{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,17]],"date-time":"2026-01-17T00:40:41Z","timestamp":1768610441514,"version":"3.49.0"},"reference-count":0,"publisher":"Universitatsbibliothek der Ruhr-Universitat Bochum","issue":"1","license":[{"start":{"date-parts":[[2026,1,16]],"date-time":"2026-01-16T00:00:00Z","timestamp":1768521600000},"content-version":"unspecified","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["TCHES"],"abstract":"<jats:p>Universal hash functions are a widely-used, fundamental building block in constructing more complex cryptographic schemes. This makes achieving high efficiency, both at the design and implementation level, an utmost priority. Using simple polynomial hash functions over prime fields is a popular choice; Poly1305 is a particular instance of such an approach that is standardized and widely deployed. However, even for simple polynomial hash functions, there are significant challenges in designing fast implementations. Firstly, there is a large set of choices for algorithmic parameters such as finite field and limb sizes. Secondly, the complexity and diversity of modern vector instruction set architectures (ISAs) makes performance evaluation, and subsequent parameter selection difficult. In this paper we present SPHGen, a program generator for simple polynomial hash functions. SPHGen takes as input the field parameters and outputs highly optimized code for a given vector ISA. The generated code is automatically verified by means of symbolic execution, ensuring functional correctness. Accompanying SPHGen is an accurate model that predicts the runtime of each generated program. Using SPHGen, one can readily identify the Pareto front of Pareto-optimal hash function parameters w.r.t. the security-performance trade-offs, and, when using the model, even without running any code. SPHGen and the model can be retargeted to different vector ISAs and languages; we consider AVX2, AVX512, AVX512_IFMA, and Jasmin as examples. We generate Jasmin code to ensure memory safety and constant-time execution. We report benchmarks showing that SPHGen offers significant performance improvements over the best previous non-vectorized code. In addition, for large messages, our automatically generated code offers speedups of up to 37% compared to the highly-optimized implementation of Poly1305 in OpenSSL, which is hand-coded in assembly.<\/jats:p>","DOI":"10.46586\/tches.v2026.i1.161-184","type":"journal-article","created":{"date-parts":[[2026,1,16]],"date-time":"2026-01-16T15:11:55Z","timestamp":1768576315000},"page":"161-184","source":"Crossref","is-referenced-by-count":0,"title":["SPHGen: A Program Generator for Fast Polynomial Hash Functions"],"prefix":"10.46586","volume":"2026","author":[{"given":"Tommaso","family":"Pegolotti","sequence":"first","affiliation":[]},{"given":"Jan","family":"Gilcher","sequence":"additional","affiliation":[]},{"given":"Kenneth G.","family":"Paterson","sequence":"additional","affiliation":[]},{"given":"Markus","family":"P\u00fcschel","sequence":"additional","affiliation":[]}],"member":"25480","published-online":{"date-parts":[[2026,1,16]]},"container-title":["IACR Transactions on Cryptographic Hardware and Embedded Systems"],"original-title":[],"link":[{"URL":"https:\/\/tches.iacr.org\/index.php\/TCHES\/article\/download\/12671\/12361","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/tches.iacr.org\/index.php\/TCHES\/article\/download\/12671\/12361","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,1,16]],"date-time":"2026-01-16T15:11:55Z","timestamp":1768576315000},"score":1,"resource":{"primary":{"URL":"https:\/\/tches.iacr.org\/index.php\/TCHES\/article\/view\/12671"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,1,16]]},"references-count":0,"journal-issue":{"issue":"1","published-online":{"date-parts":[[2026,1,16]]}},"URL":"https:\/\/doi.org\/10.46586\/tches.v2026.i1.161-184","relation":{},"ISSN":["2569-2925"],"issn-type":[{"value":"2569-2925","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026,1,16]]}}}