Hi, In addition to AES-NI, Intel will provide PCLMULQDQ-NI (carry-less multiplication) in future CPU to accelerate GCM mode. The document can be found here: http://software.intel.com/en-us/articles/carry-less-multiplication-and-its-usage-for-computing-the-gcm-mode/ It follows the same design as that of AES-NI, that is, XMM registers are used. To accelerate GCM with it, I make the following design: 1. Implement ghash as an ahash algorithm, Use ghash in gcm implementation. 2. Provide a new implementation of ghash with PCLMULQDQ-NI. What do you think about that? Best Regards, Huang Ying
Attachment:
signature.asc
Description: This is a digitally signed message part