[PATCH] rijndael: use more compact look-up tables and add table prefetching
Jussi Kivilinna
jussi.kivilinna at iki.fi
Mon Dec 15 16:47:52 CET 2014
On 2014-12-15 13:29, Werner Koch wrote:
> On Fri, 12 Dec 2014 23:52, jussi.kivilinna at iki.fi said:
>
>> AMD64 assembly is slower than before because of additional rotation
>> instructions. The generic C implementation is new better optimized and
>> actually faster than before.
>
> Can you explain why we want a slower implementation of AESNI? Make
> side-channel attacks harder?
>
AMD64 assembly implementation is different (rijndael-amd64.S) from
AES-NI implementation (rijndael-aesni.c). AES-NI has not been changed by
this patch and has same performance as before.
-Jussi
>
> Salam-Shalom,
>
> Werner
>
More information about the Gcrypt-devel
mailing list