This preview shows page 1. Sign up to view the full content.
Unformatted text preview: an be either Mi, H- 1, (Mi • Hi - 1), or a constant (assumed to be 0). H0 is some random initial value: IH. The message is divided up into block-size chunks, Mi, and processed individually. And there is some kind of MD-strengthening, perhaps the same padding procedure used in MD5 and SHA. Figure 18.8 General hash function where the hash length equals the block size. Previous Table of Contents Next Products | Contact Us | About Us | Privacy | Ad Info | Home Use of this site is subject to certain Terms & Conditions, Copyright © 1996-2000 EarthWeb Inc. All rights reserved. Reproduction whole or in part in any form or medium without express written permission of EarthWeb is prohibited. Read EarthWeb's privacy statement. To access the contents, click the chapter and section titles. Applied Cryptography, Second Edition: Protocols, Algorthms, and Source Code in C (cloth)
Brief Full Advanced Search Search Tips (Publisher: John Wiley & Sons, Inc.) Author(s): Bruce Schneier ISBN: 0471128457 Publication Date: 01/01/96 Search this book:
Go! Previous Table of Contents Next
----------- Table 18.1 Secure Hash Functions Where the Block Length Equals the Hash Size Hi = EHi- 1 (Mi) • Mi Hi = EHi - 1(Mi • Hi- 1 ) • Mi • Hi- 1 Hi = EHi- 1(Mi) • Hi- 1 • Mi Hi = EHi- 1(Mi • Hi- 1) • Mi Hi = EMi(Hi - 1) • Hi- 1 Hi = EMi(Mi • Hi - 1 ) • Mi • Hi - 1 Hi = EMi(Hi - 1 ) • Mi • Hi - 1 Hi = EMi(Mi • Hi- 1) • Hi- 1 Hi = EMi• Hi- 1(Mi) • Mi Hi = EMi• Hi- 1(Hi- 1) • Hi- 1 Hi = EMi• Hi- 1(Mi ) • Hi- 1 Hi = EMi• Hi- 1(Hi- 1 ) • Mi The three different variables can take on one of four possible values, so there are 64 total schemes of this type. Bart Preneel studied them all . Fifteen are trivially weak because the result does not depend on one of the inputs. Thirty-seven are insecure for more subtle reasons. Table 18.1 lists the 12 secure schemes remaining: The first 4 are secure against all attacks (see Figure 18.9) and the last 8 are secure against all but a fixed-point attack, which is not really worth worr...
View Full Document
This note was uploaded on 10/18/2010 for the course MATH CS 301 taught by Professor Aliulger during the Fall '10 term at Koç University.
- Fall '10