[131582] in cryptography@c2.net mail archive
Re: [cryptography] 5x speedup for AES using SSE5?
daemon@ATHENA.MIT.EDU (Hovav Shacham)
Mon Aug 25 17:51:38 2008
In-Reply-To: <20080825002050.ebioyd2s8c0gk8g0@webmail.cs.auckland.ac.nz>
From: Hovav Shacham <hovav@cs.stanford.edu>
Date: Mon, 25 Aug 2008 13:02:13 -0700
To: cryptography@metzdowd.com
On Aug 24, 2008, at 5:20 AM, Peter Gutmann wrote:
> Speaking of CPU-specific optimisations, I've seen a few algorithm
> proposals
> from the last few years that assume that an algorithm can be scaled
> linearly
> in the number of CPU cores, treating a multicore CPU as some kind
> of SIMD
> engine with all cores operating in lock-step, or at least engaging
> in some
> kind of rendezvous every couple of cycles (for example the recently-
> discussed
> MD6 uses a round of 16 steps, if I read the description correctly)
My impressions from Ron's talk were different. For multicore
systems, the tree structure of the hash allows parallelism at a much
higher granularity. For hardware implementation, the feedback-
register structure of the round function means that 16 steps can be
computed in parallel. I didn't get the sense that Ron intends for
the second kind of parallelism to be used in software implementations.
Hovav.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
