#6 Add a constant time GHASH, and implement GCM.

Closed
opened 1 year ago by yawning · 0 comments

The BearSSL ctmul64 implementation looks like a sensible choice, it's not even that much slower when ran on i386 from their benchmarks.

I'd need to look over the code in more depth but it's short, and the techniques the author is using seem sensible at a first glance.

The BearSSL `ctmul64` implementation looks like a sensible choice, it's not even that much slower when ran on i386 from their benchmarks. I'd need to look over the code in more depth but it's short, and the techniques the author is using seem sensible at a first glance.
Yawning Angel referenced this issue from a commit 1 year ago
Sign in to join this conversation.
No Milestone
No assignee
1 Participants
Loading...
Cancel
Save
There is no content yet.