|
2006-05-04, 09:47
|
#23 |
Jul 2005
2·193 Posts |
Robert, did you find anythin else interesting when you looked at the proth_sieve source?
|
|
|
|
2006-05-04, 13:22
|
#24 | |
"Robert Gerbicz"
Oct 2005
Hungary
22×7×53 Posts |
Quote:
Here are some possible speedups, sorry if they have already included: 1. If the number of k vaules is small: for sob project there are only 8 k value, in these cases you can precalculate for all 2^8=256 possible subsets the best ratio mod/res. 2. In big step method you have to generate b,b^2,b^3,b^4,b^5,...,b^u mod p. I generate these by this pseudocode: Code:
c=b mod p
d=c^2 mod p
for i=1 to u step by 2 {
e=(c*d) mod p // store this info
j=i
while 2*j<=u {
e=(e^2) mod p // store this info
j=2*j
}
c=e
}
3. If the number of the baby steps is larger than the number of large steps then store the hash values of large steps, otherwise store the hash values of baby steps. Because storing a hash value is slower than a hash lookup, isn't it? 4. It isn't important to use in all cases all small prime(power) divisors of p-1. That would slow down the calculation, what is your method for that? 5. I've seen an implementation of powmod. Actually there is a faster method for that: for example you have to calculate x^n mod p, where n has got about 40 bits, by standard method it is required about 40 squaremod and 40/2=20 mulmods. Use sliding window method: Code:
s[1]=b mod p c=b^2 mod p s[3]=(b*c) mod p s[5]=(s[3]*c) mod p s[7]=(s[5]*c) mod p |
|
|
|
|
|
2006-05-04, 19:27
|
#25 | |
Jun 2003
31·163 Posts |
Quote:
|
|
|
|
|
2006-05-04, 23:03
|
#26 | |
Jun 2003
158210 Posts |
Quote:
 All of have to do is solve all the k's for base 2, and in addition solve k=5 for base 2, so 2^n=5 can be calculated. Since there are 400+ k's one more k won't be much more work. (At first glance it might seem complicated, but thnk about it) Citrix 
|
|
|
|
|
|
2006-05-05, 00:14
|
#27 | |
"Mark"
Apr 2003
Between here and the
11×577 Posts |
Quote:
|
|
|
|
|
|
2006-05-05, 00:39
|
#28 |
|
Jun 2003
2×7×113 Posts |
TO change between newpgen file format and proth_sieve format there is a tool available, it also removes the factors found. As for sieving below 10^9, see axn1's post.
If Geoff's program is faster than proth_sieve we should go with it, if not we should use proth_sieve. Citrix Last fiddled with by Citrix on 2006-05-05 at 00:44 |
|
|
|
|
2006-05-05, 03:18
|
#29 | |
Jun 2005
3·11 Posts |
Quote:
I disagree that this is reinventing the wheel. Newpgen is the standard program for sieving these sorts of numbers and is meant to be quite optimized (IIUC) and srsieve is already much faster than it, even for a single k. As to the speed of srsieve, I was looking at http://www.free-dc.org/forum/showthread.php?t=10262 earlier. I think it may be possible to implement some of the suggestions there if they're not implemented already e.g. the quadratic residues stuff. Thoughts anyone? |
|
|
|
|
|
2006-05-05, 03:40
|
#30 | |
|
Jun 2003
62E16 Posts |
Quote:
There is a way around this. I am sure the author of proth_sieve knows how to do this, straight forward stuff. Modifying proth_sieve is only a suggestion, you guys can do what you see fit. |
|
|
|
|
|
2006-05-05, 09:50
|
#31 |
|
Jul 2005
1100000102 Posts |
OK, I'll try and reply to everyone's comments...
1. Citrix: Why reinvent the wheel? I wrote my own siever so that I could get to grips with the underlying mathematics. I learnt about BSGS, Silver-Pohlig-Hellman, Quadratic Reciprocity, etc. This helped when I went on to mess around with the proth_sieve code. It also promotes competition. If geoff hadn't written srsieve everyone would still be using the (slower) newpgen. There are enhancements that geoff can add, there are enhancements that newpgen could add, there are enhancements that proth_sieve can benefit from. 2. proth_sieve vs srsieve (or newpgen) You have to remember that they are different programs performing different functions. proth_sieve just doesn't have the code to handle p < 10^9. Even if it could handle those numbers I'm sure it would be much slower than srsieve over these low ranges. If proth_sieve was updated to handle p < 10^9 and, more importantly, sieving a range from scratch, then I'm sure the code would be very similar to that used in srsieve. Where proth_sieve does do well is when p is larger, and when enough low p sieving has been performed (with newpgen or srsieve) and it can analyse the resulting dat file to find the residue classes. It is the reduced search space from these residue classes that proth_sieve uses to make it much much faster than anything else for multiple k sieving. 3. Robert's comments:- I looked that but it is very hard to find out the meaning of the variables. I think that it would be much better to rewrite that. Tell me about it, it's a nightmare to follow. Here are some possible speedups, sorry if they have already included: 1. If the number of k vaules is small: for sob project there are only 8 k value, in these cases you can precalculate for all 2^8=256 possible subsets the best ratio mod/res. I think I understand what you mean. What I was looking at doing is having a small cache for the values of 2^x (mod p) that are calculated for smallish (i.e. x < 1000). Before calculating the value it simply looks up in a table to see if that value has been calculated before. 2. In big step method you have to generate b,b^2,b^3,b^4,b^5,...,b^u mod p. I generate these by this pseudocode: proth_sieve puts the giant-steps in the hash-table and calculates these values using montgomery multiplication (** well, this is an addition that I have made to the PPC G5 verison by Rogue and myself). An important point to note is that all of this removes the need to calculate any modular inverses at all. 3. If the number of the baby steps is larger than the number of large steps then store the hash values of large steps, otherwise store the hash values of baby steps. Because storing a hash value is slower than a hash lookup, isn't it? proth_sieve tries SPH, if it can't get the answer using SPH it tries a modified BSGS based on SPH, and if SPH didn't produce anything useful it uses normal BSGS. The step sizes are carefully chosen to make sure that it is most efficient. In the G5 PPC version I did have to adjust some of the values as it didn't always pick the optimal multiplier for regular_grange (the size of the large step). 4. It isn't important to use in all cases all small prime(power) divisors of p-1. That would slow down the calculation, what is your method for that? I found this out separately myself. I reduced the size of array holding the p-1 factors down to 2 (from 8) and found that, for SoB+PSP but not Riesel, it was much faster. I've still got to work out why. Is it that SPH is not as efficiently implemented as BSGS, or is it due to cache usage and that an array of 8 32-bit ints pushes other important data out of the cache. 5. I've seen an implementation of powmod. Actually there is a faster method for that: for example you have to calculate x^n mod p, where n has got about 40 bits, by standard method it is required about 40 squaremod and 40/2=20 mulmods. Use sliding window method: Rogue's mulmod and powmod in the G5 PPC version of proth_sieve are astonishingly fast. If the same multiplicand is being used over and over again I use montgomery multiplication, which is even faster for building the bsgs hashes. Hope this helps... |
|
|
|
|
2006-05-05, 10:29
|
#32 | |
|
Jul 2005
18216 Posts |
Quote:
Let's take a simple example (proth numbers):- k=1235, p = 10007 Solving for b=2: we want n where k*2^n+1 = 0 (mod p). Solving the DL (2^n = 7722 mod 10007) we get: n=4030 and since order(2,p) == 5003 we also have n=4030+5003 = 9033 as another solution where n < p. Solving for b=5: we want n where k*5^n+1 = 0 (mod p). Solving the DL (5^n = 7722 mod 10007) we get: n=3446 and order(5,p) == 10006 so there is only one solution with n < p. However, 2^m == 5 (mod 10007) has no solution. |
|
|
|
|
|
2006-05-05, 12:16
|
#33 |
Aug 2002
3×52×7 Posts |
Without getting into the relative merits of the various programs, I would just like to point out that jjsieve currently has a lower limit of p ~ 2*10^4 (16369 to be precise). I haven't had the time to run timing tests, but would welcome someone else to do so.
"proth_sieve just doesn't have the code to handle p < 10^9. Even if it could handle those numbers I'm sure it would be much slower than srsieve over these low ranges." Last fiddled with by Joe O on 2006-05-05 at 12:24 |
|
|
|
 |
| Thread Tools | |
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Very Prime Riesel and Sierpinski k | robert44444uk | Open Projects | 587 | 2016-11-13 15:26 |
| Sierpinski/ Riesel bases 6 to 18 | robert44444uk | Conjectures 'R Us | 139 | 2007-12-17 05:17 |
| Sierpinski/Riesel Base 10 | rogue | Conjectures 'R Us | 11 | 2007-12-17 05:08 |
| Sierpinski / Riesel - Base 23 | michaf | Conjectures 'R Us | 2 | 2007-12-17 05:04 |
| Sierpinski / Riesel - Base 22 | michaf | Conjectures 'R Us | 49 | 2007-12-17 05:03 |
