-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathSHA3_original.m
163 lines (160 loc) · 3.86 KB
/
SHA3_original.m
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
%
% SHA3 main program
%
clear;
clc;
%
% parameters and message
%
HASH_type = 'SHAKE256'; % hash type
HASH_len = 2222; %
s_input = 'abc'; % massage input
%
%
% d = 0;
% dd = 0;
% subtype = '';
if strcmp(HASH_type, 'SHA3-224') == 1
d = 224; % the fixed langth of the massage digest size
dd = d; % bit number
subtype = 'HASH';
elseif strcmp(HASH_type, 'SHA3-256') == 1
d = 256; % massage digest size
dd = d;
subtype = 'HASH';
elseif strcmp(HASH_type, 'SHA3-384') == 1
d = 384; % massage digest size
dd = d;
subtype = 'HASH';
elseif strcmp(HASH_type, 'SHA3-512') == 1
d = 512; % massage digest size
dd = d;
subtype = 'HASH';
elseif strcmp(HASH_type, 'SHAKE128') == 1
d = 128;
dd = HASH_len;
subtype = 'XOF';
elseif strcmp(HASH_type, 'SHAKE256') == 1
d = 256;
dd = HASH_len;
subtype = 'XOF';
end
%
% fixed coefficient
b = 1600; % total bits = 25*25*64 = 1600
nr = 24; % number of rounds
c = 2 * d; % capacity
r = b - c; % for every r-bit a section
w = b / 25; % depth of the state array = 1600 / 25 = 64
LL = log2(w); % use LL to avoid naming collision in just L
%
%
% Lk: , k:
[Lk, k] = input_string_2_L_array(s_input, d, subtype);
for ix = 0 : 4
for iy = 0 : 4
fprintf('L(%d, %d) = %s\n',ix, iy, Lk(ix + 1, iy + 1, :));
end
end
%
% initial state array
%
Lp = char();
for iy = 0 : 4
for ix = 0 : 4
Lp(ix + 1, iy + 1, :) = '0000000000000000';
end
end
%
% sponge construction
%
for ik = 1 : k
L = Lk(:, :, :, ik);
for iy = 0 : 4
for ix = 0 : 4
L(ix + 1, iy + 1, :) = bitxor_64(L(ix + 1, iy + 1, :), Lp(ix + 1, iy + 1, :));
end
end
L = f_function(L);
Lp = L;
end
%
% final state
fprintf('final state \n');
for ix = 0 : 4
for iy = 0 : 4
fprintf('L(%d, %d) = %s\n',ix, iy, L(ix + 1, iy + 1, :, 1));
end
end
%
% generation of the HASH value
%
HASH = char();
d8 = dd / 8;
counter = 0;
if strcmp(subtype, 'HASH') == 1
% HASH = char();
% d8 = dd / 8;
% counter = 0;
for iy = 0 : 4
for ix = 0 : 4
for iz = 0 : 7
counter = counter + 1;
if counter <= d8
HASH = strcat(HASH , L(ix + 1, iy + 1, 16 - 2*iz - 1, 1));
HASH = strcat(HASH , L(ix + 1, iy + 1, 16 - 2*iz , 1));
end
end
end
end
elseif strcmp(subtype, 'XOF') == 1
HASH = char();
d8 = floor(dd / 8); %
r8 = r / 8; %
counter = 0;
for iy = 0 : 4
for ix = 0 : 4
for iz = 0 : 7
counter = counter + 1;
if counter <= r8
HASH = strcat(HASH , L(ix + 1, iy + 1, 16 - 2*iz - 1, 1));
HASH = strcat(HASH , L(ix + 1, iy + 1, 16 - 2*iz , 1));
end
end
end
end
while length(HASH) < d8 * 2
L = f_function(L);
counter = 0;
for iy = 0 : 4
for ix = 0 : 4
for iz = 0 : 7
counter = counter + 1;
if counter <= r8
HASH = strcat(HASH , L(ix + 1, iy + 1, 16 - 2*iz - 1, 1));
HASH = strcat(HASH , L(ix + 1, iy + 1, 16 - 2*iz , 1));
end
end
end
end
end % end while
HASH = HASH(1 : d8 * 2);
end
HASH = lower(HASH);
%
%
fprintf('HASH value: %s \n', HASH);
%
% testing f_function
% L = char(); % Lane state array
% for ix = 0 : 4
% for iy = 0 : 4
% L(ix + 1, iy + 1, :) = '0123456789abcdef';
% end
% end
% LLL = f_function(L);
% for ix = 0 : 4
% for iy = 0 : 4
% fprintf('LLL(%d, %d) = %s\n',ix, iy, LLL(ix + 1, iy + 1, :));
% end
% end