comparison of block lanczos and block wiedemann for
play

Comparison of Block-Lanczos and Block-Wiedemann for Solving Linear - PowerPoint PPT Presentation

Nov 07, 2023 •256 likes •615 views

Motivation Lanczos and Wiedemann Algorithms Implementation of Block-Lanczos Timings Comparison of Block-Lanczos and Block-Wiedemann for Solving Linear Systems in Large Factorizations A. Kruppa Centrum Wiskunde & Informatica Amsterdam

  1. Motivation Lanczos and Wiedemann Algorithms Implementation of Block-Lanczos Timings Comparison of Block-Lanczos and Block-Wiedemann for Solving Linear Systems in Large Factorizations A. Kruppa Centrum Wiskunde & Informatica Amsterdam Workshop on Computational Number Theory 2011 A. Kruppa Comparison of Block-Lanczos and Block-Wiedemann

  2. Motivation Lanczos and Wiedemann Algorithms Implementation of Block-Lanczos Timings Outline Motivation 1 Linear Algebra in Integer Factoring Algorithms for Finding Kernel Vectors Lanczos and Wiedemann Algorithms 2 The Lanczos Algorithm The Wiedemann Algorithm Implementation of Block-Lanczos 3 The CWI Implementation of Block-Lanczos The Huygens Supercomputer Timings 4 A. Kruppa Comparison of Block-Lanczos and Block-Wiedemann

  3. Motivation Lanczos and Wiedemann Algorithms Linear Algebra in Integer Factoring Implementation of Block-Lanczos Algorithms for Finding Kernel Vectors Timings Outline Motivation 1 Linear Algebra in Integer Factoring Algorithms for Finding Kernel Vectors Lanczos and Wiedemann Algorithms 2 The Lanczos Algorithm The Wiedemann Algorithm Implementation of Block-Lanczos 3 The CWI Implementation of Block-Lanczos The Huygens Supercomputer Timings 4 A. Kruppa Comparison of Block-Lanczos and Block-Wiedemann

  4. Motivation Lanczos and Wiedemann Algorithms Linear Algebra in Integer Factoring Implementation of Block-Lanczos Algorithms for Finding Kernel Vectors Timings Factoring with Congruent Squares Sieving-based factoring algorithms (QS, NFS) construct congruent squares: X 2 ≡ Y 2 ( mod N ) If X �≡ ± Y ( mod N ) , then gcd ( X − Y , N ) is a proper factor So how do we find congruent squares? Sieving step: Find a lot of relations, i.e., pairs of congruent 1 values that both factor over a small set of primes Linear Algebra step: Find a subset of them such that in the 2 product both sides are squares A. Kruppa Comparison of Block-Lanczos and Block-Wiedemann

  5. Motivation Lanczos and Wiedemann Algorithms Linear Algebra in Integer Factoring Implementation of Block-Lanczos Algorithms for Finding Kernel Vectors Timings Constructing Congruent Squares: Example Example: Factor 77 2 4 5 1 3 1 80 = × ≡ = 3 5 3 2 4 3 1 125 = ≡ × = 48 2 5 5 1 2 1 3 1 160 = × ≡ × = 6 2 1 3 4 2 3 162 = × ≡ = 8 Want square product: all primes in even exponent. Look at exponent vectors A. Kruppa Comparison of Block-Lanczos and Block-Wiedemann

  6. Motivation Lanczos and Wiedemann Algorithms Linear Algebra in Integer Factoring Implementation of Block-Lanczos Algorithms for Finding Kernel Vectors Timings Constructing Congruent Squares: Example Example: Factor 77 4 1 1 80 = ≡ = 3 3 4 1 125 = ≡ = 48 5 1 1 1 160 = ≡ = 6 1 4 3 162 = ≡ = 8 Interested only in even or odd: look at exponent vectors over F 2 A. Kruppa Comparison of Block-Lanczos and Block-Wiedemann

  7. Motivation Lanczos and Wiedemann Algorithms Linear Algebra in Integer Factoring Implementation of Block-Lanczos Algorithms for Finding Kernel Vectors Timings Constructing Congruent Squares: Example Example: Factor 77 1 1 80 = ≡ = 3 1 1 125 = ≡ = 48 1 1 1 1 160 = ≡ = 6 1 1 162 = ≡ = 8 Find linear combination of exponent vectors over F 2 that adds to zero vector: write exponent vectors as columns of a matrix, find a kernel vector A. Kruppa Comparison of Block-Lanczos and Block-Wiedemann

  8. Motivation Lanczos and Wiedemann Algorithms Linear Algebra in Integer Factoring Implementation of Block-Lanczos Algorithms for Finding Kernel Vectors Timings Constructing Congruent Squares: Example Example: Factor 77 1 1 80 = ≡ = 3 1 1 125 = ≡ = 48 1 1 1 1 160 = ≡ = 6 1 1 162 = ≡ = 8 One solution: use relations 80 ≡ 3, 160 ≡ 6, and 162 ≡ 8 ( mod 77 ) A. Kruppa Comparison of Block-Lanczos and Block-Wiedemann

  9. Motivation Lanczos and Wiedemann Algorithms Linear Algebra in Integer Factoring Implementation of Block-Lanczos Algorithms for Finding Kernel Vectors Timings Constructing Congruent Squares: Example Example: Factor 77 1 1 80 = ≡ = 3 1 1 125 = ≡ = 48 1 1 1 1 160 = ≡ = 6 1 1 162 = ≡ = 8 One solution: use relations 80 ≡ 3, 160 ≡ 6, and 162 ≡ 8 ( mod 77 ) Product: 1440 2 ≡ 12 2 ( mod 77 ) . gcd ( 1440 − 12 , 77 ) = 7 A. Kruppa Comparison of Block-Lanczos and Block-Wiedemann

  10. Motivation Lanczos and Wiedemann Algorithms Linear Algebra in Integer Factoring Implementation of Block-Lanczos Algorithms for Finding Kernel Vectors Timings Constructing Congruent Squares: Example Example: Factor 77 1 1 80 = ≡ = 3 1 1 125 = ≡ = 48 1 1 1 1 160 = ≡ = 6 1 1 162 = ≡ = 8 One solution: use relations 80 ≡ 3, 160 ≡ 6, and 162 ≡ 8 ( mod 77 ) Product: 1440 2 ≡ 12 2 ( mod 77 ) . gcd ( 1440 − 12 , 77 ) = 7 Construct congruent squares from relations by finding kernel vectors of a binary matrix A. Kruppa Comparison of Block-Lanczos and Block-Wiedemann

  11. Motivation Lanczos and Wiedemann Algorithms Linear Algebra in Integer Factoring Implementation of Block-Lanczos Algorithms for Finding Kernel Vectors Timings Shape of the Matrices Sparse overall (few prime factors in each relation=column), rows corresponding to small primes are heavy RSA768 Input number of 232 digits Matrix size 192 795 550 × 192 796 550, weight 27 797 115 920, average column weight 144 . 2. RSA190 Input number of 190 digits Matrix size 33 218 122 × 33 643 088, total weight 2 115 794 780, average column weight 62 . 9. A. Kruppa Comparison of Block-Lanczos and Block-Wiedemann

  12. Motivation Lanczos and Wiedemann Algorithms Linear Algebra in Integer Factoring Implementation of Block-Lanczos Algorithms for Finding Kernel Vectors Timings Outline Motivation 1 Linear Algebra in Integer Factoring Algorithms for Finding Kernel Vectors Lanczos and Wiedemann Algorithms 2 The Lanczos Algorithm The Wiedemann Algorithm Implementation of Block-Lanczos 3 The CWI Implementation of Block-Lanczos The Huygens Supercomputer Timings 4 A. Kruppa Comparison of Block-Lanczos and Block-Wiedemann

  13. Motivation Lanczos and Wiedemann Algorithms Linear Algebra in Integer Factoring Implementation of Block-Lanczos Algorithms for Finding Kernel Vectors Timings Algorithms for Finding Kernel Vectors Gaussian Elimination, bad: O ( n 3 ) , matrix fill in Iterative methods instead: Lanczos, Wiedemann: all O ( wn 2 ) ( w average column weight) Both Block-Lanczos (BL) and Block-Wiedemann (BW) used in practice for factoring A. Kruppa Comparison of Block-Lanczos and Block-Wiedemann

  14. Motivation Lanczos and Wiedemann Algorithms Linear Algebra in Integer Factoring Implementation of Block-Lanczos Algorithms for Finding Kernel Vectors Timings The RSA768 Matrix Was solved by BW Total CPU time: about 160 core years, 119 days elapsed Intended race BW vs. BL BW finished too fast, BL code was not ready Current project: get BL ready for RSA768 matrix, compare speed A. Kruppa Comparison of Block-Lanczos and Block-Wiedemann

  15. Motivation Lanczos and Wiedemann Algorithms The Lanczos Algorithm Implementation of Block-Lanczos The Wiedemann Algorithm Timings Outline Motivation 1 Linear Algebra in Integer Factoring Algorithms for Finding Kernel Vectors Lanczos and Wiedemann Algorithms 2 The Lanczos Algorithm The Wiedemann Algorithm Implementation of Block-Lanczos 3 The CWI Implementation of Block-Lanczos The Huygens Supercomputer Timings 4 A. Kruppa Comparison of Block-Lanczos and Block-Wiedemann

  16. Motivation Lanczos and Wiedemann Algorithms The Lanczos Algorithm Implementation of Block-Lanczos The Wiedemann Algorithm Timings The Lanczos Algorithm Solve Ax = y , symmetric A in K n , n , x ∈ K n , y � = 0 ∈ K n Our matrix B is not symmetric, set A = B T B , compute Av = B T ( Bv ) Create orthogonal base for RHS with known preimage { Av 1 , . . . , Av m } , m = dim K ( A , v 1 ) Express y in that base: y = � � y , Av i � | Av i | 2 Av i Then x = � � b , Av i � | Av i | 2 v i is a solution Homogeneous system: find distinct x 1 , x 2 for random y , x 1 − x 2 is kernel vector A. Kruppa Comparison of Block-Lanczos and Block-Wiedemann

  17. Motivation Lanczos and Wiedemann Algorithms The Lanczos Algorithm Implementation of Block-Lanczos The Wiedemann Algorithm Timings The Lanczos Algorithm The Lanczos iteration: v i + 1 = Av i − � Av i , Av i � � v i , Av i � v i − � Av i , Av i − 1 � � v i − 1 , Av i − 1 � v i − 1 A ( Av i ) automatically orthogonal to Av 1 , . . . , Av i − 2 Lanczos iteration orthogonalizes Av i + 1 w.r.t. Av i , Av i − 1 Needs m ≈ n iterations, 2 matrix mul ( B T ( Bv i ) ), fixed number of scalar ops in each Problem in F 2 : self-orthogonal vectors � v i , Av i � = 0 → zero denominator A. Kruppa Comparison of Block-Lanczos and Block-Wiedemann

  18. Motivation Lanczos and Wiedemann Algorithms The Lanczos Algorithm Implementation of Block-Lanczos The Wiedemann Algorithm Timings The Block Lanczos Algorithm Block Algorithm: each column vector element is itself a length- b row vector ( b blocking factor, e.g, b = 128) Block vector V i is basis for vector space of dim = 128 Orthogonalize these subspaces instead of individual vectors Cover (almost) 128 dimensions of RHS in each iteration, need only (about) n / 128 iterations Word-wide bit operations ( + :XOR, ∗ : AND) treat whole block element in a single instruction A. Kruppa Comparison of Block-Lanczos and Block-Wiedemann

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

On the use of polynomial matrix approximant in the block Wiedemann algorithm Pascal Giorgi

On the use of polynomial matrix approximant in the block Wiedemann algorithm Pascal Giorgi

On the use of polynomial matrix approximant in the block Wiedemann algorithm Pascal Giorgi Symbolic Computation Group , Laboratoire LIP, School of Computer Science, ENS Lyon, France ECOLE NORMALE SUPERIEURE DE LYON University of Waterloo,

475 views • 32 slides
Introducing EF Block TM Introduction to EF Block Building Materials Overview of EF

Introducing EF Block TM Introduction to EF Block Building Materials Overview of EF

Introducing EF Block TM Introduction to EF Block Building Materials Overview of EF Block and the competition The EF Block System Proprietary (Patent Pending) Plant, Product and Processes of the EF Block system Homes

792 views • 34 slides
Block Ciphers Eli Biham - May 3, 2005 c 83 Block Ciphers (4) Block Ciphers and Stream

Block Ciphers Eli Biham - May 3, 2005 c 83 Block Ciphers (4) Block Ciphers and Stream

Block Ciphers Eli Biham - May 3, 2005 c 83 Block Ciphers (4) Block Ciphers and Stream Ciphers In practical ciphers the plaintext M is divided into fixed-length blocks M = M 1 M 2 . . . M N . Then, each block M i is encrypted to the

1.11k views • 63 slides
A/B BLOCK SCHEDULING 2015-2016 BLOCK DISCUSSION Weve been discussing researching the

A/B BLOCK SCHEDULING 2015-2016 BLOCK DISCUSSION Weve been discussing researching the

A/B BLOCK SCHEDULING 2015-2016 BLOCK DISCUSSION Weve been discussing researching the block schedule since 2011-2012. A/B - Four-period day. 84 minute block All students must take 8 courses Special circumstances (IEP

141 views • 13 slides
B.b) Block Ciphers 2 B.24 Definition An encryption algorithm Enc: {0,1} n K {0,1} n

B.b) Block Ciphers 2 B.24 Definition An encryption algorithm Enc: {0,1} n K {0,1} n

1 B.b) Block Ciphers 2 B.24 Definition An encryption algorithm Enc: {0,1} n K {0,1} n is called a block cipher . The positive integer n denotes the block size ( block length ). 3 B.25 Remark and Convention The encryption

709 views • 67 slides
Chapter 16 Chapter 16 The Elements: The he Elements: The d -Block -Block The d -Block

Chapter 16 Chapter 16 The Elements: The he Elements: The d -Block -Block The d -Block

Chapter 16 Chapter 16 The Elements: The he Elements: The d -Block -Block The d -Block Elements and Their Compounds Select Elements: A Survey Coordination Compounds The Electronic Structure of Complexes 1 The d-Block

516 views • 15 slides
Block ciphers What is a block cipher? Dan Boneh Block

Block ciphers What is a block cipher? Dan Boneh Block

Online Cryptography Course

1.24k views • 65 slides
CS 137: File Systems Dealing With the Block Interface 1 / 24 Basics of Block I/O The Kernel

CS 137: File Systems Dealing With the Block Interface 1 / 24 Basics of Block I/O The Kernel

CS 137: File Systems Dealing With the Block Interface 1 / 24 Basics of Block I/O The Kernel API Request is described by struct bio : bi_sector Starting sector, 512-byte unit bi_bdev (Block) device to do I/O on bi_rw Read or write bi_size

389 views • 24 slides
CRYSTAL CITY BLOCK PLAN # CCBP- G 1 BLOCK G (Metro Market Square block) 1 Long Range

CRYSTAL CITY BLOCK PLAN # CCBP- G 1 BLOCK G (Metro Market Square block) 1 Long Range

04.02.18 CRYSTAL CITY BLOCK PLAN # CCBP- G 1 BLOCK G (Metro Market Square block) 1 Long Range Planning Committee Meeting #3 April 2, 2018 04.02.18 1. Tonights Agenda 1. Introductory Remarks (Jane Siegel) 2. Follow-up from LRPC

457 views • 26 slides
Advanced Topics Surveys Block times and sizes Bl Block ck si size Increase block sizes

Advanced Topics Surveys Block times and sizes Bl Block ck si size Increase block sizes

Advanced Topics Surveys Block times and sizes Bl Block ck si size Increase block sizes Tension between those who treat BTC as an investment (e.g. like a stock that does not trade frequently) versus a transactional currency (e.g. like

756 views • 31 slides
Block.IS Pitch Presentation Block.IS Consortium 2019 Blockchain is an opportunity for

Block.IS Pitch Presentation Block.IS Consortium 2019 Blockchain is an opportunity for

Block.IS Pitch Presentation Block.IS Consortium 2019 Blockchain is an opportunity for EU Digital revolution to help Europeans adapt and profit from it. EU Commissioner Mariya Gabriel 2 What is Block.IS? European SMEs need

348 views • 20 slides
CRYSTAL CITY BLOCK PLAN # CCBP- G 1 BLOCK G (Metro Market Square block) 1 Long Range

CRYSTAL CITY BLOCK PLAN # CCBP- G 1 BLOCK G (Metro Market Square block) 1 Long Range

01.29.18 CRYSTAL CITY BLOCK PLAN # CCBP- G 1 BLOCK G (Metro Market Square block) 1 Long Range Planning Committee Meeting January 29, 2018 01.29.18 1. Introduction 2 01.29.18 1. LRPC Meeting Purpose Review of proposed Crystal City Block

614 views • 58 slides
CRYSTAL CITY BLOCK PLAN # CCBP- G 1 BLOCK G (Metro Market Square block) 1 Long Range

CRYSTAL CITY BLOCK PLAN # CCBP- G 1 BLOCK G (Metro Market Square block) 1 Long Range

04.16.18 CRYSTAL CITY BLOCK PLAN # CCBP- G 1 BLOCK G (Metro Market Square block) 1 Long Range Planning Committee Meeting April 16, 2018 04.16.18 Introduction 2 04.16.18 LRPC Meeting Purpose Review of Proposed Crystal City Block Plan G

639 views • 28 slides
Problem 1 k zero bits n bits IV Block Block Block Block Cipher Cipher Cipher Cipher

Problem 1 k zero bits n bits IV Block Block Block Block Cipher Cipher Cipher Cipher

Problem 1 k zero bits n bits IV Block Block Block Block Cipher Cipher Cipher Cipher removed January 27, 2011 Practical Aspects of Modern Cryptography 2 Problem 1 IV Inverse Inverse Inverse Inverse Cipher Cipher Cipher Cipher

464 views • 20 slides
CRYSTAL CITY BLOCK PLAN # CCBP- G 1 BLOCK G (Metro Market Square block) 1 Long Range

CRYSTAL CITY BLOCK PLAN # CCBP- G 1 BLOCK G (Metro Market Square block) 1 Long Range

02.22.18 CRYSTAL CITY BLOCK PLAN # CCBP- G 1 BLOCK G (Metro Market Square block) 1 Long Range Planning Committee Meeting February 22, 2018 (final) 02.22.18 1. Introductory Remarks 2 02.22.18 1. Tonights Agenda 1. Introductory

641 views • 41 slides
Managing the New Block Layer Kevin Wolf <kwolf@redhat.com> Max Reitz

Managing the New Block Layer Kevin Wolf <kwolf@redhat.com> Max Reitz

Managing the New Block Layer Kevin Wolf <kwolf@redhat.com> Max Reitz <mreitz@redhat.com> KVM Forum 2017 Part I User management Section 1 The New Block Layer The New Block Layer Block layer role Guest Emulated guest block devices

1.28k views • 68 slides
Smart City data via LOD/LOG Service P. Bellini, P. Nesi, N. Rauch Dipartimento di Ingegneria

Smart City data via LOD/LOG Service P. Bellini, P. Nesi, N. Rauch Dipartimento di Ingegneria

Smart City data via LOD/LOG Service P. Bellini, P. Nesi, N. Rauch Dipartimento di Ingegneria dellInformazione, DINFO Universit degli studi di Firenze Via S. Marta 3, 50139, Firenze, Italy tel: +39-055-4796567, fax: +39-055-4796363

501 views • 25 slides
MODEL-INTEGRATED DESIGN IN SOFTWARE, SYSTEMS AND CONTROL ENGINEERING Janos Sztipanovits ISIS,

MODEL-INTEGRATED DESIGN IN SOFTWARE, SYSTEMS AND CONTROL ENGINEERING Janos Sztipanovits ISIS,

Institute for Software Integrated Systems Vanderbilt University MODEL-INTEGRATED DESIGN IN SOFTWARE, SYSTEMS AND CONTROL ENGINEERING Janos Sztipanovits ISIS, Vanderbilt University SERC Workshop October 5, 2011 Model-Based Design Tools Key

570 views • 18 slides
T EX and Linguistics Steve Peter Beech Stave Press and T EX Users Group 1 Who we are 2 The

T EX and Linguistics Steve Peter Beech Stave Press and T EX Users Group 1 Who we are 2 The

T EX and Linguistics Steve Peter Beech Stave Press and T EX Users Group 1 Who we are 2 The field of Linguistics synchronic vs. diachronic 3 The field of Linguistics synchronic vs. diachronic theoretical vs. applied 4 The field of

375 views • 21 slides
Grammar: Features and Unification Plan for the Talk Problems with CFG (PCFG) Features

Grammar: Features and Unification Plan for the Talk Problems with CFG (PCFG) Features

Grammar: Features and Unification Plan for the Talk Problems with CFG (PCFG) Features Structure Attribute-value Matrix (AVM) Unification Grammar formalisms based on unification Agreement Constraints that hold among various

504 views • 48 slides
ESO Science Archives Felix Stoehr Meeting XYZ, X Dec 2020, Confidential/ESO Internal Use/ 1

ESO Science Archives Felix Stoehr Meeting XYZ, X Dec 2020, Confidential/ESO Internal Use/ 1

ESO Science Archives Felix Stoehr Meeting XYZ, X Dec 2020, Confidential/ESO Internal Use/ 1 Public European Southern Observatory http://www.openuniverse.asi.it/documents/presentations/ESO_WilliamsOpenUniverseExpertMeeting.pdf UN/Italy Open

386 views • 16 slides
Blitzableiter Countering Flash Exploits Robert Tezli Jrn Bratzke 23rd Annual FIRST Conference

Blitzableiter Countering Flash Exploits Robert Tezli Jrn Bratzke 23rd Annual FIRST Conference

Blitzableiter Countering Flash Exploits Robert Tezli Jrn Bratzke 23rd Annual FIRST Conference Blitzableiter Agenda Introduction of Blitzableiter Motivation Blitzableiter Internals Flash Internals Countering Format based

906 views • 52 slides
Performance Analysis Brendan Gregg Senior Performance Architect

Performance Analysis Brendan Gregg Senior Performance Architect

Nov, 2014 Performance Analysis Brendan Gregg Senior Performance Architect BSD Observability FreeBSD for content delivery Open Connect Appliances Approx

858 views • 60 slides
ECS 231 Subspace projection methods for LS 1 / 38 Part I. Basics The landscape of solvers for

ECS 231 Subspace projection methods for LS 1 / 38 Part I. Basics The landscape of solvers for

ECS 231 Subspace projection methods for LS 1 / 38 Part I. Basics The landscape of solvers for linear systems of equations Ax = b, 2 / 38 Part I. Basics The landscape of solvers for linear systems of equations Ax = b, more robust

878 views • 55 slides

More recommend