Hovav Shacham
Mon, 25 Aug 2008 14:51:47 -0700
On Aug 24, 2008, at 5:20 AM, Peter Gutmann wrote:
Speaking of CPU-specific optimisations, I've seen a few algorithm proposals from the last few years that assume that an algorithm can be scaled linearly in the number of CPU cores, treating a multicore CPU as some kind of SIMD engine with all cores operating in lock-step, or at least engaging in some kind of rendezvous every couple of cycles (for example the recently- discussedMD6 uses a round of 16 steps, if I read the description correctly)
My impressions from Ron's talk were different. For multicore systems, the tree structure of the hash allows parallelism at a much higher granularity. For hardware implementation, the feedback- register structure of the round function means that 16 steps can be computed in parallel. I didn't get the sense that Ron intends for the second kind of parallelism to be used in software implementations.
Hovav. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]