Skip to content

Commit

Permalink
Add a table summarizing the differences between the variants
Browse files Browse the repository at this point in the history
  • Loading branch information
@jedisct1
jedisct1 committed Dec 8, 2024
1 parent bc12b21 commit b90e364
Showing 1 changed file with 14 additions and 0 deletions.
14 changes: 14 additions & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,20 @@ Portable C implementations of the [AEGIS](https://datatracker.ietf.org/doc/draft
- Unauthenticated encryption and decryption (not recommended - only implemented for specific protocols)
- Deterministic pseudorandom stream generation.

## Key differences between AEGIS variants

| **Feature** | **AEGIS-128L** | **AEGIS-256** | **AEGIS-128X2** | **AEGIS-128X4** | **AEGIS-256X2** | **AEGIS-256X4** |
| -------------------- | --------------------------------------------------------------------- | -------------------------------------------- | ----------------------------------------------- | ----------------------------------------------- | ----------------------------------------------- | ----------------------------------------------- |
| **Key Length** | 128 bits | 256 bits | 128 bits | 128 bits | 256 bits | 256 bits |
| **Nonce Length** | 128 bits | 256 bits | 128 bits | 128 bits | 256 bits | 256 bits |
| **State Size** | 1024 bits (8 x 128-bit blocks) | 768 bits (6 x 128-bit blocks) | 2048 bits (2 x 1024-bit states) | 4096 bits (4 x 1024-bit states) | 1536 bits (2 x 768-bit states) | 3072 bits (4 x 768-bit states) |
| **Input Rate** | 256 bits per update | 128 bits per update | 512 bits per update | 1024 bits per update | 256 bits per update | 512 bits per update |
| **Parallelism** | None | None | 2 parallel lanes | 4 parallel lanes | 2 parallel lanes | 4 parallel lanes |
| **Performance** | High on standard CPUs | High on standard CPUs | Higher on CPUs with AVX2 | Higher on CPUs with AVX-512 | Higher on CPUs with AVX2 | Higher on CPUs with AVX-512 |
| **Target Use Case** | Standard applications | Applications requiring higher security | High-throughput applications on modern hardware | High-throughput applications on modern hardware | High-security applications with modern hardware | High-security applications with modern hardware |
| **Security Level** | 128-bit security | 256-bit security | 128-bit security | 128-bit security | 256-bit security | 256-bit security |
| **Special Features** | Optimized for high performance on standard CPUs with AES instructions | Optimized for high security with larger keys | Parallelized version of AEGIS-128L | Parallelized version of AEGIS-128L | Parallelized version of AEGIS-256 | Parallelized version of AEGIS-256 |

## Installation

Note that the compiler makes a difference. Zig (or a recent `clang` with target-specific options such as `-march=native`) produces more efficient code than `gcc`.
Expand Down

0 comments on commit b90e364

Please sign in to comment.