Files @ 9c2ba9189ec1
Branch filter:

Location: Shamira/performance.md - annotation

Laman
Added signature for changeset 70b995be6712
# Performance comparison #
## The base case ##

Let's assume we have a secret of length _m_. The splitting takes _n_ evaluations of a polynomial of order _k_ (over Galois field 256) for each byte, leading to _O(n\*k\*m)_ finite field multiplications. Reconstruction of the constant parameters during joining first precomputes parts of the Lagrange polynomial and then reuses them for each byte, taking _O(k\*k + k\*m)_ multiplications.

Benchmark results. Measured on a mid-end laptop made in 2020. The times for split and join mean _seconds per byte_ of the secret length:
<table>
    <tr>
        <th>Revision</th>
        <th>Features</th>
        <th>k / n parameters</th>
        <th>Split</th>
        <th>Join</th>
    </tr>
    <tr>
        <td rowspan="2">a47ae3e113cc</td>
        <td rowspan="2">-</td>
        <td>2 / 3</td>
        <td>5.02e-06</td>
        <td>4.12e-05</td>
    </tr>
    <tr>
        <td>254 / 254</td>
        <td>0.0125</td>
        <td>0.00175</td>
    </tr>
    <tr>
        <td rowspan="2">c6815615a077</td>
        <td rowspan="2">gfmul() caching</td>
        <td>2 / 3</td>
        <td>5.38e-06</td>
        <td>4.28e-05</td>
    </tr>
    <tr>
        <td>254 / 254</td>
        <td>0.00741</td>
        <td>0.00156</td>
    </tr>
    <tr>
        <td rowspan="2">0957647049ef</td>
        <td rowspan="2">splitting with FFT</td>
        <td>2 / 3</td>
        <td>1.26e-05</td>
        <td>-</td>
    </tr>
    <tr>
        <td>254 / 254</td>
        <td>0.00828</td>
        <td>-</td>
    </tr>
    <tr>
        <td rowspan="2">d5f60adc56c0</td>
        <td rowspan="2">splitting with FFT,<br> caching gfmul(), gfpow(), precompute_x()</td>
        <td>2 / 3</td>
        <td>7.88e-06</td>
        <td>-</td>
    </tr>
    <tr>
        <td>254 / 254</td>
        <td>0.00183</td>
        <td>-</td>
    </tr>
</table>