A | B | C | D | E | F | G | H | CH | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z | 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9
General | |
---|---|
Designers | FAPSI and VNIIstandart (USSR) |
First published | 1994-05-23 (declassified) |
Derived from | GOST block cipher |
Successors | Streebog |
Certification | GOST standard |
Detail | |
Digest sizes | 256 bits |
Rounds | 32 |
Best public cryptanalysis | |
A 2008 attack breaks the full-round hash function. The paper presents a collision attack in 2105 time, and preimage attacks in 2192 time.[1] |
The GOST hash function, defined in the standards GOST R 34.11-94 and GOST 34.311-95 is a 256-bit cryptographic hash function. It was initially defined in the Russian national standard GOST R 34.11-94 Information Technology – Cryptographic Information Security – Hash Function. The equivalent standard used by other member-states of the CIS is GOST 34.311-95.
This function must not be confused with a different Streebog hash function, which is defined in the new revision of the standard GOST R 34.11-2012.[2]
The GOST hash function is based on the GOST block cipher.
Algorithm
GOST processes a variable-length message into a fixed-length output of 256 bits. The input message is broken up into chunks of 256-bit blocks (eight 32-bit little endian integers); the message is padded by appending as many zeros to it as are required to bring the length of the message up to 256 bits. The remaining bits are filled up with a 256-bit integer arithmetic sum of all previously hashed blocks and then a 256-bit integer representing the length of the original message, in bits.
Basic notation
The algorithm descriptions uses the following notation:
- — j-bit block filled with zeroes.
- — length of the M block in bits modulo 2256.
- — concatenation of two blocks.
- — arithmetic sum of two blocks modulo 2256.
- — logical xor of two blocks.
Further we consider that the little-order bit is located at the left of a block, and the high-order bit at the right.
Description
The input message is split into 256-bit blocks . In the case the last block contains less than 256 bits, it is prepended left by zero bits to achieve the desired length.
Each block is processed by the step hash function , where , , are a 256-bit blocks.
Each message block, starting the first one, is processed by the step hash function , to calculate intermediate hash value
The value can be arbitrary chosen, and usually is .
After is calculated, the final hash value is obtained in the following way
- , where L — is the length of the message M in bits modulo
- , where K — is 256-bit control sum of M:
The is the desired value of the hash function of the message M.
So, the algorithm works as follows.
- Initialization:
- — Initial 256-bit value of the hash function, determined by user.
- — Control sum
- — Message length
- Compression function of internal iterations: for i = 1 … n — 1 do the following (while ):
- – apply step hash function
- – recalculate message length
- – calculate control sum
- Compression function of final iteration:
- – calculate the full message length in bits
- – pad the last message with zeroes
Antropológia
Aplikované vedy
Bibliometria
Dejiny vedy
Encyklopédie
Filozofia vedy
Forenzné vedy
Humanitné vedy
Knižničná veda
Kryogenika
Kryptológia
Kulturológia
Literárna veda
Medzidisciplinárne oblasti
Metódy kvantitatívnej analýzy
Metavedy
Metodika
Text je dostupný za podmienok Creative
Commons Attribution/Share-Alike License 3.0 Unported; prípadne za ďalších
podmienok.
Podrobnejšie informácie nájdete na stránke Podmienky
použitia.
www.astronomia.sk | www.biologia.sk | www.botanika.sk | www.dejiny.sk | www.economy.sk | www.elektrotechnika.sk | www.estetika.sk | www.farmakologia.sk | www.filozofia.sk | Fyzika | www.futurologia.sk | www.genetika.sk | www.chemia.sk | www.lingvistika.sk | www.politologia.sk | www.psychologia.sk | www.sexuologia.sk | www.sociologia.sk | www.veda.sk I www.zoologia.sk