Greg Rose (ggr@qualcomm.com)
Mon, 29 Jun 1998 14:12:14 +1000
hyperreal-anon-remailer writes:
>Could anyone tell me the differences between these two hash standards?
The following code stolen (but reformatted) from Peter Gutmann's
"cryptlib" (http://www.cs.auckland.ac.nz/~pgut001/cryptlib.html).
#ifdef USE_SHA1
#define expand(W,i) ( W[ i & 15 ] = MASK32( ROTL( 1, \
( W[ i & 15 ] ^ \
W[ i - 14 & 15 ] ^ \
W[ i - 8 & 15 ] ^ \
W[ i - 3 & 15 ] ) ) ) )
#else
#define expand(W,i) ( W[ i & 15 ] ^= W[ i - 14 & 15 ] ^ \
W[ i - 8 & 15 ] ^ \
W[ i - 3 & 15 ] )
#endif /* USE_SHA1 */
The difference is that the left rotate (called a circular left shift in
FIPS 180-1, http://csrc.nist.gov/fips/fip180-1.txt), has been added to
the round function. There was no reason given for this change at the
time, but one assumes it is because the NSA found an attack on it,
perhaps similar to Dobbertin's attack on RC5. Nothing less than this
would really justify changing an issued standard. (While checking up on
this change, I noted that the original version of the standard is gone
from NIST's web site...)
Greg.
Greg Rose INTERNET: ggr@qualcomm.com
QUALCOMM Australia VOICE: +61-2-9181 4851 FAX: +61-2-9181 5470
Suite 410, Birkenhead Point http://people.qualcomm.com/ggr/
Drummoyne NSW 2047 B5 DF 66 95 89 68 1F C8 EF 29 FA 27 F2 2A 94 8F
The following archive was created by hippie-mail 7.98617-22 on Fri Aug 21 1998 - 17:19:11 ADT