TY - GEN
T1 - The intel AES instructions set and the SHA-3 candidates
AU - Benadjila, Ryad
AU - Billet, Olivier
AU - Gueron, Shay
AU - Robshaw, Matt J.B.
PY - 2009
Y1 - 2009
N2 - The search for SHA-3 is now well-underway and the 51 submissions accepted for the first round reflected a wide variety of design approaches. A significant number were built around Rijndael/AES-based operations and, in some cases, the AES round function itself. Many of the design teams pointed to the forthcoming Intel AES instructions set, to appear on Westmere chips during 2010, when making a variety of performance claims. In this paper we study, for the first time, the likely impact of the new AES instructions set on all the SHA-3 candidates that might benefit. As well as distinguishing between those algorithms that are AES-based and those that might be described as AES-inspired, we have developed optimised code for all the former. Since Westmere processors are not yet available, we have developed a novel software technique based on publicly available information that allows us to accurately emulate the performance of these algorithms on the currently available Nehalem processor. This gives us the most accurate insight to-date of the potential performance of SHA-3 candidates using the Intel AES instructions set.
AB - The search for SHA-3 is now well-underway and the 51 submissions accepted for the first round reflected a wide variety of design approaches. A significant number were built around Rijndael/AES-based operations and, in some cases, the AES round function itself. Many of the design teams pointed to the forthcoming Intel AES instructions set, to appear on Westmere chips during 2010, when making a variety of performance claims. In this paper we study, for the first time, the likely impact of the new AES instructions set on all the SHA-3 candidates that might benefit. As well as distinguishing between those algorithms that are AES-based and those that might be described as AES-inspired, we have developed optimised code for all the former. Since Westmere processors are not yet available, we have developed a novel software technique based on publicly available information that allows us to accurately emulate the performance of these algorithms on the currently available Nehalem processor. This gives us the most accurate insight to-date of the potential performance of SHA-3 candidates using the Intel AES instructions set.
UR - http://www.scopus.com/inward/record.url?scp=72449210410&partnerID=8YFLogxK
U2 - 10.1007/978-3-642-10366-7_10
DO - 10.1007/978-3-642-10366-7_10
M3 - Conference contribution
AN - SCOPUS:72449210410
SN - 3642103650
SN - 9783642103650
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 162
EP - 178
BT - Advances in Cryptology - ASIACRYPT 2009 - 15th International Conference on the Theory and Application of Cryptology and Information Security, Proceedings
T2 - 15th International Conference on the Theory and Application of Cryptology and Information Security, ASIACRYPT 2009
Y2 - 6 December 2009 through 10 December 2009
ER -