github.com/mad-day/Yawning-crypto@v0.0.0-20190711051033-5a5f8cca32ec/bsaes/README.md (about) 1 ### bsaes - BitSliced AES 2 #### Yawning Angel (yawning at schwanenlied dot me) 3 4 > The AES operations in this package are not implemented using constant-time 5 > algorithms. An exception is when running on systems with enabled hardware 6 > support for AES that makes these operations constant-time. 7 > 8 > -- https://golang.org/pkg/crypto/aes/ 9 10 bsaes is a portable pure-Go constant time AES implementation based on the 11 excellent code from [BearSSL](https://bearssl.org/). On AMD64 systems with 12 AES-NI and a sufficiently recent Go runtime, it will transparently call 13 `crypto/aes` when `NewCipher` is invoked. 14 15 Features: 16 17 * Constant time. 18 19 * 32 bit and 64 bit variants, with the appropriate one selected at runtime. 20 21 * Provides `crypto/cipher.Block`. 22 23 * `crypto/cipher.ctrAble` support for less-slow CTR-AES mode. 24 25 * `crypto/cipher.cbcDecAble` support for less-slow CBC-AES decryption. 26 27 * `crypto/cipher.gcmAble` support for less-slow GCM-AES. This includes 28 a constant time GHASH. 29 30 * The raw guts of the implementations provided as sub-packages, for people 31 to use to implement [other things](https://git.schwanenlied.me/yawning/aez). 32 33 Benchmarks: 34 35 | Primitive | Version | ns/op | MB/s | 36 | --------------------------- | :-----: | -----: | -----: | 37 | ECB-AES128 | ct32 | 914 | 17.50 | 38 | ECB-AES256 | ct32 | 1268 | 12.62 | 39 | CTR-AES128 (16 KiB) | ct32 | 472010 | 34.17 | 40 | CBC-AES128 Decrypt (16 KiB) | ct32 | 583238 | 28.09 | 41 | GCM-AES128 (16 KiB) | ct32 | 605676 | 27.05 | 42 | ECB-AES128 | ct64 | 932 | 17.16 | 43 | ECB-AES256 | ct64 | 1258 | 12.72 | 44 | CTR-AES128 (16 KiB) | ct64 | 296016 | 55.35 | 45 | CBC-AES128 Decrypt (16 KiB) | ct64 | 350047 | 46.81 | 46 | GCM-AES128 (16 KiB) | ct64 | 435660 | 37.61 | 47 48 All numbers taken on an Intel i7-5600U with Turbo Boost disabled, running on 49 linux/amd64.