int main() { int j,k; big a,b,x,y,p,A2; time_t seed; epoint *g; double tr1,tr2,ts,tv1,tv2,tp,td; #ifndef MR_NOFULLWIDTH miracl *mip=mirsys(300,0); #else miracl *mip=mirsys(300,MAXBASE); #endif p=mirvar(0); a=mirvar(-3); b=mirvar(0); x=mirvar(1); y=mirvar(0); A2=mirvar(0); mip->IOBASE=60; time(&seed); irand((long)seed); printf("MIRACL - %d bit version\n",MIRACL); #ifdef MR_LITTLE_ENDIAN printf("Little Endian processor\n"); #endif #ifdef MR_BIG_ENDIAN printf("Big Endian processor\n"); #endif #ifdef MR_NOASM printf("C-Only Version of MIRACL\n"); #else printf("Using some assembly language\n"); #endif #ifdef MR_STRIPPED_DOWN printf("Stripped down version of MIRACL - no error messages\n"); #endif #ifdef MR_KCM k=MR_KCM*MIRACL; printf("Using KCM method \n"); printf("Optimized for %d, %d, %d, %d...etc. bit moduli\n",k,k*2,k*4,k*8); #endif #ifdef MR_COMBA k=MR_COMBA*MIRACL; printf("Using COMBA method \n"); printf("Optimized for %d bit moduli\n",k); #endif #ifdef MR_PENTIUM printf("Floating-point co-processor arithmetic used for Pentium\n"); #endif #ifndef MR_KCM #ifndef MR_COMBA #ifndef MR_PENTIUM printf("No special optimizations\n"); #endif #endif #endif printf("Precomputation uses fixed Window size = %d\n",WINDOW); printf("So %d values are precomputed and stored\n",(1<<WINDOW)); #ifdef MR_NOFULLWIDTH printf("No Fullwidth base possible\n"); #else printf("NOTE: No optimizations/assembly language apply to GF(2^m) Elliptic Curves\n"); #endif printf("NOTE: times are elapsed real-times - so make sure nothing else is running!\n\n"); printf("Modular exponentiation benchmarks - calculating g^e mod p\n"); printf("From these figures it should be possible to roughly estimate the time\n"); printf("required for your favourite PK algorithm, RSA, DSA, DH, etc.\n"); printf("Key R - random base bits/random exponent bits \n"); printf(" V - random base bits/(small exponent e) \n"); printf(" S - (small base g) /random exponent bits \n"); printf(" P - exponentiation with precomputation (fixed base g)\n"); printf(" D - double exponentiation g^e.a^b mod p\n"); printf("F3 = 257, F4 = 65537\n"); printf("RSA - Rivest-Shamir-Adleman\n"); printf("DH - Diffie Hellman Key exchange\n"); printf("DSA - Digital Signature Algorithm\n"); printf("\n512 bit prime....\n"); cinstr(p,p512); k=512; j=160; tr1=powers(k,j,p); td=powers_double(k,j,p); tr2=powers(k,k,p); ts=powers_small_base(3,j,p); tp=powers_precomp(k,j,p); printf("\n"); printf("%4d bit RSA decryption %8.2lf ms \n",2*k,2*tr2); printf("%4d bit DH %d bit exponent:-\n",k,j); printf(" offline, no precomputation %8.2lf ms \n",tr1); printf(" offline, small base %8.2lf ms \n",ts); printf(" offline, w. precomputation %8.2lf ms \n",tp); printf(" online %8.2lf ms \n",tr1); printf("%4d bit DSA %d bit exponent:-\n",k,j); printf(" signature no precomputation %8.2lf ms \n",tr1); printf(" signature w. precomputation %8.2lf ms \n",tp); printf(" verification %8.2lf ms \n",td); printf("\n1024 bit prime....\n"); cinstr(p,p1024); k=1024; j=160; tr1=powers(k,j,p); td=powers_double(k,j,p); tr2=powers(k,k,p); tv1=powers_small_exp(k,3,p); tv2=powers_small_exp(k,65537L,p); ts=powers_small_base(3,j,p); tp=powers_precomp(k,j,p); printf("\n"); printf("%4d bit RSA decryption %8.2lf ms \n",2*k,2*tr2); printf("%4d bit RSA encryption e=3 %8.2lf ms \n",k,tv1); printf("%4d bit RSA encryption e=65537 %8.2lf ms \n",k,tv2); printf("%4d bit DH %d bit exponent:-\n",k,j); printf(" offline, no precomputation %8.2lf ms \n",tr1); printf(" offline, small base %8.2lf ms \n",ts); printf(" offline, w. precomputation %8.2lf ms \n",tp); printf(" online %8.2lf ms \n",tr1); printf("%4d bit DSA %d bit exponent:-\n",k,j); printf(" signature no precomputation %8.2lf ms \n",tr1); printf(" signature w. precomputation %8.2lf ms \n",tp); printf(" verification %8.2lf ms \n",td); printf("\n2048 bit prime....\n"); cinstr(p,p2048); k=2048; j=256; tr1=powers(k,j,p); td=powers_double(k,j,p); powers(k,k,p); tv1=powers_small_exp(k,3,p); tv2=powers_small_exp(k,65537L,p); ts=powers_small_base(3,j,p); tp=powers_precomp(k,j,p); printf("\n"); printf("%4d bit RSA encryption e=3 %8.2lf ms \n",k,tv1); printf("%4d bit RSA encryption e=65537 %8.2lf ms \n",k,tv2); printf("%4d bit DH %d bit exponent:-\n",k,j); printf(" offline, no precomputation %8.2lf ms \n",tr1); printf(" offline, small base %8.2lf ms \n",ts); printf(" offline, w. precomputation %8.2lf ms \n",tp); printf(" online %8.2lf ms \n",tr1); printf("%4d bit DSA %d bit exponent:-\n",k,j); printf(" signature no precomputation %8.2lf ms \n",tr1); printf(" signature w. precomputation %8.2lf ms \n",tp); printf(" verification %8.2lf ms \n",td); printf("\n"); printf("Elliptic Curve point multiplication benchmarks - calculating r.P\n"); printf("From these figures it should be possible to roughly estimate the time\n"); printf("required for your favourite EC PK algorithm, ECDSA, ECDH, etc.\n"); printf("Key - ER - Elliptic Curve point multiplication r.P\n"); printf(" ED - Elliptic Curve double multiplication r.P + s.Q\n"); printf(" EP - Elliptic Curve multiplication with precomputation\n"); printf("EC - Elliptic curve GF(p) - p of no special form \n"); printf("ECDH - Diffie Hellman Key exchange\n"); printf("ECDSA - Digital Signature Algorithm\n"); mip->IOBASE=10; printf("\n160 bit GF(p) Elliptic Curve....\n"); k=160; cinstr(p,p160); cinstr(b,b160); cinstr(y,y160); ecurve_init(a,b,p,MR_PROJECTIVE); g=epoint_init(); if (!epoint_set(x,y,0,g)) { printf("This is not a point on the curve!\n"); exit(0); } tr1=mults(k,g); td=mult_double(k,g); tp=mult_precomp(k,x,y,a,b,p); printf("\n"); printf("%4d bit ECDH :-\n",k); printf(" offline, no precomputation %8.2lf ms \n",tr1); printf(" offline, w. precomputation %8.2lf ms \n",tp); printf(" online %8.2lf ms \n",tr1); printf("%4d bit ECDSA :-\n",k); printf(" signature no precomputation %8.2lf ms \n",tr1); printf(" signature w. precomputation %8.2lf ms \n",tp); printf(" verification %8.2lf ms \n",td); printf("\n192 bit GF(p) Elliptic Curve....\n"); k=192; cinstr(p,p192); cinstr(b,b192); cinstr(y,y192); ecurve_init(a,b,p,MR_PROJECTIVE); g=epoint_init(); if (!epoint_set(x,y,0,g)) { printf("This is not a point on the curve!\n"); exit(0); } tr1=mults(k,g); td=mult_double(k,g); tp=mult_precomp(k,x,y,a,b,p); printf("\n"); printf("%4d bit ECDH :-\n",k); printf(" offline, no precomputation %8.2lf ms \n",tr1); printf(" offline, w. precomputation %8.2lf ms \n",tp); printf(" online %8.2lf ms \n",tr1); printf("%4d bit ECDSA :-\n",k); printf(" signature no precomputation %8.2lf ms \n",tr1); printf(" signature w. precomputation %8.2lf ms \n",tp); printf(" verification %8.2lf ms \n",td); printf("\n224 bit GF(p) Elliptic Curve....\n"); k=224; cinstr(p,p224); cinstr(b,b224); cinstr(y,y224); ecurve_init(a,b,p,MR_PROJECTIVE); g=epoint_init(); if (!epoint_set(x,y,0,g)) { printf("This is not a point on the curve!\n"); exit(0); } tr1=mults(k,g); td=mult_double(k,g); tp=mult_precomp(k,x,y,a,b,p); printf("\n"); printf("%4d bit ECDH :-\n",k); printf(" offline, no precomputation %8.2lf ms \n",tr1); printf(" offline, w. precomputation %8.2lf ms \n",tp); printf(" online %8.2lf ms \n",tr1); printf("%4d bit ECDSA :-\n",k); printf(" signature no precomputation %8.2lf ms \n",tr1); printf(" signature w. precomputation %8.2lf ms \n",tp); printf(" verification %8.2lf ms \n",td); printf("\n256 bit GF(p) Elliptic Curve....\n"); k=256; cinstr(p,p256); cinstr(b,b256); cinstr(y,y256); ecurve_init(a,b,p,MR_PROJECTIVE); g=epoint_init(); if (!epoint_set(x,y,0,g)) { printf("This is not a point on the curve!\n"); exit(0); } tr1=mults(k,g); td=mult_double(k,g); tp=mult_precomp(k,x,y,a,b,p); printf("\n"); printf("%4d bit ECDH :-\n",k); printf(" offline, no precomputation %8.2lf ms \n",tr1); printf(" offline, w. precomputation %8.2lf ms \n",tp); printf(" online %8.2lf ms \n",tr1); printf("%4d bit ECDSA :-\n",k); printf(" signature no precomputation %8.2lf ms \n",tr1); printf(" signature w. precomputation %8.2lf ms \n",tp); printf(" verification %8.2lf ms \n",td); #ifndef MR_FP printf("\n163 bit GF(2^m) Elliptic Curve....\n"); k=163; mip->IOBASE=16; cinstr(b,B163); cinstr(x,x163); cinstr(y,y163); mip->IOBASE=10; convert(A163,A2); ecurve2_init(m163,a163,b163,c163,A2,b,FALSE,MR_PROJECTIVE); g=epoint_init(); if (!epoint2_set(x,y,0,g)) { printf("This is not a point on the curve!\n"); exit(0); } tr1=mults2(k,g); td=mult2_double(k,g); tp=mult2_precomp(k,x,y,A2,b,m163,a163,b163,c163); printf("\n"); printf("%4d bit ECDH :-\n",k); printf(" offline, no precomputation %8.2lf ms \n",tr1); printf(" offline, w. precomputation %8.2lf ms \n",tp); printf(" online %8.2lf ms \n",tr1); printf("%4d bit ECDSA :-\n",k); printf(" signature no precomputation %8.2lf ms \n",tr1); printf(" signature w. precomputation %8.2lf ms \n",tp); printf(" verification %8.2lf ms \n",td); printf("\n163 bit GF(2^m) Koblitz Elliptic Curve....\n"); k=163; mip->IOBASE=16; cinstr(b,KB163); cinstr(x,Kx163); cinstr(y,Ky163); mip->IOBASE=10; convert(KA163,A2); ecurve2_init(m163,a163,b163,c163,A2,b,FALSE,MR_PROJECTIVE); g=epoint_init(); if (!epoint2_set(x,y,0,g)) { printf("This is not a point on the curve!\n"); exit(0); } tr1=mults2(k,g); td=mult2_double(k,g); tp=mult2_precomp(k,x,y,A2,b,m163,a163,b163,c163); printf("\n"); printf("%4d bit ECDH :-\n",k); printf(" offline, no precomputation %8.2lf ms \n",tr1); printf(" offline, w. precomputation %8.2lf ms \n",tp); printf(" online %8.2lf ms \n",tr1); printf("%4d bit ECDSA :-\n",k); printf(" signature no precomputation %8.2lf ms \n",tr1); printf(" signature w. precomputation %8.2lf ms \n",tp); printf(" verification %8.2lf ms \n",td); printf("\n233 bit GF(2^m) Elliptic Curve....\n"); k=233; mip->IOBASE=16; cinstr(b,B233); cinstr(x,x233); cinstr(y,y233); mip->IOBASE=10; convert(A233,A2); ecurve2_init(m233,a233,b233,c233,A2,b,FALSE,MR_PROJECTIVE); g=epoint_init(); if (!epoint2_set(x,y,0,g)) { printf("This is not a point on the curve!\n"); exit(0); } tr1=mults2(k,g); td=mult2_double(k,g); tp=mult2_precomp(k,x,y,A2,b,m233,a233,b233,c233); printf("\n"); printf("%4d bit ECDH :-\n",k); printf(" offline, no precomputation %8.2lf ms \n",tr1); printf(" offline, w. precomputation %8.2lf ms \n",tp); printf(" online %8.2lf ms \n",tr1); printf("%4d bit ECDSA :-\n",k); printf(" signature no precomputation %8.2lf ms \n",tr1); printf(" signature w. precomputation %8.2lf ms \n",tp); printf(" verification %8.2lf ms \n",td); printf("\n233 bit GF(2^m) Koblitz Elliptic Curve....\n"); k=233; mip->IOBASE=16; cinstr(b,KB233); cinstr(x,Kx233); cinstr(y,Ky233); mip->IOBASE=10; convert(KA233,A2); ecurve2_init(m233,a233,b233,c233,A2,b,FALSE,MR_PROJECTIVE); g=epoint_init(); if (!epoint2_set(x,y,0,g)) { printf("This is not a point on the curve!\n"); exit(0); } tr1=mults2(k,g); td=mult2_double(k,g); tp=mult2_precomp(k,x,y,A2,b,m233,a233,b233,c233); printf("\n"); printf("%4d bit ECDH :-\n",k); printf(" offline, no precomputation %8.2lf ms \n",tr1); printf(" offline, w. precomputation %8.2lf ms \n",tp); printf(" online %8.2lf ms \n",tr1); printf("%4d bit ECDSA :-\n",k); printf(" signature no precomputation %8.2lf ms \n",tr1); printf(" signature w. precomputation %8.2lf ms \n",tp); printf(" verification %8.2lf ms \n",td); printf("\n283 bit GF(2^m) Elliptic Curve....\n"); k=283; mip->IOBASE=16; cinstr(b,B283); cinstr(x,x283); cinstr(y,y283); mip->IOBASE=10; convert(A283,A2); ecurve2_init(m283,a283,b283,c283,A2,b,FALSE,MR_PROJECTIVE); g=epoint_init(); if (!epoint2_set(x,y,0,g)) { printf("This is not a point on the curve!\n"); exit(0); } tr1=mults2(k,g); td=mult2_double(k,g); tp=mult2_precomp(k,x,y,A2,b,m283,a283,b283,c283); printf("\n"); printf("%4d bit ECDH :-\n",k); printf(" offline, no precomputation %8.2lf ms \n",tr1); printf(" offline, w. precomputation %8.2lf ms \n",tp); printf(" online %8.2lf ms \n",tr1); printf("%4d bit ECDSA :-\n",k); printf(" signature no precomputation %8.2lf ms \n",tr1); printf(" signature w. precomputation %8.2lf ms \n",tp); printf(" verification %8.2lf ms \n",td); printf("\n283 bit GF(2^m) Koblitz Elliptic Curve....\n"); k=283; mip->IOBASE=16; cinstr(b,KB283); cinstr(x,Kx283); cinstr(y,Ky283); mip->IOBASE=10; convert(KA283,A2); ecurve2_init(m283,a283,b283,c283,A2,b,FALSE,MR_PROJECTIVE); g=epoint_init(); if (!epoint2_set(x,y,0,g)) { printf("This is not a point on the curve!\n"); exit(0); } tr1=mults2(k,g); td=mult2_double(k,g); tp=mult2_precomp(k,x,y,A2,b,m283,a283,b283,c283); printf("\n"); printf("%4d bit ECDH :-\n",k); printf(" offline, no precomputation %8.2lf ms \n",tr1); printf(" offline, w. precomputation %8.2lf ms \n",tp); printf(" online %8.2lf ms \n",tr1); printf("%4d bit ECDSA :-\n",k); printf(" signature no precomputation %8.2lf ms \n",tr1); printf(" signature w. precomputation %8.2lf ms \n",tp); printf(" verification %8.2lf ms \n",td); printf("\n571 bit GF(2^m) Elliptic Curve....\n"); k=571; mip->IOBASE=16; cinstr(b,B571); cinstr(x,x571); cinstr(y,y571); mip->IOBASE=10; convert(A571,A2); ecurve2_init(m571,a571,b571,c571,A2,b,FALSE,MR_PROJECTIVE); g=epoint_init(); if (!epoint2_set(x,y,0,g)) { printf("This is not a point on the curve!\n"); exit(0); } tr1=mults2(k,g); td=mult2_double(k,g); tp=mult2_precomp(k,x,y,A2,b,m571,a571,b571,c571); printf("\n"); printf("%4d bit ECDH :-\n",k); printf(" offline, no precomputation %8.2lf ms \n",tr1); printf(" offline, w. precomputation %8.2lf ms \n",tp); printf(" online %8.2lf ms \n",tr1); printf("%4d bit ECDSA :-\n",k); printf(" signature no precomputation %8.2lf ms \n",tr1); printf(" signature w. precomputation %8.2lf ms \n",tp); printf(" verification %8.2lf ms \n",td); printf("\n571 bit GF(2^m) Koblitz Elliptic Curve....\n"); k=571; mip->IOBASE=16; cinstr(b,KB571); cinstr(x,Kx571); cinstr(y,Ky571); mip->IOBASE=10; convert(KA571,A2); ecurve2_init(m571,a571,b571,c571,A2,b,FALSE,MR_PROJECTIVE); g=epoint_init(); if (!epoint2_set(x,y,0,g)) { printf("This is not a point on the curve!\n"); exit(0); } tr1=mults2(k,g); td=mult2_double(k,g); tp=mult2_precomp(k,x,y,A2,b,m571,a571,b571,c571); printf("\n"); printf("%4d bit ECDH :-\n",k); printf(" offline, no precomputation %8.2lf ms \n",tr1); printf(" offline, w. precomputation %8.2lf ms \n",tp); printf(" online %8.2lf ms \n",tr1); printf("%4d bit ECDSA :-\n",k); printf(" signature no precomputation %8.2lf ms \n",tr1); printf(" signature w. precomputation %8.2lf ms \n",tp); printf(" verification %8.2lf ms \n",td); #endif return 0; }
int main(int argc, char* argv[]) { int which = 0; data_t *heap_data = (data_t *)malloc(sizeof(data_t)); if (argc >= 2) { which = atoi(argv[1]); } init(&global_data); init(heap_data); switch(which) { case 0: cilk_spawn increment_i(&global_data); // write, read race mult_double(&global_data); cilk_sync; assert(__cilksan_error_count() == 3); break; case 1: cilk_spawn mult_double(&global_data); increment_i(&global_data); // write, read race cilk_sync; assert(__cilksan_error_count() == 3); break; case 2: cilk_spawn mult_double(&global_data); update_str(&global_data, 3, 8); // read, write race cilk_sync; assert(__cilksan_error_count() == 2); break; case 3: cilk_spawn increment_i(&global_data); // write, read race read_double(&global_data); cilk_sync; assert(__cilksan_error_count() == 1); break; case 4: cilk_spawn read_double(&global_data); increment_i(&global_data); // read, write race cilk_sync; assert(__cilksan_error_count() == 1); break; case 5: cilk_spawn read_double(&global_data); update_str(&global_data, 3, 8); // read, write race cilk_sync; assert(__cilksan_error_count() == 1); break; case 6: cilk_spawn read_str(&global_data, 2, 4); update_str(&global_data, 3, 8); // read, write race cilk_sync; assert(__cilksan_error_count() == 1); break; case 7: cilk_spawn increment_i(heap_data); // write, read race mult_double(heap_data); cilk_sync; assert(__cilksan_error_count() == 3); break; case 8: cilk_spawn mult_double(heap_data); increment_i(heap_data); // write, read race cilk_sync; assert(__cilksan_error_count() == 3); break; case 9: cilk_spawn mult_double(heap_data); update_str(heap_data, 3, 8); // write, write race cilk_sync; assert(__cilksan_error_count() == 2); break; case 10: cilk_spawn increment_i(heap_data); // write, read race read_double(heap_data); cilk_sync; assert(__cilksan_error_count() == 1); break; case 11: cilk_spawn read_double(heap_data); increment_i(heap_data); // read, write race cilk_sync; // to be sure that compiler doesn't optimize it away. global_int = heap_data->i; assert(__cilksan_error_count() == 1); break; case 12: cilk_spawn read_double(heap_data); update_str(heap_data, 3, 8); // read, write race cilk_sync; assert(__cilksan_error_count() == 1); break; case 13: cilk_spawn update_str(heap_data, 8, 11); read_str(heap_data, 10, 12); // write, read race cilk_sync; assert(__cilksan_error_count() == 1); break; case 14: cilk_spawn update_str(&global_data, 8, 12); // no race mult_double(&global_data); cilk_sync; assert(__cilksan_error_count() == 0); break; case 15: cilk_spawn update_str(&global_data, 4, 12); // no race read_i(&global_data); cilk_sync; assert(__cilksan_error_count() == 0); break; case 16: cilk_spawn update_str(heap_data, 8, 12); // no race mult_double(heap_data); cilk_sync; assert(__cilksan_error_count() == 0); break; case 17: cilk_spawn update_str(heap_data, 4, 12); // no race read_i(heap_data); cilk_sync; assert(__cilksan_error_count() == 0); break; case 18: cilk_spawn update_str(heap_data, 3, 5); // no race update_str(heap_data, 5, 8); cilk_sync; assert(__cilksan_error_count() == 0); break; case 19: read_and_write(&global_data); // read write race, but just 1 read_and_write(heap_data); cilk_sync; assert(__cilksan_error_count() == 1); break; } cilk_sync; free(heap_data); return 0; }