Crypto: Have scrypt use the vectorized Salsa impl

ziglang / zig

General-purpose programming language and toolchain for maintaining robust, optimal, and reusable software.

https://ziglang.org

MIT License

33.6k stars 2.46k forks source link

Crypto: Have scrypt use the vectorized Salsa impl #15045

Open The-King-of-Toasters opened 1 year ago

The-King-of-Toasters commented 1 year ago

The current scrypt implementation uses an 8-round variant of the non-vectorized Salsa cipher that already exists. Since the Salsa impls can take a rounds parameter, there should be a way to export an eight round cipher for the scrypt impl to use.

I've tried attempting this in the past and given up since the different salsa impls aren't an exact match in functionality.

jedisct1 commented 1 year ago

Yes, reduced-round Salsa was added specifically for this.

In scrypt, Salsa is applied to individual blocks, so I think one way to share code with salsa20 would be to:

Add hashFromBytes() (to complement hashToBytes)
In scrypt blockmix function, use hashFromBytes(), followed by salsaCore, and hashToBytes().