You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@milagro.apache.org by sa...@apache.org on 2020/02/07 13:12:58 UTC
[incubator-milagro-MPC] 03/05: add benchmakr and examples for double schnorr proof

This is an automated email from the ASF dual-hosted git repository.

sandreoli pushed a commit to branch add-dschnorr-proof
in repository https://gitbox.apache.org/repos/asf/incubator-milagro-MPC.git

commit 0fefe8c23ed1f0d410506f2ea61d654797f2de90
Author: Samuele Andreoli <sa...@yahoo.it>
AuthorDate: Thu Feb 6 13:30:36 2020 +0000

    add benchmakr and examples for double schnorr proof
---
 benchmark/bench_d_schnorr.c  | 161 +++++++++++++++++++++++++++++++++++++++++++
 examples/example_d_schnorr.c | 144 ++++++++++++++++++++++++++++++++++++++
 2 files changed, 305 insertions(+)

diff --git a/benchmark/bench_d_schnorr.c b/benchmark/bench_d_schnorr.c
new file mode 100644
index 0000000..edf4226
--- /dev/null
+++ b/benchmark/bench_d_schnorr.c
@@ -0,0 +1,161 @@
+/*
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements.  See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership.  The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License.  You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied.  See the License for the
+specific language governing permissions and limitations
+under the License.
+*/
+
+/*
+ * Benchmark Schnorr's Proof.
+ */
+
+#include "bench.h"
+#include "amcl/schnorr.h"
+
+#define MIN_TIME    5.0
+#define MIN_ITERS   10
+
+// Proof input V = s.R + l.G
+char *S_hex = "803ccd21cddad626e15f21b1ad787949e9beef08e6e68a9e00df59dec16ed290";
+char *L_hex = "0c5afd75c3d8255e6c91dc4aac664337e1a87f74b40f35746fb8a81311715b31";
+char *R_hex = "032cf4b348c9d00718f01ed98923e164df53b5e8bc4c2250662ed2df784e1784f4";
+char *V_hex = "0381acba44dd777e95fdad8491e5aedfc5cdd2165070e2f29cc11a8e194cf3a65d";
+
+// Random values for commitments
+char *A_hex = "45ab980d9da6d7b45f35830afb6d5749fce755b86b83dd1720ab8b0c4ec05dd1";
+char *B_hex = "2291376f2e6e023df783d7d3155616778fb436a1eb20708922050e421321625e";
+
+int main()
+{
+    int rc;
+
+    int iterations;
+    clock_t start;
+    double elapsed;
+
+    char oct_s[SGS_SECP256K1];
+    octet S = {0, sizeof(oct_s), oct_s};
+
+    char oct_l[SGS_SECP256K1];
+    octet L = {0, sizeof(oct_l), oct_l};
+
+    char oct_r[SFS_SECP256K1 + 1];
+    octet R = {0, sizeof(oct_r), oct_r};
+
+    char v[SFS_SECP256K1+1];
+    octet V = {0, sizeof(v), v};
+
+    char a[SGS_SECP256K1];
+    octet A = {0, sizeof(a), a};
+
+    char b[SGS_SECP256K1];
+    octet B = {0, sizeof(b), b};
+
+    char c[SFS_SECP256K1+1];
+    octet C = {0, sizeof(c), c};
+
+    char e[SGS_SECP256K1];
+    octet E = {0, sizeof(e), e};
+
+    char t[SGS_SECP256K1];
+    octet T = {0, sizeof(t), t};
+
+    char u[SGS_SECP256K1];
+    octet U = {0, sizeof(u), u};
+
+    // Load values
+    OCT_fromHex(&S, S_hex);
+    OCT_fromHex(&L, L_hex);
+    OCT_fromHex(&R, R_hex);
+    OCT_fromHex(&V, V_hex);
+
+    OCT_fromHex(&A, A_hex);
+    OCT_fromHex(&B, B_hex);
+
+    print_system_info();
+
+    printf("Timing info\n");
+    printf("===========\n");
+
+    iterations=0;
+    start=clock();
+    do
+    {
+        rc = SCHNORR_D_commit(NULL, &R, &A, &B, &C);
+        iterations++;
+        elapsed=(clock()-start)/(double)CLOCKS_PER_SEC;
+    }
+    while (elapsed<MIN_TIME || iterations<MIN_ITERS);
+
+    if (rc != SCHNORR_OK)
+    {
+        printf("FAILURE SCHNORR_D_commit: %d\n", rc);
+        exit(EXIT_FAILURE);
+    }
+
+    elapsed= MICROSECOND * elapsed / iterations;
+    printf("\tSCHNORR_D_commit\t%8d iterations\t",iterations);
+    printf("%8.2lf us per iteration\n",elapsed);
+
+    iterations=0;
+    start=clock();
+    do
+    {
+        SCHNORR_D_challenge(&R, &V, &C, &E);
+        iterations++;
+        elapsed=(clock()-start)/(double)CLOCKS_PER_SEC;
+    }
+    while (elapsed<MIN_TIME || iterations<MIN_ITERS);
+
+    elapsed= MICROSECOND * elapsed / iterations;
+    printf("\tSCHNORR_D_challenge\t%8d iterations\t",iterations);
+    printf("%8.2lf us per iteration\n",elapsed);
+
+    iterations=0;
+    start=clock();
+    do
+    {
+        SCHNORR_D_prove(&A, &B, &E, &S, &L, &T, &U);
+        iterations++;
+        elapsed=(clock()-start)/(double)CLOCKS_PER_SEC;
+    }
+    while (elapsed<MIN_TIME || iterations<MIN_ITERS);
+
+    elapsed= MICROSECOND * elapsed / iterations;
+    printf("\tSCHNORR_D_prove\t\t%8d iterations\t",iterations);
+    printf("%8.2lf us per iteration\n",elapsed);
+
+    iterations = 0;
+    start = clock();
+    do
+    {
+        rc = SCHNORR_D_verify(&R, &V, &C, &E, &T, &U);
+        iterations++;
+        elapsed = (clock() - start) / (double)CLOCKS_PER_SEC;
+    }
+    while (elapsed < MIN_TIME || iterations < MIN_ITERS);
+
+    if (rc != SCHNORR_OK)
+    {
+        printf("FAILURE SCHNORR_D_verify: %d\n", rc);
+        exit(EXIT_FAILURE);
+    }
+
+    elapsed = MICROSECOND * elapsed / iterations;
+    printf("\tSCHNORR_D_verify\t%8d iterations\t", iterations);
+    printf("%8.2lf us per iteration\n", elapsed);
+
+    exit(EXIT_SUCCESS);
+}
diff --git a/examples/example_d_schnorr.c b/examples/example_d_schnorr.c
new file mode 100644
index 0000000..552f157
--- /dev/null
+++ b/examples/example_d_schnorr.c
@@ -0,0 +1,144 @@
+/*
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements.  See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership.  The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License.  You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied.  See the License for the
+specific language governing permissions and limitations
+under the License.
+*/
+
+#include "amcl/schnorr.h"
+
+/* Double Schnorr's proofs example */
+
+int main()
+{
+    int rc;
+
+    BIG_256_56 r;
+    BIG_256_56 s;
+    BIG_256_56 l;
+    BIG_256_56 q;
+    ECP_SECP256K1 G;
+    ECP_SECP256K1 ECPR;
+
+    char oct_s[SGS_SECP256K1];
+    octet S = {0, sizeof(oct_s), oct_s};
+
+    char oct_l[SGS_SECP256K1];
+    octet L = {0, sizeof(oct_l), oct_l};
+
+    char oct_r[SFS_SECP256K1 + 1];
+    octet R = {0, sizeof(oct_r), oct_r};
+
+    char v[SFS_SECP256K1+1];
+    octet V = {0, sizeof(v), v};
+
+    char a[SGS_SECP256K1];
+    octet A = {0, sizeof(a), a};
+
+    char b[SGS_SECP256K1];
+    octet B = {0, sizeof(b), b};
+
+    char c[SFS_SECP256K1+1];
+    octet C = {0, sizeof(c), c};
+
+    char e[SGS_SECP256K1];
+    octet E = {0, sizeof(e), e};
+
+    char t[SGS_SECP256K1];
+    octet T = {0, sizeof(t), t};
+
+    char u[SGS_SECP256K1];
+    octet U = {0, sizeof(u), u};
+
+    // Deterministic RNG for example
+    char seed[32] = {0};
+    csprng RNG;
+    RAND_seed(&RNG, 32, seed);
+
+    BIG_256_56_rcopy(q, CURVE_Order_SECP256K1);
+    ECP_SECP256K1_generator(&G);
+    ECP_SECP256K1_generator(&ECPR);
+
+    // Generate public R
+    BIG_256_56_randomnum(r, q, &RNG);
+    ECP_SECP256K1_mul(&ECPR, r);
+
+    ECP_SECP256K1_toOctet(&R, &ECPR, 1);
+
+    // Generate double DLOG
+    BIG_256_56_randomnum(s, q, &RNG);
+    BIG_256_56_randomnum(l, q, &RNG);
+
+    ECP_SECP256K1_mul2(&G, &ECPR, l, s);
+
+    BIG_256_56_toBytes(S.val, s);
+    BIG_256_56_toBytes(L.val, l);
+    S.len = SGS_SECP256K1;
+    L.len = SGS_SECP256K1;
+
+    ECP_SECP256K1_toOctet(&V, &G, 1);
+
+    printf("Double Schnorr's Proof of knowledge of a DLOG. V = s.R + l.G\n");
+    printf("\ts = ");
+    OCT_output(&S);
+    printf("\tl = ");
+    OCT_output(&L);
+    printf("\tR = ");
+    OCT_output(&R);
+    printf("\tV = ");
+    OCT_output(&V);
+
+    printf("\nGenerate a commitment C = a.R + b.G\n");
+    rc = SCHNORR_D_commit(&RNG, &R, &A, &B, &C);
+    if (rc != SCHNORR_OK)
+    {
+        printf("FAILURE SCHNORR_D_commit. RC %d\n", rc);
+        exit(EXIT_FAILURE);
+    }
+
+    printf("\ta = ");
+    OCT_output(&A);
+    printf("\tb = ");
+    OCT_output(&B);
+    printf("\tC = ");
+    OCT_output(&C);
+
+    printf("\nGenerate a challenge from the public parameters\n");
+    SCHNORR_D_challenge(&R, &V, &C, &E);
+
+    printf("\te = ");
+    OCT_output(&E);
+
+    printf("\nGenerate the proof (t, u)\n");
+    SCHNORR_D_prove(&A, &B, &E, &S, &L, &T, &U);
+
+    printf("\tt = ");
+    OCT_output(&T);
+    printf("\tu = ");
+    OCT_output(&U);
+
+    printf("\nTransmit proof (C,t,u) for V\n");
+
+    printf("\nCompute challenge from public parameters and verify proof\n");
+    rc = SCHNORR_D_verify(&R, &V, &C, &E, &T, &U);
+    if (rc != SCHNORR_OK)
+    {
+        printf("\tFailure! RC %d\n", rc);
+    }
+    else
+    {
+        printf("\tSuccess!\n");
+    }
+}
\ No newline at end of file