polyval::backend

Module soft

Expand description

Constant-time software implementation of POLYVAL for 64-bit architectures. Adapted from BearSSL’s ghash_ctmul64.c:

https://bearssl.org/gitweb/?p=BearSSL;a=blob;f=src/hash/ghash_ctmul64.c;hb=4b6046412

Copyright (c) 2016 Thomas Pornin [email protected]

Structs§

Polyval: POLYVAL: GHASH-like universal hash over GF(2^128).
U64x2 🔒: 2 x u64 values

Functions§

bmul64 🔒: Multiplication in GF(2)[X], truncated to the low 64-bits, with “holes” (sequences of zeroes) to avoid carry spilling.
rev64 🔒: Bit-reverse a u64 in constant time