On Thu, 2019-03-14 at 00:25 +0300, Yuriy M. Kaminskiy wrote: > On 12.03.2019 15:02, Yuriy M. Kaminskiy wrote: > > Then I will probably take a look at poly1305 > > ... and it looks problematic; porting poly1305/armv6 is possible, but there > won't > be much improvement over generic C code: > > $ poly1305-opt/bin/poly1305-util bench > 8192 byte(s): > neon, 15114.40 ns per call, 1.8 ns/byte > armv6, 31944.33 ns per call, 3.9 ns/byte > generic/32, 39088.50 ns per call, 4.8 ns/byte > > neon (and other simd implementations) is much faster, but requires larger > state; current nettle's > struct poly1305_ctx is 56 bytes, optimized versions requires up to 192 bytes. > > And it is embedded in struct chacha_poly1305_ctx and poly1305_aes_ctx, which > looks like > part of public (and used) low-level ABI. > > (nettle-meta.h interface would be safe wrt struct size changes, but so far > everything I've looked > at - including gnutls - was not using it :-()
FWIW, I wouldn't feel blocked by an ABI break in Nettle. Simo. -- Simo Sorce Sr. Principal Software Engineer Red Hat, Inc _______________________________________________ nettle-bugs mailing list [email protected] http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
