Add an implementation of AES-128 using SSSE3 instructions. It runs in

constant time and on a Nehalem is significantly faster than the table
based version. This implementation technique was invented by Mike
Hamburg and described in a paper in CHES 2009 "Accelerating AES with
Vector Permute Instructions". This code is basically a translation of
his public domain x86-64 assembly code into intrinsics.

Todo: Adding support for AES-192 and AES-256; this just requires
implementing the key schedules.

Currently only tested on an i7 with GCC (32 and 64 bit code);
testing/optimization on 32-bit processors with SSSE3 like the Atom,
and with Visual C++ and other compilers, are also todos.

1 files changed, 9 insertions, 0 deletions

diff --git a/src/engine/simd_engine/simd_engine.cpp b/src/engine/simd_engine/simd_engine.cpp
index aa434d669..34e1a6838 100644
--- a/src/engine/simd_engine/simd_engine.cpp
+++ b/src/engine/simd_engine/simd_engine.cpp
@@ -9,6 +9,10 @@
 #include <botan/internal/simd_32.h>
 #include <botan/cpuid.h>
 
+#if defined(BOTAN_HAS_AES_SSSE3)
+  #include <botan/aes_ssse3.h>
+#endif
+
 #if defined(BOTAN_HAS_SERPENT_SIMD)
   #include <botan/serp_simd.h>
 #endif
@@ -35,6 +39,11 @@ BlockCipher*
 SIMD_Engine::find_block_cipher(const SCAN_Name& request,
                                Algorithm_Factory&) const
    {
+#if defined(BOTAN_HAS_AES_SSSE3)
+   if(request.algo_name() == "AES-128" && CPUID::has_ssse3())
+      return new AES_128_SSSE3;
+#endif
+
 #if defined(BOTAN_HAS_IDEA_SSE2)
    if(request.algo_name() == "IDEA" && CPUID::has_sse2())
       return new IDEA_SSE2;