Skip to content

Optimize the Final exponentiation#75

Merged
gbotrel merged 12 commits intodevelopfrom
feat/karabina
Sep 21, 2021
Merged

Optimize the Final exponentiation#75
gbotrel merged 12 commits intodevelopfrom
feat/karabina

Conversation

@yelhousni
Copy link
Copy Markdown
Collaborator

@yelhousni yelhousni commented Sep 15, 2021
edited
Loading

#74
[WIP] [Ready to merge]

This PR, implements Karabina's compressed cyclotomic squaring and decompression. It also merges @gbotrel work on F_p inverse.

The trick of mixing the GS and Karabina cyclotomic squares in Expt() combined with the new inverse yields speedups in the final exponentiation for BLS12-377, BLS12-381 and BLS24-315 but not BW6-761 and BW6-633.

  • BLS12-377: s=46 --> 14% speedup
  • BLS12-381: s=32 --> 6% speedup
  • BLS24-315: s=20 --> 12% speedup [edit] 14% speedup with Montgomery batch inverse

N.B. For BLS12-381, there another series of 15 0's but it's not worth doing it with Karabina. If we manage to make the inverse even faster (e.g. Pornin with assembly), then it might lead to some speedup with a Montgomery batch inverse.

@yelhousni yelhousni requested a review from gbotrel September 15, 2021 17:21
@yelhousni
Copy link
Copy Markdown
Collaborator Author

yelhousni commented Sep 15, 2021

[WIP] because AMD behaves differently than Intel with assembly.. We might go back to a pure Go inverse version or implement Pornin's inverse (in pure Go).

@yelhousni yelhousni changed the base branch from master to develop September 20, 2021 07:32
@yelhousni
Copy link
Copy Markdown
Collaborator Author

yelhousni commented Sep 21, 2021

With asm-inverse removed (on AWS z1d.large):

[ec2-user@ip-172-31-25-164 ~]$ benchcmp old-fe-bls381.log new-fe-bls381.log
benchcmp is deprecated in favor of benchstat: https://pkg.go.dev/golang.org/x/perf/cmd/benchstat
benchmark                          old ns/op     new ns/op     delta
BenchmarkFinalExponentiation-2     362464        354933        -2.08%
[ec2-user@ip-172-31-25-164 ~]$ benchcmp old-fe-bls377.log new-fe-bls377.log
benchcmp is deprecated in favor of benchstat: https://pkg.go.dev/golang.org/x/perf/cmd/benchstat
benchmark                          old ns/op     new ns/op     delta
BenchmarkFinalExponentiation-2     487347        434029        -10.94%
[ec2-user@ip-172-31-25-164 ~]$ benchcmp old-fe-bls24.log new-fe-bls24.log
benchcmp is deprecated in favor of benchstat: https://pkg.go.dev/golang.org/x/perf/cmd/benchstat
benchmark                          old ns/op     new ns/op     delta
BenchmarkFinalExponentiation-2     1149723       1008101       -12.32%

@yelhousni
Copy link
Copy Markdown
Collaborator Author

yelhousni commented Sep 21, 2021

N.B.: The current tradeoff of (inverse cost / series of 0's size) allows only BLS24-315 to benefit from the Montgomery BatchDecompression() trick.

@gbotrel gbotrel merged commit 2faa637 into develop Sep 21, 2021
@yelhousni yelhousni deleted the feat/karabina branch September 23, 2021 10:16
@yelhousni yelhousni mentioned this pull request Oct 14, 2021
Closed
@yelhousni yelhousni mentioned this pull request Dec 9, 2021
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@gbotrel gbotrel Awaiting requested review from gbotrel

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@yelhousni @gbotrel