Révision 212 pobysoPythonSage/src/sageSLZ/sageSLZ.sage
| sageSLZ.sage (revision 212) | ||
|---|---|---|
| 230 | 230 |
return ccReducedPolynomialsList |
| 231 | 231 |
# End slz_compute_coppersmith_reduced_polynomials |
| 232 | 232 |
|
| 233 |
def slz_compute_coppersmith_reduced_polynomials_with_lattice_volume(inputPolynomial, |
|
| 234 |
alpha, |
|
| 235 |
N, |
|
| 236 |
iBound, |
|
| 237 |
tBound): |
|
| 238 |
""" |
|
| 239 |
For a given set of arguments (see below), compute a list |
|
| 240 |
of "reduced polynomials" that could be used to compute roots |
|
| 241 |
of the inputPolynomial. |
|
| 242 |
Print the volume of the initial basis as well. |
|
| 243 |
INPUT: |
|
| 244 |
|
|
| 245 |
- "inputPolynomial" -- (no default) a bivariate integer polynomial; |
|
| 246 |
- "alpha" -- the alpha parameter of the Coppersmith algorithm; |
|
| 247 |
- "N" -- the modulus; |
|
| 248 |
- "iBound" -- the bound on the first variable; |
|
| 249 |
- "tBound" -- the bound on the second variable. |
|
| 250 |
|
|
| 251 |
OUTPUT: |
|
| 252 |
|
|
| 253 |
A list of bivariate integer polynomial obtained using the Coppersmith |
|
| 254 |
algorithm. The polynomials correspond to the rows of the LLL-reduce |
|
| 255 |
reduced base that comply with the Coppersmith condition. |
|
| 256 |
""" |
|
| 257 |
# Arguments check. |
|
| 258 |
if iBound == 0 or tBound == 0: |
|
| 259 |
return None |
|
| 260 |
# End arguments check. |
|
| 261 |
nAtAlpha = N^alpha |
|
| 262 |
## Building polynomials for matrix. |
|
| 263 |
polyRing = inputPolynomial.parent() |
|
| 264 |
# Whatever the 2 variables are actually called, we call them |
|
| 265 |
# 'i' and 't' in all the variable names. |
|
| 266 |
(iVariable, tVariable) = inputPolynomial.variables()[:2] |
|
| 267 |
#print polyVars[0], type(polyVars[0]) |
|
| 268 |
initialPolynomial = inputPolynomial.subs({iVariable:iVariable * iBound,
|
|
| 269 |
tVariable:tVariable * tBound}) |
|
| 270 |
## polynomialsList = \ |
|
| 271 |
## spo_polynomial_to_polynomials_list_8(initialPolynomial, |
|
| 272 |
## spo_polynomial_to_polynomials_list_5(initialPolynomial, |
|
| 273 |
polynomialsList = \ |
|
| 274 |
spo_polynomial_to_polynomials_list_5(initialPolynomial, |
|
| 275 |
alpha, |
|
| 276 |
N, |
|
| 277 |
iBound, |
|
| 278 |
tBound, |
|
| 279 |
0) |
|
| 280 |
#print "Polynomials list:", polynomialsList |
|
| 281 |
## Building the proto matrix. |
|
| 282 |
knownMonomials = [] |
|
| 283 |
protoMatrix = [] |
|
| 284 |
for poly in polynomialsList: |
|
| 285 |
spo_add_polynomial_coeffs_to_matrix_row(poly, |
|
| 286 |
knownMonomials, |
|
| 287 |
protoMatrix, |
|
| 288 |
0) |
|
| 289 |
matrixToReduce = spo_proto_to_row_matrix(protoMatrix) |
|
| 290 |
matrixToReduceTranspose = matrixToReduce.transpose() |
|
| 291 |
squareMatrix = matrixToReduce * matrixToReduceTranspose |
|
| 292 |
squareMatDet = det(squareMatrix) |
|
| 293 |
latticeVolume = sqrt(squareMatDet) |
|
| 294 |
print "Lattice volume:", latticeVolume.n() |
|
| 295 |
print "Lattice volume / N:", (latticeVolume/N).n() |
|
| 296 |
#print matrixToReduce |
|
| 297 |
## Reduction and checking. |
|
| 298 |
## S.T. changed 'fp' to None as of Sage 6.6 complying to |
|
| 299 |
# error message issued when previous code was used. |
|
| 300 |
#reducedMatrix = matrixToReduce.LLL(fp='fp') |
|
| 301 |
reductionTimeStart = cputime() |
|
| 302 |
reducedMatrix = matrixToReduce.LLL(fp=None) |
|
| 303 |
reductionTime = cputime(reductionTimeStart) |
|
| 304 |
print "Reduction time:", reductionTime |
|
| 305 |
isLLLReduced = reducedMatrix.is_LLL_reduced() |
|
| 306 |
if not isLLLReduced: |
|
| 307 |
return None |
|
| 308 |
monomialsCount = len(knownMonomials) |
|
| 309 |
monomialsCountSqrt = sqrt(monomialsCount) |
|
| 310 |
#print "Monomials count:", monomialsCount, monomialsCountSqrt.n() |
|
| 311 |
#print reducedMatrix |
|
| 312 |
## Check the Coppersmith condition for each row and build the reduced |
|
| 313 |
# polynomials. |
|
| 314 |
ccReducedPolynomialsList = [] |
|
| 315 |
for row in reducedMatrix.rows(): |
|
| 316 |
l2Norm = row.norm(2) |
|
| 317 |
if (l2Norm * monomialsCountSqrt) < nAtAlpha: |
|
| 318 |
#print (l2Norm * monomialsCountSqrt).n() |
|
| 319 |
#print l2Norm.n() |
|
| 320 |
ccReducedPolynomial = \ |
|
| 321 |
slz_compute_reduced_polynomial(row, |
|
| 322 |
knownMonomials, |
|
| 323 |
iVariable, |
|
| 324 |
iBound, |
|
| 325 |
tVariable, |
|
| 326 |
tBound) |
|
| 327 |
if not ccReducedPolynomial is None: |
|
| 328 |
ccReducedPolynomialsList.append(ccReducedPolynomial) |
|
| 329 |
else: |
|
| 330 |
#print l2Norm.n() , ">", nAtAlpha |
|
| 331 |
pass |
|
| 332 |
if len(ccReducedPolynomialsList) < 2: |
|
| 333 |
print "Less than 2 Coppersmith condition compliant vectors." |
|
| 334 |
return () |
|
| 335 |
#print ccReducedPolynomialsList |
|
| 336 |
return ccReducedPolynomialsList |
|
| 337 |
# End slz_compute_coppersmith_reduced_polynomials_with_lattice volume |
|
| 338 |
|
|
| 233 | 339 |
def slz_compute_integer_polynomial_modular_roots(inputPolynomial, |
| 234 | 340 |
alpha, |
| 235 | 341 |
N, |
Formats disponibles : Unified diff