\section{Related work}
\label{sec:related}

The \cmix{} network uses raw \elgamal{} encryption and we try to benchmark the performance of using either multiplicative group or elliptic curve variants. Within the field of benchmarking mix networks and \elgamal{} implementations some work has already been done. But most of the work is about comparing elliptic curve cryptography with RSA. Which unfortunately is not that interesting for our benchmark.

A paper by Osman Ugus, Alban Hessler and Dirk Westhoff \cite{ugus2007performance} shows that additive homomorphic EC-\elgamal{} Encryption has its merits within sensor networks.
They implemented the encryption scheme on a small 8 bit CPU platform, the \emph{MicaZ mote}, and benchmarked 500 runs of the encryption scheme to get their results. They show that they can run their benchmark in just over a second which makes it, according to them, the fastest implementation on that platform at that time.

In a paper by Rosy Sunuwar and Suraj Ketan Samal\cite{sunuwar2015elgamal} they compare classical symmetric encryption schemes against elliptic curve \elgamal{}. They show that EC-\elgamal{} is relatively slow, but propose a fix by introducing $E^3C^2K$ algorithm. The algorithm in itself might not be interesting for this research paper. The results of their comparison with standard symmetric encryption schemes, for both encryption and decryption is. It shows the relative slowness of decryption compared to encryption of standard EC-\elgamal{}.

Finally the paper by Ye Zhu et al.\cite{zhu2004flow} not only describes the flow analysis attacks that effects all mix networks, but also benchmarks them to show that mitigating the found attacks can be done without losing too much performance. They use the total time of a mix for specific mix network as a metric. This is useful for them because they are only interested in the bigger picture of the network performance. For this research we want to zoom in on specific phases and/or parts if need be. Enabling us to inspect what is causing the slow down and investigate if that slow down is caused by something implementation specific or some fundamental problem of the cryptographic primitives being used.