From 3e977488a93bb0f8c84cd8637f777d9b47db2b1c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mamy=20Andr=C3=A9-Ratsimbazafy?= Date: Sun, 14 Feb 2021 14:24:48 +0100 Subject: [PATCH] add bench whole summary for curves --- benchmarks/bench_blueprint.nim | 10 +- benchmarks/bench_summary_bls12_377.nim | 82 +++++++++ benchmarks/bench_summary_bls12_381.nim | 82 +++++++++ benchmarks/bench_summary_bn254_nogami.nim | 82 +++++++++ benchmarks/bench_summary_bn254_snarks.nim | 82 +++++++++ benchmarks/bench_summary_template.nim | 214 ++++++++++++++++++++++ constantine.nimble | 110 +++++++++++ 7 files changed, 658 insertions(+), 4 deletions(-) create mode 100644 benchmarks/bench_summary_bls12_377.nim create mode 100644 benchmarks/bench_summary_bls12_381.nim create mode 100644 benchmarks/bench_summary_bn254_nogami.nim create mode 100644 benchmarks/bench_summary_bn254_snarks.nim create mode 100644 benchmarks/bench_summary_template.nim diff --git a/benchmarks/bench_blueprint.nim b/benchmarks/bench_blueprint.nim index eabdd8b..1faa36c 100644 --- a/benchmarks/bench_blueprint.nim +++ b/benchmarks/bench_blueprint.nim @@ -78,15 +78,17 @@ proc separator*(length: int) = echo "-".repeat(length) proc notes*() = + echo "" echo "Notes:" + echo " - All procedures are constant-time unless mentioned otherwise (unsafe or vartime)" echo " - Compilers:" echo " Compilers are severely limited on multiprecision arithmetic." - echo " Constantine compile-time assembler is used by default (nimble bench_fp)." + echo " Constantine compile-time assembler is used by default \"nimble bench_summary_bls12_381\"." echo " GCC is significantly slower than Clang on multiprecision arithmetic due to catastrophic handling of carries." echo " GCC also seems to have issues with large temporaries and register spilling." - echo " This is somewhat alleviated by Constantine compile-time assembler." - echo " Bench on specific compiler with assembler: \"nimble bench_ec_g1_gcc\" or \"nimble bench_ec_g1_clang\"." - echo " Bench on specific compiler with assembler: \"nimble bench_ec_g1_gcc_noasm\" or \"nimble bench_ec_g1_clang_noasm\"." + echo " This is somewhat alleviated by Constantine compile-time assembler but not perfect." + echo " Bench on specific compiler with assembler: \"nimble bench_summary_bls12_381_clang\"." + echo " Bench on specific compiler with assembler: \"nimble bench_summary_bls12_381_clang_noasm\"." echo " - The simplest operations might be optimized away by the compiler." template measure*(iters: int, diff --git a/benchmarks/bench_summary_bls12_377.nim b/benchmarks/bench_summary_bls12_377.nim new file mode 100644 index 0000000..bd40c92 --- /dev/null +++ b/benchmarks/bench_summary_bls12_377.nim @@ -0,0 +1,82 @@ +# Constantine +# Copyright (c) 2018-2019 Status Research & Development GmbH +# Copyright (c) 2020-Present Mamy André-Ratsimbazafy +# Licensed and distributed under either of +# * MIT license (license terms in the root directory or at http://opensource.org/licenses/MIT). +# * Apache v2 license (license terms in the root directory or at http://www.apache.org/licenses/LICENSE-2.0). +# at your option. This file may not be copied, modified, or distributed except according to those terms. + +import + # Internals + ../constantine/config/curves, + ../constantine/arithmetic, + ../constantine/towers, + # Helpers + ../helpers/static_for, + ./bench_summary_template, + # Standard library + std/strutils + +# ############################################################ +# +# Benchmark of pairings +# for BLS12-381 +# +# ############################################################ + + +const Iters = 5000 +const AvailableCurves = [ + BLS12_377, +] + + +proc main() = + separator() + staticFor i, 0, AvailableCurves.len: + const curve = AvailableCurves[i] + + mulBench(Fr[curve], Iters) + sqrBench(Fr[curve], Iters) + separator() + mulBench(Fp[curve], Iters) + sqrBench(Fp[curve], Iters) + invBench(Fp[curve], Iters) + sqrtBench(Fp[curve], Iters) + separator() + mulBench(Fp2[curve], Iters) + sqrBench(Fp2[curve], Iters) + invBench(Fp2[curve], Iters) + sqrtBench(Fp2[curve], Iters) + separator() + addBench(ECP_ShortW_Prj[Fp[curve], NotOnTwist], Iters) + mixedAddBench(ECP_ShortW_Prj[Fp[curve], NotOnTwist], Iters) + doublingBench(ECP_ShortW_Prj[Fp[curve], NotOnTwist], Iters) + scalarMulBench(ECP_ShortW_Prj[Fp[curve], NotOnTwist], Iters) + separator() + addBench(ECP_ShortW_Jac[Fp[curve], NotOnTwist], Iters) + mixedAddBench(ECP_ShortW_Jac[Fp[curve], NotOnTwist], Iters) + doublingBench(ECP_ShortW_Jac[Fp[curve], NotOnTwist], Iters) + scalarMulBench(ECP_ShortW_Jac[Fp[curve], NotOnTwist], Iters) + separator() + addBench(ECP_ShortW_Prj[Fp2[curve], OnTwist], Iters) + mixedAddBench(ECP_ShortW_Prj[Fp2[curve], OnTwist], Iters) + doublingBench(ECP_ShortW_Prj[Fp2[curve], OnTwist], Iters) + scalarMulBench(ECP_ShortW_Prj[Fp2[curve], OnTwist], Iters) + separator() + addBench(ECP_ShortW_Jac[Fp2[curve], OnTwist], Iters) + mixedAddBench(ECP_ShortW_Jac[Fp2[curve], OnTwist], Iters) + doublingBench(ECP_ShortW_Jac[Fp2[curve], OnTwist], Iters) + scalarMulBench(ECP_ShortW_Jac[Fp2[curve], OnTwist], Iters) + separator() + mulBench(Fp12[curve], Iters) + sqrBench(Fp12[curve], Iters) + invBench(Fp12[curve], Iters) + separator() + millerLoopBLS12Bench(curve, Iters) + finalExpBLS12Bench(curve, Iters) + pairingBLS12Bench(curve, Iters) + separator() + +main() +notes() diff --git a/benchmarks/bench_summary_bls12_381.nim b/benchmarks/bench_summary_bls12_381.nim new file mode 100644 index 0000000..bf5ac3a --- /dev/null +++ b/benchmarks/bench_summary_bls12_381.nim @@ -0,0 +1,82 @@ +# Constantine +# Copyright (c) 2018-2019 Status Research & Development GmbH +# Copyright (c) 2020-Present Mamy André-Ratsimbazafy +# Licensed and distributed under either of +# * MIT license (license terms in the root directory or at http://opensource.org/licenses/MIT). +# * Apache v2 license (license terms in the root directory or at http://www.apache.org/licenses/LICENSE-2.0). +# at your option. This file may not be copied, modified, or distributed except according to those terms. + +import + # Internals + ../constantine/config/curves, + ../constantine/arithmetic, + ../constantine/towers, + # Helpers + ../helpers/static_for, + ./bench_summary_template, + # Standard library + std/strutils + +# ############################################################ +# +# Benchmark of pairings +# for BLS12-381 +# +# ############################################################ + + +const Iters = 5000 +const AvailableCurves = [ + BLS12_381, +] + + +proc main() = + separator() + staticFor i, 0, AvailableCurves.len: + const curve = AvailableCurves[i] + + mulBench(Fr[curve], Iters) + sqrBench(Fr[curve], Iters) + separator() + mulBench(Fp[curve], Iters) + sqrBench(Fp[curve], Iters) + invBench(Fp[curve], Iters) + sqrtBench(Fp[curve], Iters) + separator() + mulBench(Fp2[curve], Iters) + sqrBench(Fp2[curve], Iters) + invBench(Fp2[curve], Iters) + sqrtBench(Fp2[curve], Iters) + separator() + addBench(ECP_ShortW_Prj[Fp[curve], NotOnTwist], Iters) + mixedAddBench(ECP_ShortW_Prj[Fp[curve], NotOnTwist], Iters) + doublingBench(ECP_ShortW_Prj[Fp[curve], NotOnTwist], Iters) + scalarMulBench(ECP_ShortW_Prj[Fp[curve], NotOnTwist], Iters) + separator() + addBench(ECP_ShortW_Jac[Fp[curve], NotOnTwist], Iters) + mixedAddBench(ECP_ShortW_Jac[Fp[curve], NotOnTwist], Iters) + doublingBench(ECP_ShortW_Jac[Fp[curve], NotOnTwist], Iters) + scalarMulBench(ECP_ShortW_Jac[Fp[curve], NotOnTwist], Iters) + separator() + addBench(ECP_ShortW_Prj[Fp2[curve], OnTwist], Iters) + mixedAddBench(ECP_ShortW_Prj[Fp2[curve], OnTwist], Iters) + doublingBench(ECP_ShortW_Prj[Fp2[curve], OnTwist], Iters) + scalarMulBench(ECP_ShortW_Prj[Fp2[curve], OnTwist], Iters) + separator() + addBench(ECP_ShortW_Jac[Fp2[curve], OnTwist], Iters) + mixedAddBench(ECP_ShortW_Jac[Fp2[curve], OnTwist], Iters) + doublingBench(ECP_ShortW_Jac[Fp2[curve], OnTwist], Iters) + scalarMulBench(ECP_ShortW_Jac[Fp2[curve], OnTwist], Iters) + separator() + mulBench(Fp12[curve], Iters) + sqrBench(Fp12[curve], Iters) + invBench(Fp12[curve], Iters) + separator() + millerLoopBLS12Bench(curve, Iters) + finalExpBLS12Bench(curve, Iters) + pairingBLS12Bench(curve, Iters) + separator() + +main() +notes() diff --git a/benchmarks/bench_summary_bn254_nogami.nim b/benchmarks/bench_summary_bn254_nogami.nim new file mode 100644 index 0000000..0f70852 --- /dev/null +++ b/benchmarks/bench_summary_bn254_nogami.nim @@ -0,0 +1,82 @@ +# Constantine +# Copyright (c) 2018-2019 Status Research & Development GmbH +# Copyright (c) 2020-Present Mamy André-Ratsimbazafy +# Licensed and distributed under either of +# * MIT license (license terms in the root directory or at http://opensource.org/licenses/MIT). +# * Apache v2 license (license terms in the root directory or at http://www.apache.org/licenses/LICENSE-2.0). +# at your option. This file may not be copied, modified, or distributed except according to those terms. + +import + # Internals + ../constantine/config/curves, + ../constantine/arithmetic, + ../constantine/towers, + # Helpers + ../helpers/static_for, + ./bench_summary_template, + # Standard library + std/strutils + +# ############################################################ +# +# Benchmark of pairings +# for BLS12-381 +# +# ############################################################ + + +const Iters = 5000 +const AvailableCurves = [ + BN254_Nogami, +] + + +proc main() = + separator() + staticFor i, 0, AvailableCurves.len: + const curve = AvailableCurves[i] + + mulBench(Fr[curve], Iters) + sqrBench(Fr[curve], Iters) + separator() + mulBench(Fp[curve], Iters) + sqrBench(Fp[curve], Iters) + invBench(Fp[curve], Iters) + sqrtBench(Fp[curve], Iters) + separator() + mulBench(Fp2[curve], Iters) + sqrBench(Fp2[curve], Iters) + invBench(Fp2[curve], Iters) + sqrtBench(Fp2[curve], Iters) + separator() + addBench(ECP_ShortW_Prj[Fp[curve], NotOnTwist], Iters) + mixedAddBench(ECP_ShortW_Prj[Fp[curve], NotOnTwist], Iters) + doublingBench(ECP_ShortW_Prj[Fp[curve], NotOnTwist], Iters) + scalarMulBench(ECP_ShortW_Prj[Fp[curve], NotOnTwist], Iters) + separator() + addBench(ECP_ShortW_Jac[Fp[curve], NotOnTwist], Iters) + mixedAddBench(ECP_ShortW_Jac[Fp[curve], NotOnTwist], Iters) + doublingBench(ECP_ShortW_Jac[Fp[curve], NotOnTwist], Iters) + scalarMulBench(ECP_ShortW_Jac[Fp[curve], NotOnTwist], Iters) + separator() + addBench(ECP_ShortW_Prj[Fp2[curve], OnTwist], Iters) + mixedAddBench(ECP_ShortW_Prj[Fp2[curve], OnTwist], Iters) + doublingBench(ECP_ShortW_Prj[Fp2[curve], OnTwist], Iters) + scalarMulBench(ECP_ShortW_Prj[Fp2[curve], OnTwist], Iters) + separator() + addBench(ECP_ShortW_Jac[Fp2[curve], OnTwist], Iters) + mixedAddBench(ECP_ShortW_Jac[Fp2[curve], OnTwist], Iters) + doublingBench(ECP_ShortW_Jac[Fp2[curve], OnTwist], Iters) + scalarMulBench(ECP_ShortW_Jac[Fp2[curve], OnTwist], Iters) + separator() + mulBench(Fp12[curve], Iters) + sqrBench(Fp12[curve], Iters) + invBench(Fp12[curve], Iters) + separator() + millerLoopBNBench(curve, Iters) + finalExpBNBench(curve, Iters) + pairingBNBench(curve, Iters) + separator() + +main() +notes() diff --git a/benchmarks/bench_summary_bn254_snarks.nim b/benchmarks/bench_summary_bn254_snarks.nim new file mode 100644 index 0000000..fc6a800 --- /dev/null +++ b/benchmarks/bench_summary_bn254_snarks.nim @@ -0,0 +1,82 @@ +# Constantine +# Copyright (c) 2018-2019 Status Research & Development GmbH +# Copyright (c) 2020-Present Mamy André-Ratsimbazafy +# Licensed and distributed under either of +# * MIT license (license terms in the root directory or at http://opensource.org/licenses/MIT). +# * Apache v2 license (license terms in the root directory or at http://www.apache.org/licenses/LICENSE-2.0). +# at your option. This file may not be copied, modified, or distributed except according to those terms. + +import + # Internals + ../constantine/config/curves, + ../constantine/arithmetic, + ../constantine/towers, + # Helpers + ../helpers/static_for, + ./bench_summary_template, + # Standard library + std/strutils + +# ############################################################ +# +# Benchmark of pairings +# for BLS12-381 +# +# ############################################################ + + +const Iters = 5000 +const AvailableCurves = [ + BN254_Snarks, +] + + +proc main() = + separator() + staticFor i, 0, AvailableCurves.len: + const curve = AvailableCurves[i] + + mulBench(Fr[curve], Iters) + sqrBench(Fr[curve], Iters) + separator() + mulBench(Fp[curve], Iters) + sqrBench(Fp[curve], Iters) + invBench(Fp[curve], Iters) + sqrtBench(Fp[curve], Iters) + separator() + mulBench(Fp2[curve], Iters) + sqrBench(Fp2[curve], Iters) + invBench(Fp2[curve], Iters) + sqrtBench(Fp2[curve], Iters) + separator() + addBench(ECP_ShortW_Prj[Fp[curve], NotOnTwist], Iters) + mixedAddBench(ECP_ShortW_Prj[Fp[curve], NotOnTwist], Iters) + doublingBench(ECP_ShortW_Prj[Fp[curve], NotOnTwist], Iters) + scalarMulBench(ECP_ShortW_Prj[Fp[curve], NotOnTwist], Iters) + separator() + addBench(ECP_ShortW_Jac[Fp[curve], NotOnTwist], Iters) + mixedAddBench(ECP_ShortW_Jac[Fp[curve], NotOnTwist], Iters) + doublingBench(ECP_ShortW_Jac[Fp[curve], NotOnTwist], Iters) + scalarMulBench(ECP_ShortW_Jac[Fp[curve], NotOnTwist], Iters) + separator() + addBench(ECP_ShortW_Prj[Fp2[curve], OnTwist], Iters) + mixedAddBench(ECP_ShortW_Prj[Fp2[curve], OnTwist], Iters) + doublingBench(ECP_ShortW_Prj[Fp2[curve], OnTwist], Iters) + scalarMulBench(ECP_ShortW_Prj[Fp2[curve], OnTwist], Iters) + separator() + addBench(ECP_ShortW_Jac[Fp2[curve], OnTwist], Iters) + mixedAddBench(ECP_ShortW_Jac[Fp2[curve], OnTwist], Iters) + doublingBench(ECP_ShortW_Jac[Fp2[curve], OnTwist], Iters) + scalarMulBench(ECP_ShortW_Jac[Fp2[curve], OnTwist], Iters) + separator() + mulBench(Fp12[curve], Iters) + sqrBench(Fp12[curve], Iters) + invBench(Fp12[curve], Iters) + separator() + millerLoopBNBench(curve, Iters) + finalExpBNBench(curve, Iters) + pairingBNBench(curve, Iters) + separator() + +main() +notes() diff --git a/benchmarks/bench_summary_template.nim b/benchmarks/bench_summary_template.nim new file mode 100644 index 0000000..139ddc5 --- /dev/null +++ b/benchmarks/bench_summary_template.nim @@ -0,0 +1,214 @@ +# Constantine +# Copyright (c) 2018-2019 Status Research & Development GmbH +# Copyright (c) 2020-Present Mamy André-Ratsimbazafy +# Licensed and distributed under either of +# * MIT license (license terms in the root directory or at http://opensource.org/licenses/MIT). +# * Apache v2 license (license terms in the root directory or at http://www.apache.org/licenses/LICENSE-2.0). +# at your option. This file may not be copied, modified, or distributed except according to those terms. + +# ############################################################ +# +# Summary of the performance of a curve +# +# ############################################################ + +import + # Internals + ../constantine/config/[curves, common], + ../constantine/arithmetic, + ../constantine/towers, + ../constantine/elliptic/[ + ec_shortweierstrass_affine, + ec_shortweierstrass_projective, + ec_shortweierstrass_jacobian, + ec_scalar_mul, ec_endomorphism_accel], + ../constantine/hash_to_curve/cofactors, + ../constantine/pairing/[ + cyclotomic_fp12, + pairing_bls12, + pairing_bn + ], + ../constantine/curves/zoo_pairings, + # Helpers + ../helpers/[prng_unsafe, static_for], + ./bench_blueprint + +export + ec_shortweierstrass_projective, + ec_shortweierstrass_jacobian + +export zoo_pairings # generic sandwich https://github.com/nim-lang/Nim/issues/11225 +export notes +proc separator*() = separator(152) + +proc report(op, domain: string, start, stop: MonoTime, startClk, stopClk: int64, iters: int) = + let ns = inNanoseconds((stop-start) div iters) + let throughput = 1e9 / float64(ns) + when SupportsGetTicks: + echo &"{op:<35} {domain:<40} {throughput:>15.3f} ops/s {ns:>9} ns/op {(stopClk - startClk) div iters:>9} CPU cycles (approx)" + else: + echo &"{op:<35} {domain:<40} {throughput:>15.3f} ops/s {ns:>9} ns/op" + +macro fixEllipticDisplay(T: typedesc): untyped = + # At compile-time, enums are integers and their display is buggy + # we get the Curve ID instead of the curve name. + let instantiated = T.getTypeInst() + var name = $instantiated[1][0] # EllipticEquationFormCoordinates + let fieldName = $instantiated[1][1][0] + let curveName = $Curve(instantiated[1][1][1].intVal) + name.add "[" & fieldName & "[" & curveName & "]]" + result = newLit name + +macro fixFieldDisplay(T: typedesc): untyped = + # At compile-time, enums are integers and their display is buggy + # we get the Curve ID instead of the curve name. + let instantiated = T.getTypeInst() + var name = $instantiated[1][0] # Fp + name.add "[" & $Curve(instantiated[1][1].intVal) & "]" + result = newLit name + +func fixDisplay(T: typedesc): string = + when T is (ECP_ShortW_Prj or ECP_ShortW_Jac or ECP_ShortW_Aff): + fixEllipticDisplay(T) + elif T is (Fp or Fp2 or Fp4 or Fp6 or Fp12): + fixFieldDisplay(T) + else: + $T + +func fixDisplay(T: Curve): string = + $T + +template bench(op: string, T: typed, iters: int, body: untyped): untyped = + measure(iters, startTime, stopTime, startClk, stopClk, body) + report(op, fixDisplay(T), startTime, stopTime, startClk, stopClk, iters) + +func clearCofactorReference[F; Tw: static Twisted]( + ec: var ECP_ShortW_Aff[F, Tw]) = + # For now we don't have any affine operation defined + var t {.noInit.}: ECP_ShortW_Prj[F, Tw] + t.projectiveFromAffine(ec) + t.clearCofactorReference() + ec.affineFromProjective(t) + +func random_point*(rng: var RngState, EC: typedesc): EC {.noInit.} = + result = rng.random_unsafe(EC) + result.clearCofactorReference() + +proc mulBench*(T: typedesc, iters: int) = + var r: T + let x = rng.random_unsafe(T) + let y = rng.random_unsafe(T) + preventOptimAway(r) + bench("Multiplication", T, iters): + r.prod(x, y) + +proc sqrBench*(T: typedesc, iters: int) = + var r: T + let x = rng.random_unsafe(T) + preventOptimAway(r) + bench("Squaring", T, iters): + r.square(x) + +proc invBench*(T: typedesc, iters: int) = + var r: T + let x = rng.random_unsafe(T) + preventOptimAway(r) + bench("Inversion", T, iters): + r.inv(x) + +proc sqrtBench*(T: typedesc, iters: int) = + let x = rng.random_unsafe(T) + bench("Square Root + isSquare", T, iters): + var r = x + discard r.sqrt_if_square() + +proc addBench*(T: typedesc, iters: int) = + const G1_or_G2 = when T.F is Fp: "G1" else: "G2" + var r {.noInit.}: T + let P = rng.random_unsafe(T) + let Q = rng.random_unsafe(T) + bench("EC Add " & G1_or_G2, T, iters): + r.sum(P, Q) + +proc mixedAddBench*(T: typedesc, iters: int) = + const G1_or_G2 = when T.F is Fp: "G1" else: "G2" + var r {.noInit.}: T + let P = rng.random_unsafe(T) + let Q = rng.random_unsafe(T) + var Qaff: ECP_ShortW_Aff[T.F, T.Tw] + when Q is ECP_ShortW_Prj: + Qaff.affineFromProjective(Q) + else: + Qaff.affineFromJacobian(Q) + bench("EC Mixed Addition " & G1_or_G2, T, iters): + r.madd(P, Qaff) + +proc doublingBench*(T: typedesc, iters: int) = + const G1_or_G2 = when T.F is Fp: "G1" else: "G2" + var r {.noInit.}: T + let P = rng.random_unsafe(T) + bench("EC Double " & G1_or_G2, T, iters): + r.double(P) + +proc scalarMulBench*(T: typedesc, iters: int) = + const bits = T.F.C.getCurveOrderBitwidth() + const G1_or_G2 = when T.F is Fp: "G1" else: "G2" + + var r {.noInit.}: T + let P = rng.random_unsafe(T) # TODO: clear cofactor + let exponent = rng.random_unsafe(BigInt[bits]) + + bench("EC ScalarMul " & $bits & "-bit " & G1_or_G2, T, iters): + r = P + when T.F is Fp: + r.scalarMulGLV_m2w2(exponent) + else: + r.scalarMulEndo(exponent) + +proc millerLoopBLS12Bench*(C: static Curve, iters: int) = + let + P = rng.random_point(ECP_ShortW_Aff[Fp[C], NotOnTwist]) + Q = rng.random_point(ECP_ShortW_Aff[Fp2[C], OnTwist]) + + var f: Fp12[C] + bench("Miller Loop BLS12", C, iters): + f.millerLoopGenericBLS12(P, Q) + +proc millerLoopBNBench*(C: static Curve, iters: int) = + let + P = rng.random_point(ECP_ShortW_Aff[Fp[C], NotOnTwist]) + Q = rng.random_point(ECP_ShortW_Aff[Fp2[C], OnTwist]) + + var f: Fp12[C] + bench("Miller Loop BN", C, iters): + f.millerLoopGenericBN(P, Q) + +proc finalExpBLS12Bench*(C: static Curve, iters: int) = + var r = rng.random_unsafe(Fp12[C]) + bench("Final Exponentiation BLS12", C, iters): + r.finalExpEasy() + r.finalExpHard_BLS12() + +proc finalExpBNBench*(C: static Curve, iters: int) = + var r = rng.random_unsafe(Fp12[C]) + bench("Final Exponentiation BN", C, iters): + r.finalExpEasy() + r.finalExpHard_BN() + +proc pairingBLS12Bench*(C: static Curve, iters: int) = + let + P = rng.random_point(ECP_ShortW_Aff[Fp[C], NotOnTwist]) + Q = rng.random_point(ECP_ShortW_Aff[Fp2[C], OnTwist]) + + var f: Fp12[C] + bench("Pairing BLS12", C, iters): + f.pairing_bls12(P, Q) + +proc pairingBNBench*(C: static Curve, iters: int) = + let + P = rng.random_point(ECP_ShortW_Aff[Fp[C], NotOnTwist]) + Q = rng.random_point(ECP_ShortW_Aff[Fp2[C], OnTwist]) + + var f: Fp12[C] + bench("Pairing BN", C, iters): + f.pairing_bn(P, Q) diff --git a/constantine.nimble b/constantine.nimble index 14b2938..5c671ac 100644 --- a/constantine.nimble +++ b/constantine.nimble @@ -270,6 +270,10 @@ proc buildAllBenches() = buildBench("bench_pairing_bls12_381") buildBench("bench_pairing_bn254_nogami") buildBench("bench_pairing_bn254_snarks") + buildBench("bench_summary_bls12_377") + buildBench("bench_summary_bls12_381") + buildBench("bench_summary_bn254_nogami") + buildBench("bench_summary_bn254_snarks") buildBench("bench_sha256") echo "All benchmarks compile successfully." @@ -385,6 +389,9 @@ task test_parallel_no_gmp_no_assembler, "Run all tests in parallel (via GNU para if not defined(windows) or not (existsEnv"UCPU" or getEnv"UCPU" == "i686"): buildAllBenches() +# Finite field 𝔽p +# ------------------------------------------ + task bench_fp, "Run benchmark 𝔽p with your default compiler": runBench("bench_fp") @@ -400,6 +407,9 @@ task bench_fp_gcc_noasm, "Run benchmark 𝔽p with gcc - no Assembly": task bench_fp_clang_noasm, "Run benchmark 𝔽p with clang - no Assembly": runBench("bench_fp", "clang", useAsm = false) +# Double-precision field 𝔽pDbl +# ------------------------------------------ + task bench_fpdbl, "Run benchmark 𝔽pDbl with your default compiler": runBench("bench_fp_double_precision") @@ -415,6 +425,9 @@ task bench_fpdbl_gcc_noasm, "Run benchmark 𝔽p with gcc - no Assembly": task bench_fpdbl_clang_noasm, "Run benchmark 𝔽p with clang - no Assembly": runBench("bench_fp_double_precision", "clang", useAsm = false) +# Extension field 𝔽p2 +# ------------------------------------------ + task bench_fp2, "Run benchmark with 𝔽p2 your default compiler": runBench("bench_fp2") @@ -430,6 +443,9 @@ task bench_fp2_gcc_noasm, "Run benchmark 𝔽p2 with gcc - no Assembly": task bench_fp2_clang_noasm, "Run benchmark 𝔽p2 with clang - no Assembly": runBench("bench_fp2", "clang", useAsm = false) +# Extension field 𝔽p4 +# ------------------------------------------ + task bench_fp4, "Run benchmark with 𝔽p4 your default compiler": runBench("bench_fp4") @@ -445,6 +461,9 @@ task bench_fp4_gcc_noasm, "Run benchmark 𝔽p4 with gcc - no Assembly": task bench_fp4_clang_noasm, "Run benchmark 𝔽p4 with clang - no Assembly": runBench("bench_fp4", "clang", useAsm = false) +# Extension field 𝔽p6 +# ------------------------------------------ + task bench_fp6, "Run benchmark with 𝔽p6 your default compiler": runBench("bench_fp6") @@ -460,6 +479,9 @@ task bench_fp6_gcc_noasm, "Run benchmark 𝔽p6 with gcc - no Assembly": task bench_fp6_clang_noasm, "Run benchmark 𝔽p6 with clang - no Assembly": runBench("bench_fp6", "clang", useAsm = false) +# Extension field 𝔽p12 +# ------------------------------------------ + task bench_fp12, "Run benchmark with 𝔽p12 your default compiler": runBench("bench_fp12") @@ -475,6 +497,9 @@ task bench_fp12_gcc_noasm, "Run benchmark 𝔽p12 with gcc - no Assembly": task bench_fp12_clang_noasm, "Run benchmark 𝔽p12 with clang - no Assembly": runBench("bench_fp12", "clang", useAsm = false) +# Elliptic curve G1 +# ------------------------------------------ + task bench_ec_g1, "Run benchmark on Elliptic Curve group 𝔾1 - Short Weierstrass with Projective Coordinates - Default compiler": runBench("bench_ec_g1") @@ -490,6 +515,9 @@ task bench_ec_g1_gcc_noasm, "Run benchmark on Elliptic Curve group 𝔾1 - Short task bench_ec_g1_clang_noasm, "Run benchmark on Elliptic Curve group 𝔾1 - Short Weierstrass with Projective Coordinates - Clang no Assembly": runBench("bench_ec_g1", "clang", useAsm = false) +# Elliptic curve G2 +# ------------------------------------------ + task bench_ec_g2, "Run benchmark on Elliptic Curve group 𝔾2 - Short Weierstrass with Projective Coordinates - Default compiler": runBench("bench_ec_g2") @@ -505,6 +533,9 @@ task bench_ec_g2_gcc_noasm, "Run benchmark on Elliptic Curve group 𝔾2 - Short task bench_ec_g2_clang_noasm, "Run benchmark on Elliptic Curve group 𝔾2 - Short Weierstrass with Projective Coordinates - Clang no Assembly": runBench("bench_ec_g2", "clang", useAsm = false) +# Pairings +# ------------------------------------------ + task bench_pairing_bls12_377, "Run pairings benchmarks for BLS12-377 - Default compiler": runBench("bench_pairing_bls12_377") @@ -520,6 +551,8 @@ task bench_pairing_bls12_377_gcc_noasm, "Run pairings benchmarks for BLS12-377 - task bench_pairing_bls12_377_clang_noasm, "Run pairings benchmarks for BLS12-377 - Clang no Assembly": runBench("bench_pairing_bls12_377", "clang", useAsm = false) +# -- + task bench_pairing_bls12_381, "Run pairings benchmarks for BLS12-381 - Default compiler": runBench("bench_pairing_bls12_381") @@ -535,6 +568,8 @@ task bench_pairing_bls12_381_gcc_noasm, "Run pairings benchmarks for BLS12-381 - task bench_pairing_bls12_381_clang_noasm, "Run pairings benchmarks for BLS12-381 - Clang no Assembly": runBench("bench_pairing_bls12_381", "clang", useAsm = false) +# -- + task bench_pairing_bn254_nogami, "Run pairings benchmarks for BN254-Nogami - Default compiler": runBench("bench_pairing_bn254_nogami") @@ -550,6 +585,8 @@ task bench_pairing_bn254_nogami_gcc_noasm, "Run pairings benchmarks for BN254-No task bench_pairing_bn254_nogami_clang_noasm, "Run pairings benchmarks for BN254-Nogami - Clang no Assembly": runBench("bench_pairing_bn254_nogami", "clang", useAsm = false) +# -- + task bench_pairing_bn254_snarks, "Run pairings benchmarks for BN254-Snarks - Default compiler": runBench("bench_pairing_bn254_snarks") @@ -565,5 +602,78 @@ task bench_pairing_bn254_snarks_gcc_noasm, "Run pairings benchmarks for BN254-Sn task bench_pairing_bn254_snarks_clang_noasm, "Run pairings benchmarks for BN254-Snarks - Clang no Assembly": runBench("bench_pairing_bn254_snarks", "clang", useAsm = false) + +# Curve summaries +# ------------------------------------------ + +task bench_summary_bls12_377, "Run summary benchmarks for BLS12-377 - Default compiler": + runBench("bench_summary_bls12_377") + +task bench_summary_bls12_377_gcc, "Run summary benchmarks for BLS12-377 - GCC": + runBench("bench_summary_bls12_377", "gcc") + +task bench_summary_bls12_377_clang, "Run summary benchmarks for BLS12-377 - Clang": + runBench("bench_summary_bls12_377", "clang") + +task bench_summary_bls12_377_gcc_noasm, "Run summary benchmarks for BLS12-377 - GCC no Assembly": + runBench("bench_summary_bls12_377", "gcc", useAsm = false) + +task bench_summary_bls12_377_clang_noasm, "Run summary benchmarks for BLS12-377 - Clang no Assembly": + runBench("bench_summary_bls12_377", "clang", useAsm = false) + +# -- + +task bench_summary_bls12_381, "Run summary benchmarks for BLS12-381 - Default compiler": + runBench("bench_summary_bls12_381") + +task bench_summary_bls12_381_gcc, "Run summary benchmarks for BLS12-381 - GCC": + runBench("bench_summary_bls12_381", "gcc") + +task bench_summary_bls12_381_clang, "Run summary benchmarks for BLS12-381 - Clang": + runBench("bench_summary_bls12_381", "clang") + +task bench_summary_bls12_381_gcc_noasm, "Run summary benchmarks for BLS12-381 - GCC no Assembly": + runBench("bench_summary_bls12_381", "gcc", useAsm = false) + +task bench_summary_bls12_381_clang_noasm, "Run summary benchmarks for BLS12-381 - Clang no Assembly": + runBench("bench_summary_bls12_381", "clang", useAsm = false) + +# -- + +task bench_summary_bn254_nogami, "Run summary benchmarks for BN254-Nogami - Default compiler": + runBench("bench_summary_bn254_nogami") + +task bench_summary_bn254_nogami_gcc, "Run summary benchmarks for BN254-Nogami - GCC": + runBench("bench_summary_bn254_nogami", "gcc") + +task bench_summary_bn254_nogami_clang, "Run summary benchmarks for BN254-Nogami - Clang": + runBench("bench_summary_bn254_nogami", "clang") + +task bench_summary_bn254_nogami_gcc_noasm, "Run summary benchmarks for BN254-Nogami - GCC no Assembly": + runBench("bench_summary_bn254_nogami", "gcc", useAsm = false) + +task bench_summary_bn254_nogami_clang_noasm, "Run summary benchmarks for BN254-Nogami - Clang no Assembly": + runBench("bench_summary_bn254_nogami", "clang", useAsm = false) + +# -- + +task bench_summary_bn254_snarks, "Run summary benchmarks for BN254-Snarks - Default compiler": + runBench("bench_summary_bn254_snarks") + +task bench_summary_bn254_snarks_gcc, "Run summary benchmarks for BN254-Snarks - GCC": + runBench("bench_summary_bn254_snarks", "gcc") + +task bench_summary_bn254_snarks_clang, "Run summary benchmarks for BN254-Snarks - Clang": + runBench("bench_summary_bn254_snarks", "clang") + +task bench_summary_bn254_snarks_gcc_noasm, "Run summary benchmarks for BN254-Snarks - GCC no Assembly": + runBench("bench_summary_bn254_snarks", "gcc", useAsm = false) + +task bench_summary_bn254_snarks_clang_noasm, "Run summary benchmarks for BN254-Snarks - Clang no Assembly": + runBench("bench_summary_bn254_snarks", "clang", useAsm = false) + +# Hashes +# ------------------------------------------ + task bench_sha256, "Run SHA256 benchmarks": runBench("bench_sha256")