[cryptography] "stream MAC" - does anything like it exist?

Zooko O'Whielacronx zooko at zooko.com
Tue Sep 14 14:18:38 EDT 2010


following-up to my own post:

On Tue, Sep 14, 2010 at 8:54 AM, Zooko O'Whielacronx <zooko at zooko.com> wrote:
>
> Also, even if you did have a setting where the CPU cost of HMAC-SHA1
> was a significant part of your performance (at e.g. 12 cycles per byte
> [1]), then you could always switch to Poly1305 or VMAC (at e.g. 2
> cycles per byte), or to an authenticated encryption mode (effectively
> zero cycles per byte?).

Hm, actually [1] shows AES-GCM (an authenticated encryption mode)
running at 16 cycles per byte, compared to AES-CTR's 13 cycles per
byte, so we can estimate the CPU cost of switching from
unauthenticated encryption to authenticated encryption at about 3
cycles per byte, similar to using VMAC.

Regards,

Zooko

> [1] http://cryptopp.com/benchmarks.html



More information about the cryptography mailing list