mjosaarinen

//  sumhash0.go
//  2022-06-18  Markku-Juhani O. saarinen <mjos@mjos.fi>

//  === A sumhash-512 with 110 leading zero bits (from left)

/*
input = AA4F827EE71BF78B816E767A24B271AD046A3C52DA8B25EAB2D59A86C8B93F02FB73184B74A5F8F227FD1500000000
H(x) = 000000000000000000000000000385D978E7FF3D3239DB4F1C357EA40940EAB592F34AEC646DED668859B622341566A838B566490E2AC71DBA89B067E647FC31
*/

mjosaarinen

#!/usr/bin/env python3

#   tslider.py
#   2021-08-02  Markku-Juhani O. Saarinen <mjos@pqshield.com>
#   Free to play with!

#   === Welch T test sliders (for teaching TVLA statistics)

#   Welch T-Test ("TVLA") Sliders with Python 3 matplotlib. The thick lines
#   are the distributions of averages of N Gaussian variables, which are

mjosaarinen

Markku-Juhani O. Saarinen <mjos@pqshield.com>
	
Apr 11, 2021, 9:32 PM (2 days ago)
	
to Tech-crypto-ext@lists.riscv.org, tech-bitmanip@lists.riscv.org.

Hello Bitmanip and Krypto,

A colleague asked: "Why CMOV is not on the constant-time Zkt list -- the Bitmanip specification says that it is helpful for cryptography?" https://github.com/rvkrypto/riscv-zkt-list

mjosaarinen

DRAFT of 2020 May 28 Markku-Juhani O. Saarinen <mjos@pqshield.com>

On RISC-V Logic Optimization for Cryptography

Many cryptographic functions require computation of Boolean functions from n bits to m bits. Sometimes these functions are large enough to have been traditionally implemented with table lookups, but timing side-channel considerations force their implementation in a bit-sliced manner.

mjosaarinen

Keybase proof

I hereby claim:

• I am mjosaarinen on github.
• I am mjos (https://keybase.io/mjos) on keybase.
• I have a public key whose fingerprint is 143F 245C 066C E2D9 8379 E287 C285 8B1B 5517 1BD5

To claim this, I am signing this object: