[Ach] The sad story of lonely AES-CTR

Aaron Zauner azet at azet.org
Wed Dec 18 14:20:22 CET 2013


See: https://crypto.stanford.edu/RealWorldCrypto/slides/gueron.pdf (current - Intel + haifa university)

cycle/byte performance of AES-CTR seems to be significantly better, as I suspected. Hashing isn’t that instensive either, would be faster even if the HMAC hoggs 5-8cylces/byte, which is not the case. So AES-CTR is a very good option (also for non-Intel processors).

• The ultimate goal: achieve AES-GCM at the performance of CTR+ ε 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1091 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.cert.at/pipermail/ach/attachments/20131218/a4d7a5ae/attachment.sig>

More information about the Ach mailing list