2021-08-13 22:07:26 +02:00
|
|
|
# Constantine
|
|
|
|
# Copyright (c) 2018-2019 Status Research & Development GmbH
|
|
|
|
# Copyright (c) 2020-Present Mamy André-Ratsimbazafy
|
|
|
|
# Licensed and distributed under either of
|
|
|
|
# * MIT license (license terms in the root directory or at http://opensource.org/licenses/MIT).
|
|
|
|
# * Apache v2 license (license terms in the root directory or at http://www.apache.org/licenses/LICENSE-2.0).
|
|
|
|
# at your option. This file may not be copied, modified, or distributed except according to those terms.
|
|
|
|
|
|
|
|
import
|
|
|
|
# Internals
|
2022-02-27 01:49:08 +01:00
|
|
|
../constantine/platforms/abstractions,
|
|
|
|
../constantine/math/config/curves,
|
|
|
|
../constantine/math/extension_fields,
|
|
|
|
../constantine/math/io/[io_bigints, io_ec],
|
2022-04-26 21:24:07 +02:00
|
|
|
../constantine/math/ec_shortweierstrass,
|
2022-02-27 01:49:08 +01:00
|
|
|
../constantine/hash_to_curve/hash_to_curve,
|
|
|
|
../constantine/hashes,
|
2021-08-13 22:07:26 +02:00
|
|
|
# Helpers
|
|
|
|
../helpers/prng_unsafe,
|
|
|
|
./bench_blueprint
|
|
|
|
|
|
|
|
proc separator*() = separator(132)
|
|
|
|
|
|
|
|
proc report(op, curve: string, startTime, stopTime: MonoTime, startClk, stopClk: int64, iters: int) =
|
|
|
|
let ns = inNanoseconds((stopTime-startTime) div iters)
|
|
|
|
let throughput = 1e9 / float64(ns)
|
|
|
|
when SupportsGetTicks:
|
|
|
|
echo &"{op:<40} {curve:<15} {throughput:>15.3f} ops/s {ns:>9} ns/op {(stopClk - startClk) div iters:>9} CPU cycles (approx)"
|
|
|
|
else:
|
|
|
|
echo &"{op:<40} {curve:<15} {throughput:>15.3f} ops/s {ns:>9} ns/op"
|
|
|
|
|
|
|
|
template bench(op: string, C: static Curve, iters: int, body: untyped): untyped =
|
|
|
|
measure(iters, startTime, stopTime, startClk, stopClk, body)
|
|
|
|
report(op, $C, startTime, stopTime, startClk, stopClk, iters)
|
|
|
|
|
2022-04-11 00:57:16 +02:00
|
|
|
proc bench_BLS12_381_hash_to_G1(iters: int) =
|
|
|
|
const dst = "BLS_SIG_BLS12381G1-SHA256-SSWU-RO_POP_"
|
|
|
|
let msg = "Mr F was here"
|
|
|
|
|
2022-04-26 21:24:07 +02:00
|
|
|
var P: ECP_ShortW_Jac[Fp[BLS12_381], G1]
|
2022-04-11 00:57:16 +02:00
|
|
|
|
2022-04-26 21:24:07 +02:00
|
|
|
bench("Hash to G1 (SSWU method - Draft #14)", BLS12_381, iters):
|
2022-04-11 00:57:16 +02:00
|
|
|
sha256.hashToCurve(
|
|
|
|
k = 128,
|
|
|
|
output = P,
|
|
|
|
augmentation = "",
|
|
|
|
message = msg,
|
|
|
|
domainSepTag = dst
|
|
|
|
)
|
|
|
|
|
2021-08-13 22:07:26 +02:00
|
|
|
proc bench_BLS12_381_hash_to_G2(iters: int) =
|
|
|
|
const dst = "BLS_SIG_BLS12381G2-SHA256-SSWU-RO_POP_"
|
|
|
|
let msg = "Mr F was here"
|
|
|
|
|
2022-04-26 21:24:07 +02:00
|
|
|
var P: ECP_ShortW_Jac[Fp2[BLS12_381], G2]
|
2021-08-13 22:07:26 +02:00
|
|
|
|
2022-04-26 21:24:07 +02:00
|
|
|
bench("Hash to G2 (SSWU method - Draft #14)", BLS12_381, iters):
|
2021-08-13 22:07:26 +02:00
|
|
|
sha256.hashToCurve(
|
|
|
|
k = 128,
|
|
|
|
output = P,
|
|
|
|
augmentation = "",
|
|
|
|
message = msg,
|
|
|
|
domainSepTag = dst
|
|
|
|
)
|
|
|
|
|
2022-04-26 21:24:07 +02:00
|
|
|
proc bench_BLS12_381_hash_to_G1_SVDW(iters: int) =
|
|
|
|
const dst = "BLS_SIG_BLS12381G1-SHA256-SVDW-RO_POP_"
|
|
|
|
let msg = "Mr F was here"
|
|
|
|
|
|
|
|
var P: ECP_ShortW_Jac[Fp[BLS12_381], G1]
|
|
|
|
|
|
|
|
bench("Hash to G1 (SVDW method)", BLS12_381, iters):
|
|
|
|
sha256.hashToCurve_svdw(
|
|
|
|
k = 128,
|
|
|
|
output = P,
|
|
|
|
augmentation = "",
|
|
|
|
message = msg,
|
|
|
|
domainSepTag = dst
|
|
|
|
)
|
|
|
|
|
|
|
|
proc bench_BLS12_381_hash_to_G2_SVDW(iters: int) =
|
|
|
|
const dst = "BLS_SIG_BLS12381G2-SHA256-SVDW-RO_POP_"
|
|
|
|
let msg = "Mr F was here"
|
|
|
|
|
|
|
|
var P: ECP_ShortW_Jac[Fp2[BLS12_381], G2]
|
|
|
|
|
|
|
|
bench("Hash to G2 (SVDW method)", BLS12_381, iters):
|
|
|
|
sha256.hashToCurve_svdw(
|
|
|
|
k = 128,
|
|
|
|
output = P,
|
|
|
|
augmentation = "",
|
|
|
|
message = msg,
|
|
|
|
domainSepTag = dst
|
|
|
|
)
|
|
|
|
|
|
|
|
proc bench_BN254_Snarks_hash_to_G1(iters: int) =
|
|
|
|
const dst = "BLS_SIG_BN254SNARKSG1-SHA256-SVDW-RO_POP_"
|
|
|
|
let msg = "Mr F was here"
|
|
|
|
|
|
|
|
var P: ECP_ShortW_Jac[Fp[BN254_Snarks], G1]
|
|
|
|
|
|
|
|
bench("Hash to G1 (SVDW method)", BN254_Snarks, iters):
|
|
|
|
sha256.hashToCurve(
|
|
|
|
k = 128,
|
|
|
|
output = P,
|
|
|
|
augmentation = "",
|
|
|
|
message = msg,
|
|
|
|
domainSepTag = dst
|
|
|
|
)
|
|
|
|
|
|
|
|
proc bench_BN254_Snarks_hash_to_G2(iters: int) =
|
|
|
|
const dst = "BLS_SIG_BN254SNARKSG2-SHA256-SVDW-RO_POP_"
|
|
|
|
let msg = "Mr F was here"
|
|
|
|
|
|
|
|
var P: ECP_ShortW_Jac[Fp2[BN254_Snarks], G2]
|
|
|
|
|
|
|
|
bench("Hash to G2 (SVDW method)", BN254_Snarks, iters):
|
|
|
|
sha256.hashToCurve(
|
|
|
|
k = 128,
|
|
|
|
output = P,
|
|
|
|
augmentation = "",
|
|
|
|
message = msg,
|
|
|
|
domainSepTag = dst
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
proc bench_BLS12_381_G1_jac_aff_conversion(iters: int) =
|
2022-04-11 00:57:16 +02:00
|
|
|
const dst = "BLS_SIG_BLS12381G1-SHA256-SSWU-RO_POP_"
|
|
|
|
let msg = "Mr F was here"
|
|
|
|
|
2022-04-26 21:24:07 +02:00
|
|
|
var P: ECP_ShortW_Jac[Fp[BLS12_381], G1]
|
2022-04-11 00:57:16 +02:00
|
|
|
var Paff: ECP_ShortW_Aff[Fp[BLS12_381], G1]
|
|
|
|
|
|
|
|
sha256.hashToCurve(
|
|
|
|
k = 128,
|
|
|
|
output = P,
|
|
|
|
augmentation = "",
|
|
|
|
message = msg,
|
|
|
|
domainSepTag = dst
|
|
|
|
)
|
|
|
|
|
2022-04-26 21:24:07 +02:00
|
|
|
bench("G1 Jac->Affine conversion (for pairing)", BLS12_381, iters):
|
2022-04-11 00:57:16 +02:00
|
|
|
Paff.affine(P)
|
|
|
|
|
2022-04-26 21:24:07 +02:00
|
|
|
proc bench_BLS12_381_G2_jac_aff_conversion(iters: int) =
|
2021-08-13 22:07:26 +02:00
|
|
|
const dst = "BLS_SIG_BLS12381G2-SHA256-SSWU-RO_POP_"
|
|
|
|
let msg = "Mr F was here"
|
|
|
|
|
2022-04-26 21:24:07 +02:00
|
|
|
var P: ECP_ShortW_Jac[Fp2[BLS12_381], G2]
|
2022-01-01 19:17:04 +01:00
|
|
|
var Paff: ECP_ShortW_Aff[Fp2[BLS12_381], G2]
|
2021-08-13 22:07:26 +02:00
|
|
|
|
|
|
|
sha256.hashToCurve(
|
|
|
|
k = 128,
|
|
|
|
output = P,
|
|
|
|
augmentation = "",
|
|
|
|
message = msg,
|
|
|
|
domainSepTag = dst
|
|
|
|
)
|
|
|
|
|
2022-04-26 21:24:07 +02:00
|
|
|
bench("G2 Jac->Affine conversion (for pairing)", BLS12_381, iters):
|
2022-02-10 14:05:07 +01:00
|
|
|
Paff.affine(P)
|
2021-08-13 22:07:26 +02:00
|
|
|
|
|
|
|
const Iters = 1000
|
|
|
|
|
|
|
|
proc main() =
|
|
|
|
separator()
|
2022-04-11 00:57:16 +02:00
|
|
|
bench_BLS12_381_hash_to_G1(Iters)
|
2021-08-13 22:07:26 +02:00
|
|
|
bench_BLS12_381_hash_to_G2(Iters)
|
2022-04-26 21:24:07 +02:00
|
|
|
bench_BLS12_381_hash_to_G1_SVDW(Iters)
|
|
|
|
bench_BLS12_381_hash_to_G2_SVDW(Iters)
|
|
|
|
bench_BN254_Snarks_hash_to_G1(Iters)
|
|
|
|
bench_BN254_Snarks_hash_to_G2(Iters)
|
|
|
|
bench_BLS12_381_G1_jac_aff_conversion(Iters)
|
|
|
|
bench_BLS12_381_G2_jac_aff_conversion(Iters)
|
2021-08-13 22:07:26 +02:00
|
|
|
separator()
|
|
|
|
|
|
|
|
main()
|
|
|
|
notes()
|