[cryptography] 5x speedup for AES using SSE5?

Hovav Shacham hovav at cs.stanford.edu
Mon Aug 25 16:02:13 EDT 2008

On Aug 24, 2008, at 5:20 AM, Peter Gutmann wrote:

> Speaking of CPU-specific optimisations, I've seen a few algorithm  
> proposals
> from the last few years that assume that an algorithm can be scaled  
> linearly
> in the number of CPU cores, treating a multicore CPU as some kind  
> of SIMD
> engine with all cores operating in lock-step, or at least engaging  
> in some
> kind of rendezvous every couple of cycles (for example the recently- 
> discussed
> MD6 uses a round of 16 steps, if I read the description correctly)

My impressions from Ron's talk were different.  For multicore  
systems, the tree structure of the hash allows parallelism at a much  
higher granularity.  For hardware implementation, the feedback- 
register structure of the round function means that 16 steps can be  
computed in parallel.  I didn't get the sense that Ron intends for  
the second kind of parallelism to be used in software implementations.


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list