MHash-384 development repository
Revision | 912e018356728b0a77dacdcbb3f428855c37254f (tree) |
---|---|
Zeit | 2020-04-28 05:53:06 |
Autor | LoRd_MuldeR <mulder2@gmx....> |
Commiter | LoRd_MuldeR |
Updated README file.
@@ -519,7 +519,7 @@ Just follow the basic **MSYS2** setup procedure, as described on the [official w | ||
519 | 519 | |
520 | 520 | # Algorithm Description |
521 | 521 | |
522 | -This section contains a *pseudo-code* description of the **MHash-384** algorithm: | |
522 | +This section contains a complete *pseudo-code* description of the **MHash-384** algorithm: | |
523 | 523 | |
524 | 524 | ## Constants |
525 | 525 |
@@ -536,6 +536,10 @@ Pre-defined constants for MHash-384 computation: | ||
536 | 536 | |
537 | 537 | ***Note:*** The lookup tables **`MHASH384_XOR`** and **`MHASH384_ADD`** have been pre-computed in such a way that each of the 257 rows (each with a size of 48 Bytes) has a [hamming distance](https://en.wikipedia.org/wiki/Hamming_distance) of *at least* 182 bits to *any* other row. This ensures that, for each possible value an input byte can take, a *different* set of state bits will be "flipped" by the XOR (exclusive or) operation. |
538 | 538 | |
539 | +The table **`MHASH384_INI`** contains the first 384 bits of the number [π](https://en.wikipedia.org/wiki/Pi). The tables **`MHASH384_XOR`**, **`MHASH384_MIX`** and **`MHASH384_FIN`** have been created using the generator programs provided in the *`etc/gentable_XOR`*, *`etc/gentable_MIX`* and *`etc/gentable_FIN`* directory, respectively, to ensure the desired properties. And the table **`MHASH384_ADD`** has been generated using the same program as the **`MHASH384_XOR`** table; both tables have been generated completely independently. Please refer to the source code file *`src/mhash384.cpp`* for a full listing of the "official" pre-computed MHash-384 tables. | |
540 | + | |
541 | +You ***may*** generate your own "nothing-up-my-sleeve" MHash-384 tables using the provided generator programs. This way you can be 100% sure that there are **no** secret hidden properties in these tables. Generating your own tables is going to take a long time, but only needs to be done once. However, be aware that such a "custom" variant of the MHash-384 function will **not** produce the same hash values as the "official" release version – and therefore will **not** match the "official" test vectors. | |
542 | + | |
539 | 543 | ## State |
540 | 544 | |
541 | 545 | The state of an ongoing MHash-384 computation: |
@@ -560,7 +564,7 @@ Update the MHash-384 state with the next *N* input (message) bytes: | ||
560 | 564 | input: |
561 | 565 | message: array[0..N-1] of Byte |
562 | 566 | for each Byte b in message do |
563 | - _MHash364_Iterate(MHASH384_XOR[b], MHASH384_ADD[b], MHASH384_MIX[rnd]) | |
567 | + MHash384_Iterate(MHASH384_XOR[b], MHASH384_ADD[b], MHASH384_MIX[rnd]) | |
564 | 568 | state.rnd ← (state.rnd + 1) mod 256 |
565 | 569 | |
566 | 570 | ***Note:*** This routine can be invoked multiple times in order to process in the input message in "chunks" of arbitrary size. |
@@ -569,22 +573,24 @@ Update the MHash-384 state with the next *N* input (message) bytes: | ||
569 | 573 | |
570 | 574 | Compute the final hash value (digest), once all input has been processed: |
571 | 575 | |
572 | - procedure MHash384_Update | |
576 | + procedure MHash384_Finalize | |
573 | 577 | var: |
574 | 578 | previous: UInt16 |
575 | 579 | output: |
576 | 580 | digest: array[0..MHASH384_SIZE-1] of Byte |
577 | 581 | previous ← 256; |
578 | 582 | for i = 0 to HASH384_SIZE-1 do |
579 | - _MHash364_Iterate(MHASH384_XOR[previous], MHASH384_ADD[previous], MHASH384_MIX[rnd]) | |
583 | + MHash384_Iterate(MHASH384_XOR[previous], MHASH384_ADD[previous], MHASH384_MIX[rnd]) | |
580 | 584 | state.rnd ← (state.rnd + 1) mod 256 |
581 | - previous ← (digest[i] ← _MHash384_GetByte(MHASH384_FIN[i])) | |
585 | + previous ← (digest[i] ← MHash384_GetByte(MHASH384_FIN[i])) | |
586 | + | |
587 | +***Note:*** After this method has been invoked, the state is "undefined" and needs to be re-initialized for further computation. | |
582 | 588 | |
583 | 589 | ## Iteration Routine |
584 | 590 | |
585 | 591 | Internal processing routine, used by the "update" and "finalization" routines: |
586 | 592 | |
587 | - procedure _MHash364_Iterate | |
593 | + procedure MHash384_Iterate | |
588 | 594 | var: |
589 | 595 | temp: array[0..MHASH384_WORDS-1] of UInt64 |
590 | 596 | input: |
@@ -599,9 +605,9 @@ Internal processing routine, used by the "update" and "finalization" routines: | ||
599 | 605 | |
600 | 606 | ## Extract Byte |
601 | 607 | |
602 | -Internal routine to extract a specific byte from the current state: | |
608 | +Auxiliary routine to extract a specific byte from the current state: | |
603 | 609 | |
604 | - procedure _MHash384_GetByte | |
610 | + procedure MHash384_GetByte | |
605 | 611 | input: |
606 | 612 | index: Byte |
607 | 613 | output: |