| Revision | 912e018356728b0a77dacdcbb3f428855c37254f (tree) |
|---|---|
| Zeit | 2020-04-28 05:53:06 |
| Autor |  LoRd_MuldeR <mulder2@gmx....> |
| Commiter | LoRd_MuldeR |
Updated README file.
| @@ -519,7 +519,7 @@ Just follow the basic **MSYS2** setup procedure, as described on the [official w | ||
| 519 | 519 | |
| 520 | 520 | # Algorithm Description |
| 521 | 521 | |
| 522 | -This section contains a *pseudo-code* description of the **MHash-384** algorithm: | |
| 522 | +This section contains a complete *pseudo-code* description of the **MHash-384** algorithm: | |
| 523 | 523 | |
| 524 | 524 | ## Constants |
| 525 | 525 |
| @@ -536,6 +536,10 @@ Pre-defined constants for MHash-384 computation: | ||
| 536 | 536 | |
| 537 | 537 | ***Note:*** The lookup tables **`MHASH384_XOR`** and **`MHASH384_ADD`** have been pre-computed in such a way that each of the 257 rows (each with a size of 48 Bytes) has a [hamming distance](https://en.wikipedia.org/wiki/Hamming_distance) of *at least* 182 bits to *any* other row. This ensures that, for each possible value an input byte can take, a *different* set of state bits will be "flipped" by the XOR (exclusive or) operation. |
| 538 | 538 | |
| 539 | +The table **`MHASH384_INI`** contains the first 384 bits of the number [π](https://en.wikipedia.org/wiki/Pi). The tables **`MHASH384_XOR`**, **`MHASH384_MIX`** and **`MHASH384_FIN`** have been created using the generator programs provided in the *`etc/gentable_XOR`*, *`etc/gentable_MIX`* and *`etc/gentable_FIN`* directory, respectively, to ensure the desired properties. And the table **`MHASH384_ADD`** has been generated using the same program as the **`MHASH384_XOR`** table; both tables have been generated completely independently. Please refer to the source code file *`src/mhash384.cpp`* for a full listing of the "official" pre-computed MHash-384 tables. | |
| 540 | + | |
| 541 | +You ***may*** generate your own "nothing-up-my-sleeve" MHash-384 tables using the provided generator programs. This way you can be 100% sure that there are **no** secret hidden properties in these tables. Generating your own tables is going to take a long time, but only needs to be done once. However, be aware that such a "custom" variant of the MHash-384 function will **not** produce the same hash values as the "official" release version – and therefore will **not** match the "official" test vectors. | |
| 542 | + | |
| 539 | 543 | ## State |
| 540 | 544 | |
| 541 | 545 | The state of an ongoing MHash-384 computation: |
| @@ -560,7 +564,7 @@ Update the MHash-384 state with the next *N* input (message) bytes: | ||
| 560 | 564 | input: |
| 561 | 565 | message: array[0..N-1] of Byte |
| 562 | 566 | for each Byte b in message do |
| 563 | - _MHash364_Iterate(MHASH384_XOR[b], MHASH384_ADD[b], MHASH384_MIX[rnd]) | |
| 567 | + MHash384_Iterate(MHASH384_XOR[b], MHASH384_ADD[b], MHASH384_MIX[rnd]) | |
| 564 | 568 | state.rnd ← (state.rnd + 1) mod 256 |
| 565 | 569 | |
| 566 | 570 | ***Note:*** This routine can be invoked multiple times in order to process in the input message in "chunks" of arbitrary size. |
| @@ -569,22 +573,24 @@ Update the MHash-384 state with the next *N* input (message) bytes: | ||
| 569 | 573 | |
| 570 | 574 | Compute the final hash value (digest), once all input has been processed: |
| 571 | 575 | |
| 572 | - procedure MHash384_Update | |
| 576 | + procedure MHash384_Finalize | |
| 573 | 577 | var: |
| 574 | 578 | previous: UInt16 |
| 575 | 579 | output: |
| 576 | 580 | digest: array[0..MHASH384_SIZE-1] of Byte |
| 577 | 581 | previous ← 256; |
| 578 | 582 | for i = 0 to HASH384_SIZE-1 do |
| 579 | - _MHash364_Iterate(MHASH384_XOR[previous], MHASH384_ADD[previous], MHASH384_MIX[rnd]) | |
| 583 | + MHash384_Iterate(MHASH384_XOR[previous], MHASH384_ADD[previous], MHASH384_MIX[rnd]) | |
| 580 | 584 | state.rnd ← (state.rnd + 1) mod 256 |
| 581 | - previous ← (digest[i] ← _MHash384_GetByte(MHASH384_FIN[i])) | |
| 585 | + previous ← (digest[i] ← MHash384_GetByte(MHASH384_FIN[i])) | |
| 586 | + | |
| 587 | +***Note:*** After this method has been invoked, the state is "undefined" and needs to be re-initialized for further computation. | |
| 582 | 588 | |
| 583 | 589 | ## Iteration Routine |
| 584 | 590 | |
| 585 | 591 | Internal processing routine, used by the "update" and "finalization" routines: |
| 586 | 592 | |
| 587 | - procedure _MHash364_Iterate | |
| 593 | + procedure MHash384_Iterate | |
| 588 | 594 | var: |
| 589 | 595 | temp: array[0..MHASH384_WORDS-1] of UInt64 |
| 590 | 596 | input: |
| @@ -599,9 +605,9 @@ Internal processing routine, used by the "update" and "finalization" routines: | ||
| 599 | 605 | |
| 600 | 606 | ## Extract Byte |
| 601 | 607 | |
| 602 | -Internal routine to extract a specific byte from the current state: | |
| 608 | +Auxiliary routine to extract a specific byte from the current state: | |
| 603 | 609 | |
| 604 | - procedure _MHash384_GetByte | |
| 610 | + procedure MHash384_GetByte | |
| 605 | 611 | input: |
| 606 | 612 | index: Byte |
| 607 | 613 | output: |
MHash-384
Fork
README.md