Independent Submission V. Dolmatov, Ed.
Request for Comments: 6986 A. Degtyarev
Updates: 5831 Cryptocom, Ltd.
Category: Informational August 2013
ISSN: 2070-1721
Independent Submission V. Dolmatov, Ed.
Request for Comments: 6986 A. Degtyarev
Updates: 5831 Cryptocom, Ltd.
Category: Informational August 2013
ISSN: 2070-1721
GOST R 34.11-2012: Hash Function
GOST R 34.11-2012:哈希函数
Abstract
摘要
This document is intended to be a source of information about the Russian Federal standard hash function (GOST R 34.11-2012), which is one of the Russian cryptographic standard algorithms (called GOST algorithms). This document updates RFC 5831.
本文件旨在作为俄罗斯联邦标准哈希函数(GOST R 34.11-2012)的信息来源,该函数是俄罗斯密码标准算法(称为GOST算法)之一。本文件更新了RFC 5831。
Status of This Memo
关于下段备忘
This document is not an Internet Standards Track specification; it is published for informational purposes.
本文件不是互联网标准跟踪规范;它是为了提供信息而发布的。
This is a contribution to the RFC Series, independently of any other RFC stream. The RFC Editor has chosen to publish this document at its discretion and makes no statement about its value for implementation or deployment. Documents approved for publication by the RFC Editor are not a candidate for any level of Internet Standard; see Section 2 of RFC 5741.
这是对RFC系列的贡献,独立于任何其他RFC流。RFC编辑器已选择自行发布此文档,并且未声明其对实现或部署的价值。RFC编辑批准发布的文件不适用于任何级别的互联网标准;见RFC 5741第2节。
Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc6986.
有关本文件当前状态、任何勘误表以及如何提供反馈的信息,请访问http://www.rfc-editor.org/info/rfc6986.
Copyright Notice
版权公告
Copyright (c) 2013 IETF Trust and the persons identified as the document authors. All rights reserved.
版权所有(c)2013 IETF信托基金和确定为文件作者的人员。版权所有。
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document.
本文件受BCP 78和IETF信托有关IETF文件的法律规定的约束(http://trustee.ietf.org/license-info)自本文件出版之日起生效。请仔细阅读这些文件,因为它们描述了您对本文件的权利和限制。
Table of Contents
目录
1. Scope ...........................................................2
2. General Information .............................................3
3. Standard References .............................................3
4. Definitions and Notations .......................................4
4.1. Definitions ................................................4
4.2. Notations ..................................................5
5. General Provisions ..............................................6
6. Parameter Values ................................................6
6.1. Initializing Values ........................................6
6.2. Nonlinear Bijections of Binary Vector Sets .................7
6.3. Byte Permutation ...........................................8
6.4. Linear Transformations of Binary Vector Sets ...............8
6.5. Iteration Constants ........................................9
7. Transformations ................................................10
8. Round Functions ................................................11
9. Hash-Function Calculation Procedure ............................11
10. Examples (Informative) ........................................13
10.1. Example 1 ................................................13
10.1.1. For Hash Function with 512-Bit Hash Code ..........13
10.1.2. For Hash Function with 256-Bit Hash Code ..........19
10.2. Example 2 ................................................25
10.2.1. For Hash Function with 512-Bit Hash Code ..........25
10.2.2. For Hash Function with 256-Bit Hash Code ..........32
11. Security Considerations .......................................38
12. References ....................................................38
12.1. Normative References .....................................38
12.2. Informative References ...................................39
1. Scope ...........................................................2
2. General Information .............................................3
3. Standard References .............................................3
4. Definitions and Notations .......................................4
4.1. Definitions ................................................4
4.2. Notations ..................................................5
5. General Provisions ..............................................6
6. Parameter Values ................................................6
6.1. Initializing Values ........................................6
6.2. Nonlinear Bijections of Binary Vector Sets .................7
6.3. Byte Permutation ...........................................8
6.4. Linear Transformations of Binary Vector Sets ...............8
6.5. Iteration Constants ........................................9
7. Transformations ................................................10
8. Round Functions ................................................11
9. Hash-Function Calculation Procedure ............................11
10. Examples (Informative) ........................................13
10.1. Example 1 ................................................13
10.1.1. For Hash Function with 512-Bit Hash Code ..........13
10.1.2. For Hash Function with 256-Bit Hash Code ..........19
10.2. Example 2 ................................................25
10.2.1. For Hash Function with 512-Bit Hash Code ..........25
10.2.2. For Hash Function with 256-Bit Hash Code ..........32
11. Security Considerations .......................................38
12. References ....................................................38
12.1. Normative References .....................................38
12.2. Informative References ...................................39
The Russian Federal standard hash function (GOST R 34.11-2012) establishes the hash-function algorithm and the hash-function calculation procedure for any sequence of binary symbols used in cryptographic methods of information processing and information security, including techniques for providing data integrity and authenticity and for digital signatures during information transfer, information processing, and information storage in computer-aided systems.
俄罗斯联邦标准哈希函数(GOST R 34.11-2012)为信息处理和信息安全加密方法中使用的任何二进制符号序列建立了哈希函数算法和哈希函数计算程序,包括在计算机辅助系统的信息传输、信息处理和信息存储过程中提供数据完整性和真实性以及数字签名的技术。
The hash function defined in the standard provides for the operation of digital signature systems using the asymmetric cryptographic algorithm in compliance with GOST R 34.10-2012 [GOST3410-2012].
根据GOST R 34.10-2012[GOST3410-2012],本标准中定义的哈希函数规定了使用非对称加密算法的数字签名系统的操作。
GOST R 34.11-2012 applies to the creation, operation, and modernization of information systems of different purpose.
GOST R 34.11-2012适用于不同用途信息系统的创建、运行和现代化。
GOST R 34.11-94 is superseded by GOST R 34.11-2012 from 1st January 2013. That means that all new systems that are presented for certification MUST use GOST R 34.11-2012 and MAY use GOST R 34.11-94 also for maintaining compatibility with existing systems. Usage of GOST R 34.11-94 in current systems is allowed at least for a 5-year period.
自2013年1月1日起,GOST R 34.11-94被GOST R 34.11-2012取代。这意味着所有提交认证的新系统必须使用GOST R 34.11-2012,也可以使用GOST R 34.11-94来保持与现有系统的兼容性。允许在当前系统中使用GOST R 34.11-94至少5年。
This document updates RFC 5831 [RFC5831].
本文件更新了RFC 5831[RFC5831]。
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119].
本文件中的关键词“必须”、“不得”、“要求”、“应”、“不应”、“应”、“不应”、“建议”、“可”和“可选”应按照RFC 2119[RFC2119]中所述进行解释。
1. GOST R 34.11-2012 [GOST3411-2012] was developed by the Center for Information Protection and Special Communications of the Federal Security Service of the Russian Federation with participation of the open joint-stock company Information Technologies and Communication Systems (InfoTeCS JSC).
1. GOST R 34.11-2012【GOST3411-2012】由俄罗斯联邦安全局信息保护和特殊通信中心开发,开放式股份公司信息技术和通信系统(InfoTeCS JSC)参与。
2. GOST R 34.11-2012 was approved and introduced by Decree #216 of the Federal Agency on Technical Regulating and Metrology on 07.08.2012.
2. GOST R 34.11-2012于2012年8月7日由联邦技术监管和计量局第216号法令批准和引入。
3. GOST R 34.11-2012 is intended to replace GOST R 34.11-94 [GOST3411-94], a national standard of the Russian Federation.
3. GOST R 34.11-2012旨在取代俄罗斯联邦国家标准GOST R 34.11-94[GOST3411-94]。
Terms and concepts in the standard comply with the following international standards:
本标准中的术语和概念符合以下国际标准:
o ISO 2382-2 [ISO2382-2], o ISO/IEC 9796 [ISO/IEC9796-2][ISO/IEC9796-3], o series of standards ISO/IEC 14888 [ISO/IEC14888-1] [ISO/IEC14888-2][ISO/IEC14888-3][ISO/IEC14888-3Amd], and o series of standards ISO/IEC 10118 [ISO/IEC10118-1][ISO/IEC10118-2][ISO/IEC10118-3][ISO/IEC10118-4].
o ISO 2382-2[ISO2382-2]、o ISO/IEC 9796[ISO/IEC9796-2][ISO/IEC9796-3]、o系列标准ISO/IEC 14888[ISO/IEC14888-1][ISO/IEC14888-2][ISO/IEC14888-3][ISO/IEC14888-3Amd]和o系列标准ISO/IEC 10118[ISO/IEC10118-1][ISO/IEC10118-2][ISO/IEC10118-3][ISO/IEC10118-4]。
The following standards are referred to in GOST R 34.11-2012:
GOST R 34.11-2012中引用了以下标准:
1. GOST 28147-89 [GOST28147-89], "Systems of information processing. Cryptographic data security. Algorithms of cryptographic transformation."
1. GOST 28147-89[GOST28147-89],“信息处理系统.密码数据安全.密码转换算法。”
2. GOST R 34.10-2012 [GOST3410-2012], "Information technology. Cryptographic data security. Formation and verification processes of [electronic] digital signature."
2. GOST R 34.10-2012[GOST3410-2012],“信息技术.加密数据安全.[电子]数字签名的形成和验证过程。”
Note: Users of the standard may check the validity of the referenced standards on the official Internet site of the Federal Agency on Technical Regulating and Metrology, in the annual reference book "National Standards" published on January 1 of the current year, and in corresponding monthly indices published during the current year. If the referenced standard is replaced (amended), then the replaced (amended) standard shall be used. If the referenced standard is canceled without replacement, then only the parts of this document not containing the specified reference may be used.
注:本标准的用户可在联邦技术规范和计量局的官方网站、当年1月1日出版的年度参考书“国家标准”以及当年出版的相应月度指数中检查参考标准的有效性。如果参考标准被替换(修订),则应使用替换(修订)的标准。如果取消引用标准而未进行替换,则只能使用本文件中不包含指定引用的部分。
The following terms and their corresponding definitions are used in the standard.
本标准中使用了以下术语及其相应的定义。
padding: appending extra bits to a data string (Clause 3.9 of [ISO/IEC10118-1]).
填充:在数据字符串中附加额外的位(ISO/IEC10118-1第3.9条)。
initializing value: a value used in defining the starting point of a hash function (Clause 3.7 of [ISO/IEC10118-1]).
初始化值:用于定义散列函数起点的值(ISO/IEC10118-1第3.7条)。
message: string of bits of any length (Clause 3.10 of [ISO/IEC14888-1]).
信息:任意长度的位串(ISO/IEC14888-1第3.10条)。
round function: a function that transforms two binary strings of lengths L1 and L2 to a binary string of length L2. It is used iteratively as part of a hash function, where it combines a data string of length L1 with the previous output of length L2 (Clause 3.10 of [ISO/IEC10118-1]).
round函数:将长度为L1和L2的两个二进制字符串转换为长度为L2的二进制字符串的函数。它作为散列函数的一部分迭代使用,其中它将长度为L1的数据字符串与之前长度为L2的输出相结合(ISO/IEC10118-1第3.10条)。
Note: In GOST R 34.11-2012, the concepts "string of bits of length L" and "binary row vector of length L" are identical.
注:在GOST R 34.11-2012中,“长度为L的位串”和“长度为L的二进制行向量”的概念是相同的。
hash code: string of bits that is the output of a hash function (Clause 3.6 of [ISO/IEC14888-1].
散列码:散列函数输出的比特串(ISO/IEC14888-1第3.6条)。
collision-resistant hash function: function that maps strings of bits to fixed-length strings of bits, satisfying the following properties:
抗冲突哈希函数:将位字符串映射到固定长度的位字符串的函数,满足以下属性:
1. for a given output, it is computationally infeasible to find an input that maps to this output;
1. 对于给定的输出,在计算上不可能找到映射到此输出的输入;
2. for a given input, it is computationally infeasible to find a second input that maps to the same output; and
2. 对于给定的输入,在计算上不可能找到映射到相同输出的第二个输入;和
3. it is computationally infeasible to find any two distinct inputs that map to the same output (Clauses 3.2 and 3.7 of [ISO/IEC14888-1]).
3. 在计算上不可能找到映射到相同输出的任何两个不同输入(ISO/IEC14888-1第3.2条和第3.7条)。
Note: In the standard (to provide terminological compatibility with the current native standard documentation and with the published scientific and technical works), the terms "hash function" and "cryptographic hash function" are synonyms.
注:在本标准中(为了提供与当前本地标准文档和已出版的科学技术著作的术语兼容性),术语“哈希函数”和“加密哈希函数”是同义词。
signature: one or more data elements resulting from the signature process (Clause 3.12 of [ISO/IEC 14888-1].
签名:签名过程中产生的一个或多个数据元素(ISO/IEC 14888-1第3.12条)。
Note: In the standard (to provide terminological compatibility with the current native standard documentation and with the published scientific and technical works), the terms "digital signature", "electronic signature", and "electronic digital signature" are synonyms.
注:在本标准中(为了提供与当前本地标准文件和已出版的科学技术著作的术语兼容性),术语“数字签名”、“电子签名”和“电子数字签名”是同义词。
The following notations are used in the standard:
本标准中使用了以下符号:
V* the set of all binary row vectors of finite length (hereinafter referred to as vectors) including empty string
V*有限长度的所有二进制行向量(以下称为向量)的集合,包括空字符串
|A| the length (number of components) of the vector A belonging to V* (if A is an empty string, then |A| = 0)
|A |属于V*的向量A的长度(分量数)(如果A是空字符串,则| A |=0)
V_n the set of all binary vectors of length n, where n is a non-negative integer; subvectors and vector components are enumerated from right to left starting from zero
V_n the set of all binary vectors of length n, where n is a non-negative integer; subvectors and vector components are enumerated from right to left starting from zerotranslate error, please retry
(xor) exclusive-or of the two binary vectors of the same length
(异或)两个长度相同的二进制向量的异或
A||B concatenation of vectors A, B (both belong to V*), i.e., a vector from V_(|A|+|B|), where the left subvector from V_(|A|) is equal to the vector A and the right subvector from V_(|B|) is equal to the vector B
A | | B向量A、B(均属于V*)的级联,即来自V|的向量(| A |+| B |),其中来自V|的左子向量(| A |)等于向量A,来自V|的右子向量(| B |)等于向量B
A^n concatenation of n instances of the vector A
向量A的n个实例的^n个串联
Z_(2^n) ring of residues modulo 2^n
Z_(2^n) ring of residues modulo 2^n
[+] addition operation in the ring Z_(2^n)
[+] addition operation in the ring Z_(2^n)
Vec_n: Z_(2^n) -> V_n
bijective-mapping operation associating an element from
Z_(2^n) with its binary representation, i.e., for an element
z of the ring Z_(2^n), represented by the residue
z_0 + (2*z_1) + ... + (2^(n-1)*z_(n-1)), where z_i in {0, 1},
j = 0, ..., n-1, the equality Vec_n(z) =
z_(n-1)||...||z_1||z_0 holds
Vec_n: Z_(2^n) -> V_n
bijective-mapping operation associating an element from
Z_(2^n) with its binary representation, i.e., for an element
z of the ring Z_(2^n), represented by the residue
z_0 + (2*z_1) + ... + (2^(n-1)*z_(n-1)), where z_i in {0, 1},
j = 0, ..., n-1, the equality Vec_n(z) =
z_(n-1)||...||z_1||z_0 holds
Int_n: V_n -> Z_(2^n)
the mapping inverse to the mapping Vec_n, i.e.,
Int_n = Vec_n^(-1)
Int_n: V_n -> Z_(2^n)
the mapping inverse to the mapping Vec_n, i.e.,
Int_n = Vec_n^(-1)
MSB_n: V* -> V_n
the mapping associating the vector z_(k-1)||...||z_1||z_0,
k >= n, with the vector z_(k-1)||...||z_(k-n+1)||z_(k-n)
MSB_n: V* -> V_n
the mapping associating the vector z_(k-1)||...||z_1||z_0,
k >= n, with the vector z_(k-1)||...||z_(k-n+1)||z_(k-n)
a := b operation of assigning the value b to the variable a
a:=b将值b赋值给变量a的操作
PS product of mappings, where the mapping S applies first
PS映射的乘积,其中映射S首先应用
M binary vector subject to hashing procedure, M belongs to V*, |M| < 2^512
M二元向量经过散列程序,M属于V*,|M |<2^512
H: V* -> V_n
hash function mapping the vector (message) M into the vector
(hash code) H(M)
H: V* -> V_n
hash function mapping the vector (message) M into the vector
(hash code) H(M)
IV hash-function initializing value, IV in V_512
IV哈希函数初始化值,V_512中的IV
GOST R 34.11-2012 defines two hash functions H: V* -> V_n with the hash-code lengths n = 512 bits and n = 256 bits.
GOST R 34.11-2012定义了两个哈希函数H:V*->V_n,哈希代码长度分别为n=512位和n=256位。
The initializing value IV for a hash function with a hash-code length of 512 bits is 0^512. The initializing value IV for a hash function with a hash-code length of 256 bits is (00000001)^64.
哈希代码长度为512位的哈希函数的初始化值IV为0^512。哈希代码长度为256位的哈希函数的初始化值IV为(0000000 1)^64。
Nonlinear bijection of the binary vector set V_8 is presented by the following substitution:
二元向量集V_8的非线性双射通过以下替换表示:
Pi = (Vec_8)Pi'(Int_8): V_8 -> V_8
Pi = (Vec_8)Pi'(Int_8): V_8 -> V_8
where Pi': Z_(2^8) -> Z_(2^8).
式中Pi':Z_2^8)->Z_2^8。
The values of the substitution Pi' are presented in the array form
Pi' = (Pi'(0), Pi'(1), ... , Pi'(255)):
The values of the substitution Pi' are presented in the array form
Pi' = (Pi'(0), Pi'(1), ... , Pi'(255)):
Pi' = (252, 238, 221, 17, 207, 110, 49, 22, 251, 196, 250,
218, 35, 197, 4, 77, 233, 119, 240, 219, 147, 46,
153, 186, 23, 54, 241, 187, 20, 205, 95, 193, 249,
24, 101, 90, 226, 92, 239, 33, 129, 28, 60, 66,
139, 1, 142, 79, 5, 132, 2, 174, 227, 106, 143,
160, 6, 11, 237, 152, 127, 212, 211, 31, 235, 52,
44, 81, 234, 200, 72, 171, 242, 42, 104, 162, 253,
58, 206, 204, 181, 112, 14, 86, 8, 12, 118, 18,
191, 114, 19, 71, 156, 183, 93, 135, 21, 161, 150,
41, 16, 123, 154, 199, 243, 145, 120, 111, 157, 158,
178, 177, 50, 117, 25, 61, 255, 53, 138, 126, 109,
84, 198, 128, 195, 189, 13, 87, 223, 245, 36, 169,
62, 168, 67, 201, 215, 121, 214, 246, 124, 34, 185,
3, 224, 15, 236, 222, 122, 148, 176, 188, 220, 232,
40, 80, 78, 51, 10, 74, 167, 151, 96, 115, 30,
0, 98, 68, 26, 184, 56, 130, 100, 159, 38, 65,
173, 69, 70, 146, 39, 94, 85, 47, 140, 163, 165,
125, 105, 213, 149, 59, 7, 88, 179, 64, 134, 172,
29, 247, 48, 55, 107, 228, 136, 217, 231, 137, 225,
27, 131, 73, 76, 63, 248, 254, 141, 83, 170, 144,
202, 216, 133, 97, 32, 113, 103, 164, 45, 43, 9,
91, 203, 155, 37, 208, 190, 229, 108, 82, 89, 166,
116, 210, 230, 244, 180, 192, 209, 102, 175, 194, 57,
75, 99, 182)
Pi' = (252, 238, 221, 17, 207, 110, 49, 22, 251, 196, 250,
218, 35, 197, 4, 77, 233, 119, 240, 219, 147, 46,
153, 186, 23, 54, 241, 187, 20, 205, 95, 193, 249,
24, 101, 90, 226, 92, 239, 33, 129, 28, 60, 66,
139, 1, 142, 79, 5, 132, 2, 174, 227, 106, 143,
160, 6, 11, 237, 152, 127, 212, 211, 31, 235, 52,
44, 81, 234, 200, 72, 171, 242, 42, 104, 162, 253,
58, 206, 204, 181, 112, 14, 86, 8, 12, 118, 18,
191, 114, 19, 71, 156, 183, 93, 135, 21, 161, 150,
41, 16, 123, 154, 199, 243, 145, 120, 111, 157, 158,
178, 177, 50, 117, 25, 61, 255, 53, 138, 126, 109,
84, 198, 128, 195, 189, 13, 87, 223, 245, 36, 169,
62, 168, 67, 201, 215, 121, 214, 246, 124, 34, 185,
3, 224, 15, 236, 222, 122, 148, 176, 188, 220, 232,
40, 80, 78, 51, 10, 74, 167, 151, 96, 115, 30,
0, 98, 68, 26, 184, 56, 130, 100, 159, 38, 65,
173, 69, 70, 146, 39, 94, 85, 47, 140, 163, 165,
125, 105, 213, 149, 59, 7, 88, 179, 64, 134, 172,
29, 247, 48, 55, 107, 228, 136, 217, 231, 137, 225,
27, 131, 73, 76, 63, 248, 254, 141, 83, 170, 144,
202, 216, 133, 97, 32, 113, 103, 164, 45, 43, 9,
91, 203, 155, 37, 208, 190, 229, 108, 82, 89, 166,
116, 210, 230, 244, 180, 192, 209, 102, 175, 194, 57,
75, 99, 182)
The values of the permutation Tau belonging to S_64 are presented in
the array form Tau = (Tau(0), Tau(1), ..., Tau(63)):
The values of the permutation Tau belonging to S_64 are presented in
the array form Tau = (Tau(0), Tau(1), ..., Tau(63)):
Tau = (0, 8, 16, 24, 32, 40, 48, 56,
1, 9, 17, 25, 33, 41, 49, 57,
2, 10, 18, 26, 34, 42, 50, 58,
3, 11, 19, 27, 35, 43, 51, 59,
4, 12, 20, 28, 36, 44, 52, 60,
5, 13, 21, 29, 37, 45, 53, 61,
6, 14, 22, 30, 38, 46, 54, 62,
7, 15, 23, 31, 39, 47, 55, 63)
Tau = (0, 8, 16, 24, 32, 40, 48, 56,
1, 9, 17, 25, 33, 41, 49, 57,
2, 10, 18, 26, 34, 42, 50, 58,
3, 11, 19, 27, 35, 43, 51, 59,
4, 12, 20, 28, 36, 44, 52, 60,
5, 13, 21, 29, 37, 45, 53, 61,
6, 14, 22, 30, 38, 46, 54, 62,
7, 15, 23, 31, 39, 47, 55, 63)
Linear transformation l of the binary vector set V_64 is specified by the right multiplication with the matrix A over the field GF(2). The matrix rows are specified sequentially in a hexadecimal form. The row with number j, j = 0, ..., 63 (specified in the form a_(j, 15)...a_(j, 0), where a_(j, i) belongs to Z_16, i = 0, ..., 15), is Vec_4(a_(j, 15))||...||Vec_4(a_(j, 0)).
二元向量集V_64的线性变换l由域GF(2)上的矩阵A的右乘法指定。矩阵行以十六进制形式顺序指定。数字为j,j=0,…,63(以形式a_j(j,15)…a_j(j,0)指定,其中a_j(j,i)属于Z_16,i=0,…,15)的行是Vec_4(a_j(j,15))| | | Vec_4(a_j,0))。
8e20faa72ba0b470 47107ddd9b505a38 ad08b0e0c3282d1c d8045870ef14980e 6c022c38f90a4c07 3601161cf205268d 1b8e0b0e798c13c8 83478b07b2468764 a011d380818e8f40 5086e740ce47c920 2843fd2067adea10 14aff010bdd87508 0ad97808d06cb404 05e23c0468365a02 8c711e02341b2d01 46b60f011a83988e 90dab52a387ae76f 486dd4151c3dfdb9 24b86a840e90f0d2 125c354207487869 092e94218d243cba 8a174a9ec8121e5d 4585254f64090fa0 accc9ca9328a8950 9d4df05d5f661451 c0a878a0a1330aa6 60543c50de970553 302a1e286fc58ca7 18150f14b9ec46dd 0c84890ad27623e0 0642ca05693b9f70 0321658cba93c138 86275df09ce8aaa8 439da0784e745554 afc0503c273aa42a d960281e9d1d5215 e230140fc0802984 71180a8960409a42 b60c05ca30204d21 5b068c651810a89e 456c34887a3805b9 ac361a443d1c8cd2 561b0d22900e4669 2b838811480723ba 9bcf4486248d9f5d c3e9224312c8c1a0 effa11af0964ee50 f97d86d98a327728 e4fa2054a80b329c 727d102a548b194e 39b008152acb8227 9258048415eb419d 492c024284fbaec0 aa16012142f35760 550b8e9e21f7a530 a48b474f9ef5dc18 70a6a56e2440598e 3853dc371220a247 1ca76e95091051ad 0edd37c48a08a6d8 07e095624504536c 8d70c431ac02a736 c83862965601dd1b 641c314b2b8ee083
8e20faa72ba0b470 47107ddd9b505a38 ad08b0e0c3282d1c D8045870EF1490E 6c022c38f90a4c07 360111CF205268D 1b8e0b0e798c13c8 83478B0B2468764 a011d380818e8f40 5086e740ce47c920 2843FD2067ADA10 14AF010BDD87508 AD97808D06CB404 05e23c0468365a02 8C711E02342D001 4660F011B838E 908E8E80818E8E8F40 5086E7407CF2828286710ADA1048CF0808088080808CB04048D0804040404048B868D8D08040404040404048B8B8D8D8D8D080404040404048B092e94218d243cba 8a174a9ec8121e5d 4585254f64090fa0 accc9ca9328a8950 9d4df05d5f661451 c0a878a0a1330aa6 60543c50de970553 302a1e286fc58ca7 18150f14b9ec46dd 0C84890AD27623E00642CA05693B9F70 0321658cba93c138 86275DF09CE8AA8 439da0784e745554 AFC0503C2AA42A D960281E5215 E20860895B108048E456c34887a3805b9 ac361a443d1c8cd2 561b0d22900e4669 2b838811480723ba 9BCF44862448D9F5D c3e9224312c8c1a0有效期A11AF0964EE50 f97d86d98a327728 e4fa2054a80b329c 727d102a548b194e 39b008152acb8227 9258048415eb419d 492c024284fbaec0 AA16042F35760 550B8E9E9E2F7A530 A48B41747E4E4E5D8E4E4E4E4E4E4E4E4E4E4E4E4E4E4E4E4E4E4E4E4E4E4E4E4E4E4E4E4E4E4E4E4E4E4E4E4E4E407e095624504536c 8d70c431ac02a736 c83862965601dd1b 641c314b2b8ee083
Here one string contains 4 rows of the matrix A. So, the string with number i, i = 0, ..., 15, specifies 4 rows of the matrix A (with the numbers 4i + j, j = 0, ..., 3) in the following left-to-right order: 4i + 0, 4i + 1, 4i + 2, 4i + 3.
这里一个字符串包含矩阵A的4行。因此,数字为i,i=0,…,15的字符串按以下从左到右的顺序指定矩阵A的4行(数字为4i+j,j=0,…,3):4i+0,4i+1,4i+2,4i+3。
The product of the vector b = b_63...b_0 belonging to V_64 and the matrix A is the vector c belonging to V_64:
属于V_64的向量b=b_63…b_0与矩阵A的乘积是属于V_64的向量c:
c = b_63(Vec_4(a_(0, 15))||...||Vec_4(a_(0, 0))) (xor)
... (xor)
b_0(Vec_4(a_(63, 15))||...||Vec_4(a_(63, 0)))
c = b_63(Vec_4(a_(0, 15))||...||Vec_4(a_(0, 0))) (xor)
... (xor)
b_0(Vec_4(a_(63, 15))||...||Vec_4(a_(63, 0)))
where
哪里
b_i(Vec_4(a_(63-i, 15))||...||Vec_4(a_(63-i, 0))) =
b_i(Vec_4(a_(63-i, 15))||...||Vec_4(a_(63-i, 0))) =
= 0^64, if b_i = 0
= 0^64, if b_i = 0
= (Vec_4(a_(63-i, 15))||...||Vec_4(a_(63-i, 0))), if b_i = 1
= (Vec_4(a_(63-i, 15))||...||Vec_4(a_(63-i, 0))), if b_i = 1
for all i = 0, ..., 63.
对于所有i=0,…,63。
Iteration constants are specified in a hexadecimal form. The constant value specified in the form a_127...a_0 (where a_i belongs to Z_16, i = 0, ..., 127) is Vec_4(a_127)||...||Vec_4(a_0):
迭代常数以十六进制形式指定。形式a_127…a_0(其中a_i属于Z_16,i=0,…,127)中指定的常量值为Vec_4(a_127)| | | Vec_4(a_0):
C[1] = b1085bda1ecadae9ebcb2f81c0657c1f
2f6a76432e45d016714eb88d7585c4fc
4b7ce09192676901a2422a08a460d315
05767436cc744d23dd806559f2a64507
C[1] = b1085bda1ecadae9ebcb2f81c0657c1f
2f6a76432e45d016714eb88d7585c4fc
4b7ce09192676901a2422a08a460d315
05767436cc744d23dd806559f2a64507
C[2] = 6fa3b58aa99d2f1a4fe39d460f70b5d7
f3feea720a232b9861d55e0f16b50131
9ab5176b12d699585cb561c2db0aa7ca
55dda21bd7cbcd56e679047021b19bb7
C[2] = 6fa3b58aa99d2f1a4fe39d460f70b5d7
f3feea720a232b9861d55e0f16b50131
9ab5176b12d699585cb561c2db0aa7ca
55dda21bd7cbcd56e679047021b19bb7
C[3] = f574dcac2bce2fc70a39fc286a3d8435
06f15e5f529c1f8bf2ea7514b1297b7b
d3e20fe490359eb1c1c93a376062db09
c2b6f443867adb31991e96f50aba0ab2
C[3] = f574dcac2bce2fc70a39fc286a3d8435
06f15e5f529c1f8bf2ea7514b1297b7b
d3e20fe490359eb1c1c93a376062db09
c2b6f443867adb31991e96f50aba0ab2
C[4] = ef1fdfb3e81566d2f948e1a05d71e4dd
488e857e335c3c7d9d721cad685e353f
a9d72c82ed03d675d8b71333935203be
3453eaa193e837f1220cbebc84e3d12e
C[4] = ef1fdfb3e81566d2f948e1a05d71e4dd
488e857e335c3c7d9d721cad685e353f
a9d72c82ed03d675d8b71333935203be
3453eaa193e837f1220cbebc84e3d12e
C[5] = 4bea6bacad4747999a3f410c6ca92363
7f151c1f1686104a359e35d7800fffbd
bfcd1747253af5a3dfff00b723271a16
7a56a27ea9ea63f5601758fd7c6cfe57
C[5] = 4bea6bacad4747999a3f410c6ca92363
7f151c1f1686104a359e35d7800fffbd
bfcd1747253af5a3dfff00b723271a16
7a56a27ea9ea63f5601758fd7c6cfe57
C[6] = ae4faeae1d3ad3d96fa4c33b7a3039c0
2d66c4f95142a46c187f9ab49af08ec6
cffaa6b71c9ab7b40af21f66c2bec6b6
bf71c57236904f35fa68407a46647d6e
C[6] = ae4faeae1d3ad3d96fa4c33b7a3039c0
2d66c4f95142a46c187f9ab49af08ec6
cffaa6b71c9ab7b40af21f66c2bec6b6
bf71c57236904f35fa68407a46647d6e
C[7] = f4c70e16eeaac5ec51ac86febf240954
399ec6c7e6bf87c9d3473e33197a93c9
0992abc52d822c3706476983284a0504
3517454ca23c4af38886564d3a14d493
C[7] = f4c70e16eeaac5ec51ac86febf240954
399ec6c7e6bf87c9d3473e33197a93c9
0992abc52d822c3706476983284a0504
3517454ca23c4af38886564d3a14d493
C[8] = 9b1f5b424d93c9a703e7aa020c6e4141
4eb7f8719c36de1e89b4443b4ddbc49a
f4892bcb929b069069d18d2bd1a5c42f
36acc2355951a8d9a47f0dd4bf02e71e
C[8] = 9b1f5b424d93c9a703e7aa020c6e4141
4eb7f8719c36de1e89b4443b4ddbc49a
f4892bcb929b069069d18d2bd1a5c42f
36acc2355951a8d9a47f0dd4bf02e71e
C[9] = 378f5a541631229b944c9ad8ec165fde
3a7d3a1b258942243cd955b7e00d0984
800a440bdbb2ceb17b2b8a9aa6079c54
0e38dc92cb1f2a607261445183235adb
C[9] = 378f5a541631229b944c9ad8ec165fde
3a7d3a1b258942243cd955b7e00d0984
800a440bdbb2ceb17b2b8a9aa6079c54
0e38dc92cb1f2a607261445183235adb
C[10] = abbedea680056f52382ae548b2e4f3f3
8941e71cff8a78db1fffe18a1b336103
9fe76702af69334b7a1e6c303b7652f4
3698fad1153bb6c374b4c7fb98459ced
C[10] = abbedea680056f52382ae548b2e4f3f3
8941e71cff8a78db1fffe18a1b336103
9fe76702af69334b7a1e6c303b7652f4
3698fad1153bb6c374b4c7fb98459ced
C[11] = 7bcd9ed0efc889fb3002c6cd635afe94
d8fa6bbbebab07612001802114846679
8a1d71efea48b9caefbacd1d7d476e98
dea2594ac06fd85d6bcaa4cd81f32d1b
C[11] = 7bcd9ed0efc889fb3002c6cd635afe94
d8fa6bbbebab07612001802114846679
8a1d71efea48b9caefbacd1d7d476e98
dea2594ac06fd85d6bcaa4cd81f32d1b
C[12] = 378ee767f11631bad21380b00449b17a
cda43c32bcdf1d77f82012d430219f9b
5d80ef9d1891cc86e71da4aa88e12852
faf417d5d9b21b9948bc924af11bd720
C[12] = 378ee767f11631bad21380b00449b17a
cda43c32bcdf1d77f82012d430219f9b
5d80ef9d1891cc86e71da4aa88e12852
faf417d5d9b21b9948bc924af11bd720
For calculating the hash code H(M) of the message M belonging to V*, the following transformations are used:
为了计算属于V*的消息M的散列码H(M),使用以下转换:
X[k]: V_512 -> V_512,
X[k](a) = k (xor) a, k, a belongs to V_512;
X[k]: V_512 -> V_512,
X[k](a) = k (xor) a, k, a belongs to V_512;
S:V_512 -> V_512,
S(a) = S(a_63||...||a_0) = Pi(a_63)||...||Pi(a_0), where
a = a_63||...||a_0 belongs to V_512, a_i belongs to V_8,
i = 0, ..., 63;
S:V_512 -> V_512,
S(a) = S(a_63||...||a_0) = Pi(a_63)||...||Pi(a_0), where
a = a_63||...||a_0 belongs to V_512, a_i belongs to V_8,
i = 0, ..., 63;
P:V_512 -> V_512,
P(a) = P(a_63||...||a_0) = a_(Tau(63))||...||a_(Tau(0)), where
a = a_63||...||a_0 belongs to V_512, a_i belongs to V_8,
i = 0, ..., 63;
P:V_512 -> V_512,
P(a) = P(a_63||...||a_0) = a_(Tau(63))||...||a_(Tau(0)), where
a = a_63||...||a_0 belongs to V_512, a_i belongs to V_8,
i = 0, ..., 63;
L:V_512 -> V_512, L(a) = L(a_7||...||a_0) = l(a_7)||...||l(a_0), where a = a_7||...||a_0 belongs to V_512, a_i belongs to V_64, i = 0, ..., 7.
L:V_512->V_512,L(a)=L(a_7 | | | | | | | | | | | | | | | | a| 0属于V_512,a|i属于V|U 64,i=0,…,7。
The hash-code value of the message M belonging to V* is calculated using the iterative procedure. Each iteration is provided using the round function:
使用迭代过程计算属于V*的消息M的散列码值。使用round函数提供每个迭代:
g_N:V_512 x V_512 -> V_512, where N belongs to V_512
g_N:V_512 x V_512 -> V_512, where N belongs to V_512
calculated as
计算为
g_N(h, m) = E(LPS(h (xor) N), m) (xor) h (xor) m
g_N(h, m) = E(LPS(h (xor) N), m) (xor) h (xor) m
where
哪里
E(K, m) = X[K[13]]LPSX[K[12]]...LPSX[K[2]]LPSX[K[1]](m)
E(K, m) = X[K[13]]LPSX[K[12]]...LPSX[K[2]]LPSX[K[1]](m)
Values K[i] belonging to V_512, i = 1, ..., 13, are calculated as follows:
属于V_512的值K[i],i=1,…,13,计算如下:
K[1] = K
K[1]=K
K[i] = LPS(K[i-1] (xor) C[i-1]), i = 2, ..., 13
K[i] = LPS(K[i-1] (xor) C[i-1]), i = 2, ..., 13
Initial data for the procedure of calculating the hash code H(M) are a message M belonging to V* (subject to hashing) and initializing value IV belonging to V_512. The algorithm for calculating the function H consists of the following steps.
用于计算散列码H(M)的过程的初始数据是属于V*(服从散列)的消息M和属于V_512的初始化值IV。计算函数H的算法包括以下步骤。
Step 1. Assign initial values to the following variables:
第一步。为以下变量指定初始值:
1.1. h := IV
1.1. h:=IV
1.2. N := 0^512 belonging to V_512
1.2. N := 0^512 belonging to V_512
1.3. EPSILON := 0^512 belonging to V_512
1.3. EPSILON := 0^512 belonging to V_512
1.4. Go to Step 2.
1.4. 转至步骤2。
Step 2.
第二步。
2.1. Check the condition |M| < 512
2.1. 检查条件| M |<512
If it is true, then go to Step 3. Else, perform the following calculations:
如果为真,则转至步骤3。否则,执行以下计算:
2.2. Calculate the subvector m belonging to V_512 of the message M:
2.2. 计算属于消息m的V_512的子向量m:
M = M'||m
M=M'| | M
Then perform the following calculations:
然后执行以下计算:
2.3. h := g_N(h, m)
2.3. h := g_N(h, m)
2.4. N := Vec_512(Int_512(N) [+] 512)
2.4. N := Vec_512(Int_512(N) [+] 512)
2.5. EPSILON := Vec_512(Int_512(EPSILON) [+] Int_512(m))
2.5. EPSILON := Vec_512(Int_512(EPSILON) [+] Int_512(m))
2.6. M := M'
2.6. M:=M'
2.7. Go to Step 2.1.
2.7. 转至步骤2.1。
Step 3.
第三步。
3.1. m := 0^511-|M|||l||M
3.1. m := 0^511-|M|||l||M
3.2. h := g_N(h, m)
3.2. h := g_N(h, m)
3.3. N := Vec_512(Int_512(N) [+] |M|)
3.3. N := Vec_512(Int_512(N) [+] |M|)
3.4. EPSILON := Vec_512(Int_512(EPSILON) [+] Int_512(m))
3.4. EPSILON := Vec_512(Int_512(EPSILON) [+] Int_512(m))
3.5. h := g_0(h, N)
3.5. h := g_0(h, N)
3.6. h := g_0(h, EPSILON), for function with 512-bit hash code
3.6. h := g_0(h, EPSILON), for function with 512-bit hash code
h := MSB_256(g_0(h, EPSILON)), for function with 256-bit
hash code
h := MSB_256(g_0(h, EPSILON)), for function with 256-bit
hash code
3.7. End of the algorithm
3.7. 算法结束
The value of the variable h (obtained in Step 3.6) is the value of hash function H(M).
变量h(在步骤3.6中获得)的值是散列函数h(M)的值。
This section is for information only and is not a normative part of the standard.
本节仅供参考,不是本标准的规范性部分。
The vectors from V* are specified in a hexadecimal form. The vector A belonging to V_(4n) (specified in the form a_(n-1)...a_0, where a_i belongs to Z_16, i = 0, ..., n-1) is Vec_4(a_(n-1))||...||Vec_4(a_0).
V*中的向量以十六进制形式指定。属于V_4n的向量A(以A_1;(n-1)…A_0的形式指定,其中A_i属于Z_16,i=0,…,n-1)是Vec_4(A_1;(n-1))|…| Vec_4(A_0)。
Let's calculate the hash code of the following message (represented as a hexadecimal string):
让我们计算以下消息的哈希代码(表示为十六进制字符串):
M1 = 32313039383736353433323130393837 36353433323130393837363534333231 30393837363534333231303938373635 343332313039383736353433323130
M1=32313039383736353433323130393837 36353433323130393837363534333231 3039383737363534333231 303938383736353534333231 3433323130393837373635 34333231303837363633323130
Assign the following values to the variables:
为变量指定以下值:
h := IV = 0^512
h := IV = 0^512
N := 0^512
N := 0^512
EPSILON := 0^512
EPSILON := 0^512
The length of the message is |M1| = 504 < 512, so the incomplete block is padded:
消息的长度为| M1 |=504<512,因此填充不完整的块:
m := 01323130393837363534333231303938
37363534333231303938373635343332
31303938373635343332313039383736
35343332313039383736353433323130
m := 01323130393837363534333231303938
37363534333231303938373635343332
31303938373635343332313039383736
35343332313039383736353433323130
Calculate
计算
K := LPS(h (xor) N) = LPS(0^512).
K:=LPS(h(xor)N)=LPS(0^512)。
After the transformation S:
转换后,S:
S(h (xor) N) = fcfcfcfcfcfcfcfcfcfcfcfcfcfcfcfc
fcfcfcfcfcfcfcfcfcfcfcfcfcfcfcfc
fcfcfcfcfcfcfcfcfcfcfcfcfcfcfcfc
fcfcfcfcfcfcfcfcfcfcfcfcfcfcfcfc
S(h (xor) N) = fcfcfcfcfcfcfcfcfcfcfcfcfcfcfcfc
fcfcfcfcfcfcfcfcfcfcfcfcfcfcfcfc
fcfcfcfcfcfcfcfcfcfcfcfcfcfcfcfc
fcfcfcfcfcfcfcfcfcfcfcfcfcfcfcfc
after the transformation P:
在转换P之后:
PS(h (xor) N) = fcfcfcfcfcfcfcfcfcfcfcfcfcfcfcfc
fcfcfcfcfcfcfcfcfcfcfcfcfcfcfcfc
fcfcfcfcfcfcfcfcfcfcfcfcfcfcfcfc
fcfcfcfcfcfcfcfcfcfcfcfcfcfcfcfc
PS(h (xor) N) = fcfcfcfcfcfcfcfcfcfcfcfcfcfcfcfc
fcfcfcfcfcfcfcfcfcfcfcfcfcfcfcfc
fcfcfcfcfcfcfcfcfcfcfcfcfcfcfcfc
fcfcfcfcfcfcfcfcfcfcfcfcfcfcfcfc
after the transformation L:
转换后,L:
K := LPS(h (xor) N) = b383fc2eced4a574b383fc2eced4a574
b383fc2eced4a574b383fc2eced4a574
b383fc2eced4a574b383fc2eced4a574
b383fc2eced4a574b383fc2eced4a574
K := LPS(h (xor) N) = b383fc2eced4a574b383fc2eced4a574
b383fc2eced4a574b383fc2eced4a574
b383fc2eced4a574b383fc2eced4a574
b383fc2eced4a574b383fc2eced4a574
Then the transformation E(K, m) is performed:
然后执行变换E(K,m):
Iteration 1
迭代1
K[1] = b383fc2eced4a574b383fc2eced4a574
b383fc2eced4a574b383fc2eced4a574
b383fc2eced4a574b383fc2eced4a574
b383fc2eced4a574b383fc2eced4a574
K[1] = b383fc2eced4a574b383fc2eced4a574
b383fc2eced4a574b383fc2eced4a574
b383fc2eced4a574b383fc2eced4a574
b383fc2eced4a574b383fc2eced4a574
X[K[1]](m) = b2b1cd1ef7ec924286b7cf1cffe49c4c
84b5c91afde694448abbcb18fbe09646
82b3c516f9e2904080b1cd1ef7ec9242
86b7cf1cffe49c4c84b5c91afde69444
X[K[1]](m) = b2b1cd1ef7ec924286b7cf1cffe49c4c
84b5c91afde694448abbcb18fbe09646
82b3c516f9e2904080b1cd1ef7ec9242
86b7cf1cffe49c4c84b5c91afde69444
SX[K[1]](m) = 4645d95fc0beec2c432f8914b62d4efd
3e5e37f14b097aead67de417c220b048
2492ac996667e0ebdf45d95fc0beec2c
432f8914b62d4efd3e5e37f14b097aea
SX[K[1]](m) = 4645d95fc0beec2c432f8914b62d4efd
3e5e37f14b097aead67de417c220b048
2492ac996667e0ebdf45d95fc0beec2c
432f8914b62d4efd3e5e37f14b097aea
PSX[K[1]](m) = 46433ed624df433e452f5e7d92452f5e
d98937e4acd989375f14f117995f14f1
c0b64bc266c0b64bbe2d092067be2d09
ec4e7ab0e0ec4e7a2cfdea48eb2cfdea
PSX[K[1]](m) = 46433ed624df433e452f5e7d92452f5e
d98937e4acd989375f14f117995f14f1
c0b64bc266c0b64bbe2d092067be2d09
ec4e7ab0e0ec4e7a2cfdea48eb2cfdea
LPSX[K[1]](m) = e60059d4d8e0758024c73f6f3183653f
56579189602ae4c21e7953ebc0e212a0
ce78a8df475c2fd4fc43fc4b71c01e35
be465fb20dad2cf690cdf65028121bb9
LPSX[K[1]](m) = e60059d4d8e0758024c73f6f3183653f
56579189602ae4c21e7953ebc0e212a0
ce78a8df475c2fd4fc43fc4b71c01e35
be465fb20dad2cf690cdf65028121bb9
K[1] (xor) C[1] = 028ba7f4d01e7f9d5848d3af0eb1d96b
9ce98a6de0917562c2cd44a3bb516188
f8ff1cbf5cb3cc7511c1d6266ab47661
b6f5881802a0e8576e0399773c72e073
K[1] (xor) C[1] = 028ba7f4d01e7f9d5848d3af0eb1d96b
9ce98a6de0917562c2cd44a3bb516188
f8ff1cbf5cb3cc7511c1d6266ab47661
b6f5881802a0e8576e0399773c72e073
S(K[1] (xor) C[1]) = ddf644e6e15f5733bff249410445536f
4e9bd69e200f3596b3d9ea737d70a1d7
d1b6143b9c9288357758f8ef78278aa1
55f4d717dda7cb12b211e87e7f19203d
S(K[1] (xor) C[1]) = ddf644e6e15f5733bff249410445536f
4e9bd69e200f3596b3d9ea737d70a1d7
d1b6143b9c9288357758f8ef78278aa1
55f4d717dda7cb12b211e87e7f19203d
PS(K[1] (xor) C[1]) = ddbf4eb3d17755b2f6f29bd9b658f411
4449d6ea14f8d7e8e6419e733bef177e
e104207d9c78dd7f5f450f709227a719
575335a1888acb20336f96d735a1123d
PS(K[1] (xor) C[1]) = ddbf4eb3d17755b2f6f29bd9b658f411
4449d6ea14f8d7e8e6419e733bef177e
e104207d9c78dd7f5f450f709227a719
575335a1888acb20336f96d735a1123d
LPS(K[1] (xor) C[1]) = d0b00807642fd78f13f2c3ebc774e80d
e0e902d23aef2ee9a73d010807dae9c1
88be14f0b2da27973569cd2ba0513010
36f728bd1d7eec33f4d18af70c46cf1e
LPS(K[1] (xor) C[1]) = d0b00807642fd78f13f2c3ebc774e80d
e0e902d23aef2ee9a73d010807dae9c1
88be14f0b2da27973569cd2ba0513010
36f728bd1d7eec33f4d18af70c46cf1e
Iteration 2
迭代2
K[2] = d0b00807642fd78f13f2c3ebc774e80d
e0e902d23aef2ee9a73d010807dae9c1
88be14f0b2da27973569cd2ba0513010
36f728bd1d7eec33f4d18af70c46cf1e
K[2] = d0b00807642fd78f13f2c3ebc774e80d
e0e902d23aef2ee9a73d010807dae9c1
88be14f0b2da27973569cd2ba0513010
36f728bd1d7eec33f4d18af70c46cf1e
LPSX[K[2]]LPSX[K[1]](m) = 18e77571e703d19548075c574ce5e50e
0480c9c5b9f21d45611ab86cf32e352a
d91854ea7df8f863d46333673f62ff2d
3efae1cd966f8e2a74ce49902799aad4
LPSX[K[2]]LPSX[K[1]](m) = 18e77571e703d19548075c574ce5e50e
0480c9c5b9f21d45611ab86cf32e352a
d91854ea7df8f863d46333673f62ff2d
3efae1cd966f8e2a74ce49902799aad4
Iteration 3
迭代3
K[3] = 9d4475c7899f2d0bb0e8b7dac6ef6e6b
44ecf66716d3a0f16681105e2d13712a
1a9387ecc257930e2d61014a1b5c9fc9
e24e7d636eb1607e816dbaf927b8fca9
K[3] = 9d4475c7899f2d0bb0e8b7dac6ef6e6b
44ecf66716d3a0f16681105e2d13712a
1a9387ecc257930e2d61014a1b5c9fc9
e24e7d636eb1607e816dbaf927b8fca9
LPSX[K[3]]...LPSX[K[1]](m) = 03dc0a9c64d42543ccdb62960d58c17e
0b5b805d08a07406ece679d5f82b70fe
a22a7ea56e21814619e8749b30821457
5489d4d465539852cd4b0cd3829bef39
LPSX[K[3]]...LPSX[K[1]](m) = 03dc0a9c64d42543ccdb62960d58c17e
0b5b805d08a07406ece679d5f82b70fe
a22a7ea56e21814619e8749b30821457
5489d4d465539852cd4b0cd3829bef39
Iteration 4
迭代4
K[4] = 5c283daba5ec1f233b8c833c48e1c670
dae2e40cc4c3219c73e58856bd96a72f
df9f8055ffe3c004c8cde3b8bf78f95f
3370d0a3d6194ac5782487defd83ca0f
K[4] = 5c283daba5ec1f233b8c833c48e1c670
dae2e40cc4c3219c73e58856bd96a72f
df9f8055ffe3c004c8cde3b8bf78f95f
3370d0a3d6194ac5782487defd83ca0f
LPSX[K[4]]...LPSX[K[1]](m) = dbee312ea7301b0d6d13e43855e85db8
1608c780c43675bc93cfd82c1b4933b3
898a35b13e1878abe119e4dffb9de488
9738ca74d064cd9eb732078c1fb25e04
LPSX[K[4]]...LPSX[K[1]](m) = dbee312ea7301b0d6d13e43855e85db8
1608c780c43675bc93cfd82c1b4933b3
898a35b13e1878abe119e4dffb9de488
9738ca74d064cd9eb732078c1fb25e04
Iteration 5
迭代5
K[5] = 109f33262731f9bd569cbc9317baa551
d4d2964fa18d42c41fab4e37225292ec
2fd97d7493784779046388469ae195c4
36fa7cba93f8239ceb5ffc818826470c
K[5] = 109f33262731f9bd569cbc9317baa551
d4d2964fa18d42c41fab4e37225292ec
2fd97d7493784779046388469ae195c4
36fa7cba93f8239ceb5ffc818826470c
LPSX[K[5]]...LPSX[K[1]](m) = 7fb3f15718d90e889f9fb7c38f527bec
861c298afb9186934a93c9d96ade20df
109379bb9c1a1ffd0ad81fce7b45ccd5
4501e7d127e32874b5d7927b032de7a1
LPSX[K[5]]...LPSX[K[1]](m) = 7fb3f15718d90e889f9fb7c38f527bec
861c298afb9186934a93c9d96ade20df
109379bb9c1a1ffd0ad81fce7b45ccd5
4501e7d127e32874b5d7927b032de7a1
Iteration 6
迭代6
K[6] = b32c9b02667911cf8f8a0877be9a1707
57e25026ccf41e67c6b5da70b1b87474
3e1135cfbefe244237555c676c153d99
459bc382573aee2d85d30d99f286c5e7
K[6] = b32c9b02667911cf8f8a0877be9a1707
57e25026ccf41e67c6b5da70b1b87474
3e1135cfbefe244237555c676c153d99
459bc382573aee2d85d30d99f286c5e7
LPSX[K[6]]...LPSX[K[1]](m) = 95efa4e104f235824bae5030fe2d0f17
0a38de3c9b8fc6d8fa1a9adc2945c413
389a121501fa71a65067916b0c06f6b8
7ce18de1a2a98e0a64670985f47d73f1
LPSX[K[6]]...LPSX[K[1]](m) = 95efa4e104f235824bae5030fe2d0f17
0a38de3c9b8fc6d8fa1a9adc2945c413
389a121501fa71a65067916b0c06f6b8
7ce18de1a2a98e0a64670985f47d73f1
Iteration 7
迭代7
K[7] = 8a13c1b195fd0886ac49989e7d84b08b
c7b00e4f3f62765ece6050fcbabdc234
6c8207594714e8e9c9c7aad694edc922
d6b01e17285eb7e61502e634559e32f1
K[7] = 8a13c1b195fd0886ac49989e7d84b08b
c7b00e4f3f62765ece6050fcbabdc234
6c8207594714e8e9c9c7aad694edc922
d6b01e17285eb7e61502e634559e32f1
LPSX[K[7]]...LPSX[K[1]](m) = 7ea4385f7e5e40103bfb25c67e404c75
24eec43e33b1d06557469c6049854304
32b43d941b77ffd476103338e9bd5145
d9c1e18b1f262b58a81dcefff6fc6535
LPSX[K[7]]...LPSX[K[1]](m) = 7ea4385f7e5e40103bfb25c67e404c75
24eec43e33b1d06557469c6049854304
32b43d941b77ffd476103338e9bd5145
d9c1e18b1f262b58a81dcefff6fc6535
Iteration 8
迭代8
K[8] = 52cec3b11448bb8617d0ddfbc926f2e8
8730cb9179d6decea5acbffd323ec376
4c47f7a9e13bb1db56c342034773023d
617ff01cc546728e71dff8de5d128cac
K[8] = 52cec3b11448bb8617d0ddfbc926f2e8
8730cb9179d6decea5acbffd323ec376
4c47f7a9e13bb1db56c342034773023d
617ff01cc546728e71dff8de5d128cac
LPSX[K[8]]...LPSX[K[1]](m) = b2426da0e58d5cfe898c36e797993f90
2531579d8ecc59f8dd8a60802241a456
1f290cf992eb398894424bf681636968
c167e870967b1dd9047293331956daba
LPSX[K[8]]...LPSX[K[1]](m) = b2426da0e58d5cfe898c36e797993f90
2531579d8ecc59f8dd8a60802241a456
1f290cf992eb398894424bf681636968
c167e870967b1dd9047293331956daba
Iteration 9
迭代9
K[9] = f38c5b7947e7736d502007a05ea64a4e
b9c243cb82154aa138b963bbb7f28e74
d4d710445389671291d70103f48fd4d4
c01fc415e3fb7dc61c6088afa1a1e735
K[9] = f38c5b7947e7736d502007a05ea64a4e
b9c243cb82154aa138b963bbb7f28e74
d4d710445389671291d70103f48fd4d4
c01fc415e3fb7dc61c6088afa1a1e735
LPSX[K[9]]...LPSX[K[1]](m) = 5e0c9978670b25912dd1ede5bdd1cf18
ed094d14c6d973b731d50570d0a9bca2
15415a15031fd20ddefb5bc61b96671d
6902f49df4d2fd346ceebda9431cb075
LPSX[K[9]]...LPSX[K[1]](m) = 5e0c9978670b25912dd1ede5bdd1cf18
ed094d14c6d973b731d50570d0a9bca2
15415a15031fd20ddefb5bc61b96671d
6902f49df4d2fd346ceebda9431cb075
Iteration 10
迭代10
K[10] = 0740b3faa03ed39b257dd6e3db7c1bf5
6b6e18e40cdaabd30617cecbaddd618e
a5e61bb4654599581dd30c24c1ab877a
d0687948286cfefaa7eef99f6068b315
K[10] = 0740b3faa03ed39b257dd6e3db7c1bf5
6b6e18e40cdaabd30617cecbaddd618e
a5e61bb4654599581dd30c24c1ab877a
d0687948286cfefaa7eef99f6068b315
LPSX[K[10]]...LPSX[K[1]](m) = c1ddd840fe491393a5d460440e03bf45
1794e792c0c629e49ab0c1001782dd37
691cb6896f3e00b87f71d37a584c35b9
cd8789fad55a46887e5b60e124b51a61
LPSX[K[10]]...LPSX[K[1]](m) = c1ddd840fe491393a5d460440e03bf45
1794e792c0c629e49ab0c1001782dd37
691cb6896f3e00b87f71d37a584c35b9
cd8789fad55a46887e5b60e124b51a61
Iteration 11
迭代11
K[11] = 185811cf3c2633aec8cfdfcae9dbb293
47011bf92b95910a3ad71e5fca678e45
e374f088f2e5c29496e9695ce8957837
107bb3aa56441af11a82164893313116
K[11] = 185811cf3c2633aec8cfdfcae9dbb293
47011bf92b95910a3ad71e5fca678e45
e374f088f2e5c29496e9695ce8957837
107bb3aa56441af11a82164893313116
LPSX[K[11]]...LPSX[K[1]](m) = 3f75beaf2911c35d575088e30542b689
c85b6b1607f8b800405941f5ab704284
7b9b08b58b4fbdd6154ed7b366fd3ee7
78ce647726ddb3c7d48c8ce8866a8435
LPSX[K[11]]...LPSX[K[1]](m) = 3f75beaf2911c35d575088e30542b689
c85b6b1607f8b800405941f5ab704284
7b9b08b58b4fbdd6154ed7b366fd3ee7
78ce647726ddb3c7d48c8ce8866a8435
Iteration 12
迭代12
K[12] = 9d46bf66234a7ed06c3b2120d2a3f15e
0fedd87189b75b3cd2f206906b5ee00d
c9a1eab800fb8cc5760b251f4db5cdef
427052fa345613fd076451901279ee4c
K[12] = 9d46bf66234a7ed06c3b2120d2a3f15e
0fedd87189b75b3cd2f206906b5ee00d
c9a1eab800fb8cc5760b251f4db5cdef
427052fa345613fd076451901279ee4c
LPSX[K[12]]...LPSX[K[1]](m) = f35b0d889eadfcff73b6b17f33413a97
417d96f0c4cc9d30cda8ebb7dcd5d1b0
61e620bac75b367370605f474ddc0060
03bec4c4d7ce59a73fbe6766934c55a2
LPSX[K[12]]...LPSX[K[1]](m) = f35b0d889eadfcff73b6b17f33413a97
417d96f0c4cc9d30cda8ebb7dcd5d1b0
61e620bac75b367370605f474ddc0060
03bec4c4d7ce59a73fbe6766934c55a2
Iteration 13
迭代13
K[13] = 0f79104026b900d8d768b6e223484c97
61e3c585b3a405a6d2d8565ada926c3f
7782ef127cd6b98290bf612558b4b60a
a3cbc28fd94f95460d76b621cb45be70
K[13] = 0f79104026b900d8d768b6e223484c97
61e3c585b3a405a6d2d8565ada926c3f
7782ef127cd6b98290bf612558b4b60a
a3cbc28fd94f95460d76b621cb45be70
X[K[13]]...LPSX[K[1]](m) = fc221dc8b814fc27a4de079d10097600
209e5375776898961f70bded0647bd8f
1664cfa8bb8d8ff1e0df3e621568b66a
a075064b0e81cce132c8d1475809ebd2
X[K[13]]...LPSX[K[1]](m) = fc221dc8b814fc27a4de079d10097600
209e5375776898961f70bded0647bd8f
1664cfa8bb8d8ff1e0df3e621568b66a
a075064b0e81cce132c8d1475809ebd2
The result of the transformation g_N(h, m) is
变换g_N(h,m)的结果是
h = fd102cf8812ccb1191ea34af21394f38
17a86641445aa9a626488adb33738ebd
2754f6908cbbbac5d3ed0f522c50815c
954135793fb1f5d905fee4736b3bdae2
h = fd102cf8812ccb1191ea34af21394f38
17a86641445aa9a626488adb33738ebd
2754f6908cbbbac5d3ed0f522c50815c
954135793fb1f5d905fee4736b3bdae2
Variables N and EPSILON change their values to
变量N和EPSILON将其值更改为
N = 00000000000000000000000000000000
00000000000000000000000000000000
00000000000000000000000000000000
000000000000000000000000000001f8
N = 00000000000000000000000000000000
00000000000000000000000000000000
00000000000000000000000000000000
000000000000000000000000000001f8
EPSILON = 01323130393837363534333231303938
37363534333231303938373635343332
31303938373635343332313039383736
35343332313039383736353433323130
EPSILON = 01323130393837363534333231303938
37363534333231303938373635343332
31303938373635343332313039383736
35343332313039383736353433323130
The result of the transformation g_0(h, N) is
变换g_0(h,N)的结果是
h = 5c881fd924695cf196c2e4fec20d14b6
42026f2a0b1716ebaabb7067d4d59752
3d2db69d6d3794622147a14f19a66e7f
9037e1d662d34501a8901a5de7771d7c
h = 5c881fd924695cf196c2e4fec20d14b6
42026f2a0b1716ebaabb7067d4d59752
3d2db69d6d3794622147a14f19a66e7f
9037e1d662d34501a8901a5de7771d7c
The result of the transformation g_0(h, EPSILON) is
变换g_0(h,ε)的结果是
h = 486f64c1917879417fef082b3381a4e2
11c324f074654c38823a7b76f830ad00
fa1fbae42b1285c0352f227524bc9ab1
6254288dd6863dccd5b9f54a1ad0541b
h = 486f64c1917879417fef082b3381a4e2
11c324f074654c38823a7b76f830ad00
fa1fbae42b1285c0352f227524bc9ab1
6254288dd6863dccd5b9f54a1ad0541b
The hash code of the message M1 is the value
消息M1的哈希代码是值
H(M1) = 486f64c1917879417fef082b3381a4e2
11c324f074654c38823a7b76f830ad00
fa1fbae42b1285c0352f227524bc9ab1
6254288dd6863dccd5b9f54a1ad0541b
H(M1) = 486f64c1917879417fef082b3381a4e2
11c324f074654c38823a7b76f830ad00
fa1fbae42b1285c0352f227524bc9ab1
6254288dd6863dccd5b9f54a1ad0541b
Assign the following values to the variables:
为变量指定以下值:
h := IV = (00000001)^64
h := IV = (00000001)^64
N := 0^512
N := 0^512
EPSILON := 0^512
EPSILON := 0^512
The length of the message is |M1| = 504 < 512, so the incomplete block is padded:
消息的长度为| M1 |=504<512,因此填充不完整的块:
m := 01323130393837363534333231303938
37363534333231303938373635343332
31303938373635343332313039383736
35343332313039383736353433323130
m := 01323130393837363534333231303938
37363534333231303938373635343332
31303938373635343332313039383736
35343332313039383736353433323130
Calculate
计算
K := LPS(h (xor) N) = LPS((00000001)^64)
K := LPS(h (xor) N) = LPS((00000001)^64)
After the transformation S:
转换后,S:
S(h (xor) N) = eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
S(h (xor) N) = eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
after the transformation P:
在转换P之后:
PS(h (xor) N) = eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
PS(h (xor) N) = eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
after the transformation L:
转换后,L:
K := LPS(h (xor) N) = 23c5ee40b07b5f1523c5ee40b07b5f15
23c5ee40b07b5f1523c5ee40b07b5f15
23c5ee40b07b5f1523c5ee40b07b5f15
23c5ee40b07b5f1523c5ee40b07b5f15
K := LPS(h (xor) N) = 23c5ee40b07b5f1523c5ee40b07b5f15
23c5ee40b07b5f1523c5ee40b07b5f15
23c5ee40b07b5f1523c5ee40b07b5f15
23c5ee40b07b5f1523c5ee40b07b5f15
Then the transformation E(K, m) is performed:
然后执行变换E(K,m):
Iteration 1
迭代1
K[1] = 23c5ee40b07b5f1523c5ee40b07b5f15
23c5ee40b07b5f1523c5ee40b07b5f15
23c5ee40b07b5f1523c5ee40b07b5f15
23c5ee40b07b5f1523c5ee40b07b5f15
K[1] = 23c5ee40b07b5f1523c5ee40b07b5f15
23c5ee40b07b5f1523c5ee40b07b5f15
23c5ee40b07b5f1523c5ee40b07b5f15
23c5ee40b07b5f1523c5ee40b07b5f15
X[K[1]](m) = 22f7df708943682316f1dd72814b662d
14f3db7483496e251afdd976854f6c27
12f5d778874d6a2110f7df7089436823
16f1dd72814b662d14f3db7483496e25
X[K[1]](m) = 22f7df708943682316f1dd72814b662d
14f3db7483496e251afdd976854f6c27
12f5d778874d6a2110f7df7089436823
16f1dd72814b662d14f3db7483496e25
SX[K[1]](m) = 65c061327951f35a99a6d819f5a29a01
93d290ffa92ab25cf14b538aa8cc9d21
f0f4fe6dc93a7818e9c061327951f35a
99a6d819f5a29a0193d290ffa92ab25c
SX[K[1]](m) = 65c061327951f35a99a6d819f5a29a01
93d290ffa92ab25cf14b538aa8cc9d21
f0f4fe6dc93a7818e9c061327951f35a
99a6d819f5a29a0193d290ffa92ab25c
PSX[K[1]](m) = 659993f1f0e99993c0a6d24bf4c0a6d2
61d89053fe61d8903219ff8a6d3219ff
79f5a9a8c979f5a951a22acc3a51a22a
f39ab29d78f39ab25a015c21185a015c
PSX[K[1]](m) = 659993f1f0e99993c0a6d24bf4c0a6d2
61d89053fe61d8903219ff8a6d3219ff
79f5a9a8c979f5a951a22acc3a51a22a
f39ab29d78f39ab25a015c21185a015c
LPSX[K[1]](m) = e549368917a0a2611d5e08c9c2fd5b3c
563f18c0f68c410d84ae9d5fbdfb9340
55650121b7aa6d7b3e7d09d46ac4358a
daa6ae44fa3b0402c4166d2c3eb2ef02
LPSX[K[1]](m) = e549368917a0a2611d5e08c9c2fd5b3c
563f18c0f68c410d84ae9d5fbdfb9340
55650121b7aa6d7b3e7d09d46ac4358a
daa6ae44fa3b0402c4166d2c3eb2ef02
K[1] (xor) C[1] = 92cdb59aaeb185fcc80ec1c1701e230a
0caf98039e3e8f03528b56cdc5fe9be9
68b90ed1221c36148187c448141b8c00
26b39a767c0f1236fe458b1942dd1a12
K[1] (xor) C[1] = 92cdb59aaeb185fcc80ec1c1701e230a
0caf98039e3e8f03528b56cdc5fe9be9
68b90ed1221c36148187c448141b8c00
26b39a767c0f1236fe458b1942dd1a12
S(K[1] (xor) C[1]) = ecd95e282645a83930045858325f5afa
2341dc110ad303110ef676d9ac63509b
f3a3041b65148f93f5c986f293bb7cfc
ef92288ac34df08f63c8f6362cd8f1f0
S(K[1] (xor) C[1]) = ecd95e282645a83930045858325f5afa
2341dc110ad303110ef676d9ac63509b
f3a3041b65148f93f5c986f293bb7cfc
ef92288ac34df08f63c8f6362cd8f1f0
PS(K[1] (xor) C[1]) = ec30230ef3f5ef63d90441f6a3c992c8
5e58dc76048628f6285811d91bf28a36
26320aac6593c32c455fd36314bb4dd8
a85a03508f7cf0f139fa119b93fc8ff0
PS(K[1] (xor) C[1]) = ec30230ef3f5ef63d90441f6a3c992c8
5e58dc76048628f6285811d91bf28a36
26320aac6593c32c455fd36314bb4dd8
a85a03508f7cf0f139fa119b93fc8ff0
LPS(K[1] (xor) C[1]) = 18ee8f3176b2ebea3bd6cb8233694cea
349769df88be26bf451cfab6a904a549
da22de93a66a66b19c7e6b5eea633511
e611d68c8401bfcd0c7d0cc39d4a5eb9
LPS(K[1] (xor) C[1]) = 18ee8f3176b2ebea3bd6cb8233694cea
349769df88be26bf451cfab6a904a549
da22de93a66a66b19c7e6b5eea633511
e611d68c8401bfcd0c7d0cc39d4a5eb9
Iteration 2
迭代2
K[2] = 18ee8f3176b2ebea3bd6cb8233694cea
349769df88be26bf451cfab6a904a549
da22de93a66a66b19c7e6b5eea633511
e611d68c8401bfcd0c7d0cc39d4a5eb9
K[2] = 18ee8f3176b2ebea3bd6cb8233694cea
349769df88be26bf451cfab6a904a549
da22de93a66a66b19c7e6b5eea633511
e611d68c8401bfcd0c7d0cc39d4a5eb9
LPSX[K[2]]LPSX[K[1]](m) = c502dab7e79eb94013fcd1ba64def3b9
16f18b63855d43d22b77fca1452f9866
c2b45089c62e9d82edf1ef45230db9a2
3c9e1c521113376628a5f6a5dbc041b2
LPSX[K[2]]LPSX[K[1]](m) = c502dab7e79eb94013fcd1ba64def3b9
16f18b63855d43d22b77fca1452f9866
c2b45089c62e9d82edf1ef45230db9a2
3c9e1c521113376628a5f6a5dbc041b2
Iteration 3
迭代3
K[3] = aaa4cf31a265959157aec8ce91e7fd46
bf27dee21164c5e3940bba1a519e9d1f
ce0913f1253e7757915000cd674be12c
c7f68e73ba26fb00fd74af4101805f2d
K[3] = aaa4cf31a265959157aec8ce91e7fd46
bf27dee21164c5e3940bba1a519e9d1f
ce0913f1253e7757915000cd674be12c
c7f68e73ba26fb00fd74af4101805f2d
LPSX[K[3]]...LPSX[K[1]](m) = 8e5a4fe41fc790af29944f027aa2f101
05d65cf60a66e442832bb9ab5020dc54
772e36b03d4b9aa471037212cde93375
226552392ef4d83010a007e1117a07b5
LPSX[K[3]]...LPSX[K[1]](m) = 8e5a4fe41fc790af29944f027aa2f101
05d65cf60a66e442832bb9ab5020dc54
772e36b03d4b9aa471037212cde93375
226552392ef4d83010a007e1117a07b5
Iteration 4
迭代4
K[4] = 61fe0a65cc177af50235e2afadded326
a5329a2236747bf8a54228aeca9c4585
cd801ea9dd743a0d98d01ef0602b0e33
2067fb5ddd6ac1568200311920839286
K[4] = 61fe0a65cc177af50235e2afadded326
a5329a2236747bf8a54228aeca9c4585
cd801ea9dd743a0d98d01ef0602b0e33
2067fb5ddd6ac1568200311920839286
LPSX[K[4]]...LPSX[K[1]](m) = dee0b40df69997afef726f03bdc13cb6
ba9287698201296f2fd8284f06d33ea4
a850a0ff48026dd47c1e88ec813ed2eb
1186059d842d8d17f0bfa259e56655b1
LPSX[K[4]]...LPSX[K[1]](m) = dee0b40df69997afef726f03bdc13cb6
ba9287698201296f2fd8284f06d33ea4
a850a0ff48026dd47c1e88ec813ed2eb
1186059d842d8d17f0bfa259e56655b1
Iteration 5
迭代5
K[5] = 9983685f4fd3636f1fd5abb75fbf26a8
e2934314aa2ecb3ee4693c86c06c7d4e
169bd540af75e1610a546acd63d960ba
d595394cc199bf6999a5d5309fe73d5a
K[5] = 9983685f4fd3636f1fd5abb75fbf26a8
e2934314aa2ecb3ee4693c86c06c7d4e
169bd540af75e1610a546acd63d960ba
d595394cc199bf6999a5d5309fe73d5a
LPSX[K[5]]...LPSX[K[1]](m) = 675ea894d326432e1af7b201bc369f8a
b021f6fa58da09678ffc08ef30db43a3
7f1f7347cb77da0f6ba30c85848896c3
bac240ab14144283518b89a33d0caf07
LPSX[K[5]]...LPSX[K[1]](m) = 675ea894d326432e1af7b201bc369f8a
b021f6fa58da09678ffc08ef30db43a3
7f1f7347cb77da0f6ba30c85848896c3
bac240ab14144283518b89a33d0caf07
Iteration 6
迭代6
K[6] = f05772ae2ce7f025156c9a7fbcc6b8fd
f1e735d613946e32922994e52820ffea
62615d907eb0551ad170990a86602088
af98c83c22cdb0e2be297c13c0f7a156
K[6] = f05772ae2ce7f025156c9a7fbcc6b8fd
f1e735d613946e32922994e52820ffea
62615d907eb0551ad170990a86602088
af98c83c22cdb0e2be297c13c0f7a156
LPSX[K[6]]...LPSX[K[1]](m) = 1bc204bf9506ee9b86bbcf82d254a112
aea6910b6db3805e399cb718d1b33199
64459516967cee4e648e8cfbf81f56dc
8da6811c469091be5123e6a1d5e28c73
LPSX[K[6]]...LPSX[K[1]](m) = 1bc204bf9506ee9b86bbcf82d254a112
aea6910b6db3805e399cb718d1b33199
64459516967cee4e648e8cfbf81f56dc
8da6811c469091be5123e6a1d5e28c73
Iteration 7
迭代7
K[7] = 5ad144c362546e4e46b3e7688829fbb7
7453e9c3211974330b2b8d0e6be2b5ac
c89eb6b35167f159b7b005a43e5959a6
51a9b18cfc8e4098fcf03d9b81cfbb8d
K[7] = 5ad144c362546e4e46b3e7688829fbb7
7453e9c3211974330b2b8d0e6be2b5ac
c89eb6b35167f159b7b005a43e5959a6
51a9b18cfc8e4098fcf03d9b81cfbb8d
LPSX[K[7]]...LPSX[K[1]](m) = f30d791ed78bdee819022a3d78182242
124efcdd54e203f23fb2dc7f94338ff9
55a5afc15ffef03165263c4fdb36933a
a982016471fbac9419f892551e9e568b
LPSX[K[7]]...LPSX[K[1]](m) = f30d791ed78bdee819022a3d78182242
124efcdd54e203f23fb2dc7f94338ff9
55a5afc15ffef03165263c4fdb36933a
a982016471fbac9419f892551e9e568b
Iteration 8
迭代8
K[8] = 6a6cec9a1ba20a8db64fa840b934352b
518c638ed530122a83332fe0b8efdac9
018287e5a9f509c78d6c746adcd5426f
b0a0ad5790dfb73fc1f191a539016daa
K[8] = 6a6cec9a1ba20a8db64fa840b934352b
518c638ed530122a83332fe0b8efdac9
018287e5a9f509c78d6c746adcd5426f
b0a0ad5790dfb73fc1f191a539016daa
LPSX[K[8]]...LPSX[K[1]](m) = 1fc20f1e91a1801a4293d3f3aa9e9156
0fcc3810bb15f3ee9741c9b87452519f
67cb9145519884a24de6db736a5cb143
0da7458e5e51b80be5204ba5b2600177
LPSX[K[8]]...LPSX[K[1]](m) = 1fc20f1e91a1801a4293d3f3aa9e9156
0fcc3810bb15f3ee9741c9b87452519f
67cb9145519884a24de6db736a5cb143
0da7458e5e51b80be5204ba5b2600177
Iteration 9
迭代9
K[9] = 99217036737aa9b38a8d6643f705bd51
f351531f948f0fc5e35fa35fee9dd8bd
bb4c9d580a224e9cd82e0e2069fc49ed
367d5f94374435382b8fb6a8f5dd0409
K[9] = 99217036737aa9b38a8d6643f705bd51
f351531f948f0fc5e35fa35fee9dd8bd
bb4c9d580a224e9cd82e0e2069fc49ed
367d5f94374435382b8fb6a8f5dd0409
LPSX[K[9]]...LPSX[K[1]](m) = 1a52f09d1e81515a36171e0b1a2809c5
0359bed90f2e78cbd89b7d4afa6d0466
55c96bdae6ee97055cc7e857267c2ccf
28c8f5dd95ed58a9a68c12663bb28967
LPSX[K[9]]...LPSX[K[1]](m) = 1a52f09d1e81515a36171e0b1a2809c5
0359bed90f2e78cbd89b7d4afa6d0466
55c96bdae6ee97055cc7e857267c2ccf
28c8f5dd95ed58a9a68c12663bb28967
Iteration 10
迭代10
K[10] = 906763c0fc89fa1ae69288d8ec9e9dda
9a7630e8bfd6c3fed703c35d2e62aeaf
f0b35d80a7317a7f76f83022f2526791
ca8fdf678fcb337bd74fe5393ccb05d2
K[10] = 906763c0fc89fa1ae69288d8ec9e9dda
9a7630e8bfd6c3fed703c35d2e62aeaf
f0b35d80a7317a7f76f83022f2526791
ca8fdf678fcb337bd74fe5393ccb05d2
LPSX[K[10]]...LPSX[K[1]](m) = 764043744a0a93687e65aba8cfc25ec8
714fb8e1bdc9ae2271e7205eaaa577c1
b3b83e7325e50a19bd2d56b061b5de39
235c9c9fd95e071a1a291a5f24e8c774
LPSX[K[10]]...LPSX[K[1]](m) = 764043744a0a93687e65aba8cfc25ec8
714fb8e1bdc9ae2271e7205eaaa577c1
b3b83e7325e50a19bd2d56b061b5de39
235c9c9fd95e071a1a291a5f24e8c774
Iteration 11
迭代11
K[11] = 88ce996c63618e6404a5c8e03ee43385
4e2ae3eee68991bbbff3c29d38dadb6e
d6a1dae9a6dc6ddf52ce34af272f96d3
159c8c624c3fe6e13d695c0bfc89add5
K[11] = 88ce996c63618e6404a5c8e03ee43385
4e2ae3eee68991bbbff3c29d38dadb6e
d6a1dae9a6dc6ddf52ce34af272f96d3
159c8c624c3fe6e13d695c0bfc89add5
LPSX[K[11]]...LPSX[K[1]](m) = 9b1ce8ff26b445cb288c0aeccf84658e
ea91dbdf14828bf70110a5c9bd146cd9
646350cff4e90e7b63c5cc325e9b4410
81935f282d4648d9584f71860538f03b
LPSX[K[11]]...LPSX[K[1]](m) = 9b1ce8ff26b445cb288c0aeccf84658e
ea91dbdf14828bf70110a5c9bd146cd9
646350cff4e90e7b63c5cc325e9b4410
81935f282d4648d9584f71860538f03b
Iteration 12
迭代12
K[12] = 3e0a281ea9bd46063eec550100576f3a
506aa168cf82915776b978fccaa32f38
b55f30c79982ca45628e8365d8798477
e75a49c68199112a1d7b5a0f7655f2db
K[12] = 3e0a281ea9bd46063eec550100576f3a
506aa168cf82915776b978fccaa32f38
b55f30c79982ca45628e8365d8798477
e75a49c68199112a1d7b5a0f7655f2db
LPSX[K[12]]...LPSX[K[1]](m) = 133aeecede251eb81914b8ba48dcbc0b
8a6fc63a292cc49043c3d3346b3f0829
a9cb71ecff25ed2a91bdcf8f649907c1
10cb76ff2e43100cdd4ba8a147a572f5
LPSX[K[12]]...LPSX[K[1]](m) = 133aeecede251eb81914b8ba48dcbc0b
8a6fc63a292cc49043c3d3346b3f0829
a9cb71ecff25ed2a91bdcf8f649907c1
10cb76ff2e43100cdd4ba8a147a572f5
Iteration 13
迭代13
K[13] = f0b273409eb31aebe432fbae18672122
62c848422b6a92f93f6cbab54ed18b83
14b21cffc51e3fa319ff433e76ef6adb
0ef9f5e03c907fa1fcf9eca06500bf03
K[13] = f0b273409eb31aebe432fbae18672122
62c848422b6a92f93f6cbab54ed18b83
14b21cffc51e3fa319ff433e76ef6adb
0ef9f5e03c907fa1fcf9eca06500bf03
X[K[13]]...LPSX[K[1]](m) = e3889d8e40960453fd26431450bb9d29
e8a78e78024656697caf698125ee83aa
bd796d133a3bd28988428cb112766d1a
1e32831f12d36fad21b2440122a5cdf6
X[K[13]]...LPSX[K[1]](m) = e3889d8e40960453fd26431450bb9d29
e8a78e78024656697caf698125ee83aa
bd796d133a3bd28988428cb112766d1a
1e32831f12d36fad21b2440122a5cdf6
The result of the transformation g_N(h, m) is
变换g_N(h,m)的结果是
h = e3bbadbf78af3264c9137127608aa510
de90ba4d3075665844965fb611dbb199
8d48552a0c0ce6bcba71bc802a4f5b2d
2a07b12c22e25794178570341096fdc7
h = e3bbadbf78af3264c9137127608aa510
de90ba4d3075665844965fb611dbb199
8d48552a0c0ce6bcba71bc802a4f5b2d
2a07b12c22e25794178570341096fdc7
The variables N and EPSILON change their values to
变量N和EPSILON将其值更改为
N = 00000000000000000000000000000000
00000000000000000000000000000000
00000000000000000000000000000000
000000000000000000000000000001f8
N = 00000000000000000000000000000000
00000000000000000000000000000000
00000000000000000000000000000000
000000000000000000000000000001f8
EPSILON = 01323130393837363534333231303938
37363534333231303938373635343332
31303938373635343332313039383736
35343332313039383736353433323130
EPSILON = 01323130393837363534333231303938
37363534333231303938373635343332
31303938373635343332313039383736
35343332313039383736353433323130
The result of the transformation g_0(h, N) is
变换g_0(h,N)的结果是
h = 70f22bada4cfe18a6a56ec4b3f328cd4
0db8e1bf8a9d5f711d5efab11191279d
715aab7648d07eddbf87dc79c80516e6
ffcbcf5678b0ac29ea00fa85c8173cc6
h = 70f22bada4cfe18a6a56ec4b3f328cd4
0db8e1bf8a9d5f711d5efab11191279d
715aab7648d07eddbf87dc79c80516e6
ffcbcf5678b0ac29ea00fa85c8173cc6
The result of the transformation g_0(h, EPSILON) is
变换g_0(h,ε)的结果是
h = 00557be5e584fd52a449b16b0251d05d
27f94ab76cbaa6da890b59d8ef1e159d
2088e482e2acf564e0e9795a51e4dd26
1f3f667985a2fcc40ac8631faca1709a
h = 00557be5e584fd52a449b16b0251d05d
27f94ab76cbaa6da890b59d8ef1e159d
2088e482e2acf564e0e9795a51e4dd26
1f3f667985a2fcc40ac8631faca1709a
The hash code of the message M1 is the value
消息M1的哈希代码是值
H(M1) = 00557be5e584fd52a449b16b0251d05d
27f94ab76cbaa6da890b59d8ef1e159d
H(M1) = 00557be5e584fd52a449b16b0251d05d
27f94ab76cbaa6da890b59d8ef1e159d
Let's calculate the hash code of the following message:
让我们计算以下消息的哈希代码:
M2 = fbe2e5f0eee3c820fbeafaebef20fffb f0e1e0f0f520e0ed20e8ece0ebe5f0f2 f120fff0eeec20f120faf2fee5e2202c e8f6f3ede220e8e6eee1e8f0f2d1202c e8f0f2e5e220e5d1
M2=FBE2E5F0EEE3C820FBEAFAEBEF20FFFBF0E1E0F0F520E0ED20E8ECE0EBE5F0F2F120FFF0EEEC20F120FAF2FEE5E2202C e8f6f3ede220e8e6eee1e8f0f2d1202c e8f0f2e5e220e5d1
Assign the following values to the variables:
为变量指定以下值:
h := IV = 0^512
h := IV = 0^512
N := 0^512
N := 0^512
EPSILON := 0^512
EPSILON := 0^512
The length of the message is |M2| = 576 > 512, so a part of this message is initially transformed:
消息的长度为| M2 |=576>512,因此此消息的一部分最初被转换:
m := fbeafaebef20fffbf0e1e0f0f520e0ed
20e8ece0ebe5f0f2f120fff0eeec20f1
20faf2fee5e2202ce8f6f3ede220e8e6
eee1e8f0f2d1202ce8f0f2e5e220e5d1
m := fbeafaebef20fffbf0e1e0f0f520e0ed
20e8ece0ebe5f0f2f120fff0eeec20f1
20faf2fee5e2202ce8f6f3ede220e8e6
eee1e8f0f2d1202ce8f0f2e5e220e5d1
Calculate
计算
K := LPS(h (xor) N) = LPS(0^512)
K := LPS(h (xor) N) = LPS(0^512)
After the transformation S:
转换后,S:
S(h (xor) N) = fcfcfcfcfcfcfcfcfcfcfcfcfcfcfcfc
fcfcfcfcfcfcfcfcfcfcfcfcfcfcfcfc
fcfcfcfcfcfcfcfcfcfcfcfcfcfcfcfc
fcfcfcfcfcfcfcfcfcfcfcfcfcfcfcfc
S(h (xor) N) = fcfcfcfcfcfcfcfcfcfcfcfcfcfcfcfc
fcfcfcfcfcfcfcfcfcfcfcfcfcfcfcfc
fcfcfcfcfcfcfcfcfcfcfcfcfcfcfcfc
fcfcfcfcfcfcfcfcfcfcfcfcfcfcfcfc
after the transformation P:
在转换P之后:
PS(h (xor) N) = fcfcfcfcfcfcfcfcfcfcfcfcfcfcfcfc
fcfcfcfcfcfcfcfcfcfcfcfcfcfcfcfc
fcfcfcfcfcfcfcfcfcfcfcfcfcfcfcfc
fcfcfcfcfcfcfcfcfcfcfcfcfcfcfcfc
PS(h (xor) N) = fcfcfcfcfcfcfcfcfcfcfcfcfcfcfcfc
fcfcfcfcfcfcfcfcfcfcfcfcfcfcfcfc
fcfcfcfcfcfcfcfcfcfcfcfcfcfcfcfc
fcfcfcfcfcfcfcfcfcfcfcfcfcfcfcfc
after the transformation L:
转换后,L:
LPS(h (xor) N) = b383fc2eced4a574b383fc2eced4a574
b383fc2eced4a574b383fc2eced4a574
b383fc2eced4a574b383fc2eced4a574
b383fc2eced4a574b383fc2eced4a574
LPS(h (xor) N) = b383fc2eced4a574b383fc2eced4a574
b383fc2eced4a574b383fc2eced4a574
b383fc2eced4a574b383fc2eced4a574
b383fc2eced4a574b383fc2eced4a574
Then the transformation E(K, m) is performed:
然后执行变换E(K,m):
Iteration 1
迭代1
K[1] = b383fc2eced4a574b383fc2eced4a574
b383fc2eced4a574b383fc2eced4a574
b383fc2eced4a574b383fc2eced4a574
b383fc2eced4a574b383fc2eced4a574
K[1] = b383fc2eced4a574b383fc2eced4a574
b383fc2eced4a574b383fc2eced4a574
b383fc2eced4a574b383fc2eced4a574
b383fc2eced4a574b383fc2eced4a574
X[K[1]](m) = 486906c521f45a8f43621cde3bf44599
936b10ce2531558642a303de20388585
93790ed02b3685585b750fc32cf44d92
5d6214de3c0585585b730ecb2cf440a5
X[K[1]](m) = 486906c521f45a8f43621cde3bf44599
936b10ce2531558642a303de20388585
93790ed02b3685585b750fc32cf44d92
5d6214de3c0585585b730ecb2cf440a5
SX[K[1]](m) = f29131ac18e613035196148598e6c8e8
de6fe9e75c840c432c731185f906a8a8
de5404e1428fa8bf47354d408be63aec
b79693857f6ea8bf473d04e48be6eb00
SX[K[1]](m) = f29131ac18e613035196148598e6c8e8
de6fe9e75c840c432c731185f906a8a8
de5404e1428fa8bf47354d408be63aec
b79693857f6ea8bf473d04e48be6eb00
PSX[K[1]](m) = f251de2cde47b74791966f735435963d
3114e911044d9304ac85e785e14085e4
18985cf9428b7f8be6e684068fe66ee6
13c80ca8a83aa8eb03e843a8bfecbf00
PSX[K[1]](m) = f251de2cde47b74791966f735435963d
3114e911044d9304ac85e785e14085e4
18985cf9428b7f8be6e684068fe66ee6
13c80ca8a83aa8eb03e843a8bfecbf00
LPSX[K[1]](m) = 909aa733e1f52321a2fe35bfb8f67e92
fbc70ef544709d5739d8faaca4acf126
e83e273745c25b7b8f4a83a7436f6353
753cbbbe492262cd3a868eace0104af1
LPSX[K[1]](m) = 909aa733e1f52321a2fe35bfb8f67e92
fbc70ef544709d5739d8faaca4acf126
e83e273745c25b7b8f4a83a7436f6353
753cbbbe492262cd3a868eace0104af1
K[1] (xor) C[1] = 028ba7f4d01e7f9d5848d3af0eb1d96b
9ce98a6de0917562c2cd44a3bb516188
f8ff1cbf5cb3cc7511c1d6266ab47661
b6f5881802a0e8576e0399773c72e073
K[1] (xor) C[1] = 028ba7f4d01e7f9d5848d3af0eb1d96b
9ce98a6de0917562c2cd44a3bb516188
f8ff1cbf5cb3cc7511c1d6266ab47661
b6f5881802a0e8576e0399773c72e073
S(K[1] (xor) C[1]) = ddf644e6e15f5733bff249410445536f
4e9bd69e200f3596b3d9ea737d70a1d7
d1b6143b9c9288357758f8ef78278aa1
55f4d717dda7cb12b211e87e7f19203d
S(K[1] (xor) C[1]) = ddf644e6e15f5733bff249410445536f
4e9bd69e200f3596b3d9ea737d70a1d7
d1b6143b9c9288357758f8ef78278aa1
55f4d717dda7cb12b211e87e7f19203d
PS(K[1] (xor) C[1]) = ddbf4eb3d17755b2f6f29bd9b658f411
4449d6ea14f8d7e8e6419e733bef177e
e104207d9c78dd7f5f450f709227a719
575335a1888acb20336f96d735a1123d
PS(K[1] (xor) C[1]) = ddbf4eb3d17755b2f6f29bd9b658f411
4449d6ea14f8d7e8e6419e733bef177e
e104207d9c78dd7f5f450f709227a719
575335a1888acb20336f96d735a1123d
LPS(K[1] (xor) C[1]) = d0b00807642fd78f13f2c3ebc774e80d
e0e902d23aef2ee9a73d010807dae9c1
88be14f0b2da27973569cd2ba0513010
36f728bd1d7eec33f4d18af70c46cf1e
LPS(K[1] (xor) C[1]) = d0b00807642fd78f13f2c3ebc774e80d
e0e902d23aef2ee9a73d010807dae9c1
88be14f0b2da27973569cd2ba0513010
36f728bd1d7eec33f4d18af70c46cf1e
Iteration 2
迭代2
K[2] = d0b00807642fd78f13f2c3ebc774e80d
e0e902d23aef2ee9a73d010807dae9c1
88be14f0b2da27973569cd2ba0513010
36f728bd1d7eec33f4d18af70c46cf1e
K[2] = d0b00807642fd78f13f2c3ebc774e80d
e0e902d23aef2ee9a73d010807dae9c1
88be14f0b2da27973569cd2ba0513010
36f728bd1d7eec33f4d18af70c46cf1e
LPSX[K[2]]LPSX[K[1]](m) = 301aadd761d13df0b473055b14a2f74a
45f408022aecadd4d5f19cab8228883a
021ac0b62600a495950c628354ffce11
61c68b7be7e0c58af090ce6b45e49f16
LPSX[K[2]]LPSX[K[1]](m) = 301aadd761d13df0b473055b14a2f74a
45f408022aecadd4d5f19cab8228883a
021ac0b62600a495950c628354ffce11
61c68b7be7e0c58af090ce6b45e49f16
Iteration 3
迭代3
K[3] = 9d4475c7899f2d0bb0e8b7dac6ef6e6b
44ecf66716d3a0f16681105e2d13712a
1a9387ecc257930e2d61014a1b5c9fc9
e24e7d636eb1607e816dbaf927b8fca9
K[3] = 9d4475c7899f2d0bb0e8b7dac6ef6e6b
44ecf66716d3a0f16681105e2d13712a
1a9387ecc257930e2d61014a1b5c9fc9
e24e7d636eb1607e816dbaf927b8fca9
LPSX[K[3]]...LPSX[K[1]](m) = 9b83492b9860a93cbca1c0d8e0ce59db
04e10500a6ac85d4103304974e78d322
59ceff03fbb353147a9c948786582df7
8a34c9bde3f72b3ca41b9179c2cceef3
LPSX[K[3]]...LPSX[K[1]](m) = 9b83492b9860a93cbca1c0d8e0ce59db
04e10500a6ac85d4103304974e78d322
59ceff03fbb353147a9c948786582df7
8a34c9bde3f72b3ca41b9179c2cceef3
Iteration 4
迭代4
K[4] = 5c283daba5ec1f233b8c833c48e1c670
dae2e40cc4c3219c73e58856bd96a72f
df9f8055ffe3c004c8cde3b8bf78f95f
3370d0a3d6194ac5782487defd83ca0f
K[4] = 5c283daba5ec1f233b8c833c48e1c670
dae2e40cc4c3219c73e58856bd96a72f
df9f8055ffe3c004c8cde3b8bf78f95f
3370d0a3d6194ac5782487defd83ca0f
LPSX[K[4]]...LPSX[K[1]](m) = e638e0a1677cdea107ec3402f70698a4
038450dab44ac7a447e10155aa33ef1b
daf8f49da7b66f3e05815045fbd39c99
1cb0dc536e09505fd62d3c2cd00b0f57
LPSX[K[4]]...LPSX[K[1]](m) = e638e0a1677cdea107ec3402f70698a4
038450dab44ac7a447e10155aa33ef1b
daf8f49da7b66f3e05815045fbd39c99
1cb0dc536e09505fd62d3c2cd00b0f57
Iteration 5
迭代5
K[5] = 109f33262731f9bd569cbc9317baa551
d4d2964fa18d42c41fab4e37225292ec
2fd97d7493784779046388469ae195c4
36fa7cba93f8239ceb5ffc818826470c
K[5] = 109f33262731f9bd569cbc9317baa551
d4d2964fa18d42c41fab4e37225292ec
2fd97d7493784779046388469ae195c4
36fa7cba93f8239ceb5ffc818826470c
LPSX[K[5]]...LPSX[K[1]](m) = 1c7c8e19b2bf443eb3adc0c787a52a17
3821a97bc5a8efea58fb8b27861829f6
dd5ff9c97865e08c1ac66f47392b578e
21266e323a0aacedeec3ef0314f517c6
LPSX[K[5]]...LPSX[K[1]](m) = 1c7c8e19b2bf443eb3adc0c787a52a17
3821a97bc5a8efea58fb8b27861829f6
dd5ff9c97865e08c1ac66f47392b578e
21266e323a0aacedeec3ef0314f517c6
Iteration 6
迭代6
K[6] = b32c9b02667911cf8f8a0877be9a1707
57e25026ccf41e67c6b5da70b1b87474
3e1135cfbefe244237555c676c153d99
459bc382573aee2d85d30d99f286c5e7
K[6] = b32c9b02667911cf8f8a0877be9a1707
57e25026ccf41e67c6b5da70b1b87474
3e1135cfbefe244237555c676c153d99
459bc382573aee2d85d30d99f286c5e7
LPSX[K[6]]...LPSX[K[1]](m) = 48fecfc5b3eb77998fb39bfcccd128cd
42fccb714221be1e675a1c6fdde7e311
98b318622412af7e999a3eff45e6d616
09a7f2ae5c2ff1ab7ff3b37be7011ba2
LPSX[K[6]]...LPSX[K[1]](m) = 48fecfc5b3eb77998fb39bfcccd128cd
42fccb714221be1e675a1c6fdde7e311
98b318622412af7e999a3eff45e6d616
09a7f2ae5c2ff1ab7ff3b37be7011ba2
Iteration 7
迭代7
K[7] = 8a13c1b195fd0886ac49989e7d84b08b
c7b00e4f3f62765ece6050fcbabdc234
6c8207594714e8e9c9c7aad694edc922
d6b01e17285eb7e61502e634559e32f1
K[7] = 8a13c1b195fd0886ac49989e7d84b08b
c7b00e4f3f62765ece6050fcbabdc234
6c8207594714e8e9c9c7aad694edc922
d6b01e17285eb7e61502e634559e32f1
LPSX[K[7]]...LPSX[K[1]](m) = a48f8d781c2c5be417ae644cc2e15a9f
01fcead3232e5bd53f18a5ab875cce1b
8a1a400cf48521c7ce27fb1e94452fb5
4de23118f53b364ee633170a62f5a8a9
LPSX[K[7]]...LPSX[K[1]](m) = a48f8d781c2c5be417ae644cc2e15a9f
01fcead3232e5bd53f18a5ab875cce1b
8a1a400cf48521c7ce27fb1e94452fb5
4de23118f53b364ee633170a62f5a8a9
Iteration 8
迭代8
K[8] = 52cec3b11448bb8617d0ddfbc926f2e8
8730cb9179d6decea5acbffd323ec376
4c47f7a9e13bb1db56c342034773023d
617ff01cc546728e71dff8de5d128cac
K[8] = 52cec3b11448bb8617d0ddfbc926f2e8
8730cb9179d6decea5acbffd323ec376
4c47f7a9e13bb1db56c342034773023d
617ff01cc546728e71dff8de5d128cac
LPSX[K[8]]...LPSX[K[1]](m) = e8a31b2e34bd2ae21b0ecf29cc4c37c7
5c4d11d9b82852517515c23e81e906a4
51b72779c3087141f1a15ab57f96d7da
6c7ee38ed25befbdef631216356ff59c
LPSX[K[8]]...LPSX[K[1]](m) = e8a31b2e34bd2ae21b0ecf29cc4c37c7
5c4d11d9b82852517515c23e81e906a4
51b72779c3087141f1a15ab57f96d7da
6c7ee38ed25befbdef631216356ff59c
Iteration 9
迭代9
K[9] = f38c5b7947e7736d502007a05ea64a4e
b9c243cb82154aa138b963bbb7f28e74
d4d710445389671291d70103f48fd4d4
c01fc415e3fb7dc61c6088afa1a1e735
K[9] = f38c5b7947e7736d502007a05ea64a4e
b9c243cb82154aa138b963bbb7f28e74
d4d710445389671291d70103f48fd4d4
c01fc415e3fb7dc61c6088afa1a1e735
LPSX[K[9]]...LPSX[K[1]](m) = 34392ed32ea3756e32979cb0a2247c39
18e0b38d6455ca88183356bf8e5877e5
5d542278a696523a8036af0f1c2902e9
cbc585de803ee4d26649c9e1f00bda31
LPSX[K[9]]...LPSX[K[1]](m) = 34392ed32ea3756e32979cb0a2247c39
18e0b38d6455ca88183356bf8e5877e5
5d542278a696523a8036af0f1c2902e9
cbc585de803ee4d26649c9e1f00bda31
Iteration 10
迭代10
K[10] = 0740b3faa03ed39b257dd6e3db7c1bf5
6b6e18e40cdaabd30617cecbaddd618e
a5e61bb4654599581dd30c24c1ab877a
d0687948286cfefaa7eef99f6068b315
K[10] = 0740b3faa03ed39b257dd6e3db7c1bf5
6b6e18e40cdaabd30617cecbaddd618e
a5e61bb4654599581dd30c24c1ab877a
d0687948286cfefaa7eef99f6068b315
LPSX[K[10]]...LPSX[K[1]](m) = 6a82436950177fea74cce6d507a5a64e
54e8a3181458e3bdfbdbc6180c9787de
7ccb676dd809e7cb1eb2c9ebd0165615
70801a4e9ce17a438b85212f4409bb5e
LPSX[K[10]]...LPSX[K[1]](m) = 6a82436950177fea74cce6d507a5a64e
54e8a3181458e3bdfbdbc6180c9787de
7ccb676dd809e7cb1eb2c9ebd0165615
70801a4e9ce17a438b85212f4409bb5e
Iteration 11
迭代11
K[11] = 185811cf3c2633aec8cfdfcae9dbb293
47011bf92b95910a3ad71e5fca678e45
e374f088f2e5c29496e9695ce8957837
107bb3aa56441af11a82164893313116
K[11] = 185811cf3c2633aec8cfdfcae9dbb293
47011bf92b95910a3ad71e5fca678e45
e374f088f2e5c29496e9695ce8957837
107bb3aa56441af11a82164893313116
LPSX[K[11]]...LPSX[K[1]](m) = 7b97603135e2842189b0c9667596e96b
d70472ccbc73ae89da7d1599c72860c2
85f5771088f1fb0f943d949f22f1413c
991eafb51ab8e5ad8644770037765aec
LPSX[K[11]]...LPSX[K[1]](m) = 7b97603135e2842189b0c9667596e96b
d70472ccbc73ae89da7d1599c72860c2
85f5771088f1fb0f943d949f22f1413c
991eafb51ab8e5ad8644770037765aec
Iteration 12
迭代12
K[12] = 9d46bf66234a7ed06c3b2120d2a3f15e
0fedd87189b75b3cd2f206906b5ee00d
c9a1eab800fb8cc5760b251f4db5cdef
427052fa345613fd076451901279ee4c
K[12] = 9d46bf66234a7ed06c3b2120d2a3f15e
0fedd87189b75b3cd2f206906b5ee00d
c9a1eab800fb8cc5760b251f4db5cdef
427052fa345613fd076451901279ee4c
LPSX[K[12]]...LPSX[K[1]](m) = 39ec8a88db635b46c4321adf41fd9527
a39a67f6d7510db5044f05efaf721db5
cf976a726ef33dc4dfcda94033e741a4
63770861a5b25fefcb07281eed629c0e
LPSX[K[12]]...LPSX[K[1]](m) = 39ec8a88db635b46c4321adf41fd9527
a39a67f6d7510db5044f05efaf721db5
cf976a726ef33dc4dfcda94033e741a4
63770861a5b25fefcb07281eed629c0e
Iteration 13
迭代13
K[13] = 0f79104026b900d8d768b6e223484c97
61e3c585b3a405a6d2d8565ada926c3f
7782ef127cd6b98290bf612558b4b60a
a3cbc28fd94f95460d76b621cb45be70
K[13] = 0f79104026b900d8d768b6e223484c97
61e3c585b3a405a6d2d8565ada926c3f
7782ef127cd6b98290bf612558b4b60a
a3cbc28fd94f95460d76b621cb45be70
X[K[13]]...LPSX[K[1]](m) = 36959ac8fdda5b9e135aac3d62b5d9b0
c279a27364f50813d69753b575e0718a
b8158560122584464f72c8656b53f7ae
c0bccaee7cfdcaa9c6719e3f2627227e
X[K[13]]...LPSX[K[1]](m) = 36959ac8fdda5b9e135aac3d62b5d9b0
c279a27364f50813d69753b575e0718a
b8158560122584464f72c8656b53f7ae
c0bccaee7cfdcaa9c6719e3f2627227e
The result of the transformation g_N(h, m) is
变换g_N(h,m)的结果是
h = cd7f602312faa465e3bb4ccd9795395d
e2914e938f10f8e127b7ac459b0c517b
98ef779ef7c7a46aa7843b8889731f48
2e5d221e8e2cea852e816cdac407c7af
h = cd7f602312faa465e3bb4ccd9795395d
e2914e938f10f8e127b7ac459b0c517b
98ef779ef7c7a46aa7843b8889731f48
2e5d221e8e2cea852e816cdac407c7af
The variables N and EPSILON change their values to
变量N和EPSILON将其值更改为
N = 00000000000000000000000000000000
00000000000000000000000000000000
00000000000000000000000000000000
00000000000000000000000000000200
N = 00000000000000000000000000000000
00000000000000000000000000000000
00000000000000000000000000000000
00000000000000000000000000000200
EPSILON = fbeafaebef20fffbf0e1e0f0f520e0ed
20e8ece0ebe5f0f2f120fff0eeec20f1
20faf2fee5e2202ce8f6f3ede220e8e6
eee1e8f0f2d1202ce8f0f2e5e220e5d1
EPSILON = fbeafaebef20fffbf0e1e0f0f520e0ed
20e8ece0ebe5f0f2f120fff0eeec20f1
20faf2fee5e2202ce8f6f3ede220e8e6
eee1e8f0f2d1202ce8f0f2e5e220e5d1
The length of the rest of the message is less than 512, so the incomplete block is padded:
消息其余部分的长度小于512,因此填充不完整的块:
m := 00000000000000000000000000000000
00000000000000000000000000000000
00000000000000000000000000000000
0000000000000001fbe2e5f0eee3c820
m := 00000000000000000000000000000000
00000000000000000000000000000000
00000000000000000000000000000000
0000000000000001fbe2e5f0eee3c820
The result of the transformation g_N(h, m) is
变换g_N(h,m)的结果是
h = c544ae6efdf14404f089c72d5faf8dc6
aca1db5e28577fc07818095f1df70661
e8b84d0706811cf92dffb8f96e61493d
c382795c6ed7a17b64685902cbdc878e
h = c544ae6efdf14404f089c72d5faf8dc6
aca1db5e28577fc07818095f1df70661
e8b84d0706811cf92dffb8f96e61493d
c382795c6ed7a17b64685902cbdc878e
The variables N and EPSILON change their values to
变量N和EPSILON将其值更改为
N = 00000000000000000000000000000000
00000000000000000000000000000000
00000000000000000000000000000000
00000000000000000000000000000240
N = 00000000000000000000000000000000
00000000000000000000000000000000
00000000000000000000000000000000
00000000000000000000000000000240
EPSILON = fbeafaebef20fffbf0e1e0f0f520e0ed
20e8ece0ebe5f0f2f120fff0eeec20f1
20faf2fee5e2202ce8f6f3ede220e8e6
eee1e8f0f2d1202ee4d3d8d6d104adf1
EPSILON = fbeafaebef20fffbf0e1e0f0f520e0ed
20e8ece0ebe5f0f2f120fff0eeec20f1
20faf2fee5e2202ce8f6f3ede220e8e6
eee1e8f0f2d1202ee4d3d8d6d104adf1
The result of the transformation g_0(h, N) is
变换g_0(h,N)的结果是
h = 4deb6649ffa5caf4163d9d3f9967fbbd
6eb3da68f916b6a09f41f2518b81292b
703dc5d74e1ace5bcd3458af43bb456e
837326088f2b5df14bf83997a0b1ad8d
h = 4deb6649ffa5caf4163d9d3f9967fbbd
6eb3da68f916b6a09f41f2518b81292b
703dc5d74e1ace5bcd3458af43bb456e
837326088f2b5df14bf83997a0b1ad8d
The result of the transformation g_0(h, EPSILON) is
变换g_0(h,ε)的结果是
h = 28fbc9bada033b1460642bdcddb90c3f
b3e56c497ccd0f62b8a2ad4935e85f03
7613966de4ee00531ae60f3b5a47f8da
e06915d5f2f194996fcabf2622e6881e
h = 28fbc9bada033b1460642bdcddb90c3f
b3e56c497ccd0f62b8a2ad4935e85f03
7613966de4ee00531ae60f3b5a47f8da
e06915d5f2f194996fcabf2622e6881e
The hash code of the message M2 is the value
消息M2的哈希代码是值
H(M2) = 28fbc9bada033b1460642bdcddb90c3f
b3e56c497ccd0f62b8a2ad4935e85f03
7613966de4ee00531ae60f3b5a47f8da
e06915d5f2f194996fcabf2622e6881e
H(M2) = 28fbc9bada033b1460642bdcddb90c3f
b3e56c497ccd0f62b8a2ad4935e85f03
7613966de4ee00531ae60f3b5a47f8da
e06915d5f2f194996fcabf2622e6881e
Assign the following values to the variables:
为变量指定以下值:
h := IV = (00000001)^64
h := IV = (00000001)^64
N := 0^512
N := 0^512
EPSILON := 0^512
EPSILON := 0^512
The length of the message is |M2| = 576 > 512, so a part of this message is initially transformed:
消息的长度为| M2 |=576>512,因此此消息的一部分最初被转换:
m := fbeafaebef20fffbf0e1e0f0f520e0ed
20e8ece0ebe5f0f2f120fff0eeec20f1
20faf2fee5e2202ce8f6f3ede220e8e6
eee1e8f0f2d1202ce8f0f2e5e220e5d1
m := fbeafaebef20fffbf0e1e0f0f520e0ed
20e8ece0ebe5f0f2f120fff0eeec20f1
20faf2fee5e2202ce8f6f3ede220e8e6
eee1e8f0f2d1202ce8f0f2e5e220e5d1
Calculate:
计算:
K := LPS(h (xor) N) = LPS((00000001)^64)
K := LPS(h (xor) N) = LPS((00000001)^64)
After the transformation S:
转换后,S:
S(h (xor) N) = eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
S(h (xor) N) = eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
after the transformation P:
在转换P之后:
PS(h (xor) N) = eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
PS(h (xor) N) = eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
after the transformation L:
转换后,L:
K := LPS(h (xor) N) = 23c5ee40b07b5f1523c5ee40b07b5f15
23c5ee40b07b5f1523c5ee40b07b5f15
23c5ee40b07b5f1523c5ee40b07b5f15
23c5ee40b07b5f1523c5ee40b07b5f15
K := LPS(h (xor) N) = 23c5ee40b07b5f1523c5ee40b07b5f15
23c5ee40b07b5f1523c5ee40b07b5f15
23c5ee40b07b5f1523c5ee40b07b5f15
23c5ee40b07b5f1523c5ee40b07b5f15
Then the transformation E(K, m) is performed:
然后执行变换E(K,m):
Iteration 1
迭代1
K[1] = 23c5ee40b07b5f1523c5ee40b07b5f15
23c5ee40b07b5f1523c5ee40b07b5f15
23c5ee40b07b5f1523c5ee40b07b5f15
23c5ee40b07b5f1523c5ee40b07b5f15
K[1] = 23c5ee40b07b5f1523c5ee40b07b5f15
23c5ee40b07b5f1523c5ee40b07b5f15
23c5ee40b07b5f1523c5ee40b07b5f15
23c5ee40b07b5f1523c5ee40b07b5f15
X[K[1]](m) = d82f14ab5f5ba0eed3240eb0455bbff8
032d02a05b9eafe7d2e511b05e977fe4
033f1cbe55997f39cb331dad525bb7f3
cd2406b042aa7f39cb351ca5525bbac4
X[K[1]](m) = d82f14ab5f5ba0eed3240eb0455bbff8
032d02a05b9eafe7d2e511b05e977fe4
033f1cbe55997f39cb331dad525bb7f3
cd2406b042aa7f39cb351ca5525bbac4
SX[K[1]](m) = 8d4f93828747a76c49e204adc8473bd1
1101dda7470a415b832b77ad5dbc572d
111f14950ce8570be4aecd9f0e472fd2
d9e231ad2c38570be46a14000e47a586
SX[K[1]](m) = 8d4f93828747a76c49e204adc8473bd1
1101dda7470a415b832b77ad5dbc572d
111f14950ce8570be4aecd9f0e472fd2
d9e231ad2c38570be46a14000e47a586
PSX[K[1]](m) = 8d49118311e4d9e44fe2012b1faee26a
9304dd7714cd311482ada7ad959fad00
87c8475d0c0e2c0e47470abce8473847
a73b4157572f57a56cd15b2d0bd20b86
PSX[K[1]](m) = 8d49118311e4d9e44fe2012b1faee26a
9304dd7714cd311482ada7ad959fad00
87c8475d0c0e2c0e47470abce8473847
a73b4157572f57a56cd15b2d0bd20b86
LPSX[K[1]](m) = a3a72a2e0fb5e6f812681222fec037b0
db972086a395a387a6084508cae13093
aa71d352dcbce288e9a39718a727f6fd
4c5da5d0bc10fac3707ccd127fe45475
LPSX[K[1]](m) = a3a72a2e0fb5e6f812681222fec037b0
db972086a395a387a6084508cae13093
aa71d352dcbce288e9a39718a727f6fd
4c5da5d0bc10fac3707ccd127fe45475
K[1] (xor) C[1] = 92cdb59aaeb185fcc80ec1c1701e230a
0caf98039e3e8f03528b56cdc5fe9be9
68b90ed1221c36148187c448141b8c00
26b39a767c0f1236fe458b1942dd1a12
K[1] (xor) C[1] = 92cdb59aaeb185fcc80ec1c1701e230a
0caf98039e3e8f03528b56cdc5fe9be9
68b90ed1221c36148187c448141b8c00
26b39a767c0f1236fe458b1942dd1a12
S(K[1] (xor) C[1]) = ecd95e282645a83930045858325f5afa
2341dc110ad303110ef676d9ac63509b
f3a3041b65148f93f5c986f293bb7cfc
ef92288ac34df08f63c8f6362cd8f1f0
S(K[1] (xor) C[1]) = ecd95e282645a83930045858325f5afa
2341dc110ad303110ef676d9ac63509b
f3a3041b65148f93f5c986f293bb7cfc
ef92288ac34df08f63c8f6362cd8f1f0
PS(K[1] (xor) C[1]) = ec30230ef3f5ef63d90441f6a3c992c8
5e58dc76048628f6285811d91bf28a36
26320aac6593c32c455fd36314bb4dd8
a85a03508f7cf0f139fa119b93fc8ff0
PS(K[1] (xor) C[1]) = ec30230ef3f5ef63d90441f6a3c992c8
5e58dc76048628f6285811d91bf28a36
26320aac6593c32c455fd36314bb4dd8
a85a03508f7cf0f139fa119b93fc8ff0
LPS(K[1] (xor) C[1]) = 18ee8f3176b2ebea3bd6cb8233694cea
349769df88be26bf451cfab6a904a549
da22de93a66a66b19c7e6b5eea633511
e611d68c8401bfcd0c7d0cc39d4a5eb9
LPS(K[1] (xor) C[1]) = 18ee8f3176b2ebea3bd6cb8233694cea
349769df88be26bf451cfab6a904a549
da22de93a66a66b19c7e6b5eea633511
e611d68c8401bfcd0c7d0cc39d4a5eb9
Iteration 2
迭代2
K[2] = 18ee8f3176b2ebea3bd6cb8233694cea
349769df88be26bf451cfab6a904a549
da22de93a66a66b19c7e6b5eea633511
e611d68c8401bfcd0c7d0cc39d4a5eb9
K[2] = 18ee8f3176b2ebea3bd6cb8233694cea
349769df88be26bf451cfab6a904a549
da22de93a66a66b19c7e6b5eea633511
e611d68c8401bfcd0c7d0cc39d4a5eb9
LPSX[K[2]]LPSX[K[1]](m) = 9f50697b1d9ce23680db1f4d35629778
864c55780727aa79eb7bb7d648829cba
8674afdac5c62ca352d77556145ca7bc
758679fbe1fbd32313ca8268a4a603f1
LPSX[K[2]]LPSX[K[1]](m) = 9f50697b1d9ce23680db1f4d35629778
864c55780727aa79eb7bb7d648829cba
8674afdac5c62ca352d77556145ca7bc
758679fbe1fbd32313ca8268a4a603f1
Iteration 3
迭代3
K[3] = aaa4cf31a265959157aec8ce91e7fd46
bf27dee21164c5e3940bba1a519e9d1f
ce0913f1253e7757915000cd674be12c
c7f68e73ba26fb00fd74af4101805f2d
K[3] = aaa4cf31a265959157aec8ce91e7fd46
bf27dee21164c5e3940bba1a519e9d1f
ce0913f1253e7757915000cd674be12c
c7f68e73ba26fb00fd74af4101805f2d
LPSX[K[3]]...LPSX[K[1]](m) = 4183027975b257e9bc239b75c977ecc5
2ddad82c091e694243c9143a945b4d85
3116eae14fd81b14bb47f2c06fd283cb
6c5e61924edfaf971b78d771858d5310
LPSX[K[3]]...LPSX[K[1]](m) = 4183027975b257e9bc239b75c977ecc5
2ddad82c091e694243c9143a945b4d85
3116eae14fd81b14bb47f2c06fd283cb
6c5e61924edfaf971b78d771858d5310
Iteration 4
迭代4
K[4] = 61fe0a65cc177af50235e2afadded326
a5329a2236747bf8a54228aeca9c4585
cd801ea9dd743a0d98d01ef0602b0e33
2067fb5ddd6ac1568200311920839286
K[4] = 61fe0a65cc177af50235e2afadded326
a5329a2236747bf8a54228aeca9c4585
cd801ea9dd743a0d98d01ef0602b0e33
2067fb5ddd6ac1568200311920839286
LPSX[K[4]]...LPSX[K[1]](m) = 0368c884fcee489207b5b97a133ce39a
1ebfe5a3ae3cccb3241de1e7ad72857e
76811d324f01fd7a75e0b669e8a22a4d
056ce6af3e876453a9c3c47c767e5712
LPSX[K[4]]...LPSX[K[1]](m) = 0368c884fcee489207b5b97a133ce39a
1ebfe5a3ae3cccb3241de1e7ad72857e
76811d324f01fd7a75e0b669e8a22a4d
056ce6af3e876453a9c3c47c767e5712
Iteration 5
迭代5
K[5] = 9983685f4fd3636f1fd5abb75fbf26a8
e2934314aa2ecb3ee4693c86c06c7d4e
169bd540af75e1610a546acd63d960ba
d595394cc199bf6999a5d5309fe73d5a
K[5] = 9983685f4fd3636f1fd5abb75fbf26a8
e2934314aa2ecb3ee4693c86c06c7d4e
169bd540af75e1610a546acd63d960ba
d595394cc199bf6999a5d5309fe73d5a
LPSX[K[5]]...LPSX[K[1]](m) = c31433ceb8061e46440144e655539765
12e5a9806ac9a2c771d5932d5f6508c5
b78e406c4efab98ac5529be0021b4d58
fa26f01621eb10b43de4c4c47b63f615
LPSX[K[5]]...LPSX[K[1]](m) = c31433ceb8061e46440144e655539765
12e5a9806ac9a2c771d5932d5f6508c5
b78e406c4efab98ac5529be0021b4d58
fa26f01621eb10b43de4c4c47b63f615
Iteration 6
迭代6
K[6] = f05772ae2ce7f025156c9a7fbcc6b8fd
f1e735d613946e32922994e52820ffea
62615d907eb0551ad170990a86602088
af98c83c22cdb0e2be297c13c0f7a156
K[6] = f05772ae2ce7f025156c9a7fbcc6b8fd
f1e735d613946e32922994e52820ffea
62615d907eb0551ad170990a86602088
af98c83c22cdb0e2be297c13c0f7a156
LPSX[K[6]]...LPSX[K[1]](m) = 5d0ae97f252ad04534503fe5f52e9bd0
7f483ee3b3d206beadc6e736c6e754bb
713f97ea7339927893eacf2b474a482c
add9ac2e58f09bcb440cf36c2d14a9b6
LPSX[K[6]]...LPSX[K[1]](m) = 5d0ae97f252ad04534503fe5f52e9bd0
7f483ee3b3d206beadc6e736c6e754bb
713f97ea7339927893eacf2b474a482c
add9ac2e58f09bcb440cf36c2d14a9b6
Iteration 7
迭代7
K[7] = 5ad144c362546e4e46b3e7688829fbb7
7453e9c3211974330b2b8d0e6be2b5ac
c89eb6b35167f159b7b005a43e5959a6
51a9b18cfc8e4098fcf03d9b81cfbb8d
K[7] = 5ad144c362546e4e46b3e7688829fbb7
7453e9c3211974330b2b8d0e6be2b5ac
c89eb6b35167f159b7b005a43e5959a6
51a9b18cfc8e4098fcf03d9b81cfbb8d
LPSX[K[7]]...LPSX[K[1]](m) = a59aa21e6ad3e330deedb9ab9912205c
355b1c479fdfd89a7696d7de66fbf7d3
cec25879f7f1a8cca4c793d5f2888407
aecb188bda375eae586a8cfd0245c317
LPSX[K[7]]...LPSX[K[1]](m) = a59aa21e6ad3e330deedb9ab9912205c
355b1c479fdfd89a7696d7de66fbf7d3
cec25879f7f1a8cca4c793d5f2888407
aecb188bda375eae586a8cfd0245c317
Iteration 8
迭代8
K[8] = 6a6cec9a1ba20a8db64fa840b934352b
518c638ed530122a83332fe0b8efdac9
018287e5a9f509c78d6c746adcd5426f
b0a0ad5790dfb73fc1f191a539016daa
K[8] = 6a6cec9a1ba20a8db64fa840b934352b
518c638ed530122a83332fe0b8efdac9
018287e5a9f509c78d6c746adcd5426f
b0a0ad5790dfb73fc1f191a539016daa
LPSX[K[8]]...LPSX[K[1]](m) = 9903145a39d5a8c83d28f70fa1fbd88f
31b82dc7cfe17b54b50e276cb2c4ac68
2b4434163f214cf7ce6164a75731bcea
5819e6a6a6fea99da9222951d2a28e01
LPSX[K[8]]...LPSX[K[1]](m) = 9903145a39d5a8c83d28f70fa1fbd88f
31b82dc7cfe17b54b50e276cb2c4ac68
2b4434163f214cf7ce6164a75731bcea
5819e6a6a6fea99da9222951d2a28e01
Iteration 9
迭代9
K[9] = 99217036737aa9b38a8d6643f705bd51
f351531f948f0fc5e35fa35fee9dd8bd
bb4c9d580a224e9cd82e0e2069fc49ed
367d5f94374435382b8fb6a8f5dd0409
K[9] = 99217036737aa9b38a8d6643f705bd51
f351531f948f0fc5e35fa35fee9dd8bd
bb4c9d580a224e9cd82e0e2069fc49ed
367d5f94374435382b8fb6a8f5dd0409
LPSX[K[9]]...LPSX[K[1]](m) = 330e6cb1d04961826aa263f2328f15b4
f3370175a6a9fd6505b286efed2d8505
f71823337ef71513e57a700eb1672a68
5578e45dad298ee2223d4cb3fda8262f
LPSX[K[9]]...LPSX[K[1]](m) = 330e6cb1d04961826aa263f2328f15b4
f3370175a6a9fd6505b286efed2d8505
f71823337ef71513e57a700eb1672a68
5578e45dad298ee2223d4cb3fda8262f
Iteration 10
迭代10
K[10] = 906763c0fc89fa1ae69288d8ec9e9dda
9a7630e8bfd6c3fed703c35d2e62aeaf
f0b35d80a7317a7f76f83022f2526791
ca8fdf678fcb337bd74fe5393ccb05d2
K[10] = 906763c0fc89fa1ae69288d8ec9e9dda
9a7630e8bfd6c3fed703c35d2e62aeaf
f0b35d80a7317a7f76f83022f2526791
ca8fdf678fcb337bd74fe5393ccb05d2
LPSX[K[10]]...LPSX[K[1]](m) = ad347608443ab9c9bbb64f633a5749ab
85c45d4174bfd78f6bc79fc4f4ce9ad1
dd71cb2195b1cfab8dcaaf6f3a65c8bb
0079847a0800e4427d3a0a815f40a644
LPSX[K[10]]...LPSX[K[1]](m) = ad347608443ab9c9bbb64f633a5749ab
85c45d4174bfd78f6bc79fc4f4ce9ad1
dd71cb2195b1cfab8dcaaf6f3a65c8bb
0079847a0800e4427d3a0a815f40a644
Iteration 11
迭代11
K[11] = 88ce996c63618e6404a5c8e03ee43385
4e2ae3eee68991bbbff3c29d38dadb6e
d6a1dae9a6dc6ddf52ce34af272f96d3
159c8c624c3fe6e13d695c0bfc89add5
K[11] = 88ce996c63618e6404a5c8e03ee43385
4e2ae3eee68991bbbff3c29d38dadb6e
d6a1dae9a6dc6ddf52ce34af272f96d3
159c8c624c3fe6e13d695c0bfc89add5
LPSX[K[11]]...LPSX[K[1]](m) = a065c55e2168c31576a756c7ecc1a912
9cd3d207f8f43073076c30e111fd5f11
9095ca396e9fb78a2bf4781c44e845e4
47b8fc75b788284aae27582212ec23ee
LPSX[K[11]]...LPSX[K[1]](m) = a065c55e2168c31576a756c7ecc1a912
9cd3d207f8f43073076c30e111fd5f11
9095ca396e9fb78a2bf4781c44e845e4
47b8fc75b788284aae27582212ec23ee
Iteration 12
迭代12
K[12] = 3e0a281ea9bd46063eec550100576f3a
506aa168cf82915776b978fccaa32f38
b55f30c79982ca45628e8365d8798477
e75a49c68199112a1d7b5a0f7655f2db
K[12] = 3e0a281ea9bd46063eec550100576f3a
506aa168cf82915776b978fccaa32f38
b55f30c79982ca45628e8365d8798477
e75a49c68199112a1d7b5a0f7655f2db
LPSX[K[12]]...LPSX[K[1]](m) = 2a6549f7a5cd2eb4a271a7c71762c868
3e7a3a906985d60f8fc86f64e35908b2
9f83b1fe3c704f3c116bdfe660704f3b
9c8a1d0531baaffaa3940ae9090a33ab
LPSX[K[12]]...LPSX[K[1]](m) = 2a6549f7a5cd2eb4a271a7c71762c868
3e7a3a906985d60f8fc86f64e35908b2
9f83b1fe3c704f3c116bdfe660704f3b
9c8a1d0531baaffaa3940ae9090a33ab
Iteration 13
迭代13
K[13] = f0b273409eb31aebe432fbae18672122
62c848422b6a92f93f6cbab54ed18b83
14b21cffc51e3fa319ff433e76ef6adb
0ef9f5e03c907fa1fcf9eca06500bf03
K[13] = f0b273409eb31aebe432fbae18672122
62c848422b6a92f93f6cbab54ed18b83
14b21cffc51e3fa319ff433e76ef6adb
0ef9f5e03c907fa1fcf9eca06500bf03
X[K[13]]...LPSX[K[1]](m) = dad73ab73b7e345f46435c690f05e94a
5cb272d242ef44f6b0a4d5d1ad888331
8b31ad01f96e709f08949cd8169f25e0
9273e8e50d2ad05b5f6de6496c0a8ca8
X[K[13]]...LPSX[K[1]](m) = dad73ab73b7e345f46435c690f05e94a
5cb272d242ef44f6b0a4d5d1ad888331
8b31ad01f96e709f08949cd8169f25e0
9273e8e50d2ad05b5f6de6496c0a8ca8
The result of the transformation g_N(h, m) is
变换g_N(h,m)的结果是
h = 203cc15dd55fcaa5b7a3bd98fb2408a6
7d5b9f33a80bb50540852b204265a2c1
aaca5efe1d8d51b2e1636e34f5becc07
7d930114fefaf176b69c15ad8f2b6878
h = 203cc15dd55fcaa5b7a3bd98fb2408a6
7d5b9f33a80bb50540852b204265a2c1
aaca5efe1d8d51b2e1636e34f5becc07
7d930114fefaf176b69c15ad8f2b6878
The variables N and EPSILON changed their values to:
变量N和EPSILON将其值更改为:
N = 00000000000000000000000000000000
00000000000000000000000000000000
00000000000000000000000000000000
00000000000000000000000000000200
N = 00000000000000000000000000000000
00000000000000000000000000000000
00000000000000000000000000000000
00000000000000000000000000000200
EPSILON = fbeafaebef20fffbf0e1e0f0f520e0ed
20e8ece0ebe5f0f2f120fff0eeec20f1
20faf2fee5e2202ce8f6f3ede220e8e6
eee1e8f0f2d1202ce8f0f2e5e220e5d1
EPSILON = fbeafaebef20fffbf0e1e0f0f520e0ed
20e8ece0ebe5f0f2f120fff0eeec20f1
20faf2fee5e2202ce8f6f3ede220e8e6
eee1e8f0f2d1202ce8f0f2e5e220e5d1
The length of the rest of the message is less than 512, so the incomplete block is padded:
消息其余部分的长度小于512,因此填充不完整的块:
m = 00000000000000000000000000000000
00000000000000000000000000000000
00000000000000000000000000000000
0000000000000001fbe2e5f0eee3c820
m = 00000000000000000000000000000000
00000000000000000000000000000000
00000000000000000000000000000000
0000000000000001fbe2e5f0eee3c820
The result of the transformation g_N(h, m) is
变换g_N(h,m)的结果是
h = a69049e7bd076ab775bc2873af26f098
c538b17e39a5c027d532f0a2b3b56426
c96b285fa297b9d39ae6afd8b9001d97
bb718a65fcc53c41b4ebf4991a617227
h = a69049e7bd076ab775bc2873af26f098
c538b17e39a5c027d532f0a2b3b56426
c96b285fa297b9d39ae6afd8b9001d97
bb718a65fcc53c41b4ebf4991a617227
The variables N and EPSILON change their values to
变量N和EPSILON将其值更改为
N = 00000000000000000000000000000000
00000000000000000000000000000000
00000000000000000000000000000000
00000000000000000000000000000240
N = 00000000000000000000000000000000
00000000000000000000000000000000
00000000000000000000000000000000
00000000000000000000000000000240
EPSILON = fbeafaebef20fffbf0e1e0f0f520e0ed
20e8ece0ebe5f0f2f120fff0eeec20f1
20faf2fee5e2202ce8f6f3ede220e8e6
eee1e8f0f2d1202ee4d3d8d6d104adf1
EPSILON = fbeafaebef20fffbf0e1e0f0f520e0ed
20e8ece0ebe5f0f2f120fff0eeec20f1
20faf2fee5e2202ce8f6f3ede220e8e6
eee1e8f0f2d1202ee4d3d8d6d104adf1
The result of the transformation g_0(h, N) is
变换g_0(h,N)的结果是
h = aee3bd55ea6f387bcf28c6dcbdbbfb3d
dacc67dcc13dbd8d548c6bf808111d4b
75b8e74d2afae960835ae6a5f0357555
9c9fd839783ffcd5cf99bd61566b4818
h = aee3bd55ea6f387bcf28c6dcbdbbfb3d
dacc67dcc13dbd8d548c6bf808111d4b
75b8e74d2afae960835ae6a5f0357555
9c9fd839783ffcd5cf99bd61566b4818
The result of the transformation g_0(h, EPSILON) is
变换g_0(h,ε)的结果是
h = 508f7e553c06501d749a66fc28c6cac0
b005746d97537fa85d9e40904efed29d
c345e53d7f84875d5068e4eb743f0793
d673f09741f9578471fb2598cb35c230
h = 508f7e553c06501d749a66fc28c6cac0
b005746d97537fa85d9e40904efed29d
c345e53d7f84875d5068e4eb743f0793
d673f09741f9578471fb2598cb35c230
The hash code of the message M2 is the value
消息M2的哈希代码是值
H(M2) = 508f7e553c06501d749a66fc28c6cac0
b005746d97537fa85d9e40904efed29d
H(M2) = 508f7e553c06501d749a66fc28c6cac0
b005746d97537fa85d9e40904efed29d
This entire document is about security considerations.
整个文档都是关于安全方面的考虑。
[GOST3411-94] "Information technology. Cryptographic data security. Hashing function", GOST R 34.11-94, Federal Agency on Technical Regulating and Metrology, 1994.
[GOST3411-94]“信息技术.加密数据安全.散列函数”,GOST R 34.11-94,联邦技术规范和计量局,1994年。
[GOST28147-89] "Systems of information processing. Cryptographic data security. Algorithms of cryptographic transformation", GOST 28147-89, Gosudarstvennyi Standard of USSR, Government Committee of the USSR for Standards, 1989. (In Russian)
[GOST28147-89]“信息处理系统。加密数据安全。加密转换算法”,GOST 28147-89,苏联GOST28147-89标准,苏联政府标准委员会,1989年。(俄语)
[GOST3411-2012] "Information technology. Cryptographic Data Security. Hashing function", GOST R 34.11-2012, Federal Agency on Technical Regulating and Metrology, 2012.
[GOST3411-2012]“信息技术、加密数据安全、哈希函数”,GOST R 34.11-2012,联邦技术监管和计量局,2012年。
[GOST3410-2012] "Information technology. Cryptographic data security. Formation and verification processes of [electronic] digital signature", GOST R 34.10-2012, Federal Agency on Technical Regulating and Metrology, 2012.
[GOST3410-2012]“信息技术、加密数据安全、[电子]数字签名的形成和验证过程”,GOST R 34.10-2012,联邦技术监管和计量局,2012年。
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC2119]Bradner,S.,“RFC中用于表示需求水平的关键词”,BCP 14,RFC 2119,1997年3月。
[RFC5831] Dolmatov, V., Ed., "GOST R 34.11-94: Hash Function Algorithm", RFC 5831, March 2010.
[RFC5831]多尔马托夫,V.,编辑,“GOST R 34.11-94:哈希函数算法”,RFC 58312010年3月。
[ISO2382-2] ISO, "Data processing - Vocabulary - Part 2: Arithmetic and logic operations", ISO 2382-2, 1976.
[ISO2382-2]ISO,“数据处理-词汇-第2部分:算术和逻辑运算”,ISO 2382-21976。
[ISO/IEC9796-2] ISO/IEC, "Information technology - Security techniques - Digital signature schemes giving message recovery - Part 2: Integer factorization based mechanisms", ISO/IEC 9796-2, 2010.
[ISO/IEC9796-2]ISO/IEC,“信息技术-安全技术-提供消息恢复的数字签名方案-第2部分:基于整数分解的机制”,ISO/IEC 9796-22010。
[ISO/IEC9796-3] ISO/IEC, "Information technology - Security techniques - Digital signature schemes giving message recovery - Part 3: Discrete logarithm based mechanisms", ISO/IEC 9796-3, 2006.
[ISO/IEC9796-3]ISO/IEC,“信息技术-安全技术-提供消息恢复的数字签名方案-第3部分:基于离散对数的机制”,ISO/IEC 9796-3,2006年。
[ISO/IEC14888-1] ISO/IEC, "Information technology - Security techniques - Digital signatures with appendix - Part 1: General", ISO/IEC 14888-1, 2008.
[ISO/IEC14888-1]ISO/IEC,“信息技术-安全技术-带附录的数字签名-第1部分:总则”,ISO/IEC 14888-12008。
[ISO/IEC14888-2] ISO/IEC, "Information technology - Security techniques - Digital signatures with appendix - Part 2: Integer factorization based mechanisms", ISO/IEC 14888-2, 2008.
[ISO/IEC14888-2]ISO/IEC,“信息技术-安全技术-带附录的数字签名-第2部分:基于整数分解的机制”,ISO/IEC 14888-22008。
[ISO/IEC14888-3] ISO/IEC, "Information technology - Security techniques - Digital signatures with appendix - Part 3: Discrete logarithm based mechanisms", ISO/IEC 14888-3, 2006.
[ISO/IEC14888-3]ISO/IEC,“信息技术-安全技术-带附录的数字签名-第3部分:基于离散对数的机制”,ISO/IEC 14888-3,2006年。
[ISO/IEC14888-3Amd] ISO/IEC, "Information technology - Security techniques - Digital signatures with appendix - Part 3: Discrete logarithm based mechanisms. Amendment 1. Elliptic Curve Russian Digital Signature Algorithm, Schnorr Digital Signature Algorithm, Elliptic Curve Schnorr Digital Signature Algorithm, and Elliptic Curve Full Schnorr Digital Signature Algorithm", ISO/IEC 14888-3:2006/Amd 1, 2010.
[ISO/IEC14888-3Amd]ISO/IEC,信息技术.安全技术.带附录的数字签名.第3部分:基于离散对数的机制。修正案1。椭圆曲线俄罗斯数字签名算法、Schnorr数字签名算法、椭圆曲线Schnorr数字签名算法和椭圆曲线全Schnorr数字签名算法”,ISO/IEC 14888-3:2006/Amd 12010。
[ISO/IEC10118-1] ISO/IEC, "Information technology - Security techniques - Hash-functions - Part 1: General", ISO/IEC 10118-1, 2000.
[ISO/IEC10118-1]ISO/IEC,“信息技术-安全技术-散列函数-第1部分:总则”,ISO/IEC 10118-119000。
[ISO/IEC10118-2] ISO/IEC, "Information technology - Security techniques - Hash-functions - Part 2: Hash-functions using an n-bit block cipher", ISO/IEC 10118-2, 2010.
[ISO/IEC10118-2]ISO/IEC,“信息技术-安全技术-散列函数-第2部分:使用n位分组密码的散列函数”,ISO/IEC 10118-220010。
[ISO/IEC10118-3] ISO/IEC, "Information technology - Security techniques - Hash-functions - Part 3: Dedicated hash-functions", ISO/IEC 10118-3, 2004.
[ISO/IEC10118-3]ISO/IEC,“信息技术-安全技术-散列函数-第3部分:专用散列函数”,ISO/IEC 10118-3,2004年。
[ISO/IEC10118-4] ISO/IEC, "Information technology - Security techniques - Hash-functions - Part 4: Hash-functions using modular arithmetic", ISO/IEC 10118-4, 1998.
[ISO/IEC10118-4]ISO/IEC,“信息技术-安全技术-散列函数-第4部分:使用模运算的散列函数”,ISO/IEC 10118-41998。
Authors' Addresses
作者地址
Vasily Dolmatov (editor) Cryptocom, Ltd. 14 Kedrova St., Bldg. 2 Moscow, 117218 Russian Federation
瓦西里·多尔马托夫(编辑)Cryptocom有限公司,俄罗斯联邦莫斯科凯德罗瓦街14号,2号楼,117218
EMail: dol@cryptocom.ru
EMail: dol@cryptocom.ru
Alexey Degtyarev Cryptocom, Ltd. 14 Kedrova St., Bldg. 2 Moscow, 117218 Russian Federation
俄罗斯联邦莫斯科凯德罗瓦街14号2号楼Alexey Degtyarev Cryptocom有限公司,邮编:117218
EMail: alexey@renatasystems.org
EMail: alexey@renatasystems.org