Commit e489fcbb authored by GUILLEVIC Aurore's avatar GUILLEVIC Aurore

estimated cost for BN446 and BLS12-446

parent f5bf9925
......@@ -177,10 +177,12 @@ def print_parameters(E):
print("u ={: d}".format(E._u))
print("p ={: d}".format(E._p))
print("r ={: d}".format(E._r))
print("t ={: d}".format(E._tr))
print("c ={: d} # cofactor".format(E._c))
print("u ={: #x}".format(E._u))
print("p ={: #x}".format(E._p))
print("r ={: #x}".format(E._r))
print("t ={: #x}".format(E._tr))
print("c ={: #x} # cofactor".format(E._c))
print("log_2 p ={0:8.2f}, p {1:5d} bits".format(float(log(E._p,2)), E._p.nbits()))
print("log_2 p^k ={0:8.2f}, p^k {1:5d} bits".format(float(E._k*log(E._p,2)), (E._p**E._k).nbits()))
......
......@@ -174,6 +174,8 @@ C8=CocksPinchVariantResult(8,4,0xffffffffeff7c200,5,ht=5,hy=-0xd700,allowed_cofa
CMNT6=MNT6(u=873723667900031396506414143162332159382674816702805606206979732381600254701804231398281169537138620,a=209307816050232262803672282154940341360062431838092388077917610639183322072827259682607127795420474686833003315766797546568469776750651773087882545447646552119008299040167030969895802846139484415144,b=2319663192174958547181026340141410918530227127674793888869119262391240421488942353013995765010333162065568990954578077256489549792305772041454141172011940607053889955897003759289947924385489341215143,D=8317003,c=1)
CBN446=BN(u=2**110+2**36+1,b=2**8+1)
CBLS446=BLS12(u=-(2**74+2**73+2**63+2**57+2**50+2**17+1),b=1)
CBN12=BN(eval(preparse("2^114+2^101-2^14-1")))
CBLS12=BLS12(eval(preparse("-2^77+2^50+2^33")))
CKSS16=KSS16(eval(preparse("2^35-2^32-2^18+2^8+1")))
......@@ -186,8 +188,10 @@ def finite_field_cost(logp):
time_m = 35 #relic benchmark
if words == 6 :
time_m = 69 #relic benchmark
if words == 7 :
time_m = 94 #relic benchmark commit 307bc1f17410c36f6bd93d2a1f5c419270cf9ebd
if words == 8 :
time_m = 120 #relic benchmark
time_m = 120 #relic benchmark, more close to 123
elif words == 9 :
time_m = 1.9*9**2
elif words == 10 :
......@@ -385,7 +389,8 @@ def finalExpoCost(C):
T = C.u()
logT = T.nbits()
HwT = Hw(T)
BN_expo_z = 4*(114 - 1)*cost_m(2) + (6*3 - 3)*cost_m(2) + 3*cost_m(12) + 3*3*cost_s(2) + cost_i(2)
#BN_expo_z = 4*(114 - 1)*cost_m(2) + (6*3 - 3)*cost_m(2) + 3*cost_m(12) + 3*3*cost_s(2) + cost_i(2)
BN_expo_z = 4*(logT - 1)*cost_m(2) + (6*(HwT-1) - 3)*cost_m(2) + (HwT-1)*cost_m(12) + 3*(HwT-1)*cost_s(2) + cost_i(2)
#BarDuq says 114*compr_s12 + 3* cost_m(12) + (i + (24*4 - 5)*cost_m(1))
tot_expo = cost_i(12) + 12*cost_m(12) + 3*cyclo_s12 + 4* cost_f(12) + 3*BN_expo_z
return tot_expo(m=1,s=1,inv=25)
......@@ -393,7 +398,9 @@ def finalExpoCost(C):
T = C.u()
logT = T.nbits()
HwT = Hw(T)
BLS_expo_z = 4*(77 - 1)*cost_m(2)+ (6*2 - 3)*cost_m(2) + 2*cost_m(12) + 3*2*cost_s(2) + cost_i(2)
#BLS_expo_z = 4*(77 - 1)*cost_m(2)+ (6*2 - 3)*cost_m(2) + 2*cost_m(12) + 3*2*cost_s(2) + cost_i(2)
BLS_expo_z = 4*(logT - 1)*cost_m(2)+ (6*(HwT-1) - 3)*cost_m(2) + (HwT-1)*cost_m(12) + 3*(HwT-1)*cost_s(2) + cost_i(2)
#4*(log(u)-1)*m_i + (6*hw(u) - 3) *m_i + hw(u) * m_{6i} + 3*hw(u) * s_i + 1*I_i
#BarDuq says 77*compr_s12 + 2*cost_m(12) + (i + (24*3 - 5)*cost_m(1))
tot_expo = cost_i(12) + 12*cost_m(12) + 2*cyclo_s12 + 4*cost_f(12) + 5*BLS_expo_z
return tot_expo(m=1,s=1,inv=25)
......@@ -553,7 +560,7 @@ def pairingCost(C):
def table_cost_pairing() :
timing_recap = []
for C in [C5,C6,C7,C8,CBN12,CBLS12,CKSS16,C1]:
for C in [C5,C6,C7,C8,CBN446,CBLS446,CBN12,CBLS12,CKSS16,C1]:
L=pairingCost(C)
timing_recap.append(L)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment