Merged
Conversation
…hash This PR migrates the ciphertext hashing mechanism from AES-based accumulation to Blake3, improving performance and security for high-volume ciphertext processing (designed for 2.7B+ ciphertexts). - Replace `AESAccumulatingHash` with `Blake3AccumulatingHash` - Replace `AESAccumulatingHashBatch<N>` with `Blake3AccumulatingHashBatch<N>` - Implement batched hashing (64 ciphertexts per batch = 1KB, matching Blake3's optimal chunk size) - Add domain separation via u64 batch index prefix for each batch - Zero-allocation hot path design using fixed-size buffers: - `[S; 64]` ciphertext buffer - 1032-byte pre-allocated serialization buffer - Change `HASH_OUTPUT_SIZE` from 16 to 32 bytes (full Blake3 output) - Update `CiphertextSource::finalize()` signature from `&self` to `self` to allow flushing remaining buffered ciphertexts - Update `CiphertextCommit` type alias to use 32-byte output - Remove deprecated AES accumulator code entirely (no backward compatibility) - `src/circuit/mod.rs` - MultiCiphertextHandler implementations - `src/circuit/ciphertext_source.rs` - FileSource and trait definitions - `src/cut_and_choose/` - garbler, evaluator, ciphertext_repository - All examples and tests updated to use Blake3 types Blake3 is designed for high-throughput hashing with: - SIMD acceleration on modern CPUs - Optimal performance with ~1KB input chunks - Built-in parallelization support - Stronger 256-bit security vs AES-MMO's 128-bit The batched approach reduces per-ciphertext overhead while maintaining order-dependent sequential accumulation for deterministic results.
Switch from custom AES-NI implementation to Swanky library's AES hasher for gate hashing. This simplifies garble_gate_batch by using the generic GateHasher trait instead of hardcoded AES-NI batch operations.
Signed-off-by: Your Name <you@example.com> Signed-off-by: cyphersnake <cyphersnake@pm.me>
|
LGTM so far |
Collaborator
Author
Overhead vs Vanilla Baseline
| Version | Total Time | Overhead | Overhead % |
|-----------------|------------|--------------|------------|
| Vanilla | 1h 19m 39s | 0 (baseline) | 0% |
| VSSS | 1h 23m 26s | +3m 47s | +4.7% |
| Soldering (SP1) | 1h 31m 49s | +12m 10s | +15.3% | |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
cut_and_choose::vsssmodule structureTODO
I plan to provide three modules:
Each of which is completely independent of the others.