Brian Gladman wrote: > But a fully byte oriented implementation runs at about 140 cycles/byte > and here the S-Box substitution step is a significant bottleneck. > ... > It is also possible that the PPERM instruction could be used to speed up > the Galois field calculations to produce the S-Box mathematically rather > than by table lookup. I have tried this in the past but it has not > proved competitive. But PPERM looks interesting here as well.
This is where the following may be handy: http://www.literatecode.com/2007/11/11/aes256/ It is a byte-oriented AES-256 implementation without S-box tables. Although I doubt it can be speeded up that much. Regards, Ilya -- http://www.literatecode.com --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]