From: Ondrej Mosnacek <omosna...@gmail.com> This patchset adds the MORUS AEAD algorithm implementation to the Linux Crypto API.
MORUS [1] is a dedicated AEAD algorithm focused on SIMD instructions and designed for high throughput both on modern processors and in hardware. It is designed by Hongjun Wu and Tao Huang and has been submitted to the CAESAR competiton [2], where it is currently one of the finalists [3]. MORUS uses only logical bitwise operations and bitwise rotations as primitives. MORUS has two variants: * MORUS-640 operating on 128-bit blocks and accepting a 128-bit key. * MORUS-1280 operating on 256-bit blocks and accepting a 128- or 256-bit key. Both variants accept a 128-bit IV and produce an up to 128-bit tag. The patchset contains four patches, adding: * generic implementations * test vectors to testmgr * common glue code for x86_64 optimizations * x86_64 SSE2/AVX2 optimized implementations Since there are no official test vectors currently available, the test vectors in patch 2 were generated using a reference implementation from public CAESAR benchmarks [4]. They should be replaced/complemented with official test vectors if/when they become available. The implementations have been developed in cooperation with Milan Broz (the maintainer of dm-crypt and cryptsetup) and there is a plan to use them for authenticated disk encryption in cryptsetup. They are a result of my Master's thesis at the Faculty of Informatics, Masaryk University, Brno [5]. [1] https://competitions.cr.yp.to/round3/morusv2.pdf [2] https://competitions.cr.yp.to/caesar-call.html [3] https://competitions.cr.yp.to/caesar-submissions.html [4] https://bench.cr.yp.to/ebaead.html [5] https://is.muni.cz/th/409879/fi_m/?lang=en Ondrej Mosnacek (4): crypto: Add generic MORUS AEAD implementations crypto: testmgr - Add test vectors for MORUS crypto: Add common SIMD glue code for MORUS crypto: x86 - Add optimized MORUS implementations arch/x86/crypto/Makefile | 10 + arch/x86/crypto/morus1280-avx2-asm.S | 621 +++++ arch/x86/crypto/morus1280-avx2-glue.c | 68 + arch/x86/crypto/morus1280-sse2-asm.S | 895 +++++++ arch/x86/crypto/morus1280-sse2-glue.c | 68 + arch/x86/crypto/morus640-sse2-asm.S | 614 +++++ arch/x86/crypto/morus640-sse2-glue.c | 68 + crypto/Kconfig | 54 + crypto/Makefile | 4 + crypto/morus1280.c | 549 ++++ crypto/morus1280_glue.c | 302 +++ crypto/morus640.c | 544 ++++ crypto/morus640_glue.c | 298 +++ crypto/testmgr.c | 18 + crypto/testmgr.h | 3400 +++++++++++++++++++++++++ include/crypto/morus1280_glue.h | 137 + include/crypto/morus640_glue.h | 137 + include/crypto/morus_common.h | 23 + 18 files changed, 7810 insertions(+) create mode 100644 arch/x86/crypto/morus1280-avx2-asm.S create mode 100644 arch/x86/crypto/morus1280-avx2-glue.c create mode 100644 arch/x86/crypto/morus1280-sse2-asm.S create mode 100644 arch/x86/crypto/morus1280-sse2-glue.c create mode 100644 arch/x86/crypto/morus640-sse2-asm.S create mode 100644 arch/x86/crypto/morus640-sse2-glue.c create mode 100644 crypto/morus1280.c create mode 100644 crypto/morus1280_glue.c create mode 100644 crypto/morus640.c create mode 100644 crypto/morus640_glue.c create mode 100644 include/crypto/morus1280_glue.h create mode 100644 include/crypto/morus640_glue.h create mode 100644 include/crypto/morus_common.h -- 2.17.0
