Vectorised Hashing Based on Bernstein-Rabin-Winograd Polynomials over Prime Order Fields

TL;DR

This paper introduces the decBRWHash, a SIMD-optimized hash function based on Bernstein-Rabin-Winograd polynomials over prime fields, demonstrating significant speed improvements over Poly1305 for various message sizes.

Contribution

The paper presents a new AXU hash function decBRWHash optimized with SIMD instructions and provides comprehensive assembly implementations over specific prime fields.

Findings

decBRWHash outperforms Poly1305 in speed for messages of a few hundred bytes to megabytes.

Optimized assembly implementations achieve up to 23% speed-up for large messages.

The approach leverages SIMD instructions for efficient polynomial-based hashing.

Abstract

We introduce the new AXU hash function decBRWHash, which is parameterised by the positive integer $c$ and is based on Bernstein-Rabin-Winograd (BRW) polynomials. Choosing $c>1$ gives a hash function which can be implemented using $c$-way single instruction multiple data (SIMD) instructions. We report a set of very comprehensive hand optimised assembly implementations of 4-decBRWHash using avx2 SIMD instructions available on modern Intel processors. For comparison, we also report similar carefully optimised avx2 assembly implementations of polyHash, an AXU hash function based on usual polynomials. Our implementations are over prime order fields, specifically the primes $2^{127}-1$ and $2^{130}-5$. For the prime $2^{130}-5$, for avx2 implementations, compared to the famous Poly1305 hash function, 4-decBRWHash is faster for messages which are a few hundred bytes long and achieves a speed-up of about 16% for message lengths in a few kilobytes range and improves to a speed-up of about 23% for message lengths in a few megabytes range.