issues
search
dfns
/
cggmp21
State-of-art threshold ECDSA in Rust
Apache License 2.0
41
stars
6
forks
source link
Rename default security level
#64
Closed
survived
closed
8 months ago
github-actions[bot]
commented
8 months ago
Benchmark Result
Benchmarks
```text RUST_TESTS_SEED=9a2c3345528a1b2f1bb23d6630e28d27d3f6e4e5f73e6c04663c56b94305daf2 n = 3 Non-threshold DKG Protocol Performance: - Protocol took 857.69µs to complete In particular: - Setup: 8.90µs - Setup networking: 8.60µs (96.6%) - Unstaged: 300.00ns (3.4%) - Round 1: 196.10µs - Compute execution id: 200.00ns (0.1%) - Sample x_i, rid_i: 81.90µs (41.8%) - Sample schnorr commitment: 74.30µs (37.9%) - Commit to public data: 39.20µs (20.0%) - Unstaged: 500.00ns (0.3%) - Round 2: 4.30µs - Hash received msgs (reliability check): 4.10µs (95.3%) - Unstaged: 200.00ns (4.7%) - Round 3: 400.00ns - Assert other parties hashed messages (reliability check): 200.00ns (50.0%) - Unstaged: 200.00ns (50.0%) - Round 4: 66.60µs - Validate decommitments: 63.40µs (95.2%) - Calculate challege rid: 2.50µs (3.8%) - Prove knowledge of `x_i`: 300.00ns (0.5%) - Unstaged: 400.00ns (0.6%) - Round 5: 581.40µs - Validate schnorr proofs: 580.80µs (99.9%) - Unstaged: 600.00ns (0.1%) Threshold DKG Protocol Performance: - Protocol took 1.76ms to complete In particular: - Setup: 3.40µs - Setup networking: 3.30µs (97.1%) - Unstaged: 100.00ns (2.9%) - Round 1: 258.20µs - Compute execution id: 100.00ns (0.0%) - Sample rid_i, schnorr commitment, polynomial: 224.80µs (87.1%) - Commit to public data: 32.80µs (12.7%) - Unstaged: 500.00ns (0.2%) - Round 2: 4.30µs - Hash received msgs (reliability check): 4.00µs (93.0%) - Unstaged: 300.00ns (7.0%) - Round 3: 300.00ns - Assert other parties hashed messages (reliability check): 200.00ns (66.7%) - Unstaged: 100.00ns (33.3%) - Round 4: 1.12ms - Validate decommitments: 62.20µs (5.5%) - Validate data size: 400.00ns (0.0%) - Validate Feldmann VSS: 534.60µs (47.5%) - Compute rid: 600.00ns (0.1%) - Compute Ys: 504.70µs (44.9%) - Compute sigma: 600.00ns (0.1%) - Calculate challenge: 21.00µs (1.9%) - Prove knowledge of `sigma_i`: 500.00ns (0.0%) - Unstaged: 300.00ns (0.0%) - Round 5: 364.70µs - Validate schnorr proofs: 344.30µs (94.4%) - Derive resulting public key and other data: 1.90µs (0.5%) - Unstaged: 18.50µs (5.1%) Auxiliary data generation protocol Protocol Performance: - Protocol took 14.00s to complete In particular: - Setup: 8.90µs - Retrieve auxiliary data: 400.00ns (4.5%) - Setup networking: 7.30µs (82.0%) - Precompute execution id and shared state: 1.10µs (12.4%) - Unstaged: 100.00ns (1.1%) - Round 1: 1.68s - Retrieve primes (p and q): 100.00ns (0.0%) - Compute paillier decryption key (N): 31.20µs (0.0%) - Generate auxiliary params r, λ, t, s: 12.31ms (0.7%) - Prove Πprm (ψˆ_i): 1.66s (99.2%) - Sample random bytes: 2.40µs (0.0%) - Compute hash commitment and sample decommitment: 1.37ms (0.1%) - Unstaged: 400.00ns (0.0%) - Round 2: 5.40µs - Hash received msgs (reliability check): 4.90µs (90.7%) - Unstaged: 500.00ns (9.3%) - Round 3: 800.00ns - Assert other parties hashed messages (reliability check): 500.00ns (62.5%) - Unstaged: 300.00ns (37.5%) - Round 4: 8.65s - Validate round 1 decommitments: 2.25ms (0.0%) - Validate П_prm (ψ_i): 3.34s (38.6%) - Add together shared random bytes: 5.10µs (0.0%) - Compute П_mod (ψ_i): 5.06s (58.5%) - Assemble security params for П_fac (ф_i): 9.70µs (0.0%) - Compute П_fac (ф_i^j): 251.99ms (2.9%) - Unstaged: 1.90µs (0.0%) - Round 5: 3.68s - Validate ψ_j (П_mod): 3.42s (92.9%) - Validate ф_j (П_fac): 259.67ms (7.1%) - Assemble auxiliary info: 210.00µs (0.0%) - Unstaged: 1.00µs (0.0%) Signing protocol Protocol Performance: - Protocol took 2.36s to complete In particular: - Setup: 112.80µs - Map t-out-of-n protocol to t-out-of-t: 6.00µs (5.3%) - Retrieve auxiliary data: 100.30µs (88.9%) - Precompute execution id and security params: 900.00ns (0.8%) - Setup networking: 5.50µs (4.9%) - Unstaged: 100.00ns (0.1%) - Round 1: 185.17ms - Generate local ephemeral secrets (k_i, y_i, p_i, v_i): 70.40µs (0.0%) - Encrypt G_i and K_i: 50.26ms (27.1%) - Prove ψ0_j: 134.83ms (72.8%) - Unstaged: 5.20µs (0.0%) - Round 2: 154.20µs - Hash received msgs (reliability check): 153.70µs (99.7%) - Unstaged: 500.00ns (0.3%) - Round 3: 1.19s - Assert other parties hashed messages (reliability check): 1.70µs (0.0%) - Verify psi0 proofs: 133.55ms (11.2%) - Sample random r, hat_r, s, hat_s, beta, hat_beta: 65.90µs (0.0%) - Encrypt D_ji: 104.98ms (8.8%) - Encrypt F_ji: 51.28ms (4.3%) - Encrypt hat_D_ji: 98.91ms (8.3%) - Encrypt hat_F_ji: 53.21ms (4.5%) - Prove psi_ji: 322.54ms (27.1%) - Prove psiˆ_ji: 301.59ms (25.3%) - Prove psi_prime_ji : 125.88ms (10.6%) - Unstaged: 6.40µs (0.0%) - Round 4: 850.35ms - Retrieve auxiliary data: 9.90µs (0.0%) - Validate psi: 245.90ms (28.9%) - Validate hat_psi: 240.18ms (28.2%) - Validate psi_prime: 137.65ms (16.2%) - Compute Gamma, Delta_i, delta_i, chi_i: 107.49ms (12.6%) - Prove psi_prime_prime: 119.12ms (14.0%) - Unstaged: 1.20µs (0.0%) - Presig output: 129.81ms - Validate psi_prime_prime: 129.62ms (99.9%) - Calculate presignature: 188.00µs (0.1%) - Unstaged: 2.70µs (0.0%) - Partial signing: 14.40µs - Signature reconstruction: 270.60µs ```
Benchmark Result
Benchmarks
```text RUST_TESTS_SEED=9a2c3345528a1b2f1bb23d6630e28d27d3f6e4e5f73e6c04663c56b94305daf2 n = 3 Non-threshold DKG Protocol Performance: - Protocol took 857.69µs to complete In particular: - Setup: 8.90µs - Setup networking: 8.60µs (96.6%) - Unstaged: 300.00ns (3.4%) - Round 1: 196.10µs - Compute execution id: 200.00ns (0.1%) - Sample x_i, rid_i: 81.90µs (41.8%) - Sample schnorr commitment: 74.30µs (37.9%) - Commit to public data: 39.20µs (20.0%) - Unstaged: 500.00ns (0.3%) - Round 2: 4.30µs - Hash received msgs (reliability check): 4.10µs (95.3%) - Unstaged: 200.00ns (4.7%) - Round 3: 400.00ns - Assert other parties hashed messages (reliability check): 200.00ns (50.0%) - Unstaged: 200.00ns (50.0%) - Round 4: 66.60µs - Validate decommitments: 63.40µs (95.2%) - Calculate challege rid: 2.50µs (3.8%) - Prove knowledge of `x_i`: 300.00ns (0.5%) - Unstaged: 400.00ns (0.6%) - Round 5: 581.40µs - Validate schnorr proofs: 580.80µs (99.9%) - Unstaged: 600.00ns (0.1%) Threshold DKG Protocol Performance: - Protocol took 1.76ms to complete In particular: - Setup: 3.40µs - Setup networking: 3.30µs (97.1%) - Unstaged: 100.00ns (2.9%) - Round 1: 258.20µs - Compute execution id: 100.00ns (0.0%) - Sample rid_i, schnorr commitment, polynomial: 224.80µs (87.1%) - Commit to public data: 32.80µs (12.7%) - Unstaged: 500.00ns (0.2%) - Round 2: 4.30µs - Hash received msgs (reliability check): 4.00µs (93.0%) - Unstaged: 300.00ns (7.0%) - Round 3: 300.00ns - Assert other parties hashed messages (reliability check): 200.00ns (66.7%) - Unstaged: 100.00ns (33.3%) - Round 4: 1.12ms - Validate decommitments: 62.20µs (5.5%) - Validate data size: 400.00ns (0.0%) - Validate Feldmann VSS: 534.60µs (47.5%) - Compute rid: 600.00ns (0.1%) - Compute Ys: 504.70µs (44.9%) - Compute sigma: 600.00ns (0.1%) - Calculate challenge: 21.00µs (1.9%) - Prove knowledge of `sigma_i`: 500.00ns (0.0%) - Unstaged: 300.00ns (0.0%) - Round 5: 364.70µs - Validate schnorr proofs: 344.30µs (94.4%) - Derive resulting public key and other data: 1.90µs (0.5%) - Unstaged: 18.50µs (5.1%) Auxiliary data generation protocol Protocol Performance: - Protocol took 14.00s to complete In particular: - Setup: 8.90µs - Retrieve auxiliary data: 400.00ns (4.5%) - Setup networking: 7.30µs (82.0%) - Precompute execution id and shared state: 1.10µs (12.4%) - Unstaged: 100.00ns (1.1%) - Round 1: 1.68s - Retrieve primes (p and q): 100.00ns (0.0%) - Compute paillier decryption key (N): 31.20µs (0.0%) - Generate auxiliary params r, λ, t, s: 12.31ms (0.7%) - Prove Πprm (ψˆ_i): 1.66s (99.2%) - Sample random bytes: 2.40µs (0.0%) - Compute hash commitment and sample decommitment: 1.37ms (0.1%) - Unstaged: 400.00ns (0.0%) - Round 2: 5.40µs - Hash received msgs (reliability check): 4.90µs (90.7%) - Unstaged: 500.00ns (9.3%) - Round 3: 800.00ns - Assert other parties hashed messages (reliability check): 500.00ns (62.5%) - Unstaged: 300.00ns (37.5%) - Round 4: 8.65s - Validate round 1 decommitments: 2.25ms (0.0%) - Validate П_prm (ψ_i): 3.34s (38.6%) - Add together shared random bytes: 5.10µs (0.0%) - Compute П_mod (ψ_i): 5.06s (58.5%) - Assemble security params for П_fac (ф_i): 9.70µs (0.0%) - Compute П_fac (ф_i^j): 251.99ms (2.9%) - Unstaged: 1.90µs (0.0%) - Round 5: 3.68s - Validate ψ_j (П_mod): 3.42s (92.9%) - Validate ф_j (П_fac): 259.67ms (7.1%) - Assemble auxiliary info: 210.00µs (0.0%) - Unstaged: 1.00µs (0.0%) Signing protocol Protocol Performance: - Protocol took 2.36s to complete In particular: - Setup: 112.80µs - Map t-out-of-n protocol to t-out-of-t: 6.00µs (5.3%) - Retrieve auxiliary data: 100.30µs (88.9%) - Precompute execution id and security params: 900.00ns (0.8%) - Setup networking: 5.50µs (4.9%) - Unstaged: 100.00ns (0.1%) - Round 1: 185.17ms - Generate local ephemeral secrets (k_i, y_i, p_i, v_i): 70.40µs (0.0%) - Encrypt G_i and K_i: 50.26ms (27.1%) - Prove ψ0_j: 134.83ms (72.8%) - Unstaged: 5.20µs (0.0%) - Round 2: 154.20µs - Hash received msgs (reliability check): 153.70µs (99.7%) - Unstaged: 500.00ns (0.3%) - Round 3: 1.19s - Assert other parties hashed messages (reliability check): 1.70µs (0.0%) - Verify psi0 proofs: 133.55ms (11.2%) - Sample random r, hat_r, s, hat_s, beta, hat_beta: 65.90µs (0.0%) - Encrypt D_ji: 104.98ms (8.8%) - Encrypt F_ji: 51.28ms (4.3%) - Encrypt hat_D_ji: 98.91ms (8.3%) - Encrypt hat_F_ji: 53.21ms (4.5%) - Prove psi_ji: 322.54ms (27.1%) - Prove psiˆ_ji: 301.59ms (25.3%) - Prove psi_prime_ji : 125.88ms (10.6%) - Unstaged: 6.40µs (0.0%) - Round 4: 850.35ms - Retrieve auxiliary data: 9.90µs (0.0%) - Validate psi: 245.90ms (28.9%) - Validate hat_psi: 240.18ms (28.2%) - Validate psi_prime: 137.65ms (16.2%) - Compute Gamma, Delta_i, delta_i, chi_i: 107.49ms (12.6%) - Prove psi_prime_prime: 119.12ms (14.0%) - Unstaged: 1.20µs (0.0%) - Presig output: 129.81ms - Validate psi_prime_prime: 129.62ms (99.9%) - Calculate presignature: 188.00µs (0.1%) - Unstaged: 2.70µs (0.0%) - Partial signing: 14.40µs - Signature reconstruction: 270.60µs ```