On 02/06/2011 10:23 PM, Niels Möller wrote:
Nikos Mavrogiannopoulos nmav@gnutls.org writes:
On 02/06/2011 12:08 AM, Niels Möller wrote:
It remains to see how much table space and/or assembly hacking is needed to get reasonable performance.
There is a special instruction for that on new intel and AMD CPUs... http://software.intel.com/en-us/articles/intel-carry-less-multiplication-ins... http://en.wikipedia.org/wiki/CLMUL_instruction_set
Interesting. I haven't played with any such special instructions (even if it ought to make a bit of difference also for aes).
Anyway, I've been hacking a bit on the C-implementation over the day, and the galois hashing (gmac) is now 18 times(!) faster. Summary of changes:
[...]
Introduced 4-bit tables:
Algorithm mode Mbyte/s cycles/byte cycles/block gmac auth 27.14 45.68 730.82
That's pretty impressive!