keccakF1600 manually subtracts 200 from SP, but the generated prologue
already does this and the extra subtraction just means keccakF1600 is
defeating the stack growth check.
Remove the unnecessary SP adjustment.
Change-Id: I9450f6b12489bcd20e9ace30f9dd3066025d3a1a
Reviewed-on: https://go-review.googlesource.com/31653
Run-TryBot: Austin Clements <austin@google.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Adam Langley <agl@golang.org>
NIST published a Keccak Code Package following the SHA-3 workshop
organized in 2014, containing optimized versions of various Keccak
functions for various architectures. This CL converts the GNU asm
code of the Keccak permutation for the x86_64 architecture into Go
assembly.
The code here is almost an identical copy of KeccakF1600_StatePermute,
with the only modification of converting the input state into the
implementation's internal representation and vice versa before return.
This keeps the algorithm an in-place version and avoids requiring
extra external state inits and data XORs before and after the permute.
The speed difference is:
benchmark old ns/op new ns/op delta
BenchmarkPermutationFunction-8 476 411 -13.66%
BenchmarkSha3_512_MTU-8 9910 8681 -12.40%
BenchmarkSha3_384_MTU-8 7124 6249 -12.28%
BenchmarkSha3_256_MTU-8 5666 4986 -12.00%
BenchmarkSha3_224_MTU-8 5401 4750 -12.05%
BenchmarkShake128_MTU-8 4614 3980 -13.74%
BenchmarkShake256_MTU-8 4935 4295 -12.97%
BenchmarkShake256_16x-8 71850 63798 -11.21%
BenchmarkShake256_1MiB-8 3784244 3285733 -13.17%
BenchmarkSha3_512_1MiB-8 7098875 6163359 -13.18%
benchmark old MB/s new MB/s speedup
BenchmarkPermutationFunction-8 420.11 486.35 1.16x
BenchmarkSha3_512_MTU-8 136.22 155.51 1.14x
BenchmarkSha3_384_MTU-8 189.49 216.03 1.14x
BenchmarkSha3_256_MTU-8 238.23 270.71 1.14x
BenchmarkSha3_224_MTU-8 249.91 284.19 1.14x
BenchmarkShake128_MTU-8 292.58 339.15 1.16x
BenchmarkShake256_MTU-8 273.53 314.28 1.15x
BenchmarkShake256_16x-8 228.03 256.81 1.13x
BenchmarkShake256_1MiB-8 277.09 319.13 1.15x
BenchmarkSha3_512_1MiB-8 147.71 170.13 1.15x
For further details, please see:
- http://csrc.nist.gov/groups/ST/hash/sha-3/Aug2014/documents/vanassche_keccak_code.pdf
- https://github.com/gvanas/KeccakCodePackage
Change-Id: I5b0b9395bba7d8c9acfe2b9c79f6e9c2cf858c7c
Reviewed-on: https://go-review.googlesource.com/17962
Reviewed-by: Adam Langley <agl@golang.org>
The typos were found by misspell tool.
Change-Id: I120740f12f7ba48330749ebf84050a7b98e01016
Reviewed-on: https://go-review.googlesource.com/24725
Reviewed-by: Ian Lance Taylor <iant@golang.org>
Run-TryBot: Ian Lance Taylor <iant@golang.org>
A previous fix to improve performance based on alignment
to sha3 was made in both ppc64le and ppc64, when it should
have only applied to ppc64le. This changes the build tags
so it is only done for ppc64le.
Fixesgolang/go#15392
Change-Id: Idf32a0370f3c76fc2b54a2897a668acbae5d43c5
Reviewed-on: https://go-review.googlesource.com/22323
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Change the location of the KAT data for consistency with
other packages.
Change-Id: Ica10ad7d1730603f957fb413e28fe771b3c323bc
Reviewed-on: https://go-review.googlesource.com/3267
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Speedup of about 1.4x on x64. Added benchmarks that use the
ShakeHash interface, which doesn't require copying the state.
Unaligned or generic xorIn and copyOut functions chosen via
buildline, but both are tested.
Substantial contributions from Eric Eisner.
See golang.org/cl/151630044 for the previous CR.
(There are also some minor edits/additions to the documentation.)
Change-Id: I9500c25682457c82487512b9b8c66df7d75bff5d
Reviewed-on: https://go-review.googlesource.com/2132
Reviewed-by: Adam Langley <agl@golang.org>
1. API:
This exposes a minimal API: the SHA-3 functions implement hash.Hash. The
SHAKE functions implement a new "ShakeHash" interface that implements
io.Reader, io.Writer, and Reset().
(The previous Barrier() function has been removed.)
(Alternative proposal: Don't implement io.Reader, but instead provide a
"Digest(d []byte) error" function that performs a hash.Hash style copy.
Somewhat more minimal, but very easy to use incorrectly.)
2. Tests
Added the complete set of ShortMsgKATs from
https://github.com/gvanas/KeccakCodePackage
3. Correctness
In sync with draft FIPS-202.
4. Documentation
A summary of the security properties of the SHA-3 and SHAKE functions is
provided in doc.go; some concrete recommendations as well.
Fixes 8563.
R=golang-codereviews, agl
CC=golang-codereviews
https://golang.org/cl/130950043
Taken from my implementation: https://bitbucket.org/ede/sha3
Performance gain from using less memory and more registers.
benchmark old ns/op new ns/op delta
BenchmarkPermutationFunction 1484 1118 -24.66%
BenchmarkBulkKeccak512 374993 295178 -21.28%
BenchmarkBulkKeccak256 215496 172335 -20.03%
benchmark old MB/s new MB/s speedup
BenchmarkPermutationFunction 134.76 178.80 1.33x
BenchmarkBulkKeccak512 43.69 55.51 1.27x
BenchmarkBulkKeccak256 76.03 95.07 1.25x
R=jcb, agl
CC=golang-dev, nigeltao
https://golang.org/cl/8088044
time); delete some comments that didn't add much and were incorrect
anyway (the test specification was tc, not t).
R=jcb
CC=agl, golang-dev
https://golang.org/cl/7665045
Added a pure Go implementation of SHA3 (Keccak) which implements the hash.Hash interface.
A test file is included with performance benchmarks and standard test vectors.
R=agl, nigeltao
CC=golang-dev
https://golang.org/cl/7760044
Austin Clements
Péter Szilágyi
Martin Hamrle
Lynn Boger
Glenn Brown
David Leon Gil
David Symonds
Ian Lance Taylor
Eric Roshan-Eisner
Adam Langley
Nigel Tao
Joseph Bonneau