Re: Successful remote AES key extraction

From: D. J. Bernstein (djb_at_cr.yp.to)
Date: 04/17/05 

Date: Sun, 17 Apr 2005 08:41:57 +0000 (UTC)

BRG wrote:
> I am simply pointing out that in comparing the speed of your assembler
> code with the speed of other people's C code you are not comparing like
> with like.

Speed is speed. I'm simply reporting all the timings I found; I'm not
excluding any particular programming language. When I say that your AES
code reportedly takes 482 Pentium-III cycles (202 for expansion, 280 for
encryption), I'm making no comments about how that speed was achieved.

If someone wants to explain bad performance or timing leaks by saying
``I decided to use C and couldn't do better in C,'' that's useful data
for implementors choosing programming tools. But saying ``I decided to
use C and it's unfair to be compared to asm'' is silly.

Anyway, all I was saying was that the published aes_ppro code takes 23
Pentium III cycles per round with compressed tables, and nobody claims
that uncompressed tables can do better than 20 cycles, so obviously
there's not a serious slowdown from compressed tables. In fact, I see
no reason to disbelieve Agner Fog's statement that there's zero penalty
for arbitrary alignment within lines on the PPro/PII/PIII.

---D. J. Bernstein, Associate Professor, Department of Mathematics,
Statistics, and Computer Science, University of Illinois at Chicago

Relevant Pages

  • Re: God forbid anyone should like anything!
    ... But comparing two people's skills is ... It's no more like saying that (less valuable as ... What Tom is doing is common in today's world. ... Convincing one's self that their ...
    (rec.music.makers.guitar.jazz)
  • Re: Heathers broadcast outburst
    ... How many times by now have you brought up bin Laden or other terrorists ... when trying to justify your hatred of Yoko, implicitly comparing her to ... I'm not saying that at all, Sean. ...
    (rec.music.beatles)
  • Re: US Veteran charged with Baby Rape
    ... and you got to stoop to comparing it to scum in other countries, ... ronie you are comparing the behaviour of your nations finest with the lowest in the world and saying they are the same .... ... thats unamerican comparing your best to the worst overseas and saying they are on par with each other ...
    (misc.survivalism)
  • RE: 4GL compares NULL differently
    ... not a value but a state (more or less saying 'I am not yet defined'). ... result especialy when comparing to TRUE or FALSE wich or equally NOT the ... numbers 1 and zero. ... `Externe E-Mail wordt door partijen niet gebruikt voor het aangaan van ...
    (comp.databases.informix)
  • Re: The Times
    ... latter may now permit cyclists. ... Try comparing with a little further back. ... Remember, of course, that cars are unwelcome, and actively discouraged from using most of central London. ... Also don't forget that in the Netherlands cars and cycles are segregated at every opportunity, with cycles being banned from many motor roads, and cars are banned from cycle tracks. ...
    (uk.rec.cycling)