Jamie-Cui
commented
1 month ago Thanks for you suggestions, the performance improvement of field operations and group operations is one of the first-priority items. For now, you may leave this issue open as a reminder to @secretflow/yacl-dev team members.
Currently, the MPInt used by the YACL library is not as efficient compared to a highly optimized $\mathbb{F}_p$. This might not be favorable for cryptography based on $\mathbb{F}_p$. It is well-known that many cryptographic protocols and schemes are completed in $\mathbb{F}_p$, such as ECDSA and ElGamal. Furthermore, for cryptography researchers, using $\mathbb{F}_p$ to develop a cryptographic algorithm is quite common. However, the current YACL library does not have an efficient $\mathbb{F}_p$ implementation, resulting in the need to use MPInt for development. While this works functionally, in terms of performance, using MPInt for implementation is not very satisfactory.
Examples Illustrating the Necessity of This Request
Some time ago, I integrated the implementation of FastECDLP+sm2 (https://github.com/secretflow/yacl/tree/main/examples/hesm2) into YACL. However, due to the lack of an efficient $\mathbb{F}_p$, I had to use MPInt to perform a large number of operations in $\mathbb{F}_p$, resulting in a performance that was more than ten times slower compared to my implementation in Golang.
Recently, I have been developing a multi-party computation framework based on $\mathbb{F}_p$. If possible, I would like to use YACL for this development. However, the performance of using YACL's MPInt for $\mathbb{F}_p$ operations does not meet my satisfaction.
As I mentioned above, $\mathbb{F}_p$ is the underlying algebraic structure for most cryptographic protocols and schemes. If there were an efficient $\mathbb{F}_p$ implementation, I would be more inclined to use YACL. I hope the developers of YACL will consider my suggestion. If my suggestion is adopted, it would be greatly appreciated.