Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 29 May 2015 00:55:18 -0400
From: Alain Espinosa <alainesp@...ta.cu>
To: john-dev@...ts.openwall.com
Subject: RE: bitslice SHA-256



-------- Original message --------
From: Solar Designer <solar@...nwall.com> 
Date:05/28/2015 11:35 PM (GMT-05:00) 
To: john-dev@...ts.openwall.com 
Cc: 
Subject: [john-dev] bitslice SHA-256 

...Unless we find a way to reduce the instruction count, bitslicing SHA-256
on this architecture is not worthwhile.

To consider is that bitslice sha256 doesn't use shifts, so if they are expensive bitslice may be worthwhile.

The most expensive part in this implementation is the sum (5 instructions) with can be reduced in common architectures. In Neon we can reduce the carries calculation from 3 to 2 instructions (this is basically a MAJ function that can be implemented with a bitselect+xor). In AVX512 we can reduce the sum from 5 to 2 instructions with the generalized 3 operand boolean instruction.

Regards, 
Alain
Content of type "text/html" skipped

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ