[Cryptography] the world's worst hash function
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Thu Jan 31 19:03:07 EST 2019
Christian Huitema <huitema at huitema.net> writes:
>Peter, your implementation being slow is one thing. But do you have a proof
>that some smart implementation would not be able to fling the merde much
>faster, and land on the same shit by a shorter path?
https://godbolt.org, no current compiler can optimise it away, and that's by
design since the final computed value is returned to the caller so there's no
short-circuit eval possible. What is theoretically possible is that a
hypothetical future compiler that does cross-module interprocedural dataflow
analysis might be able to see that the computed value isn't used anywhere, but
I'm not aware of anything like that. Worst-case is you just need to store the
result in a static var and feed it, or part of it, as input back into the next
invocation.
Peter.
More information about the cryptography
mailing list