constant-time icon indicating copy to clipboard operation
constant-time copied to clipboard
verified publisher icon WebAssembly

Add a secret type mirroring v128

Open CountBleck opened this issue 3 years ago • 4 comments

A secret analog of v128 could perhaps be used for faster SIMD implementations of cryptographic primitives. Therefore, it might be a good idea to add one. Like the existing secret types, only a subset of the existing v128 instructions should be added for the secret variant.

CountBleck avatar Dec 04 '22 11:12 CountBleck

Yep! Will try to update the spec in the next couple of weeks and add this to it.

deian avatar Dec 20 '22 00:12 deian

Are there constant time SIMD instructions in hardware? If not, constant time SIMD operations would have to be implemented in software and there would be no benefit to having a secret v128 type, IIUC.

tlively avatar Dec 20 '22 15:12 tlively

It looks to me like Intel's list of instructions with data-independent timing includes some vector integer operations.

hovav avatar Dec 20 '22 16:12 hovav

ARM's list contains SIMD instructions as well! :-)

garrettgu10 avatar Dec 20 '22 16:12 garrettgu10