yydcaib
/
KGC_TEST
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
KGC_TEST/miracl/source/bmark.c

1126 lines
35 KiB
C
Raw Blame History

/***************************************************************************
*
Copyright 2013 CertiVox UK Ltd. *
*
This file is part of CertiVox MIRACL Crypto SDK. *
*
The CertiVox MIRACL Crypto SDK provides developers with an *
extensive and efficient set of cryptographic functions. *
For further information about its features and functionalities please *
refer to http://www.certivox.com *
*
* The CertiVox MIRACL Crypto SDK is free software: you can *
redistribute it and/or modify it under the terms of the *
GNU Affero General Public License as published by the *
Free Software Foundation, either version 3 of the License, *
or (at your option) any later version. *
*
* The CertiVox MIRACL Crypto SDK is distributed in the hope *
that it will be useful, but WITHOUT ANY WARRANTY; without even the *
implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. *
See the GNU Affero General Public License for more details. *
*
* You should have received a copy of the GNU Affero General Public *
License along with CertiVox MIRACL Crypto SDK. *
If not, see <http://www.gnu.org/licenses/>. *
*
You can be released from the requirements of the license by purchasing *
a commercial license. Buying such a license is mandatory as soon as you *
develop commercial activities involving the CertiVox MIRACL Crypto SDK *
without disclosing the source code of your own applications, or shipping *
the CertiVox MIRACL Crypto SDK with a closed source product. *
*
***************************************************************************/
/*
* Benchmarking program for PK implementations
*
*/
#include <stdio.h>
#include <stdlib.h>
#include <time.h>
#include "miracl.h"
/* define minimum duration of each timing, and min. number of iterations */
#define MIN_TIME 10.0
#define MIN_ITERS 20
/* define fixed precomputation window size */
#define WINDOW 8
/* random "safe" primes - (p-1)/2 is also prime */
char p512[]="A89BmxRFLAnMTGV1EofBF3t9vxHwLw3upSiJQqGrSSJanNwAWm4qeIpR0QZos81Cb0T3GSB8Vvioo2ShdHeocZl";
char p1024[]="33pn5XYfRZ6oa1SgeSZ0gLXbIHYKsAL2vf2hMPp4BShBUUwVqJSaZMHBtYRr2C8CtD2ql3cKco8tsbol9KiiW0kmgYdmX2OYuDirwVHBXU6iarsuWLsFI8f9IcXF5mQUhhIfNL1UgB9iOopI4DZJdaAkweMrr0L7H6DTcJCv4uOG8l";
char p2048[]="9JhODtckdgHoisG3BF7icLO1W2kQN8uERdD45ta8ECK2pSl74xmjtptZhoFRXLCn8SHJtmwXTuf6aUbUUGsT6dE8GMWSkdg3qN4owcJE6wuCUiKKDOrsUEaFA6GCaSoHrHd6upEOTFJrSt5JZvvPUmZExbgTtVkZaM3EHVO5hhmaOglEXNmWbQlSZR57EPH4VS5nYPHsj3YEqtQjBxOg509VY3Efa3WCBXSILEksrBCdxBFeboPQ2ImO8gt52UX68ClTq4hUO7HltCJ8DEXT0QitGp5G39H3EGlBM7a1Pto1XRctShgDCJkKtedRvCTHJ81IaLUM2QRgVvY2oAUfU6DpqPl";
/* 160-bit Elliptic Curve A= -3 (1,y) is of prime order r wrt prime p */
char b160[]="547961736808018748879088091015409822321903727720";
char y160[]="1184021062507719516935416374276431034553065993786";
char p160[]="1243254415344564576487568858887587143562341624873";
char r160[]="1243254415344564576487570064860738948886682236669";
/* 192-bit Elliptic Curve A= -3 (1,y) is of prime order r wrt prime p */
char b192[]="4061049254666112630970447728594959377821841236338949398359";
char y192[]="939373580274738592696031201994651073677369517020051213856";
char p192[]="4361274637164371634176431764172114141371368173651736587859";
char r192[]="4361274637164371634176431764042976768701814568420333347189";
/* 224-bit Elliptic Curve A= -3 (1,y) is of prime order r wrt prime p */
char b224[]="17383927112623192126321700675122043803151281370446907580591543997888";
char y224[]="6566202929975094781252846334642707436688198986599754639429350077046";
char p224[]="26237462376427386428736423786423764364625346524653462546544347644653";
char r224[]="26237462376427386428736423786423773752689811507809031319417547459991";
/* 256-bit Elliptic Curve A= -3 (1,y) is of prime order r wrt prime p */
char b256[]="25389140340672155341527372976612393184553582461816899055687141548002290977046";
char y256[]="51289739734510562976895380525256763300476168821636300126346201758371757118206";
char p256[]="115324781748134865946503563657643838352352623747656242345890742746828256867467";
char r256[]="115324781748134865946503563657643838352221626521810006206950260876359658535911";
#ifndef MR_FP
/* Elliptic Curve wrt GF(2^163). This is NIST standard Curve */
int A163=1;
char B163[]="20A601907B8C953CA1481EB10512F78744A3205FD";
char x163[]="3F0EBA16286A2D57EA0991168D4994637E8343E36";
char y163[]="D51FBC6C71A0094FA2CDD545B11C5C0C797324F1";
int m163=163;
int a163=7;
int b163=6;
int c163=3;
char r163[]="5846006549323611672814742442876390689256843201587";
int cf163=2;
/* Elliptic Curve wrt GF(2^163). NIST Koblitz Curve */
int KA163=1;
char KB163[]="1";
char Kx163[]="396C30B475EF87A2B37CA911D272DE90E109CA80F";
char Ky163[]="3947D0E4C8BB41DC3BABB142D2923A253D6E76391";
/* Elliptic Curve wrt GF(2^233). This is NIST standard Curve */
int A233=1;
char B233[]="66647EDE6C332C7F8C0923BB58213B333B20E9CE4281FE115F7D8F90AD";
char x233[]="FAC9DFCBAC8313BB2139F1BB755FEF65BC391F8B36F8F8EB7371FD558B";
char y233[]="1006A08A41903350678E58528BEBF8A0BEFF867A7CA36716F7E01F81052";
int m233=233;
int a233=74;
int b233=0;
int c233=0;
char r233[]="6901746346790563787434755862277025555839812737345013555379383634485463";
int cf233=2;
/* Elliptic Curve wrt GF(2^233). This is NIST Koblitz Curve */
int KA233=0;
char KB233[]="1";
char Kx233[]="17232ba853a7e731af129f22ff4149563a419c26bf50a4c9d6eefad6126";
char Ky233[]="1db537dece819b7f70f555a67c427a8cd9bf18aeb9b56e0c11056fae6a3";
/* Elliptic Curve wrt GF(2^283). This is NIST standard Curve */
int A283=1;
char B283[]="27B680AC8B8596DA5A4AF8A19A0303FCA97FD7645309FA2A581485AF6263E313B79A2F5";
char x283[]="5F939258DB7DD90E1934F8C70B0DFEC2EED25B8557EAC9C80E2E198F8CDBECD86B12053";
char y283[]="3676854FE24141CB98FE6D4B20D02B4516FF702350EDDB0826779C813F0DF45BE8112F4";
int m283=283;
int a283=12;/* 119; these are faster.. */
int b283=7; /* 97; */
int c283=5; /* 93; */
char r283[]="7770675568902916283677847627294075626569625924376904889109196526770044277787378692871";
int cf283=2;
/* Elliptic Curve wrt GF(2^283). This is NIST Koblitz Curve */
int KA283=0;
char KB283[]="1";
char Kx283[]="503213f78ca44883f1a3b8162f188e553cd265f23c1567a16876913b0c2ac2458492836";
char Ky283[]="1ccda380f1c9e318d90f95d07e5426fe87e45c0e8184698e45962364e34116177dd2259";
/* Elliptic Curve wrt GF(2^571). This is NIST standard Curve */
int A571=1;
char B571[]="02F40E7E2221F295DE297117B7F3D62F5C6A97FFCB8CEFF1CD6BA8CE4A9A18AD84FFABBD8EFA59332BE7AD6756A66E294AFD185A78FF12AA520E4DE739BACA0C7FFEFF7F2955727A";
char x571[]="0303001D34B856296C16C0D40D3CD7750A93D1D2955FA80AA5F40FC8DB7B2ABDBDE53950F4C0D293CDD711A35B67FB1499AE60038614F1394ABFA3B4C850D927E1E7769C8EEC2D19";
char y571[]="037BF27342DA639B6DCCFFFEB73D69D78C6C27A6009CBBCA1980F8533921E8A684423E43BAB08A576291AF8F461BB2A8B3531D2F0485C19B16E2F1516E23DD3C1A4827AF1B8AC15B";
int m571=571;
int a571=10;
int b571=5;
int c571=2;
int cf571=2;
/* Elliptic Curve wrt GF(2^571). This is NIST Koblitz Curve */
int KA571=0;
char KB571[]="1";
char Kx571[]="026EB7A859923FBC82189631F8103FE4AC9CA2970012D5D46024804801841CA44370958493B205E647DA304DB4CEB08CBBD1BA39494776FB988B47174DCA88C7E2945283A01C8972";
char Ky571[]="0349DC807F4FBF374F4AEADE3BCA95314DD58CEC9F307A54FFC61EFC006D8A2C9D4979C0AC44AEA74FBEBBB9F772AEDCB620B01A7BA7AF1B320430C8591984F601CD4C143EF1C7A3";
#endif
void primemod(int bits,big p)
{
do {
printf("%d bit prime.....\n",bits);
bigbits(bits,p);
nxprime(p,p);
} while (logb2(p)!=bits);
}
double powers(int gb,int eb,big p)
{
int iterations=0;
big g,e,w;
clock_t start;
double elapsed;
char *mem;
mem=(char *)memalloc(3);
g=mirvar_mem(mem,0);
e=mirvar_mem(mem,1);
w=mirvar_mem(mem,2);
bigbits(gb,g);
bigbits(eb,e);
start=clock();
do {
powmod(g,e,p,w);
iterations++;
elapsed=(clock()-start)/(double)CLOCKS_PER_SEC;
} while (elapsed<MIN_TIME || iterations<MIN_ITERS);
elapsed=1000.0*elapsed/iterations;
printf("R - %8d iterations of %4d/%4d ",iterations,gb,eb);
printf(" %8.2lf ms per iteration\n",elapsed);
memkill(mem,3);
return elapsed;
}
double mults(int eb,epoint *g)
{
big e;
int iterations=0;
clock_t start;
double elapsed;
epoint *w,*r;
char *mem1;
char *mem2;
mem1=(char *)memalloc(1);
mem2=(char *)ecp_memalloc(2);
e=mirvar_mem(mem1,0);
w=epoint_init_mem(mem2,0);
r=epoint_init_mem(mem2,1);
bigbits(eb,e);
ecurve_mult(e,g,r); /* generate a random point on the curve */
bigbits(eb,e);
start=clock();
do {
ecurve_mult(e,r,w);
iterations++;
elapsed=(clock()-start)/(double)CLOCKS_PER_SEC;
} while (elapsed<MIN_TIME || iterations<MIN_ITERS);
elapsed=1000.0*elapsed/iterations;
printf("ER - %8d iterations ",iterations);
printf(" %8.2lf ms per iteration\n",elapsed);
memkill(mem1,1);
ecp_memkill(mem2,2);
return elapsed;
}
#ifndef MR_FP
double mults2(int eb,epoint *g)
{
big e;
int iterations=0;
clock_t start;
double elapsed;
epoint *w;
epoint *r;
char *mem1;
char *mem2;
mem1=(char *)memalloc(1);
mem2=(char *)ecp_memalloc(2);
e=mirvar_mem(mem1,0);
w=epoint_init_mem(mem2,0);
r=epoint_init_mem(mem2,1);
bigbits(eb,e);
ecurve2_mult(e,g,r); /* generate a random point on the curve */
bigbits(eb,e);
start=clock();
do {
ecurve2_mult(e,r,w);
iterations++;
elapsed=(clock()-start)/(double)CLOCKS_PER_SEC;
} while (elapsed<MIN_TIME || iterations<MIN_ITERS);
elapsed=1000.0*elapsed/iterations;
printf("ER - %8d iterations ",iterations);
printf(" %8.2lf ms per iteration\n",elapsed);
memkill(mem1,1);
ecp_memkill(mem2,2);
return elapsed;
}
#endif
double powers_small_base(int g,int eb,big p)
{
int iterations=0;
big e,w;
clock_t start;
double elapsed;
char *mem;
mem=(char *)memalloc(2);
e=mirvar_mem(mem,0);
w=mirvar_mem(mem,1);
bigbits(eb,e);
start=clock();
do {
powltr(g,e,p,w);
iterations++;
elapsed=(clock()-start)/(double)CLOCKS_PER_SEC;
} while (elapsed<MIN_TIME || iterations<MIN_ITERS);
elapsed=1000.0*elapsed/iterations;
printf("S - %8d iterations of g=%d/%4d ",iterations,g,eb);
printf(" %8.2lf ms per iteration\n",elapsed);
memkill(mem,2);
return elapsed;
}
double powers_double(int gb,int eb,big p)
{
int iterations=0;
clock_t start;
double elapsed;
big g1,e1,g2,e2,w;
char *mem;
mem=(char *)memalloc(5);
g1=mirvar_mem(mem,0);
e1=mirvar_mem(mem,1);
g2=mirvar_mem(mem,2);
e2=mirvar_mem(mem,3);
w=mirvar_mem(mem,4);
bigbits(gb,g1);
bigbits(gb,g2);
bigbits(eb,e1);
bigbits(eb,e2);
start=clock();
do {
powmod2(g1,e1,g2,e2,p,w);
iterations++;
elapsed=(clock()-start)/(double)CLOCKS_PER_SEC;
} while (elapsed<MIN_TIME || iterations<MIN_ITERS);
elapsed=1000.0*elapsed/iterations;
printf("D - %8d iterations of %4d/%4d ",iterations,gb,eb);
printf(" %8.2lf ms per iteration\n",elapsed);
memkill(mem,4);
return elapsed;
}
double mult_double(int eb,epoint *g)
{
big e1,e2;
int iterations=0;
clock_t start;
double elapsed;
char *mem1;
char *mem2;
epoint *w;
epoint *r1;
epoint *r2;
mem1=(char *)memalloc(2);
mem2=(char *)ecp_memalloc(3);
e1=mirvar_mem(mem1,0);
e2=mirvar_mem(mem1,1);
w=epoint_init_mem(mem2,0);
r1=epoint_init_mem(mem2,1);
r2=epoint_init_mem(mem2,2);
bigbits(eb,e1);
ecurve_mult(e1,g,r1); /* generate a random point on the curve */
bigbits(eb,e2);
ecurve_mult(e2,g,r2); /* generate a random point on the curve */
bigbits(eb,e1);
bigbits(eb,e2);
start=clock();
do {
ecurve_mult2(e1,r1,e2,r2,w);
iterations++;
elapsed=(clock()-start)/(double)CLOCKS_PER_SEC;
} while (elapsed<MIN_TIME || iterations<MIN_ITERS);
elapsed=1000.0*elapsed/iterations;
printf("ED - %8d iterations ",iterations);
printf(" %8.2lf ms per iteration\n",elapsed);
ecp_memkill(mem2,3);
memkill(mem1,2);
return elapsed;
}
#ifndef MR_FP
double mult2_double(int eb,epoint *g)
{
big e1,e2;
int iterations=0;
clock_t start;
double elapsed;
char *mem1;
char *mem2;
epoint *w;
epoint *r1;
epoint *r2;
mem1=(char *)memalloc(2);
mem2=(char *)ecp_memalloc(3);
e1=mirvar_mem(mem1,0);
e2=mirvar_mem(mem1,1);
w=epoint_init_mem(mem2,0);
r1=epoint_init_mem(mem2,1);
r2=epoint_init_mem(mem2,2);
bigbits(eb,e1);
ecurve2_mult(e1,g,r1); /* generate a random point on the curve */
bigbits(eb,e2);
ecurve2_mult(e2,g,r2); /* generate a random point on the curve */
bigbits(eb,e1);
bigbits(eb,e2);
start=clock();
do {
ecurve2_mult2(e1,r1,e2,r2,w);
iterations++;
elapsed=(clock()-start)/(double)CLOCKS_PER_SEC;
} while (elapsed<MIN_TIME || iterations<MIN_ITERS);
elapsed=1000.0*elapsed/iterations;
printf("ED - %8d iterations ",iterations);
printf(" %8.2lf ms per iteration\n",elapsed);
ecp_memkill(mem2,3);
memkill(mem1,2);
return elapsed;
}
#endif
double powers_precomp(int gb,int eb,big p)
{
int iterations=0;
clock_t start;
double elapsed;
brick binst;
big g,e,w;
char *mem;
mem=(char *)memalloc(3);
g=mirvar_mem(mem,0);
e=mirvar_mem(mem,1);
w=mirvar_mem(mem,2);
bigbits(gb,g);
brick_init(&binst,g,p,WINDOW,eb);
bigbits(eb,e);
start=clock();
do {
pow_brick(&binst,e,w);
iterations++;
elapsed=(clock()-start)/(double)CLOCKS_PER_SEC;
} while (elapsed<MIN_TIME || iterations<MIN_ITERS);
elapsed=1000.0*elapsed/iterations;
printf("P - %8d iterations of %4d/%4d ",iterations,gb,eb);
printf(" %8.2lf ms per iteration\n",elapsed);
brick_end(&binst);
memkill(mem,3);
return elapsed;
}
double mult_precomp(int eb,big x,big y,big a,big b,big p)
{
big e,c,d;
int iterations=0;
ebrick binst;
clock_t start;
double elapsed;
char *mem;
mem=(char *)memalloc(3);
e=mirvar_mem(mem,0);
c=mirvar_mem(mem,1);
d=mirvar_mem(mem,2);
ebrick_init(&binst,x,y,a,b,p,WINDOW,eb);
bigbits(eb,e);
start=clock();
do {
mul_brick(&binst,e,c,d);
iterations++;
elapsed=(clock()-start)/(double)CLOCKS_PER_SEC;
} while (elapsed<MIN_TIME || iterations<MIN_ITERS);
elapsed=1000.0*elapsed/iterations;
printf("EP - %8d iterations ",iterations);
printf(" %8.2lf ms per iteration\n",elapsed);
ebrick_end(&binst);
memkill(mem,3);
return elapsed;
}
#ifndef MR_FP
double mult2_precomp(int eb,big x,big y,big a2,big a6,int M,int A,int B,int C)
{
big e,c,d;
int iterations=0;
ebrick2 binst;
clock_t start;
double elapsed;
char *mem;
mem=(char *)memalloc(3);
e=mirvar_mem(mem,0);
c=mirvar_mem(mem,1);
d=mirvar_mem(mem,2);
ebrick2_init(&binst,x,y,a2,a6,M,A,B,C,WINDOW,eb);
bigbits(eb,e);
start=clock();
do {
mul2_brick(&binst,e,c,d);
iterations++;
elapsed=(clock()-start)/(double)CLOCKS_PER_SEC;
} while (elapsed<MIN_TIME || iterations<MIN_ITERS);
elapsed=1000.0*elapsed/iterations;
printf("EP - %8d iterations ",iterations);
printf(" %8.2lf ms per iteration\n",elapsed);
ebrick2_end(&binst);
memkill(mem,3);
return elapsed;
}
#endif
double powers_small_exp(int gb,long ex,big p)
{
int iterations=0;
big g,e,w;
clock_t start;
double elapsed;
char *mem;
mem=(char *)memalloc(3);
g=mirvar_mem(mem,0);
e=mirvar_mem(mem,1);
w=mirvar_mem(mem,2);
bigbits(gb,g);
start=clock();
lgconv(ex,e);
do {
power(g,ex,p,w);
iterations++;
elapsed=(clock()-start)/(double)CLOCKS_PER_SEC;
} while (elapsed<MIN_TIME || iterations<MIN_ITERS);
elapsed=1000.0*elapsed/iterations;
if (ex==257L)
printf("V - %8d iterations of %4d/e=F3 ",iterations,gb);
if (ex==65537L)
printf("V - %8d iterations of %4d/e=F4 ",iterations,gb);
if (ex!=257L && ex!=65537L)
printf("V - %8d iterations of %4d/e=%2ld ",iterations,gb,ex);
printf(" %8.2lf ms per iteration\n",elapsed);
memkill(mem,3);
return elapsed;
}
int main()
{
int j,k;
big a,b,x,y,p,A2;
time_t seed;
epoint *g;
double tr1,tr2,ts,tv1,tv2,tp,td;
#ifndef MR_NOFULLWIDTH
miracl *mip=mirsys(300,0);
#else
miracl *mip=mirsys(300,MAXBASE);
#endif
p=mirvar(0);
a=mirvar(-3);
b=mirvar(0);
x=mirvar(1);
y=mirvar(0);
A2=mirvar(0);
mip->IOBASE=60;
time(&seed);
irand((long)seed);
printf("MIRACL - %d bit version\n",MIRACL);
#ifdef MR_LITTLE_ENDIAN
printf("Little Endian processor\n");
#endif
#ifdef MR_BIG_ENDIAN
printf("Big Endian processor\n");
#endif
#ifdef MR_NOASM
printf("C-Only Version of MIRACL\n");
#else
printf("Using some assembly language\n");
#endif
#ifdef MR_STRIPPED_DOWN
printf("Stripped down version of MIRACL - no error messages\n");
#endif
#ifdef MR_KCM
k=MR_KCM*MIRACL;
printf("Using KCM method \n");
printf("Optimized for %d, %d, %d, %d...etc. bit moduli\n",k,k*2,k*4,k*8);
#endif
#ifdef MR_COMBA
k=MR_COMBA*MIRACL;
printf("Using COMBA method \n");
printf("Optimized for %d bit moduli\n",k);
#endif
#ifdef MR_PENTIUM
printf("Floating-point co-processor arithmetic used for Pentium\n");
#endif
#ifndef MR_KCM
#ifndef MR_COMBA
#ifndef MR_PENTIUM
printf("No special optimizations\n");
#endif
#endif
#endif
printf("Precomputation uses fixed Window size = %d\n",WINDOW);
printf("So %d values are precomputed and stored\n",(1<<WINDOW));
#ifdef MR_NOFULLWIDTH
printf("No Fullwidth base possible\n");
#else
printf("NOTE: No optimizations/assembly language apply to GF(2^m) Elliptic Curves\n");
#endif
printf("NOTE: times are elapsed real-times - so make sure nothing else is running!\n\n");
printf("Modular exponentiation benchmarks - calculating g^e mod p\n");
printf("From these figures it should be possible to roughly estimate the time\n");
printf("required for your favourite PK algorithm, RSA, DSA, DH, etc.\n");
printf("Key R - random base bits/random exponent bits \n");
printf(" V - random base bits/(small exponent e) \n");
printf(" S - (small base g) /random exponent bits \n");
printf(" P - exponentiation with precomputation (fixed base g)\n");
printf(" D - double exponentiation g^e.a^b mod p\n");
printf("F3 = 257, F4 = 65537\n");
printf("RSA - Rivest-Shamir-Adleman\n");
printf("DH - Diffie Hellman Key exchange\n");
printf("DSA - Digital Signature Algorithm\n");
printf("\n512 bit prime....\n");
cinstr(p,p512);
k=512;
j=160;
tr1=powers(k,j,p);
td=powers_double(k,j,p);
tr2=powers(k,k,p);
ts=powers_small_base(3,j,p);
tp=powers_precomp(k,j,p);
printf("\n");
printf("%4d bit RSA decryption %8.2lf ms \n",2*k,2*tr2);
printf("%4d bit DH %d bit exponent:-\n",k,j);
printf(" offline, no precomputation %8.2lf ms \n",tr1);
printf(" offline, small base %8.2lf ms \n",ts);
printf(" offline, w. precomputation %8.2lf ms \n",tp);
printf(" online %8.2lf ms \n",tr1);
printf("%4d bit DSA %d bit exponent:-\n",k,j);
printf(" signature no precomputation %8.2lf ms \n",tr1);
printf(" signature w. precomputation %8.2lf ms \n",tp);
printf(" verification %8.2lf ms \n",td);
printf("\n1024 bit prime....\n");
cinstr(p,p1024);
k=1024; j=160;
tr1=powers(k,j,p);
td=powers_double(k,j,p);
tr2=powers(k,k,p);
tv1=powers_small_exp(k,3,p);
tv2=powers_small_exp(k,65537L,p);
ts=powers_small_base(3,j,p);
tp=powers_precomp(k,j,p);
printf("\n");
printf("%4d bit RSA decryption %8.2lf ms \n",2*k,2*tr2);
printf("%4d bit RSA encryption e=3 %8.2lf ms \n",k,tv1);
printf("%4d bit RSA encryption e=65537 %8.2lf ms \n",k,tv2);
printf("%4d bit DH %d bit exponent:-\n",k,j);
printf(" offline, no precomputation %8.2lf ms \n",tr1);
printf(" offline, small base %8.2lf ms \n",ts);
printf(" offline, w. precomputation %8.2lf ms \n",tp);
printf(" online %8.2lf ms \n",tr1);
printf("%4d bit DSA %d bit exponent:-\n",k,j);
printf(" signature no precomputation %8.2lf ms \n",tr1);
printf(" signature w. precomputation %8.2lf ms \n",tp);
printf(" verification %8.2lf ms \n",td);
printf("\n2048 bit prime....\n");
cinstr(p,p2048);
k=2048; j=256;
tr1=powers(k,j,p);
td=powers_double(k,j,p);
powers(k,k,p);
tv1=powers_small_exp(k,3,p);
tv2=powers_small_exp(k,65537L,p);
ts=powers_small_base(3,j,p);
tp=powers_precomp(k,j,p);
printf("\n");
printf("%4d bit RSA encryption e=3 %8.2lf ms \n",k,tv1);
printf("%4d bit RSA encryption e=65537 %8.2lf ms \n",k,tv2);
printf("%4d bit DH %d bit exponent:-\n",k,j);
printf(" offline, no precomputation %8.2lf ms \n",tr1);
printf(" offline, small base %8.2lf ms \n",ts);
printf(" offline, w. precomputation %8.2lf ms \n",tp);
printf(" online %8.2lf ms \n",tr1);
printf("%4d bit DSA %d bit exponent:-\n",k,j);
printf(" signature no precomputation %8.2lf ms \n",tr1);
printf(" signature w. precomputation %8.2lf ms \n",tp);
printf(" verification %8.2lf ms \n",td);
printf("\n");
printf("Elliptic Curve point multiplication benchmarks - calculating r.P\n");
printf("From these figures it should be possible to roughly estimate the time\n");
printf("required for your favourite EC PK algorithm, ECDSA, ECDH, etc.\n");
printf("Key - ER - Elliptic Curve point multiplication r.P\n");
printf(" ED - Elliptic Curve double multiplication r.P + s.Q\n");
printf(" EP - Elliptic Curve multiplication with precomputation\n");
printf("EC - Elliptic curve GF(p) - p of no special form \n");
printf("ECDH - Diffie Hellman Key exchange\n");
printf("ECDSA - Digital Signature Algorithm\n");
mip->IOBASE=10;
printf("\n160 bit GF(p) Elliptic Curve....\n");
k=160;
cinstr(p,p160);
cinstr(b,b160);
cinstr(y,y160);
ecurve_init(a,b,p,MR_PROJECTIVE);
g=epoint_init();
if (!epoint_set(x,y,0,g))
{
printf("This is not a point on the curve!\n");
exit(0);
}
tr1=mults(k,g);
td=mult_double(k,g);
tp=mult_precomp(k,x,y,a,b,p);
printf("\n");
printf("%4d bit ECDH :-\n",k);
printf(" offline, no precomputation %8.2lf ms \n",tr1);
printf(" offline, w. precomputation %8.2lf ms \n",tp);
printf(" online %8.2lf ms \n",tr1);
printf("%4d bit ECDSA :-\n",k);
printf(" signature no precomputation %8.2lf ms \n",tr1);
printf(" signature w. precomputation %8.2lf ms \n",tp);
printf(" verification %8.2lf ms \n",td);
printf("\n192 bit GF(p) Elliptic Curve....\n");
k=192;
cinstr(p,p192);
cinstr(b,b192);
cinstr(y,y192);
ecurve_init(a,b,p,MR_PROJECTIVE);
g=epoint_init();
if (!epoint_set(x,y,0,g))
{
printf("This is not a point on the curve!\n");
exit(0);
}
tr1=mults(k,g);
td=mult_double(k,g);
tp=mult_precomp(k,x,y,a,b,p);
printf("\n");
printf("%4d bit ECDH :-\n",k);
printf(" offline, no precomputation %8.2lf ms \n",tr1);
printf(" offline, w. precomputation %8.2lf ms \n",tp);
printf(" online %8.2lf ms \n",tr1);
printf("%4d bit ECDSA :-\n",k);
printf(" signature no precomputation %8.2lf ms \n",tr1);
printf(" signature w. precomputation %8.2lf ms \n",tp);
printf(" verification %8.2lf ms \n",td);
printf("\n224 bit GF(p) Elliptic Curve....\n");
k=224;
cinstr(p,p224);
cinstr(b,b224);
cinstr(y,y224);
ecurve_init(a,b,p,MR_PROJECTIVE);
g=epoint_init();
if (!epoint_set(x,y,0,g))
{
printf("This is not a point on the curve!\n");
exit(0);
}
tr1=mults(k,g);
td=mult_double(k,g);
tp=mult_precomp(k,x,y,a,b,p);
printf("\n");
printf("%4d bit ECDH :-\n",k);
printf(" offline, no precomputation %8.2lf ms \n",tr1);
printf(" offline, w. precomputation %8.2lf ms \n",tp);
printf(" online %8.2lf ms \n",tr1);
printf("%4d bit ECDSA :-\n",k);
printf(" signature no precomputation %8.2lf ms \n",tr1);
printf(" signature w. precomputation %8.2lf ms \n",tp);
printf(" verification %8.2lf ms \n",td);
printf("\n256 bit GF(p) Elliptic Curve....\n");
k=256;
cinstr(p,p256);
cinstr(b,b256);
cinstr(y,y256);
ecurve_init(a,b,p,MR_PROJECTIVE);
g=epoint_init();
if (!epoint_set(x,y,0,g))
{
printf("This is not a point on the curve!\n");
exit(0);
}
tr1=mults(k,g);
td=mult_double(k,g);
tp=mult_precomp(k,x,y,a,b,p);
printf("\n");
printf("%4d bit ECDH :-\n",k);
printf(" offline, no precomputation %8.2lf ms \n",tr1);
printf(" offline, w. precomputation %8.2lf ms \n",tp);
printf(" online %8.2lf ms \n",tr1);
printf("%4d bit ECDSA :-\n",k);
printf(" signature no precomputation %8.2lf ms \n",tr1);
printf(" signature w. precomputation %8.2lf ms \n",tp);
printf(" verification %8.2lf ms \n",td);
#ifndef MR_FP
printf("\n163 bit GF(2^m) Elliptic Curve....\n");
k=163;
mip->IOBASE=16;
cinstr(b,B163);
cinstr(x,x163);
cinstr(y,y163);
mip->IOBASE=10;
convert(A163,A2);
ecurve2_init(m163,a163,b163,c163,A2,b,FALSE,MR_PROJECTIVE);
g=epoint_init();
if (!epoint2_set(x,y,0,g))
{
printf("This is not a point on the curve!\n");
exit(0);
}
tr1=mults2(k,g);
td=mult2_double(k,g);
tp=mult2_precomp(k,x,y,A2,b,m163,a163,b163,c163);
printf("\n");
printf("%4d bit ECDH :-\n",k);
printf(" offline, no precomputation %8.2lf ms \n",tr1);
printf(" offline, w. precomputation %8.2lf ms \n",tp);
printf(" online %8.2lf ms \n",tr1);
printf("%4d bit ECDSA :-\n",k);
printf(" signature no precomputation %8.2lf ms \n",tr1);
printf(" signature w. precomputation %8.2lf ms \n",tp);
printf(" verification %8.2lf ms \n",td);
printf("\n163 bit GF(2^m) Koblitz Elliptic Curve....\n");
k=163;
mip->IOBASE=16;
cinstr(b,KB163);
cinstr(x,Kx163);
cinstr(y,Ky163);
mip->IOBASE=10;
convert(KA163,A2);
ecurve2_init(m163,a163,b163,c163,A2,b,FALSE,MR_PROJECTIVE);
g=epoint_init();
if (!epoint2_set(x,y,0,g))
{
printf("This is not a point on the curve!\n");
exit(0);
}
tr1=mults2(k,g);
td=mult2_double(k,g);
tp=mult2_precomp(k,x,y,A2,b,m163,a163,b163,c163);
printf("\n");
printf("%4d bit ECDH :-\n",k);
printf(" offline, no precomputation %8.2lf ms \n",tr1);
printf(" offline, w. precomputation %8.2lf ms \n",tp);
printf(" online %8.2lf ms \n",tr1);
printf("%4d bit ECDSA :-\n",k);
printf(" signature no precomputation %8.2lf ms \n",tr1);
printf(" signature w. precomputation %8.2lf ms \n",tp);
printf(" verification %8.2lf ms \n",td);
printf("\n233 bit GF(2^m) Elliptic Curve....\n");
k=233;
mip->IOBASE=16;
cinstr(b,B233);
cinstr(x,x233);
cinstr(y,y233);
mip->IOBASE=10;
convert(A233,A2);
ecurve2_init(m233,a233,b233,c233,A2,b,FALSE,MR_PROJECTIVE);
g=epoint_init();
if (!epoint2_set(x,y,0,g))
{
printf("This is not a point on the curve!\n");
exit(0);
}
tr1=mults2(k,g);
td=mult2_double(k,g);
tp=mult2_precomp(k,x,y,A2,b,m233,a233,b233,c233);
printf("\n");
printf("%4d bit ECDH :-\n",k);
printf(" offline, no precomputation %8.2lf ms \n",tr1);
printf(" offline, w. precomputation %8.2lf ms \n",tp);
printf(" online %8.2lf ms \n",tr1);
printf("%4d bit ECDSA :-\n",k);
printf(" signature no precomputation %8.2lf ms \n",tr1);
printf(" signature w. precomputation %8.2lf ms \n",tp);
printf(" verification %8.2lf ms \n",td);
printf("\n233 bit GF(2^m) Koblitz Elliptic Curve....\n");
k=233;
mip->IOBASE=16;
cinstr(b,KB233);
cinstr(x,Kx233);
cinstr(y,Ky233);
mip->IOBASE=10;
convert(KA233,A2);
ecurve2_init(m233,a233,b233,c233,A2,b,FALSE,MR_PROJECTIVE);
g=epoint_init();
if (!epoint2_set(x,y,0,g))
{
printf("This is not a point on the curve!\n");
exit(0);
}
tr1=mults2(k,g);
td=mult2_double(k,g);
tp=mult2_precomp(k,x,y,A2,b,m233,a233,b233,c233);
printf("\n");
printf("%4d bit ECDH :-\n",k);
printf(" offline, no precomputation %8.2lf ms \n",tr1);
printf(" offline, w. precomputation %8.2lf ms \n",tp);
printf(" online %8.2lf ms \n",tr1);
printf("%4d bit ECDSA :-\n",k);
printf(" signature no precomputation %8.2lf ms \n",tr1);
printf(" signature w. precomputation %8.2lf ms \n",tp);
printf(" verification %8.2lf ms \n",td);
printf("\n283 bit GF(2^m) Elliptic Curve....\n");
k=283;
mip->IOBASE=16;
cinstr(b,B283);
cinstr(x,x283);
cinstr(y,y283);
mip->IOBASE=10;
convert(A283,A2);
ecurve2_init(m283,a283,b283,c283,A2,b,FALSE,MR_PROJECTIVE);
g=epoint_init();
if (!epoint2_set(x,y,0,g))
{
printf("This is not a point on the curve!\n");
exit(0);
}
tr1=mults2(k,g);
td=mult2_double(k,g);
tp=mult2_precomp(k,x,y,A2,b,m283,a283,b283,c283);
printf("\n");
printf("%4d bit ECDH :-\n",k);
printf(" offline, no precomputation %8.2lf ms \n",tr1);
printf(" offline, w. precomputation %8.2lf ms \n",tp);
printf(" online %8.2lf ms \n",tr1);
printf("%4d bit ECDSA :-\n",k);
printf(" signature no precomputation %8.2lf ms \n",tr1);
printf(" signature w. precomputation %8.2lf ms \n",tp);
printf(" verification %8.2lf ms \n",td);
printf("\n283 bit GF(2^m) Koblitz Elliptic Curve....\n");
k=283;
mip->IOBASE=16;
cinstr(b,KB283);
cinstr(x,Kx283);
cinstr(y,Ky283);
mip->IOBASE=10;
convert(KA283,A2);
ecurve2_init(m283,a283,b283,c283,A2,b,FALSE,MR_PROJECTIVE);
g=epoint_init();
if (!epoint2_set(x,y,0,g))
{
printf("This is not a point on the curve!\n");
exit(0);
}
tr1=mults2(k,g);
td=mult2_double(k,g);
tp=mult2_precomp(k,x,y,A2,b,m283,a283,b283,c283);
printf("\n");
printf("%4d bit ECDH :-\n",k);
printf(" offline, no precomputation %8.2lf ms \n",tr1);
printf(" offline, w. precomputation %8.2lf ms \n",tp);
printf(" online %8.2lf ms \n",tr1);
printf("%4d bit ECDSA :-\n",k);
printf(" signature no precomputation %8.2lf ms \n",tr1);
printf(" signature w. precomputation %8.2lf ms \n",tp);
printf(" verification %8.2lf ms \n",td);
printf("\n571 bit GF(2^m) Elliptic Curve....\n");
k=571;
mip->IOBASE=16;
cinstr(b,B571);
cinstr(x,x571);
cinstr(y,y571);
mip->IOBASE=10;
convert(A571,A2);
ecurve2_init(m571,a571,b571,c571,A2,b,FALSE,MR_PROJECTIVE);
g=epoint_init();
if (!epoint2_set(x,y,0,g))
{
printf("This is not a point on the curve!\n");
exit(0);
}
tr1=mults2(k,g);
td=mult2_double(k,g);
tp=mult2_precomp(k,x,y,A2,b,m571,a571,b571,c571);
printf("\n");
printf("%4d bit ECDH :-\n",k);
printf(" offline, no precomputation %8.2lf ms \n",tr1);
printf(" offline, w. precomputation %8.2lf ms \n",tp);
printf(" online %8.2lf ms \n",tr1);
printf("%4d bit ECDSA :-\n",k);
printf(" signature no precomputation %8.2lf ms \n",tr1);
printf(" signature w. precomputation %8.2lf ms \n",tp);
printf(" verification %8.2lf ms \n",td);
printf("\n571 bit GF(2^m) Koblitz Elliptic Curve....\n");
k=571;
mip->IOBASE=16;
cinstr(b,KB571);
cinstr(x,Kx571);
cinstr(y,Ky571);
mip->IOBASE=10;
convert(KA571,A2);
ecurve2_init(m571,a571,b571,c571,A2,b,FALSE,MR_PROJECTIVE);
g=epoint_init();
if (!epoint2_set(x,y,0,g))
{
printf("This is not a point on the curve!\n");
exit(0);
}
tr1=mults2(k,g);
td=mult2_double(k,g);
tp=mult2_precomp(k,x,y,A2,b,m571,a571,b571,c571);
printf("\n");
printf("%4d bit ECDH :-\n",k);
printf(" offline, no precomputation %8.2lf ms \n",tr1);
printf(" offline, w. precomputation %8.2lf ms \n",tp);
printf(" online %8.2lf ms \n",tr1);
printf("%4d bit ECDSA :-\n",k);
printf(" signature no precomputation %8.2lf ms \n",tr1);
printf(" signature w. precomputation %8.2lf ms \n",tp);
printf(" verification %8.2lf ms \n",td);
#endif
return 0;
}
Reference in New Issue View Git Blame Copy Permalink