README.md
1 ctaes 2 ===== 3 4 Simple C module for constant-time AES encryption and decryption. 5 6 Features: 7 * Simple, pure C code without any dependencies. 8 * No tables or data-dependent branches whatsoever, but using bit sliced approach from https://eprint.iacr.org/2009/129.pdf. 9 * Very small object code: slightly over 4k of executable code when compiled with -Os. 10 * Slower than implementations based on precomputed tables or specialized instructions, but can do ~15 MB/s on modern CPUs. 11 12 Performance 13 ----------- 14 15 Compiled with GCC 5.3.1 with -O3, on an Intel(R) Core(TM) i7-4800MQ CPU, numbers in CPU cycles: 16 17 | Algorithm | Key schedule | Encryption per byte | Decryption per byte | 18 | --------- | ------------:| -------------------:| -------------------:| 19 | AES-128 | 2.8k | 154 | 161 | 20 | AES-192 | 3.1k | 169 | 181 | 21 | AES-256 | 4.0k | 191 | 203 | 22 23 Build steps 24 ----------- 25 26 Object code: 27 28 $ gcc -O3 ctaes.c -c -o ctaes.o 29 30 Tests: 31 32 $ gcc -O3 ctaes.c test.c -o test 33 34 Benchmark: 35 36 $ gcc -O3 ctaes.c bench.c -o bench 37 38 Review 39 ------ 40 41 Results of a formal review of the code can be found in http://bitcoin.sipa.be/ctaes/review.zip