Abstract
The search for SHA-3 is now well-underway and the 51 submissions accepted for the first round reflected a wide variety of design approaches. A significant number were built around Rijndael/AES-based operations and, in some cases, the AES round function itself. Many of the design teams pointed to the forthcoming Intel AES instructions set, to appear on Westmere chips during 2010, when making a variety of performance claims. In this paper we study, for the first time, the likely impact of the new AES instructions set on all the SHA-3 candidates that might benefit. As well as distinguishing between those algorithms that are AES-based and those that might be described as AES-inspired, we have developed optimised code for all the former. Since Westmere processors are not yet available, we have developed a novel software technique based on publicly available information that allows us to accurately emulate the performance of these algorithms on the currently available Nehalem processor. This gives us the most accurate insight to-date of the potential performance of SHA-3 candidates using the Intel AES instructions set.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Atalay, A., Kara, O., Karakoc, F., Manap, C.: Shamata Hash Function Algorithm Specifications, [26]
Benadjila, R., Billet, O., Gilbert, H., Macario-Rat, G., Peyrin, T., Robshaw, M., Seurin, Y.: SHA-3 Proposal: ECHO. Available from [26]
Bernstein, D.: Cache-timing attacks on AES, preprint (2005), http://cr.yp.to/papers.html#cachetiming
Biham, E., Dunkelman, O.: The SHAvite-3 Hash Function. Available from [26]
Bjørstad, T.: A Short Note on AES-inspired Hashes. Posting to NIST SHA-3 mailing list, 25 May (2009)
Chang, D., Hong, S., Kang, C., Kang, J., Kim, J., Lee, C., Lee, J., Lee, J., Lee, S., Lee, Y., Lim, J., Sung, J.: Arirang. Available from [26]
Coppersmith, D., Pilpel, S., Meyer, C.H., Matyas, S.M., Hyden, M.M., Oseas, J., Brachtl, B., Schilling, M.: Data authentication using modification detection codes based on a public one way encryption function. U.S. Patent No. 4,908,861, March 13 (1990)
Daemen, J., Rijmen, V.: The Design of Rijndael. Springer, Heidelberg ISBN 3-540-42580-2
ECRYPT. eBASH: ECRYPT Benchmarking of All Submitted Hashes, http://bench.cr.yp.to/ebash.html
ECRYPT. The SHA-3 Zoo, http://ehash.iaik.tugraz.at/wiki/The_SHA-3_Zoo
Fleischmann, E., Forler, C., Gorski, M.: The Twister Hash Function Family. Available from [26]
Gauravaram, P., Knudsen, L., Matusiewicz, K., Mendel, F., Rechberger, C., Schläffer, M., Thomsen, S.: Grøstl—a SHA-3 Candidate. Available from [26]
Gueron, S.: Intel’s Advanced Encryption Standard (AES) Instructions Set. Intel Corporation White Paper (March 2009), http://software.intel.com
Gueron, S.: Intel’s New AES Instructions for Enhanced Performance and Security. In: Dunkelman, O. (ed.) FSE 2009. LNCS, vol. 5665, pp. 51–66. Springer, Heidelberg (2009)
Halevi, S., Hall, W., Jutla, C.: The Hash Function Fugue. Available from [26]
Hirose, S., Kuwakado, H., Yoshida, H.: SHA-3 Proposal: Lesamnta. Available from [26]
Hirose, S., Kuwakado, H., Yoshida, H.: The Hash Function Famly Lesamnta, http://www.sdl.hitachi.co.jp/crypto/lesamnta
Indesteege, S.: The LANE Hash Function. Available from [26]
Intel Corporation. Intel 64 and IA-32 Architectures Optimization Reference Manual, Table 2-6 of, http://www.intel.com/Assets/PDF/manual/248966.pdf
Intel Corporation. Intel Software Development Emulator (SDE), http://software.intel.com/en-us/avx/
Intel Corporation. Intel IACA tool: A Static Code Analyser, http://software.intel.com/en-us/avx/
Khovratovich, D., Biryukov, A., Nikolić, I.: The Hash Function Cheetah. Available from [26]
Kounavis, M., Gueron, S.: Vortex: A New Family of One Way Hash Functions based on Rijndael Rounds and Carry-less Multiplication. Available from [26]
National Institute of Standards and Technology. FIPS 197: Advanced Encryption Standard, http://csrc.nist.gov/publications/fips/
National Institute of Standards and Technology. The SHA-3 Hash Function Competition. Available from [26]
National Institute of Standards and Technology. First Round Candidates of the SHA-3 Hash Function Competition, http://csrc.nist.gov/groups/ST/hash/sha-3/Round1/submissions_md1.html
Nikolić, I., Biryukov, A., Khovratovich, D.: Hash Family LUX. Available from [26]
OpenSSL 1.0.0, http://www.openssl.org/source/
Optimised implementations of SHA-3 submissions using AES-NI, http://crypto.rd.francetelecom.com/sha3/AES/
Osvik, D., Shamir, A., Tromer, E.: Cache Attacks and Countermeasures: The Case of AES. In: Pointcheval, D. (ed.) CT-RSA 2006. LNCS, vol. 3860, pp. 1–20. Springer, Heidelberg (2006)
Varıcı, K., Özen, O., Kocair, Ç.: Sarmal: SHA-3 Proposal. Available from [26]
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Benadjila, R., Billet, O., Gueron, S., Robshaw, M.J.B. (2009). The Intel AES Instructions Set and the SHA-3 Candidates. In: Matsui, M. (eds) Advances in Cryptology – ASIACRYPT 2009. ASIACRYPT 2009. Lecture Notes in Computer Science, vol 5912. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-10366-7_10
Download citation
DOI: https://doi.org/10.1007/978-3-642-10366-7_10
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-10365-0
Online ISBN: 978-3-642-10366-7
eBook Packages: Computer ScienceComputer Science (R0)