[144661] in cryptography@c2.net mail archive
Re: Fast MAC algorithms?
daemon@ATHENA.MIT.EDU (Zooko Wilcox-O'Hearn)
Sun Aug 2 12:58:04 2009
In-Reply-To: <20090722001502.GA1020@Sun.COM>
Cc: cryptography@metzdowd.com
From: Zooko Wilcox-O'Hearn <zooko@zooko.com>
Date: Sat, 1 Aug 2009 14:55:17 -0600
To: Nicolas Williams <Nicolas.Williams@sun.com>
I recommend Poly1305 by DJB or VMAC by Ted Krovetz and Wei Dai. Both =20=
are much faster than HMAC and have security proven in terms of an =20
underlying block cipher.
VMAC is implemented in the nice Crypto++ library by Wei Dai, Poly1305 =20=
is implemented by DJB and is also in the new nacl library by DJB.
http://cryptopp.com/benchmarks-amd64.html
Says that VMAC(AES)-64 takes 0.6 cycles per byte (although watch out =20
for that 3971 cycles to set up key and IV), compared to HMAC-SHA1 =20
taking 11.2 cycles per byte (after 1218 cycles to set up key and IV).
If you do any measurement comparing Poly1305 to VMAC, please report =20
your measurement, at least to me privately if not to the list. I can =20=
use that sort of feedback to contribute improvements to the Crypto++ =20
library. Thanks!
Regards,
Zooko Wilcox-O'Hearn
---
Tahoe, the Least-Authority Filesystem -- http://allmydata.org
store your data: $10/month -- http://allmydata.com/?tracking=3Dzsig
I am available for work -- http://zooko.com/r=E9sum=E9.html
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
