Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20120116195702.GA21163@openwall.com>
Date: Mon, 16 Jan 2012 23:57:02 +0400
From: Solar Designer <solar@...nwall.com>
To: john-dev@...ts.openwall.com
Subject: SHA-256 and SHA-512 implementations (was: Jumbo future)

On Sun, Jan 15, 2012 at 07:03:14PM +0400, Solar Designer wrote:
> OpenSSL appears to make some use of MMX/SSE2 instructions for SHA-512
> when running in 32-bit mode, but it only runs one instance of SHA-512 at
> a time, so it does not use SIMD for real:
> 
> http://cvs.openssl.org/dir?d=openssl/crypto/sha/asm

Crypto++ appears to have similar code to OpenSSL's:

http://www.cryptopp.com

also computing just one instance of the hash, yet making use of SSE2.
I think they do it to access 64-bit integer operations (needed for
SHA-512) from 32-bit mode.  As to why SSE2 and not just MMX, I think
that's because MMX lacks 64-bit addition (it can only do two 32-bit
additions in parallel, but not one 64-bit).

A difference from OpenSSL is that Crypto++'s individual pieces of code
(as opposed to the library as a whole) are in the public domain - so we
may start hacking from their SHA-2 code if we like to.

Since we need a true SIMD implementation, starting from scratch might
be a better way to go, though.

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.