Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 04 Jun 2015 16:22:22 +0200
From: magnum <john.magnum@...hmail.com>
To: john-dev@...ts.openwall.com
Subject: Re: Interleaving of intrinsics

On 2015-06-02 13:01, Solar Designer wrote:
> Would it be reasonable for us to try my usual approach, with separate
> variables at the outer scope (inside the hashing function, but not
> inside the individual steps)?  And if those are in fact separate
> variables rather than array elements, this implies manual or cpp level
> loop unrolling.

I tried this out with MD5 and SHA256 in a topic branch. It doesn't seem 
to make any difference compared to loops and arrays.

https://github.com/magnumripper/JohnTheRipper/commit/1ccc69541fef79c0f20f3143a2fcf3bedac55d30

Also, other tests (before that) indicate per-line loops vs. block loops 
for interleaving does not make any difference either, at least not for 
gcc. Perhaps it does for icc (as tested on super), but all results are 
so fluctuating and inconclusive I just get more confused the more I 
test. Perhaps turbo boost and stuff are playing up.

Perhaps Lei can make some conclusions from generated asm code. I think 
that's the only way of telling what actually happens.

Maybe we under-estimate the compilers. I'm starting to think MD4 and MD5 
interleaves fine poorly coded or not, while SHA1/SHA2 formats simply 
does not interleave well regardless of coding. If that's the case it 
would be a relief in a way: We could just keep the readable and 
straight-forward code...

magnum

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ