Shamira Files · performance.md

Files @ ae2466b86670

Branch filter:

Location: Shamira/performance.md - annotation

ae2466b86670 1.8 KiB text/markdown Show Source Show as Raw Download as Raw

Laman

removed the condensed code

8cbbc92dd17c
8cbbc92dd17c
8cbbc92dd17c
8cbbc92dd17c
8cbbc92dd17c
3c3a529119dd
8cbbc92dd17c
8cbbc92dd17c
8cbbc92dd17c
8cbbc92dd17c
8cbbc92dd17c
8cbbc92dd17c
8cbbc92dd17c
8cbbc92dd17c
8cbbc92dd17c
8cbbc92dd17c
8cbbc92dd17c
8cbbc92dd17c
8cbbc92dd17c
8cbbc92dd17c
8cbbc92dd17c
8cbbc92dd17c
8cbbc92dd17c
8cbbc92dd17c
8cbbc92dd17c
8cbbc92dd17c
05b690297fb5
05b690297fb5
05b690297fb5
05b690297fb5
05b690297fb5
05b690297fb5
05b690297fb5
05b690297fb5
05b690297fb5
05b690297fb5
05b690297fb5
05b690297fb5
3c3a529119dd
3c3a529119dd
3c3a529119dd
3c3a529119dd
3c3a529119dd
3c3a529119dd
3c3a529119dd
3c3a529119dd
3c3a529119dd
3c3a529119dd
3c3a529119dd
3c3a529119dd
3c3a529119dd
3c3a529119dd
3c3a529119dd
3c3a529119dd
3c3a529119dd
3c3a529119dd
3c3a529119dd
3c3a529119dd
3c3a529119dd
3c3a529119dd
3c3a529119dd
3c3a529119dd
3c3a529119dd

# Performance comparison #
## The base case ##

Let's assume we have a secret of length _m_. The splitting takes _n_ evaluations of a polynomial of order _k_ (over Galois field 256) for each byte, leading to _O(n\*k\*m)_ finite field multiplications. Reconstruction of the constant parameters during joining first precomputes parts of the Lagrange polynomial and then reuses them for each byte, taking _O(k\*k + k\*m)_ multiplications.

Benchmark results. Measured on a mid-end laptop made in 2020. The times for split and join mean _seconds per byte_ of the secret length:
<table>
    <tr>
        <th>Revision</th>
        <th>Features</th>
        <th>k / n parameters</th>
        <th>Split</th>
        <th>Join</th>
    </tr>
    <tr>
        <td rowspan="2">a47ae3e113cc</td>
        <td rowspan="2">-</td>
        <td>2 / 3</td>
        <td>5.02e-06</td>
        <td>4.12e-05</td>
    </tr>
    <tr>
        <td>254 / 254</td>
        <td>0.0125</td>
        <td>0.00175</td>
    </tr>
    <tr>
        <td rowspan="2">c6815615a077</td>
        <td rowspan="2">gfmul() caching</td>
        <td>2 / 3</td>
        <td>5.38e-06</td>
        <td>4.28e-05</td>
    </tr>
    <tr>
        <td>254 / 254</td>
        <td>0.00741</td>
        <td>0.00156</td>
    </tr>
    <tr>
        <td rowspan="2">0957647049ef</td>
        <td rowspan="2">splitting with FFT</td>
        <td>2 / 3</td>
        <td>1.26e-05</td>
        <td>-</td>
    </tr>
    <tr>
        <td>254 / 254</td>
        <td>0.00828</td>
        <td>-</td>
    </tr>
    <tr>
        <td rowspan="2">d5f60adc56c0</td>
        <td rowspan="2">splitting with FFT,<br> caching gfmul(), gfpow(), precompute_x()</td>
        <td>2 / 3</td>
        <td>7.88e-06</td>
        <td>-</td>
    </tr>
    <tr>
        <td>254 / 254</td>
        <td>0.00183</td>
        <td>-</td>
    </tr>
</table>