Блог пользователя simonlindholm

Автор simonlindholm, история, 4 года назад, По-английски

I wrote an article/blog about how to do fast modular multiplication:

https://simonlindholm.github.io/files/bincoef.pdf

tl;dr:

  • avoid latency-bound loops
  • dynamic modulus is slow, constant modulus is fast
  • if you perform many multiplications with the same dynamic modulus, you can do what the compiler does and use Barrett reduction (involves some precomputation)
  • it is actually possible to beat the compiler if you accept a result in [0, 2*MOD):
uint64_t reduce(uint64_t a) {
  return a - (uint64_t)((__uint128_t(-1ULL / MOD) * a) >> 64) * MOD;
}

Same goes for addition and subtraction: if you can live with a result in [0, 2*MOD), just do a + b or a - b + MOD and skip the range correction that brings the result into [0, MOD). Delay modular reductions far as possible, ideally combining them with multiplications. While being mindful of overflows, of course.

  • on 32-bit, use Montgomery multiplication instead, to avoid __uint128_t
  • if really desperate, combine Montgomery multiplication with SIMD; this runs 3x faster than Barrett reduction when AVX2 is available
  • for larger numbers (e.g. multiplication of 64-bit numbers), use floating-point based methods
  • Проголосовать: нравится
  • +166
  • Проголосовать: не нравится

»
4 года назад, # |
  Проголосовать: нравится +3 Проголосовать: не нравится

Very interesting! It will take me some time to assimilate all of this. Thank you for sharing.