The Pure Crypto Project's Hash Function
Ralf Senderek
ralf at senderek.de
Sun May 4 02:29:20 EDT 2003
On 3 May 2003, Eric Rescorla wrote:
> Can you explain every single line of the modular exponentiation
> routine you're using?
Yes, of course I can, otherwise the Pure Crypto Project would lack its
second most important feature, clarity, security being the most important.
Fortunately I have to explain only 10 lines of code:
def ModExp (Base, Exp, Mod):
Hash = 1
X = Exp
Factor = Base
while X > 0 :
Remainder = X % 2
X = X / 2
if Remainder == 1:
Hash = Hash * Factor % Mod
Factor = Factor * Factor % Mod
return Hash
I have explained this sucessfully even to 18 year olds who wanted to
learn about computer security. I will explain off-list on request.
> Every single line of the compiler you're
> using to compile the code?
No, I cannot. As I'm using bare multiplication and addition of long
integers, I cannot rule out the possibility that the Python-interpreter
executes some malicous code when multiplying x and y. But I don't have
any reason to assume that.
> The amount of math you would need to demonstrate the security
> or insecurity of your hash algorithm is incredibly prohibitive,
> and vastly larger than the amount of effort required to analyze the
> C code in SHA-1.
I'm not sure, primes sometimes make an argument simple, please read
my remarks on security.
Ralf.
*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*
* Ralf Senderek <ralf at senderek.de> http://senderek.de * What is privacy *
* Sandstr. 60 D-41849 Wassenberg +49 2432-3960 * without *
* PGP: AB 2C 85 AB DB D3 10 E7 CD A4 F8 AC 52 FC A9 ED * Pure Crypto? *
*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list