On 02/06/2011 10:23 PM, Niels Möller wrote:
Interesting. I haven't played with any such special instructions (even if it ought to make a bit of difference also for aes). Anyway, I've been hacking a bit on the C-implementation over the day, and the galois hashing (gmac) is now 18 times(!) faster. Summary of changes:
I've also done a comparison benchmark of AES-GCM (the 4-bit table one) versus HMAC-SHAx+AES-CBC... AES-GCM in software is disappointing...
Checking AES-128-GCM (16kb payload)... Encrypted 97.67 Mb in 5.00 secs: 19.53 Mb/sec
Checking AES-128-CBC with SHA256 (16kb payload)... Encrypted and hashed 246.14 Mb in 5.00 secs: 49.23 Mb/sec
Checking AES-128-CBC with SHA1 (16kb payload)... Encrypted and hashed 354.16 Mb in 5.00 secs: 70.83 Mb/sec
regards, Nikos