RFR: 8325991: Accelerate Poly1305 on x86_64 using AVX2 instructions [v9]
Srinivas Vamsi Parasa
duke at openjdk.org
Tue Feb 27 21:13:07 UTC 2024
On Tue, 27 Feb 2024 18:21:42 GMT, Volodymyr Paprotski <duke at openjdk.org> wrote:
>> Srinivas Vamsi Parasa has updated the pull request incrementally with one additional commit since the last revision:
>>
>> add cpuinfo test for avx_ifma
>
> src/hotspot/cpu/x86/stubGenerator_x86_64_poly.cpp line 1053:
>
>> 1051:
>> 1052: Let R be the 16-byte secret key used for polynomial evaluation.
>> 1053: Let K be the 16-byte secret AES key.
>
> Poly1305 is not restricted to AES. Just remove AES (call it 'second part of the secret key' or something).
>
> Per RFC https://datatracker.ietf.org/doc/html/rfc7539#section-2.5
>
> Poly1305 takes a 32-byte one-time key and a message and produces a 16-byte tag.
> ...
> Regardless of how the key is generated, the key is partitioned into two parts, called "r" and "s".
Please see the updated description in the latest commit as suggested.
Replicating the updated part below for convenience:
/*
Let the 32-byte one-time key be partitioned into two equal parts R and K.
Let R be the 16-byte secret key used for polynomial evaluation.
Let K be the 16-byte secret key.
*/
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/17881#discussion_r1504994493
More information about the hotspot-compiler-dev
mailing list