Advertisement

Journal of Systems Science and Complexity

, Volume 32, Issue 1, pp 205–233 | Cite as

Speeding Up the GVW Algorithm via a Substituting Method

  • Ting Li
  • Yao SunEmail author
  • Zhenyu Huang
  • Dingkang Wang
  • Dongdai Lin
Article
First Online:

Abstract

The GVW algorithm is an efficient signature-based algorithm for computing Gröbner bases. In this paper, the authors consider the implementation of the GVW algorithm by using linear algebra, and speed up GVW via a substituting method. As it is well known that, most of the computing time of a Gröbner basis is spent on reductions of polynomials. Thus, linear algebraic techniques, such as matrix operations, have been used extensively to speed up the implementations. Particularly, one-direction (also called signature-safe) reduction is used in signature-based algorithms, because polynomials (or rows in matrices) with larger signatures can only be reduced by polynomials (rows) with smaller signatures. The authors propose a new method to construct sparser matrices for signature-based algorithms via a substituting method. Specifically, instead of only storing the original polynomials in GVW, the authors also record many equivalent but sparser polynomials at the same time. In matrix construction, denser polynomials are substituted by sparser equivalent ones. As the matrices get sparser, they can be eliminated more efficiently. Two specifical algorithms, Block-GVW and LMGVW, are presented, and their combination is the Sub-GVW algorithm. The correctness of the new proposed method is proved, and the experimental results demonstrate the efficiency of this new method.

Keywords

Gröbner basis GVW signature-based algorithm time-memory tradeoff 
This is a preview of subscription content, log in to check access.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. [1]
    Buchberger B, Ein Algorithmus zum auffinden der Basiselemente des Restklassenringes nach einem nulldimensionalen Polynomideal (An algorithm for finding the basis elements of the residue class ring of a zero dimensional polynomial ideal), PhD thesis, University of Innsbruck, Innsbruck, Austria, 1965; English translation in Journal of Symbolic Computation, 2006, 41(3–4): 475–511.MathSciNetGoogle Scholar
  2. [2]
    Lazard D, Gröbner bases, Gaussian elimination and resolution of systems of algebraic equations, Proc. EUROCAL’83, Lect. Notes in Comp. Sci., 1983, 162: 146–156.CrossRefGoogle Scholar
  3. [3]
    Faugère J C, A new effcient algorithm for computing Gröbner bases (F 4), J. Pure Appl. Algebra, 1999, 139(1–3): 61–88.MathSciNetCrossRefzbMATHGoogle Scholar
  4. [4]
    Courtois N, Klimov A, Patarin J, et al., Efficient algorithms for solving overdefined systems of multivariate polynomial equations, Proc. of EUROCRYPT’00, Lect. Notes in Comp. Sci., 2000, 1807: 392–407.CrossRefzbMATHGoogle Scholar
  5. [5]
    Ding J, Buchmann J, Mohamed M S E, et al., Mutant XL, Proc. SCC’08, 2008, 16–22.Google Scholar
  6. [6]
    Faugère J C, A new effcient algorithm for computing Gröbner bases without reduction to zero (F 5), Proc. ISSAC’02, ACM Press, 2002, 75–82, Revised version downloaded from fgbrs. lip6.fr/jcf/Publications/index.html.Google Scholar
  7. [7]
    Eder C and Perry J, F5C: A variant of Faugère’s F5 algorithm with reduced Gröbner bases, J. Symb. Comput., 2010, 45(12): 1442–1458.CrossRefzbMATHGoogle Scholar
  8. [8]
    Hashemi A and Ars G, Extended F5 criteria, J. Symb. Comput., 2010, 45(12): 1330–1340.CrossRefzbMATHGoogle Scholar
  9. [9]
    Arri A and Perry J, The F5 criterion revised, J. Symb. Comput., 2011, 46: 1017–1029.MathSciNetCrossRefzbMATHGoogle Scholar
  10. [10]
    Eder C and Roune B H, Signature rewriting in Gröbner basis computation, Proc. ISSAC’13, ACM Press, New York, USA, 2013, 331–338.Google Scholar
  11. [11]
    Gao S H, Guan Y H, and Volny F, A new incremental algorithm for computing Gröbner bases, Proc. ISSAC’10, ACM Press, New York, USA, 2010, 13–19.Google Scholar
  12. [12]
    Gao S H, Volny F, and Wang M S, A new framework for computing Gröbner bases, Mathematics of Computation, 2016, 85(297): 449–465.MathSciNetCrossRefzbMATHGoogle Scholar
  13. [13]
    Sun Y and Wang D K, A generalized criterion for signature related Gröbner basis algorithms, Proc. ISSAC’11, ACM Press, 2011, 337–344.Google Scholar
  14. [14]
    Sun Y, Wang D K, Ma D X, et al., A signature-based algorithm for computing Gröbner bases in solvable polynomial algebras, Proc. ISSAC’12, ACM Press, 2012, 351–358.Google Scholar
  15. [15]
    Boyer B, Eder C, Faugère J, et al., GBLA: Gröbner basis linear algebra package, ACM on International Symposium on Symbolic and Algebraic Computation, 2016.Google Scholar
  16. [16]
    Faugère J C and Lachartre S, Parallel Gaussian elimination for Gröbner bases computations in finite fields, Proc. PASCO, ACM Press, 2010, 89–97.Google Scholar
  17. [17]
    Albrecht M and Perry J, F4/5, Preprint, arXiv: 1006.4933v2 [math.AC], 2010.Google Scholar
  18. [18]
    Bardet M, Faugère J C, and Salvy B, On the complexity of the F5 Gröbner basis algorithm, arXiv: 1312.1655, 2013.zbMATHGoogle Scholar
  19. [19]
    Faugère J C and Rahmany S, Solving systems of polynomial equations with symmetries using SAGBI-Gröbner bases, Proc. ISSAC’09, ACM Press, New York, USA, 2009, 151–158.Google Scholar
  20. [20]
    Roune B H and Stillman M, Practical Gröbner basis computation, Proc. ISSAC’12, ACM Press, 2012.Google Scholar
  21. [21]
    Boyer B, Eder C, Faugère J C, et al., GBLA: Gröbner basis linear algebra package, International Symposium on Symbolic and Algebraic Computation, 2016, 135–142.CrossRefGoogle Scholar
  22. [22]
    Sun Y, Lin D D, and Wang D K, An improvement over the GVW algorithm for inhomogeneous polynomial systems, Finite Fields and Their Applications, 2016, 41: 174–192.MathSciNetCrossRefzbMATHGoogle Scholar
  23. [23]
    Albrecht M and Bard G, The M4RI Library — Version 20130416, 2013, http://m4ri.sagemath.org.Google Scholar
  24. [24]
    Sun Y, Lin D D, and Wang D K, On implementing the symbolic preprocessing function over Boolean polynomial rings in Gröbner basis algorithms using linear algebra, Journal of Systems Science and Complexity, 2016, 29(3): 789–804.MathSciNetCrossRefzbMATHGoogle Scholar
  25. [25]
    Courtois N, Benchmarking algebraic, logical and constraint solvers and study of selected hard problems, 2013, http://www.cryptosystem.net/aes/hardproblems.html.Google Scholar
  26. [26]
    Bogdanov A, Knudsen L R, Leander G, et al., Present: An ultra-lightweight block cipher, Cryptographic Hardware and Embedded Systems — CHES, Springer, Berlin Heidelberg, 2007, 450–466.Google Scholar
  27. [27]
    Borghoff J, Knudsen L R, Leander G, et al., Slender-set differential cryptanalysis, Journal of Cryptology, 2013, 26(1): 11–38.MathSciNetCrossRefzbMATHGoogle Scholar
  28. [28]
    Liu G Q and Jin C H, Differential cryptanalysis of PRESENT-like cipher, Designs, Codes and Cryptography, 2015, 76(3): 385–408.MathSciNetCrossRefzbMATHGoogle Scholar
  29. [29]
    Cannière C De, Trivium: A stream cipher construction inspired by block cipher design principles, International Conference on Information Security, Springer Berlin Heidelberg, 2006, 171–186.CrossRefGoogle Scholar
  30. [30]
    Huang Z and Lin D, Attacking bivium and trivium with the characteristic set method, Progress in Cryptology — AFRICACRYPT 2011, LNCS, 2011, 6737: 77–91.zbMATHGoogle Scholar
  31. [31]
    Eibach T and Völkel G, Optimising Gröbner bases on Bivium, Mathematics in Computer Science 2010, 3(2): 159–172.MathSciNetCrossRefzbMATHGoogle Scholar
  32. [32]
    Huang Z and Lin D, A new method for solving polynomial systems with noise over F22 and its applications in cold boot key recovery, Selected Areas in Cryptography, LNCS 7707, Windsor, Canada, 2013, 16–33.CrossRefGoogle Scholar
  33. [33]
    Faugère J C and Ars G, An algebraic cryptanalysis of nonlinear filter generators using Gröbner bases, TR No. 4739, INRIA, 2003.Google Scholar
  34. [34]
    Gao X S and Huang Z, Characteristic set algorithms for equation solving in finite fields, Journal of Symbolic Computation, 2012, 47(6): 655–679.MathSciNetCrossRefzbMATHGoogle Scholar
  35. [35]
    Buchberger B, A criterion for detecting unnecessary reductions in the construction of Gröbner basis, Proceedings of EUROSAM’79, Lect. Notes in Comp. Sci., Springer, Berlin, 1979, 72: 3–21.zbMATHGoogle Scholar
  36. [36]
    Eder C, An analysis of inhomogeneous signature-based Gröbner basis computations, J. Symb. Comput., 2013, 59: 21–35.CrossRefzbMATHGoogle Scholar
  37. [37]
    Gao S H, Volny F, and Wang M S, A new algorithm for computing Gröbner bases, Cryptology ePrint Archive, Report 2010/641, 2010.Google Scholar

Copyright information

© Institute of Systems Science, Academy of Mathematics and Systems Science, Chinese Academy of Sciences and Springer-Verlag GmbH Germany, part of Springer Nature 2019

Authors and Affiliations

  • Ting Li
    • 1
    • 2
  • Yao Sun
    • 1
    Email author
  • Zhenyu Huang
    • 1
  • Dingkang Wang
    • 3
    • 4
  • Dongdai Lin
    • 1
  1. 1.SKLOIS, Institute of Information EngineeringChinese Academy of SciencesBeijingChina
  2. 2.School of Cyber SecurityUniversity of Chinese Academy of SciencesBeijingChina
  3. 3.KLMM, Academy of Mathematics and Systems ScienceChinese Academy of SciencesBeijingChina
  4. 4.School of Mathematical SciencesUniversity of Chinese Academy of SciencesBeijingChina

Personalised recommendations

Cite article

Buy options