicas, TRUE, pub

Published

2022

12. Arb: Efficient Arbitrary-Precision Midpoint-Radius Interval Arithmetic.

Author

Johansson, Fredrik

Subjects

*ARBITRARY constants, *INTERVAL analysis, *FLOATING-point arithmetic, *POLYNOMIALS, *REAL numbers

Abstract

Arb is a C library for arbitrary-precision interval arithmetic using the midpoint-radius representation, also known as ball arithmetic. It supports real and complex numbers, polynomials, power series, matrices, and evaluation of many special functions. The core number types are designed for versatility and speed in a range of scenarios, allowing performance that is competitive with non-interval arbitrary-precision types such as MPFR and MPC floating-point numbers. We discuss the low-level number representation, strategies for precision and error bounds, and the implementation of efficient polynomial arithmetic with interval coefficients. [ABSTRACT FROM AUTHOR]

Published

2017

13. Rings: An efficient Java/Scala library for polynomial rings.

Author

Poslavsky, Stanislav

Subjects

*POLYNOMIAL rings, *POLYNOMIALS, *FACTORIZATION, *FUNCTIONAL programming (Computer science), *ALGORITHMS

Abstract

Abstract In this paper we briefly discuss Rings — an efficient lightweight library for commutative algebra. Polynomial arithmetic, GCDs, polynomial factorization and Gröbner bases are implemented with the use of modern asymptotically fast algorithms. Rings can be easily interacted or embedded in applications in high-energy physics and other research areas via a simple API with fully typed hierarchy of algebraic structures and algorithms for commutative algebra. The use of the Scala language brings a quite novel powerful, strongly typed functional programming model allowing to write short, expressive, and fast code for applications. At the same time Rings shows one of the best performances among existing software for algebraic calculations. Program summary Program Title: Rings Program Files doi: http://dx.doi.org/10.17632/2k79hftjy9.1 Licensing provisions: Apache 2.0 Programming language: Java, Scala Nature of problem: Fast methods for rational function arithmetic, simplification of polynomial expressions, Gröbner bases and other related computer algebra methods naturally arising in physical applications Solution method: Efficient implementation of modern asymptotically fast algorithms in Java language External routines: Java 8 and higher, Scala 2.11 or 2.12 Additional comments: project page: https://github.com/PoslavskySV/rings , documentation: http://rings.readthedocs.io/en/latest/ [ABSTRACT FROM AUTHOR]

Published

2019

14. On the Extended Hensel Construction and its application to the computation of real limit points

Author

Marc Moreno Maza, Masoud Ataei, Parisa Alvandi, and Mahsa Kazemi

Subjects

Computational Mathematics, Triangular decomposition, Algebra and Number Theory, ComputingMethodologies_SYMBOLICANDALGEBRAICMANIPULATION, Limit point, Polynomial arithmetic, Univariate, Applied mathematics, Limit (mathematics), Rational function, Algebraic number, Regular chain, Mathematics

Abstract

The Extended Hensel Construction (EHC) is a procedure which, for an input bivariate polynomial with complex coefficients, can serve the same purpose as the Newton-Puiseux algorithm, and, for the multivariate case, can be seen as an effective variant of Jung-Abhyankar Theorem. We show that the EHC requires only linear algebra and univariate polynomial arithmetic. We deduce complexity estimates and report on a software implementation together with experimental results. This work is motivated and illustrated by two applications. The first one is the computation of real branches of space curves. The second one is the computation of limits of real multivariate rational function. For the latter, we present an algorithm for determining the existence of the limit of a real multivariate rational function q at a given point p which is an isolated zero of the denominator of q. When the limit exists, the algorithm computes it, without making any assumption on the number of variables. A process, which extends the work of Cadavid, Molina and Velez, reduces the multivariate setting to computing limits of bivariate rational functions. By using regular chain theory and triangular decomposition of semi-algebraic systems, we avoid the computation of singular loci and the decomposition of algebraic sets into irreducible components.

Published

2020

15. Elliptic curve cryptography arithmetic in terms of one variable polynomial division

Author

B. K. Lande, Santoshi Pote, and Virendra Sule

Subjects

Pure mathematics, Algebra and Number Theory, Euclidean division, Applied Mathematics, Polynomial arithmetic, 010103 numerical & computational mathematics, 02 engineering and technology, 01 natural sciences, Polynomial long division, Elliptic curve, Finite field, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Point (geometry), Hardware_ARITHMETICANDLOGICSTRUCTURES, 0101 mathematics, Elliptic curve cryptography, Analysis, Mathematics, Variable (mathematics)

Abstract

This paper develops an approach for point addition and doubling on elliptic curves over finite fields using one variable polynomial arithmetic based on Euclidean division. This approach suc...

Published

2020

16. Non-Linear SMT-Reasoning over Finite Fields

Author

Hader, Thomas

Subjects

SMT solving, satisfiability, finite fields, polynomial arithmetic, automated reasoning

Abstract

Nichtlineare Polynome ��ber endliche K��rper haben zahlreiche Anwendungen in der Kryptographie, da sie schwer zu l��sen sind. In dieser Arbeit befassen wir uns mit diesem Problem und pr��sentieren eine automatische Entscheidungsprozedur f��r die Erf��llbarkeit von Systemen nichtlinearer Polynome ��ber endliche K��rper. Unser Ansatz besteht aus einer Conflict-Driven Clause Learning (CDCL) Suchprozedur die bereits erfolgreich f��r Systeme nichtlinearer Polynome ��ber die reellen Zahlen verwendet wurde. Wir zeigen, dass eine solche Prozedur auch f��r Systeme von Polynomen ��ber endliche K��rper verwendet werden kann. Neben der Suchprozedur selbst pr��sentieren wir zwei verschiedene Ans��tze zum Verarbeiten der Polynome basierend auf der Eliminationstheorie und Gr��bnerbasen. Wir vergleichen unseren Ansatz mit aktuellen L��sungsverfahren und beurteilen unsere Ergebnisse., Non-linear polynomial systems over finite fields are widely found in cryptography, as they are known to be hard to solve. In this thesis, we address this challenge and propose an automated reasoning procedure for deciding the satisfiability of a system on non-linear equations over finite fields. Our approach performs a Conflict-Driven Clause Learning (CDCL) style search, which has been successfully applied to deciding satisfiability of non-linear arithmetic constraints in the past. We show that CDCL can be utilized for the problem of solving non-linear polynomial systems and present the search procedure as well as two different theory solving back-end approaches utilizing elimination theory as well as Gr��bner bases. In addition, we are comparing our approach to state-of-the-art procedures and give an evaluation of the results.

Published

2022

17. Efficient Number Theoretic Transform Implementation On Gpu For Homomorphic Encryption

Author

Erkay Savas, Erdinc Ozturk, Özgün Özerk, Can Elgezen, and Ahmet Can Mert

Subjects

Key generation, Computational complexity theory, business.industry, Computer science, Polynomial arithmetic, Homomorphic encryption, Cryptography, Cloud computing, Parallel computing, Encryption, Theoretical Computer Science, Hardware and Architecture, Multiplication, business, Software, Computer Science::Cryptography and Security, Information Systems

Abstract

Lattice-based cryptography forms the mathematical basis for current homomorphic encryption schemes, which allows computation directly on encrypted data. Homomorphic encryption enables privacy-preserving applications such as secure cloud computing; yet, its practical applications suffer from the high computational complexity of homomorphic operations. Fast implementations of the homomorphic encryption schemes heavily depend on efficient polynomial arithmetic, multiplication of very large degree polynomials over polynomial rings, in particular. Number theoretic transform (NTT) accelerates large polynomial multiplication significantly, and therefore, it is the core arithmetic operation in the majority of homomorphic encryption scheme implementations. Therefore, practical homomorphic applications require efficient and fast implementations of NTT in different computing platforms. In this work, we present an efficient and fast implementation of NTT, inverse NTT and NTT-based polynomial multiplication operations for GPU platforms. To demonstrate that our GPU implementation can be utilized as an actual accelerator, we experimented with the key generation, the encryption and the decryption operations of the Brakerski/Fan–Vercauteren (BFV) homomorphic encryption scheme implemented in Microsoft’s SEAL homomorphic encryption library on GPU, all of which heavily depend on the NTT-based polynomial multiplication. Our GPU implementations improve the performance of these three BFV operations by up to 141.95 $$\times$$ , 105.17 $$\times$$ and 90.13 $$\times$$ , respectively, on Tesla v100 GPU compared to the highly optimized SEAL library running on an Intel i9-7900X CPU.

Published

2022

18. AVRNTRU: Lightweight NTRU-based Post-Quantum Cryptography for 8-bit AVR Microcontrollers

Author

Interdisciplinary Centre for Security, Reliability and Trust (SnT) > Applied Security and Information Assurance Group (APSIA) [research center], European Commission - EC [sponsor], Cheng, Hao, Groszschädl, Johann, Roenne, Peter, Ryan, Peter Y A, Interdisciplinary Centre for Security, Reliability and Trust (SnT) > Applied Security and Information Assurance Group (APSIA) [research center], European Commission - EC [sponsor], Cheng, Hao, Groszschädl, Johann, Roenne, Peter, and Ryan, Peter Y A

Abstract

Introduced in 1996, NTRUEncrypt is not only one of the earliest but also one of the most scrutinized lattice-based cryptosystems and expected to remain secure in the upcoming era of quantum computing. Furthermore, NTRUEncrypt offers some efficiency benefits over “pre-quantum” cryptosystems like RSA or ECC since the low-level arithmetic operations are less computation-intensive and, thus, more suitable for constrained devices. In this paper we present AVR N TRU, a highly-optimized implementation of NTRUEncrypt for 8-bit AVR microcontrollers that we developed from scratch to reach high performance and resistance to timing attacks. AVR N TRU complies with the EESS #1 v3.1 specification and supports product-form parameter sets such as ees443ep1, ees587ep1, and ees743ep1. An entire encryption (including mask generation and blinding-polynomial generation) using the ees443ep1 parameters requires 847973 clock cycles on an ATmega1281 microcontroller; the decryption is more costly and has an execution time of 1051871 cycles. We achieved these results with the help of a novel hybrid technique for multiplication in a truncated polynomial ring, whereby one of the operands is a sparse ternary polynomial in product form and the other an arbitrary element of the ring. A constant-time multiplication in the ring given by the ees443ep1 parameters takes only 192577 cycles, which sets a new speed record for the arithmetic part of a lattice-based cryptosystem on AVR.

Published

2021

19. Dissipative polynomials

Author

William B. Langdon, Justyna Petke, and David H. Clark

Subjects

Neutral network, Nonlinear system, Test case, Floating point, Computer science, Polynomial arithmetic, Dissipative system, Genetic programming, Statistical physics, Entropy (arrow of time)

Abstract

Limited precision floating point computer implementations of large polynomial arithmetic expressions are nonlinear and dissipative. They are not reversible (irreversible, lack conservation), lose information, and so are robust to perturbations (anti-fragile) and resilient to fluctuations. This gives a largely stable locally flat evolutionary neutral fitness search landscape. Thus even with a large number of test cases, both large and small changes deep within software typically have no effect and are invisible externally. Shallow mutations are easier to detect but their RMS error need not be simple.

Published

2021

20. Polynomial-Division-Based Algorithms for Computing Linear Recurrence Relations

Author

Jérémy Berthomieu, Jean-Charles Faugère, Polynomial Systems (PolSys), LIP6, Sorbonne Université (SU)-Centre National de la Recherche Scientifique (CNRS)-Sorbonne Université (SU)-Centre National de la Recherche Scientifique (CNRS), CryptoNext Security, Inria de Paris, Institut National de Recherche en Informatique et en Automatique (Inria), PGMO grant P-2019-0018 CAMiSAdo, ANR-18-CE33-0011,SESAME,Singularités Et Stabilité des AsservisseMEnts référencés capteurs(2018), ANR-19-CE48-0015,ECARP,Algorithmes efficaces et exacts pour la planification de trajectoire en robotique(2019), ANR-19-CE40-0018,DeRerumNatura,Décider l'irrationalité et la transcendance(2019), European Project: 813211,H2020,POEMA(2019), European Project: 813211,H2020-EU.1.3. - EXCELLENT SCIENCE - Marie Skłodowska-Curie Actions (Main Programme), and H2020-EU.1.3.1. - Fostering new skills by means of excellent initial training of researchers ,10.3030/813211,POEMA(2019)

Subjects

Computer Science - Symbolic Computation, Polynomial, Monomial, 010103 numerical & computational mathematics, 0102 computer and information sciences, 01 natural sciences, Polynomial long division, Gröbner basis, Padé approximants, ComputingMethodologies_SYMBOLICANDALGEBRAICMANIPULATION, Computer Science::Symbolic Computation, 0101 mathematics, Mathematics, Extended Euclidean algorithm, [INFO.INFO-SC]Computer Science [cs]/Symbolic Computation [cs.SC], Algebra and Number Theory, Polynomial arithmetic, Monomial ideal, Computational Mathematics, 010201 computation theory & mathematics, Linear algebra, Gröbner bases, linear recursive sequences, Algorithm, Berlekamp-Massey-Sakata

Abstract

International audience; Sparse polynomial interpolation, sparse linear system solving or modular rational reconstruction are fundamental problems in Computer Algebra. They come down to computing linear recurrence relations of a sequence with the Berlekamp-Massey algorithm. Likewise, sparse multivariate polynomial interpolation and multidimensional cyclic code decoding require guessing linear recurrence relations of a multivariate sequence.Several algorithms solve this problem. The so-called Berlekamp-Massey-Sakata algorithm (1988) uses polynomial additions and shifts by a monomial. The Scalar-FGLM algorithm (2015) relies on linear algebra operations on a multi-Hankel matrix, a multivariate generalization of a Hankel matrix. The Artinian Gorenstein border basis algorithm (2017) uses a Gram-Schmidt process.We propose a new algorithm for computing the Gröbner basis of the ideal of relations of a sequence based solely on multivariate polynomial arithmetic. This algorithm allows us to both revisit the Berlekamp-Massey-Sakata algorithm through the use of polynomial divisions and to completely revise the Scalar-FGLM algorithm without linear algebra operations.A key observation in the design of this algorithm is to work on the mirror of the truncated generating series allowing us to use polynomial arithmetic modulo a monomial ideal. It appears to have some similarities with Padé approximants of this mirror polynomial.As an addition from the paper published at the ISSAC conferance, we give an adaptive variant of this algorithm taking into account the shape of the final Gröbner basis gradually as it is discovered. The main advantage of this algorithm is that its complexity in terms of operations and sequence queries only depends on the output Gröbner basis.All these algorithms have been implemented in Maple and we report on our comparisons.

Published

2021

21. The Synthesis of Robust Polynomial Arithmetic with Stochastic Logic.

Author

Weikang Qian and Riedel, Marc D.

Subjects

INTEGRATED circuits, SCALING laws (Statistical physics), DIGITAL signal processing, POLYNOMIALS, BOOLEAN algebra

Abstract

As integrated circuit technology plumbs ever greater depths in the scaling of feature sizes, maintaining the paradigm of deterministic Boolean computation is increasingly challenging. Indeed, mounting concerns over noise and uncertainty in signal values motivate a new approach: the design of stochastic logic, that is to say, digital circuitry that processes signals probabilistically, and so can cope with errors and uncertainty. In this paper, we present a general methodology for synthesizing stochastic logic for the computation of polynomial arithmetic functions, a category that is important for applications such as digital signal processing. The method is based on converting polynomials into a particular mathematical form — Bernstein polynomials — and then implementing the computation with stochastic logic. The resulting logic processes serial or parallel streams that are random at the bit level. In the aggregate, the computation becomes accurate, since the results depend only on the precision of the statistics. Experiments show that our method produces circuits that are highly tolerant of errors in the input stream, while the area-delay product of the circuit is comparable to that of deterministic implementations. [ABSTRACT FROM AUTHOR]

Published

2008

22. AVRNTRU: Lightweight NTRU-based Post-Quantum Cryptography for 8-bit AVR Microcontrollers

Author

Cheng, Hao, Groszschädl, Johann, Roenne, Peter, Ryan, Peter Y A, European Commission - EC [sponsor], and Interdisciplinary Centre for Security, Reliability and Trust (SnT) > Applied Security and Information Assurance Group (APSIA) [research center]

Subjects

Computer science [C05] [Engineering, computing & technology], Post-quantum cryptography, Constant-time implementation, Polynomial arithmetic, Product-form polynomials, Hardware_ARITHMETICANDLOGICSTRUCTURES, Sciences informatiques [C05] [Ingénierie, informatique & technologie]

Abstract

Introduced in 1996, NTRUEncrypt is not only one of the earliest but also one of the most scrutinized lattice-based cryptosystems and expected to remain secure in the upcoming era of quantum computing. Furthermore, NTRUEncrypt offers some efficiency benefits over “pre-quantum” cryptosystems like RSA or ECC since the low-level arithmetic operations are less computation-intensive and, thus, more suitable for constrained devices. In this paper we present AVR N TRU, a highly-optimized implementation of NTRUEncrypt for 8-bit AVR microcontrollers that we developed from scratch to reach high performance and resistance to timing attacks. AVR N TRU complies with the EESS #1 v3.1 specification and supports product-form parameter sets such as ees443ep1, ees587ep1, and ees743ep1. An entire encryption (including mask generation and blinding-polynomial generation) using the ees443ep1 parameters requires 847973 clock cycles on an ATmega1281 microcontroller; the decryption is more costly and has an execution time of 1051871 cycles. We achieved these results with the help of a novel hybrid technique for multiplication in a truncated polynomial ring, whereby one of the operands is a sparse ternary polynomial in product form and the other an arbitrary element of the ring. A constant-time multiplication in the ring given by the ees443ep1 parameters takes only 192577 cycles, which sets a new speed record for the arithmetic part of a lattice-based cryptosystem on AVR.

Published

2021

23. Automatic Test Case Generation for Vulnerability Analysis of Galois Field Arithmetic Circuits

Author

Meghana Kshirsagar, Krishn Kumar Gupt, Conor Ryan, and Joe Sullivan

Subjects

Digital electronics, Correctness, Computer science, Irreducible polynomial, business.industry, 020208 electrical & electronic engineering, Galois theory, Polynomial arithmetic, Field (mathematics), 02 engineering and technology, Finite field, Test case, 0202 electrical engineering, electronic engineering, information engineering, Arithmetic, business

Abstract

The research work proposes a framework for checking the correctness of Galois field arithmetic operations in digital circuits. The authors propose to automatically generate the test cases from the user input, avoiding reliance upon predesigned test cases, comprising Galois field-width and respective choice of irreducible polynomial. We do this through the use of polynomial arithmetic to verify the circuits. To the best of author's knowledge, though extensive work has been carried out in optimising the performance of arithmetic operations in Galois field, there exist no testbench to evaluate the efficacy of hardware circuits incorporating this concept. By automating the process of generating test cases, the work can be scaled to test circuits of arbitrarily large field widths, thus providing a flexible architecture that guarantees correctness of the underlying design under test. We present simulation results for Galois field polynomials of width $\mathbf{GF}(2^{2})$ ), $\mathbf{GF}(2^{4})$ and $\mathbf{GF}(2^{8})$ . This work can be applied to test and prevent intentional tampering of data bit stream and safeguarding it against malicious activities, especially in applications such as cryptography that heavily relies on Galois field arithmetic.

Published

2021

24. Proving Non-termination by Program Reversal

Author

Petr Novotný, Đorđe Žikelić, Ehsan Kafshdar Goharshady, and Krishnendu Chatterjee

Subjects

FOS: Computer and information sciences, Computer Science - Programming Languages, Computer science, media_common.quotation_subject, Polynomial arithmetic, 020207 software engineering, 02 engineering and technology, Static analysis, Transition system, 0202 electrical engineering, electronic engineering, information engineering, Leverage (statistics), 020201 artificial intelligence & image processing, Simplicity, Completeness (statistics), Algorithm, Invariant (computer science), Integer (computer science), media_common, Programming Languages (cs.PL)

Abstract

We present a new approach to proving non-termination of non-deterministic integer programs. Our technique is rather simple but efficient. It relies on a purely syntactic reversal of the program's transition system followed by a constraint-based invariant synthesis with constraints coming from both the original and the reversed transition system. The latter task is performed by a simple call to an off-the-shelf SMT-solver, which allows us to leverage the latest advances in SMT-solving. Moreover, our method offers a combination of features not present (as a whole) in previous approaches: it handles programs with non-determinism, provides relative completeness guarantees and supports programs with polynomial arithmetic. The experiments performed with our prototype tool RevTerm show that our approach, despite its simplicity and stronger theoretical guarantees, is at least on par with the state-of-the-art tools, often achieving a non-trivial improvement under a proper configuration of its parameters.

Published

2021

25. Intel HEXL: Accelerating Homomorphic Encryption with Intel AVX512-IFMA52

Author

Fabian Boemer, Gelila Seifu, Sejun Kim, Vinodh Gopal, and Fillipe D. M. de Souza

Subjects

Instruction set, FOS: Computer and information sciences, Polynomial, Computer Science - Cryptography and Security, Finite field, Speedup, Modular arithmetic, Computer science, Polynomial arithmetic, Homomorphic encryption, Parallel computing, Cryptography and Security (cs.CR)

Abstract

Modern implementations of homomorphic encryption (HE) rely heavily on polynomial arithmetic over a finite field. This is particularly true of the CKKS, BFV, and BGV HE schemes. Two of the biggest performance bottlenecks in HE primitives and applications are polynomial modular multiplication and the forward and inverse number-theoretic transform (NTT). Here, we introduce Intel Homomorphic Encryption Acceleration Library (Intel HEXL), a C++ library which provides optimized implementations of polynomial arithmetic for Intel processors. Intel HEXL takes advantage of the recent Intel Advanced Vector Extensions 512 (Intel AVX512) instruction set to provide state-of-the-art implementations of the NTT and modular multiplication. On the forward and inverse NTT, Intel HEXL provides up to 7.2x and 6.7x speedup, respectively, over a native C++ implementation. Intel HEXL also provides up to 6.0x speedup on the element-wise vector-vector modular multiplication, and 1.7x speedup on the element-wise vector-scalar modular multiplication. Intel HEXL is available open-source at https://github.com/intel/hexl under the Apache 2.0 license and has been adopted by the Microsoft SEAL and PALISADE homomorphic encryption libraries.

Published

2021

26. Applying Front End Compiler Process to Parse Polynomials in Parallel

Author

Tsegaye, Amha W

Subjects

Merge Sort, Computer Sciences, High-Performance, BPAS, Sparse Polynomials, Parallel Parsing, Polynomial Arithmetic, Data Structures, Polynomial Parsing, Mathematics

Abstract

Parsing large expressions, in particular large polynomial expressions, is an important task for computer algebra systems. Despite of the apparent simplicity of the problem, its efficient software implementation brings various challenges. Among them is the fact that this is a memory bound application for which a multi-threaded implementation is necessarily limited by the characteristics of the memory organization of supporting hardware. In this thesis, we design, implement and experiment with a multi-threaded parser for large polynomial expressions. We extract parallelism by splitting the input character string, into meaningful sub-strings that can be parsed concurrently before being merged into a single polynomial. Our implementation targeting multi-core processors is realized with the Basic Polynomial Algebra Subprograms (BPAS). Experimental results show that the approach is promising both in terms of speedup factors and memory consumption.

Published

2020

27. Efficient arithmetic expression optimization with weighted adjoint matrix

Author

Zixin Guan, Chun Yang, and Xiahua Liu

Subjects

Polynomial, 021103 operations research, Computer science, business.industry, Polynomial arithmetic, 0211 other engineering and technologies, Optimizing compiler, 02 engineering and technology, Encryption, 020202 computer hardware & architecture, 0202 electrical engineering, electronic engineering, information engineering, Canonical form, Binary code, Arithmetic, business, Instruction-level parallelism, Software architecture description

Abstract

Polynomial arithmetic expressions are frequently used in encryption, decryption, digital signal processing and many other embedded applications. Compiler optimization for polynomial expressions can improve the performance of the embedded applications. This article presents an improved compiler optimization method for multiple arithmetic polynomial expressions. Considering the semantic and timing information of arithmetic instructions, the algorithm uses a canonical representation for all expressions, taking consideration of times of execution, architecture feature and control-flow information. It calculates sub-expressions’ weights based on the target architecture description and heuristically choose the sub-expressions. It achieves better instruction level parallelism from the consideration of sub-expressions’ weights, which contains architecture information. Experiment results show that compared to traditional optimization methods, this algorithm further improves the code density and the performance of the generated binary codes.

Published

2020

28. PolKA: Polynomial Key-based Architecture for Source Routing in Network Fabrics

Author

Cristina K. Dominicini, Alexander Gorodnik, Moises V. Ribeiro, Magnos Martinello, Rodolfo da Silva Villaça, Ana C. Locateli, and Diego Rossi Mafioletti

Subjects

business.industry, Network packet, Computer science, Polynomial arithmetic, 020206 networking & telecommunications, 02 engineering and technology, Source routing, Residue number system, Networking hardware, 020202 computer hardware & architecture, Header, 0202 electrical engineering, electronic engineering, information engineering, Routing (electronic design automation), business, Software-defined networking, Computer network

Abstract

Source routing (SR) is a prominent alternative to table-based routing for reducing the number of network states. However, traditional SR approaches, based on Port Switching, still maintain a state in the packet by using a header rewrite operation. The residue number system (RNS) is a promising way of executing fully stateless SR, in which forwarding decisions at core nodes rely on a simple modulo operation over a route label. Nevertheless, such operation over integer arithmetic is not natively supported by commodity network hardware. Thus, we propose a novel RNS-based SR scheme, named PolKA, that explores binary polynomial arithmetic using Galois field (GF) of order 2. We evaluate PolKA in comparison to Port Switching by implementing emulated and hardware prototypes using P4 architecture. Results show that PolKA can achieve equivalent performance, while providing advanced routing features, such as fast failure reaction and agile path migration.

Published

2020

29. Smoothness Test for Polynomials Defined Over Small Characteristic Finite Fields

Author

Gora Adj, Francisco Rodríguez-Henríquez, Luis Rivera-Zamarripa, and Isaac Canales-Martínez

Subjects

060201 languages & linguistics, Discrete mathematics, Ring (mathematics), Polynomial, Smoothness (probability theory), Degree (graph theory), Applied Mathematics, Polynomial ring, Polynomial arithmetic, Field (mathematics), 06 humanities and the arts, 02 engineering and technology, Computational Mathematics, Finite field, Computational Theory and Mathematics, 0602 languages and literature, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Mathematics

Abstract

The problem of determining whether a polynomial defined over a finite field ring is smooth or not with respect to a given degree, is the most intensive arithmetic operation of the so-called descent phase of index-calculus algorithms. In this paper, we present an analysis and efficient implementation of Coppersmith’s smoothness test for polynomials defined over finite fields with characteristic three. As a case study, we review the best strategies for obtaining a fast field and polynomial arithmetic for polynomials defined over the ring $$F_q[X],$$ with $$q=3^6,$$ and report the timings achieved by our library when computing the smoothness test applied to polynomials of several degrees defined in that ring. This software library was recently used in Adj et al. (Cryptology 2016. http://eprint.iacr.org/2016/914 ), as a building block for achieving a record computation of discrete logarithms over the 4841-bit field $${{\mathbb {F}}}_{3^{6\cdot 509}}$$ .

Published

2018

30. An experimental study of encrypted polynomial arithmetics for private set operations

Author

Benjamin Z. Kim and Myungsun Kim

Subjects

Polynomial, Computational complexity theory, Computer Networks and Communications, Computer science, Fast Fourier transform, Polynomial arithmetic, Karatsuba algorithm, 020206 networking & telecommunications, 02 engineering and technology, Set (abstract data type), Cardinality, 0202 electrical engineering, electronic engineering, information engineering, Set operations, 020201 artificial intelligence & image processing, Arithmetic, Information Systems

Abstract

Recent studies on the performance of private set operations have examined the use of homomorphic public-key encryption and the technique of representing sets as polynomials in a cryptographic model. These polynomial-based solutions require intensive polynomial arithmetic that exhibit quadratic computational complexity. In an effort to develop practical algorithms for private set operations, various well-known techniques such as Karatsuba’s algorithm or the fast Fourier transform (FFT) can be used to reduce the complexity of polynomial computations. The FFT appears to be the obvious best choice; however, the use of FFTs in the implementation of polynomial-based set operations may lead to certain subtle technical problems. These problems become particularly serious when the cardinality of the sets is dynamic. Furthermore, our experiment shows that Karatsuba’s algorithm delivers higher performance than the FFT in our application, provided that a reasonable response time is important. In addition, our experimental implementation demonstrates the heuristic bound on cardinality for which Karatsuba’s algorithm outperforms the FFT. This value can be used to determine the superior optimization techniques and settings in the deployment of private set operation schemes.

Published

2017

31. NP-complete problems for systems of Linear polynomial’s values divisibilities

Author

Mikhail R. Starchak, N. K. Kosovskii, T. M. Kosovskaya, and N. N. Kosovskii

Subjects

Discrete mathematics, NEXPTIME, Series (mathematics), Divisor, General Mathematics, 010102 general mathematics, Polynomial arithmetic, Polynomial remainder theorem, Divisibility rule, 01 natural sciences, 010305 fluids & plasmas, Square-free polynomial, Combinatorics, 0103 physical sciences, 0101 mathematics, Mathematics

Abstract

The paper studies the algorithmic complexity of subproblems for satisfiability in positive integers of simultaneous divisibility of linear polynomials with nonnegative coefficients. In the general case, it is not known whether this problem is in the class NP, but that it is in NEXPTIME is known. The NP-completeness of two series of restricted versions of this problem such that a divisor of a linear polynomial is a number in the first case, and a linear polynomial is a divisor of a number in the second case is proved in the paper. The parameters providing the NP-completeness of these problems have been established. Their membership in the class P has been proven for smaller values of these parameters. For the general problem SIMULTANEOUS DIVISIBILITY OF LINEAR POLYNOMIALS, NP-hardness has been proven for its particular case, when the coefficients of the polynomials are only from the set {1, 2} and constant terms are only from the set {1, 5}.

Published

2017

32. Efficient q-Integer Linear Decomposition of Multivariate Polynomials

Author

Hui Huang, George Labahn, Eugene V. Zima, and Mark Giesbrecht

Subjects

FOS: Computer and information sciences, Maple, Computer Science - Symbolic Computation, Multivariate statistics, Algebra and Number Theory, Computation, 010102 general mathematics, Polynomial arithmetic, Unique factorization domain, 010103 numerical & computational mathematics, Mathematics - Rings and Algebras, Symbolic Computation (cs.SC), engineering.material, 01 natural sciences, Ring of integers, Algebra, Computational Mathematics, Rings and Algebras (math.RA), ComputingMethodologies_SYMBOLICANDALGEBRAICMANIPULATION, FOS: Mathematics, engineering, Decomposition (computer science), 0101 mathematics, Mathematics, Integer (computer science)

Abstract

We present two new algorithms for the computation of the q-integer linear decomposition of a multivariate polynomial. Such a decomposition is essential for the treatment of q-hypergeometric symbolic summation via creative telescoping and for describing the q-counterpart of Ore-Sato theory. Both of our algorithms require only basic integer and polynomial arithmetic and work for any unique factorization domain containing the ring of integers. Complete complexity analyses are conducted for both our algorithms and two previous algorithms in the case of multivariate integer polynomials, showing that our algorithms have better theoretical performances. A Maple implementation is also included which suggests that our algorithms are much faster in practice than previous algorithms.

Published

2020

33. Mathematical Fundamentals II: Abstract Algebra

Author

Amos R. Omondi

Subjects

Algebra, Section (typography), Polynomial arithmetic, Subtraction, Multiplication, Hardware_ARITHMETICANDLOGICSTRUCTURES, Division (mathematics), Mathematical structure, Abstract algebra, Real number, Mathematics

Abstract

Ordinary arithmetic has the basic operations of addition, subtraction, multiplication, and division defined over the integers and the real numbers. Similar operations can be defined over other mathematical structures—certain subsets of integers, polynomials, matrices, and so forth. This chapter is a short discussion on such generalizations. The first section of the chapter is an introduction to two types of abstract mathematical structures that are especially important in cryptography: groups and fields. The second section consists of a review of ordinary polynomial arithmetic. The third section draws on the first two sections and covers polynomial arithmetic over certain types of fields. And the last section is on the construction of some fields that are especially important in cryptography.

Published

2020

34. Residue polynomial systems

Author

Turner, Peter R.

Subjects

*POLYNOMIAL operators, *NUMBER systems, *ARITHMETIC

Abstract

In this paper, we present the basic ideas of the residue polynomial system (RPS), a polynomial analog of the familiar residue number systems (RNS) of integer arithmetic. Many of the properties of the RNS are shared by the RPS. The main exception is that division of polynomials in the RPS is much more tractable than its integer counterpart. Examples are included throughout. The underlying field of coefficients for polynomials under consideration can be the reals or the rationals, though extension to the complex field will be needed for division by irreducible quadratic factors. [Copyright &y& Elsevier]

Published

2002

35. On Short Multiplications and Divisions.

Author

Mulders, Thom

Abstract

Computing only the low degree terms of the product of two univariate polynomials is called a short multiplication. By decomposition into subproblems, a short multiplication can be reduced to appropriate addition of the results of a number of full multiplications. In this paper a new way of choosing the size of the subproblems is proposed. Computing the quotient of two polynomials is called a short division. The ideas used in the short multiplication algorithm are transferred to an algorithm for short divisions. Finally, several applications of short multiplications and divisions are pointed out. [ABSTRACT FROM AUTHOR]

Published

2000

36. Ring-LWE Public Key Encryption Processor

Author

Ingrid Verbauwhede and Sujoy Sinha Roy

Subjects

Hardware architecture, Ring (mathematics), Computer science, business.industry, Gaussian, Polynomial arithmetic, Encryption, GeneralLiterature_MISCELLANEOUS, Public-key cryptography, symbols.namesake, symbols, Multiplication, Arithmetic, business, Encoder

Abstract

In this chapter we analyze the \(\mathtt {LPR}\) ring-LWE public key encryption scheme of Sect. 2.4.1 and design a compact hardware architecture of the encryption processor. From Fig. 2.4 of Sect. 2.4.1, we see that the \(\mathtt {LPR}\) encryption scheme is composed of a discrete Gaussian sampler, a polynomial arithmetic (addition/multiplication) unit, a message encoder and a message decoder. In the last chapter we described how to design the discrete Gaussian sampler efficiently. In this chapter we first design a novel polynomial arithmetic unit and integrate it with the discrete Gaussian sampler to realize the ring-LWE public key encryption processor.

Published

2019

37. Advances and Challenges of Rank Metric Cryptography Implementations

Author

Rusydi H. Makarim, Victor Mateu, Emanuele Bellini, Chiara Marcolla, Florian Caullery, and Marc Manzano

Subjects

Post-quantum cryptography, 021103 operations research, Theoretical computer science, business.industry, Computer science, Polynomial arithmetic, Rank (computer programming), 0211 other engineering and technologies, Hamming distance, Cryptography, 02 engineering and technology, Finite field, Metric (mathematics), 0202 electrical engineering, electronic engineering, information engineering, Cryptosystem, 020201 artificial intelligence & image processing, business

Abstract

Recent works on reducing the size of Error Correcting Codes have investigated the usage of rank metric instead of Hamming metric. Numerous proposals for the NIST Post-Quantum Cryptography competition, including four second round candidates, rely on these codes. In this paper, we discuss several non-trivial issues when porting these schemes into real-world systems on different platforms, such as Intel x86, Armv6 and Armv8. We provide insights on how to implement the underlying finite field and polynomial arithmetic, or the generation of errors of a given rank in constant-time, and report execution time of several rank-based cryptosystems, showing that the achieved performance is similar to those of some of the most popular lattice-based cryptosystems.

Published

2019

38. Efficient Integer-Linear Decomposition of Multivariate Polynomials

Author

Mark Giesbrecht, Hui Huang, George Labahn, and Eugene V. Zima

Subjects

Rational root theorem, Computation, 010102 general mathematics, Polynomial arithmetic, 010103 numerical & computational mathematics, Bivariate analysis, Term (logic), 01 natural sciences, Hypergeometric distribution, Integer, ComputingMethodologies_SYMBOLICANDALGEBRAICMANIPULATION, Decomposition (computer science), Applied mathematics, Computer Science::Symbolic Computation, 0101 mathematics, Mathematics

Abstract

We present a new algorithm for the computation of the integer-linear decomposition of a multivariate polynomial. Such a decomposition is used in Ore-Sato theory and discrete creative telescoping, for example to detect applicability of Zeilberger's algorithm to a hypergeometric term. Our algorithm is quite straightforward, requiring only basic polynomial arithmetic along with efficient rational root finding. We present complete complexity analyses for both our and previous algorithms in the case of bivariate integer polynomials, and show that our method has a better theoretical performance. We also provide a Maple implementation which shows that our method is faster in practice than previous algorithms.

Published

2019

39. A Lightweight Implementation of NTRUEncrypt for 8-bit AVR Microcontrollers

Author

Cheng, Hao, Groszschädl, Johann, Roenne, Peter, Ryan, Peter, Cheng, Hao, Groszschädl, Johann, Roenne, Peter, and Ryan, Peter

Abstract

Introduced in 1996, NTRUEncrypt is not only one of the earliest but also one of the most scrutinized lattice-based cryptosystems and a serious contender in NIST’s ongoing Post-Quantum Cryptography (PQC) standardization project. An important criterion for the assessment of candidates is their computational cost in various hardware and software environments. This paper contributes to the evaluation of NTRUEncrypt on the ATmega class of AVR microcontrollers, which belongs to the most popular 8-bit platforms in the embedded domain. More concretely, we present AvrNtru, a carefully-optimized implementation of NTRUEncrypt that we developed from scratch with the goal of achieving high performance and resistance to timing attacks. AvrNtru complies with version 3.3 of the EESS#1 specification and supports recent product-form parameter sets like ees443ep1, ees587ep1, and ees743ep1. A full encryption operation (including mask generation and blinding- polynomial generation) using the ees443ep1 parameters takes 834,272 clock cycles on an ATmega1281 microcontroller; the decryption is slightly more costly and has an execution time of 1,061,683 cycles. When choosing the ees743ep1 parameters to achieve a 256-bit security level, 1,539,829 clock cycles are cost for encryption and 2,103,228 clock cycles for decryption. We achieved these results thanks to a novel hybrid technique for multiplication in truncated polynomial rings where one of the operands is a sparse ternary polynomial in product form. Our hybrid technique is inspired by Gura et al’s hybrid method for multiple-precision integer multiplication (CHES 2004) and takes advantage of the large register file of the AVR architecture to minimize the number of load instructions. A constant-time multiplication in the ring specified by the ees443ep1 parameters requires only 210,827 cycles, which sets a new speed record for the arithmetic component of a lattice-based cryptosystem on an 8-bit microcontroller.

Published

2019

40. Sparse polynomials in FLINT

Author

Daniel S. Roche and A. Whitman Groves

Subjects

Theoretical computer science, Selection (relational algebra), Computer science, Computation, Polynomial arithmetic, Timing data, 020206 networking & telecommunications, 0102 computer and information sciences, 02 engineering and technology, General Medicine, Sparse approximation, 01 natural sciences, 010201 computation theory & mathematics, Sparse interpolation, 0202 electrical engineering, electronic engineering, information engineering, Key (cryptography), Multiplication

Abstract

We have implemented a high-performance C library for sparse polynomials, which is provided as an add-on module to the open-source computation library FLINT [7]. Our implementation incorporates a number of recent theoretical advances in supersparse polynomial arithmetic, most notably recent algorithms for sparse interpolation and multiplication. We provide a summary of the provided functionality, a selection of key implementation decisions, and some preliminary timing data.

Published

2016

41. A Lightweight Implementation of NTRUEncrypt for 8-bit AVR Microcontrollers

Author

Cheng, H., Großschädl, J., Rønne, P., and Ryan, P.

Subjects

Computer science [C05] [Engineering, computing & technology], NTRU, Product- Form Polynomials, Post-Quantum Cryptography, Constant-Time Implementation, Hardware_ARITHMETICANDLOGICSTRUCTURES, Polynomial Arithmetic, Sciences informatiques [C05] [Ingénierie, informatique & technologie]

Abstract

Introduced in 1996, NTRUEncrypt is not only one of the earliest but also one of the most scrutinized lattice-based cryptosystems and a serious contender in NIST’s ongoing Post-Quantum Cryptography (PQC) standardization project. An important criterion for the assessment of candidates is their computational cost in various hardware and software environments. This paper contributes to the evaluation of NTRUEncrypt on the ATmega class of AVR microcontrollers, which belongs to the most popular 8-bit platforms in the embedded domain. More concretely, we present AvrNtru, a carefully-optimized implementation of NTRUEncrypt that we developed from scratch with the goal of achieving high performance and resistance to timing attacks. AvrNtru complies with version 3.3 of the EESS#1 specification and supports recent product-form parameter sets like ees443ep1, ees587ep1, and ees743ep1. A full encryption operation (including mask generation and blindingpolynomial generation) using the ees443ep1 parameters takes 834,272 clock cycles on an ATmega1281 microcontroller; the decryption is slightly more costly and has an execution time of 1,061,683 cycles. When choosing the ees743ep1 parameters to achieve a 256-bit security level, 1,539,829 clock cycles are cost for encryption and 2,103,228 clock cycles for decryption. We achieved these results thanks to a novel hybrid technique for multiplication in truncated polynomial rings where one of the operands is a sparse ternary polynomial in product form. Our hybrid technique is inspired by Gura et al’s hybrid method for multiple-precision integer multiplication (CHES 2004) and takes advantage of the large register file of the AVR architecture to minimize the number of load instructions. A constant-time multiplication in the ring specified by the ees443ep1 parameters requires only 210,827 cycles, which sets a new speed record for the arithmetic component of a lattice-based cryptosystem on an 8-bit microcontroller.

Published

2019

42. Fast finite field arithmetic

Author

Larrieu, Robin and STAR, ABES

Subjects

Algorithm, Arithmétique polynomiale, Gröebner bases, Bases de Gröebner, [INFO.INFO-SC] Computer Science [cs]/Symbolic Computation [cs.SC], Finite field, Polynomial arithmetic, [INFO.INFO-AO] Computer Science [cs]/Computer Arithmetic, Algorithme, Corps fini, Fft

Abstract

The multiplication of polynomials is a fundamental operation in complexity theory. Indeed, for many arithmetic problems, the complexity of algorithms is expressed in terms of the complexity of polynomial multiplication. For example, the complexity of euclidean division or of multi-point evaluation/interpolation (and others) is often expressed in terms of the complexity of polynomial multiplication. This shows that a better multiplication algorithm allows to perform the corresponding operations faster. A 2016 result gave an improved asymptotic complexity for the multiplication of polynomials over finite fields. This article is the starting point of the thesis; the present work aims to study the implications of the new complexity bound, from a theoretical and practical point of view.The first part focuses on the multiplication of univariate polynomials. This part presents two new algorithms that should make the computation faster in practice (rather than asymptotically speaking). While it is difficult in general to observe the predicted speed-up, some specific cases are particularly favorable. Actually, the second proposed algorithm, which is specific to finite fields, leads to a better implementation for the multiplication in F 2 [X], about twice as fast as state-of-the-art software.The second part deals with the arithmetic of multivariate polynomials modulo an ideal, as considered typically for polynomial system solving. This work assumes a simplified situation, with only two variables and under certain regularity assumptions. In this particular case, there are algorithms whose complexity is asymptotically optimal (up to logarithmic factors), with respect to input/output size. The implementation for this specific case is then significantly faster than general-purpose software, the speed-up becoming larger and larger when the input size increases., La multiplication de polynômes est une opération fondamentale en théorie de la complexité. En effet, pour de nombreux problèmes d’arithmétique, la complexité des algorithmes s’exprime habituellement en fonction de la complexité de la multiplication. Un meilleur algorithme de multiplication permet ainsi d’effectuer les opérations concernées plus rapidement. Un résultat de 2016 a établi une meilleure complexité asymptotique pour la multiplication de polynômes dans des corps finis. Cet article constitue le point de départ de la thèse ; l’objectif est d’étudier les conséquences à la fois théoriques et pratiques de la nouvelle borne de complexité.La première partie s’intéresse à la multiplication de polynômes à une variable. Cette partie présente deux nouveaux algorithmes censés accélérer le calcul en pratique (plutôt que d’un point de vue asymptotique). S’il est difficile dans le cas général d’observer l’amélioration prévue, certains cas précis sont particulièrement favorables. En l’occurrence, le second algorithme proposé, spécifique aux corps finis, conduit à une meilleure implémentation de la multiplication dans F_2[X], environ deux fois plus rapide que les logiciels précédents.La deuxième partie traite l’arithmétique des polynômes à plusieurs variables modulo un idéal, telle qu’utilisée par exemple pour la résolution de systèmespolynomiaux. Ce travail suppose une situation simplifiée, avec seulement deux variables et sous certaines hypothèses de régularité. Dans ce cas particulier, la deuxième partie de la thèse donne des algorithmes de complexité asymptotiquement optimale (à des facteurs logarithmiques près), par rapport à la taille des entrées/sorties. L’implémentation pour ce cas spécifique est alors nettement plus rapide que les logiciels généralistes, le gain étant de plus en plus marqué lorsque la taille de l’entrée augmente.

Published

2019

43. Rings: An Efficient JVM Library for Commutative Algebra (Invited Talk)

Author

S. V. Poslavsky

Subjects

050101 languages & linguistics, Functional programming, Application programming interface, Programming language, Scala, Algebraic structure, business.industry, 05 social sciences, Polynomial arithmetic, Software development, 02 engineering and technology, computer.software_genre, Simple (abstract algebra), ComputingMethodologies_SYMBOLICANDALGEBRAICMANIPULATION, 0202 electrical engineering, electronic engineering, information engineering, Computer Science::Programming Languages, 020201 artificial intelligence & image processing, 0501 psychology and cognitive sciences, Commutative algebra, business, computer, Mathematics, computer.programming_language

Abstract

Rings is an open-source library, written in Java and Scala programming languages, which implements basic concepts and algorithms from computational commutative algebra. The goal of the Rings library is to provide a high-performance implementation packed into a lightweight library (not a full-featured CAS) with a clean application programming interface (API), which meets modern standards of software development. Polynomial arithmetic, GCDs, factorization, and Grobner bases are implemented with the use of modern fast algorithms. Rings provides a simple API with a fully typed hierarchy of algebraic structures and algorithms for commutative algebra. The use of the Scala language brings a quite novel powerful, strongly typed functional programming model allowing to write short, expressive, and fast code for applications.

Published

2019

44. A study of approximate polynomials, I -Representation and arithmetic-.

Author

Sasaki, Tateaki

Abstract

By approximate polynomials in this paper, we mean polynomials with numerical coefficients represented approximately. algebraic operations on approximate polynomials are becoming important rapidly not only in application areas but also in algebraic algorithm construction; however, study of approximate polynomials in the context of algebraic computation is very poor so far. In studying approximate polynomials, we must consider two points, 1) the 'error term' may be quite large in approximate algebra, and 2) approximate polynomials show various pathological features occasionally. For example, as for 1), the error term may be of relative magnitude of 10 or even 10 in approximate factorization, and as for 2), conventional division algorithm leads to very inaccurate results if the leading coefficient of the divisor is small. This paper proposes a simple representation, presents algorithms for basic arithmetic operations, and clarifies some pathological properties, of approximate polynomials. In particular, presented is a division algorithm which maintains accuracy as highly as possible. [ABSTRACT FROM AUTHOR]

Published

1995

45. High Performance Sparse Multivariate Polynomials: Fundamental Data Structures and Algorithms

Author

Brandt, Alex

Subjects

Polynomial Interpolation, Pseudo-Division, Algebra, Theory and Algorithms, ComputingMethodologies_SYMBOLICANDALGEBRAICMANIPULATION, High-Performance, MathematicsofComputing_NUMERICALANALYSIS, Sparse Polynomials, Polynomial Arithmetic, Data Structures, Numerical Analysis and Scientific Computing

Abstract

Polynomials may be represented sparsely in an effort to conserve memory usage and provide a succinct and natural representation. Moreover, polynomials which are themselves sparse – have very few non-zero terms – will have wasted memory and computation time if represented, and operated on, densely. This waste is exacerbated as the number of variables increases. We provide practical implementations of sparse multivariate data structures focused on data locality and cache complexity. We look to develop high-performance algorithms and implementations of fundamental polynomial operations, using these sparse data structures, such as arithmetic (addition, subtraction, multiplication, and division) and interpolation. We revisit a sparse arithmetic scheme introduced by Johnson in 1974, adapting and optimizing these algorithms for modern computer architectures, with our implementations over the integers and rational numbers vastly outperforming the current wide-spread implementations. We develop a new algorithm for sparse pseudo-division based on the sparse polynomial division algorithm, with very encouraging results. Polynomial interpolation is explored through univariate, dense multivariate, and sparse multivariate methods. Arithmetic and interpolation together form a solid high-performance foundation from which many higher-level and more interesting algorithms can be built.

Published

2018

46. A Polynomial-Division-Based Algorithm for Computing Linear Recurrence Relations

Author

Jérémy Berthomieu, Jean-Charles Faugère, Polynomial Systems ( PolSys ), Laboratoire d'Informatique de Paris 6 ( LIP6 ), Université Pierre et Marie Curie - Paris 6 ( UPMC ) -Centre National de la Recherche Scientifique ( CNRS ) -Université Pierre et Marie Curie - Paris 6 ( UPMC ) -Centre National de la Recherche Scientifique ( CNRS ) -Inria de Paris, Institut National de Recherche en Informatique et en Automatique ( Inria ) -Institut National de Recherche en Informatique et en Automatique ( Inria ), Polynomial Systems (PolSys), LIP6, Sorbonne Université (SU)-Centre National de la Recherche Scientifique (CNRS)-Sorbonne Université (SU)-Centre National de la Recherche Scientifique (CNRS), CryptoNext Security, Inria de Paris, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-LIP6, Laboratoire d'Informatique de Paris 6 (LIP6), Université Pierre et Marie Curie - Paris 6 (UPMC)-Centre National de la Recherche Scientifique (CNRS)-Université Pierre et Marie Curie - Paris 6 (UPMC)-Centre National de la Recherche Scientifique (CNRS)-Inria de Paris, and Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)

Subjects

Monomial, Polynomial, 010103 numerical & computational mathematics, 02 engineering and technology, 01 natural sciences, Polynomial long division, Gröbner basis, Padé approximants, ComputingMethodologies_SYMBOLICANDALGEBRAICMANIPULATION, 0202 electrical engineering, electronic engineering, information engineering, Berlekamp–Massey– Sakata, 0101 mathematics, Mathematics, [INFO.INFO-SC]Computer Science [cs]/Symbolic Computation [cs.SC], CCS CONCEPTS • Comput method → Symbolic calculus algorithms, Polynomial arithmetic, 020206 networking & telecommunications, Monomial ideal, [ INFO.INFO-SC ] Computer Science [cs]/Symbolic Computation [cs.SC], Berlekamp–Massey–Sakata, Linear algebra, Gröbner bases, linear recursive sequences, Extended Euclidean algorithm, Algorithm, Berlekamp-Massey-Sakata, extended Euclidean algorithm

Abstract

Sparse polynomial interpolation, sparse linear system solving or modular rational reconstruction are fundamental problems in Computer Algebra. They come down to computing linear recurrence relations of a sequence with the Berlekamp-Massey algorithm. Likewise, sparse multivariate polynomial interpolation and multidimensional cyclic code decoding require guessing linear recurrence relations of a multivariate sequence.Several algorithms solve this problem. The so-called Berlekamp-Massey-Sakata algorithm (1988) uses polynomial additions and shifts by a monomial. The Scalar-FGLM algorithm (2015) relies on linear algebra operations on a multi-Hankel matrix, a multivariate generalization of a Hankel matrix. The Artinian Gorenstein border basis algorithm (2017) uses a Gram-Schmidt process.We propose a new algorithm for computing the Gröbner basis of the ideal of relations of a sequence based solely on multivariate polynomial arithmetic. This algorithm allows us to both revisit the Berlekamp-Massey-Sakata algorithm through the use of polynomial divisions and to completely revise the Scalar-FGLM algorithm without linear algebra operations.A key observation in the design of this algorithm is to work on the mirror of the truncated generating series allowing us to use polynomial arithmetic modulo a monomial ideal. It appears to have some similarities with Padé approximants of this mirror polynomial.As an addition from the paper published at the ISSAC conferance, we give an adaptive variant of this algorithm taking into account the shape of the final Gröbner basis gradually as it is discovered. The main advantage of this algorithm is that its complexity in terms of operations and sequence queries only depends on the output Gröbner basis.All these algorithms have been implemented in Maple and we report on our comparisons.

Published

2018

47. Arithmetic P Systems Based on Arithmetic Formula Tables

Author

Ping Gu, Ping Guo, Ruilong Yang, and Jia Li

Subjects

Modular arithmetic, Applied Mathematics, Elementary arithmetic, Carry (arithmetic), Algebraic operation, Arbitrary-precision arithmetic, Polynomial arithmetic, Saturation arithmetic, Hardware_ARITHMETICANDLOGICSTRUCTURES, Electrical and Electronic Engineering, Arithmetic, Affine arithmetic, Mathematics

Abstract

Arithmetic operations are fundamental in computing models. Novel arithmetic P systems are constructed to perform four basic operations: addition, subtraction, multiplication, division. The digits of decimal integers are directly put into hierarchical membranes, one digit one membrane, thus, the number of membranes is reduced and complexity is lowered. Core evolution rules are designed for single digit operations according to the arithmetic formula tables widely used by humans. Some examples are given to illustrate how to compute decimal integers in these P systems and the results indicates that these P systems can efficiently carry out arithmetic computations of integers.

Published

2015

48. Some new results on binary polynomial multiplication

Author

M. Anwar Hasan and Murat Cenk

Subjects

Multiplication algorithm, Finite field, Computer Networks and Communications, Binary operation, Polynomial arithmetic, Karatsuba algorithm, Multiplication, Arithmetic, Scalar multiplication, Bernstein polynomial, Software, Mathematics

Abstract

This paper presents several methods for reducing the number of bit operations for multiplication of polynomials over the binary field. First, a modified Bernstein’s 3-way algorithm is introduced, followed by a new 5-way algorithm. Next, a new 3-way algorithm that improves asymptotic arithmetic complexity compared to Bernstein’s 3-way algorithm is introduced. This new algorithm uses three multiplications of one-third size polynomials over the binary field and one multiplication of one-third size polynomials over the finite field with four elements. Unlike Bernstein’s algorithm, which has a linear delay complexity with respect to input size, the delay complexity of the new algorithm is logarithmic. The number of bit operations for the multiplication of polynomials over the finite field with four elements is also computed. Finally, all these new results are combined to obtain improved complexities.

Published

2015

49. Abstracts of recent doctoral dissertations in computer algebra

Author

Lingchuan Meng

Subjects

Algebra, Rational number, Finite field, Factorization of polynomials, ComputingMethodologies_SYMBOLICANDALGEBRAICMANIPULATION, Polynomial arithmetic, Factorization of polynomials over finite fields, Context (language use), General Medicine, Round-off error, Symbolic computation, Mathematics

Abstract

Polynomial multiplication is a key algorithm underlying computer algebra systems (CAS) and its efficient implementation is crucial for the performance of CAS. In this context coefficients of polynomials come from domains such as the integers, rationals and finite fields where arithmetic is performed exactly without rounding error.

Published

2016

50. Invariant Generation for Multi-Path Loops with Polynomial Assignments

Author

Andreas Humenberger, Maximilian Jaroschek, and Laura Kovács

Subjects

Discrete mathematics, Computer Science - Symbolic Computation, FOS: Computer and information sciences, Loop invariant, Computer Science - Programming Languages, Computer science, 010102 general mathematics, Polynomial arithmetic, 020207 software engineering, 02 engineering and technology, Fixed point, Symbolic Computation (cs.SC), Symbolic computation, 01 natural sciences, Gröbner basis, Program analysis, 0202 electrical engineering, electronic engineering, information engineering, 0101 mathematics, Invariant (mathematics), Nested loop join, Programming Languages (cs.PL)

Abstract

Program analysis requires the generation of program properties expressing conditions to hold at intermediate program locations. When it comes to programs with loops, these properties are typically expressed as loop invariants. In this paper we study a class of multi-path program loops with numeric variables, in particular nested loops with conditionals, where assignments to program variables are polynomial expressions over program variables. We call this class of loops extended P-solvable and introduce an algorithm for generating all polynomial invariants of such loops. By an iterative procedure employing Grobner basis computation, our approach computes the polynomial ideal of the polynomial invariants of each program path and combines these ideals sequentially until a fixed point is reached. This fixed point represents the polynomial ideal of all polynomial invariants of the given extended P-solvable loop. We prove termination of our method and show that the maximal number of iterations for reaching the fixed point depends linearly on the number of program variables and the number of inner loops. In particular, for a loop with m program variables and r conditional branches we prove an upper bound of \(m\cdot r\) iterations. We implemented our approach in the Aligator software package. Furthermore, we evaluated it on 18 programs with polynomial arithmetic and compared it to existing methods in invariant generation. The results show the efficiency of our approach.

Published

2018