On Thu, Dec 12, 2019 at 4:30 PM Martin Willi <martin@xxxxxxxxxxxxxx> wrote: > > The principle advantage of this patchset is the 64x64 code > > If there are platforms / code paths where this code matters, all fine. It does matter. > > But the 64-bit version adds a lot of complexity because of the > different state representation and the conversion between these states. > I just don't think the gain (?) justifies that added complexity. No, there's no conversion between the state representation, or any complexity like that added. I think if anything, the way this patch works, we wind up with something easier to audit and look at. You can examine poly1305-donna32.c and poly1305-donna64.c side-by-side and compare line-by-line, as clean and isolate implementations. And this is very well-known code too.
