小多项式乘法

小多项式乘法

计算

\[\boldsymbol{c \vec{s} }, \boldsymbol{c\vec{e} },\boldsymbol{c \vec{t_0}}, \boldsymbol{c \vec{t_1}} \]

。其中c无穷范数1， s, e无穷范数2.

基于索引的小多项式乘法

令 \(\mathbf{c}=\sum_{i=0}^{n-1} c_i \cdot x^i \in B_\tau, \mathbf{a}=\) \(\sum_{i=0}^{n-1} a_i \cdot x^i \in \mathcal{R}_q\), 则 \(\mathbf{u}=\mathbf{c} \cdot \mathbf{a} \in \mathcal{R}_q\). 因此, 对于 \(\mathbf{u}=\) \(\sum_{i=0}^{n-1} u_i \cdot x^i\), 则有

\[\begin{aligned} u_i & =\sum_{j=0}^i c_j \cdot a_{i-j}-\sum_{j=i+1}^{n-1} c_j \cdot a_{n+i-j} \\ & =\sum_{j=0}^i c_j \cdot a_{i-j}+\sum_{j=i+1}^{n-1} c_j \cdot\left(-a_{n+i-j}\right) . \end{aligned} \]

算法1：

\[\begin{aligned} & \text { Input: } \mathbf{c}=\sum_{i=0}^{n-1} c_i \cdot x^i \in B_\tau, \mathbf{a}=\sum_{i=0}^{n-1} a_i \cdot x^i \in \mathcal{R}_q \\ & \text { Output: } \mathbf{u}=\mathbf{c} \cdot \mathbf{a} \in \mathcal{R}_q \\ & \text { 1: for } i \in\{0,1, \cdots, 2 n-2\} \text { do } \\ & \text { 2: } \quad w_i:=0 \\ & \text { 3: end for } \\ & \text { 4: for } i \in\{0,1, \cdots, n-1\} \text { do } \\ & \text { 5: if } c_i=1 \text { then } \\ & \text { 6: for } j \in\{0,1, \cdots, n-1\} \text { do } \\ & \text { 7: } \quad w_{i+j}:=w_{i+j}+a_j \\ & \text { 8: } \quad \text { end for } \\ & \text { 9: end if } \\ & \text { 10: if } c_i=-1 \text { then } \\ & \text { 11: } \quad \text { for } j \in\{0,1, \cdots, n-1\} \text { do } \\ & \text { 12: } \quad w_{i+j}:=w_{i+j}-a_j \\ & \text { 13: } \quad \text { end for } \\ & \text { 14: end if } \\ & \text { 15: end for } \\ & \text { 16: for } i \in\{0,1, \cdots, n-1\} \text { do } \\ & \text { 17: } \quad u_i:=w_i-w_{i+n}(\bmod q) \\ & \text { 18: end for } \\ & \text { 19: } \mathbf{u}:=\sum_{i=0}^{n-1} u_i \cdot x^i \\ & \text { 20: } \text { return } \mathbf{u} \end{aligned} \]

定义序列\(v_{1-n}, v_{2-n}, ... , v_{-1}, v_0, v_1, ..., v_{n - 2}, v_{n-1}\) ，

其中

\[ v_i=\left\{\begin{array}{ll} a_i, & \text { if } 0 \leq i \leq n-1 \\ -a_{n+i}, & \text { if } 1-n \leq i \leq-1 \end{array} .\right. \]

则\(u_i\)计算公式变为

\[\begin{aligned} u_i & =\sum_{j=0}^i c_j \cdot v_{i-j}+\sum_{j=i+1}^{n-1} c_j \cdot\left(-v_{n+i-j}\right) \\ & =\sum_{j=0}^i c_j \cdot v_{i-j}+\sum_{j=i+1}^{n-1} c_j \cdot v_{i-j} \\ & =\sum_{j=0}^{n-1} c_j \cdot v_{i-j} . \end{aligned} \]

。

通过偏移使算法非负

将数列\(v_i\)的每个系数加上U，其中U为乘数的无穷范数。

算法3：

\[\begin{aligned} & \text { Input: } \mathbf{c}=\sum_{i=0}^{n-1} c_i \cdot x^i \in B_\tau, \mathbf{a}=\sum_{i=0}^{n-1} a_i \cdot x^i \in \mathcal{R}_q \\ & \text { Output: } \mathbf{u}=\mathbf{c} \cdot \mathbf{a} \in \mathcal{R}_q \\ & \text { for } i \in\{0,1, \cdots, n-1\} \text { do } \\ & w_i:=0 \\ & v_i:=U+a_i \\ & v_{i-n}:=U-a_i \\ & \text { end for } \\ & \text { for } i \in\{0,1, \cdots, n-1\} \text { do } \\ & \text { if } c_i=1 \text { then } \\ & \text { for } j \in\{0,1, \cdots, n-1\} \text { do } \\ & w_j:=w_j+v_{j-i} \\ & \text { end for } \\ & \text { end if } \\ & \text { if } c_i=-1 \text { then } \\ & \text { for } j \in\{0,1, \cdots, n-1\} \text { do } \\ & w_j:=w_j+\left(2 U-v_{j-i}\right) \\ & \text { end for } \\ & \text { end if } \\ & \text { end for } \\ & \text { for } i \in\{0,1, \cdots, n-1\} \text { do } \\ & u_i:=w_i-\tau U(\bmod q) \\ & \text { end for } \\ & \mathbf{u}:=\sum^{n-1} u_i \cdot x^i \\ & \end{aligned} \]

其中\(0 < w_i < 2\tau U\)，对于\(\vec{s} , 和 \vec{e}\)，\(\tau = 39, U = 2\)。

小多项式的并行算法

给定4个非负整数\(0\leq a_0, b_0, a_1, b_1 \leq \alpha\)， 求\(a = a_0 + a_1, b = b_0 + b_1\)。

可令\(v_0 = a_0 * M + b_0\), \(v1 = a_1 * M + b_1\)， 则$a = \lfloor (v_0 + v_1) / M \rfloor \(，\)b =(v_0 + v_1) \bmod M $.

算法4：

Input: \((\mathbf{c}, \overrightarrow{\mathbf{a}})\), where

• \(\mathbf{c}=\sum_{i=0}^{n-1} c_i \cdot x^i \in B_\tau ;\)
• \(\overrightarrow{\mathbf{a}}=\left\{\mathbf{a}^{(j)}\right\} \in \mathcal{R}_q^r\);
• Every \(\mathbf{a}^{(j)}=\sum_{i=0}^{n-1} a_i^{(j)} \cdot x^i \in \mathcal{R}_q\);
• Every \(a_i^{(j)} \in\{-U, \cdots, U\}\)
  Output: \(\overrightarrow{\mathbf{u}}=\left[\mathbf{u}^{(0)}, \cdots, \mathbf{u}^{(r-1)}\right]^T \in \mathcal{R}_q^r\), where
• \(\mathbf{u}^{(j)}=\mathbf{c} \cdot \mathbf{a}^{(j)} \in \mathcal{R}_q ;\)
  \(\begin{array}{ll}1: & \text { for } i \in\{0,1, \cdots, n-1\} \text { do } \\ \text { 2: } & w_i:=0 \\ 3: & v_i:=0 \\ 4: & v_{i-n}:=0 \\ 5: & \text { for } j=0 \text { to } r-1 \text { do } \\ 6: & v_i:=v_i \cdot M+\left(U+a_i^{(j)}\right) \\ 7: & v_{i-n}:=v_{i-n} \cdot M+\left(U-a_i^{(j)}\right)\end{array}\)
  8: end for
  9: end for
  10: \(\gamma:=2 U \cdot \frac{M^r-1}{M-1}\)
  \(\gamma:=2 U \cdot \frac{M^r-1}{M-1}\)
  11: for \(i \in\{0,1, \cdots, n-1\}\) do
  12: if \(c_i=1\) then
  13: \(\quad\) for \(j \in\{0,1, \cdots, n-1\}\) do
  14: \(\quad w_j:=w_j+v_{j-i}\)
  15: end for
  16: end if
  17: if \(c_i=-1\) then
  18: for \(j \in\{0,1, \cdots, n-1\}\) do
  19: \(\quad w_j:=w_j+\left(\gamma-v_{j-i}\right)\)
  \(\Delta \gamma=2 U \cdot \frac{\Lambda}{2}\)
  20: end for
  21: end if
  22: end for
  23: for \(i \in\{0,1, \cdots, n-1\}\) do
  24: \(t:=w_i\)
  25: for \(j=0\) to \(r-1\) do
  26: \(u_i^{(r-1-j)}:=(t \bmod M)-\tau U(\bmod q)\)
  27: \(t:=\lfloor t / M\rfloor\)
  28: end for
  29: end for
  30: for \(j \in\{0,1, \cdots, r-1\}\) do
  31: \(\quad \mathbf{u}^{(j)}:=\sum_{i=0}^{n-1} u_i^{(j)} \cdot x^i\)
  32: end for
  33: \(\overrightarrow{\mathbf{u}}:=\left[\mathbf{u}^{(0)}, \cdots, \mathbf{u}^{(r-1)}\right]^T\)