Commit d770bd15 authored by MASSON Simon's avatar MASSON Simon
Browse files

formulas cost miller, still some todos...

parent 4c3ee547
......@@ -37,6 +37,9 @@ def densexsparse_m6(k):
assert k%6==0
return 13*cost_m(k//6) # aurore thesis
#SIMON
SIMON = True
def densexsparse_m8(k):
assert k%8==0
return 8*cost_m(k//4) # ??????????????????????BarDuq18???
......@@ -336,8 +339,11 @@ def millerLoopCost(C):
cost_update1 = cost_s(k)+densexsparse_m8(k)
cost_update2 = densexsparse_m8(k)
if name == 'KSS16' : # extra partial add and partial double + 3 frob and 2 multiplications
miller_fixup = 5*cost_m(k//4) + cost_s(k//4) + k * cost_m(1)
miller_fixup += 3*cost_f(k) + 2*sparse_m16
if SIMON:
miller_fixup = (2*cost_m(k//4)) + (4*cost_m(k//4) + 8*cost_m(1)) + (cost_m(k//4) + cost_s(k//4) + 8*cost_m(1)) + cost_f(16) + (2*2*cost_m(k//4))
else :
miller_fixup = 5*cost_m(k//4) + cost_s(k//4) + k * cost_m(1)
miller_fixup += 3*cost_f(k) + 2*sparse_m16
elif k == 12 and D == 3:
cost_doubleline = 3*cost_m(k//6) + 6*cost_s(k//6) + (k//3)*cost_m(1)
cost_addline = 11*cost_m(k//6) + 2*cost_s(k//6) + (k//3)*cost_m(1)
......@@ -352,7 +358,7 @@ def millerLoopCost(C):
miller_fixup = 4*cost_f(k) + \
+ cost_addline + \
+ 4*cost_m(k//6) + 4*cost_m(1) + \
+ 2*sparse_m12
+ 2*sparse_m12
elif k == 1:
cost_addline=None
cost_doubleline=None
......@@ -406,7 +412,14 @@ def finalExpoCost(C):
#BN_expo_z = 4*(114 - 1)*cost_m(2) + (6*3 - 3)*cost_m(2) + 3*cost_m(12) + 3*3*cost_s(2) + cost_i(2)
BN_expo_z = 4*(logT - 1)*cost_m(2) + (6*(HwT-1) - 3)*cost_m(2) + (HwT-1)*cost_m(12) + 3*(HwT-1)*cost_s(2) + cost_i(2)
#BarDuq says 114*compr_s12 + 3* cost_m(12) + (i + (24*4 - 5)*cost_m(1))
tot_expo = cost_i(12) + 12*cost_m(12) + 3*cyclo_s12 + 4* cost_f(12) + 3*BN_expo_z
if SIMON :
# first part
tot_expo = (cost_i(12) + cost_m(12)) + (5*cost_m(2) + cost_m(12))
# second part
tot_expo += 3*BN_expo_z + 3*cyclo_s12 + 10 * cost_m(12) + 4*cost_f(12)
# difference of 5m2 which is neglected in the papers.
else :
tot_expo = cost_i(12) + 12*cost_m(12) + 3*cyclo_s12 + 4* cost_f(12) + 3*BN_expo_z
return tot_expo(m=1,s=1,inv=25)
elif name == 'BLS12':
T = C.u()
......@@ -416,11 +429,26 @@ def finalExpoCost(C):
BLS_expo_z = 4*(logT - 1)*cost_m(2)+ (6*(HwT-1) - 3)*cost_m(2) + (HwT-1)*cost_m(12) + 3*(HwT-1)*cost_s(2) + cost_i(2)
#4*(log(u)-1)*m_i + (6*hw(u) - 3) *m_i + hw(u) * m_{6i} + 3*hw(u) * s_i + 1*I_i
#BarDuq says 77*compr_s12 + 2*cost_m(12) + (i + (24*3 - 5)*cost_m(1))
tot_expo = cost_i(12) + 12*cost_m(12) + 2*cyclo_s12 + 4*cost_f(12) + 5*BLS_expo_z
if SIMON:
# first part
tot_expo = (cost_i(12) + cost_m(12)) + (5*cost_m(2) + cost_m(12))
# second part
tot_expo += 5*BLS_expo_z + 10*cost_m(12) + 3*cost_f(12) + 2*cyclo_s12
# difference of one frobenius...
else :
tot_expo = cost_i(12) + 12*cost_m(12) + 2*cyclo_s12 + 4*cost_f(12) + 5*BLS_expo_z
return tot_expo(m=1,s=1,inv=25)
elif name == 'KSS16':
KSS16_expo_z = 34*cyclo_s16 + 4*cost_m(16)
tot_expo = 34*cyclo_s16 + 32*cost_m(16)+24*cost_m(4)+8*cost_f(16)+cost_i(16) + 9*KSS16_expo_z
#TODO Verify these formulas...
if SIMON:
KSS16_expo_zp1 = 34*cyclo_s16 + 4*cost_m(16)
# first part
tot_expo = cost_i(16) + cost_m(16)
# second part
tot_expo += 7*KSS16_expo_z + 2*KSS16_expo_zp1 + 16*cyclo_s16 + 33 * cost_m(16) + (8*cost_m(16)) + (92 * cost_m(16))
else :
tot_expo = 34*cyclo_s16 + 32*cost_m(16)+24*cost_m(4)+8*cost_f(16)+cost_i(16) + 9*KSS16_expo_z
return tot_expo(m=1,s=1,inv=25)
if not isinstance(C, CocksPinchVariantResult):
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment