Re: Why is "lift(Mod(qnr, n)^(n\4))" 16% slower than C libgmp "powm(r, q

Karim Belabas on Fri, 23 Jun 2023 12:30:27 +0200

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: Why is "lift(Mod(qnr, n)^(n\4))" 16% slower than C libgmp "powm(r, qnr, n/4, n)" ?

To: hermann@stamm-wilbrandt.de
Subject: Re: Why is "lift(Mod(qnr, n)^(n\4))" 16% slower than C libgmp "powm(r, qnr, n/4, n)" ?
From: Karim Belabas <Karim.Belabas@math.u-bordeaux.fr>
Date: Fri, 23 Jun 2023 12:25:45 +0200
Arc-authentication-results: i=1; smail; arc=none
Arc-message-signature: i=1; a=rsa-sha256; d=math.u-bordeaux.fr; s=openarc; t=1687515936; c=relaxed/relaxed; bh=BHHTOKlwfgshDTnOk1GJUF5gJXKf5xIOjJWqnUaLR+Q=; h=DKIM-Signature:Date:From:To:Cc:Subject:Message-ID: Mail-Followup-To:References:MIME-Version:Content-Type: Content-Disposition:Content-Transfer-Encoding:In-Reply-To; b=QkOhs4S/aUvcC+3jUlfoNxcVcyTGbLu4Mv8PuBpUOvVt66Gj0AmKMHj7Nc0CSNfLMcHSbwISjzOeANw20LCmmHZz1xq+WhjObsF20FTApEfS5IxUe0Q5g+WhNXYBVBtLdUmGUSvaEu/JxHg4r5dUcDjN8jbo6ME9LWpDt/4fGfrCLXRgEkAkebTFQ4Crc4JnkTnvM0DBkLi/m13PmXhtAJE8dOYIIXElJ/sEStqvi/1g97PT1zW/G5i/hjbsEbxpSz+6FSdidiTozpNH3DN8//A+UqUYCoBliUn4hc9szOsQMGJfnekbzRWJNMgCeGxjKym5fbeVmEAuIhfVhL4vWgEYNPzX61I7VdEldG4GMFnISnPP+8LKvRxyZVWMee8tuzi3OQ1HVRcndbQMU4MyNWJ4wSLnxPVOXOB43BNqyQ3bzWHwo8Dj4wnQ4W0E+Fj9GIXr0AsxbHM6ePtb2EmHNxWobjrQ4f8OMDLXa2nSA++p1l5+mP3OnwnYD/Nt0QM7iB+q8925UoJYFzVWd4ovTnrOY2LoUP/JxaCHQFvrNBezE8AzayKX8B8dlDDxqkwXEfBPLbQMJ+o7/cQO8MZz8aCGquAmIRrVY0TJC0K4HCzdyYPEnEVIWFyq35bWPECRDno5zxubbhqS4/hIvs/rFJKoyS17nM/ruQwQ/u3WBo8=
Arc-seal: i=1; a=rsa-sha256; d=math.u-bordeaux.fr; s=openarc; t=1687515936; cv=none; b=X0oqYJXhQX1ILgD9uyOfi3k6NvcfDX93RMmqQM5IrmxPjv8xlATj8JLzz2Qsl3SO24coKjYjV+UyEocr7zahlCP2v86W8C1J8GGdwUcz/Tk+JQvUf+jM6fDXTE9yiaj1zhDHL+p7oDjFkZFSxQ6Amac8L9O0GboetSdm19sOn6/MuREhl8sQybJkQxUZkfL79+5o1Ici/IvdlZ9a9Wnice2lTL00Vx92uYktYGbOCD7o6wPQF+SgGQoCJMa/bJ346cBYCh1Hu9hcpExpjWjfR5cS6drPqmFfBKo2TubOGU/hAABZeTlmnkcmKZNZbkMwSApfCe/CosFW7WKUGVrckjmAG+zOBrT1MQ8zh5UAVAi8430aFDNFmICeWtLsTstUwdiOiA5dUpAhJ1rAzZn8j474nHIHBR6DLjOwfEOzf44YQ0jTUxQd7eMoSozBTxQQ2FV2HayngYm/VGggBbVvBmA7O/NA76jnSPtLyFtZgQl2+PPeRSXT9LT6J2iCUcr+AAQkkAvG3Whv0pNHmK4Xob5Xvkx70G105qfS2c01gpnzYeANioV0qMxgDt9nPhdY3urUFR/jrOQkgvVtvBFegFb1lWEy71BSatSC4GNS+2gMobs8Bcc8KUJ/zkTWCHOVkYhplHs5B3n9tgKUL85TNOazywm7vNm9dKfniQy6LcI=
Authentication-results: smail; arc=none
Cc: pari-users@pari.math.u-bordeaux.fr
Delivery-date: Fri, 23 Jun 2023 12:30:27 +0200
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=math.u-bordeaux.fr; s=2022; t=1687515936; bh=BHHTOKlwfgshDTnOk1GJUF5gJXKf5xIOjJWqnUaLR+Q=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=hK5+CbUCaAjK1dysBSGoXw9+Lh+OVwNSGQqn8B1t3kx/NCprhroGPyTwx3Yvki3bH fnEU9URYzbCl0t75izT0JKAToFsgNRgCVJowd/nxYOfP/im3Z8jzSREjnVcKlu7XFM ZBZqHdWAmDgWHTM8si70SMojGXYWPA8H0iT5HjByZHINgSmc+AAO96LIQeqcdXHNFf HrzUVMtZWWsXCFdiJXq5iinE7zgl8algupox9fQ96TnDXxzMuJDYID4ASQOgUZXQiJ nYQgSvUUGypyByrzKEfnSovI/DIjqdvRglh2kB3Da7VEMqGUIZCJBY6vCtuPayMRI0 11xT3Fl1rKAAwFfaFYWu0qN2IVqAA6ewMq6XYzHTrfomR7l56mveUosTqLMuwTXf3E oImeycCNa4KWxEObW5zZArWaWi7HOdLXDOYTi74fJY2I9p1+QQ9S7UfDnKwrdplyYC FsWus2GlazvwpjpGlxoGafwH2pUbwcI6nl9vL/mbq+2ZYyjU01bJzb/1OlkBh8B1kH KNAfSVGplgKDlVTtbSjtYOfFQWnFBA4pydvIWfwTJiu/fnV4+6seOSSojW3XS5uZxZ iuhILCKhkIbAcDuVPiSJCUQeqQ6FGblNMemvXF9ryiqKqs2LxiL5PIqQHchrNmq8AI 0BTAmLPT+4pdeHbh/oO8u5do=
In-reply-to: <43475cd077e10ac2cebf5d8fb59c9118@stamm-wilbrandt.de>
Mail-followup-to: hermann@stamm-wilbrandt.de, pari-users@pari.math.u-bordeaux.fr
References: <43475cd077e10ac2cebf5d8fb59c9118@stamm-wilbrandt.de>

* hermann@stamm-wilbrandt.de [2023-06-23 12:15]:
> My Linux gp-2.15 runs with GMP kernel:
> 
> $ gp-2.15
> Reading GPRC: /etc/gprc
> GPRC Done.
> 
>                   GP/PARI CALCULATOR Version 2.15.3 (released)
>           amd64 running linux (x86-64/GMP-6.1.2 kernel) 64-bit version
> ...
> 
> I used sqrtm1.cc
> https://github.com/Hermann-SW/RSA_numbers_factored/blob/main/c%2B%2B/sqrtm1.cc
> 
> to efficiently determine "sqrt(-1) (mod p)" for primes up to 1million
> digits.
> I had to hardcode the primes in C source, a bit ugly.
> 
> 
> Now I implemented sqrtm1.gp doing the same:
> https://github.com/Hermann-SW/RSA_numbers_factored/blob/main/pari/sqrtm1.gp
> 
> Nice feature here is that because of "eval(getenv())" I can pass formulas.
> The program flow is the same as in sqrtm1.cc, with determination of smallest
> quadratic non-residue as learned from Bill:
> https://pari.math.u-bordeaux.fr/archives/pari-users-2306/msg00044.html
[...]

Note that the current 'master' branch currently computes sqrt(Mod(-1,p))
quickly in all cases.

The branch origin/bill-Fp_sqrts implements a slightly more general
solution: besides -1, 0% of quadratic residues allow a faster algorithm
to compute their square root, it costs nothing to try to use it.

? p=2^1000*5^3148+1;
? for(i=1,100,Mod(3,p)^((p-1)/4))
time = 10,690 ms.
? for(i=1,100,sqrt(Mod(-1,p)))
time = 10,299 ms.

Cheers,

    K.B.
-- 
Pr. Karim Belabas, U. Bordeaux, Vice-président en charge du Numérique
Institut de Mathématiques de Bordeaux UMR 5251 - (+33) 05 40 00 29 77
http://www.math.u-bordeaux.fr/~kbelabas/

Follow-Ups:
- Re: Why is "lift(Mod(qnr, n)^(n\4))" 16% slower than C libgmp "powm(r, qnr, n/4, n)" ?
  - From: hermann@stamm-wilbrandt.de

References:
- Why is "lift(Mod(qnr, n)^(n\4))" 16% slower than C libgmp "powm(r, qnr, n/4, n)" ?
  - From: hermann@stamm-wilbrandt.de

Prev by Date: Why is "lift(Mod(qnr, n)^(n\4))" 16% slower than C libgmp "powm(r, qnr, n/4, n)" ?
Next by Date: Re: Why is "lift(Mod(qnr, n)^(n\4))" 16% slower than C libgmp "powm(r, qnr, n/4, n)" ?
Previous by thread: Why is "lift(Mod(qnr, n)^(n\4))" 16% slower than C libgmp "powm(r, qnr, n/4, n)" ?
Next by thread: Re: Why is "lift(Mod(qnr, n)^(n\4))" 16% slower than C libgmp "powm(r, qnr, n/4, n)" ?
Index(es):
- Date
- Thread