[RFC PATCH v2 5/7] crypto: arm64/aes-xctr: Add accelerated implementation of XCTR
Nathan Huckleberry
nhuck at google.com
Fri Feb 11 12:30:24 PST 2022
On Fri, Feb 11, 2022 at 5:48 AM Ard Biesheuvel <ardb at kernel.org> wrote:
>
> On Fri, 11 Feb 2022 at 00:28, Nathan Huckleberry <nhuck at google.com> wrote:
> >
> > Add hardware accelerated version of XCTR for ARM64 CPUs with ARMv8
> > Crypto Extension support. This XCTR implementation is based on the CTR
> > implementation in aes-modes.S.
> >
> > More information on XCTR can be found in
> > the HCTR2 paper: Length-preserving encryption with HCTR2:
> > https://eprint.iacr.org/2021/1441.pdf
> >
> > Signed-off-by: Nathan Huckleberry <nhuck at google.com>
> > ---
> >
> > Changes since v1:
> > * Added STRIDE back to aes-glue.c
> >
>
> NAK. Feel free to respond to my comments/questions against v1 if you
> want to discuss this.
Oops, I misunderstood the tail block behavior of the CTR implementation and
thought it wouldn't work with XCTR mode. I have XCTR mirroring the tail
behavior of CTR now. I'll submit it with the v3.
More information about the linux-arm-kernel
mailing list