Efficient Hashing using the AES Instruction Set

Joppe W. Bos, Onur Özen, and Martijn Stam


In this work, we provide a software benchmark for a large range of 256-bit blockcipher-based hash functions. We instantiate the underlying blockcipher with AES, which allows us to exploit the recent AES instruction set (AES-NI). Since AES itself only outputs 128 bits, we consider double-block-length constructions, as well as (single-block-length) constructions based on Rijndael-256. Although we primarily target architectures supporting AES-NI, our framework has much broader applications by estimating the performance of these hash functions on any (micro-)architecture given AES-benchmark results. As far as we are aware, this is the first comprehensive performance comparison of multi-block-length hash functions in software.


Publication typeInproceedings
Published inCryptographic Hardware and Embedded Systems – CHES 2011
SeriesLecture Notes in Computer Science
> Publications > Efficient Hashing using the AES Instruction Set