How good are Davis-Meyer type hash functions made from block ciphers like AES?
in [Cryptography]
|
Prev: Call for Papers: The 2010 International Conference of Mechanical Engineering (ICME 2010)
Next: Call for Papers: The 2010 International Conference on Wireless Networks (ICWN'10), USA, July 2010
From: Greg Rose on 19 Feb 2010 01:16 In article <64405972-d765-4885-8826-96a3652c51ca(a)f15g2000yqe.googlegroups.com>, Adam Ierymenko <adam.ierymenko(a)gmail.com> wrote: >So to continue above, my pseudocode is now: > > byte digest[16] = { 0,0,... } > byte block[16] = { 0,0,... } > byte previous_digest[16] > integer block_counter = 0 > > ; digest message > for each byte b of message > block[block_counter] = block[block_counter] xor b > block_counter = block_counter + 1 > if block_counter == 16 then > block_counter = 0 > save digest[] in previous_digest[] > encrypt digest[] with aes-128 using block[] as 128-bit aes-128 >key > xor digest[] with previous_digest[] > end if > next Don't forget to clear "block" here. Greg. > ; do final block if there is remaining undigested data > if block_counter != 0 > save digest[] in previous_digest[] > encrypt digest[] with aes-128 using block[] as 128-bit aes-128 key > xor digest[] with previous_digest[] > end if > > ; Merkle-Damg�rd length padding > fill first 8 bytes of block[] with { 0x80,0x00,0x00,0x00,...,0x00 } > fill last 8 bytes of block[] w/64-bit bytes hashed in little-endian >order > save digest[] in previous_digest[] > encrypt digest[] with aes-128 using block[] as 128-bit aes-128 key > xor digest[] with previous_digest[] > > ; digest[] now contains message digest -- Greg Rose 232B EC8F 44C6 C853 D68F E107 E6BF CD2F 1081 A37C
From: Adam Ierymenko on 19 Feb 2010 13:17
So here's my latest pseudocode... byte digest[16] = { 0,0,... } byte block[16] = { 0,0,... } byte previous_digest[16] integer block_counter = 0 ; digest message for each byte b of message block[block_counter] = b block_counter = block_counter + 1 if block_counter == 16 then block_counter = 0 save digest[] in previous_digest[] encrypt digest[] with aes-128 using block[] as 128-bit aes-128 key xor digest[] with previous_digest[] end if next ; append end marker, do final block block[block_counter] = 0x80 block_counter = block_counter + 1 zero rest of block[] from block_counter to 15 save digest[] in previous_digest[] encrypt digest[] with aes-128 using block[] as 128-bit aes-128 key xor digest[] with previous_digest[] ; Merkle-Damgård length padding zero first 8 bytes of block[] fill last 8 bytes of block[] w/64-bit length in big-endian order save digest[] in previous_digest[] encrypt digest[] with aes-128 using block[] as 128-bit aes-128 key xor digest[] with previous_digest[] ; digest[] now contains message digest By the way, anyone else on the net is free to use this construct if they ever have a need for it. |