CN101399667A - Step function device and message spreading method for generating fast safe Hash function - Google Patents

Step function device and message spreading method for generating fast safe Hash function Download PDF

Info

Publication number
CN101399667A
CN101399667A CNA200710153192XA CN200710153192A CN101399667A CN 101399667 A CN101399667 A CN 101399667A CN A200710153192X A CNA200710153192X A CN A200710153192XA CN 200710153192 A CN200710153192 A CN 200710153192A CN 101399667 A CN101399667 A CN 101399667A
Authority
CN
China
Prior art keywords
output
input
message
logical block
register
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CNA200710153192XA
Other languages
Chinese (zh)
Inventor
杨波
李志敏
杨义先
郑世慧
钮心忻
张智辉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sony China Ltd
Original Assignee
Sony China Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sony China Ltd filed Critical Sony China Ltd
Priority to CNA200710153192XA priority Critical patent/CN101399667A/en
Publication of CN101399667A publication Critical patent/CN101399667A/en
Pending legal-status Critical Current

Links

Images

Abstract

The invention provides a steplike function device and a message extending method thereof which are used for generating a quick and safe hash function. The device comprises eight 32 bit registers R1-R8, and a plurality of logic blocks and function blocks, wherein, each register has an initial value, an input and an output; specific logic blocks in a plurality of logic blocks receive two different 32 bit messages W2j and W2j+1, and two different 32 bit unsigned constants K2j and K2j+1, and do not directly receive the output of each register; a plurality of logic blocks and function blocks respectively carry out logic operation and function operation on each initial value in the registers R1-R8, the messages W2j and W2j+1, and the unsigned constants K2j and K2j+1.

Description

Produce fast and safely the step functional unit and the message spreading method of hash function
Technical field
The present invention relates to fields such as digital signature, message authentication, the core technology that belongs to information security and network security, more specifically, the present invention relates to a kind of functional unit that goes on foot and go on foot the method that functional unit carries out extension of message, finally produce a hash function fast and safely with utilizing.
Background technology
Cryptographic Hash function is the cryptographic technique on basis, is used for the integrality of protected data.It is a compression function that calculates easily but be difficult to invert, and it is compressed into the short message string of regular length to the message string of random length, and length is 128,160,256 and 512 bits normally, claim cryptographic Hash or the eap-message digest of this short message string for this message.
Cryptographic Hash function needs to satisfy three security properties usually: antigen resembles attack, promptly finds a message string to make that its cryptographic Hash just in time is that in advance given cryptographic Hash is infeasible on calculating; Anti-second primary image is attacked, and the cryptographic Hash that promptly finds a message string to make its cryptographic Hash just in time equal in advance given message string is infeasible on calculating; Anti-collision attack, it is infeasible promptly finding any two message strings make their cryptographic Hash coexist mutually to calculate.For desirable hash function, looking for the complexity of the primary image and second primary image is 2 nThe complexity of looking for collision is 2 N/2, wherein n is the length of cryptographic Hash.
At present, widely used special hash function has MD5 and SHA-1 etc., and MD5 is published on the Request for Comment 1321 (RFC1321), and title is The MD5 Message-DigestAlgorithm (a MD5 Message Digest 5).Thereby RFC 1321 is prior art files of the present invention.SHA-1 is published on the Federal Information Processing Standards Publication 180-1 (FIPSPUB 180-1), and title is Secure Hash Standard (the hash function standard of safety).Thereby FIPSPUB 180-1 is a prior art file of the present invention.
Yet since two thousand four, various differential attack methods successfully have been used on the collision attack to special hash function such as MD5 and SHA-1, and MD5 and SHA-1 have been unsafe.These hash functions main cause under attack is that the diffusion of extension of message and step function is very slow, and the difference of introducing can be eliminated with very high probability, thereby finds collision.
National Institute of Standards and Technology (NIST Unite States Standard technical committee) is considering to use SHA2.SHA2 is published on the FIPS PUB 180-2, and title is Secure HashStandard.Corresponding patent document is a U.S. Patent number 6829355, and title is Device for andmethod of one-way cryptographic hashing (producing the method and apparatus that one-way cipher is learned hash function).The method and apparatus of U.S. Patent number 6829355 disclosed generation hash functions and former special hash function have used duplicate message to fill and cutting techniques.Suppose that message-length is l, fill method be the afterbody in message at first add one 1, recharge 0 of k position, k is the minimum positive integer that makes that l+1+k=448 (mod512-is divided by the remainder after 512) sets up, 64 remaining length of filling message.Dividing method is the message after filling to be divided into 16 * 32 message blocks.The special technology of the method and apparatus of U.S. Patent number 6829355 disclosed generation hash functions is the fail safes that strengthen hash function with respect to the more complicated extension of message of SHA-1 and step function by having used.But the diffusion velocity that studies show that it is still slow, and for the step function, message once only has influence on two registers, and local passing through revised message and suppressed difference and remain feasible.
Summary of the invention
The present invention has designed a kind of step functional unit with strong diffusion, and it is used for producing hash function fast and safely.Core of the present invention is the method that a kind of step functional unit that has the step functional unit of strong diffusion and will have a strong diffusion is used for extension of message.Like this, the diffusion of extension of message and step function is all very fast, thereby can resist existing attack method to hash function fully.
According to an aspect of the present invention, provide a kind of step functional unit, described device comprises: eight 32 bit register R1-R8, and wherein each register has initial value, and has an input and an output; And a plurality of logical blocks and functional blocks, the particular logical block in wherein said a plurality of logical blocks receives two 32 different message W 2jAnd W 2j+1And two 32 different unsigned constant K 2jAnd K 2j+1, and described particular logical block directly do not receive the output of each register, and wherein said a plurality of logical blocks and functional blocks are respectively to each initial value, message W among the described register R1-R8 2jAnd W 2j+1, and unsigned constant K 2jAnd K 2j+1Carry out the operation of logical operation and function.
According to a further aspect in the invention, also provide a kind of and utilized above-mentioned step functional unit to carry out the method for extension of message, having comprised: spread step, from comprising 16 32 message W 0-W 15Message blocks in choose 8 32 message, eight register R1-R8 of the described step functional unit of initialization, and carry out 6 iterative processings by described step functional unit are to obtain extended message W 16-W 23, wherein when each iterative processing, to described step functional unit input 4 corresponding 32 message, link variable or unsigned constants.
The method of carrying out extension of message according to the present invention also comprises: second spread step, and again from comprising 16 32 message W 0-W 15Message blocks in choose 8 32 message and described extended message W 16-W 23Corresponding addition utilizes the described register R1-R8 of initializes of addition gained, and carries out 6 iterative processings by described step functional unit, to obtain extended message W 24-W 31, wherein when each iterative processing, to described step functional unit input 4 corresponding 32 message, link variable or unsigned constants.
In accordance with a further aspect of the present invention, also provide a kind of step functional unit of the present invention and message spreading method of utilizing to produce fast and safely hash function, finally generate the method for eap-message digest, described method comprises step: origination message is filled, the message of being filled is divided at least one message blocks, and each message blocks comprises 16 32 message W 0-W 15The initialization link variable; And utilize 16 32 message in the described described link variable of step functional unit iterative processing and each message blocks, to produce final link variable, described eap-message digest as origination message, the iterative processing of wherein said step functional unit comprises: first spread step, from described message blocks, choose 8 32 message, eight register R1-R8 in the described step functional unit of initialization, and carry out 6 iterative processings by described step functional unit, to obtain extended message W 16-W 23And second spread step, from described message blocks, choose 8 32 message and described extended message W again 16-W 23Corresponding addition utilizes the described register R1-R8 of initializes of addition gained, and carries out 6 iterative processings by described step functional unit, to obtain extended message W 24-W 31
By analysis, the present invention has following good effect:
(1) step functional unit of the present invention is once imported two message, and generally, the difference of each message and register all will have influence on all registers after two steps, so it has very strong diffusivity;
(2) extension of message is used step functional unit of the present invention, and extension of message also has very strong diffusivity;
(3) to suppress the difference diffusion be infeasible to the modification by message;
(4) can resist existing attack method fully to hash function;
(5) speed of the present invention is faster than SHA-256.
Therefore, the designed hash function of the present invention is a hash function fast and safely.
Description of drawings
Carry out following description in conjunction with the drawings, technical scheme that the present invention may be better understood and technical characterictic thereof, thus fully understand the present invention, wherein:
Fig. 1 is the figure according to the step functional unit with strong diffusion of the embodiment of the invention;
Fig. 2 is the figure that the step functional unit of the present invention among Fig. 1 is used for the method for extension of message according to the embodiment of the invention;
Fig. 3 is step functional unit and the message spreading method generation hash function fast and safely that utilizes according to the embodiment of the invention, finally generates the schematic diagram of the cryptographic Hash of origination message; And
Fig. 4 is step functional unit and the message spreading method generation hash function fast and safely that utilizes according to the embodiment of the invention, finally generates the flow chart of the cryptographic Hash of origination message.
Embodiment
Now, will be by the example embodiment that invention will be described in detail with reference to the attached drawing.In the following description, for clarity and conciseness for the purpose of, will omit the related known function and the detailed description of configuration here.
Core technology of the present invention is a kind ofly to have the step functional unit of strong diffusion and utilize described step functional unit to carry out the method for extension of message.Step functional unit of the present invention is once imported two message, and generally, the difference of each message and register all will have influence on all registers after two steps.
Fig. 1 is the calcspar according to the specific embodiment of the step functional unit with strong diffusion of the embodiment of the invention.Reference numeral 103 representatives are according to the step functional unit of the embodiment of the invention, see that on the whole step functional unit 103 is shift registers, it is formed by connecting by 8 32 pieces (register) R1-R8, each piece has initial value, and has an input and an output.
This step functional unit 103 also comprises a plurality of logical blocks and a plurality of functional blocks, and the particular logical block in wherein a plurality of logical blocks (for example the 4th logical block L4, the 8th logical block L8, the 3rd logical block L3, the 7th logical block L7) receives two 32 different message W 2jAnd W 2j+1, and two 32 different unsigned constant K 2jAnd K 2j+1, and described particular logical block does not directly receive the output of each register.
That is to say that except the value among the register R1-R8, step functional unit 103 also has 4 inputs, and two different message W are wherein arranged 2jAnd W 2j+1, and two different users can self-defining unsigned constant K 2jAnd K 2j+1Above-mentioned a plurality of logical block and a plurality of functional blocks are respectively to each initial value, message W among the register R1-R8 2jAnd W 2j+1, and unsigned constant K 2jAnd K 2j+1Carry out the operation of logical operation and function, but these four input W 2j, W 2j+1, K 2j, K 2j+1Directly do not have an effect with the input and output of register R1-R8.
Every through step processing, step functional unit (shift register) 103 circulation to the right moves and moves a step.
Describe the structure of step functional unit 103 of the present invention below in detail according to Fig. 1.
With reference to 1,8 32 piece of figure (8 32 bit registers) R1-R8 output of an input is arranged all.First logical block L1 has 1 output of 2 inputs, and the 1st input is the output of first 32 piece R1, and the 2nd input is the output of the 4th 32 piece R4.Second logical block L2 has 1 output of 2 inputs, and the 1st input is the output of second 32 piece R2, and the 2nd input is the output of the 3rd 32 piece R3.
First functional blocks F1 has 2 outputs of 1 input, and input is the output of second logical block L2, and the value of two outputs is identical, and the expression formula of functional blocks F1 is: f 0 ( x ) = x ⊕ r ( x , 11 ) ⊕ r ( x , 14 ) , Here (x is x to be circulated to the right move the n position n) to r.
The 3rd logical block L3 has 1 output of 3 inputs, and the 1st input is the output of first logical block L1, and the 2nd input is the output of first functional blocks F1, and the 3rd input is definable 32 unsigned constants of user.
Second functional blocks F2 has 2 outputs of 1 input, and input is the output of the 3rd logical block, and the value of two outputs is identical, and the expression formula of functional blocks F2 is: f 1 ( x ) = r ( x , 3 ) ⊕ r ( x , 8 ) ⊕ r ( x , 21 ) .
The 4th logical block L4 has 1 output of 3 inputs, and the 1st input is the output of first functional blocks F1, and the 2nd input is the output of second functional blocks F2, and the 3rd input is 32 message blocks.The 5th logical block L5, it has 1 output of 2 inputs, and the 1st input is the output of the 5th 32 piece R5 of shift register, and the 2nd input is the output of the 8th 32 piece R8.The 6th logical block L6, it has 1 output of 2 inputs, and the 1st input is the output of the 6th 32 piece R6 of shift register, and the 2nd input is the output of the 7th 32 piece R7 of shift register.
The 3rd functional blocks F3 has 2 outputs of 1 input, and input is the output of the 6th logical block L6, and the value of two outputs is identical, and the expression formula of functional blocks F3 is: f 2 ( x ) = x ⊕ r ( x , 6 ) ⊕ r ( x , 23 ) .
The 7th logical block L7, it has 1 output of 3 inputs, and the 1st input is the output of the 5th logical block L5, and the 2nd input is the output of the 3rd functional blocks F3, and the 3rd input is definable 32 unsigned constants of user.
The 4th functional blocks F4 has 2 outputs of 1 input, and input is the output of the 7th logical block L7, and the value of two outputs is identical, and the expression formula of functional blocks F4 is: f 3 ( x ) = r ( x , 2 ) ⊕ r ( x , 17 ) ⊕ r ( x , 27 ) .
The 8th logical block L8, it has 1 output of 3 inputs, and the 1st input is the output of the 3rd functional blocks F3, and the 2nd input is the output of the 4th functional blocks F4, and the 3rd input is 32 message blocks.The 9th logical block L9, it has 1 output of 2 inputs, and the 1st input is the output of the 5th 32 piece R5 of shift register, and the 2nd input is the output of the 4th logical block L4.The tenth logical block L10, it has 1 output of 2 inputs, and the 1st input is the output of first 32 piece R1 of shift register, and the 2nd input is the output of the 8th logical block L8.The 11 logical block L11, it has 1 output of 1 input, and input is the output of the 4th functional blocks F4.
The 12 logical block L12, it has 1 output of 2 inputs, and the 1st input is the output of the 4th logical block L4, and the 2nd input is the output of the 11 logical block L11.The 13 logical block L13, it has 1 output of 1 input, and input is the output of second functional blocks F2.
The 14 logical block L14, it has 1 output of 2 inputs, and the 1st input is the output of the 8th logical block L8, and the 2nd input is the output of the 13 logical block L13.The 15 logical block L15, it has 1 output of 2 inputs, and the 1st input is the output of second 32 piece R2 of shift register, and the 2nd input is the output of the 12 logical block L12, and output is the input of the 3rd 32 piece R3 of shift register.
The 16 logical block L16, it has 1 output of 2 inputs, and the 1st input is the output of the 4th 32 piece R4 of shift register, and the 2nd input is the output of the 12 logical block L12.The 17 logical block L17, it has 1 output of 2 inputs, and the 1st input is the output of the tenth logical block L10, and the 2nd input is the output of second functional blocks F2, and output is the input of second 32 piece R2 of shift register.
The 18 logical block L18, it has 1 output of 2 inputs, and the 1st input is the output of the 3rd 32 piece R3 of shift register, and the 2nd input is the output of second functional blocks F2, and output is the input of the 4th 32 piece R4 of shift register.Nineteen logical block L19, it has 1 output of 2 inputs, and the 1st input is the output of the 6th 32 piece R6 of shift register, and the 2nd input is the output of the 14 logical block L14, and output is the input of the 7th 32 piece R7 of shift register.
The 20 logical block L20, it has 1 output of 2 inputs, and the 1st input is the output of the 8th register R8 of shift register, and the 2nd input is the output of the 14 functional blocks L14, and output is the input of first 32 piece R1 of shift register.The 21 logical block L21, it has 1 output of 2 inputs, and the 1st input is the output of the 9th logical block L9, and the 2nd input is the output of the 4th functional blocks F4, and output is the input of the 6th 32 piece R6 of shift register.
The 22 logical block L22, it has 1 output of 2 inputs, and the 1st input is the output of the 7th 32 piece R7 of shift register, and the 2nd input is the output of the 4th functional blocks F4, and output is the input of the 8th 32 piece R8 of shift register.The 23 logical block L23, it has 1 output of 1 input, and input is the output of the 16 logical block L16, and output is the input of the 5th 32 piece R5 of shift register.
In this preferred embodiment, logical block L1, L5, L15, L18, L20 and L21 carry out XOR, and logical block L2-L4, L6-L10, L12, L14, L16, L17, L19 and L22 carry out mould 2 32Add operation, logical block L11, L13 and L23 carry out respectively to circulate to the right and move 7,9 and 1 bit arithmetic.
According to the structure shown in Fig. 1, step functional unit 103 is with the value A in j step among the register R1-R8 j, B j, C j, D j, E j, F j, G j, H jConvert the j+1 value A in step to J+1, B J+1, C J+1, D J+1, E J+1, F J+1, G J+1, H J+1, conversion operations (step) is as follows:
T 0 = W 2 j + f 0 ( B j + C j ) + f 1 ( ( A j ⊕ D j ) + K 2 j + f 0 ( B j + C j ) ) ;
T 1 = f 1 ( ( A j ⊕ D j ) + K 2 j + f 0 ( B j + C j ) ) ;
T 2 = W 2 j + 1 + f 2 ( F j + G j ) + f 3 ( ( E j ⊕ H j ) + K 2 j + 1 + f 2 ( F j + G j ) ) ;
T 3 = f 3 ( ( E j ⊕ H j ) + K 2 j + 1 + f 2 ( F j + G j ) ) ;
A j + 1 = H j ⊕ ( T 2 + T 1 > > > 9 ) ; B j+1=A j+T 2+T 1 C j + 1 = B j ⊕ ( T 0 + T 3 > > > 7 ) ;
D j + 1 = C j ⊕ T 1 ; E j + 1 = ( D j + ( T 0 + T 3 > > > 7 ) ) > > > 1 ; F j + 1 = ( E j + T 0 ) ⊕ T 3 ;
G j + 1 = F j + ( T 2 + T 1 > > > 9 ) ; H j+1=G j+T 3
Change the operation of in fact having finished step functional unit (shift register) 1 step of 103 ring shift rights according to above step.
Explanation utilizes above-mentioned step functional unit 103 to carry out the method for extension of message according to the embodiment of the invention according to Fig. 2 below.
Fig. 2 has provided and has utilized the step functional unit 103 that has strong diffusion property among the present invention to carry out the example of extension of message.Message W for any 16 32 0-W 15With input link variable CV 0-CV 7, with it according to the message W that is extended to 32 32 shown in Figure 2 0-W 31
The method of utilizing the step functional unit to carry out extension of message according to the present invention comprises:
First spread step 101 is from comprising 16 32 message W 0-W 15Message blocks in choose 8 32 message, eight register R1-R8 of the described step functional unit of initialization, and carry out 6 iterative processings by described step functional unit are to obtain extended message W 16-W 23, wherein when each iterative processing, to described step functional unit input 4 corresponding 32 message, link variable or unsigned constants.
Second spread step 102 is again from comprising 16 32 message W 0-W 15Message blocks in choose 8 32 message and described extended message W 16-W 23Corresponding addition utilizes the described register R1-R8 of initializes of addition gained, and carries out 6 iterative processings by described step functional unit, to obtain extended message W 24-W 31, wherein when each iterative processing, to described step functional unit input 4 corresponding 32 message, link variable or unsigned constants.
Particularly, expanding in 101 for the first time, at first use message W 1, W 4, W 7, W 10, W 13, W 0, W 3, W 6Correspondingly eight register R1-R8 of initialization step functional unit 103 utilize step functional unit 103 iterative processings 6 times then.Other 4 inputs of handling for the 1st time are respectively W 9, W 12With the user can self-defined unsigned constant 0xcbbb9d5d and 0x629a292a; Other 4 inputs of handling for the 2nd time are respectively W 15, W 2With the user can self-defined unsigned constant 0x9159015a and 0x152fecd8; Other 4 inputs of handling for the 3rd time are respectively W 5, W 8With the user can self-defined unsigned constant 0x67332667 and 0x8eb44a87; Other 4 inputs that the 4th is handled are respectively W 11, W 14With the user can self-defined unsigned constant 0xdb0c2e0d and 0x47b5481d; Other 4 inputs that the 5th is handled are respectively CV 0, CV 5With the user can self-defined unsigned constant 0xae5f9156 and 0xcf6c85d3; Other 4 inputs of handling for the 6th time are respectively CV 2, CV 7With the user can self-defined unsigned constant 0x2f73477d and 0x6d1826ca.Output is as the message W of expansion 16-W 23
Expanding in 102 for the second time, at first use W 16+ W 0, W 17+ W 7, W 18+ W 14, W 19+ W 5, W 20+ W 12, W 21+ W 3, W 22+ W 10, W 23+ W 1Correspondingly eight register R1-R8 of initialization step functional unit 103 utilize step functional unit 103 iterative processings 6 times then.Other 4 inputs of handling for the 1st time are respectively W 8, W 15With the user can self-defined unsigned constant 0x8b43d457 and 0xe360b596; Other 4 inputs of handling for the 2nd time are respectively W 6, W 13With the user can self-defined unsigned constant 0x1c456002 and 0x6f196331; Other 4 inputs of handling for the 3rd time are respectively W 4, W 11With the user can self-defined unsigned constant 0xd94ebeb1 and 0xcc4a611; Other 4 inputs that the 4th is handled are respectively W 2, W 9With the user can self-defined unsigned constant 0x261dc1f2 and 0x5815a7be; Other 4 inputs that the 5th is handled are respectively CV 4, CV 1With the user can self-defined unsigned constant 0x70b7ed67 and 0xa1513c69; Other 4 inputs of handling for the 6th time are respectively CV 6, CV 3With the user can self-defined unsigned constant 0x44f93635 and 0x720dcdfd.Output is as the message W of expansion 24-W 31
Like this, any 16 32 message W 0-W 15With 8 input link variable CV 0-CV 7Just be extended to 32 32 message W 0-W 31
Utilize Fig. 3 and Fig. 4 to describe below, finally generate the method for the cryptographic Hash (eap-message digest) of origination message according to embodiment of the invention utilization step functional unit 103 and message spreading method generation hash function fast and safely.
Fig. 3 produces fast and safely hash function according to embodiment of the invention utilization step functional unit 103 and message spreading method, finally generates the schematic diagram of method of the cryptographic Hash of origination message; With Fig. 4 is to produce fast and safely hash function according to embodiment of the invention utilization step functional unit 103 and message spreading method, finally generates the flow chart of method of the cryptographic Hash of origination message.
According to embodiments of the invention, utilize step functional unit 103 and message spreading method generation hash function fast and safely, finally the method to any message generation eap-message digest mainly comprises step: origination message is filled; The message of being filled is divided at least one message blocks, and each message blocks comprises 16 32 message; The link variable that initialization is 8 32; And utilize 16 32 message in the described described link variable of step functional unit iterative processing and each message blocks, to produce final link variable, as the described eap-message digest of origination message.
As shown in Figure 4, at step S401, origination message is filled.Filling length is the message m of l, and making its length is the integral multiple of 512 bits (position).Fill method be the afterbody in message at first add one 1, recharge 0 of k position, k is the minimum positive integer that makes that l+1+k=448 (mod512) sets up, 64 remaining length of filling message.Message-length after the filling is 512 * N bit, and the message after the filling is designated as M (shown in 301 among Fig. 3 and 302).
At step S402, message is divided.With above-mentioned length is the message blocks M[1 that the message M of the integral multiple of 512 bits is divided into 16 * 32 (512) bits]-M[N] (shown in 303 among Fig. 3).
At step S403, link variable is carried out initialization.Use user's definable 8 32 unsigned constant IV-CV initialization link variable (shown in 304 among Fig. 3), be designated as CV 0(0)-CV 7(0).
At step S404, to the 1st message blocks M[1] compress processing.Use step functional unit 103 to carry out the message of extension of message and 16 32 bits of iterative processing and 16 32 bit message of expansion.Treatment step is as follows:
(1) for 16 32 the message W that imports 0-W 15With link variable CV 0(0)-CV 7(0), use method extended message as shown in Figure 2 to become 32 32 message W 0-W 31
(2) use link variable CV 0(0)-CV 7(0) eight register R1-R8 of initialization step functional unit 103 correspondingly;
(3) utilize step functional unit 103 iterative processings 16 times, wherein press W 0-W 31Order two message input step functional units 103 are arranged at every turn, two definable unsigned constants input step functional units 103 of user are arranged simultaneously; And
(4) after step functional unit 103 is finished iterative processing 16 times, obtain the currency A of register R1-R8, B, C, D, E, F, G, H.
(5) initial value with link variable adds the initial link variate-value of the currency of shift register R1-R8 as next step.Be CV 0(1)=CV 0(0)+A; CV 1(1)=CV 1(0)+B; ...; CV 7(1)=CV 7(0)+H.
The value CV of the link variable after will having compressed the 1st message blocks 0(1)-CV 7(1), as the initial link variate-value that next message blocks is handled.
At step S405, judge whether to exist next message blocks M[n to be processed].Have next message blocks M[n if judge], then processing procedure advances to step S406.
At step S406, to n message blocks M[n] compress processing.Use step functional unit 103 to carry out the message of extension of message and 16 32 bits of iterative processing and 16 32 bit message of expansion.Treatment step is as follows:
(1) for 16 32 the message W that imports 0-W 15With link variable CV 0(n-1)-CV 7(n-1), use method extended message as shown in Figure 2 to become 32 32 message W 0-W 31
(2) use link variable CV 0(n-1)-CV 7(n-1) eight register R1-R8 of initialization step functional unit 103 correspondingly;
(3) utilize step functional unit 103 iterative processings 16 times, wherein press W 0-W 31Order two message input step functional units 103 are arranged at every turn, two definable unsigned constants input step functional units 103 of user are arranged simultaneously; And
(4) after step functional unit 103 is finished iterative processing 16 times, obtain the currency A ' of register R1-R8, B ', C ', D ', E ', F ', G ', H '.
(5) will be to message blocks M[n] initial value that compresses the link variable when handling adds the initial link variate-value of the currency of shift register R1-R8 as next step.Be CV 0(n)=CV 0(n-1)+A '; CV 1(n)=CV 1(n-1)+B '; ...; CV 7(n)=CV 7(n-1)+H '.
The value CV of the link variable after will having compressed n message blocks 0(n)-CV 7(n), as the initial link variate-value that next message blocks is handled.
That is to say, as shown in Figure 3, with the output link variable CV of iterative process 305 (Fig. 3) 0(1)-CV 7(1), as the initial value of the link variable of next iterative process 306, then to next message blocks M[2] carry out iteration.Wherein, in iterative process 306, repeat (1) to (5) step in the above-mentioned iterative process 305.
After the finishing dealing with of step S406, processing procedure turns back to step S405.
If in step S405, judge and do not have next message blocks M[n to be processed], then processing procedure advances to step S407.
In step S407,, be the cryptographic Hash (eap-message digest) of origination message with link variable CV output.Here CV=CV 0(N) ‖ CV 1(N) ‖ CV 2(N) ‖ CV 3(N) ‖ CV 4(N) ‖ CV 5(N) ‖ CV 6(N) ‖ CV 7(N), symbol ‖ represents two binary strings are together in series.
Then, the entire process process finishes.
Of the present invention have the step functional unit of strong diffusion and utilize this step functional unit with strong diffusion to carry out the method for extension of message, can be according to shown in the embodiment of Fig. 3 and Fig. 4, implement by software or hardware, obtain a hash function fast and safely, utilize this hash function to produce 256 eap-message digests of any message.
Although described embodiments of the invention above in detail, to those skilled in the art, can make further changes and improvements to the present invention.Should be appreciated that such changes and improvements still within the spirit and scope of the present invention.

Claims (15)

1, a kind of step functional unit is used to produce hash function fast and safely, and described device comprises:
Eight 32 bit register R1-R8, wherein each register has initial value, and has an input and an output; And
A plurality of logical blocks and functional blocks, the particular logical block in wherein said a plurality of logical blocks receives two 32 different message W 2jAnd W 2j+1And two 32 different unsigned constant K 2jAnd K 2j+1, and described particular logical block directly do not receive the output of each register,
Wherein said a plurality of logical block and functional blocks are respectively to each initial value, message W among the described register R1-R8 2jAnd W 2j+1, and unsigned constant K 2jAnd K 2j+1Carry out the operation of logical operation and function.
2, step functional unit according to claim 1, wherein, first functional blocks is f 0 ( x ) = x ⊕ r ( x , 11 ) ⊕ ( x , 14 ) , Here (x is x to be circulated to the right move the n position n) to r.
3, step functional unit according to claim 1, wherein, second functional blocks is f 1 ( x ) = r ( x , 3 ) ⊕ r ( x , 8 ) ⊕ ( x , 21 ) .
4, step functional unit according to claim 1, wherein, the 3rd functional blocks is f 2 ( x ) = x ⊕ r ( x , 6 ) ⊕ ( x , 23 ) .
5, step functional unit according to claim 1, wherein, the 4th functional blocks is f 3 ( x ) = r ( x , 2 ) ⊕ r ( x , 17 ) ⊕ ( x , 27 ) .
6, step functional unit according to claim 1, wherein, the 11, the 13 and the 23 logical block carry out circulative shift operation.
7, step functional unit according to claim 1, wherein, first, the 5th, the 15, the 18, the 20 and the 21 logical block carry out XOR.
8, step functional unit according to claim 1, wherein, second to the 4th, the 6th to the tenth, the 12, the 14, the 16, the 17, the 19 and the 22 logical block carry out mould 2 32Add operation.
9, step functional unit according to claim 1 is wherein operated by the logical operation and the function of described a plurality of logical blocks and functional blocks, with the value A in j step among the register R1-R8 j, B j, C j, D j, E j, F j, G j, H jConvert the j+1 value A in step to J+1, B J+1, C J+1, D J+1, E J+1, F J+1, G J+1, H J+1, described conversion operations is as follows:
T 0 = W 2 j + f 0 ( B j + C j ) + f 1 ( ( A j ⊕ D j ) + K 2 j + f 0 ( B j + C j ) ) ;
T 1 = f 1 ( ( A j ⊕ D j ) + K 2 j + f 0 ( B j + C j ) ) ;
T 2 = W 2 j + 1 + f 2 ( F j + G j ) + f 3 ( ( E j ⊕ H j ) + K 2 j + 1 + f 2 ( F j + G j ) ) ;
T 3 = f 3 ( ( E j ⊕ H j ) + K 2 j + 1 + f 2 ( F j + G j ) ) ;
A j + 1 = H j ⊕ ( T 2 + T 1 > > > 9 ) ; B j+1=A j+T 2+T 1 C j + 1 = B j ⊕ ( T 0 + T 3 > > > 7 ) ;
D j + 1 = C j ⊕ T 1 ; E j+1=(D j+(T 0+T 3 >>>7)) >>>1 F j + 1 = ( E j + T 0 ) ⊕ T 3 ;
G j+1=F j+(T 2+T 1 >>>9);H j+1=G j+T 3
10, step functional unit according to claim 1, wherein said a plurality of logical blocks and functional blocks comprise:
First logical block, it has 1 output of 2 inputs, and the 1st input is the output of first register R1, and the 2nd input is the output of the 4th register R4;
Second logical block, it has 1 output of 2 inputs, and the 1st input is the output of second register R2, and the 2nd input is the output of the 3rd register R3;
First functional blocks has 2 outputs of 1 input, and input is the output of second logical block, and the value of two outputs is identical;
The 3rd logical block, it has 1 output of 3 inputs, and the 1st input is the output of first logical block, and the 2nd input is the output of first functional blocks, and the 3rd input is definable 32 unsigned constants of user;
Second functional blocks has 2 outputs of 1 input, and input is the output of the 3rd logical block, and the value of two outputs is identical;
The 4th logical block, it has 1 output of 3 inputs, and the 1st input is the output of first functional blocks, and the 2nd input is the output of second functional blocks, and the 3rd input is described 32 message W2j;
The 5th logical block, it has 1 output of 2 inputs, and the 1st input is the output of the 5th register R5, and the 2nd input is the output of the 8th register R8;
The 6th logical block, it has 1 output of 2 inputs, and the 1st input is the output of the 6th register R6, and the 2nd input is the output of the 7th register R7;
The 3rd functional blocks has 2 outputs of 1 input, and input is the output of the 6th logical block, and the value of two outputs is identical;
The 7th logical block, it has 1 output of 3 inputs, and the 1st input is the output of the 5th logical block, and the 3rd input is the output of the 3rd functional blocks, and the 3rd input is definable 32 unsigned constants of user;
The 4th functional blocks has 2 outputs of 1 input, and input is the output of the 7th logical block, and the value of two outputs is identical;
The 8th logical block, it has 1 output of 3 inputs, and the 1st input is the output of the 3rd functional blocks, and the 2nd input is the output of the 4th functional blocks, and the 3rd input is described 32 message W2j+1;
The 9th logical block, it has 1 output of 2 inputs, and the 1st input is the output of the 5th register R5, and the 2nd input is the output of the 4th logical block;
The tenth logical block, it has 1 output of 2 inputs, and the 1st input is the output of first register R1, and the 2nd input is the output of the 8th logical block;
The 11 logical block, it has 1 output of 1 input, and input is the output of the 4th functional blocks;
The 12 logical block, it has 1 output of 2 inputs, and the 1st input is the output of the 4th logical block, and the 2nd input is the output of the 11 logical block;
The 13 logical block, it has 1 output of 1 input, and input is the output of second functional blocks;
The 14 logical block, it has 1 output of 2 inputs, and the 1st input is the output of the 8th logical block, and the 2nd input is the output of the 13 logical block;
The 15 logical block, it has 1 output of 2 inputs, and the 1st input is the output of second register R2, and the 2nd input is the output of the 12 logical block, and output is the input of the 3rd register R3;
The 16 logical block, it has 1 output of 2 inputs, and the 1st input is the output of the 4th register R4, and the 2nd input is the output of the 12 logical block;
The 17 logical block, it has 1 output of 2 inputs, and the 1st input is the output of the tenth logical block, and the 2nd input is the output of second functional blocks, and output is the input of second register R2;
The 18 logical block, it has 1 output of 2 inputs, and the 1st input is the output of the 3rd register R3, and the 2nd input is the output of second functional blocks, and output is the input of the 4th register R4;
The nineteen logical block, it has 1 output of 2 inputs, and the 1st input is the output of the 6th register R6, and the 2nd input is the output of the 14 logical block, and output is the input of the 7th register R7;
The 20 logical block, it has 1 output of 2 inputs, and the 1st input is the output of the 8th register R8, and the 2nd input is the output of the 14 logical block, and output is the input of first register R1;
The 21 logical block, it has 1 output of 2 inputs, and the 1st input is the output of the 9th logical block, and the 2nd input is the output of the 4th functional blocks, and output is the input of the 6th register R6;
The 22 logical block, it has 1 output of 2 inputs, and the 1st input is the output of the 7th register R7, and the 2nd input is the output of the 4th functional blocks, and output is the input of the 8th register R8;
The 23 logical block, it has 1 output of 1 input, and input is the output of the 16 logical block, and output is the input of the 5th register R5.
11, a kind of method of utilizing arbitrary described step functional unit among the claim 1-10 to carry out extension of message comprises:
Spread step is from comprising 16 32 message W 0-W 15Message blocks in choose 8 32 message, eight register R1-R8 of the described step functional unit of initialization, and carry out 6 iterative processings by described step functional unit are to obtain extended message W 16-W 23,
Wherein when each iterative processing, to described step functional unit input 4 corresponding 32 message, link variable or unsigned constants.
12, method according to claim 11 also comprises:
Second spread step is again from comprising 16 32 message W 0-W 15Message blocks in choose 8 32 message and described extended message W 16-W 23Corresponding addition utilizes the described register R1-R8 of initializes of addition gained, and carries out 6 iterative processings by described step functional unit, to obtain extended message W 24-W 31,
Wherein when each iterative processing, to described step functional unit input 4 corresponding 32 message, link variable or unsigned constants.
13, according to claim 11 or 12 described message spreading methods, wherein in described spread step, at first use message W 1, W 4, W 7, W 10, W 13, W 0, W 3, W 6Correspondingly the described register R1-R8 of initialization carries out described 6 iterative processings then,
Wherein, other 4 inputs of handling for the 1st time are respectively W 9, W 12With unsigned constant 0xcbbb9d5d and 0x629a292a; Other 4 inputs of handling for the 2nd time are respectively W 15, W 2With unsigned constant 0x9159015a and 0x152fecd8; Other 4 inputs of handling for the 3rd time are respectively W5, W8 and unsigned constant 0x67332667 and 0x8eb44a87; Other 4 inputs that the 4th is handled are respectively W 11, W 14With unsigned constant 0xdb0c2e0d and 0x47b5481d; Other 4 inputs that the 5th is handled are respectively link variable CV 0, CV 5With unsigned constant 0xae5f9156 and 0xcf6c85d3; Other 4 inputs of handling for the 6th time are respectively link variable CV 2, CV 7With unsigned constant 0x2f73477d and 0x6d1826ca.
14, method according to claim 13 wherein in second spread step, is at first used W 16+ W 0, W 17+ W 7, W 18+ W 14, W 19+ W 5, W 20+ W 12, W 21+ W 3, W 22+ W 10, W 23+ W 1Correspondingly described eight the register R1-R8 of initialization carry out described 6 iterative processings then,
Wherein, other 4 inputs of handling for the 1st time are respectively W 8, W 15With unsigned constant 0x8b43d457 and 0xe360b596; Other 4 inputs of handling for the 2nd time are respectively W 6, W 13With unsigned constant 0x1c456002 and 0x6f196331; Other 4 inputs of handling for the 3rd time are respectively W 4, W 11With unsigned constant 0xd94ebeb1 and 0xcc4a611; Other 4 inputs that the 4th is handled are respectively W 2, W 9With unsigned constant 0x261dc1f2 and 0x5815a7be; Other 4 inputs that the 5th is handled are respectively link variable CV 4, CV 1With unsigned constant 0x70b7ed67 and 0xa1513c69; Other 4 inputs of handling for the 6th time are respectively link variable CV 6, CV 3With unsigned constant 0x44f93635 and 0x720dcdfd.
15, a kind ofly utilize arbitrary described step functional unit and message spreading method among the claim 1-14 to produce fast and safely hash function, finally generate the method for eap-message digest, described method comprises step:
Origination message is filled, the message of being filled is divided at least one message blocks, each message blocks comprises 16 32 message W 0-W 15
The initialization link variable; And
Utilize 16 32 message in the described described link variable of step functional unit iterative processing and each message blocks, to produce final link variable, as the described eap-message digest of origination message,
The iterative processing of wherein said step functional unit comprises:
First spread step is chosen 8 32 message from described message blocks, eight register R1-R8 in the described step functional unit of initialization, and carry out 6 iterative processings by described step functional unit, to obtain extended message W 16-W 23And
Second spread step is chosen 8 32 message and described extended message W again from described message blocks 16-W 23Corresponding addition utilizes the described register R1-R8 of initializes of addition gained, and carries out 6 iterative processings by described step functional unit, to obtain extended message W 24-W 31
CNA200710153192XA 2007-09-29 2007-09-29 Step function device and message spreading method for generating fast safe Hash function Pending CN101399667A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CNA200710153192XA CN101399667A (en) 2007-09-29 2007-09-29 Step function device and message spreading method for generating fast safe Hash function

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CNA200710153192XA CN101399667A (en) 2007-09-29 2007-09-29 Step function device and message spreading method for generating fast safe Hash function

Publications (1)

Publication Number Publication Date
CN101399667A true CN101399667A (en) 2009-04-01

Family

ID=40517949

Family Applications (1)

Application Number Title Priority Date Filing Date
CNA200710153192XA Pending CN101399667A (en) 2007-09-29 2007-09-29 Step function device and message spreading method for generating fast safe Hash function

Country Status (1)

Country Link
CN (1) CN101399667A (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101872339A (en) * 2010-06-11 2010-10-27 南京邮电大学 Hash algorithm based on complex dynamic network
CN102412961A (en) * 2010-09-19 2012-04-11 联芯科技有限公司 Method and system for generating message digest
CN101860431B (en) * 2009-04-10 2012-04-25 雷凌科技股份有限公司 Hash key generation method and device
CN101778142B (en) * 2009-12-11 2012-10-24 东南大学 Anonymization method for reserving network address prefix combining bit string and hash function
CN104158648A (en) * 2013-05-14 2014-11-19 罗伯特·博世有限公司 Method and device for generating Hash value
CN108427575A (en) * 2018-02-01 2018-08-21 深圳市安信智控科技有限公司 Fully pipelined architecture SHA-2 extension of message optimization methods
CN113794567A (en) * 2021-09-13 2021-12-14 上海致居信息科技有限公司 Synthesis acceleration method and device of SHA256 Hash algorithm zero-knowledge proof circuit

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101860431B (en) * 2009-04-10 2012-04-25 雷凌科技股份有限公司 Hash key generation method and device
CN101778142B (en) * 2009-12-11 2012-10-24 东南大学 Anonymization method for reserving network address prefix combining bit string and hash function
CN101872339A (en) * 2010-06-11 2010-10-27 南京邮电大学 Hash algorithm based on complex dynamic network
CN101872339B (en) * 2010-06-11 2013-08-07 南京邮电大学 Hash algorithm based on complex dynamic network
CN102412961A (en) * 2010-09-19 2012-04-11 联芯科技有限公司 Method and system for generating message digest
CN102412961B (en) * 2010-09-19 2014-02-05 联芯科技有限公司 Method and system for generating message digest
CN104158648A (en) * 2013-05-14 2014-11-19 罗伯特·博世有限公司 Method and device for generating Hash value
CN104158648B (en) * 2013-05-14 2019-03-29 罗伯特·博世有限公司 Method and apparatus for generating cryptographic Hash
CN108427575A (en) * 2018-02-01 2018-08-21 深圳市安信智控科技有限公司 Fully pipelined architecture SHA-2 extension of message optimization methods
CN108427575B (en) * 2018-02-01 2022-03-15 深圳市安信智控科技有限公司 Full-flow-structure SHA-2 message expansion optimization method
CN113794567A (en) * 2021-09-13 2021-12-14 上海致居信息科技有限公司 Synthesis acceleration method and device of SHA256 Hash algorithm zero-knowledge proof circuit
CN113794567B (en) * 2021-09-13 2024-04-05 上海致居信息科技有限公司 Synthetic acceleration method and device for SHA256 hash algorithm zero knowledge proof circuit

Similar Documents

Publication Publication Date Title
Aljawarneh et al. A resource-efficient encryption algorithm for multimedia big data
CN101399667A (en) Step function device and message spreading method for generating fast safe Hash function
CN104270247B (en) Suitable for the efficient general Hash functions authentication method of quantum cryptography system
Kuznetsov et al. Performance of hash algorithms on gpus for use in blockchain
Li et al. Cryptographic and parallel hash function based on cross coupled map lattices suitable for multimedia communication security
CN110795762A (en) Reserved format encryption method based on stream cipher
CN111010266A (en) Message encryption and decryption, reading and writing method and device, computer equipment and storage medium
Sleem et al. TestU01 and Practrand: Tools for a randomness evaluation for famous multimedia ciphers
Akhavan et al. Hash function based on piecewise nonlinear chaotic map
CN116522300A (en) Intelligent management system for electronic seal
Xian et al. A novel chaotic image encryption with FSV based global bit-level chaotic permutation
Tiwari Cryptography in blockchain
Prasanna et al. Performance analysis of md5 and sha-256 algorithms to maintain data integrity
CN111314054B (en) Lightweight ECEG block cipher realization method, system and storage medium
Abed et al. A lightweight cryptography algorithm for secure smart cities and IOT
Gafsi et al. Hardware implementation of a strong pseudorandom number generator based block‐cipher system for color image encryption and decryption
CN111614457A (en) P replacement improvement-based lightweight packet encryption and decryption method, device and storage medium
Dobrovolsky et al. Development of a hash algorithm based on cellular automata and chaos theory
El Hanouti et al. A lightweight hash function for cryptographic and pseudo-cryptographic applications
CN1885769B (en) Digital abstract forming device and method, and CA signing system and method
Abdoun et al. Hash function based on efficient chaotic neural network
CN110086619B (en) Key stream generation method and device
Muhalhal et al. A hybrid modified lightweight algorithm for achieving data integrity and confidentiality
CN109450618B (en) MD 5-based encryption method and system
CN101202618A (en) Method and apparatus for generating message summary by ring iterative structure

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C02 Deemed withdrawal of patent application after publication (patent law 2001)
WD01 Invention patent application deemed withdrawn after publication

Open date: 20090401