2008 Reports :  Cryptology ePrint Archive Forum
Discussion forum for Cryptology ePrint Archive reports posted in 2008. Please put the report number in the subject.  
Goto Thread: PreviousNext
Goto: Forum ListMessage ListNew TopicSearchLog In
Posted by: jungk (IP Logged)
Date: 21 January 2009 18:28

I found this interesting paper (http://eprint.iacr.org/2008/529.pdf), while trying to implement one of the SHA-3 candidates. In contrast to the presented implementation, my implementation will have the padding ability.

While I tried to figure out the workings of the described hardware interface, I came to the conclusion, that it's not possible to implement a working padding function.

Consider the following example:

- The world length is set to 32 bits
- The input to the hashing algorithm is of arbitrary length

There are two possibilites:

- The input is a multiple of 32 bits long
- The input is _not_ a multiple of 32 bits long

The padding function can work with input lengths, which are a multiple of 32 bits. If this is not the case, however, the padding function has no way of detecting the exact message length with the data provided by the proposed interface. Therefore the implementation is unable to pad the message.

Have I missed anything?

Edited 1 time(s). Last edit at 21-Jan-2009 18:28 by jungk.

Please log in for posting a message. Only registered users may post in this forum.