CLMUL

Carry-less multiplication (CLMUL) refers to a form of multiplication performed over the finite field GF(2), where binary operands are treated as polynomials and multiplication is done without carries. This yields a result that corresponds to polynomial multiplication, with up to twice the width of the operands in bits. CLMUL is designed for hardware acceleration and is used to speed up cryptographic and error-detection algorithms that rely on binary polynomial arithmetic.

In x86 processors, the primary instruction is PCLMULQDQ (carry-less multiply of 128-bit operands), producing a 256-bit

Applications include accelerating the GHASH component of AES-GCM, where efficient polynomial multiplication in GF(2^128) improves authentication

Software support for CLMUL is provided through compiler intrinsics and optimized libraries. Crypto libraries (for example,