LibreMail

Grant SchultzOn 1/29/2019 11:00 AM, Peter Gutman wrote: > MerdeMerdeHash uses the slowest and most unpredictable data-manipulation > instructions available, combined with en 30/01/2019

Grant Schultz <gschultz@kc.rr.com> to cryptography@metzdowd.com 30/01/2019

On 1/29/2019 11:00 AM, Peter Gutman wrote: > MerdeMerdeHash uses the slowest and most unpredictable data-manipulation > instructions available, combined with endless data dependencies and pipeline > stalls. Regrettably, there is no NIST competition for you to enter this excellent algorithm into. Grant Schultz _______________________________________________ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography

Christian HuitemaOn 1/29/2019 4:57 PM, Grant Schultz wrote: > On 1/29/2019 11:00 AM, Peter Gutman wrote: >> MerdeMerdeHash uses the slowest and most unpredictable data-manipulat 31/01/2019

Christian Huitema <huitema@huitema.net> to Grant Schultz, cryptography@metzdowd.com, Peter Gutmann 31/01/2019

On 1/29/2019 4:57 PM, Grant Schultz wrote: > On 1/29/2019 11:00 AM, Peter Gutman wrote: >> MerdeMerdeHash uses the slowest and most unpredictable data-manipulation >> instructions available, combined with endless data dependencies and >> pipeline >> stalls. > > Regrettably, there is no NIST competition for you to enter this > excellent algorithm into. Peter, your implementation being slow is one thing. But do you have a proof that some smart implementation would not be able to fling the merde much faster, and land on the same shit by a shorter path? -- Christian Huitema _______________________________________________ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography

Peter GutmannChristian Huitema writes: >Peter, your implementation being slow is one thing. But do you have a proof >that some smart implementation would not be able to fl 31/01/2019

Peter Gutmann <pgut001@cs.auckland.ac.nz> to Christian Huitema, Grant Schultz, cryptography@metzdowd.com 31/01/2019

Christian Huitema <huitema@huitema.net> writes: >Peter, your implementation being slow is one thing. But do you have a proof >that some smart implementation would not be able to fling the merde much >faster, and land on the same shit by a shorter path? https://godbolt.org, no current compiler can optimise it away, and that's by design since the final computed value is returned to the caller so there's no short-circuit eval possible. What is theoretically possible is that a hypothetical future compiler that does cross-module interprocedural dataflow analysis might be able to see that the computed value isn't used anywhere, but I'm not aware of anything like that. Worst-case is you just need to store the result in a static var and feed it, or part of it, as input back into the next invocation. Peter. _______________________________________________ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography

LibreMail

Re: [Cryptography] the world's worst hash function Crypto

Move Messages

Apply Labels