Re: Poly1305 vs. UMAC vs. new MAC1071

D. J. Bernstein wrote:
<snip coolness>

I've started writing software for MAC1071, a new message-authentication
code that performs the above evaluation mod 2^107 - 1. I expect to end
up with cycle counts around half of the Poly1305-AES cycle counts on a
wide variety of CPUs, at the same comfortable >100-bit security level.

Coolness. So long as a the advantage for reasonable sized messages is
still less than 2^-40 or so for online attacks the MAC is still useful.

If you could accidentally provide some public domain portable code (asm
tweaks allowable provided they're not required) I may slip it in the
LTC frame work to benchmark it against the existing MACs I have (cmac,
pmac, xcbc, f9, hmac).

Tom

.

Relevant Pages

  • Re: Intel core 2 quad - faster XMM?
    ... We built a board with 4 256-bit registers ... Problem with a 1 cycle multiply is it makes things like ADD slower. ... more than a simply mul, so there's no reason not to do it. ... UMLAL does a 32x32 MAC. ...
    (sci.crypt)
  • cycle through windows ?
    ... I'm new to the mac, I am wondering if there is a key to cycle through ... the source windows in xcode. ...
    (comp.sys.mac.programmer.tools)