The carry-less multiplication instruction, PCLMULQDQ, is a relatively recent addition to the x86-64 instructions set. It multiplies two binary polynomials of degree , using arithmetic, and produces a polynomial of degree , stored in a -bit register. PCLMULQDQ is intended to speed up computations in , which are used for AES-GCM authenticated encryption. We show here how PCLMULQDQ can be used for efficient software implementation of a -bit hash function that has a low collision probability. While a -bit hash is normally not a meaningful security primitive, the discussed hashing algorithm can be leveraged for other usages that enjoy fast hashing, e.g., querying/maintaining databases. On the latest Intel architecture (Codename Broadwell), our hash function can process messages at the rate of cycles per byte.
|Journal||Transactions on Networks and Communications|
|State||Published - 2015|