Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 02 Sep 2015 21:31:34 +0200
From: magnum <john.magnum@...hmail.com>
To: john-dev@...ts.openwall.com
Subject: Re: SHA-1 H()

On 2015-09-02 17:52, Solar Designer wrote:
> On Wed, Sep 02, 2015 at 06:20:25PM +0300, Solar Designer wrote:
>> SHA-1's H() aka F3() is the same as SHA-2's Maj()
>
> And it turns out that while we appear to be optimally using bitselect()
> or vcmov() for Maj(), the fallback expressions that we use vary across
> source files and are not always optimal:

Perhaps Ch() too:

#define Ch(x, y, z) (z ^ (x & (y ^ z)))
#define Ch(x, y, z) ((x & y) ^ ( (~x) & z))

This is 3 vs. 4 ops, right?

magnum

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.