Re: How to compute "Mod(q, p)^(2^v)" with significantly less than v modu

Max Alekseyev on Thu, 06 Jul 2023 23:11:37 +0200

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: How to compute "Mod(q, p)^(2^v)" with significantly less than v modular squarings?

To: hermann@stamm-wilbrandt.de
Subject: Re: How to compute "Mod(q, p)^(2^v)" with significantly less than v modular squarings?
From: Max Alekseyev <maxale@gmail.com>
Date: Thu, 6 Jul 2023 17:06:20 -0400
Cc: pari-users@pari.math.u-bordeaux.fr
Delivery-date: Thu, 06 Jul 2023 23:11:37 +0200
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1688677618; x=1691269618; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=Kqle8mlvY0FR4J6fVd1qInxb4g1u+TB5UONlAC7lWu4=; b=SiOFTu57OFX1Gx6dP3jP7ba8j91iliNimM9x53SnlhHxKoVMygZsy8bGrKh7PA82bg +Sb57yAz5AP/K395GCzPa8CsirmIKMwtLm2EiCLw5RnMGyL2db4nR6iyuDJBejB9mkEs KYoRtU/bYWqY9/CJA+FRFMcVKdtIccIM842I/ZErMtbb7glqH3KS249L5w72rxGyAS0x g9XKpvRWTCsneRNL35qXai0/XrYiSEX7nF7eajX+5GKwiyKBpW6/PUgYiH11rmhNajen W48U+NWuABtbtSvzp3NHYnw8zCO0XkSsU0IDv/wl5+lx1JXEs7SX2CQexqjrcwzYT5Xf AXow==
In-reply-to: <ba7f6b63c2f70fc5388885da6109ff09@stamm-wilbrandt.de>
References: <ba7f6b63c2f70fc5388885da6109ff09@stamm-wilbrandt.de>

Hi Hermann,

If v is large, then it's worth reducing the exponent 2^v modulo p-1 - like:

q = lift( Mod(qnr, p)^lift(Mod(2,p-1)^v)) );

Here we rely on the Fermat Little Theorem, but in general (if p is not prime) p-1 would need to be replaced with eulerphi(p).

Regards,

Max

On Thu, Jul 6, 2023 at 3:29 PM <hermann@stamm-wilbrandt.de> wrote:

It takes 3:04h for one "powm(_, qnr, p/4, p)" computation for
388342-digit prime with C++ and libgmpxx [in order to compute "sqrt(-1)
(mod p)"]. Using Pari/GP "Mod(qnr, p\4, p)" takes 16% longer than that.

I am interested in special primes of the form "p = m*2^l+1" where m is a
small number and l is huge.

Like p in example below.

Regarding the line:
? q=qnr*v; \\ q=lift(Mod(qnr, p)^(2^v))

I chose that in order to not having to wait for more than 3h to compute
"q=lift(Mod(qnr, p)^(2^v))". The next lines demonstrate, that only that
computation is relevant, since exponentiation with m for final result
takes less than a second.

So question is:
Is there any trick/algorithm speeding up computation "Mod(q, p)^(2^v)"
that has to do significantly less than v modular squarings?

hermann@7600x:~$ gp -q
? p = 2996863034895 * 2 ^ 1290000 + 1;
? #digits(p)
388342
? e=p\4;
? v=valuation(e, 2)
1289998
? forprime(t=2,oo,if( kronecker(t, p)==-1, qnr=t; break()));
? q=qnr*v; \\ q=lift(Mod(qnr, p)^(2^v))
? Mod(q, p)^(e\(2^v));
? ##
*** last result computed in 200 ms.
?

Regards,

Hermann.

Follow-Ups:
- Re: How to compute "Mod(q, p)^(2^v)" with significantly less than v modular squarings?
  - From: hermann@stamm-wilbrandt.de

References:
- How to compute "Mod(q, p)^(2^v)" with significantly less than v modular squarings?
  - From: hermann@stamm-wilbrandt.de

Prev by Date: Re: How to do t_INT bit operations?
Next by Date: Re: How to compute "Mod(q, p)^(2^v)" with significantly less than v modular squarings?
Previous by thread: How to compute "Mod(q, p)^(2^v)" with significantly less than v modular squarings?
Next by thread: Re: How to compute "Mod(q, p)^(2^v)" with significantly less than v modular squarings?
Index(es):
- Date
- Thread