The GSO-module

Possible improvements

Summary

Questions

About the GSO-module in fplll Koen de Boer Centrum Wiskunde en Informatica [email protected]

July 6, 2017

Koen de Boer The GSO-module

CWI

The GSO-module

Possible improvements

Summary

Questions

Overview 1 The GSO-module

The purpose of the GSO-module Implementation of the GSO Implementation of the interface 2 Possible improvements

Givens rotations Vectorized GSO Extend fpylll to MatGSOGram-objects 3 Summary 4 Questions Koen de Boer The GSO-module

CWI

The GSO-module

Possible improvements

Summary

Questions

The purpose of the GSO-module

Two main purposes of the GSO-module

Computing the Gram-Schmidt Orthogonalization of a basis of a lattice;

Koen de Boer The GSO-module

CWI

The GSO-module

Possible improvements

Summary

Questions

The purpose of the GSO-module

Two main purposes of the GSO-module

Computing the Gram-Schmidt Orthogonalization of a basis of a lattice; Being an interface for the fplll-framework.

Koen de Boer The GSO-module

CWI

The GSO-module

Possible improvements

Summary

Questions

The purpose of the GSO-module

Two main purposes of the GSO-module

Computing the Gram-Schmidt Orthogonalization of a basis of a lattice; Being an interface for the fplll-framework. So, if some module of fplll wants to change the basis of the lattice, it has to do that via the GSO-module.

Koen de Boer The GSO-module

CWI

The GSO-module

Possible improvements

Summary

Questions

The purpose of the GSO-module

Two main purposes of the GSO-module

Computing the Gram-Schmidt Orthogonalization of a basis of a lattice; Being an interface for the fplll-framework. So, if some module of fplll wants to change the basis of the lattice, it has to do that via the GSO-module. Briefly said: the GSO-module constructs a data structure with the lattice basis as the center.

Koen de Boer The GSO-module

CWI

The GSO-module

Possible improvements

Summary

Questions

The purpose of the GSO-module

Two main purposes of the GSO-module

Computing the Gram-Schmidt Orthogonalization of a basis of a lattice; Being an interface for the fplll-framework. So, if some module of fplll wants to change the basis of the lattice, it has to do that via the GSO-module. Briefly said: the GSO-module constructs a data structure with the lattice basis as the center. Implemented this way to speed up the GSO-process.

Koen de Boer The GSO-module

CWI

The GSO-module

Possible improvements

Summary

Questions

Implementation of the GSO

Three main techniques to speed-up Gram-Schmidt

Koen de Boer The GSO-module

CWI

The GSO-module

Possible improvements

Summary

Questions

Implementation of the GSO

Three main techniques to speed-up Gram-Schmidt The GSO-module is ‘lazy’; It postpones certain computations until the precise moment that this computation is actually needed. Sometimes the computation is not needed at all, in which case this technique saves time.

Koen de Boer The GSO-module

CWI

The GSO-module

Possible improvements

Summary

Questions

Implementation of the GSO

Three main techniques to speed-up Gram-Schmidt The GSO-module is ‘lazy’; It postpones certain computations until the precise moment that this computation is actually needed. Sometimes the computation is not needed at all, in which case this technique saves time.

The GSO-module is ‘eidetic’ The module keeps track of the already computed tasks very well and has many tricks to avoid recomputing certain instances.

Koen de Boer The GSO-module

CWI

The GSO-module

Possible improvements

Summary

Questions

Implementation of the GSO

Three main techniques to speed-up Gram-Schmidt The GSO-module is ‘lazy’; It postpones certain computations until the precise moment that this computation is actually needed. Sometimes the computation is not needed at all, in which case this technique saves time.

The GSO-module is ‘eidetic’ The module keeps track of the already computed tasks very well and has many tricks to avoid recomputing certain instances.

The GSO-module is ‘numerically stable’ Rouding errors in floating-point representations of the basis and related objects lead (after some time) to very significant errors; increasing numerical stability means that those significant errors enter later. Koen de Boer The GSO-module

CWI

The GSO-module

Possible improvements

Summary

Questions

Implementation of the GSO

Main variables in GSO The most important variables are b, µ, r and g .

Koen de Boer The GSO-module

CWI

The GSO-module

Possible improvements

Summary

Questions

Implementation of the GSO

Main variables in GSO The most important variables are b, µ, r and g . b is the basis with integral coefficients, where the rows are the basis elements;

Koen de Boer The GSO-module

CWI

The GSO-module

Possible improvements

Summary

Questions

Implementation of the GSO

Main variables in GSO The most important variables are b, µ, r and g . b is the basis with integral coefficients, where the rows are the basis elements; b = µDQ where µij = ∗ (bi∗ , b i ), P

Dii = bj∗ = bj −

Koen de Boer The GSO-module

(bi ,bj∗ ) (bj∗ ,bj∗ ) ,

D is diagonal with

and Q is orthonormal. Here ∗ k
CWI

The GSO-module

Possible improvements

Summary

Questions

Implementation of the GSO

Main variables in GSO The most important variables are b, µ, r and g . b is the basis with integral coefficients, where the rows are the basis elements; b = µDQ where µij = ∗ (bi∗ , b i ), P

Dii = bj∗ = bj −

(bi ,bj∗ ) (bj∗ ,bj∗ ) ,

D is diagonal with

and Q is orthonormal. Here ∗ k
r = µD. (So, b= r Q)

Koen de Boer The GSO-module

CWI

The GSO-module

Possible improvements

Summary

Questions

Implementation of the GSO

Main variables in GSO The most important variables are b, µ, r and g . b is the basis with integral coefficients, where the rows are the basis elements; b = µDQ where µij = ∗ (bi∗ , b i ), P

Dii = bj∗ = bj −

(bi ,bj∗ ) (bj∗ ,bj∗ ) ,

D is diagonal with

and Q is orthonormal. Here ∗ k
r = µD. (So, b= r Q) g = bb T the Gram matrix.

Koen de Boer The GSO-module

CWI

The GSO-module

Possible improvements

Summary

Questions

Implementation of the GSO

Main variables in GSO The most important variables are b, µ, r and g . b is the basis with integral coefficients, where the rows are the basis elements; b = µDQ where µij = ∗ (bi∗ , b i ), P

Dii = bj∗ = bj −

(bi ,bj∗ ) (bj∗ ,bj∗ ) ,

D is diagonal with

and Q is orthonormal. Here ∗ k
r = µD. (So, b= r Q) g = bb T the Gram matrix. There are floating point copies of g and b, called gf and bf respectively. Koen de Boer The GSO-module

CWI

The GSO-module

Possible improvements

Summary

Questions

Implementation of the GSO

Code Gram Schmidt (I) Basis: t e m p l a t e v o i d MatGSO:: d i s c o v e r r o w ( ) { i n t i = n known rows ; n known rows++; i f (! cols locked ) { n s o u r c e r o w s = n known rows ; n known cols= max(n known cols, init row size[i]); } i f ( enable int gram ) { f o r ( i n t j = 0 ; j <= i ; j ++) { dot product (g( i , j ) , b [ i ] , b [ j ] , n known cols ) ; } } else { invalidate gram row ( i ); } g s o v a l i d c o l s [ i ] = 0; } Koen de Boer The GSO-module

CWI

The GSO-module

Possible improvements

Summary

Questions

Implementation of the GSO

Code Gram Schmidt (I) t e m p l a t e v o i d MatGSO:: d i s c o v e r r o w ( ) { i n t i = n known rows ; n k n o w n r o w s ++; i f (! cols locked ) { n s o u r c e r o w s = n known rows ; n known cols = max ( n k n o w n c o l s , i n i t r o w s i z e [ i ] ) ; } i f ( enable int gram ) { f o r ( i n t j = 0 ; j <= i ; j ++) { dot product (g( i , j ) , b [ i ] , b [ j ] , n known cols ) ; } } else { invalidate gram row(i); } gso valid cols[i] = 0; } Koen de Boer The GSO-module

Gram matrix:

CWI

The GSO-module

Possible improvements

Summary

Questions

Implementation of the GSO

Code Gram Schmidt (II) t e m p l a t e b o o l M a t G S O I n t e r f a c e:: update gso row ( int i , int l a s t j ) { i f ( i >= n k n o w n r o w s ) { discover row (); } i n t j = max ( 0 , g s o v a l i d c o l s [ i ] ) ; f o r ( ; j <= l a s t j ; j ++) { get gram(ftmp1, i, j); for (int k = 0; k < j; k++) { ftmp2.mul(mu(j, k), r(i, k)); ftmp1.sub(ftmp1, ftmp2); } r(i, j) = ftmp1; if ( i > j) { mu(i, j).div(ftmp1, r(j, j)); i f ( ! mu( i , j ) . i s f i n i t e ( ) ) return false ; } } gso valid cols[i] = j; return true ; } Koen de Boer The GSO-module

CWI

The GSO-module

Possible improvements

Summary

Questions

Implementation of the GSO

Code Gram Schmidt (II) t e m p l a t e b o o l M a t G S O I n t e r f a c e:: update gso row ( int i , int l a s t j ) { i f ( i >= n k n o w n r o w s ) { discover row (); } i n t j = max ( 0 , g s o v a l i d c o l s [ i ] ) ; f o r ( ; j <= l a s t j ; j ++) { get gram(ftmp1, i, j); for (int k = 0; k < j; k++) { ftmp2.mul(mu(j, k), r(i, k)); ftmp1.sub(ftmp1, ftmp2); } r(i, j) = ftmp1; if ( i > j) { mu(i, j).div(ftmp1, r(j, j)); i f ( ! mu( i , j ) . i s f i n i t e ( ) ) return false ; } } gso valid cols[i] = j; return true ; } Koen de Boer The GSO-module

Triggers computation of the Gram-matrix

CWI

The GSO-module

Possible improvements

Summary

Questions

Implementation of the GSO

Code Gram Schmidt (II) t e m p l a t e b o o l M a t G S O I n t e r f a c e:: update gso row ( int i , int l a s t j ) { i f ( i >= n k n o w n r o w s ) { discover row (); } i n t j = max ( 0 , g s o v a l i d c o l s [ i ] ) ; f o r ( ; j <= l a s t j ; j ++) { get gram(ftmp1, i, j); for (int k = 0; k < j; k++) { ftmp2.mul(mu(j, k), r(i, k)); ftmp1.sub(ftmp1, ftmp2); } r(i, j) = ftmp1; if ( i > j) { mu(i, j).div(ftmp1, r(j, j)); i f ( ! mu( i , j ) . i s f i n i t e ( ) ) return false ; } } gso valid cols[i] = j; return true ; } Koen de Boer The GSO-module

Triggers computation of the Gram-matrix P rij = gij − k
CWI

The GSO-module

Possible improvements

Summary

Questions

Implementation of the GSO

Code Gram Schmidt (II) t e m p l a t e b o o l M a t G S O I n t e r f a c e:: update gso row ( int i , int l a s t j ) { i f ( i >= n k n o w n r o w s ) { discover row (); } i n t j = max ( 0 , g s o v a l i d c o l s [ i ] ) ; f o r ( ; j <= l a s t j ; j ++) { get gram(ftmp1, i, j); for (int k = 0; k < j; k++) { ftmp2.mul(mu(j, k), r(i, k)); ftmp1.sub(ftmp1, ftmp2); } r(i, j) = ftmp1; if ( i > j) { mu(i, j).div(ftmp1, r(j, j)); i f ( ! mu( i , j ) . i s f i n i t e ( ) ) return false ; } } gso valid cols[i] = j; return true ; } Koen de Boer The GSO-module

Triggers computation of the Gram-matrix P rij = gij − k
CWI

The GSO-module

Possible improvements

Summary

Questions

Implementation of the GSO

Code Gram Schmidt (II) t e m p l a t e b o o l M a t G S O I n t e r f a c e:: update gso row ( int i , int l a s t j ) { i f ( i >= n k n o w n r o w s ) { discover row (); } i n t j = max ( 0 , g s o v a l i d c o l s [ i ] ) ; f o r ( ; j <= l a s t j ; j ++) { get gram(ftmp1, i, j); for (int k = 0; k < j; k++) { ftmp2.mul(mu(j, k), r(i, k)); ftmp1.sub(ftmp1, ftmp2); } r(i, j) = ftmp1; if ( i > j) { mu(i, j).div(ftmp1, r(j, j)); i f ( ! mu( i , j ) . i s f i n i t e ( ) ) return false ; } } gso valid cols[i] = j; return true ; } Koen de Boer The GSO-module

Triggers computation of the Gram-matrix P rij = gij − k
CWI

The GSO-module

Possible improvements

Summary

Questions

Implementation of the interface

Code Interface (I) t e m p l a t e v o i d MatGSO:: r o w a d d ( i n t i , i n t j ) { b[i].add(b[j], n known cols); i f ( enable transform ) { u[i].add(u[j]); if ( enable inverse transform ) u inv t[j].sub(u inv t[i]); } i f ( enable int gram ) { // gii + = 2 · gij + gjj ztmp1.mul 2si(g(i, j), 1); ztmp1.add(ztmp1, g(j, j)); g(i, i).add(g(i, i), ztmp1); for (int k = 0; k < n known rows; k++) if (k ! = i) sym g(i,k).add(sym g(i,k), sym g(j,k)); } }

Koen de Boer The GSO-module

CWI

The GSO-module

Possible improvements

Summary

Questions

Implementation of the interface

Code Interface (I) t e m p l a t e v o i d MatGSO:: r o w a d d ( i n t i , i n t j ) { b[i].add(b[j], n known cols); i f ( enable transform ) { u[i].add(u[j]); if ( enable inverse transform ) u inv t[j].sub(u inv t[i]); } i f ( enable int gram ) { // gii + = 2 · gij + gjj ztmp1.mul 2si(g(i, j), 1); ztmp1.add(ztmp1, g(j, j)); g(i, i).add(g(i, i), ztmp1); for (int k = 0; k < n known rows; k++) if (k ! = i) sym g(i,k).add(sym g(i,k), sym g(j,k)); } }

Koen de Boer The GSO-module

bi := bi + bj

CWI

The GSO-module

Possible improvements

Summary

Questions

Implementation of the interface

Code Interface (I) t e m p l a t e v o i d MatGSO:: r o w a d d ( i n t i , i n t j ) { b[i].add(b[j], n known cols); i f ( enable transform ) { u[i].add(u[j]); if ( enable inverse transform ) u inv t[j].sub(u inv t[i]); } i f ( enable int gram ) { // gii + = 2 · gij + gjj ztmp1.mul 2si(g(i, j), 1); ztmp1.add(ztmp1, g(j, j)); g(i, i).add(g(i, i), ztmp1); for (int k = 0; k < n known rows; k++) if (k ! = i) sym g(i,k).add(sym g(i,k), sym g(j,k)); } }

Koen de Boer The GSO-module

bi := bi + bj u is a unimodular matrix with integer entries, which gives the relation with the input and the output basis: boutput = ubinput . u inv t equals the transpose inverse of u. They are changed accordingly.

CWI

The GSO-module

Possible improvements

Summary

Questions

Implementation of the interface

Code Interface (I) t e m p l a t e v o i d MatGSO:: r o w a d d ( i n t i , i n t j ) { b[i].add(b[j], n known cols); i f ( enable transform ) { u[i].add(u[j]); if ( enable inverse transform ) u inv t[j].sub(u inv t[i]); } i f ( enable int gram ) { // gii + = 2 · gij + gjj ztmp1.mul 2si(g(i, j), 1); ztmp1.add(ztmp1, g(j, j)); g(i, i).add(g(i, i), ztmp1); for (int k = 0; k < n known rows; k++) if (k ! = i) sym g(i,k).add(sym g(i,k), sym g(j,k)); } }

Koen de Boer The GSO-module

bi := bi + bj u is a unimodular matrix with integer entries, which gives the relation with the input and the output basis: boutput = ubinput . u inv t equals the transpose inverse of u. They are changed accordingly. Note that the Gram matrix g is changed accordingly, too. CWI

The GSO-module

Possible improvements

Summary

Questions

Possible improvements in the GSO-module

Koen de Boer The GSO-module

CWI

The GSO-module

Possible improvements

Summary

Questions

Possible improvements in the GSO-module

Implementing the numerically stable Givens rotations in the Gram-Schmidt orthogonalization process. Currently the LDLT -decomposition of the Gram matrix is used.

Koen de Boer The GSO-module

CWI

The GSO-module

Possible improvements

Summary

Questions

Possible improvements in the GSO-module

Implementing the numerically stable Givens rotations in the Gram-Schmidt orthogonalization process. Currently the LDLT -decomposition of the Gram matrix is used. Implementing ‘Vectorized GSO’ for processors that are able to compute vector operations in one cycle.

Koen de Boer The GSO-module

CWI

The GSO-module

Possible improvements

Summary

Questions

Possible improvements in the GSO-module

Implementing the numerically stable Givens rotations in the Gram-Schmidt orthogonalization process. Currently the LDLT -decomposition of the Gram matrix is used. Implementing ‘Vectorized GSO’ for processors that are able to compute vector operations in one cycle. Extend fpylll to MatGSOGram-objects, such that LLL can be called on MatGSOGram-objects in, for example, Sage.

Koen de Boer The GSO-module

CWI

The GSO-module

Possible improvements

Summary

Questions

Givens rotations

Givens rotations

1

N.J. Higham. Accuracy and Stability of Numerical Algorithms: Second Edition. Society for Industrial and Applied Mathematics, 2002. isbn: 9780898715217, §19.6. Koen de Boer The GSO-module

CWI

The GSO-module

Possible improvements

Summary

Questions

Givens rotations

Givens rotations Used to introduce zeroes in a matrix, making them well-suited for the triangularization of the basis matrix b: b = µDQ

1

N.J. Higham. Accuracy and Stability of Numerical Algorithms: Second Edition. Society for Industrial and Applied Mathematics, 2002. isbn: 9780898715217, §19.6. Koen de Boer The GSO-module

CWI

The GSO-module

Possible improvements

Summary

Questions

Givens rotations

Givens rotations Used to introduce zeroes in a matrix, making them well-suited for the triangularization of the basis matrix b: b = µDQ

Givens rotations are very numerically stable1 . Triangularization using Givens rotations is probably slower than using LDLT -decomposition on the Gram matrix, but the numerical stability of Givens rotations might induce an overall reduction in running time on the long-term. 1

N.J. Higham. Accuracy and Stability of Numerical Algorithms: Second Edition. Society for Industrial and Applied Mathematics, 2002. isbn: 9780898715217, §19.6. Koen de Boer The GSO-module

CWI

The GSO-module

Possible improvements

Summary

Questions

Givens rotations

Givens rotations A Givens rotation G = G (i, j, θ) has rows:  if k = 6 i, j  ek if k = i Gk = cei − sej  sei + cej if k = j where c 2 + s 2 = 1. Note that b 7→ bG only affects the i-th and j-th column of b:   b1,i b1,j  b2,i b2,j    c −s   .. ..  s c .  . .  bn,i bn,j Koen de Boer The GSO-module

CWI

The GSO-module

Possible improvements

Summary

Questions

Givens rotations

Computing s and c

Setting r =

p

x 2 + y 2 c = x/r and s = y /r gives     c −s   x y = r 0 . s c

So, applying this in the GSO-context, we need to compute p 2 r = x + y 2 and c = x/r and s = y /r . This must be done with the hypot-function, which avoids overflow errors.

Koen de Boer The GSO-module

CWI

The GSO-module

Possible improvements

Summary

Questions

Summary

Koen de Boer The GSO-module

CWI

The GSO-module

Possible improvements

Summary

Questions

Summary

The purpose of the GSO-module is computing the Gram-Schmidt orthogonalization and being an interface for the fplll-framework.

Koen de Boer The GSO-module

CWI

The GSO-module

Possible improvements

Summary

Questions

Summary

The purpose of the GSO-module is computing the Gram-Schmidt orthogonalization and being an interface for the fplll-framework. The GSO-module is fast because it is lazy, eidetic and numerically stable. (We have seen a few examples).

Koen de Boer The GSO-module

CWI

The GSO-module

Possible improvements

Summary

Questions

Summary

The purpose of the GSO-module is computing the Gram-Schmidt orthogonalization and being an interface for the fplll-framework. The GSO-module is fast because it is lazy, eidetic and numerically stable. (We have seen a few examples). Some suggested improvements are: Givens rotations, vectorization and the extension of fpylll to GramGSO.

Koen de Boer The GSO-module

CWI

The GSO-module

Possible improvements

Summary

Questions

Questions?

Koen de Boer The GSO-module

CWI

## About the GSO-module in fplll - GitHub

Jul 6, 2017 - The GSO-module. Possible improvements. Summary. Questions. Givens rotations. Givens rotations. A Givens rotation G = G(i,j,Î¸) has rows: Gk =.. ek if k = i,j cei â sej if k = i sei + cej if k = j where c2 + s2 = 1. Note that b â¦â bG only affects the i-th and j-th column of b:.... b1,i b1,j b2,i b2,j.