[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: parallelism in a single instance of scrypt
- To: scrypt@tarsnap.com
- Subject: Re: parallelism in a single instance of scrypt
- From: Robert Ransom <rransom.8774@gmail.com>
- Date: Tue, 13 Apr 2010 19:23:47 -0700
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=date:from:to:subject:message-id:in-reply-to:references:x-mailer :mime-version:content-type:content-transfer-encoding; b=GOKauGgZpe5cAwqVDaitL+zjyaoIiT42nDsA0Y9MdCCJDhWANrOK8bIeR7I+NbhAOo OznifXjwJanb/BJxwVs/A3aO/RhJK8z2ipYs2XnoAxuZFpZJlyDmHPAEx8/oxTBAIuAd f+SLAy9OCGB8J2seI6Rv8TUpJABV1bNBJM8ZE=
- In-reply-to: <20100408133830.GA12952@openwall.com>
- Mailing-list: contact scrypt-help@tarsnap.com; run by ezmlm
- References: <20100408133830.GA12952@openwall.com>
On Thu, 8 Apr 2010 17:38:30 +0400
Solar Designer <solar@openwall.com> wrote:
> How much parallelism is there in a single instance of the scrypt key
> derivation function? I notice that you have an implementation for SSE2,
> which means 4x parallelism (right?), but can it be extended further -
> say, to use multiple CPU cores for a single scrypt computation?
I already mentioned p, but didn't say what it meant -- p is, roughly,
the number of separate instances of the scrypt mixing function used.
Each of these instances can be run in parallel. The paper describes p
more precisely.
> What is
> going to happen when x86-64 CPUs with AVX (256-bit vectors) hit the
> market - will it be possible to make optimal use of them? [snip]
Probably not. I just looked through the AVX instructions listed in
section B.1.26 of the NASM 2.07 manual, and I didn't see any integer
addition operations on 256-bit vectors.
Robert Ransom