diff options
| author | Frank Denis <124872+jedisct1@users.noreply.github.com> | 2022-11-22 18:16:04 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-11-22 18:16:04 +0100 |
| commit | ea05223b638789f2ef5b35081e66b5f4f5a45d77 (patch) | |
| tree | da1ee4a9d48e6c102be51066e068b53eb26cd1fb /src/windows_sdk.cpp | |
| parent | 114244f7701c5bda996e852fbadcab76a488bdf6 (diff) | |
| download | zig-ea05223b638789f2ef5b35081e66b5f4f5a45d77.tar.gz zig-ea05223b638789f2ef5b35081e66b5f4f5a45d77.zip | |
std.crypto.auth: add AEGIS MAC (#13607)
* Update the AEGIS specification URL to the current draft
* std.crypto.auth: add AEGIS MAC
The Pelican-based authentication function of the AEGIS construction
can be used independently from authenticated encryption, as a faster
and more secure alternative to GHASH/POLYVAL/Poly1305.
We already expose GHASH, POLYVAL and Poly1305 for use outside AES-GCM
and ChaChaPoly, so there are no reasons not to expose the MAC from AEGIS
as well.
Like other 128-bit hash functions, finding a collision only requires
~2^64 attempts or inputs, which may still be acceptable for many
practical applications.
Benchmark (Apple M1):
siphash128-1-3: 3222 MiB/s
ghash: 8682 MiB/s
aegis-128l mac: 12544 MiB/s
Benchmark (Zen 2):
siphash128-1-3: 4732 MiB/s
ghash: 5563 MiB/s
aegis-128l mac: 19270 MiB/s
Diffstat (limited to 'src/windows_sdk.cpp')
0 files changed, 0 insertions, 0 deletions