Open mecsie0415 opened 9 months ago
@mecsie0415 Exceptionally well-spotted! I can confirm that by modifying ref.py
in the manner you have described, I now get identical output when running both the reference C implementation and, especially now, the reference Python implementation. I am especially grateful to you, as I am just learning about cryptographic functions and had intended to do so by re-implementing Haraka v2 in a different programming language.
Hi! I'm a student currently working on turning Haraka_v2 to HDL languages. When I'm tracing the code ref.py, I've noticed that
RC
is consistent with the Round Constants defined in the Haraka v2 – Efficient Short-Input Hashing for Post-Quantum Applications . However, it seems that the round constant used in each round of AES round function goes wrong.def convRC(rc):
rcstr = hex(rc)[2:-1].zfill(32)
return [int(rcstr[i:i + 2], 16) for i in range(0, 32, 2)]
The code above would drop 4 least significant bits while converting eachRC
to 16 words state, resulting in adding 4 0 bits on the MSB side. Thank you for the time reading my questions, I thinkrcstr = hex(rc)[2:].zfill(32)
should fix the inconsistency.