On 31-07-2015 22:03, Viktor Dukhovni wrote:
Is finding sufficiently large factors a tractable problem?
p-1 will usually have a large prime factor. But for q-1 to have the same prime
factor is highly unlikely. The
probability that GCD(n1, n2) = d for random n1, n2 is 6/(d^2 pi^2). For
RSA-1024
On 21-06-2015 18:10, Salz, Rich wrote:
The big thing is avoid data-dependant jumps. For example, memcmp() always
runs the full length, almost any if statement needs careful scrutiny, and
so on.
Case in point:
On 11-06-2015 00:36, Bill Cox wrote:
Samuel Neves' SSE version is the one we all played with in the Password
Hashing Competition. The speed is amazing. Is there a faster version
available now? Which version should we integrate into OpenSSL?
The problem with my implementation
seem to be pretty good at recognizing
and generating the arithmetic shift anyway, where available.
From 5e78c9653bb473e9ad3ac015b755f08750b9a651 Mon Sep 17 00:00:00 2001
From: Samuel Neves sne...@dei.uc.pt
Date: Sat, 4 Oct 2014 00:13:36 +0100
Subject: [PATCH] Use only unsigned arithmetic