Use PARI when computing the Tate pairing #36994
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
I'm now not actually convinced that the |
…lliptic curves defined over finite fields
GiacomoPope
changed the title
|
Rather than allow Pari to be used when the field is finite, we now assume that the field is finite for the reduced tate pairing, return a NotImplemented error when the field is not finite and always use Pari for the performance boost. |
GiacomoPope
changed the title
JohnCremona
suggested changes
Jan 9, 2024
| ePQ = pari.elltatepairing(E, P, Q, n) | ||
| # TODO: if n or k is chosen badly, this could error, should we | ||
| # handle this explicitly by ensuring n divides q^k - 1? | ||
| exp = Integer((q**k - 1)/n) |
There was a problem hiding this comment.
I think it is a good idea to check that n divides q^k-1, for example by computing mod(q,n)^k, but only if q has been explicitly supplied and with a suitable error message if the condition fails. So do this test in the code block which computes q perhaps.
|
I have fixed the English in one of the ValueErrors and also added a new check that |
|
Documentation preview for this PR (built with commit d118f1c; changes) is ready! 🎉 |
vbraun
pushed a commit
to vbraun/sage
that referenced
this pull request
Jan 16, 2024
To match `weil_pairing()` this pull request now uses PARI to compute the
non-reduced Tate pairing for elliptic curves over finite fields.
This has been included for efficiency, with PARI offering a significant
performance speed up:
```py
sage: GF(65537^2).inject_variables()
Defining z2
sage: E = EllipticCurve(GF(65537^2), [0,1])
sage: P = E(22, 28891)
sage: Q = E.random_point()
sage: # Old timing
sage: %timeit P.tate_pairing(Q, 7282, 2)
1.4 ms ± 66 µs per loop (mean ± std. dev. of 7 runs, 1,000 loops each)
sage: # New timing
sage: %timeit P.tate_pairing(Q, 7282, 2)
50.8 µs ± 674 ns per loop (mean ± std. dev. of 7 runs, 10,000 loops
each)
```
### 📝 Checklist
<!-- Put an `x` in all the boxes that apply. -->
<!-- If your change requires a documentation PR, please link it
appropriately -->
<!-- If you're unsure about any of these, don't hesitate to ask. We're
here to help! -->
<!-- Feel free to remove irrelevant items. -->
- [x] The title is concise, informative, and self-explanatory.
- [x] The description explains in detail what this PR is about.
- [ ] I have linked a relevant issue or discussion.
- [x] I have created tests covering the changes.
- [x] I have updated the documentation accordingly.
URL: sagemath#36994
Reported by: Giacomo Pope
Reviewer(s): John Cremona
vbraun
pushed a commit
to vbraun/sage
that referenced
this pull request
Jan 16, 2024
To match `weil_pairing()` this pull request now uses PARI to compute the
non-reduced Tate pairing for elliptic curves over finite fields.
This has been included for efficiency, with PARI offering a significant
performance speed up:
```py
sage: GF(65537^2).inject_variables()
Defining z2
sage: E = EllipticCurve(GF(65537^2), [0,1])
sage: P = E(22, 28891)
sage: Q = E.random_point()
sage: # Old timing
sage: %timeit P.tate_pairing(Q, 7282, 2)
1.4 ms ± 66 µs per loop (mean ± std. dev. of 7 runs, 1,000 loops each)
sage: # New timing
sage: %timeit P.tate_pairing(Q, 7282, 2)
50.8 µs ± 674 ns per loop (mean ± std. dev. of 7 runs, 10,000 loops
each)
```
### 📝 Checklist
<!-- Put an `x` in all the boxes that apply. -->
<!-- If your change requires a documentation PR, please link it
appropriately -->
<!-- If you're unsure about any of these, don't hesitate to ask. We're
here to help! -->
<!-- Feel free to remove irrelevant items. -->
- [x] The title is concise, informative, and self-explanatory.
- [x] The description explains in detail what this PR is about.
- [ ] I have linked a relevant issue or discussion.
- [x] I have created tests covering the changes.
- [x] I have updated the documentation accordingly.
URL: sagemath#36994
Reported by: Giacomo Pope
Reviewer(s): John Cremona
vbraun
pushed a commit
to vbraun/sage
that referenced
this pull request
Jan 16, 2024
To match `weil_pairing()` this pull request now uses PARI to compute the
non-reduced Tate pairing for elliptic curves over finite fields.
This has been included for efficiency, with PARI offering a significant
performance speed up:
```py
sage: GF(65537^2).inject_variables()
Defining z2
sage: E = EllipticCurve(GF(65537^2), [0,1])
sage: P = E(22, 28891)
sage: Q = E.random_point()
sage: # Old timing
sage: %timeit P.tate_pairing(Q, 7282, 2)
1.4 ms ± 66 µs per loop (mean ± std. dev. of 7 runs, 1,000 loops each)
sage: # New timing
sage: %timeit P.tate_pairing(Q, 7282, 2)
50.8 µs ± 674 ns per loop (mean ± std. dev. of 7 runs, 10,000 loops
each)
```
### 📝 Checklist
<!-- Put an `x` in all the boxes that apply. -->
<!-- If your change requires a documentation PR, please link it
appropriately -->
<!-- If you're unsure about any of these, don't hesitate to ask. We're
here to help! -->
<!-- Feel free to remove irrelevant items. -->
- [x] The title is concise, informative, and self-explanatory.
- [x] The description explains in detail what this PR is about.
- [ ] I have linked a relevant issue or discussion.
- [x] I have created tests covering the changes.
- [x] I have updated the documentation accordingly.
URL: sagemath#36994
Reported by: Giacomo Pope
Reviewer(s): John Cremona
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
To match
weil_pairing()this pull request now uses PARI to compute the non-reduced Tate pairing for elliptic curves over finite fields.This has been included for efficiency, with PARI offering a significant performance speed up:
📝 Checklist