Accelerating Poly1305 cryptographic message authentication on the z14

In this paper, we examine the implementation and acceleration of the Poly1305 authentication algorithm on the recently announced IBM z14 computer. Two approaches are undertaken to improve performance of this important cryptographic algorithm. First, we restructure the algorithm to take advantage of a new instruction, VMSL, which employs floating-point hardware to perform high-speed high-throughput multiplications on integer limbs (big-integer digits) of large integers. With VMSL, we are able to eliminate multiplication as the dominant operation in Poly1305. Second, we apply Coconut, an extensible domain-specific language (DSL) embedded in Haskell, to generate a better schedule for parts of the algorithm that are performance bottlenecks. This combined approach has implications beyond Poly1305, as the same techniques can be applied to other cryptographic algorithms, such as elliptic curve digital signature algorithm (ECDSA) used in HyperLedger Blockchain.