A. Bosselaers, R. Govaerts, and J. Vandewalle. Fast hashing on the Pentium. In Proc. CRYPTO 96, Lecture Notes in Computer Science. Springer-Verlag, 1996.  Home/Search   Document Details and Download   Summary   Related Articles   Check

....6. T unlocks itself if it receives ID j = ID. Figure 5 4: The Randomized Hash Lock Disable Protocol per second [2] ASIC implementations would offer even better performance. In 1996, assembly code versions of SHA 1, MD5 and RIPEMD on a Pentium ran at rates of 48.7, 113 and 82 Mbps, respectively [14]. Anecdotally, in 2003 a 1.6 Ghz Pentium can perform about 460,000 SHA 1 hash operations per second. An ideal hash function would be one which could be implemented to take few gates and many cycles on a tag, but could be implemented to take few cycles on a reader. This is discussed further in ....

Antoon Bosselaers, Rene Govaerts, and Joos Vandewalle. Fast Hashing on the Pentium. In Advances in Cryptology - CRYPTO, volume 1109 of LNCS, pages 298--313. Springer-Verlag, 1996.

....a variance of 100. Authentication operations of type 3 are generated in the same manner as in traffic model 1. 5 PROCESS PARAMETERS Table 1 lists our assumptions on the process parameters. The estimation of the processing times for cryptographic operations are based on results from Bosselaers [1, 2] that have been projected according to reflect technological progress concerning computation speed of modern processors. Table 2: F,rocessing Times Action Type 1 Type 2 Type 3 MOBEN: MD5 DES Encrypting (Signing) Registration Request 3 s Decrypting: Registration Reply 3 s FA: MD5 DES ....

A. Bosselaers, R. Govaerts, and J. Vandewalle. Fast Hashing on the Pentium. In N. Koblitz, editor, Advances in Ctt'ptologt; Proceedings Crypro'96, pages 298-312. Springer, 1996. Vol. 1109 of Lectures Notes in Computer Science.

.... step, performed resorting to the RC4 algorithm (whose performance is about 13.7 MBps) and the authentication step, performed resorting to the MD5 algorithm (whose performance is about 17 MBps) It is worth noting that compatible results on the performance of RC4 and MD5 are also presented in [3], 5] 25] 27] We point out that we have not considered SEAL like stream ciphers, because from the performance viewpoint these algorithms do not seem to be appropriate if the key needs to be changed frequently. Summarizing, the results put in evidence the negligible computational overhead of ....

A. Bosselaers, R. Govaerts and J. Vandewalle, "Fast hashing on the Pentium ", Advances in Cryptology, Proceedings Crypto'96, LNCS 1109, N. Koblitz, Ed., Springer-Verlag, pp. 298-312, 1996

....one could employ cryptographic hashing to construct hash functions with short output lengths, short keys and little preprocessing. Bosselaers, Govaerts and Vandewalle report on optimized Pentium timing for several cryptographic hash functions: MD4 (3.8 cpb) MD5 (5. 3 cpb) and SHA 1 (13.1 cpb) [5]. Simple methods can be used to convert these function into universal hash functions by, for example, keying their initial values [11] We do not know what the collision probability would be for such constructions; for such a transformation to result in a good universal hash function, certain ....

Bosselaers, A., Govaerts, R., and Vandewalle, J. Fast hashing on the Pentium. In Advances in Cryptology -- CRYPTO '96 (1996), vol. 1109 of Lecture Notes in Computer Science, Springer-Verlag, pp. 298--312. Updated timing at http://www.esat.kuleuven.ac.be/ bosselae/fast.html.

....of the critical path for latency (it can be done during idle CPU time) so it should not directly offset the benefits of duplicate suppression. A TRACE BASED ANALYSIS OF DUPLICATE SUPPRESSION IN HTTP 26 Even so, digest computation adds load, but apparently not enough to worry about. One study [5] showed that a 90 MHz Pentium can compute MD5 digests at 136 Mbits sec. or SHA 1 digests at 55 Mbits sec. We measured a different MD5 implementation [46] on a 333 MHz Pentium II, which yielded 335 Mbits sec for 5000 byte messages. On a 500 MHz AlphaServer ES40 (21264 CPU) that implementation ....

A. Bosselaers, R. Govaerts and J. Vandewalle. Fast hashing on the Pentium. In N. Koblitz (editor), Advances in Cryptology, Proc. Crypto '96, LNCS 1109, pages 298-312. Springer-Verlag, 1996. Updated at Eurocrypt '97 as "Even faster hashing on the Pentium," ftp://ftp.esat.kuleuven.ac.be/pub/COSIC/bosselae/pentiumplus.ps.gz.

....techniques as the hybrid argument of [18] cf. 13, Sec. 3.2.3] and many others. 3) Presentation of schemes which are suitable for practical applications: Typical examples include the public key encryption schemes of [6] the digital signature schemes of [10,11] the session key protocols of [3,4], and many others. Typically, it is quite easy to determine to which of the above categories a specific technical contribution belongs. Unfortunately, the classification is not always stated in the paper; however, it is typically evident from the construction. We stress that all results we are ....

....Goldwasser. Incremental Cryptography: the Case of Hashing and Signing. In Proceedings of Crypto94, Springer Verlag LNCS (Vol. 839) pages 216 233, 1994. 2] M. Bellare, O. Goldreich and S. Goldwasser. Incremental Cryptography and Application to Virus Protection. In 27th STOC, pages 45 56, 1995. [3] M. Bellare and P. Rogaway. Entity Authentication and Key Distribution. In Proceedings of Crypto93, SpringerVerlag LNCS (Vol. 773) pages 232 249, 1994. 4] M. Bellare and P. Rogaway. Provably Secure Session Key Distribution: The Three Party Case. In 27th STOC, pages 57 66, 1995. 5] M. Ben Or, ....

[Article contains additional citation context not shown here]

A. Bosselaers, R. Govaerts, J. Vandewalle, "Fast hashing on the Pentium," Advances in Cryptology, Proceedings Crypto'96, LNCS 1109, N. Koblitz, Ed., Springer-Verlag, 1996, pp. 298-312.

....9 acknowledges the people who have to be acknowledged. 2 Introduction to MMX At the time of writing this paper Intel s Pentium was the most widely used general purpose processor. We shall not present a detailed outline of Intel Pentium s architecture (an interested reader may turn to [Int97b] or [BGV96] MMX (MultiMedia eXtensions) is a relatively new technology to enhance performance of advanced media and communication applications. The MMX technology introduces new general purpose instructions that operate in parallel on multiple data elements packed into 64 bit quantities (the SWAR ....

Antoon Bosselaers, Ren'e Govaerts, and Joos Vandewalle. Fast Hashing on the Pentium. In Neal Koblitz, editor, Advances in Cryptology --- CRYPTO '96, volume 1109 of Lecture Notes in Computer Science, pages 298--312. Springer-Verlag, 1996.

....the Pentium, the gcc compiler was not able to generate very good code, and so we hand optimized the assembly code. The set up time was was 220 s, and the hash function runs at 85 100Mbps. We compare this to the hand optimized assembly implementation of MD5 by Bosselaers, Govaerts, and Vandewalle [5]. This runs at 113Mbps. Also, How s implementation of DES on our Pentium has a set up time of 94 s, and one application takes 11.5 s. This implies a rate of about 6Mbps for CBC DES. 5 The Evaluation Hash To implement the evaluation hash for GF(2 64 ) we select an irreducible polynomial f(x) 2 ....

A. Bosselaers, R. Govaerts, and J. Vandewalle. Fast hashing on the Pentium. In Advances in Cryptology---Crypto '96, 1996.

....figures for the MD4 family of hash functions as presented at Crypto 96. The improvement is obtained by substituting n cycle instructions by n 1 cycle instructions, and reducing the number of instructions by means of the super add instruction lea, thereby carefully avoiding the dreaded AGI. In [BGV96] we presented optimized implementations of MD4, MD5, SHA 1, RIPEMD, RIPEMD 128 and RIPEMD 160 on Intel s Pentium processor. The goal of this short note is to present an improvement of about 15 over these figures. We refer to [BGV96] for an explanation of the terminology used, and to [BGV97] for a ....

....instruction lea, thereby carefully avoiding the dreaded AGI. In [BGV96] we presented optimized implementations of MD4, MD5, SHA 1, RIPEMD, RIPEMD 128 and RIPEMD 160 on Intel s Pentium processor. The goal of this short note is to present an improvement of about 15 over these figures. We refer to [BGV96] for an explanation of the terminology used, and to [BGV97] for a detailed critical path analysis of these algorithms. In terms of processor pipeline stages the critical path of these new implementations is slightly longer (on the average about 16 stages) However, this lengthening allows us to ....

[Article contains additional citation context not shown here]

A. Bosselaers, R. Govaerts, J. Vandewalle, "Fast hashing on the Pentium," Advances in Cryptology, Proceedings Crypto'96, LNCS 1109, N. Koblitz, Ed., Springer-Verlag, 1996, pp. 298--312.

....other classes of iterated cryptographic primitives. Our main aim is to investigate the amount of software parallelism in the di#erent members of the MD4 hash family, and the extent to which nowadays RISC and CISC processors are able to exploit this parallelism. This approach di#ers of the one in [BGV96] in that we now take the hashing algorithms as a starting point, and investigate the amount of inherently available parallelism, while previously we took a particular superscalar processor as starting point, and investigated to which extent an implementation of the hashing algorithms could take ....

A. Bosselaers, R. Govaerts, J. Vandewalle, "Fast hashing on the Pentium," Advances in Cryptology, Proceedings Crypto'96, LNCS 1109, N. Koblitz,

....figures for the MD4 family of hash functions as presented at Crypto 96. The improvement is obtained by substituting n cycle instructions by n 1 cycle instructions, and reducing the number of instructions by means of the super add instruction lea, thereby carefully avoiding the dreaded AGI. In [BGV96]we presented optimized implementations of MD4, MD5, SHA 1, RIPEMD, RIPEMD 128 and RIPEMD 160 on Intel s Pentium processor. The goal of this short note is to present an improvement of about 15 over these figures. We refer to [BGV96] for an explanation of the terminology used, and to [BGV97] for a ....

....instruction lea, thereby carefully avoiding the dreaded AGI. In [BGV96]we presented optimized implementations of MD4, MD5, SHA 1, RIPEMD, RIPEMD 128 and RIPEMD 160 on Intel s Pentium processor. The goal of this short note is to present an improvement of about 15 over these figures. We refer to [BGV96] for an explanation of the terminology used, and to [BGV97] for a detailed critical path analysis of these algorithms. In terms of processor pipeline stages the critical path of these new implementations is slightly longer (on the average about 16 stages) However, this lengthening allows us to ....

[Article contains additional citation context not shown here]

A. Bosselaers, R. Govaerts, J. Vandewalle, "Fast hashing on the Pentium," Advances in Cryptology, Proceedings Crypto'96, LNCS 1109, N. Koblitz, Ed., Springer-Verlag, 1996, pp. 298--312.

....both execution units of the Pentium busy for most of the time. Some algorithms, e.g. SHA 1 and RIPEMD 160, contain even more parallelism than most current general purpose processors are able to provide [13] More implementation details concerning the MD4 family of hash functions can be found in [11, 14]. Only Khufu contains hardly any instruction level parallelism, so that its performance does not benefit much from having parallel execution units. Also the inherent parallelism of SEAL is limited, but it is nevertheless remarkably fast on the Pentium, which is explained by the fact that it was ....

A. Bosselaers, R. Govaerts, J. Vandewalle, "Fast hashing on the Pentium," Advances in Cryptology, Proceedings Crypto'96, LNCS 1109, N. Koblitz, Ed., Springer-Verlag, 1996, pp. 298--312.

....classes of iterated cryptographic primitives. Our main aim is to investigate the amount of software parallelism in the different members of the MD4 hash family, and the extent to which nowadays RISC and CISC processors are able to exploit this parallelism. This approach differs of the one in [BGV96] in that we now take the hashing algorithms as a starting point, and investigate the amount of inherently available parallelism, while previously we took a particular superscalar processor as starting point, and investigated to which extent an implementation of the hashing algorithms could take ....

A. Bosselaers, R. Govaerts, J. Vandewalle, "Fast hashing on the Pentium," Advances in Cryptology, Proceedings Crypto'96, LNCS 1109, N. Koblitz, Ed., Springer-Verlag, 1996, pp. 298--312.

No context found.

A. Bosselaers, R. Govaerts, and J. Vandewalle. Fast hashing on the Pentium. In Proc. CRYPTO 96, Lecture Notes in Computer Science. Springer-Verlag, 1996.

No context found.

A. Bosselaers, R. Govaerts, and J. Vandewalle. Fast hashing on the Pentium. In Proc. CRYPTO 96, Lecture Notes in Computer Science. Springer-Verlag, 1996.

No context found.

A. Bosselaers, R. Govaerts, and J. Vandewalle, \Fast Hashing on the Pentium, " Advances in Cryptology|CRYPTO '96, Springer-Verlag, 1996, pp. 298-312.

No context found.

A. Bosselaers, R. Govaerts, J. Vandewalle, "Fast hashing on the Pentium," Advances in Cryptology--Crypto '96.

No context found.

A. Bosselaers, R. Govaerts, and J. Vandewalle, "Fast Hashing on the Pentium, " Advances in Cryptology---CRYPTO '96, Springer-Verlag, 1996, pp. 298--312.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC