Optimize BDN Signature/Key Aggregation #546
Conversation
|
|
|
🔒 Could not start CI tests due to missing safe PR label. Please contact a DEDIS maintainer. |
Stebalien
force-pushed
the
steb/optimize-aggregation
branch
from
0f25cd6
to
6b09955
Compare
|
🔒 Could not start CI tests due to missing safe PR label. Please contact a DEDIS maintainer. |
CountEnabled and IndexOfNthEnabled are both O(n) in the size of the mask, making this loop n^2. The BLS operations still tend to be the slow part, but the n^2 factor will start to show up with thousands of keys.
This new mask will pre-compute reusable values, speeding up repeated verification and aggregation of aggregate signatures (mostly the former).
Stebalien
force-pushed
the
steb/optimize-aggregation
branch
from
6b09955
to
9acfb6f
Compare
|
🔒 Could not start CI tests due to missing safe PR label. Please contact a DEDIS maintainer. |
|
🔒 Could not start CI tests due to missing safe PR label. Please contact a DEDIS maintainer. |
sign/bdn/bdn.go
Outdated
| } | ||
|
|
||
| coefs, err := hashPointToR(mask.Publics()) | ||
| func (scheme *Scheme) AggregateSignatures(sigs [][]byte, mask Mask) (kyber.Point, error) { |
There was a problem hiding this comment.
Note: this is technically a breaking change if someone is abstracting over Scheme via an interface. I'm happy to explore alternatives (e.g., add a new function, etc.) if that's an issue.
There was a problem hiding this comment.
We are in the process of preparing a V4 release anyway 👍
There was a problem hiding this comment.
In that case.... I can drop the interface and switch to a BDN specific mask if that works better for you (not sure how much breaking you want).
There was a problem hiding this comment.
Yes, that would be totally fine by me. Actually Mask seems to only be used in bdn anyway, I'd be fine with it also being in internal or so, and have BDN expose the methods required to extract the list of participants from an aggregate signature.
Summoning @pierluca and @K1li4nL in case they have other opinions
|
There was a problem hiding this comment.
@Stebalien Now that we have the notion of Scheme for bdn, I wonder if the masks shouldn't just be embedded in these and just have new exported methods on the Scheme to manage participants and public keys, as well as a method taking an aggregate signature and returning the list of participants or so?
IMO, it's best to keep scheme independent of the participants. But I can make |
|
Stebalien
force-pushed
the
steb/optimize-aggregation
branch
2 times, most recently
from
d3d39e2
to
b664250
Compare
Stebalien
force-pushed
the
steb/optimize-aggregation
branch
from
b664250
to
39ccfaa
Compare
|
@AnomalRoil I've moved Mask into BDN and removed the abstraction. This is significantly cleaner. |
Co-authored-by: AnomalRoil <[email protected]>
|
|
@AnomalRoil could you give this a final review? I think Steb has addressed your last outstanding comments |
Originally filed against drand's fork as drand#60 and drand#61.
This set of patches:
I've also added some test fixtures for BDN at @AnomalRoil's request and added a benchmark for the CachedMask.