lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 17 Sep 2014 11:36:57 -0500 (CDT)
From: Steve Thomas <>
Subject: Re: [PHC] omegacrypt and timing

> On September 17, 2014 at 4:30 AM Bill Cox <> wrote:
> However, AntCrypt, OmegaCrypt, and Schvrch all tried to introduce data
> based branching for GPU defense, and "cyclomatic complexity". I am
> not sure we've seen this idea implemented well yet, and data-based
> branching has been considered a no-no for years apparently. However,
> when 3 authors all invent the same thing, I think we should take a
> closer look.

Adobe did this for encrypting PDFs
This is why we see these submissions.

P.S. Schvrch is not in this category. As it is not an actual branch. In x86 SIMD
you do a compare then xor (compare sets it to all 1s or all 0s). With GPUs, they
would set a conditional variable (compare) then conditionally run bitwise invert
(one instruction). Note that a branch in x86 takes two instructions compare and
conditional jump. Both SIMD and GPUs use two instructions with neither being a

Powered by blists - more mailing lists