Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 31 Jan 2011 22:41:49 +0000
From: Freddie Witherden <>
Subject: Re: FreeBSD crypt() / MD5-crypt implementation question

On 31/01/11 22:04, Simon Marechal wrote:
> Le 31/01/2011 16:32, Freddie Witherden a écrit :
>> implementation is not ideal (I am reasonably confident that you can get
>> 20% out of it without too much work) it does perform better than the
> That would be quite a nice improvement. The MD5 body function is pretty
> tight (performs like barswf, and I know nothing that is faster), but the
> "dispatch" part is far from optimal. According to my last profiling it
> only accounted for 15% of the processing time. I'm not sure where the
> low hanging fruits are in this patch ...

Interesting, as I've found it to perform quite a bit worse than BarsWF.
 In the MD5 code I've been poking about with (which is--essentially--the
same as that in JtR) around ~4% can be gained from 0 input optimisation
for inputs less than 224-bits.  This is similar to what BarsWF does,
although far less aggressive, given that MD5 crypt strings tend to be

I've also had some luck changing the definitions of the F and G
functions from their xor forms to their andnot forms.  (Although this is
quite likely to be dependant on the individual instruction latencies.)

While I have not really toyed with the dispatch function I gleefully
assumed after a cursory glance that with a bit of TLC a good few percent
could be squeezed out of it.  Perhaps I was being a bit too optimistic.

Polemically yours, Freddie.

Download attachment "signature.asc" of type "application/pgp-signature" (199 bytes)

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.