Faster and Timing-Attack Resistant AES-GCM

14 years 5 months ago

Download eprint.iacr.org

We present a bitsliced implementation of AES encryption in counter mode for 64-bit Intel processors. Running at 7.59 cycles/byte on a Core 2, it is up to 25% faster than previous implementations, while simultaneously offering protection against timing attacks. In particular, it is the only cache-timing-attack resistant implementation offering competitive speeds for stream as well as for packet encryption: for 576-byte packets, we improve performance over previous bitsliced implementations by more than a factor of 2. We also report more than 30% improved speeds for lookup-table based Galois/Counter mode authentication, achieving 10.68 cycles/byte for authenticated encryption. Furthermore, we present the first constant-time implementation

Emilia Käsper, Peter Schwabe

Real-time Traffic

64-bit Intel Processors | Authenticated Encryption | Cache-timing-attack Resistant Implementation | CHES 2009 | Cryptography |

claim paper

Post Info
More Details (n/a)

Added	25 Nov 2009
Updated	25 Nov 2009
Type	Conference
Year	2009
Where	CHES
Authors	Emilia Käsper, Peter Schwabe

Comments (0)

Sciweavers

Faster and Timing-Attack Resistant AES-GCM

64-bit Intel Processors | Authenticated Encryption | Cache-timing-attack Resistant Implementation | CHES 2009 | Cryptography |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers