Re: [TLS] Salsa20 and Poly1305 in TLS

Adam Langley <agl@google.com> Tue, 06 August 2013 22:01 UTC

Return-Path: <agl@google.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4EE1E21F9EB3 for <tls@ietfa.amsl.com>; Tue, 6 Aug 2013 15:01:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.724
X-Spam-Level:
X-Spam-Status: No, score=-1.724 tagged_above=-999 required=5 tests=[AWL=0.254, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hHqbbDDQH1oY for <tls@ietfa.amsl.com>; Tue, 6 Aug 2013 15:01:21 -0700 (PDT)
Received: from mail-oa0-x22d.google.com (mail-oa0-x22d.google.com [IPv6:2607:f8b0:4003:c02::22d]) by ietfa.amsl.com (Postfix) with ESMTP id E59E821F9CD1 for <tls@ietf.org>; Tue, 6 Aug 2013 15:01:20 -0700 (PDT)
Received: by mail-oa0-f45.google.com with SMTP id m1so1973982oag.32 for <tls@ietf.org>; Tue, 06 Aug 2013 15:01:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=X+S9kXOsVN+/HlxabwApSHeed3q6oF+IDeLHHKIQoQA=; b=FgDnlSfrm1uvzgQ451CrDxy4tUHGEHl2+FMdSJ02kWa+ESsab1LqkX/dYpbbCfUui+ SsWyVEdjMRjSgjFlpef/g9kpUzdzrlV+OzPELz6asB2+myOPJlmvvbKrXDDAuQzzebU6 SDg8cjZkurcWIktB/utmd52xXcrcp5JTzrKa2YK9F1BgHO3klfhCkZO359YD1i9GK5Lx R+vtTtZoc/zKZhK3KsD0q+RYn8o2jSPrGl1765vOq4ifbdwg9WQT8EZ4xG7pLafYCzqk VBa5eHOV4wFIK5iiGJrZqHlrxkRWE8k+8R7AIzg37KUxqE4zBayx23G+WAMdvT17ySAo +bkA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=X+S9kXOsVN+/HlxabwApSHeed3q6oF+IDeLHHKIQoQA=; b=MYtR8KaD+zV+JwbPGCGpAeeGVjMzmchtyF0EWUwSleCyShJxcpKKMPnVOQNlRFOKWu PwdNDIso+1BGKfL2MlN+v0rLHb6lXESyn3WT9fcIHRwQjSRT59SqvAq414lq4GxDmFNG evCKmmaRtpOH/SMAKHgvjdnHGf46lL+HDipfByOTpRGclWSxOsohOPAJrwTmYdB3DUq8 aI1D/2dTlwhcsN0vkzhE43CAhUnAYy4i/dFRF/cVtzSpLkd43ykxx6KhCDdNqRqunuA/ +pvQYEJtwNaJNNXqLob7MZZ83MpJPedxOSuKdgpW2b4QU9/rbpxDIr2Hj7MAgFfFb/65 3qVQ==
X-Gm-Message-State: ALoCoQmBd101CB9wQxiiO4QwZEyKzBaHMcljTTxl4padpr/lnELSCSomI5GHirfLUWqgXEGSq4eHYWd+8sQFz7WLVrHSc/Vsko9BXyIneJS8GQ5UCan7NwY5butPr7iFnxcSuG7mapBk04xvFRIslZlXLHnQzI52Y4uhEaGfim2lZTKz9G7MI5VkROqfetgzb6fzICzJheha
X-Received: by 10.60.42.168 with SMTP id p8mr171027oel.73.1375826480475; Tue, 06 Aug 2013 15:01:20 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.182.111.66 with HTTP; Tue, 6 Aug 2013 15:01:00 -0700 (PDT)
In-Reply-To: <CABrd9SQdvznHsKjKEMWjXMRCfX3m1ATUYdBy_DbR6sX7ePgHKQ@mail.gmail.com>
References: <CAL9PXLySuS1gn8YisobYrbEnNpxJuYPbKB0qtkCOMnb+m90Jjg@mail.gmail.com> <CADi0yUNPENmF9G=oiteRuZ3tXn4JFMOEuMsnD9Ean6arjWveKw@mail.gmail.com> <23D5606B-9225-4428-99AA-EC66C93D4088@krovetz.net> <CAL9PXLxhPh=+uaac_+oWJsd7ePkY-47sfZGDRs6yUJouxrxWfQ@mail.gmail.com> <CAL9PXLwh8+pYVXwByD1Q0gVGO4=SkSyLTEowH6BqySTAB7mO7Q@mail.gmail.com> <C5653E7F-D187-4F8D-AC2E-9B182BB98954@krovetz.net> <CAL9PXLykK_5sDmAx3VF4ZY2_SrnFsk2RnrrcJqXmAXSndxPfOw@mail.gmail.com> <CABrd9SQdvznHsKjKEMWjXMRCfX3m1ATUYdBy_DbR6sX7ePgHKQ@mail.gmail.com>
From: Adam Langley <agl@google.com>
Date: Tue, 6 Aug 2013 18:01:00 -0400
Message-ID: <CAL9PXLzScV5ouVuTdzK83dFG+QU9k4qyJU4i6N7hReydW5kFdQ@mail.gmail.com>
To: Ben Laurie <benl@google.com>
Content-Type: text/plain; charset=UTF-8
Cc: Ted Krovetz <ted@krovetz.net>, Emilia Kasper <ekasper@google.com>, "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Salsa20 and Poly1305 in TLS
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Aug 2013 22:01:21 -0000

On Tue, Aug 6, 2013 at 5:54 PM, Ben Laurie <benl@google.com> wrote:
> Emilia was getting some interesting results doing this kind of stuff many
> times in parallel...

The Poly1305 code is doing multiple terms of the polynomial concurrent
with SSE2 and NEON. I'm assuming that VMAC is doing the same.

That does bode well for the AVX2/AVX-512 future, but those chips are
widely distributed yet.


Cheers

AGL