lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <7664296.GXAFRqVoOG@diego>
Date:   Thu, 27 Apr 2023 01:20:31 +0200
From:   Heiko Stübner <heiko@...ech.de>
To:     Eric Biggers <ebiggers@...nel.org>
Cc:     palmer@...belt.com, paul.walmsley@...ive.com,
        aou@...s.berkeley.edu, herbert@...dor.apana.org.au,
        davem@...emloft.net, conor.dooley@...rochip.com,
        linux-riscv@...ts.infradead.org, linux-kernel@...r.kernel.org,
        linux-crypto@...r.kernel.org, christoph.muellner@...ll.eu
Subject: Re: [PATCH v4 0/4] Implement GCM ghash using Zbc and Zbkb extensions

Hi Eric,

Am Donnerstag, 27. April 2023, 00:55:50 CEST schrieb Eric Biggers:
> On Wed, Mar 29, 2023 at 04:06:38PM +0200, Heiko Stuebner wrote:
> > From: Heiko Stuebner <heiko.stuebner@...ll.eu>
> > 
> > This was originally part of my vector crypto series, but was part
> > of a separate openssl merge request implementing GCM ghash as using
> > non-vector extensions.
> > 
> > As that pull-request
> >     https://github.com/openssl/openssl/pull/20078
> > got merged recently into openssl, we could also check if this could
> > go into the kernel as well and provide a base for further accelerated
> > cryptographic support.
> 
> One more question.  It seems that this patchset uses the RISC-V scalar crypto
> extensions.  I've been hearing rumors that the RISC-V scalar crypto extensions
> have been superseded by the vector crypto extensions.  Is that accurate?  I
> wonder if it's worth putting effort into implementations that use the scalar
> crypto extensions when they might already be obsolete.

Yes there are the vector crypto extensions - still deep in the
ratification process.

And of course the RISC-V speciality, all extensions are separate
entities that core manufacturers can select at will.

And I guess the whole vector extension + vector-crypto extensions
might require more investment for manufacturers, where the variants
introduced here also "just" work with bitmanip instructions (Zbb + Zbc
extensions).


But for me, this small bit of scalar crypto is also sort of a stepping
stone :-). Previous versions [0] already included patches using the
vector crypto extensions too, I just split that into a separate thing,
as _this_ series actually uses ratified extensions :-)


Heiko



[0] https://lore.kernel.org/lkml/20230313191302.580787-12-heiko.stuebner@vrull.eu/T/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ