Faster Binary-Field Multiplication and Faster Binary-Field MACs

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 8781, Issue , 2014, Pages 92-111

  Bernstein, Daniel J ^a   Chou, Tung ^b  

^a 1120 Science and Engineering Offices   (United States)

^b EINDHOVEN UNIVERSITY OF TECHNOLOGY   (Netherlands)

Author keywords

FFTs; Message; Performance; Polynomial multiplication; Universal hashing

Indexed keywords

HASH FUNCTIONS; INFORMATION THEORY;

FFTS; MESSAGE; PERFORMANCE; POLYNOMIAL MULTIPLICATION; UNIVERSAL HASHING;

HARDWARE;

EID: 84918514592     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-319-13051-4_6     Document Type: Conference Paper

References (50)

1. — (no editor): Information Theory Workshop, 2006. ITW ’06 Chengdu. IEEE (2006). See [45]
2. — (no editor): Design, Automation & Test in Europe Conference & Exhibition, 2007. DATE ’07. IEEE (2007). See [41]
3. —(no editor): Proceedings of the 6th WSEASWorld Congress: Applied Computing Conference (ACC 2013). WSEAS (2013). See [21]
4. Bernstein, D.J.: Fast multiplication (2000). http://cr.yp.to/talks.html#2000.08. 14. Citations in this document: §1.3
5. Bernstein, D.J.: The Poly1305-AES message-authentication code. In: FSE 2005 [25], pp. 32-49 (2005). http://cr.yp.to/papers.html#poly1305. Citations in this document: §1.1
6. Bernstein, D.J.: Polynomial evaluation and message authentication (2007). http:/?cr.yp.to/papers.html#pema. Citations in this document: §4.2, §4.2
7. Bernstein, D.J.: Fast multiplication and its applications. In: [17], pp. 325-384 (2008). http://cr.yp.to/papers.html#multapps. Citations in this document: §4.2
8. Bernstein, D.J.: Batch binary Edwards. In: Crypto 2009 [27], pp. 317-336 (2009). http://cr.yp.to/papers.html#bbe. Citations in this document: §1.3
9. Bernstein, D.J.: Minimum number of bit operations for multiplication (2009). http://binary.cr.yp.to/m.html. Citations in this document: §1.3, §1.3, §2.2, §1, §1
10. Bernstein, D.J.: Optimizing linear maps modulo 2. In: Workshop Record of SPEED-CC: Software Performance Enhancement for Encryption and Decryption and Cryptographic Compilers, pp. 3-18 (2009). http://cr.yp.to/papers.html# linearmod2. Citations in this document: §2.3
11. Bernstein, D.J., Chou, T., Schwabe, P.: McBits: fast constant-time code-based cryptography. In: CHES 2013 [12], pp. 250-272 (2013). Citations in this document: §1.3, §1.3, §3
12. Bertoni, G., Coron, J.-S. (eds.): CHES’13. LNCS, vol. 8086. Springer, Heidelberg (2013). ISBN 978-3-642-40348-4. See [11]
13. Biham, E. (ed.): FSE 1997. LNCS, vol. 1267. Springer, Heidelberg (1997). ISBN 3-540-63247-6. See [29]
14. Biham, E., Youssef, A.M. (eds.): SAC 2006. LNCS, vol. 4356. Springer, Heidelberg (2007). ISBN 978-3-540-74461-0. See [36]
15. Black, J., Halevi, S., Krawczyk, H., Krovetz, T., Rogaway, P.: UMAC: fast and secure message authentication. In: Crypto 1999 [49], pp. 216-233 (1999). http:/?www.cs.ucdavis.edu/∼rogaway/umac/. Citations in this document: §1.1, §4.2
16. Boesgaard, M., Scavenius, O., Pedersen, T., Christensen, T., Zenner, E.: Badger— a fast and provably secure MAC. In: [32], pp. 176-191 (2005). Citations in this document: §4.2
17. Buhler, J.P., Stevenhagen, P. (eds.): Surveys in Algorithmic Number Theory.Mathematical Sciences Research Institute Publications, vol. 44. Cambridge University Press, New York (2008). See [7]
18. Chang, N.S., Kim, C.H., Park, Y.-H., Lim, J.: A non-redundant and efficient architecture for Karatsuba-Ofman algorithm. In: [50], pp. 288-299 (2005). Citations in this document: §1.3
19. Circuit Minimization Team.: Multiplication circuit for GF(256) with irreducible polynomial X8 + X4 + X3 + X + 1 (2010). http://cs-www.cs.yale.edu/homes?peralta/CircuitStuff/slp84310.txt. Citations in this document: §2.2
20. Clavier, C., Gaj, K. (eds.): CHES 2009. LNCS, vol. 5747. Springer, Heidelberg (2009). ISBN 978-3-642-04137-2. See [35]
21. D’Angella, D., Schiavo, C.V., Visconti, A.: Tight upper bounds for polynomial multiplication. In: [3] (2013). http://www.wseas.us/e-library/conferences/2013?Nanjing/ACCIS/ACCIS-03.pdf. Citations in this document: §1.3, §1, §1
22. Andrew, M. “Floodyberry”. Optimized implementations of Poly1305, a fast message-authentication-code (2014). https://github.com/floodyberry/poly1305-opt. Citations in this document: §1.1
23. Fog, A.: Instruction tables (2014). http://www.agner.org/optimize/instructiontables.pdf. Citations in this document: §1.4
24. Gao, S., Mateer, T.: Additive fast Fourier transforms over finite fields. IEEE Trans. Inf. Theory 56, 6265-6272 (2010). http://www.math.clemson.edu/∼sgao?pub.html. Citations in this document: §3
25. Gilbert, H., Handschuh, H. (eds.): FSE 2005. LNCS, vol. . Springer, Heidelberg (2005). ISBN 3-540-26541-4. See [5]
26. Gueron, S.: AES-GCM software performance on the current high end CPUs as a performance baseline for CAESAR (2013). http://2013.diac.cr.yp.to/slides?gueron.pdf. Citations in this document: §1.4
27. Halevi, S. (ed.): CRYPTO 2009. LNCS, vol. 5677. Springer, Heidelberg (2009). See [8]
28. Halevi, S.: Invertible universal hashing and the TET encryption mode. In: Crypto 2007 [39], pp. 412-429 (2007). http://eprint.iacr.org/2007/014. Citations in this document: §4.1
29. Halevi, S., Krawczyk, H.: MMH: software message authentication in the Gbit/second rates. In: FSE 1997 [13], pp. 172-189 (1997). http://www.research.ibm.com/people/s/shaih/pubs/mmh.html. Citations in this document: §4.2, §4.2
30. Handschuh, H., Preneel, B.: Key-recovery attacks on universal hash function based MAC algorithms. In: [46], pp. 144-161 (2008). Citations in this document: §4.1
31. Imaña, J.L., Hermida, R., Tirado, F.: Low-complexity bit-parallel multipliers based on a class of irreducible pentanomials. IEEE Trans. Very Large Scale Integr. (VLSI) Syst. 14, 1388-1393 (2006). Citations in this document: §2.2
32. Ioannidis, J., Keromytis, A.D., Yung, M. (eds.): ACNS 2005. LNCS, vol. 3531. Springer, Heidelberg (2005). ISBN 3-540-26223-7. See [16]
33. Iwata, T., Ohashi, K., Minematsu, K.: Breaking and repairing GCM security proofs. In: Crypto 2012 [44], pp. 31-49 (2012). http://eprint.iacr.org/2012/438. Citations in this document: §4
34. Joux, A. (ed.): FSE 2011. LNCS, vol. 6733. Springer, Heidelberg (2011). ISBN 978-3-642-21701-2. See [37]
35. Käsper, E., Schwabe, P.: Faster and timing-attack resistant AES-GCM. In: CHES 2009 [20], pp. 1-17 (2009). http://eprint.iacr.org/2009/129. Citations in this document: §1, §1.1, §1.4
36. Krovetz, T.: Message authentication on 64-bit architectures. In: SAC 2006 [14], pp. 327-341 (2007). Citations in this document: §1.1, §4.2
37. Krovetz, T., Rogaway, P.: The software performance of authenticated-encryption modes. In: FSE 2011 [34], pp. 306-327 (2011). http://www.cs.ucdavis.edu??∼rogaway/papers/ae.pdf. Citations in this document: §1.4
38. Landecker, W., Shrimpton, T., Terashima, R.S.: Tweakable blockciphers with beyond birthday-bound security. In: Crypto 2012 [44], pp. 14-30 (2012). Citations in this document: §4.1
39. Menezes, A. (ed.): CRYPTO 2007. LNCS, vol. 4622. Springer, Heidelberg (2007). ISBN 978-3-540-74142-8. See [28]
40. Paar, C.: Optimized arithmetic for Reed-Solomon encoders (1997). http://www.emsec.rub.de/media/crypto/veroeffentlichungen/2011/01/19/cnst.ps. Citations in this document: §2.3
41. Peter, S., Langendörfer, P.: An efficient polynomial multiplier in GF(2m) and its application to ECC designs. In: DATE 2007 [2] (2007). http://ieeexplore.ieee.org/xpl/freeabsall.jsp?isnumber=4211749&arnumber=4211979&count=305& index=229. Citations in this document: §1.3
42. Rodríguez-Henríquez, F., Koc, C¸ .K.: On fully parallel Karatsuba multipliers for GF(2m). In: [43], pp. 405-410 (2003). Citations in this document: §1.3
43. Sahni, S. (ed.): Proceedings of the International Conference on Computer Science and Technology. Acta Press, Crete (2003). See [42]
44. Safavi-Naini, R., Canetti, R. (eds.): CRYPTO 2012. LNCS, vol. 7417. Springer, Heidelberg (2012). ISBN 978-3-642-32008-8. See [33,38]
45. von zur Gathen, J., Shokrollahi, J.: Fast arithmetic for polynomials over F2 in hardware. In: ITW 2006 [1], pp. 107-111 (2006). Citations in this document: §1.3
46. Wagner, D. (ed.): CRYPTO 2008. LNCS, vol. 5157. Springer, Heidelberg (2008). ISBN 978-3-540-85173-8. See [30]
47. Wegman, M.N., Carter, J.L.: New hash functions and their use in authentication and set equality. J. Comput. Syst. Sci. 22, 265-279 (1981). ISSN 0022-0000, MR 82i:68017. Citations in this document: §4
48. Weimerskirch, A., Paar, C.: Generalizations of the Karatsuba algorithm for efficient implementations (2006). http://eprint.iacr.org/2006/224. Citations in this document: §1.3
49. Wiener, M. (ed.): CRYPTO 1999. LNCS, vol. 1666. Springer, Heidelberg (1999). ISBN 3-5540-66347-9, MR 2000h:94003. See [15]
50. Zhou, J., López, J., Deng, R.H., Bao, F. (eds.): ISC 2005. LNCS, vol. 3650. Springer, Heidelberg (2005). ISBN 3-540-29001-X. See [18]