Re: Salsa20 altivec timings
From: xmath (xmath.news_at_gmail.com)
Date: 09/28/05
- Next message: Unruh: "Re: How regularly is the GnuPG source code examined?"
- Previous message: tomstdenis_at_gmail.com: "Re: Salsa20 altivec timings"
- In reply to: tomstdenis_at_gmail.com: "Re: Salsa20 altivec timings"
- Next in thread: tomstdenis_at_gmail.com: "Re: Salsa20 altivec timings"
- Reply: tomstdenis_at_gmail.com: "Re: Salsa20 altivec timings"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 27 Sep 2005 17:10:27 -0700
tomstdenis@gmail.com wrote:
> xmath wrote:
> > It's interesting to note that, due to unavoidable data-dependencies, a
> > Salsa20 round must take at least 12 cycles, as absolute CPU-independent
> > minimum (unless it offers combined add-rotate, rotate-xor, or xor-add
> > instructions that execute in one cycle, something I've never seen in
> > any CPU).
>
> ARM offers add-rotate but not the others [it can xor-rotate but not
> rotate-xor].
Interesting, didn't know that :-)
(Of course, to be relevant in this context it also needs to be able to
do it on four 32-bit words in parallel in a single cycle, but still...)
-xmath
PS. in the same dir as the other files I've now also put a text file
with a detailed cycle-accurate simulation of the salsa20_xor function
being run in a loop on a 7450, in case anyone is interested
- Next message: Unruh: "Re: How regularly is the GnuPG source code examined?"
- Previous message: tomstdenis_at_gmail.com: "Re: Salsa20 altivec timings"
- In reply to: tomstdenis_at_gmail.com: "Re: Salsa20 altivec timings"
- Next in thread: tomstdenis_at_gmail.com: "Re: Salsa20 altivec timings"
- Reply: tomstdenis_at_gmail.com: "Re: Salsa20 altivec timings"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
