arnaucube/go-iden3-crypto
1
0
Fork 0
mirror of https://github.com/arnaucube/go-iden3-crypto.git synced 2026-02-07 03:26:39 +01:00
Code Issues Packages Projects Releases Wiki Activity

Optimize MiMC7 migrating from *big.Int to goff

Browse Source 
Optimize MiMC7 migrating from *big.Int to goff generated finite field
operations.

There is still a lot of room for optimization for MiMC7 in the way that is done internally, but will be done in the future.

Benchmarks:
Tested on a Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz, with 16GB of RAM.

- Before:
```
BenchmarkMIMC7-4   	    1026	   1160298 ns/op
```

- After this commit:
```
BenchmarkMIMC7-4   	   19263	     61651 ns/op
```
This commit is contained in:
arnaucube
2020-03-05 17:35:25 +01:00
parent e8be761ec7
commit 16a8a18a6d
3 changed files with 55 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files

95
mimc7/mimc7.go
View File

@@ -6,7 +6,7 @@ import (
"github.com/ethereum/go-ethereum/crypto" "github.com/ethereum/go-ethereum/crypto"
_constants "github.com/iden3/go-iden3-crypto/constants" _constants "github.com/iden3/go-iden3-crypto/constants"
"github.com/iden3/go-iden3-crypto/field" "github.com/iden3/go-iden3-crypto/ff"
"github.com/iden3/go-iden3-crypto/utils" "github.com/iden3/go-iden3-crypto/utils"
) )
@@ -15,73 +15,72 @@ const SEED = "mimc"
var constants = generateConstantsData() var constants = generateConstantsData()
type constantsData struct { type constantsData struct {
maxFieldVal *big.Int seedHash *big.Int
seedHash *big.Int iv *big.Int
iv *big.Int nRounds int
fqR field.Fq cts []*ff.Element
nRounds int
cts []*big.Int
} }
func generateConstantsData() constantsData { func generateConstantsData() constantsData {
var constants constantsData var constants constantsData
fqR := field.NewFq(_constants.Q)
constants.fqR = fqR
// maxFieldVal is the R value of the Finite Field
constants.maxFieldVal = constants.fqR.Q
constants.seedHash = new(big.Int).SetBytes(crypto.Keccak256([]byte(SEED))) constants.seedHash = new(big.Int).SetBytes(crypto.Keccak256([]byte(SEED)))
c := new(big.Int).SetBytes(crypto.Keccak256([]byte(SEED + "_iv"))) c := new(big.Int).SetBytes(crypto.Keccak256([]byte(SEED + "_iv")))
constants.iv = new(big.Int).Mod(c, constants.maxFieldVal) constants.iv = new(big.Int).Mod(c, _constants.Q)
constants.nRounds = 91 constants.nRounds = 91
cts := getConstants(constants.fqR, SEED, constants.nRounds) cts := getConstants(SEED, constants.nRounds)
constants.cts = cts constants.cts = cts
return constants return constants
} }
func getConstants(fqR field.Fq, seed string, nRounds int) []*big.Int { func getConstants(seed string, nRounds int) []*ff.Element {
cts := make([]*big.Int, nRounds) cts := make([]*ff.Element, nRounds)
cts[0] = big.NewInt(int64(0)) cts[0] = ff.NewElement().SetZero()
c := new(big.Int).SetBytes(crypto.Keccak256([]byte(SEED))) c := new(big.Int).SetBytes(crypto.Keccak256([]byte(SEED)))
for i := 1; i < nRounds; i++ { for i := 1; i < nRounds; i++ {
c = new(big.Int).SetBytes(crypto.Keccak256(c.Bytes())) c = new(big.Int).SetBytes(crypto.Keccak256(c.Bytes()))
n := fqR.Affine(c) n := new(big.Int).Mod(c, _constants.Q)
cts[i] = n cts[i] = ff.NewElement().SetBigInt(n)
} }
return cts return cts
} }
// MIMC7HashGeneric performs the MIMC7 hash over a *big.Int, in a generic way, where it can be specified the Finite Field over R, and the number of rounds // MIMC7HashGeneric performs the MIMC7 hash over a *big.Int, in a generic way, where it can be specified the Finite Field over R, and the number of rounds
func MIMC7HashGeneric(fqR field.Fq, xIn, k *big.Int, nRounds int) *big.Int { func MIMC7HashGeneric(xInBI, kBI *big.Int, nRounds int) *big.Int {
cts := getConstants(fqR, SEED, nRounds) xIn := ff.NewElement().SetBigInt(xInBI)
var r *big.Int k := ff.NewElement().SetBigInt(kBI)
cts := getConstants(SEED, nRounds)
var r *ff.Element
for i := 0; i < nRounds; i++ { for i := 0; i < nRounds; i++ {
var t *big.Int var t *ff.Element
if i == 0 { if i == 0 {
t = fqR.Add(xIn, k) t = ff.NewElement().Add(xIn, k)
} else { } else {
t = fqR.Add(fqR.Add(r, k), cts[i]) t = ff.NewElement().Add(ff.NewElement().Add(r, k), cts[i])
} }
t2 := fqR.Square(t) t2 := ff.NewElement().Square(t)
t4 := fqR.Square(t2) t4 := ff.NewElement().Square(t2)
r = fqR.Mul(fqR.Mul(t4, t2), t) r = ff.NewElement().Mul(ff.NewElement().Mul(t4, t2), t)
} }
return fqR.Affine(fqR.Add(r, k)) rE := ff.NewElement().Add(r, k)
res := big.NewInt(0)
rE.ToBigIntRegular(res)
return res
} }
// HashGeneric performs the MIMC7 hash over a *big.Int array, in a generic way, where it can be specified the Finite Field over R, and the number of rounds // HashGeneric performs the MIMC7 hash over a *big.Int array, in a generic way, where it can be specified the Finite Field over R, and the number of rounds
func HashGeneric(iv *big.Int, arr []*big.Int, fqR field.Fq, nRounds int) (*big.Int, error) { func HashGeneric(iv *big.Int, arr []*big.Int, nRounds int) (*big.Int, error) {
if !utils.CheckBigIntArrayInField(arr) { if !utils.CheckBigIntArrayInField(arr) {
return nil, errors.New("inputs values not inside Finite Field") return nil, errors.New("inputs values not inside Finite Field")
} }
r := iv r := iv
var err error var err error
for i := 0; i < len(arr); i++ { for i := 0; i < len(arr); i++ {
r = MIMC7HashGeneric(fqR, r, arr[i], nRounds) r = MIMC7HashGeneric(r, arr[i], nRounds)
if err != nil { if err != nil {
return r, err return r, err
} }
@@ -90,20 +89,27 @@ func HashGeneric(iv *big.Int, arr []*big.Int, fqR field.Fq, nRounds int) (*big.I
} }
// MIMC7Hash performs the MIMC7 hash over a *big.Int, using the Finite Field over R and the number of rounds setted in the `constants` variable // MIMC7Hash performs the MIMC7 hash over a *big.Int, using the Finite Field over R and the number of rounds setted in the `constants` variable
func MIMC7Hash(xIn, k *big.Int) *big.Int { func MIMC7Hash(xInBI, kBI *big.Int) *big.Int {
var r *big.Int xIn := ff.NewElement().SetBigInt(xInBI)
k := ff.NewElement().SetBigInt(kBI)
var r *ff.Element
for i := 0; i < constants.nRounds; i++ { for i := 0; i < constants.nRounds; i++ {
var t *big.Int var t *ff.Element
if i == 0 { if i == 0 {
t = constants.fqR.Add(xIn, k) t = ff.NewElement().Add(xIn, k)
} else { } else {
t = constants.fqR.Add(constants.fqR.Add(r, k), constants.cts[i]) t = ff.NewElement().Add(ff.NewElement().Add(r, k), constants.cts[i])
} }
t2 := constants.fqR.Square(t) t2 := ff.NewElement().Square(t)
t4 := constants.fqR.Square(t2) t4 := ff.NewElement().Square(t2)
r = constants.fqR.Mul(constants.fqR.Mul(t4, t2), t) r = ff.NewElement().Mul(ff.NewElement().Mul(t4, t2), t)
} }
return constants.fqR.Affine(constants.fqR.Add(r, k)) rE := ff.NewElement().Add(r, k)
res := big.NewInt(0)
rE.ToBigIntRegular(res)
return res
} }
// Hash performs the MIMC7 hash over a *big.Int array // Hash performs the MIMC7 hash over a *big.Int array
@@ -113,17 +119,18 @@ func Hash(arr []*big.Int, key *big.Int) (*big.Int, error) {
} }
var r *big.Int var r *big.Int
if key == nil { if key == nil {
r = constants.fqR.Zero() r = big.NewInt(0)
} else { } else {
r = key r = key
} }
for i := 0; i < len(arr); i++ { for i := 0; i < len(arr); i++ {
r = constants.fqR.Add( r = new(big.Int).Add(
constants.fqR.Add( new(big.Int).Add(
r, r,
arr[i], arr[i],
), ),
MIMC7Hash(arr[i], r)) MIMC7Hash(arr[i], r))
r = new(big.Int).Mod(r, _constants.Q)
} }
return r, nil return r, nil
} }

10
mimc7/mimc7_test.go
View File

@@ -6,7 +6,6 @@ import (
"testing" "testing"
"github.com/ethereum/go-ethereum/crypto" "github.com/ethereum/go-ethereum/crypto"
"github.com/iden3/go-iden3-crypto/field"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
) )
@@ -22,16 +21,15 @@ func TestMIMC7Generic(t *testing.T) {
b2 := big.NewInt(int64(2)) b2 := big.NewInt(int64(2))
b3 := big.NewInt(int64(3)) b3 := big.NewInt(int64(3))
r, ok := new(big.Int).SetString("21888242871839275222246405745257275088548364400416034343698204186575808495617", 10) // r, ok := new(big.Int).SetString("21888242871839275222246405745257275088548364400416034343698204186575808495617", 10)
assert.True(t, ok) // assert.True(t, ok)
fqR := field.NewFq(r)
bigArray := []*big.Int{b1, b2, b3} bigArray := []*big.Int{b1, b2, b3}
// Generic Hash // Generic Hash
mhg := MIMC7HashGeneric(fqR, b1, b2, 91) mhg := MIMC7HashGeneric(b1, b2, 91)
assert.Equal(t, "10594780656576967754230020536574539122676596303354946869887184401991294982664", mhg.String()) assert.Equal(t, "10594780656576967754230020536574539122676596303354946869887184401991294982664", mhg.String())
hg, err := HashGeneric(fqR.Zero(), bigArray, fqR, 91) hg, err := HashGeneric(big.NewInt(0), bigArray, 91)
assert.Nil(t, err) assert.Nil(t, err)
assert.Equal(t, "6464402164086696096195815557694604139393321133243036833927490113253119343397", (*big.Int)(hg).String()) assert.Equal(t, "6464402164086696096195815557694604139393321133243036833927490113253119343397", (*big.Int)(hg).String())
} }

1
poseidon/poseidon.go
View File

@@ -92,7 +92,6 @@ func ark(state [T]*ff.Element, c *ff.Element) {
// cubic performs x^5 mod p // cubic performs x^5 mod p
// https://eprint.iacr.org/2019/458.pdf page 8 // https://eprint.iacr.org/2019/458.pdf page 8
// var five = big.NewInt(5)
func cubic(a *ff.Element) { func cubic(a *ff.Element) {
a.Exp(*a, 5) a.Exp(*a, 5)