From 36ac64744a9eac4ea43279074325916408212424 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Th=C3=A9ophile=20BR=C3=89ZOT?= Date: Fri, 26 Jan 2024 17:11:15 +0100 Subject: [PATCH] removing buggy benches --- benches/BENCHMARKS_classic.md | 43 ---- benches/BENCHMARKS_hybridized.md | 43 ---- benches/benches.rs | 384 ------------------------------- benches/generate.sh | 17 -- 4 files changed, 487 deletions(-) delete mode 100644 benches/BENCHMARKS_classic.md delete mode 100644 benches/BENCHMARKS_hybridized.md delete mode 100644 benches/benches.rs delete mode 100644 benches/generate.sh diff --git a/benches/BENCHMARKS_classic.md b/benches/BENCHMARKS_classic.md deleted file mode 100644 index 2ac668e4..00000000 --- a/benches/BENCHMARKS_classic.md +++ /dev/null @@ -1,43 +0,0 @@ -# Benchmarks for Covercrypt: classic implementation (pre-quantum) - -## Table of Contents - -- [Overview](#overview) -- [Benchmark Results](#benchmark-results) - - [Header encryption](#header-encryption) - - [Header encryption and decryption](#header-encryption-and-decryption) - - [Key serialization](#key-serialization) - - [Header serialization](#header-serialization) - -## Overview - -This is a benchmark comparison report. - -## Benchmark Results - -### Header encryption - -| | `1 partition(s), 1 access` | `2 partition(s), 1 access` | `3 partition(s), 1 access` | `4 partition(s), 1 access` | `5 partition(s), 1 access` | -|:-------|:------------------------------------|:------------------------------------|:------------------------------------|:------------------------------------|:------------------------------------ | -| | `133.32 us` (**1.00x**) | `182.22 us` (*1.37x slower*) | `230.37 us` (*1.73x slower*) | `278.18 us` (*2.09x slower*) | `335.55 us` (*2.52x slower*) | - -### Header encryption and decryption - -| | `ciphertexts with 1 partition(s), usk with 1 partitions` | `ciphertexts with 2 partition(s), usk with 1 partitions` | `ciphertexts with 3 partition(s), usk with 1 partitions` | `ciphertexts with 4 partition(s), usk with 1 partitions` | `ciphertexts with 5 partition(s), usk with 1 partitions` | `ciphertexts with 1 partition(s), usk with 2 partitions` | `ciphertexts with 2 partition(s), usk with 2 partitions` | `ciphertexts with 3 partition(s), usk with 2 partitions` | `ciphertexts with 4 partition(s), usk with 2 partitions` | `ciphertexts with 5 partition(s), usk with 2 partitions` | `ciphertexts with 1 partition(s), usk with 3 partitions` | `ciphertexts with 2 partition(s), usk with 3 partitions` | `ciphertexts with 3 partition(s), usk with 3 partitions` | `ciphertexts with 4 partition(s), usk with 3 partitions` | `ciphertexts with 5 partition(s), usk with 3 partitions` | `ciphertexts with 1 partition(s), usk with 4 partitions` | `ciphertexts with 2 partition(s), usk with 4 partitions` | `ciphertexts with 3 partition(s), usk with 4 partitions` | `ciphertexts with 4 partition(s), usk with 4 partitions` | `ciphertexts with 5 partition(s), usk with 4 partitions` | `ciphertexts with 1 partition(s), usk with 5 partitions` | `ciphertexts with 2 partition(s), usk with 5 partitions` | `ciphertexts with 3 partition(s), usk with 5 partitions` | `ciphertexts with 4 partition(s), usk with 5 partitions` | `ciphertexts with 5 partition(s), usk with 5 partitions` | -|:-------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------ | -| | `236.02 us` (**1.00x**) | `293.92 us` (*1.25x slower*) | `356.80 us` (*1.51x slower*) | `419.65 us` (*1.78x slower*) | `480.53 us` (*2.04x slower*) | `229.46 us` (**1.03x faster**) | `310.51 us` (*1.32x slower*) | `406.11 us` (*1.72x slower*) | `484.32 us` (*2.05x slower*) | `565.05 us` (*2.39x slower*) | `227.64 us` (**1.04x faster**) | `339.10 us` (*1.44x slower*) | `450.91 us` (*1.91x slower*) | `543.62 us` (*2.30x slower*) | `645.11 us` (*2.73x slower*) | `312.85 us` (*1.33x slower*) | `446.54 us` (*1.89x slower*) | `572.54 us` (*2.43x slower*) | `689.37 us` (*2.92x slower*) | `810.78 us` (*3.44x slower*) | `231.57 us` (**1.02x faster**) | `375.80 us` (*1.59x slower*) | `527.09 us` (*2.23x slower*) | `661.97 us` (*2.80x slower*) | `814.49 us` (*3.45x slower*) | - -### Key serialization - -| | `MSK` | `MPK` | `USK 1 partition` | -|:-------|:--------------------------|:----------------------------------|:--------------------------------- | -| | `801.07 ns` (**1.00x**) | `83.76 us` (*104.55x slower*) | `118.50 ns` (**6.76x faster**) | - -### Header serialization - -| | `1 partition(s)` | `2 partition(s)` | `3 partition(s)` | `4 partition(s)` | `5 partition(s)` | -|:-------|:--------------------------|:--------------------------------|:--------------------------------|:--------------------------------|:-------------------------------- | -| | `10.27 us` (**1.00x**) | `10.25 us` (**1.00x faster**) | `10.40 us` (**1.01x slower**) | `10.41 us` (**1.01x slower**) | `10.53 us` (**1.02x slower**) | - ---- -Made with [criterion-table](https://github.com/nu11ptr/criterion-table) diff --git a/benches/BENCHMARKS_hybridized.md b/benches/BENCHMARKS_hybridized.md deleted file mode 100644 index 87a6e35d..00000000 --- a/benches/BENCHMARKS_hybridized.md +++ /dev/null @@ -1,43 +0,0 @@ -# Benchmarks for Covercrypt post-quantum implementation - -## Table of Contents - -- [Overview](#overview) -- [Benchmark Results](#benchmark-results) - - [Header encryption](#header-encryption) - - [Header encryption and decryption](#header-encryption-and-decryption) - - [Key serialization](#key-serialization) - - [Header serialization](#header-serialization) - -## Overview - -This is a benchmark comparison report. - -## Benchmark Results - -### Header encryption - -| | `1 partition(s), 1 access` | `2 partition(s), 1 access` | `3 partition(s), 1 access` | `4 partition(s), 1 access` | `5 partition(s), 1 access` | -|:-------|:------------------------------------|:------------------------------------|:------------------------------------|:------------------------------------|:------------------------------------ | -| | `176.93 us` (**1.00x**) | `266.21 us` (*1.50x slower*) | `369.05 us` (*2.09x slower*) | `466.62 us` (*2.64x slower*) | `569.79 us` (*3.22x slower*) | - -### Header encryption and decryption - -| | `ciphertexts with 1 partition(s), usk with 1 partitions` | `ciphertexts with 2 partition(s), usk with 1 partitions` | `ciphertexts with 3 partition(s), usk with 1 partitions` | `ciphertexts with 4 partition(s), usk with 1 partitions` | `ciphertexts with 5 partition(s), usk with 1 partitions` | `ciphertexts with 1 partition(s), usk with 2 partitions` | `ciphertexts with 2 partition(s), usk with 2 partitions` | `ciphertexts with 3 partition(s), usk with 2 partitions` | `ciphertexts with 4 partition(s), usk with 2 partitions` | `ciphertexts with 5 partition(s), usk with 2 partitions` | `ciphertexts with 1 partition(s), usk with 3 partitions` | `ciphertexts with 2 partition(s), usk with 3 partitions` | `ciphertexts with 3 partition(s), usk with 3 partitions` | `ciphertexts with 4 partition(s), usk with 3 partitions` | `ciphertexts with 5 partition(s), usk with 3 partitions` | `ciphertexts with 1 partition(s), usk with 4 partitions` | `ciphertexts with 2 partition(s), usk with 4 partitions` | `ciphertexts with 3 partition(s), usk with 4 partitions` | `ciphertexts with 4 partition(s), usk with 4 partitions` | `ciphertexts with 5 partition(s), usk with 4 partitions` | `ciphertexts with 1 partition(s), usk with 5 partitions` | `ciphertexts with 2 partition(s), usk with 5 partitions` | `ciphertexts with 3 partition(s), usk with 5 partitions` | `ciphertexts with 4 partition(s), usk with 5 partitions` | `ciphertexts with 5 partition(s), usk with 5 partitions` | -|:-------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------ | -| | `309.26 us` (**1.00x**) | `423.71 us` (*1.37x slower*) | `550.71 us` (*1.78x slower*) | `665.59 us` (*2.15x slower*) | `807.60 us` (*2.61x slower*) | `350.83 us` (*1.13x slower*) | `501.92 us` (*1.62x slower*) | `650.93 us` (*2.10x slower*) | `801.53 us` (*2.59x slower*) | `998.96 us` (*3.23x slower*) | `304.14 us` (**1.02x faster**) | `489.87 us` (*1.58x slower*) | `668.58 us` (*2.16x slower*) | `837.40 us` (*2.71x slower*) | `1.05 ms` (*3.39x slower*) | `404.11 us` (*1.31x slower*) | `616.11 us` (*1.99x slower*) | `827.60 us` (*2.68x slower*) | `1.02 ms` (*3.31x slower*) | `1.22 ms` (*3.94x slower*) | `363.74 us` (*1.18x slower*) | `579.54 us` (*1.87x slower*) | `852.07 us` (*2.76x slower*) | `1.05 ms` (*3.40x slower*) | `1.32 ms` (*4.28x slower*) | - -### Key serialization - -| | `MSK` | `MPK` | `USK 1 partition` | -|:-------|:-------------------------|:---------------------------------|:---------------------------------- | -| | `12.48 us` (**1.00x**) | `101.83 us` (*8.16x slower*) | `900.00 ns` (**13.87x faster**) | - -### Header serialization - -| | `1 partition(s)` | `2 partition(s)` | `3 partition(s)` | `4 partition(s)` | `5 partition(s)` | -|:-------|:--------------------------|:--------------------------------|:--------------------------------|:--------------------------------|:-------------------------------- | -| | `10.55 us` (**1.00x**) | `11.62 us` (**1.10x slower**) | `12.03 us` (*1.14x slower*) | `12.91 us` (*1.22x slower*) | `13.27 us` (*1.26x slower*) | - ---- -Made with [criterion-table](https://github.com/nu11ptr/criterion-table) diff --git a/benches/benches.rs b/benches/benches.rs deleted file mode 100644 index 2aebadd9..00000000 --- a/benches/benches.rs +++ /dev/null @@ -1,384 +0,0 @@ -use cosmian_cover_crypt::{ - abe_policy::{AccessPolicy, Attribute, DimensionBuilder, EncryptionHint, Policy}, - Covercrypt, EncryptedHeader, Error, -}; -use criterion::{criterion_group, criterion_main, BatchSize, Criterion}; - -fn policy() -> Result { - #[cfg(not(feature = "hybridized_bench"))] - let (security_level, department) = { - ( - DimensionBuilder::new( - "Security Level", - vec![ - ("Protected", EncryptionHint::Classic), - ("Confidential", EncryptionHint::Classic), - ("Top Secret", EncryptionHint::Classic), - ], - true, - ), - DimensionBuilder::new( - "Department", - vec![ - ("RD", EncryptionHint::Classic), - ("HR", EncryptionHint::Classic), - ("MKG", EncryptionHint::Classic), - ("FIN", EncryptionHint::Classic), - ("CYBER", EncryptionHint::Classic), - ], - false, - ), - ) - }; - #[cfg(feature = "hybridized_bench")] - let (security_level, department) = { - ( - DimensionBuilder::new( - "Security Level", - vec![ - ("Protected", EncryptionHint::Hybridized), - ("Confidential", EncryptionHint::Hybridized), - ("Top Secret", EncryptionHint::Hybridized), - ], - true, - ), - DimensionBuilder::new( - "Department", - vec![ - ("RD", EncryptionHint::Hybridized), - ("HR", EncryptionHint::Hybridized), - ("MKG", EncryptionHint::Hybridized), - ("FIN", EncryptionHint::Hybridized), - ("CYBER", EncryptionHint::Hybridized), - ], - false, - ), - ) - }; - let mut policy = Policy::new(); - policy.add_dimension(security_level)?; - policy.add_dimension(department)?; - Ok(policy) -} - -fn bench_policy_editing(c: &mut Criterion) { - let cover_crypt = Covercrypt::default(); - let new_dep_attr = Attribute::new("Department", "Tech"); - let new_dep_name = "IT".to_string(); - let remove_dep_attr = Attribute::new("Department", "FIN"); - let old_sl_attr = Attribute::new("Security Level", "Protected"); - let new_sl_name = "Open".to_string(); - let disable_sl_attr = Attribute::new("Security Level", "Confidential"); - - let mut group = c.benchmark_group("Edit Policy"); - //for (n_partition, access_policy) in access_policies.iter().enumerate() { - group.bench_function("edit policy", |b| { - b.iter_batched( - || { - let policy = policy().expect("cannot generate policy"); - - let (msk, mpk) = cover_crypt - .generate_master_keys(&policy) - .expect("cannot generate master keys"); - (policy, msk, mpk) - }, - |(mut policy, mut msk, mut mpk)| { - policy - .add_attribute(new_dep_attr.clone(), EncryptionHint::Classic) - .unwrap(); - policy - .rename_attribute(&new_dep_attr, new_dep_name.clone()) - .unwrap(); - policy.remove_attribute(&remove_dep_attr).unwrap(); - - policy - .rename_attribute(&old_sl_attr, new_sl_name.clone()) - .unwrap(); - policy.disable_attribute(&disable_sl_attr).unwrap(); - - cover_crypt - .update_master_keys(&policy, &mut msk, &mut mpk) - .unwrap(); - }, - BatchSize::SmallInput, - ); - }); -} - -/// Generate access policies up to 5 partitions along with a user access policy -/// that allows decrypting headers for all these access policies. -/// -/// Access policies with more than one partition are generated only if -/// `--features full_bench` is passed. -/// -/// Access policies with hybridization hints are generated only if -/// `--features hybridized_bench` is passed -fn get_access_policies() -> (Vec, Vec) { - // Access policy with 1 partition - #[allow(unused_mut)] - let mut access_policies = - vec![AccessPolicy::parse("Department::FIN && Security Level::Protected").unwrap()]; - - #[cfg(feature = "full_bench")] - { - // Access policy with 2 partition - access_policies.push( - AccessPolicy::parse( - "(Department::FIN && Security Level::Protected) || (Department::HR && Security \ - Level::Confidential)", - ) - .unwrap(), - ); - - // Access policy with 3 partition - access_policies.push( - AccessPolicy::parse( - "(Department::FIN && Security Level::Protected) || ((Department::HR || \ - Department::MKG) && Security Level::Confidential)", - ) - .unwrap(), - ); - - // Access policy with 4 partition - access_policies.push( - AccessPolicy::parse( - "(Department::FIN && Security Level::Protected) || ((Department::HR || \ - Department::MKG || Department::RD) && Security Level::Confidential)", - ) - .unwrap(), - ); - - // Access policy with 5 partition - access_policies.push( - AccessPolicy::parse( - "(Department::FIN && Security Level::Protected) || ((Department::HR || \ - Department::MKG || Department::RD) && Security Level::Confidential) || \ - (Department::HR && Security Level::Top Secret)", - ) - .unwrap(), - ); - } - - // The intersection between the user access policies and the encryption - // policies is always "Department::FIN && Security Level::Protected" only. - #[allow(unused_mut)] - let mut user_access_policies = - vec![AccessPolicy::parse("Department::FIN && Security Level::Protected").unwrap()]; - - #[cfg(feature = "full_bench")] - { - user_access_policies.push( - AccessPolicy::parse( - "(Department::FIN && Department::MKG) && Security Level::Protected", - ) - .unwrap(), - ); - user_access_policies.push( - AccessPolicy::parse( - "(Department::FIN && Department::MKG && Department::HR) && Security \ - Level::Protected", - ) - .unwrap(), - ); - user_access_policies.push( - AccessPolicy::parse( - "(Department::RD && Department::FIN && Department::MKG && Department::HR) && \ - Security Level::Protected", - ) - .unwrap(), - ); - user_access_policies.push( - AccessPolicy::parse( - "(Department::RD && Department::FIN && Department::MKG && Department::HR && \ - Department::CYBER) && Security Level::Protected", - ) - .unwrap(), - ); - } - - (user_access_policies, access_policies) -} - -#[cfg(feature = "full_bench")] -fn bench_serialization(c: &mut Criterion) { - use cosmian_crypto_core::bytes_ser_de::Serializable; - - let policy = policy().expect("cannot generate policy"); - let (user_access_policies, access_policies) = get_access_policies(); - let cover_crypt = Covercrypt::default(); - let (msk, mpk) = cover_crypt - .generate_master_keys(&policy) - .expect("cannot generate master keys"); - - println!("bench header encryption size: "); - - for (i, access_policy) in access_policies.iter().enumerate() { - let (_, encrypted_header) = - EncryptedHeader::generate(&cover_crypt, &policy, &mpk, access_policy, None, None) - .expect("cannot encrypt header 1"); - println!( - "{} partition(s): {} bytes", - i + 1, - encrypted_header.serialize().unwrap().len(), - ); - } - - for (i, ap) in user_access_policies.iter().enumerate() { - let usk = cover_crypt - .generate_user_secret_key(&msk, ap, &policy) - .unwrap(); - println!( - "{} usk partition(s): {} bytes", - i + 1, - usk.serialize().unwrap().len(), - ); - } - - { - let mut group = c.benchmark_group("Key serialization"); - group.bench_function("MSK", |b| { - b.iter(|| msk.serialize().expect("cannot serialize msk")); - }); - group.bench_function("MPK", |b| { - b.iter(|| mpk.serialize().expect("cannot serialize mpk")); - }); - - let usk = cover_crypt - .generate_user_secret_key(&msk, &user_access_policies[0], &policy) - .unwrap(); - group.bench_function("USK 1 partition", |b| { - b.iter(|| usk.serialize().expect("cannot serialize usk")); - }); - } - - let mut group = c.benchmark_group("Header serialization"); - for (n_partition, access_policy) in access_policies.iter().enumerate() { - let (_, encrypted_header) = - EncryptedHeader::generate(&cover_crypt, &policy, &mpk, access_policy, None, None) - .expect("cannot encrypt header 1"); - group.bench_function(&format!("{} partition(s)", n_partition + 1), |b| { - b.iter(|| { - encrypted_header.serialize().unwrap_or_else(|_| { - panic!( - "cannot serialize header for {} partition(s)", - n_partition + 1 - ) - }) - }); - }); - } -} - -fn bench_header_encryption(c: &mut Criterion) { - let policy = policy().expect("cannot generate policy"); - let (_, access_policies) = get_access_policies(); - let cover_crypt = Covercrypt::default(); - let (_, mpk) = cover_crypt - .generate_master_keys(&policy) - .expect("cannot generate master keys"); - - let mut group = c.benchmark_group("Header encryption"); - for (n_partition, access_policy) in access_policies.iter().enumerate() { - group.bench_function( - &format!("{} partition(s), 1 access", n_partition + 1), - |b| { - b.iter(|| { - EncryptedHeader::generate( - &cover_crypt, - &policy, - &mpk, - access_policy, - None, - None, - ) - .unwrap_or_else(|_| { - panic!("cannot encrypt header for {} partition(s)", n_partition + 1) - }) - }); - }, - ); - } -} - -fn bench_header_decryption(c: &mut Criterion) { - let policy = policy().expect("cannot generate policy"); - let authenticated_data = vec![1, 2, 3, 4, 5, 6, 7, 8, 9]; - let (user_access_policies, access_policies) = get_access_policies(); - let cover_crypt = Covercrypt::default(); - let (msk, mpk) = cover_crypt - .generate_master_keys(&policy) - .expect("cannot generate master keys"); - let mut group = c.benchmark_group("Header encryption and decryption"); - for (n_user, user_access_policy) in user_access_policies.iter().enumerate() { - for (n_partition_ct, access_policy) in access_policies.iter().enumerate() { - group.bench_function( - &format!( - "ciphertexts with {} partition(s), usk with {} partitions", - n_partition_ct + 1, - n_user + 1 - ), - |b| { - b.iter_batched( - || { - let usk = cover_crypt - .generate_user_secret_key(&msk, user_access_policy, &policy) - .expect("cannot generate user private key"); - let (_, encrypted_header) = EncryptedHeader::generate( - &cover_crypt, - &policy, - &mpk, - access_policy, - None, - Some(&authenticated_data), - ) - .unwrap_or_else(|_| { - panic!( - "cannot encrypt header for {} ciphertext partition(s), {} usk \ - partition(s)", - n_partition_ct + 1, - n_user - ) - }); - (usk, encrypted_header) - }, - |(usk, encrypted_header)| { - encrypted_header - .decrypt(&cover_crypt, &usk, Some(&authenticated_data)) - .unwrap_or_else(|_| { - panic!( - "cannot decrypt header for {} ciphertext partition(s), {} \ - usk partition(s)", - n_partition_ct + 1, - n_user - ) - }); - }, - BatchSize::SmallInput, - ); - }, - ); - } - } -} - -criterion_group!( - name = benches; - config = Criterion::default().sample_size(5000); - targets = - bench_policy_editing, - bench_header_encryption, - bench_header_decryption -); - -#[cfg(feature = "full_bench")] -criterion_group!( -name = benches_serialization; -config = Criterion::default().sample_size(5000); -targets = bench_serialization, -); - -#[cfg(feature = "full_bench")] -criterion_main!(benches, benches_serialization); - -#[cfg(not(feature = "full_bench"))] -criterion_main!(benches); diff --git a/benches/generate.sh b/benches/generate.sh deleted file mode 100644 index 5e1eea11..00000000 --- a/benches/generate.sh +++ /dev/null @@ -1,17 +0,0 @@ -#!/bin/sh - -set -e - -# Usage: bash generate.sh - -if [[ "$1" == "generate" ]] ; then - cargo install cargo-criterion - cargo install criterion-table - - cargo criterion --features full_bench --message-format=json | criterion-table >benches/BENCHMARKS_classic.md - cargo criterion --features full_bench,hybridized_bench --message-format=json | criterion-table >benches/BENCHMARKS_hybridized.md -fi - -sed -i "s/❌ //g" benches/BENCHMARKS*.md -sed -i "s/🚀 //g" benches/BENCHMARKS*.md -sed -i "s/✅ //g" benches/BENCHMARKS*.md