Fastcrypto: Pioneering Cryptography Via Continuous Benchmarking
Authors: 
Kostas Kryptos Chalkias, Jonas Lindstrøm, Deepak Maram, Ben Riva, Arnab Roy, Alberto Sonnino, Joy WangAuthors Info & Claims
Kostas Kryptos Chalkias, Jonas Lindstrøm, Deepak Maram, Ben Riva, Arnab Roy, Alberto Sonnino, Joy WangAuthors Info & ClaimsPages 227 - 234
Abstract
In the rapidly evolving fields of encryption and blockchain technologies, the efficiency and security of cryptographic schemes significantly impact performance. This paper introduces a comprehensive framework for continuous benchmarking in one of the most popular cryptography Rust libraries, \textttfastcrypto. What makes our analysis unique is the realization that automated benchmarking is not just a performance monitor and optimization tool, but it can be used for cryptanalysis and innovation discovery as well. Surprisingly, benchmarks can uncover spectacular security flaws and inconsistencies in various cryptographic implementations and standards, while at the same time they can identify unique opportunities for innovation not previously known to science, such as providing a) hints for novel algorithms, b) indications for mix-and-match library functions that result in world record speeds, and c) evidences of biased or untested real world algorithm comparisons in the literature.
Our approach transcends traditional benchmarking methods by identifying inconsistencies in multi-threaded code, which previously resulted in unfair comparisons. We demonstrate the effectiveness of our methodology in identifying the fastest algorithms for specific cryptographic operations like signing, while revealing hidden performance characteristics and security flaws. The process of continuous benchmarking allowed \textttfastcrypto to break many crypto-operations speed records in the Rust language ecosystem. A notable discovery in our research is the identification of vulnerabilities and unfair speed claims due to missing padding checks in high-performance Base64 encoding libraries. We also uncover insights into algorithmic implementations such as multi-scalar elliptic curve multiplications, which exhibit different performance gains when applied in different schemes and libraries. This was not evident in conventional benchmarking practices. Further, our analysis highlights bottlenecks in cryptographic algorithms where pre-computed tables can be strategically applied, accounting for L1 and L2 CPU cache limitations.
Our benchmarking framework also reveals that certain algorithmic implementations incur additional overheads due to serialization processes, necessitating a refined 'apples to apples' comparison approach. We identified unique performance patterns in some schemes, where efficiency scales with input size, aiding blockchain technologies in optimal parameter selection and data compression.
Crucially, continuous benchmarking serves as a tool for ongoing audit and security assurance. Variations in performance can signal potential security issues during upgrades, such as cleptography, hardware manipulation or supply chain attacks. This was evidenced by critical private key leakage vulnerabilities we found in one of the most popular EdDSA Rust libraries. By providing a dynamic and thorough benchmarking approach, our framework empowers stakeholders to make informed decisions, enhance security measures, and optimize cryptographic operations in an ever-changing digital landscape.
References
[1]
Zachary Amsden, Ramnik Arora, Shehar Bano, Mathieu Baudet, Sam Blackshear, Abhay Bothra, G Cabrera, C Catalini, K Chalkias, E Cheng, et al. 2019. The libra blockchain. URl: https://developers. libra. org/docs/assets/papers/the-libra-blockchain. pdf (2019).
[2]
X9 ANSI. 1999. 62: public key cryptography for the financial services industry: the elliptic curve digital signature algorithm (ecdsa). Am. Nat'l Standards Inst (1999).
[3]
Jorge Aparicio and Brook Heisler. 2024. criterion.rs: Statistics-driven micro-benchmarking library. https://github.com/japaric/criterion.rs.
[4]
Arkworks. 2024. arkworks-rs. https://github.com/arkworks-rs/.
[5]
arnaucube. 2024. poseidon-ark. https://github.com/arnaucube/poseidon-ark.
[6]
Jean-Philippe Aumasson, Samuel Neves, Zooko Wilcox-O'Hearn, and Christian Winnerlein. 2013. BLAKE2: simpler, smaller, fast as MD5. In Proceedings of the 11th International Conference on Applied Cryptography and Network Security (Banff, AB, Canada) (ACNS'13). Springer-Verlag, Berlin, Heidelberg, 119--135. https://doi.org/10.1007/978--3--642--38980--1_8
[7]
Foteini Baldimtsi, Konstantinos Kryptos Chalkias, Yan Ji, Jonas Lindstrøm, Deepak Maram, Ben Riva, Arnab Roy, Mahdi Sedaghat, and Joy Wang. 2024. zkLogin: Privacy-Preserving Blockchain Authentication with Existing Credentials. arxiv: 2401.11735 [cs.CR]
[8]
Paulo S. L. M. Barreto, Ben Lynn, and Michael Scott. 2003. Constructing Elliptic Curves with Prescribed Embedding Degrees. In Security in Communication Networks, Stelvio Cimato, Giuseppe Persiano, and Clemente Galdi (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 257--267.
[9]
Ben Dickson. 2022. Dozens of cryptography libraries vulnerable to private key theft. The Daily Swig: https://portswigger.net/daily-swig/dozens-of-cryptography-libraries-vulnerable-to-private-key-theft.
[10]
Daniel J. Bernstein, Niels Duif, Tanja Lange, Peter Schwabe, and Bo-Yin Yang. 2012. High-speed high-security signatures. Journal of Cryptographic Engineering, Vol. 2, 2 (2012), 77--89. https://doi.org/10.1007/s13389-012-0027--1
[11]
Sam Blackshear, Evan Cheng, David L Dill, Victor Gao, Ben Maurer, Todd Nowacki, Alistair Pott, Shaz Qadeer, Dario Russi Rain, Stephane Sezer, et al. 2019. Move: A language with programmable resources. Libra Assoc (2019), 1.
[12]
Dan Boneh, Craig Gentry, Ben Lynn, and Hovav Shacham. 2003. Aggregate and Verifiably Encrypted Signatures from Bilinear Maps. In Advances in Cryptology -- EUROCRYPT 2003, Eli Biham (Ed.). Springer Berlin Heidelberg, Berlin, Heidelberg, 416--432.
[13]
Dan Boneh, Ben Lynn, and Hovav Shacham. 2001. Short Signatures from the Weil Pairing. In Advances in Cryptology -- ASIACRYPT 2001, Colin Boyd (Ed.). Springer Berlin Heidelberg, Berlin, Heidelberg, 514--532.
[14]
Konstantinos Chalkias and Panagiotis Chatzigiannis. 2022. Base64 Malleability in Practice. In Proceedings of the 2022 ACM on Asia Conference on Computer and Communications Security (Nagasaki, Japan) (ASIA CCS '22). Association for Computing Machinery, New York, NY, USA, 1219--1221. https://doi.org/10.1145/3488932.3527284
[15]
dalek cryptography. 2024. ed25519-dalek. https://github.com/dalek-cryptography/ed25519-dalek.
[16]
Lorenzo Grassi, Dmitry Khovratovich, Christian Rechberger, Arnab Roy, and Markus Schofnegger. 2021. Poseidon: A New Hash Function for Zero-Knowledge Proof Systems. In USENIX Security Symposium. https://api.semanticscholar.org/CorpusID:221069468
[17]
Sam Grierson, Konstantinos Chalkias, and William J Buchanan. 2023. Double Public Key Signing Function Oracle Attack on EdDSA Software Implementations. arXiv preprint arXiv:2308.15009 (2023).
[18]
Jens Groth. 2016. On the Size of Pairing-Based Non-interactive Arguments. 305--326. https://doi.org/10.1007/978--3--662--49896--5_11
[19]
iden3. 2024. rapidsnark. https://github.com/iden3/rapidsnark.
[20]
Kostas Kryptos. 2023. Blockchain research has advanced systems and cryptography. https://twitter.com/kostascrypto/status/1626983601572302849.
[21]
Zhuolun Li, Alberto Sonnino, and Philipp Jovanovic. 2023. Performance of EdDSA and BLS Signatures in Committee-Based Consensus. In Workshop on Advanced tools, programming languages, and PLatforms for Implementing and Evaluating algorithms for Distributed systems.
[22]
lurk-lab. 2024. neptune. https://github.com/lurk-lab/neptune.
[23]
Nicholas D Matsakis and Felix S Klock. 2014. The rust language. ACM SIGAda Ada Letters, Vol. 34, 3 (2014), 103--104.
[24]
Mysten Labs. 2024. fastcrypto. https://github.com/MystenLabs/fastcrypto.
[25]
NumPy Team. 2024. Numpy. https://numpy.org.
[26]
Penumbra. 2024. ed25519-consensus. https://github.com/penumbra-zone/ed25519-consensus.
[27]
Rust Bitcoin Community. 2024. rust-secp256k1. https://github.com/rust-bitcoin/rust-secp256k1/.
[28]
RustCrypto. 2024. p256. https://github.com/RustCrypto/elliptic-curves/tree/master/p256.
[29]
Rustsec. 2022. Double Public Key Signing Function Oracle Attack on ed25519-dalek. RUSTSEC-2022-0093: https://rustsec.org/advisories/RUSTSEC-2022-0093.
[30]
Supranational. 2024. blst. https://github.com/supranational/blst.
[31]
Gavin Wood et al. 2014. Ethereum: A secure decentralised generalised transaction ledger., bibinfonumpages32 pages.
Index Terms
- Fastcrypto: Pioneering Cryptography Via Continuous Benchmarking
Recommendations
Nonmalleable Cryptography
The notion of nonmalleable cryptography, an extension of semantically secure cryptography, is defined. Informally, in the context of encryption the additional requirement is that given the ciphertext it is impossible to generate a different ciphertext ...
Breaking an ID-based encryption based on discrete logarithm and factorization problems
We cryptanalyse the new ID-based encryption scheme proposed by Meshram.We find a method to factorize N, where N is the parameter proposed by Meshram.We also give a method to recover the secret master key of Meshram's ID-based encryption scheme.We also ...
Nonmalleable Cryptography
The notion of nonmalleable cryptography, an extension of semantically secure cryptography, is defined. Informally, in the context of encryption the additional requirement is that given the ciphertext it is impossible to generate a different ciphertext so ...
Comments
Information & Contributors
Information
Published In
May 2024
305 pages
ISBN:9798400704451
DOI:10.1145/3629527
- General Chairs:
- Simonetta Balsamo,
- William Knottenbelt,
- Program Chairs:
- Cristina L. Abad,
- Weiyi Shang
Copyright © 2024 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 07 May 2024
Check for updates
Author Tags
Qualifiers
- Research-article
Conference
ICPE '24
Sponsor:
ICPE '24: 15th ACM/SPEC International Conference on Performance Engineering
May 7 - 11, 2024
London, United Kingdom
Acceptance Rates
Overall Acceptance Rate 252 of 851 submissions, 30%
Upcoming Conference
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 76Total Downloads
- Downloads (Last 12 months)76
- Downloads (Last 6 weeks)8
Reflects downloads up to 28 Feb 2025
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in