"Perry E. Metzger" <perry@imsi.com> writes: apparently also pre-correction. Anyone know the proper reference for the corrected text?
I append the latest reference I've seen, posted by Robert Perillo in Aug. Check rand.org:pub/jim/sha.tar.gz for my latest C code. An #ifdef will select the broken or fixed versions. Jim Gillogly 7 Solmath S.R. 1995, 20:25 ---------------------------- Federal Register 07/11/94 Citation="59 FR 35317" [Docket No. 940675-4175] RIN 0693-AB33 Proposed Revision of Federal Information Processing Standard (FIPS) 180, Secure Hash Standard AGENCY: National Institute of Standards and Technology (NIST), Commerce. ACTION: Notice; Request for comments. SUMMARY: A revision of Federal Information Processing Standard (FIPS) 180, Secure Hash Standard (SHS), is being proposed. This proposed revision corrects a technical flaw that made the standard less secure than had been thought. The algorithm is still reliable as a security mechanism, but the correction returns the SHS to the original level of security. The SHS produces a 160-bit output called a message digest for a message of any size. This message digest can be used with FIPS 186, Digital Signature Standard (DSS), to compute a signature for the message. The same message digest should be obtained by the verifier of the signature when the received version of the message is used as input to the Secure Hash Algorithm (SHA). -------------- Proposed Modification of the Secure Hash Algorithm In Section 7 of [1](page 9), the line which reads b) For t=16 to 79 let W(t) = W(t-3) XOR W(t-8) XOR W(t-14) XOR W(t-16). is to be replaced by b) For t=16 to 79 let W(t) = S1( W(t-3) XOR W(t-8) XOR W(t-14) XOR W(t-16) ). where S1 is a left circular shift by one bit as defined in Section 3 of [1](page 6), namely S1(X) = (X<<1) V (X>>31). ASCII translator's note : S1 is actually, S superscript 1. W(t-n) is actually, W subscript, t or t-n. References: [1] FIPS PUB 180; Secure Hash Standard Computer Systems Laboratory National Institute of Standards and Technology 1993 May 11 _____________________________________________________________________