Re: ANNOUNCE: SHA-224 in Digest::SHA

From: Tom St Denis (tomstdenis_at_iahu.ca)
Date: 12/29/03

• Next message: Bill Unruh: "Re: Does Base64 encoding before encryption makes it easier to break?"
• Previous message: Bill Unruh: "Re: Does Base64 encoding before encryption makes it easier to break?"
• In reply to: Mark Shelor: "Re: ANNOUNCE: SHA-224 in Digest::SHA"
• Next in thread: Mark Shelor: "Re: ANNOUNCE: SHA-224 in Digest::SHA"
• Reply: Mark Shelor: "Re: ANNOUNCE: SHA-224 in Digest::SHA"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Mon, 29 Dec 2003 22:34:39 GMT

"Mark Shelor" <mshelor@comcast.removeme.net> wrote in message
news:66Sdncycw9dkFW2iRVn-iQ@comcast.com...
> danco@ns2.pebble.org wrote:
>
> > However rude, abrupt, immodest and imature Tom _may_ be from time to
time
> > (or all the time), IMHO he is also correct in this particular instance.
>
>
> To each his own, of course. But the example chosen to carp on is a bit
> inconsequential.
>
> The "sha_big_endian" quantity is in fact a constant -- not a runtime
> variable -- so when the compiler encounters the "if/else" construct,
> it's actually able to optimize it away. This technique enables software
> to be much more readable and maintainable by avoiding #ifdef's in the
> main code. I would have named it "SHA_BIG_ENDIAN", but if I'd done
> that, I wouldn't have been able to have irritated Tom :)

Um, I don't have any #ifdef's in my code regarding endianess. I do one
ifdef in a header file then I pick the appropriate load/store macros from
that. I autodetect x86 and the PS2 [don't ask why...] and for the rest I
use platform neutral code.

Also a memcpy is not entirely portable if "unsigned long" is 64 bits instead
of 32. IIRC you memcpy on bigendian platforms to an array of unsigned long.
That isn't portable.

> Regarding runtime heap operations ... I assume he's referring to the
> fact that "shaopen()" and "hmacopen()" make calls to malloc when
> creating a handle. Well, this is exactly the way the ANSI C standard
> "fopen()" does it when operating on a FILE handle. In fact, the
> "sha...()" and "hmac...()" calls were modeled on the ANSI "fopen()" and
> "fwrite()" interface style to promote usability.

[Warning: Tom is about to state an opinion!!!]

FWIW, my approach is that the user passes the hmac/hash/[etc] state to the
function. This allows them to use either stack or heap [upto them]. Aside
for the PK math no LTC function uses heap at all. This makes the code
flexible for platforms where heap is limited, controlled or just slow to
work with.

> On a more practical note, the C implementation underneath the
> Digest::SHA module is quite portable, and appears to be some of the
> fastest code out there (compared to, e.g., cipher/sha1.c in GNU PG).
> Also, it has the distinction of handling bitstring inputs (as allowed by
> the NIST SHA standard), whereas almost every other implementation is
> restricted to byte inputs. Such features are quite useful for
> cryptanalysis.

Handling only bytes doesn't really limit people using the algorithms since
you can just assume padding. Though yeah it's ideal to handle any bit
length it often complicates the code [since now you have to shift in partial
bytes, etc].

As for portability... Got that too. In fact every platform that Bitkeeper
supports, LTC supports too [hint: LTC is in Bitkeeper according to Bitmover
developers]

> I don't mind responding to critiques that have actual substance, but
> mere expressions of opinion such as yours don't contribute very much,
> and reflect a certain gratuitous laziness. If you can point to any real
> shortcomings, or examples where someone has done it better in some
> demonstrable, measureable way, then please feel free to speak up.

Oh, so now I can't express my own opinion, not two days ago I was being
flamed to death for questioning another posters opinion...

Just because your code works doesn't mean it is ideal [note that I don't
consider my code perfect, just more ideal in this respect]. And no, I'm not
saying you shouldn't write code. I was contributing my two cents. If you
like your code the way it is by all means leave it the way it is.

Tom

• Next message: Bill Unruh: "Re: Does Base64 encoding before encryption makes it easier to break?"
• Previous message: Bill Unruh: "Re: Does Base64 encoding before encryption makes it easier to break?"
• In reply to: Mark Shelor: "Re: ANNOUNCE: SHA-224 in Digest::SHA"
• Next in thread: Mark Shelor: "Re: ANNOUNCE: SHA-224 in Digest::SHA"
• Reply: Mark Shelor: "Re: ANNOUNCE: SHA-224 in Digest::SHA"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: What is the best game ever? ... Torment is the best game ever made. ... Any platform, any genre, any time. ... expert on his own opinion. ... (comp.sys.ibm.pc.games.rpg) Re: extend/shrink heap ? ... > that can be extended and shrunk? ... Considering the fact that doing so -- if you can at all -- is platform ... It's an urban legend. ... (comp.lang.c) Re: which to learn? C, C#, VB6, VB.Net? ... That's no play on words from some marketing guy, its my own opinion ... from understanding how much any managed language relies on the .NET ... It is no surprise that a platform change would ... (microsoft.public.vb.general.discussion) Re: What is the best game ever? ... Torment is the best game ever made. ... Any platform, any genre, any time. ... (That's not just my opinion either, ... (comp.sys.ibm.pc.games.rpg) Re: Oxford Union gives platform to fascists ... opposing views will be voiced, and questions asked that will expose ... Far from giving the views legitimacy, this will expose ... refusing to allow them to be mentioned on any mainstream platform, ... Fair enough, that's your opinion, but I still hold to mine. ... (uk.legal)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint