UMAC Performance

We provide throughput rates, measured in machine cycles-per-byte, for the processing of messages of various byte-lengths by UMAC and its underlying hash function UHASH. We use cycles-per-byte because it makes possible efficiency comparisons between processors running at different speeds. To convert to bytes-per-second, divide your processor's cycles-per-second (Hz) by the reported cycles-per-byte to get bytes-per-second. For example, a 1 GHz processor spending 2.0 cycles-per-byte processes 1e9 / 2.0 = 0.5e9 bytes-per-second (500 MB/sec).

We report on throughput speeds for several message lengths; 44, 552 and 1500 bytes being very common packet sizes found on the Internet.

There are three tag lengths defined for UMAC; 32, 64 andd 96 bits. We advocate the use of 64-bit authentication tags for most purposes. UMAC and UHASH, however, provide flexibity in meeting performance and security needs. Longer or shorter outputs can be produced with proportionally longer or shorter computation time and proportionally stronger or weaker security. For a detailed discussion of security considerations, see the UMAC specification.

Throughput: Reported in Pentium 4 cycles per byte of message processed.
 

Algorithm
type

Output
bits
Pentium 4
44 64
256 552 1024
1500 long
UMAC-32 MAC 32
13.2
8.3
2.4
1.4
0.9
1.0 0.6
UMAC-64 MAC 64 18.7
12.0
3.5
2.1 1.4
1.5 1.0 
UMAC-96
MAC
96
21.7
15.1
4.5
2.7
1.9
2.2
1.5
hash127-AES MAC 128
23.0
17.0
7.5
5.8
5.1
4.8
4.3 
SHA-1 Hash
160

76.0
34.5

23.6

20.5


Notes:

The throughput for SHA-1 is a lower-bound for any MAC based upon it (eg, HMAC-SHA1 cannot be faster than SHA-1).

Hash127 is a fast polynomial-based hash implemented by Daniel Bernstein (hash127 webpage).

All speeds were measured on 2.7GHz Pentium 4 running Red Hat Linux. The SHA-1 speeds were acquired using the command "openssl speed sha1".

Blank entries indicate that we have no data for those parameters. The "long" rate is the best throughput reported by the source for messages longer than 1500 bytes.