This page describes how to reproduce the measurements from our paper introducing the DAKEZ, Spawn+, ZDH, and XZDH strongly deniable authenticated key exchange protocols.
Note that the measurements presented in the paper were gathered from a single pinned core on an Intel Core i7-6700K processor with Turbo Boost disabled. Measurements on different systems will vary with the performance of the hardware.
This guide assumes that you are familiar with basic Linux use.
This is prototype software. It contains known security weaknesses (that are irrelevant for performance evaluation purposes). It has not been thoroughly tested. It has not been audited. Do not use this code in production.
1. Install Debian
Our prototype software works only on Linux and has been tested only with Debian. We require features of OpenSSL and LLVM that require
stretch or later. Note that the packages in
jessie-backports are not new enough. The code may work with other distributions if their packages are new enough.
2. Install Dependencies
Throughout this guide, you will need to run several commands as root.
If you kept the root account enabled during installation (Debian's
default), then you will need to use
su - to become root (otherwise, you can use
sudo -i or enter root commands through
sudo). The default Debian installation comes with the
nano CLI editors.
Install the dependencies for our prototype as root by running
apt-get install git build-essential xsltproc libssl-dev clang php-cli and following the prompts to restart services.
3. Get the Code
Download and extract the code.
The libraries used by our prototype include processor-specific
optimizations for Intel chips with the Haswell architecture or newer
(specifically, support for
AVX2 instructions). To see if your processor supports these, check the output of
grep avx2 /proc/cpuinfo. If the output is blank, then you will need to use
x64 whenever we write
ARCH. If output lines appear, then you should use
Haswell whenever we write
ARCH in order to get improved performance.
First, compile the SHA-3 library. Enter the
impl/vendor/KeccakCodePackage directory. If you are using Haswell extensions, then run
make Haswell/libkeccak.a. If you are not using Haswell extensions, then run
make asmX86-64/libkeccak.a instead. The compilation should succeed.
Next, enter the
impl/Release_ARCH directory. Run
make dakes to compile the test suite.
Finally, enter the
impl/Benchmark_ARCH directory. Run
make dakes-benchmark to compile the benchmarking suite.
To ensure that the library is working properly, you should run the
test suite. This program performs all of the key exchanges and low-level
operations, and performs extremely basic fuzz testing. Run
impl/Release_ARCH/dakes. This program will run until you stop it with
Ctrl+C, or until a bug is found. Each
. that is written to the screen represents hundreds of tests, so any problems should appear quickly.
To perform the experiments reported in the paper, you can run the included measurement script. This Bash+PHP script runs the benchmark program with all of the new and well-known protocols reported in the paper. If you would like to perform custom measurements, instructions for the low-level benchmark program are given in the next section.
Before evaluating benchmarks, it is important to disable Turbo Boost
on modern Intel processors. If your processor supports Turbo Boost, you
can do this as root by executing
echo 1 > /sys/devices/system/cpu/intel_pstate/no_turbo
(no restart is needed). The benchmarks in our prototype are
single-threaded, so you should also pin the measurement script to a
single processor core using
taskset to reduce measurement noise (see the
man page for details).
Run the experiments by entering the
measure directory and executing
./paper-times.sh. If you are not using Haswell extensions, then you will need to alter the constant definition in
time-sim.php first. Results are written to the
directory. Each line in the logs is the time to perform a single public
key generation or key exchange operation, measured in seconds.
7. Custom Benchmarking
Our prototype benchmark program offers more features than are available through the
time-sim.php script. To see a complete list of options, run
option can be used to print the size of keys and network transmissions
for a given protocol combination (i.e., a DAKE and quantum-resistant
exchange selection). The
options benchmark public key generation and DAKE executions,
respectively—these are the options used by the measurement script.
resp options run
networked client and server programs to perform a given key exchange.
These can be used to investigate performance over real or emulated