#6 Add a constant time GHASH, and implement GCM.

Closed
opened 2 years ago by yawning · 0 comments

The BearSSL ctmul64 implementation looks like a sensible choice, it's not even that much slower when ran on i386 from their benchmarks.

I'd need to look over the code in more depth but it's short, and the techniques the author is using seem sensible at a first glance.

The BearSSL `ctmul64` implementation looks like a sensible choice, it's not even that much slower when ran on i386 from their benchmarks. I'd need to look over the code in more depth but it's short, and the techniques the author is using seem sensible at a first glance.
Sign in to join this conversation.
No Milestone
No assignee
1 Participants
Loading...
Cancel
Save
There is no content yet.