jmg
/
ed448goldilocks
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
561 Commits
2 Branches
1.6 MiB
 
 
 
 
 
Tree: c3917f27cb
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'c3917f27cb'
${ noResults }
ed448goldilocks/test/bench_decaf.cxx

262 lines
8.5 KiB
Raw Blame History 

  1. /**

  2.  * @file test_decaf.cxx

  3.  * @author Mike Hamburg

  4.  *

  5.  * @copyright

  6.  *   Copyright (c) 2015 Cryptography Research, Inc.  \n

  7.  *   Released under the MIT License.  See LICENSE.txt for license information.

  8.  *

  9.  * @brief C++ benchmarks, because that's easier.

  10.  */

  11. 

  12. #include <decaf.hxx>

  13. #include <decaf/shake.hxx>

  14. #include <decaf/sha512.hxx>

  15. #include <decaf/spongerng.hxx>

  16. #include <decaf/eddsa.hxx>

  17. #include <stdio.h>

  18. #include <assert.h>

  19. #include <stdint.h>

  20. #include <vector>

  21. #include <algorithm>

  22. 

  23. using namespace decaf;

  24. 

  25. #if defined _MSC_VER  // Turn off attribute code and rename inline

  26. #define __attribute__(x)        // Turn off attribute code

  27. #define __attribute(x)

  28. #define __inline__ __inline  // Use MSVC inline

  29. #endif // MSVC

  30. 

  31. static __inline__ void __attribute__((unused)) ignore_result ( int result ) { (void)result; }

  32. #if defined _MSC_VER  // MSVC does not have gettimeoftheday

  33. #include <chrono>

  34. static double now(void) {

  35.   static const auto beg = std::chrono::high_resolution_clock::now();

  36.   auto end_time = std::chrono::high_resolution_clock::now();

  37.   auto time = end_time - beg;

  38.   double duration = 0.000001 * std::chrono::duration_cast<std::chrono::microseconds>(time).count();

  39.   return duration;

  40. }

  41. #else

  42. #include <sys/time.h>

  43. static double now(void) {

  44.   struct timeval tv;

  45.   gettimeofday(&tv, NULL);

  46.   return tv.tv_sec + tv.tv_usec/1000000.0;

  47. }

  48. #endif

  49. 

  50. 

  51. // RDTSC from the chacha code

  52. #ifndef __has_builtin

  53. #define __has_builtin(X) 0

  54. #endif

  55. #if defined(__clang__) && __has_builtin(__builtin_readcyclecounter)

  56. #define rdtsc __builtin_readcyclecounter

  57. #else

  58. static inline uint64_t rdtsc(void) {

  59. # if defined(__x86_64__)

  60.     uint32_t lobits, hibits;

  61.     __asm__ __volatile__ ("rdtsc" : "=a"(lobits), "=d"(hibits));

  62.     return (lobits | ((uint64_t)(hibits) << 32));

  63. # elif defined(__i386__)

  64.     uint64_t __value;

  65.     __asm__ __volatile__ ("rdtsc" : "=A"(__value));

  66.     return __value;

  67. # else

  68.     return 0;

  69. # endif

  70. }

  71. #endif

  72. 

  73. static void printSI(double x, const char *unit, const char *spacer = " ") {

  74.     const char *small[] = {" ","m","ยต","n","p"};

  75.     const char *big[] = {" ","k","M","G","T"};

  76.     if (x < 1) {

  77.         unsigned di=0;

  78.         for (di=0; di<sizeof(small)/sizeof(*small)-1 && x && x < 1; di++) { 

  79.             x *= 1000.0;

  80.         }

  81.         printf("%6.2f%s%s%s", x, spacer, small[di], unit);

  82.     } else {

  83.         unsigned di=0;

  84.         for (di=0; di<sizeof(big)/sizeof(*big)-1 && x && x >= 1000; di++) { 

  85.             x /= 1000.0;

  86.         }

  87.         printf("%6.2f%s%s%s", x, spacer, big[di], unit);

  88.     }

  89. }

  90. 

  91. class Benchmark {

  92.     static const int NTESTS = 20, NSAMPLES=50, DISCARD=2;

  93.     static double totalCy, totalS;

  94. public:

  95.     int i, j, ntests, nsamples;

  96.     double begin;

  97.     uint64_t tsc_begin;

  98.     std::vector<double> times;

  99.     std::vector<uint64_t> cycles;

  100.     Benchmark(const char *s, double factor = 1) {

  101.         printf("%s:", s);

  102.         if (strlen(s) < 25) printf("%*s",int(25-strlen(s)),"");

  103.         fflush(stdout);

  104.         i = j = 0;

  105.         ntests = static_cast<int>(NTESTS * factor);

  106.         nsamples = NSAMPLES;

  107.         begin = now();

  108.         tsc_begin = rdtsc();

  109.         times = std::vector<double>(NSAMPLES);

  110.         cycles = std::vector<uint64_t>(NSAMPLES);

  111.     }

  112.     ~Benchmark() {

  113.         double tsc = 0;

  114.         double t = 0;

  115.         

  116.         std::sort(times.begin(), times.end());

  117.         std::sort(cycles.begin(), cycles.end());

  118.         

  119.         for (int k=DISCARD; k<nsamples-DISCARD; k++) {

  120.             tsc += cycles[k];

  121.             t += times[k];

  122.         }

  123.         

  124.         totalCy += tsc;

  125.         totalS += t;

  126.         

  127.         t /= ntests*(nsamples-2*DISCARD);

  128.         tsc /= ntests*(nsamples-2*DISCARD);

  129.         

  130.         printSI(t,"s");

  131.         printf("    ");

  132.         printSI(1/t,"/s");

  133.         if (tsc) { printf("    "); printSI(tsc, "cy"); }

  134.         printf("\n");

  135.     }

  136.     inline bool iter() {

  137.         i++;

  138.         if (i >= ntests) {

  139.             uint64_t tsc = rdtsc() - tsc_begin;

  140.             double t = now() - begin;

  141.             begin += t;

  142.             tsc_begin += tsc;

  143.             assert(j >= 0 && j < nsamples);

  144.             cycles[j] = tsc;

  145.             times[j] = t;

  146.             

  147.             j++;

  148.             i = 0;

  149.         }

  150.         return j < nsamples;

  151.     }

  152.     static void calib() {

  153.         if (totalS && totalCy) {

  154.             const char *s = "Cycle calibration";

  155.             printf("%s:", s);

  156.             if (strlen(s) < 25) printf("%*s",int(25-strlen(s)),"");

  157.             printSI(totalCy / totalS, "Hz");

  158.             printf("\n");

  159.         }

  160.     }

  161. };

  162. 

  163. double Benchmark::totalCy = 0, Benchmark::totalS = 0;

  164. 

  165. 

  166. template<typename Group> struct Benches {

  167. 

  168. typedef typename Group::Scalar Scalar;

  169. typedef typename Group::Point Point;

  170. typedef typename Group::Precomputed Precomputed;

  171. 

  172. static void cfrg() {

  173.     SpongeRng rng(Block("bench_cfrg_crypto"),SpongeRng::DETERMINISTIC);

  174.     FixedArrayBuffer<Group::DhLadder::PUBLIC_BYTES> base(rng);

  175.     FixedArrayBuffer<Group::DhLadder::PRIVATE_BYTES> s1(rng);

  176.     for (Benchmark b("RFC 7748 keygen"); b.iter(); ) { Group::DhLadder::derive_public_key(s1); }

  177.     for (Benchmark b("RFC 7748 shared secret"); b.iter(); ) { Group::DhLadder::shared_secret(base,s1); }

  178. 

  179.     FixedArrayBuffer<EdDSA<Group>::PrivateKey::SER_BYTES> e1(rng);

  180.     typename EdDSA<Group>::PublicKey pub((NOINIT()));

  181.     typename EdDSA<Group>::PrivateKey priv((NOINIT()));

  182.     SecureBuffer sig;

  183.     for (Benchmark b("EdDSA keygen"); b.iter(); ) { priv = e1; }

  184.     for (Benchmark b("EdDSA sign"); b.iter(); ) { sig = priv.sign(Block(NULL,0)); }

  185.     pub = priv;

  186.     for (Benchmark b("EdDSA verify"); b.iter(); ) { pub.verify(sig,Block(NULL,0)); }

  187. }

  188. 

  189. static void macro() {

  190.     printf("\nMacro-benchmarks for %s:\n", Group::name());

  191.     printf("CFRG crypto benchmarks:\n");

  192.     cfrg();

  193. }

  194. 

  195. static void micro() {

  196.     SpongeRng rng(Block("per-curve-benchmarks"),SpongeRng::DETERMINISTIC);

  197.     Precomputed pBase;

  198.     Point p,q;

  199.     Scalar s(1),t(2);

  200.     SecureBuffer ep, ep2(Point::SER_BYTES*2);

  201.     

  202.     printf("\nMicro-benchmarks for %s:\n", Group::name());

  203.     for (Benchmark b("Scalar add", 1000); b.iter(); ) { s+=t; }

  204.     for (Benchmark b("Scalar times", 100); b.iter(); ) { s*=t; }

  205.     for (Benchmark b("Scalar inv", 1); b.iter(); ) { s.inverse(); }

  206.     for (Benchmark b("Point add", 100); b.iter(); ) { p += q; }

  207.     for (Benchmark b("Point double", 100); b.iter(); ) { p.double_in_place(); }

  208.     for (Benchmark b("Point scalarmul"); b.iter(); ) { p * s; }

  209.     for (Benchmark b("Point encode"); b.iter(); ) { ep = p.serialize(); }

  210.     for (Benchmark b("Point decode"); b.iter(); ) { p = Point(ep); }

  211.     for (Benchmark b("Point create/destroy"); b.iter(); ) { Point r; }

  212.     for (Benchmark b("Point hash nonuniform"); b.iter(); ) { Point::from_hash(ep); }

  213.     for (Benchmark b("Point hash uniform"); b.iter(); ) { Point::from_hash(ep2); }

  214.     for (Benchmark b("Point unhash nonuniform"); b.iter(); ) { ignore_result(p.invert_elligator(ep,0)); }

  215.     for (Benchmark b("Point unhash uniform"); b.iter(); ) { ignore_result(p.invert_elligator(ep2,0)); }

  216.     for (Benchmark b("Point steg"); b.iter(); ) { p.steg_encode(rng); }

  217.     for (Benchmark b("Point double scalarmul"); b.iter(); ) { Point::double_scalarmul(p,s,q,t); }

  218.     for (Benchmark b("Point dual scalarmul"); b.iter(); ) { p.dual_scalarmul(p,q,s,t); }

  219.     for (Benchmark b("Point precmp scalarmul"); b.iter(); ) { pBase * s; }

  220.     for (Benchmark b("Point double scalarmul_v"); b.iter(); ) {

  221.         s = Scalar(rng);

  222.         t = Scalar(rng);

  223.         p.non_secret_combo_with_base(s,t);

  224.     }

  225. }

  226. 

  227. }; /* template <typename group> struct Benches */

  228. 

  229. template <typename Group> struct Macro { static void run() { Benches<Group>::macro(); } };

  230. template <typename Group> struct Micro { static void run() { Benches<Group>::micro(); } };

  231. 

  232. int main(int argc, char **argv) {

  233.     

  234.     bool micro = false;

  235.     if (argc >= 2 && !strcmp(argv[1], "--micro"))

  236.         micro = true;

  237. 

  238.     SpongeRng rng(Block("micro-benchmarks"),SpongeRng::DETERMINISTIC);

  239.     if (micro) {

  240.         printf("\nMicro-benchmarks:\n");

  241.         SHAKE<128> shake1;

  242.         SHAKE<256> shake2;

  243.         SHA3<512> sha5;

  244.         SHA512 sha2;

  245.         unsigned char b1024[1024] = {1};

  246.         for (Benchmark b("SHAKE128 1kiB", 30); b.iter(); ) { shake1 += Buffer(b1024,1024); }

  247.         for (Benchmark b("SHAKE256 1kiB", 30); b.iter(); ) { shake2 += Buffer(b1024,1024); }

  248.         for (Benchmark b("SHA3-512 1kiB", 30); b.iter(); ) { sha5 += Buffer(b1024,1024); }

  249.         for (Benchmark b("SHA512 1kiB", 30); b.iter(); ) { sha2 += Buffer(b1024,1024); }

  250.         

  251.         run_for_all_curves<Micro>();

  252.     }

  253.     

  254.     run_for_all_curves<Macro>();

  255.     

  256.     printf("\n");

  257.     Benchmark::calib();

  258.     printf("\n");

  259.     

  260.     return 0;

  261. }