1 Apr
2021
1 Apr
'21
1:33 p.m.
On Thu, Apr 1, 2021 at 7:57 AM Niels Möller nisse@lysator.liu.se wrote:
For GCM, are there instructions that combine AES-CTR and GCM HASH? Or are those done separately? It would be nice to have GCM HASH being fast by itself, for performance with other ciphers than aes.
MSA_X4 has a GHASH implementation using KIMD-GHASH built-in function which optimizes the performance of GHASH authentication for aes and non-aes ciphers. MSA_X6 implements KMA-GCM-AES-128, KMA-GCM-AES-192, and KMA-GCM-AES-256 functions that maximize the performance of AES-GCM.