On efficiency, mpz_powm() of a correctly compiled GMP is next to the state of the art to compute $g^x\,h^r\bmod p$ for given values of $(p,g,h,x,r)$ of cryptographic interest. One of few possible optimizations for that same computation is using Shamir's trick aka Simultaneous Exponentiation, which AFAIK is not prepackaged in GMP. That combines the modular squarings involved in computing $g^x$ and $h^r$. Beware that mpz_powm() and the primitives it uses internally are not intended to resist side-channel attacks, which apply in some cryptographic contexts.
For further speedup, one needs to use a different cyclic group.
If that's not already done, a large speedup is possible at equal (conjectured) cryptographic strength using a Schnorr group. That selects primes $p$ of the form $p=q\,r+1$ to make $g$ and $h$ of order a prime $q$ just as big as necessary for security, e.g. 256-bit $q$, while keeping $p$ large, e.g. 2560±512 bit $p$. Compared to $p$ a safe prime, a speedup of a factor like $\log p/\log q\approx10$ is possible.
Instead of a multiplicative group modulo $p$ as above, we can use an Elliptic Curve Group over a finite field. At equal (conjectured) cryptographic strength that can involve much smaller values (256 bit vs 2560±512 bits), and thus despite added complexity a further large speedup is possible. One popular option is Curve25519. There are plenty of libraries around for that, including many that are carefully optimized for speed, and resist timing attack.
