Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

polyval: Constant-time software implementation #7

Merged
merged 1 commit into from
Sep 3, 2019
Merged

polyval: Constant-time software implementation #7

merged 1 commit into from
Sep 3, 2019
+183 −172

Conversation

tarcieri
Copy link
Member

@tarcieri tarcieri commented Sep 1, 2019
edited
Loading

Adapts BearSSL's ghash_ctmul64.c into a constant-time software backend for POLYVAL.

References:

@tarcieri tarcieri force-pushed the polyval/constant-time-soft-backend branch 2 times, most recently from 3bdf094 to 4d5a431 Compare September 1, 2019 19:26
tarcieri added a commit that referenced this pull request Sep 3, 2019
@tarcieri
polyval: Refactor in prep for soft backend rewrite
43c6622 
This incrementally incorporates some of the refactoring changes from #7
in order to simplify the diff for that PR (and because those changes
seem generally good regardless).
@tarcieri tarcieri mentioned this pull request Sep 3, 2019
Merged
@tarcieri tarcieri force-pushed the polyval/constant-time-soft-backend branch 2 times, most recently from fe4e762 to a5b36f7 Compare September 3, 2019 16:12
@tarcieri tarcieri changed the title [WIP] polyval: Constant-time software implementation polyval: Constant-time software implementation Sep 3, 2019
@tarcieri tarcieri marked this pull request as ready for review September 3, 2019 16:13
@tarcieri tarcieri requested a review from newpavlov September 3, 2019 16:28
@tarcieri
Copy link
Member Author

tarcieri commented Sep 3, 2019

Getting some reasonable performance out of this for a software implementation:

test bench1_10    ... bench:          66 ns/iter (+/- 8) = 151 MB/s
test bench2_100   ... bench:         419 ns/iter (+/- 50) = 238 MB/s
test bench3_1000  ... bench:       3,756 ns/iter (+/- 295) = 266 MB/s
test bench3_10000 ... bench:      36,674 ns/iter (+/- 2,356) = 272 MB/s

@tarcieri tarcieri force-pushed the polyval/constant-time-soft-backend branch 3 times, most recently from 202ecd0 to dd31c68 Compare September 3, 2019 17:21
@tarcieri
Copy link
Member Author

tarcieri commented Sep 3, 2019

@newpavlov went ahead and pushed the cleanups you requested on #8. The resulting simplification seems to have improved the performance of that backend as well:

test bench1_10    ... bench:          15 ns/iter (+/- 2) = 666 MB/s
test bench2_100   ... bench:          74 ns/iter (+/- 19) = 1351 MB/s
test bench3_1000  ... bench:         608 ns/iter (+/- 58) = 1644 MB/s
test bench3_10000 ... bench:       5,946 ns/iter (+/- 331) = 1681 MB/s

@tarcieri tarcieri force-pushed the polyval/constant-time-soft-backend branch 5 times, most recently from fdd3ed5 to 4e41879 Compare September 3, 2019 17:35
@tarcieri
polyval: Constant-time software implementation
452a2ff 
Adapts BearSSL's `ghash_ctmul64.c` into a constant-time software backend
for POLYVAL.
@tarcieri tarcieri force-pushed the polyval/constant-time-soft-backend branch from 4e41879 to 452a2ff Compare September 3, 2019 17:39
@tarcieri tarcieri merged commit 59c2002 into master Sep 3, 2019
@tarcieri tarcieri deleted the polyval/constant-time-soft-backend branch September 3, 2019 17:52
@tarcieri tarcieri mentioned this pull request Sep 19, 2019
Merged
tarcieri added a commit that referenced this pull request Dec 5, 2019
@tarcieri
polyval: Constant-time 32-bit software implementation
80791b0 
Previously (in #7) BearSSL's `ghash_ctmul64.c` was adapted into a
portable software backend.

This commit additionally adapts BearSSL's `ghash_ctmul32.c` into a
portable constant-time field arithmetic backend for POLYVAL designed for
32-bit architectures.
@tarcieri tarcieri mentioned this pull request Dec 5, 2019
Merged
tarcieri added a commit that referenced this pull request Dec 5, 2019
@tarcieri
polyval: Constant-time 32-bit software implementation
5ae3a04 
Previously (in #7) BearSSL's `ghash_ctmul64.c` was adapted into a
portable software backend.

This commit additionally adapts BearSSL's `ghash_ctmul32.c` into a
portable constant-time field arithmetic backend for POLYVAL designed for
32-bit architectures.
tarcieri added a commit that referenced this pull request Dec 5, 2019
@tarcieri
polyval: Constant-time 32-bit software implementation
77846a9 
Previously (in #7) BearSSL's `ghash_ctmul64.c` was adapted into a
portable software backend.

This commit additionally adapts BearSSL's `ghash_ctmul32.c` into a
portable constant-time field arithmetic backend for POLYVAL designed for
32-bit architectures.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@newpavlov newpavlov

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@tarcieri @newpavlov