Re: [PATCH v3 0/3] crypto: time invariant AES for CCM (and CMAC/XCBC)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 11 February 2017 at 10:53, Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> wrote:
> On Fri, Feb 03, 2017 at 02:49:34PM +0000, Ard Biesheuvel wrote:
>> This series is primarily directed at improving the performance and security
>> of CCM on the Rasperry Pi 3. This involves splitting the MAC handling of
>> CCM into a separate driver so that we can efficiently replace it by something
>> else using the ordinary algo resolution machinery.
>>
>> Patch #1 adds some testcases for cbcmac(aes), which will be introduced later.
>>
>> Patch #2 replaces the open coded CBC MAC hashing routines in the CCM driver
>> with calls to a cbcmac() hash, and implements a template for producing such
>> cbcmac transforms. This eliminates all the fuzzy scatterwalk code as well.
>>
>> Patch #3 implements cbcmac(aes) using NEON on arm64, and CMAC/XCBC at the
>> same time, since it is trivially implemented reusing the same core transform
>
> All applied.  Please send any fixups on top of these patches.

Thanks Herbert. I do have a fixup for #2, which currently does not
correctly take the alignmask of the MAC's subordinate cipher into
account. I will send a fix for that shortly.



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux