Merge pull request #119 from malb/bc/hybd-speed

Hybrid-dual speed
malb · Aug 12, 2024 · e80ec6b · e80ec6b
2 parents bfbd74e + 9361112
commit e80ec6b
Show file tree

Hide file tree

Showing 5 changed files with 14 additions and 13 deletions.
diff --git a/README.rst b/README.rst
@@ -27,14 +27,14 @@ Quick Start
     
     >>> r = LWE.estimate.rough(schemes.Kyber512)
     usvp                 :: rop: ≈2^118.6, red: ≈2^118.6, δ: 1.003941, β: 406, d: 998, tag: usvp
-    dual_hybrid          :: rop: ≈2^115.4, red: ≈2^115.3, guess: ≈2^110.0, β: 395, p: 6, ζ: 5, t: 30, β': 395, ...
+    dual_hybrid          :: rop: ≈2^115.5, red: ≈2^115.3, guess: ≈2^112.3, β: 395, p: 5, ζ: 0, t: 40, β': 395, N: ≈2^81.4, m: 512
 
     >>> r = LWE.estimate(schemes.Kyber512)
     bkw                  :: rop: ≈2^178.8, m: ≈2^166.8, mem: ≈2^167.8, b: 14, t1: 0, t2: 16, ℓ: 13, #cod: 448, #top: 0, #test: 64, tag: coded-bkw
     usvp                 :: rop: ≈2^143.8, red: ≈2^143.8, δ: 1.003941, β: 406, d: 998, tag: usvp
     bdd                  :: rop: ≈2^140.3, red: ≈2^139.7, svp: ≈2^138.8, β: 391, η: 421, d: 1013, tag: bdd
     dual                 :: rop: ≈2^149.9, mem: ≈2^97.1, m: 512, β: 424, d: 1024, ↻: 1, tag: dual
-    dual_hybrid          :: rop: ≈2^139.2, red: ≈2^139.0, guess: ≈2^136.2, β: 385, p: 6, ζ: 15, t: 30, β': 389, N: ≈2^80.1, ...
+    dual_hybrid          :: rop: ≈2^139.7, red: ≈2^139.6, guess: ≈2^135.9, β: 387, p: 5, ζ: 0, t: 50, β': 391, N: ≈2^81.1, m: 512
 
   .. code-block:: python
 

diff --git a/docs/schemes/hes.rst b/docs/schemes/hes.rst
@@ -26,4 +26,4 @@ Homomorphic Encryption Parameters
     >>> SEAL22_8192
     LWEParameters(n=8192, q=107839786668602559178668060348078522694548577690162289924414373888001, Xs=D(σ=0.82), Xe=D(σ=3.19), m=+Infinity, tag='SEAL22_8192')
     >>> LWE.dual_hybrid(SEAL22_8192)
-    rop: ≈2^121.8, red: ≈2^121.8, guess: ≈2^107.6, β: 306, p: 3, ζ: 5, t: 50, β': 331, N: ≈2^67.3, m: ≈2^13.0
+    rop: ≈2^121.8, red: ≈2^121.8, guess: ≈2^101.7, β: 306, p: 3, ζ: 10, t: 40, β': 331, N: ≈2^68.1, m: ≈2^13.0
diff --git a/estimator/lwe.py b/estimator/lwe.py
@@ -46,7 +46,7 @@ def rough(self, params, jobs=1, catch_exceptions=True):
             >>> from estimator import *
             >>> _ = LWE.estimate.rough(schemes.Kyber512)
             usvp                 :: rop: ≈2^118.6, red: ≈2^118.6, δ: 1.003941, β: 406, d: 998, tag: usvp
-            dual_hybrid          :: rop: ≈2^115.4, red: ≈2^115.3, guess: ≈2^110.0, β: 395, p: 6, ζ: 5, t: 30, β': 395...
+            dual_hybrid          :: rop: ≈2^115.5, red: ≈2^115.3, guess: ≈2^112.3, β: 395, p: 5, ζ: 0, t: 40, β': 395...
 
         """
         params = params.normalize()
@@ -111,7 +111,7 @@ def __call__(
             usvp                 :: rop: ≈2^143.8, red: ≈2^143.8, δ: 1.003941, β: 406, d: 998, tag: usvp
             bdd                  :: rop: ≈2^140.3, red: ≈2^139.7, svp: ≈2^138.8, β: 391, η: 421, d: 1013, tag: bdd
             dual                 :: rop: ≈2^149.9, mem: ≈2^97.1, m: 512, β: 424, d: 1024, ↻: 1, tag: dual
-            dual_hybrid          :: rop: ≈2^139.2, red: ≈2^139.0, guess: ≈2^136.2, β: 385, p: 6, ζ: 15, t: 30, ...
+            dual_hybrid          :: rop: ≈2^139.7, red: ≈2^139.6, guess: ≈2^135.9, β: 387, p: 5, ζ: 0, t: 50, β': 391...
 
         """
         params = params.normalize()

diff --git a/estimator/lwe_dual.py b/estimator/lwe_dual.py
@@ -650,9 +650,10 @@ def __call__(
         params = params.normalize()
 
         for p in early_abort_range(2, params.q):
-            for k_enum in early_abort_range(0, params.n, 5):
-                for k_fft in early_abort_range(0, params.n - k_enum[0], 5):
-                    with local_minimum(40, params.n, log_level=log_level + 4) as it:
+            for k_enum in early_abort_range(0, params.n, 10):
+                for k_fft in early_abort_range(0, params.n - k_enum[0], 10):
+                    # RC.ADPS16(1754, 1754) ~ 2^(512)
+                    with local_minimum(40, min(params.n, 1754), log_level=log_level + 4) as it:
                         for beta in it:
                             cost = self.cost(
                                 beta,

diff --git a/param_sweep.py b/param_sweep.py
@@ -88,21 +88,21 @@ def parameter_sweep(
                     num_proc=1,\
                 )
             usvp                 :: rop: ≈2^45.6, red: ≈2^45.6, δ: 1.007290, β: 156, d: 1120, tag: usvp
-            dual_hybrid          :: rop: ≈2^45.7, red: ≈2^45.6, guess: ≈2^41.7, β: 156, p: 2, ζ: 0, t: 25, β': 156, ...
+            dual_hybrid          :: rop: ≈2^45.7, red: ≈2^45.6, guess: ≈2^41.9, β: 156, p: 2, ζ: 0, t: 20, β': 156, ...
             usvp                 :: rop: ≈2^51.7, red: ≈2^51.7, δ: 1.006767, β: 177, d: 1124, tag: usvp
             dual_hybrid          :: rop: ≈2^51.4, red: ≈2^51.4, guess: ≈2^46.6, β: 176, p: 2, ζ: 0, t: 30, β': 176, ...
             usvp                 :: rop: ≈2^82.9, red: ≈2^82.9, δ: 1.005021, β: 284, d: 1661, tag: usvp
-            dual_hybrid          :: rop: ≈2^80.3, red: ≈2^80.3, guess: ≈2^75.4, β: 275, p: 2, ζ: 5, t: 50, β': 275, ...
+            dual_hybrid          :: rop: ≈2^80.5, red: ≈2^80.3, guess: ≈2^77.1, β: 275, p: 2, ζ: 0, t: 60, β': 275, ...
             usvp                 :: rop: ≈2^92.6, red: ≈2^92.6, δ: 1.004667, β: 317, d: 1650, tag: usvp
-            dual_hybrid          :: rop: ≈2^89.1, red: ≈2^89.1, guess: ≈2^84.9, β: 305, p: 2, ζ: 5, t: 60, β': 305, ...
+            dual_hybrid          :: rop: ≈2^89.4, red: ≈2^89.1, guess: ≈2^87.3, β: 305, p: 2, ζ: 0, t: 70, β': 305, ...
             >>> results[(600, 4294967296, 9.0, 2.0, 600, 'test')]
             51.4434...
             >>> results[(600, 4294967296, 7.0, 2.0, 600, 'test')]
             45.552
             >>> results[(900, 4294967296, 7.0, 2.0, 900, 'test')]
-            80.347...
+            80.450...
             >>> results[(900, 4294967296, 9.0, 2.0, 900, 'test')]
-            89.138...
+            89.442...
         """
         n, q, m, e, s = [
             param if hasattr(param, "__iter__") else [param] for param in (n, q, m, e, s)