diff options
| author |  Andres Erbsen <andreser@google.com> | 2017-11-03 15:52:40 +0000 |
|---|---|---|
| committer | Andres Erbsen <andreser@google.com> | 2017-11-03 15:53:23 +0000 |
| commit | 7e05a730a4d3ee521f9103bb6fdbdd2d89ebf287 (patch) | |
| tree | f4a4a34d364b59afcf50929cd86adb2ccba3b582 /src/Specific/Framework | |
| parent | 90e263a5dca7ea4d73e83b2ee03ecd8e79170531 (diff) | |
run some benchmarks
Diffstat (limited to 'src/Specific/Framework')
| -rw-r--r-- | src/Specific/Framework/bench/fibe.c | 84 | ||||
| -rw-r--r-- | src/Specific/Framework/bench/gmpsec.c | 75 | ||||
| -rw-r--r-- | src/Specific/Framework/bench/gmpvar.c | 75 | ||||
| -rw-r--r-- | src/Specific/Framework/bench/gmpxx.cpp | 97 |
4 files changed, 201 insertions, 130 deletions
diff --git a/src/Specific/Framework/bench/fibe.c b/src/Specific/Framework/bench/fibe.c index 9ad2997b9..b29396fde 100644 --- a/src/Specific/Framework/bench/fibe.c +++ b/src/Specific/Framework/bench/fibe.c @@ -41,6 +41,25 @@ static const limb_t limb_weight_gaps[modulus_limbs] = limb_weight_gaps_array; #else +static uint32_t _mulx_u32(uint32_t a, uint32_t b, uint32_t *high) { + uint64_t x = (uint64_t)a * b; + *high = (uint32_t) (x >> 32); + return (uint32_t) x; +} + +static uint32_t _addcarryx_u32(uint8_t c, uint32_t a, uint32_t b, uint32_t *low) { + uint64_t x = (uint64_t)a + b + c; + *low = (uint32_t) x; + return (uint32_t) (x>>32); +} + +static uint32_t _subborrow_u32(uint8_t c, uint32_t a, uint32_t b, uint32_t *low) { + uint64_t t = ((uint64_t) b + c); + uint64_t x = a-t; + *low = (uint32_t) x; + return (uint8_t) (x>>63); +} + static uint64_t _mulx_u64(uint64_t a, uint64_t b, uint64_t *high) { uint128_t x = (uint128_t)a * b; *high = (uint64_t) (x >> 64); @@ -215,32 +234,45 @@ int main() { // } // return 0; - { - const uint8_t expected[32] = {0x89, 0x16, 0x1f, 0xde, 0x88, 0x7b, 0x2b, 0x53, 0xde, 0x54, 0x9a, 0xf4, 0x83, 0x94, 0x01, 0x06, 0xec, 0xc1, 0x14, 0xd6, 0x98, 0x2d, 0xaa, 0x98, 0x25, 0x6d, 0xe2, 0x3b, 0xdf, 0x77, 0x66, 0x1a}; - const uint8_t basepoint[32] = {9, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; - - - uint8_t a[32] = {0}, b[32] = {0}; - uint8_t* in = a; - uint8_t* out = b; - a[0] = 1; - - for (int i = 0; i < 200; i++) { - in[0] &= 248; - in[31] &= 127; - in[31] |= 64; - - crypto_scalarmult(out, in, 256, basepoint); - uint8_t* t = out; - out = in; - in = t; - } - - for (int i = 0; i < 32; i++) { - if (in[i] != expected[i]) { - return (i+1); + //{ + // const uint8_t expected[32] = {0x89, 0x16, 0x1f, 0xde, 0x88, 0x7b, 0x2b, 0x53, 0xde, 0x54, 0x9a, 0xf4, 0x83, 0x94, 0x01, 0x06, 0xec, 0xc1, 0x14, 0xd6, 0x98, 0x2d, 0xaa, 0x98, 0x25, 0x6d, 0xe2, 0x3b, 0xdf, 0x77, 0x66, 0x1a}; + // const uint8_t basepoint[32] = {9, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; + + + // uint8_t a[32] = {0}, b[32] = {0}; + // uint8_t* in = a; + // uint8_t* out = b; + // a[0] = 1; + + // for (int i = 0; i < 200; i++) { + // in[0] &= 248; + // in[31] &= 127; + // in[31] |= 64; + + // crypto_scalarmult(out, in, 256, basepoint); + // uint8_t* t = out; + // out = in; + // in = t; + // } + + // for (int i = 0; i < 32; i++) { + // if (in[i] != expected[i]) { + // return (i+1); + // } + // } + // return 0; + //} + + uint8_t secret[32]; + uint8_t point[modulus_bytes]; + + for (int i = 0; i < modulus_bytes; i++) { point[modulus_bytes-i] = i; } + + for (int i = 0; i < 1000; i++) { + for (int j = 0; j<modulus_bytes; j++) { + secret[j%32] ^= point[j]; } - } - return 0; + crypto_scalarmult(point, secret, 32*8, point); } + return 0; } diff --git a/src/Specific/Framework/bench/gmpsec.c b/src/Specific/Framework/bench/gmpsec.c index b31676900..d3cf3aa56 100644 --- a/src/Specific/Framework/bench/gmpsec.c +++ b/src/Specific/Framework/bench/gmpsec.c @@ -165,14 +165,15 @@ static void crypto_scalarmult(uint8_t *out, const uint8_t *secret, size_t secret } - fe_inv(nqz, nqz); - fe_mul(nqx, nqx, nqz); - for (size_t i = 0; i < modulus_bytes; i++) { out[i] = 0; } for (size_t i = 0; i < 8*modulus_bytes; i++) { mp_limb_t bit = (nqx[i/GMP_LIMB_BITS] >> (i%GMP_LIMB_BITS))&1; out [i/8] |= bit<<(i%8); } + for (size_t i = 0; i < 8*modulus_bytes; i++) { + mp_limb_t bit = (nqz[i/GMP_LIMB_BITS] >> (i%GMP_LIMB_BITS))&1; + out [i/8] ^= bit<<(i%8); + } } @@ -185,32 +186,44 @@ int main() { // printf("0x"); for (int i = 31; i>=0; --i) { printf("%02x", out[i]); }; printf("\n"); // } - { - const uint8_t expected[32] = {0x89, 0x16, 0x1f, 0xde, 0x88, 0x7b, 0x2b, 0x53, 0xde, 0x54, 0x9a, 0xf4, 0x83, 0x94, 0x01, 0x06, 0xec, 0xc1, 0x14, 0xd6, 0x98, 0x2d, 0xaa, 0x98, 0x25, 0x6d, 0xe2, 0x3b, 0xdf, 0x77, 0x66, 0x1a}; - const uint8_t basepoint[32] = {9, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; - - - uint8_t a[32] = {0}, b[32] = {0}; - uint8_t* in = a; - uint8_t* out = b; - a[0] = 1; - - for (int i = 0; i < 200; i++) { - in[0] &= 248; - in[31] &= 127; - in[31] |= 64; - - crypto_scalarmult(out, in, 256, basepoint); - uint8_t* t = out; - out = in; - in = t; - } - - for (int i = 0; i < 32; i++) { - if (in[i] != expected[i]) { - return (i+1); - } - } - return 0; - } + // { + // const uint8_t expected[32] = {0x89, 0x16, 0x1f, 0xde, 0x88, 0x7b, 0x2b, 0x53, 0xde, 0x54, 0x9a, 0xf4, 0x83, 0x94, 0x01, 0x06, 0xec, 0xc1, 0x14, 0xd6, 0x98, 0x2d, 0xaa, 0x98, 0x25, 0x6d, 0xe2, 0x3b, 0xdf, 0x77, 0x66, 0x1a}; + // const uint8_t basepoint[32] = {9, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; + + + // uint8_t a[32] = {0}, b[32] = {0}; + // uint8_t* in = a; + // uint8_t* out = b; + // a[0] = 1; + + // for (int i = 0; i < 200; i++) { + // in[0] &= 248; + // in[31] &= 127; + // in[31] |= 64; + + // crypto_scalarmult(out, in, 256, basepoint); + // uint8_t* t = out; + // out = in; + // in = t; + // } + + // for (int i = 0; i < 32; i++) { + // if (in[i] != expected[i]) { + // return (i+1); + // } + // } + // return 0; + // } + uint8_t secret[32]; + uint8_t point[modulus_bytes]; + + for (int i = 0; i < modulus_bytes; i++) { point[modulus_bytes-i] = i; } + + for (int i = 0; i < 1000; i++) { + for (int j = 0; j<modulus_bytes; j++) { + secret[j%32] ^= point[j]; + } + crypto_scalarmult(point, secret, 32*8, point); + } + return 0; } diff --git a/src/Specific/Framework/bench/gmpvar.c b/src/Specific/Framework/bench/gmpvar.c index 9c79dace8..3c79d4212 100644 --- a/src/Specific/Framework/bench/gmpvar.c +++ b/src/Specific/Framework/bench/gmpvar.c @@ -164,14 +164,15 @@ static void crypto_scalarmult(uint8_t *out, const uint8_t *secret, size_t secret } - fe_inv(nqz, nqz); - fe_mul(nqx, nqx, nqz); - for (size_t i = 0; i < modulus_bytes; i++) { out[i] = 0; } for (size_t i = 0; i < 8*modulus_bytes; i++) { mp_limb_t bit = (nqx[i/GMP_LIMB_BITS] >> (i%GMP_LIMB_BITS))&1; out [i/8] |= bit<<(i%8); } + for (size_t i = 0; i < 8*modulus_bytes; i++) { + mp_limb_t bit = (nqz[i/GMP_LIMB_BITS] >> (i%GMP_LIMB_BITS))&1; + out [i/8] ^= bit<<(i%8); + } } @@ -184,32 +185,44 @@ int main() { // printf("0x"); for (int i = 31; i>=0; --i) { printf("%02x", out[i]); }; printf("\n"); // } - { - const uint8_t expected[32] = {0x89, 0x16, 0x1f, 0xde, 0x88, 0x7b, 0x2b, 0x53, 0xde, 0x54, 0x9a, 0xf4, 0x83, 0x94, 0x01, 0x06, 0xec, 0xc1, 0x14, 0xd6, 0x98, 0x2d, 0xaa, 0x98, 0x25, 0x6d, 0xe2, 0x3b, 0xdf, 0x77, 0x66, 0x1a}; - const uint8_t basepoint[32] = {9, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; - - - uint8_t a[32] = {0}, b[32] = {0}; - uint8_t* in = a; - uint8_t* out = b; - a[0] = 1; - - for (int i = 0; i < 200; i++) { - in[0] &= 248; - in[31] &= 127; - in[31] |= 64; - - crypto_scalarmult(out, in, 256, basepoint); - uint8_t* t = out; - out = in; - in = t; - } - - for (int i = 0; i < 32; i++) { - if (in[i] != expected[i]) { - return (i+1); - } - } - return 0; - } + // { + // const uint8_t expected[32] = {0x89, 0x16, 0x1f, 0xde, 0x88, 0x7b, 0x2b, 0x53, 0xde, 0x54, 0x9a, 0xf4, 0x83, 0x94, 0x01, 0x06, 0xec, 0xc1, 0x14, 0xd6, 0x98, 0x2d, 0xaa, 0x98, 0x25, 0x6d, 0xe2, 0x3b, 0xdf, 0x77, 0x66, 0x1a}; + // const uint8_t basepoint[32] = {9, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; + + + // uint8_t a[32] = {0}, b[32] = {0}; + // uint8_t* in = a; + // uint8_t* out = b; + // a[0] = 1; + + // for (int i = 0; i < 200; i++) { + // in[0] &= 248; + // in[31] &= 127; + // in[31] |= 64; + + // crypto_scalarmult(out, in, 256, basepoint); + // uint8_t* t = out; + // out = in; + // in = t; + // } + + // for (int i = 0; i < 32; i++) { + // if (in[i] != expected[i]) { + // return (i+1); + // } + // } + // return 0; + // } + uint8_t secret[32]; + uint8_t point[modulus_bytes]; + + for (int i = 0; i < modulus_bytes; i++) { point[modulus_bytes-i] = i; } + + for (int i = 0; i < 1000; i++) { + for (int j = 0; j<modulus_bytes; j++) { + secret[j%32] ^= point[j]; + } + crypto_scalarmult(point, secret, 32*8, point); + } + return 0; } diff --git a/src/Specific/Framework/bench/gmpxx.cpp b/src/Specific/Framework/bench/gmpxx.cpp index 08f00e9af..322d54b52 100644 --- a/src/Specific/Framework/bench/gmpxx.cpp +++ b/src/Specific/Framework/bench/gmpxx.cpp @@ -89,52 +89,65 @@ static void crypto_scalarmult(uint8_t *out, const uint8_t *secret, size_t secret // remainder -> modulo if (z < 0) { z += q; } - if (mpz_invert(z.get_mpz_t(), z.get_mpz_t(), q.get_mpz_t())) { - x = x*z % q; - } else { - x = 0; - } + // if (mpz_invert(z.get_mpz_t(), z.get_mpz_t(), q.get_mpz_t())) { + // x = x*z % q; + // } else { + // x = 0; + // } - // remainder -> modulo - if (x < 0) { x += q; } + // // remainder -> modulo + // if (x < 0) { x += q; } for (size_t i = 0; i<modulus_bytes; i++) { out[i] = mpz_class(x>>(8*i)).get_ui()&0xff; } + for (size_t i = 0; i<modulus_bytes; i++) { out[i] ^= mpz_class(z>>(8*i)).get_ui()&0xff; } } int main() { - { - uint8_t out[modulus_bytes] = {0}; - uint8_t point[modulus_bytes] = {9}; - uint8_t secret[modulus_bytes] = {1}; - crypto_scalarmult(out, secret, 256, point); - // printf("0x"); for (int i = 31; i>=0; --i) { printf("%02x", out[i]); }; printf("\n"); - } - { - const uint8_t expected[32] = {0x89, 0x16, 0x1f, 0xde, 0x88, 0x7b, 0x2b, 0x53, 0xde, 0x54, 0x9a, 0xf4, 0x83, 0x94, 0x01, 0x06, 0xec, 0xc1, 0x14, 0xd6, 0x98, 0x2d, 0xaa, 0x98, 0x25, 0x6d, 0xe2, 0x3b, 0xdf, 0x77, 0x66, 0x1a}; - const uint8_t basepoint[32] = {9, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; - - - uint8_t a[32] = {0}, b[32] = {0}; - uint8_t* in = a; - uint8_t* out = b; - a[0] = 1; - - for (int i = 0; i < 200; i++) { - in[0] &= 248; - in[31] &= 127; - in[31] |= 64; - - crypto_scalarmult(out, in, 256, basepoint); - uint8_t* t = out; - out = in; - in = t; - } - - for (int i = 0; i < 32; i++) { - if (in[i] != expected[i]) { - return (i+1); - } - } - return 0; - } + // { + // uint8_t out[modulus_bytes] = {0}; + // uint8_t point[modulus_bytes] = {9}; + // uint8_t secret[modulus_bytes] = {1}; + // crypto_scalarmult(out, secret, 256, point); + // // printf("0x"); for (int i = 31; i>=0; --i) { printf("%02x", out[i]); }; printf("\n"); + // } + // { + // const uint8_t expected[32] = {0x89, 0x16, 0x1f, 0xde, 0x88, 0x7b, 0x2b, 0x53, 0xde, 0x54, 0x9a, 0xf4, 0x83, 0x94, 0x01, 0x06, 0xec, 0xc1, 0x14, 0xd6, 0x98, 0x2d, 0xaa, 0x98, 0x25, 0x6d, 0xe2, 0x3b, 0xdf, 0x77, 0x66, 0x1a}; + // const uint8_t basepoint[32] = {9, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; + + + // uint8_t a[32] = {0}, b[32] = {0}; + // uint8_t* in = a; + // uint8_t* out = b; + // a[0] = 1; + + // for (int i = 0; i < 200; i++) { + // in[0] &= 248; + // in[31] &= 127; + // in[31] |= 64; + + // crypto_scalarmult(out, in, 256, basepoint); + // uint8_t* t = out; + // out = in; + // in = t; + // } + + // for (int i = 0; i < 32; i++) { + // if (in[i] != expected[i]) { + // return (i+1); + // } + // } + // return 0; + // } + uint8_t secret[32]; + uint8_t point[modulus_bytes]; + + for (int i = 0; i < modulus_bytes; i++) { point[modulus_bytes-i] = i; } + + for (int i = 0; i < 1000; i++) { + for (int j = 0; j<modulus_bytes; j++) { + secret[j%32] ^= point[j]; + } + crypto_scalarmult(point, secret, 32*8, point); + } + return 0; } |