expand cx multiplication.

src/elgamal.c

@@ -7,22 +7,15 @@
 #include "hss.h"
 
 
-void elgamal_key_init(elgamal_key_t rop)
+void elgamal_keygen(elgamal_key_t rop)
 {
-  mpz_init(rop->sk);
-  mpz_init_set_ui(rop->pk, 2);
+  mpz_set_ui(rop->pk, 2);
 
   //  mpz_urandomm(rop->sk, _rstate, q);
   mpz_urandomb(rop->sk, _rstate, 160);
   mpz_powm(rop->pk, rop->pk, rop->sk, p);
 }
 
-void elgamal_key_clear(elgamal_key_t key)
-{
-  mpz_clears(key->sk, key->pk, NULL);
-}
-
-
 void elgamal_encrypt(elgamal_cipher_t rop, const elgamal_key_t k, const mpz_t m)
 {
   mpz_t x;
@@ -34,6 +27,14 @@ void elgamal_encrypt(elgamal_cipher_t rop, const elgamal_key_t k, const mpz_t m)
   mpz_powm(rop->c1, rop->c1, x, p);
   mpz_invert(rop->c1, rop->c1, p);
 
+  /* cached intermediate values */
+  mpz_t e;
+  mpz_init_set_ui(e, 1);
+  mpz_mul_2exp(e, e, 64);
+  mpz_powm(rop->c1e64, rop->c1, e, p);
+  mpz_powm(rop->c1e128, rop->c1e64, e, p);
+  mpz_clear(e);
+
   mpz_set(rop->c2, k->pk);
   mpz_powm(rop->c2, rop->c2, x, p);
   mpz_set_ui(x, 2);
@@ -52,17 +53,11 @@ void elgamal_decrypt(mpz_t rop, const elgamal_key_t k, const elgamal_cipher_t c)
   mpz_mod(rop, rop, p);
 }
 
-void elgamal_cipher_init(elgamal_cipher_t rop)
-{
-  mpz_inits(rop->c1, rop->c2, NULL);
-}
 void elgamal_cipher_set(elgamal_cipher_t rop, const elgamal_cipher_t op1)
 {
   mpz_set(rop->c1, op1->c1);
   mpz_set(rop->c2, op1->c2);
-}
+  mpz_set(rop->c1e64, op1->c1e64);
+  mpz_set(rop->c1e128, op1->c1e128);
 
-void elgamal_cipher_clear(elgamal_cipher_t op)
-{
-  mpz_clears(op->c1, op->c2, NULL);
 }

src/elgamal.h

@@ -10,20 +10,27 @@ typedef struct elgamal_key {
   mpz_t pk;
 } elgamal_key_t[1];
 
+
 typedef struct elgamal_cipher {
+  /* NOTE: the first part is already inverted! */
   mpz_t c1;
   mpz_t c2;
+  mpz_t c1e64;
+  mpz_t c1e128;
 } elgamal_cipher_t[1];
 
 void elgamal_encrypt(elgamal_cipher_t c, const elgamal_key_t k, const mpz_t m);
 void elgamal_decrypt(mpz_t rop, const elgamal_key_t k, const elgamal_cipher_t c);
 
-void elgamal_key_init(elgamal_key_t key);
-void elgamal_key_clear(elgamal_key_t key);
+void elgamal_keygen(elgamal_key_t key);
 
-void elgamal_cipher_init(elgamal_cipher_t op);
 void elgamal_cipher_set(elgamal_cipher_t rop, const elgamal_cipher_t op1);
-void elgamal_cipher_clear(elgamal_cipher_t op);
+
+#define ELGAMAL_KEY(func, k)                   \
+  mpz_ ## func ## s(k->pk, k->sk, NULL);
+
+#define ELGAMAL_CIPHER(func, c)                \
+  mpz_ ## func ## s(c->c1, c->c2, c->c1e64, c->c1e128, NULL)
 
 #define elgamal_encrypt_shares(share1, share2, key, plaintext) \
   elgamal_encrypt(share1, key, plaintext);                     \

src/hss.c

@@ -38,19 +38,19 @@ void hss_del()
 
 void ssl1_init(ssl1_t s)
 {
-  elgamal_cipher_init(s->w);
+  ELGAMAL_CIPHER(init, s->w);
 
   for (size_t t = 0; t < 160; t++) {
-    elgamal_cipher_init(s->cw[t]);
+    ELGAMAL_CIPHER(init, s->cw[t]);
   }
 }
 
 void ssl1_clear(ssl1_t s)
 {
-  elgamal_cipher_clear(s->w);
+  ELGAMAL_CIPHER(clear, s->w);
 
   for (size_t t = 0; t < 160; t++) {
-    elgamal_cipher_clear(s->cw[t]);
+    ELGAMAL_CIPHER(clear, s->cw[t]);
   }
 }
 

src/rms.c

@@ -33,12 +33,25 @@ static inline
 uint32_t __mul_single(mpz_t op1,
                       mpz_t op2,
                       const mpz_t c1,
+                      const mpz_t c1e64,
+                      const mpz_t c1e128,
                       const mpz_t c2,
                       const uint32_t x,
                       const mpz_t cx)
 {
 
-  mpz_powm(op1, c1, cx, p);
+  /* first block */
+  mpz_powm_ui(op1, c1, cx->_mp_d[0], p);
+  /* second block */
+  mpz_powm_ui(op2, c1e64, cx->_mp_d[1], p);
+  mpz_mul(op1, op2, op1);
+  mpz_mod(op1, op1, p);
+  /* third block */
+  mpz_powm_ui(op2, c1e128, cx->_mp_d[2], p);
+  mpz_mul(op1, op2, op1);
+  mpz_mod(op1, op1, p);
+
+  //mpz_powm(op1, c1, cx, p);
   mpz_powm_ui(op2, c2, x, p);
   mpz_mul(op2, op2, op1);
   mpz_mod(op2, op2, p);
@@ -52,16 +65,20 @@ void hss_mul(ssl2_t rop, const ssl1_t sl1, const ssl2_t sl2)
   mpz_inits(op1, op2, NULL);
 
   rop->x = __mul_single(op1, op2,
-                           sl1->w->c1,
-                           sl1->w->c2,
-                           sl2->x,
-                           sl2->cx);
+                        sl1->w->c1,
+                        sl1->w->c1e64,
+                        sl1->w->c1e128,
+                        sl1->w->c2,
+                        sl2->x,
+                        sl2->cx);
 
   mpz_set_ui(rop->cx, 0);
   for (size_t t = 0; t < 160; t++) {
     const uint32_t converted =
       __mul_single(op1, op2,
                    sl1->cw[t]->c1,
+                   sl1->cw[t]->c1e64,
+                   sl1->cw[t]->c1e128,
                    sl1->cw[t]->c2,
                    sl2->x,
                    sl2->cx);
@@ -86,7 +103,8 @@ int main()
   mpz_inits(x, y, xy, NULL);
 
   elgamal_key_t key;
-  elgamal_key_init(key);
+  ELGAMAL_KEY(init, key);
+  elgamal_keygen(key);
 
   ssl1_t r1, r2;
   ssl2_t s1, s2;
@@ -100,7 +118,7 @@ int main()
   ssl2_init(t2);
 
   INIT_TIMEIT();
-  for (int i = 0; i <  (int) 1e2; i++) {
+  for (int i = 0; i <  (int) 1e1; i++) {
 
     mpz_urandomb(y, _rstate, 1);
     mpz_urandomb(x, _rstate, 1);
@@ -143,7 +161,7 @@ int main()
   ssl2_clear(t2);
 
   mpz_clears(x, y, NULL);
-  elgamal_key_clear(key);
+  ELGAMAL_KEY(clear, key);
   hss_del();
   return 0;
 }