feat(core): speed up karatsuba multiplication

tfhe/Cargo.toml

@@ -127,6 +127,11 @@ path = "benches/shortint/bench.rs"
 harness = false
 required-features = ["shortint", "internal-keycache"]
 
+[[bench]]
+name = "keygen"
+path = "benches/keygen/bench.rs"
+harness = false
+
 [[example]]
 name = "generates_test_keys"
 required-features = ["shortint", "internal-keycache"]

tfhe/benches/keygen/bench.rs

@@ -0,0 +1,44 @@
+use concrete_csprng::seeders::Seeder;
+use criterion::*;
+use tfhe::core_crypto::commons::generators::DeterministicSeeder;
+use tfhe::core_crypto::prelude::{
+    allocate_and_generate_new_binary_glwe_secret_key,
+    par_allocate_and_generate_new_lwe_bootstrap_key, ActivatedRandomGenerator,
+    EncryptionRandomGenerator, SecretRandomGenerator,
+};
+use tfhe::core_crypto::seeders::new_seeder;
+use tfhe::shortint::prelude::*;
+
+fn criterion_bench(c: &mut Criterion) {
+    let parameters = PARAM_MESSAGE_2_CARRY_2;
+    let mut seeder = new_seeder();
+    let mut deterministic_seeder =
+        DeterministicSeeder::<ActivatedRandomGenerator>::new(seeder.seed());
+    let mut secret_generator =
+        SecretRandomGenerator::<ActivatedRandomGenerator>::new(deterministic_seeder.seed());
+    let mut encryption_generator = EncryptionRandomGenerator::<ActivatedRandomGenerator>::new(
+        deterministic_seeder.seed(),
+        &mut deterministic_seeder,
+    );
+    let glwe_secret_key = allocate_and_generate_new_binary_glwe_secret_key::<u64, _>(
+        parameters.glwe_dimension,
+        parameters.polynomial_size,
+        &mut secret_generator,
+    );
+    let lwe_secret_key_after_ks = glwe_secret_key.clone().into_lwe_secret_key();
+    c.bench_function("keygen", |b| {
+        b.iter(|| {
+            let _ = par_allocate_and_generate_new_lwe_bootstrap_key(
+                &lwe_secret_key_after_ks,
+                &glwe_secret_key,
+                parameters.pbs_base_log,
+                parameters.pbs_level,
+                parameters.glwe_modular_std_dev,
+                &mut encryption_generator,
+            );
+        });
+    });
+}
+
+criterion_group!(benches, criterion_bench);
+criterion_main!(benches);

tfhe/src/core_crypto/algorithms/polynomial_algorithms.rs

@@ -486,7 +486,7 @@ pub fn polynomial_karatsuba_wrapping_mul<Scalar, OutputCont, LhsCont, RhsCont>(
     slice_wrapping_sub_assign(&mut output[top], &a1[bottom]);
 }
 
-const KARATUSBA_STOP: usize = 32;
+const KARATUSBA_STOP: usize = 64;
 /// Compute the induction for the karatsuba algorithm.
 fn induction_karatsuba<Scalar>(res: &mut [Scalar], p: &[Scalar], q: &[Scalar])
 where
@@ -496,9 +496,9 @@ where
     if p.len() <= KARATUSBA_STOP {
         // schoolbook algorithm
         for (lhs_degree, &lhs_elt) in p.iter().enumerate() {
-            for (rhs_degree, &rhs_elt) in q.iter().enumerate() {
-                res[lhs_degree + rhs_degree] =
-                    res[lhs_degree + rhs_degree].wrapping_add(lhs_elt.wrapping_mul(rhs_elt))
+            let res = &mut res[lhs_degree..];
+            for (&rhs_elt, res) in q.iter().zip(res) {
+                *res = (*res).wrapping_add(lhs_elt.wrapping_mul(rhs_elt))
             }
         }
     } else {