High Performance GHASH Function for Long Messages
This work presents a new method to compute the GHASH function involved in the Galois/Counter Mode of operation for block ci phers. If X = X1 ... Xn is a bit string made of n blocks of 128 bits each, then the GHASH function effectively computes X1Hn +X2Hn-1 + ... XnH, where H is an element of the binary field F2128. This operation is usually computed by using n successive multiplyadd operations over F2128. In this work, we propose a method to replace all but a fixed num ber of those multiplications by additions on the field. This is achieved by using the characteristic polynomial of H. We present both how to use this polynomial to speed up the GHASH function and how to efficiently compute it for each session that uses a new H.
Galois/Counter mode GHASH function characteristic polynomial
Nicolas Méloni Christophe Négre M. Anwar Hasan
Department of Electrical and Computer Engineering University of Waterloo, Canada Team DALI/ELIAUS University of Perpignan, France
国际会议
8th International Conference,ACNS 2010(第八届国际应用密码与网络安全大会)
北京
英文
154-167
2010-06-22(万方平台首次上网日期,不代表论文的发表时间)