CLMUL
Carry-less multiplication ( CLMUL ) ( dt . Carryover free multiplication ) is a command expansion of the x86 processor architecture , a fast, hardware-assisted calculation in areas from number theory possible. The instruction extension was proposed by Intel in 2008 andintroduced in Westmere microarchitecture from 2010. It is available in all Intel processors from the Intel Haswell microarchitecture and AMD processors from AMD Bulldozer .
Carry free means here the subtotals for the multiplication are formed bit by bit using an XOR link .
Examples of applications are the cryptography at block ciphers in the operating mode Galois / Counter Mode (GCM), which is based on computations in a Galois field based. Another field of application is the generation of checksums in the field of cyclical redundancy checks (CRC).
Instruction set extension
The commands from the extension calculate the transmission-free product of 128 bits from the input values of two 64 bits and store the result in a 128-bit XMM register . Depending on the addressing mode, the source for the two factors can either be another XMM register, in which case the two 64-bit wide halves of an XMM register are regarded as two factors, or the halves of two different XMM registers or a memory address in main memory can be specified .
The multiplication of two 128 bit wide input values can be done in four calculation steps using the Karazuba algorithm .
literature
- Christoph Puttmann: Resource-efficient hardware-software combinations for cryptography with elliptical curves , dissertation at the Technical Faculty of Bielefeld University, Bielefeld 2014 PDF
Individual evidence
- ^ Carry-Less Multiplication Instruction and its Usage for Computing the GCM Mode. Retrieved December 15, 2016 .
- ^ Tetsu Iwata, Jung Hee Cheon: Advances in Cryptology - AsiaCrypt 2015: 21st International Conference on the Theory and Application of Cryptology and Information Security, Auckland, New Zealand. Part 1, Verlag Springer, Heidelberg 2015 ISBN 9783662487969 PDF