Fast Polynomials Multiplication Using FFT
Li Chen
lichen.xd at gmail.com
Xidian University
January 17, 2014
Fast Polynomials Multiplication Using FFT
Outline
1 Discrete Fourier Transform (DFT)
2 Discrete Convolution
3 Fast Fourier Transform (FFT)
4 Number Theoretic Transform (NTT)
5 More Optimize & Application Scenario
Li Chen
k
Xidian University
2/18
Fast Polynomials Multiplication Using FFT
References
[1] Doz Dr A Schönhage and Volker Strassen. Schnelle multiplikation grosser zahlen.
Computing, 7(3-4):281–292, 1971.
[2] Martin Fürer. Faster integer multiplication. In Proceedings of the thirty-ninth annual
ACM symposium on Theory of computing, pages 57–66. ACM, 2007.
[3] Martin Fürer. Faster integer multiplication. SIAM Journal on Computing, 39(3):979–
1005, 2009.
[4] Anindya De, Piyush P Kurur, Chandan Saha, and Ramprasad Saptharishi. Fast integer
multiplication using modular arithmetic. In Proceedings of the 40th annual ACM
symposium on Theory of computing, pages 499–506. ACM, 2008.
[5] Anindya De, Piyush P Kurur, Chandan Saha, and Ramprasad Saptharishi. Fast integer
multiplication using modular arithmetic. SIAM Journal on Computing, 42(2):685–699,
2013.
Claim: Our slides are based on reference [1], [2], [3], [4], [5].
Li Chen
k
Xidian University
3/18
Discrete Fourier Transform
Fast Polynomials Multiplication Using FFT
1 Discrete Fourier Transform (DFT)
Definition 1.1 (Discrete Fourier Transform (DFT)) Let X = (x0 , x1 , · · · , xN −1 ) be a
N -length sequence, the discrete fourier transform of X is defined as a N -length sequences
F (X) = (f1 , f2 , · · · , fN ), where
N −1
fk =
X
nk
xn ωN
, k = 0, 1, · · · , N − 1.
n=0
where ωN is the a principal N th root of unity in a ring R (with unity).
Li Chen
k
Xidian University
4/18
Discrete Fourier Transform
Fast Polynomials Multiplication Using FFT
Note1: Let R is a ring with unity, α ∈ R is called a principal N th root of unity, if
αN = 1
and
N −1
X
αkn = 0, 1 ≤ k < N.
(1)
n=0
Note2: If R is a integral domain, it is sufficient to choose α as a primitive N th root of
unity, which replaces the condition (1) by
αk 6= 1, 1 ≤ k < N.
Proof:
Take β = αk , 1 ≤ k < N , since αN = 1, β N = αkN = 1, thus we have
N −1
β N − 1 = (β − 1)
P
n=1
Li Chen
(2)
k
Xidian University
N −1
β n = 0, which implies
P
β n = 0.
n=1
5/18
Discrete Fourier Transform
Fast Polynomials Multiplication Using FFT
Theorem 1.2 (Inverse of Discrete Fourier Transform (IDFT)) Let X = (x0 , x1 , · · · , xN −1 )
be a N -length sequence, F (X) = (f1 , f2 , · · · , fN ) is the discrete fourier transform of X,
then
xn =
N −1
1 X
−kn
, k = 0, 1, · · · , N − 1.
fk ω N
N
k=0
1
where ωN is the a principal N -th root of unity in a ring R, and N
is multiplicative inverse
of N in R (if this inverse does not exist, the DFT cannot be inverted).
Proof
Li Chen
k
Xidian University
6/18
Discrete Fourier Transform
Fast Polynomials Multiplication Using FFT
N −1
N −1 N −1
1 X X
1 X
jk
−kn
−kn
=
xj ωN
ωN
fk ω N
N
N
k=0
k=0
j=0
N −1 N −1
=
1 XX
N
(j−n)k
xj ωN
k=0 j=0
N −1
=
N −1
X (j−n)k
1 X
xj
ωN
N
j=0
k=0
N −1
=
N −1
X
1
1 X X (j−n)k
0
ωN
xn
ωN
+
xj
N
N
k=0
j6=n
k=0
= xn + 0
Li Chen
k
Xidian University
7/18
Discrete Convolution
Fast Polynomials Multiplication Using FFT
2 Discrete Convolution
Definition 2.1 (Acyclic Convolution) Let X = (x0 , x1 , · · · , xN −1 ), Y = (y0 , y1 , · · · , yN −1 )
be two N -length sequences, then the acyclic convolution or linear convolution is defined as a
2N + 1-length sequences Z = (z0 , z1 , · · · , z2(N −1) ), where
j+k=i
zi =
X
xj yk , i = 0, 1, · · · , 2(N − 1).
j∈[0,N −1]
k∈[0,N −1]
And the cyclic convolution or wrapped convolution is defined as a N -length sequences
Z̃ = (z̃0 , z̃1 , · · · , z̃N −1 ), where
z̃i = zi + zi+N , i = 0, 1, · · · , N − 1, (pad z2N −1 = 0).
or equivalent,
N −1
z̃i =
X
xj yi−j , i = 0, 1, · · · , N − 1, (y−k = yN −k , k = 0, 1, · · · , N − 1).
j=0
Li Chen
k
Xidian University
8/18
Discrete Convolution
Fast Polynomials Multiplication Using FFT
Definition 2.2 (Negacyclic Convolution) Let X = (x0 , · · · , xN −1 ), Y = (y0 , · · · , yN −1 )
be two N -length sequences, then the negacyclic convolution is defined as a N -length
sequences Z̃ = (z̃0 , z̃1 , · · · , z̃N −1 ), where
z̃i = zi − zi+N , i = 0, 1, · · · , N − 1, (pad z2N −1 = 0).
or equivalent,
N −1
z̃i =
X
xj yi−j , i = 0, 1, · · · , N − 1, (y−k = −yN −k , k = 0, 1, · · · , N − 1).
j=0
Li Chen
k
Xidian University
9/18
Discrete Convolution
Fast Polynomials Multiplication Using FFT
Theorem 2.3 (Convolution Theorem) Let X = (x0 , · · · , xN −1 ), Y = (y0 , · · · , yN −1 )
be two N -length sequences, take F (· · · ) as the discrete fourier transform on a N -length
sequences (· · · ), then
F (X ∗ Y ) = N · F (X) ⊗ F (Y )
where ∗ indicates cyclic convolution, and ⊗ indicates component-wise multiplication.
Proof
Let z̃0 , · · · , z̃N −1 be the cyclic convolution of X, Y , i.e.,
N −1
z̃j =
X
xj yn−j
j=0
Li Chen
k
Xidian University
10/18
Discrete Convolution
Fast Polynomials Multiplication Using FFT
and let F (x ∗ Y ) = (f0 , f1 , · · · , fN −1 ). For each k ∈ [0, N − 1],
N −1
fk =
X
N −1
nk
z̃n ωN
=
n=0
n=0
N −1
=
−1
X N
X
N −1
XX
n=0
nk
xj yn−j ωN
j=0
jk+(n−j)k
xj yn−j ωN
j=0
N −1
=
−1
X N
X
n=0
X
N −1 N −1
jk
xj ωN
·
j=0
XX
X
j=0
Li Chen
k
Xidian University
(n−j)k
xj yn−j ωN
n=0 j=0
N −1
N −1
=N·
j=0
N −1
=
(n−j)k
jk
xj ωN
· yn−j ωN
jk
xj ωN
·
X
jk
yj ωN
j=0
11/18
Discrete Convolution
Fast Polynomials Multiplication Using FFT
Lemma 2.4 Let X = (x0 , · · · , xN −1 ), Y = (y0 , · · · , yN −1 ) be two N -length sequences,
let X 0 be a 2N − 1-length sequences (x0 , · · · , xN −1 , 0, · · · , 0), i.e. padding X with 0,
similarly, let Y 0 be a 2N − 1-length sequences (y0 , · · · , yN −1 , 0, · · · , 0), i.e. padding Y with
0, then
AcyclicConvolution(X, Y ) = CyclicConvolution(X 0 , Y 0 )
Proof
Li Chen
k
Xidian University
12/18
Fast Fourier Transform
Fast Polynomials Multiplication Using FFT
3 Fast Fourier Transform (FFT)
Cooley-Tukey Algorithm (radix-2)
Let X = (x0 , · · · , xN −1 ) be a sequence with length N = 2M , and F (X) = (f0 , · · · , fN −1 )
be the discrete fourier transform of X, i.e.
N −1
fk =
X
nk
xn ωN
n=0
M −1
=
X
M −1
2mk
x2m ωN
+
m=0
X
m=0
M −1
M −1
=
X
(2m+1)k
x2m+1 ωN
k
x2m ω mk
+ ωN
N
X
x2m+1 ω mk
N
2
m=0
2
m=0
Note: ω is a principle N th root of unity ⇒ ω 2 is a principle
Li Chen
k
Xidian University
N
2
th root of unity.
13/18
Fast Fourier Transform
Fast Polynomials Multiplication Using FFT
M −1
Thus, let Ek =
P
M −1
x2m ω mk
N , and Dk =
m=0
2
P
k
x2m+1 ω mk
N , we can write fk = Ek + ωN Dk .
m=0
2
k+ N
2
Since Ek+ N = Ek , Dk+ N = Dk , k = 0, · · · , M − 1, and ωN
2
2
for 0 ≤ k ≤ M − 1
k
= −ωN
, finally we have,
k
f k = Ek + ωN
Dk
k
fk+ N = Ek − ωN
Dk
2
And Now we can view Ek as the kth term of the discrete fourier transform on the N
2 -length
sequence (x0 , x2 , · · · , xN −2 ), and view Dk as the kth term of the discrete fourier transform
on the N
2 -length sequence (x1 , x3 , · · · , xN −1 ).
Suppose N = 2m , by reduction, the asymptotic complexity of FFT is:
O(N log N )
Li Chen
k
Xidian University
14/18
Number Theoretic Transform
Fast Polynomials Multiplication Using FFT
4 Number Theoretic Transform (NTT)
The number theoretic transform (NTT) is obtained by specializing the discrete Fourier
transform on a special ring Zp , the integers modulo a prime p, which is a finite field.
Lemma 4.1 Given a prime integer p, there exist a primitive nth root of unity in Zp if
and only if n|p − 1.
Li Chen
k
Xidian University
15/18
Number Theoretic Transform
Li Chen
k
Xidian University
Fast Polynomials Multiplication Using FFT
16/18
Number Theoretic Transform
Fast Polynomials Multiplication Using FFT
5 More Optimize & Application Scenario
Internal Discussed...
Li Chen
k
Xidian University
17/18
Thanks! & Questions?