From 78ae61fd2bab625e731ffb303a679ebc8a36df82 Mon Sep 17 00:00:00 2001
From: lauener <kilian.lauener@epfl.ch>
Date: Sat, 9 Mar 2024 17:23:47 +0100
Subject: [PATCH 1/5] Add ecies benchmark

---
 encrypt/ecies/ecies_test.go | 37 +++++++++++++++++++++++++++++++++++++
 1 file changed, 37 insertions(+)

diff --git a/encrypt/ecies/ecies_test.go b/encrypt/ecies/ecies_test.go
index 9668a6e34..ac37e774a 100644
--- a/encrypt/ecies/ecies_test.go
+++ b/encrypt/ecies/ecies_test.go
@@ -1,10 +1,14 @@
 package ecies
 
 import (
+	"crypto/rand"
 	"testing"
 
 	"github.com/stretchr/testify/require"
+	"go.dedis.ch/kyber/v3"
+	"go.dedis.ch/kyber/v3/group/curve25519"
 	"go.dedis.ch/kyber/v3/group/edwards25519"
+	"go.dedis.ch/kyber/v3/group/nist"
 	"go.dedis.ch/kyber/v3/util/random"
 )
 
@@ -44,3 +48,36 @@ func TestECIESFailCiphertext(t *testing.T) {
 	_, err = Decrypt(suite, private, ciphertext, nil)
 	require.NotNil(t, err)
 }
+
+func BenchmarkECIES(b *testing.B) {
+	suites := []struct {
+		kyber.Group
+	}{
+		{edwards25519.NewBlakeSHA256Ed25519()},
+		{curve25519.NewBlakeSHA256Curve25519(false)},
+		{curve25519.NewBlakeSHA256Curve25519(true)},
+		{nist.NewBlakeSHA256P256()},
+		{nist.NewBlakeSHA256QR512()},
+	}
+
+	message := make([]byte, 100_000)
+	_, _ = rand.Read(message)
+	rand := random.New()
+
+	for _, suite := range suites {
+		private := suite.Scalar().Pick(rand)
+		public := suite.Point().Mul(private, nil)
+
+		for i := 0; i < b.N; i++ {
+			var ct []byte
+			b.Run("Encrypt/"+suite.String(), func(b *testing.B) {
+				ct, _ = Encrypt(suite, public, message, nil)
+
+			})
+
+			b.Run("Decrypt/"+suite.String(), func(b *testing.B) {
+				_, _ = Decrypt(suite, private, ct, nil)
+			})
+		}
+	}
+}

From c18ca1312006200c0fa3dd03c778dd8ad7dde67c Mon Sep 17 00:00:00 2001
From: lauener <kilian.lauener@epfl.ch>
Date: Sat, 9 Mar 2024 18:01:22 +0100
Subject: [PATCH 2/5] Add bn256 benchmark

---
 pairing/bn256/suite_test.go | 40 +++++++++++++++++++++++++++++++++++++
 1 file changed, 40 insertions(+)

diff --git a/pairing/bn256/suite_test.go b/pairing/bn256/suite_test.go
index f15d93ffa..991744de9 100644
--- a/pairing/bn256/suite_test.go
+++ b/pairing/bn256/suite_test.go
@@ -406,3 +406,43 @@ func TestNegPairAll(t *testing.T) {
 	require.True(t, pair2.Equal(pair3))
 	require.True(t, pair3.Equal(pair4))
 }
+
+func BenchmarkBn256(b *testing.B) {
+	suite := NewSuite()
+	c := suite.G1().Scalar().Pick(random.New())
+	d := suite.G1().Scalar().Pick(random.New())
+	e := suite.G2().Scalar()
+
+	p1 := newPointG1()
+	p2 := newPointG2()
+
+	b.Run("Add", func(b *testing.B) {
+		for i := 0; i < b.N; i++ {
+			e.Add(c, d)
+		}
+	})
+
+	b.Run("Sub", func(b *testing.B) {
+		for i := 0; i < b.N; i++ {
+			e.Sub(c, d)
+		}
+	})
+
+	b.Run("Mul", func(b *testing.B) {
+		for i := 0; i < b.N; i++ {
+			e.Mul(c, d)
+		}
+	})
+
+	b.Run("Div", func(b *testing.B) {
+		for i := 0; i < b.N; i++ {
+			e.Div(c, d)
+		}
+	})
+
+	b.Run("Pairing", func(b *testing.B) {
+		for i := 0; i < b.N; i++ {
+			suite.Pair(p1, p2)
+		}
+	})
+}

From 60b507546bf76b5db1b46b85d38850e379ceef8d Mon Sep 17 00:00:00 2001
From: lauener <kilian.lauener@epfl.ch>
Date: Mon, 11 Mar 2024 11:47:04 +0100
Subject: [PATCH 3/5] Add proof becnhmark

---
 proof/proof.go      |  3 +--
 proof/proof_test.go | 65 ++++++++++++++++++++++++++++++++++++++++++++-
 2 files changed, 65 insertions(+), 3 deletions(-)

diff --git a/proof/proof.go b/proof/proof.go
index ec343f45b..4d3258d8e 100644
--- a/proof/proof.go
+++ b/proof/proof.go
@@ -25,7 +25,7 @@ type Suite interface {
 /*
 A Predicate is a composable logic expression in a knowledge proof system,
 representing a "knowledge specification set" in Camenisch/Stadler terminology.
-Atomic predicates in this system are statements of the form P=x1*B1+...+xn+Bn,
+Atomic predicates in this system are statements of the form P=x1*B1+...+xn*Bn,
 indicating the prover knows secrets x1,...,xn that make the statement true,
 where P and B1,...,Bn are public points known to the verifier.
 These atomic Rep (representation) predicates may be combined
@@ -157,7 +157,6 @@ type repPred struct {
 // A Rep statement of the form Rep(P,x1,B1,...,xn,Bn)
 // indicates that the prover knows secrets x1,...,xn
 // such that point P is the sum x1*B1+...+xn*Bn.
-//
 func Rep(P string, SB ...string) Predicate {
 	if len(SB)&1 != 0 {
 		panic("mismatched Scalar")
diff --git a/proof/proof_test.go b/proof/proof_test.go
index 6ca8d1797..9cbac440c 100644
--- a/proof/proof_test.go
+++ b/proof/proof_test.go
@@ -3,10 +3,13 @@ package proof
 import (
 	"encoding/hex"
 	"fmt"
+	"strconv"
 	"testing"
 
 	"go.dedis.ch/kyber/v3"
+	"go.dedis.ch/kyber/v3/group/curve25519"
 	"go.dedis.ch/kyber/v3/group/edwards25519"
+	"go.dedis.ch/kyber/v3/group/nist"
 	"go.dedis.ch/kyber/v3/xof/blake2xb"
 )
 
@@ -140,7 +143,6 @@ func Example_rep2() {
 // If the prover does know the relationship between B1 and B2, however,
 // then X does not serve as a useful commitment:
 // the prover can trivially compute the x1 corresponding to an arbitrary x2.
-//
 func Example_rep3() {
 	pred := Rep("X", "x1", "B1", "x2", "B2")
 	fmt.Println(pred.String())
@@ -246,3 +248,64 @@ func Example_or2() {
 	// 000000b0  4d 97 a9 bf 1a 28 27 6d  3b 71 04 e1 c0 86 96 08  |M....('m;q......|
 	// Proof verified.
 }
+
+func BenchmarkProof(b *testing.B) {
+	rand := blake2xb.New([]byte("random"))
+	suites := []struct {
+		Suite
+	}{
+		{edwards25519.NewBlakeSHA256Ed25519()},
+		{curve25519.NewBlakeSHA256Curve25519(false)},
+		{curve25519.NewBlakeSHA256Curve25519(true)},
+		{nist.NewBlakeSHA256P256()},
+		{nist.NewBlakeSHA256QR512()},
+	}
+
+	for _, suite := range suites {
+		P := suite.Point().Null()
+
+		sval := map[string]kyber.Scalar{}
+		pval := map[string]kyber.Point{}
+		predicateBuilder := make([]string, 0)
+
+		for i := 0; i < b.N; i++ {
+			s := suite.Scalar().Pick(rand)
+			index := strconv.Itoa(i)
+
+			publicPoint := suite.Point().Mul(s, nil)
+
+			sval["x"+index] = s
+			predicateBuilder = append(predicateBuilder, "x"+index)
+			predicateBuilder = append(predicateBuilder, "B"+index)
+			pval["B"+index] = suite.Point().Base()
+
+			P = suite.Point().Add(P, publicPoint)
+		}
+
+		pval["P"] = P
+
+		var proof []byte
+		var err error
+		var pred Predicate
+
+		b.Run(suite.String()+"/ProofBuild", func(b *testing.B) {
+			pred = Rep("P", predicateBuilder...)
+			// Prove P = x0*B + x1*B + ... + xN*B
+			prover := pred.Prover(suite, sval, pval, nil)
+			proof, err = HashProve(suite, "TEST", prover)
+			if err != nil {
+				b.Log(err.Error())
+				b.Fail()
+			}
+		})
+
+		b.Run(suite.String()+"/ProofVerify", func(b *testing.B) {
+			verifier := pred.Verifier(suite, pval)
+			err = HashVerify(suite, "TEST", verifier, proof)
+			if err != nil {
+				b.Log(err.Error())
+				b.Fail()
+			}
+		})
+	}
+}

From 5b1e99d572a8b9642e9606e2fbd0682eee90a588 Mon Sep 17 00:00:00 2001
From: lauener <kilian.lauener@epfl.ch>
Date: Fri, 15 Mar 2024 10:43:14 +0100
Subject: [PATCH 4/5] Add missing for loops

---
 encrypt/ecies/ecies_test.go | 17 +++++++++--------
 proof/proof_test.go         | 28 ++++++++++++++++------------
 2 files changed, 25 insertions(+), 20 deletions(-)

diff --git a/encrypt/ecies/ecies_test.go b/encrypt/ecies/ecies_test.go
index ac37e774a..704bd39a5 100644
--- a/encrypt/ecies/ecies_test.go
+++ b/encrypt/ecies/ecies_test.go
@@ -68,16 +68,17 @@ func BenchmarkECIES(b *testing.B) {
 		private := suite.Scalar().Pick(rand)
 		public := suite.Point().Mul(private, nil)
 
-		for i := 0; i < b.N; i++ {
-			var ct []byte
-			b.Run("Encrypt/"+suite.String(), func(b *testing.B) {
+		var ct []byte
+		b.Run("Encrypt/"+suite.String(), func(b *testing.B) {
+			for i := 0; i < b.N; i++ {
 				ct, _ = Encrypt(suite, public, message, nil)
+			}
+		})
 
-			})
-
-			b.Run("Decrypt/"+suite.String(), func(b *testing.B) {
+		b.Run("Decrypt/"+suite.String(), func(b *testing.B) {
+			for i := 0; i < b.N; i++ {
 				_, _ = Decrypt(suite, private, ct, nil)
-			})
-		}
+			}
+		})
 	}
 }
diff --git a/proof/proof_test.go b/proof/proof_test.go
index 9cbac440c..66ac632e3 100644
--- a/proof/proof_test.go
+++ b/proof/proof_test.go
@@ -289,22 +289,26 @@ func BenchmarkProof(b *testing.B) {
 		var pred Predicate
 
 		b.Run(suite.String()+"/ProofBuild", func(b *testing.B) {
-			pred = Rep("P", predicateBuilder...)
-			// Prove P = x0*B + x1*B + ... + xN*B
-			prover := pred.Prover(suite, sval, pval, nil)
-			proof, err = HashProve(suite, "TEST", prover)
-			if err != nil {
-				b.Log(err.Error())
-				b.Fail()
+			for i := 0; i < b.N; i++ {
+				pred = Rep("P", predicateBuilder...)
+				// Prove P = x0*B + x1*B + ... + xN*B
+				prover := pred.Prover(suite, sval, pval, nil)
+				proof, err = HashProve(suite, "TEST", prover)
+				if err != nil {
+					b.Log(err.Error())
+					b.Fail()
+				}
 			}
 		})
 
 		b.Run(suite.String()+"/ProofVerify", func(b *testing.B) {
-			verifier := pred.Verifier(suite, pval)
-			err = HashVerify(suite, "TEST", verifier, proof)
-			if err != nil {
-				b.Log(err.Error())
-				b.Fail()
+			for i := 0; i < b.N; i++ {
+				verifier := pred.Verifier(suite, pval)
+				err = HashVerify(suite, "TEST", verifier, proof)
+				if err != nil {
+					b.Log(err.Error())
+					b.Fail()
+				}
 			}
 		})
 	}

From ca0da5aced884292f0818fadb1f2b4b39c6d2f51 Mon Sep 17 00:00:00 2001
From: lauener <kilian.lauener@epfl.ch>
Date: Mon, 18 Mar 2024 14:23:03 +0100
Subject: [PATCH 5/5] Set fixed number of predicates for benchmark

---
 proof/proof_test.go | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/proof/proof_test.go b/proof/proof_test.go
index 66ac632e3..e12f21168 100644
--- a/proof/proof_test.go
+++ b/proof/proof_test.go
@@ -251,6 +251,7 @@ func Example_or2() {
 
 func BenchmarkProof(b *testing.B) {
 	rand := blake2xb.New([]byte("random"))
+	predicateSize := 100
 	suites := []struct {
 		Suite
 	}{
@@ -268,7 +269,7 @@ func BenchmarkProof(b *testing.B) {
 		pval := map[string]kyber.Point{}
 		predicateBuilder := make([]string, 0)
 
-		for i := 0; i < b.N; i++ {
+		for i := 0; i < predicateSize; i++ {
 			s := suite.Scalar().Pick(rand)
 			index := strconv.Itoa(i)