[noise] Specifying Blake2sp / Blake2bp
Jason A. Donenfeld
Jason at zx2c4.com
Mon May 1 12:54:13 PDT 2017
I was looking at Samuel's (CC'd) AVX2 optimized implementations of
Blake2  and noticed there wasn't any implementation for Blake2s.
Samuel explained to me that blake2s and blake2b don't naturally
parallelize, which is why the blake2sp and blake2bp variants exist;
these nicely parallelize, so fast implementations are possible. Given
that Noise is pretty hash-heavy, we have good reason to be interested
in fast hash functions. A few questions:
- Should we add the blake2sp and blake2bp variants to the spec? If not, why?
- Are our hash payload lengths sufficient to actually benefit from the
parallelism offered by the parallel variants?
More information about the Noise