lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 08 Sep 2014 09:40:49 -0400
From: Bill Cox <waywardgeek@...hershed.org>
To: discussions@...sword-hashing.net
Subject: Re: [PHC] A review per day - Lyra2

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Based on Alexander's feedback, I now have two tweaks I feel are fairly
important for Lyra2:

- - Add unpredictable small reads in the inner loop of reducedDuplexRow
- - Add multi-threading with data sharing of some sort between threads

I looked more closely at the SSE implementation of the Blake2b reduced
round.  It does 4 adds and 4 XORs in series.  This is doable in either
1 or 2 clocks at a full heavily pipelined ASIC speed.  With
unpredictable L1 cache reads, I would have to add another clock,
increasing the delay by from somewhere between 50% to 100%.

Since the reads and writes are all currently sequential within the
block, they can be fully pipelined easily, meaning that all three
inputs are available when needed directly from flip-flops, without any
L1 cache latency at all.

The multi-threading is needed to fill up the available external memory
bandwidth, among other things.

Doing 1 scalar multiply running in parallel with the Blake2b round
might improve compute-time hardness.  A 32x32->64 will likely take 3
clocks.  With both enhancements, ASIC defense when not external
bandwidth limited should increase from 1-2 clocks per inner loop to
about 4 clocks, assuming we're running at heavily pipelined speeds
like we do in my Ivy Bridge CPU.

Bill
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJUDbHdAAoJEAcQZQdOpZUZo6wP/jlGzTDcK+Iye2vBEr99q3ri
69zfqJDOPYerEaeRRlM3EJEhstviiFHdU6EQEHOGvtpYiya0PYFEJqJ9qbeXnSct
b3/yDG3qcU6EZ5piQkn0vqpwWnI5MYmFqycDT6N0dTVSm+FTP+mTMxQD3Jd6+ew8
oy+oXmAPNnqsYkXkrRxDlFMBFnZ8/CvN1thN6fVyrpnxJkNbf/D42r3y4qJ8jT56
nSsZVmBTsBRwM7h7zpQhyBdMTFQFNpy66YphUf32cISyinPpDruJ6RS67BWFOX0S
CJWeqz0qlGTZwBZoAlzuxXNiiIfiQ9kfkEKqyfq9WgQxo5ZrBdStp6aC/zlvH81x
bJRiRC0FgPqyvpm0jDukhYlY/cGSUP4Z7hBt7mrBq/Xk5hpwhxyJi6DIBjubri8/
UNHuSnTrJbB8W4g2wI4AbH62IAEzuQDbyh9k90cFApFEttTw8CjvAZJXZWLFIkTW
BRhxzQlubXF029CuBjRZdaEWpdY2JQqDwSfnigLRf4SUzYjeyn7jwUI7iVDfvsde
EQ2K+LqOV+dx5ko5jCNKUDJv4/vmnQXYU2znxdmNBcZ0/ftP3QPwlqPwjYsYmRCW
qDVA+h+d2U6/pVvM0o7myPkopaws+V97tw1/IjywYNNZg6Ndl5T2HKlYx/QxXVQK
Wh9B0KMIZcdIXhkQs4u7
=33NH
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists