Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 14 Aug 2015 11:02:28 +0800
From: Lei Zhang <>
Subject: Re: Formats using non-SIMD SHA2 implementations

> On Aug 13, 2015, at 5:57 AM, JimF <> wrote:
> On Wed, 12 Aug 2015 16:42:24 -0500, magnum <> wrote:
>> On 2015-08-12 15:26, Lei Zhang wrote:
>>> Now I just finished episerver. I took a close look at the rest of the
>> ...
>>> - In clipperz, the salt has a maximum length of 128 byte, which is beyond the size of a single input block for SHA256. I've seen flags like SSEi_2BUF_INPUT and SSEi_4BUF_INPUT. I guess I'll have to quadruple the size the vector buffer to accommodate the salt ?
>> Either that, or do it like in SAP G format (but that code is unreadable). I never used SSEi_2/4BUF_INPUT but I'm sure Jim can provide help if you get stuck.
> Clipperz was never done, because the hashing crypts are such a small part of the overall runtime. I did look at this a little this morning, and it appears that the hashing code may be up to 10% of the runtime.  Most of the time is spent in the expmod, and that is not going to be optimized a whole lot better than with GMP.  So I never deemed the ROI on put SIMD into the clean and easy to read code as being a priority.

I got your point. I'll lower the priority of tackling this format then.

> One key thing to keep in mind, is that having a mix of 1 and 2 limb crypts is not good.  I do not know if this format could run into that situation, but likely it can.

(sorry for my poor English) What do you mean by 'limb'? Do you mean each 512-bit data block?


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.