params and times
Parameters:
Our current parameters are (note that this might change):
We select and implement four parameter sets: For NIST security level 1, we select two parameter sets: MAYO_one and MAYO_two, where MAYO_one has smaller public keys but larger signatures and conversely MAYO_two has smaller signatures but larger public keys. For NIST security level 3 and NIST security level 5, we select one parameter set each, which we refer to as MAYO_three and MAYO_five, respectively. The parameter sets and the corresponding key and signature sizes are displayed below. All sizes are reported in bytes -B-.
| Parameter set | MAYO_one |
MAYO_two |
MAYO_three |
MAYO_five |
|---|---|---|---|---|
| security level | 1 | 1 | 3 | 5 |
| secret key size | 24 B | 24 B | 32 B | 40 B |
| public key size | 1168 B | 5488 B | 2656 B | 5008 B |
| signature size | 321 B | 180 B | 577 B | 838 B |
Cycle counts for our AVX2 optimized implementation:
The fastest results on the 2.0 GHz Ice Lake platform perform KeyGen in 55 μs, Signing (+ExpandSK) in 246 μs, and Verifying (+ExpandPK) in 77 μs with MAYO_one. Batch signing (without expandSK) is fastest with 126 μs and MAYO_two. Batch verification (without expandPK) is fastest with 30 μs and MAYO_two.
All builds use -O3 compiler optimization level and -march=native build architecture. Turbo Boost was deactivated to achieve consistent timings. We report the CPU cycles using AES-NI. More results can be found in our specification.
On Intel Xeon Gold 6338 CPU (Ice Lake) with 2.0 GHz for the AVX2 optimized implementation:
| Scheme | KeyGen | ExpandSK + Sign | ExpandPK + Verify |
MAYO_one |
110,112 | 460,978 | 175,158 |
MAYO_two |
309,422 | 563,900 | 91,512 |
MAYO_three |
508,608 | 1,663,666 | 610,010 |
MAYO_five |
1,210,154 | 4,149,954 | 1,186,132 |
The library was compiled on Ubuntu with clang version 12.0.1-19ubuntu3. Results are the median of 1000 benchmark runs.
On Intel Xeon E3-1225 v3 CPU (Haswell) at 3.20GHz for the AVX2 optimized implementation:
| Scheme | KeyGen | ExpandSK + Sign | ExpandPK + Verify |
MAYO_one |
184,116 | 652,052 | 283,228 |
MAYO_two |
487,032 | 789,020 | 178,276 |
MAYO_three |
956,696 | 3,249,120 | 1,160,552 |
MAYO_five |
2,153,280 | 6,606,208 | 1,984,424 |
The library was compiled on Ubuntu with clang version 12.0.0-3ubuntu1 20.04.5. Results are the median of 1000 benchmark runs.
On Intel Xeon E3-1260L v5 CPU (Skylake) at 2.90GHz for the optimized implementation:
| Scheme | KeyGen | ExpandSK + Sign | ExpandPK + Verify |
MAYO_one |
155,568 | 584,906 | 208,973 |
MAYO_two |
419,778 | 697,946 | 129,863 |
MAYO_three |
831,339 | 2,804,104 | 904,918 |
MAYO_five |
1,727,943 | 5,148,078 | 1,478,483 |
The library was compiled on Ubuntu with clang version 14.0.0-1ubuntu1 20.04.5. Results are the median of 1000 benchmark runs.
Cycle counts for our optimized implementation:
All builds use -O3 compiler optimization level and -march=native build architecture. Turbo Boost was deactivated to achieve consistent timings. We report the CPU cycles using AES-NI. More results can be found in our specification.
On Intel Xeon Gold 6338 CPU (Ice Lake) with 2.0 GHz for the optimized implementation:
| Scheme | KeyGen | ExpandSK + Sign | ExpandPK + Verify |
MAYO_one |
222,666 | 1,087,794 | 205,692 |
MAYO_two |
613,636 | 1,269,250 | 118,534 |
MAYO_three |
2,917,294 | 8,839,058 | 1,470,684 |
MAYO_five |
4,263,490 | 13,928,986 | 1,783,626 |
The library was compiled on Ubuntu with clang version 12.0.1-19ubuntu3. Results are the median of 1000 benchmark runs.
On Intel Xeon E3-1225 v3 CPU (Haswell) at 3.20GHz for the optimized implementation:
| Scheme | KeyGen | ExpandSK + Sign | ExpandPK + Verify |
MAYO_one |
515,168 | 1,947,392 | 397,464 |
MAYO_two |
1,444,244 | 2,505,584 | 212,264 |
MAYO_three |
4,314,644 | 13,179,744 | 1,982,160 |
MAYO_five |
6,096,148 | 19,609,280 | 2,705,800 |
The library was compiled on Ubuntu with clang version 12.0.0-3ubuntu1 20.04.5. Results are the median of 1000 benchmark runs.
On Intel Xeon E3-1260L v5 CPU (Skylake) at 2.90GHz for the optimized implementation:
| Scheme | KeyGen | ExpandSK + Sign | ExpandPK + Verify |
MAYO_one |
313,438 | 1,496,786 | 283,366 |
MAYO_two |
921,052 | 1,826,460 | 159,714 |
MAYO_three |
4,016,744 | 12,324,612 | 1,637,394 |
MAYO_five |
4,465,717 | 16,203,574 | 2,244,080 |
The library was compiled on Ubuntu with clang version 14.0.0-1ubuntu1 20.04.5. Results are the median of 1000 benchmark runs.
Arm Cortex-M4 implementation:
We are working on an Arm Cortex-M4 implementation. Preliminary results are shown below.
We use the ST NUCLEO-L4R5ZI development board which comes with a STM32L4R5ZI Cortex-M4 CPU with 2MBof flash memory and 640KB of SRAM.
All builds use -O3 compiler optimization level using the Arm GNU toolchain.
| Scheme | KeyGen | ExpandSK + Sign | ExpandPK + Verify |
MAYO_one |
5,245,606 | 9,183,088 | 4,886,583 |
MAYO_two |
11,925,130 | 12,033,879 | 5,103,238 |