[cryptography] New bit-fiddling instructions in Intel's Haswell

Jack Lloyd lloyd at randombit.net
Tue Jun 14 08:13:31 EDT 2011

Intel has publicly described the new instructions that will be
available in Haswell (their 22nm chip with ETA 2013). It will include
integer AVX, and some interesting new bit fiddling instructions for
GPRs, including bit-level gather/scatter instructions (pext/pdep),
and an unsigned multiply instruction that doesn't set flags which
seems intended for modexp.

I suspect there are some interesting possibilities with
pext/pdep. While it's about 15 years too late to matter, a table-less
DES running entirely in registers seems possible. And last year I
played around with a Serpent implementation using pshufb for the 4-bit
sboxes, but couldn't find a way of doing the linear transformation
quickly; doing the sboxes in the xmm registers and the linear
operation in GPRs with these might work out, though.

Anyone see other ways to use the new instructions in interesting ways,
cryptographically speaking?

The instruction reference (PDF) is posted on their formum:


More information about the cryptography mailing list