arnaucube
/
go-iden3-crypto
mirror of https://github.com/arnaucube/go-iden3-crypto.git
1
1
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Optimize MiMC7 migrating from *big.Int to goff 

Optimize MiMC7 migrating from *big.Int to goff generated finite field
operations.

There is still a lot of room for optimization for MiMC7 in the way that is done internally, but will be done in the future.

Benchmarks:
Tested on a Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz, with 16GB of RAM.

- Before:
```
BenchmarkMIMC7-4   	    1026	   1160298 ns/op
```

- After this commit:
```
BenchmarkMIMC7-4   	   19263	     61651 ns/op
```
feature/mimc7-goff
arnaucube 4 years ago
parent
e8be761ec7
commit
16a8a18a6d
3 changed files with 55 additions and 51 deletions
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +51
    -44
      mimc7/mimc7.go
  2. +4
    -6
      mimc7/mimc7_test.go
  3. +0
    -1
      poseidon/poseidon.go

+ 51
- 44
mimc7/mimc7.go
View File

@ -6,7 +6,7 @@ import (
"github.com/ethereum/go-ethereum/crypto" "github.com/ethereum/go-ethereum/crypto"
_constants "github.com/iden3/go-iden3-crypto/constants" _constants "github.com/iden3/go-iden3-crypto/constants"
"github.com/iden3/go-iden3-crypto/field"
"github.com/iden3/go-iden3-crypto/ff"
"github.com/iden3/go-iden3-crypto/utils" "github.com/iden3/go-iden3-crypto/utils"
) )
@ -15,73 +15,72 @@ const SEED = "mimc"
var constants = generateConstantsData() var constants = generateConstantsData()
type constantsData struct { type constantsData struct {
maxFieldVal *big.Int
seedHash *big.Int
iv *big.Int
fqR field.Fq
nRounds int
cts []*big.Int
seedHash *big.Int
iv *big.Int
nRounds int
cts []*ff.Element
} }
func generateConstantsData() constantsData { func generateConstantsData() constantsData {
var constants constantsData var constants constantsData
fqR := field.NewFq(_constants.Q)
constants.fqR = fqR
// maxFieldVal is the R value of the Finite Field
constants.maxFieldVal = constants.fqR.Q
constants.seedHash = new(big.Int).SetBytes(crypto.Keccak256([]byte(SEED))) constants.seedHash = new(big.Int).SetBytes(crypto.Keccak256([]byte(SEED)))
c := new(big.Int).SetBytes(crypto.Keccak256([]byte(SEED + "_iv"))) c := new(big.Int).SetBytes(crypto.Keccak256([]byte(SEED + "_iv")))
constants.iv = new(big.Int).Mod(c, constants.maxFieldVal)
constants.iv = new(big.Int).Mod(c, _constants.Q)
constants.nRounds = 91 constants.nRounds = 91
cts := getConstants(constants.fqR, SEED, constants.nRounds)
cts := getConstants(SEED, constants.nRounds)
constants.cts = cts constants.cts = cts
return constants return constants
} }
func getConstants(fqR field.Fq, seed string, nRounds int) []*big.Int {
cts := make([]*big.Int, nRounds)
cts[0] = big.NewInt(int64(0))
func getConstants(seed string, nRounds int) []*ff.Element {
cts := make([]*ff.Element, nRounds)
cts[0] = ff.NewElement().SetZero()
c := new(big.Int).SetBytes(crypto.Keccak256([]byte(SEED))) c := new(big.Int).SetBytes(crypto.Keccak256([]byte(SEED)))
for i := 1; i < nRounds; i++ { for i := 1; i < nRounds; i++ {
c = new(big.Int).SetBytes(crypto.Keccak256(c.Bytes())) c = new(big.Int).SetBytes(crypto.Keccak256(c.Bytes()))
n := fqR.Affine(c)
cts[i] = n
n := new(big.Int).Mod(c, _constants.Q)
cts[i] = ff.NewElement().SetBigInt(n)
} }
return cts return cts
} }
// MIMC7HashGeneric performs the MIMC7 hash over a *big.Int, in a generic way, where it can be specified the Finite Field over R, and the number of rounds // MIMC7HashGeneric performs the MIMC7 hash over a *big.Int, in a generic way, where it can be specified the Finite Field over R, and the number of rounds
func MIMC7HashGeneric(fqR field.Fq, xIn, k *big.Int, nRounds int) *big.Int {
cts := getConstants(fqR, SEED, nRounds)
var r *big.Int
func MIMC7HashGeneric(xInBI, kBI *big.Int, nRounds int) *big.Int {
xIn := ff.NewElement().SetBigInt(xInBI)
k := ff.NewElement().SetBigInt(kBI)
cts := getConstants(SEED, nRounds)
var r *ff.Element
for i := 0; i < nRounds; i++ { for i := 0; i < nRounds; i++ {
var t *big.Int
var t *ff.Element
if i == 0 { if i == 0 {
t = fqR.Add(xIn, k)
t = ff.NewElement().Add(xIn, k)
} else { } else {
t = fqR.Add(fqR.Add(r, k), cts[i])
t = ff.NewElement().Add(ff.NewElement().Add(r, k), cts[i])
} }
t2 := fqR.Square(t)
t4 := fqR.Square(t2)
r = fqR.Mul(fqR.Mul(t4, t2), t)
t2 := ff.NewElement().Square(t)
t4 := ff.NewElement().Square(t2)
r = ff.NewElement().Mul(ff.NewElement().Mul(t4, t2), t)
} }
return fqR.Affine(fqR.Add(r, k))
rE := ff.NewElement().Add(r, k)
res := big.NewInt(0)
rE.ToBigIntRegular(res)
return res
} }
// HashGeneric performs the MIMC7 hash over a *big.Int array, in a generic way, where it can be specified the Finite Field over R, and the number of rounds // HashGeneric performs the MIMC7 hash over a *big.Int array, in a generic way, where it can be specified the Finite Field over R, and the number of rounds
func HashGeneric(iv *big.Int, arr []*big.Int, fqR field.Fq, nRounds int) (*big.Int, error) {
func HashGeneric(iv *big.Int, arr []*big.Int, nRounds int) (*big.Int, error) {
if !utils.CheckBigIntArrayInField(arr) { if !utils.CheckBigIntArrayInField(arr) {
return nil, errors.New("inputs values not inside Finite Field") return nil, errors.New("inputs values not inside Finite Field")
} }
r := iv r := iv
var err error var err error
for i := 0; i < len(arr); i++ { for i := 0; i < len(arr); i++ {
r = MIMC7HashGeneric(fqR, r, arr[i], nRounds)
r = MIMC7HashGeneric(r, arr[i], nRounds)
if err != nil { if err != nil {
return r, err return r, err
} }
@ -90,20 +89,27 @@ func HashGeneric(iv *big.Int, arr []*big.Int, fqR field.Fq, nRounds int) (*big.I
} }
// MIMC7Hash performs the MIMC7 hash over a *big.Int, using the Finite Field over R and the number of rounds setted in the `constants` variable // MIMC7Hash performs the MIMC7 hash over a *big.Int, using the Finite Field over R and the number of rounds setted in the `constants` variable
func MIMC7Hash(xIn, k *big.Int) *big.Int {
var r *big.Int
func MIMC7Hash(xInBI, kBI *big.Int) *big.Int {
xIn := ff.NewElement().SetBigInt(xInBI)
k := ff.NewElement().SetBigInt(kBI)
var r *ff.Element
for i := 0; i < constants.nRounds; i++ { for i := 0; i < constants.nRounds; i++ {
var t *big.Int
var t *ff.Element
if i == 0 { if i == 0 {
t = constants.fqR.Add(xIn, k)
t = ff.NewElement().Add(xIn, k)
} else { } else {
t = constants.fqR.Add(constants.fqR.Add(r, k), constants.cts[i])
t = ff.NewElement().Add(ff.NewElement().Add(r, k), constants.cts[i])
} }
t2 := constants.fqR.Square(t)
t4 := constants.fqR.Square(t2)
r = constants.fqR.Mul(constants.fqR.Mul(t4, t2), t)
t2 := ff.NewElement().Square(t)
t4 := ff.NewElement().Square(t2)
r = ff.NewElement().Mul(ff.NewElement().Mul(t4, t2), t)
} }
return constants.fqR.Affine(constants.fqR.Add(r, k))
rE := ff.NewElement().Add(r, k)
res := big.NewInt(0)
rE.ToBigIntRegular(res)
return res
} }
// Hash performs the MIMC7 hash over a *big.Int array // Hash performs the MIMC7 hash over a *big.Int array
@ -113,17 +119,18 @@ func Hash(arr []*big.Int, key *big.Int) (*big.Int, error) {
} }
var r *big.Int var r *big.Int
if key == nil { if key == nil {
r = constants.fqR.Zero()
r = big.NewInt(0)
} else { } else {
r = key r = key
} }
for i := 0; i < len(arr); i++ { for i := 0; i < len(arr); i++ {
r = constants.fqR.Add(
constants.fqR.Add(
r = new(big.Int).Add(
new(big.Int).Add(
r, r,
arr[i], arr[i],
), ),
MIMC7Hash(arr[i], r)) MIMC7Hash(arr[i], r))
r = new(big.Int).Mod(r, _constants.Q)
} }
return r, nil return r, nil
} }

+ 4
- 6
mimc7/mimc7_test.go
View File

@ -6,7 +6,6 @@ import (
"testing" "testing"
"github.com/ethereum/go-ethereum/crypto" "github.com/ethereum/go-ethereum/crypto"
"github.com/iden3/go-iden3-crypto/field"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
) )
@ -22,16 +21,15 @@ func TestMIMC7Generic(t *testing.T) {
b2 := big.NewInt(int64(2)) b2 := big.NewInt(int64(2))
b3 := big.NewInt(int64(3)) b3 := big.NewInt(int64(3))
r, ok := new(big.Int).SetString("21888242871839275222246405745257275088548364400416034343698204186575808495617", 10)
assert.True(t, ok)
fqR := field.NewFq(r)
// r, ok := new(big.Int).SetString("21888242871839275222246405745257275088548364400416034343698204186575808495617", 10)
// assert.True(t, ok)
bigArray := []*big.Int{b1, b2, b3} bigArray := []*big.Int{b1, b2, b3}
// Generic Hash // Generic Hash
mhg := MIMC7HashGeneric(fqR, b1, b2, 91)
mhg := MIMC7HashGeneric(b1, b2, 91)
assert.Equal(t, "10594780656576967754230020536574539122676596303354946869887184401991294982664", mhg.String()) assert.Equal(t, "10594780656576967754230020536574539122676596303354946869887184401991294982664", mhg.String())
hg, err := HashGeneric(fqR.Zero(), bigArray, fqR, 91)
hg, err := HashGeneric(big.NewInt(0), bigArray, 91)
assert.Nil(t, err) assert.Nil(t, err)
assert.Equal(t, "6464402164086696096195815557694604139393321133243036833927490113253119343397", (*big.Int)(hg).String()) assert.Equal(t, "6464402164086696096195815557694604139393321133243036833927490113253119343397", (*big.Int)(hg).String())
} }

+ 0
- 1
poseidon/poseidon.go
View File

@ -92,7 +92,6 @@ func ark(state [T]*ff.Element, c *ff.Element) {
// cubic performs x^5 mod p // cubic performs x^5 mod p
// https://eprint.iacr.org/2019/458.pdf page 8 // https://eprint.iacr.org/2019/458.pdf page 8
// var five = big.NewInt(5)
func cubic(a *ff.Element) { func cubic(a *ff.Element) {
a.Exp(*a, 5) a.Exp(*a, 5)

Write Preview
Loading…
Cancel
Save