Closed ericmj closed 8 years ago
My bad, it seems like it does indeed select the correct word. My confusion comes from smix
using double sized arrays for some reason.
Thanks for checking out the code. I am pretty sure our implementation outputs the published test vectors so we should be producing predictable results. Thanks!
On Thursday, March 31, 2016, Eric Meadows-Jönsson notifications@github.com wrote:
Closed #53 https://github.com/keybase/triplesec/issues/53.
— You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub https://github.com/keybase/triplesec/issues/53#event-610028903
Yeah, I found the test vectors eventually which was of great help for my own implementation.
Thanks!
I think the integerify implementation is incorrect. To quote the specification [1]:
Which can also be interpreted as select the last word from a block. The integerify function in triplesec on the other hand selects a word form the middle of the block.
The
0x10
constant above should be0x20
. I would guess this mistake stems from this code being based on a reference implementation that used 64-bit words and the triplesec implementation using 32-bit words (Int32Array
).[1] http://www.tarsnap.com/scrypt/scrypt.pdf