[Cfrg] Password - final hash
Otto Ersek <oersek@gmail.com> Wed, 02 November 2016 06:41 UTC
Return-Path: <oersek@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7492C12950D for <cfrg@ietfa.amsl.com>; Tue, 1 Nov 2016 23:41:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cSPGBe56Diec for <cfrg@ietfa.amsl.com>; Tue, 1 Nov 2016 23:41:52 -0700 (PDT)
Received: from mail-wm0-x22a.google.com (mail-wm0-x22a.google.com [IPv6:2a00:1450:400c:c09::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 75CDC1293F2 for <cfrg@irtf.org>; Tue, 1 Nov 2016 23:41:51 -0700 (PDT)
Received: by mail-wm0-x22a.google.com with SMTP id p190so246996646wmp.1 for <cfrg@irtf.org>; Tue, 01 Nov 2016 23:41:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:subject:to:message-id:date:user-agent:mime-version :content-transfer-encoding; bh=quRFujkC8DOIahPnRlKxzft+Dznl+sgntU6qOBvGGN0=; b=oCHu5MD2w29kjV2rCxyles3GaUzWf6MZWKMuH7k4/AHniP0YD65Q8xP8/V4po5DfAg PVhtCpKuGDvpn5adgRi5GlSpjXVn17Z+gg9nTJMwpz4lIjS47dSN/9uyJ2sV1kjdP+Xo nBAp1fEM0nIEXv2kPRNUDFRnajsa03E5gBxpynP0fVrJqfbWdKLO6io8pOY59qQkVkIw Ye1KVKXwu6DMA1Hhsrdun/eNFZX+wrIs7L3AW1GKZ8oKeOxWgnfozjBZLAWrkWwvC0ua eLkkrRb+M6kqDVREjOTnoNROXW6xfMG/OZLoellEpSz2ZKH4v2h9UznLsc8M7zKWKfIy xG7A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:subject:to:message-id:date:user-agent :mime-version:content-transfer-encoding; bh=quRFujkC8DOIahPnRlKxzft+Dznl+sgntU6qOBvGGN0=; b=cPvcglharigHRfkVHCmet8AgGHvAc8lvN06mV691blYezwuY/pf5w70knyuPt0p5gX AvDDJbuPVneO+Cz0hPhDVjhWe+NA3hnkBMD3GXmzIX5hk62+cZQ0LU+FlQ7pBnqThpN0 Lj8AOKcbZT3zojPYIZoGC8EMEnEoAH8nBDeYn9XS88CfLnl7MUglEOYR/7AQUtrw5rhD YAmTg499qgY9i5nsP7BwFwlMlguBM1fkXASX4NgJGHwMQ7D0jMTLYBQGRDhPOC3L+rh0 JDH6hbHn2i28W/hn9cmMYW/iTCHPcUZuDJv/uJouKVWUvTt8cgajBHri2EQtYm+NnT7a 8lZQ==
X-Gm-Message-State: ABUngveiVWT//CwzPpB4PNsmugkqGZ8+huQRJsMymKky70pDdJXCnd1t5MmO1wzl0mdWVA==
X-Received: by 10.194.119.233 with SMTP id kx9mr1883505wjb.112.1478068909814; Tue, 01 Nov 2016 23:41:49 -0700 (PDT)
Received: from [192.168.0.102] (77.119.128.108.wireless.dyn.drei.com. [77.119.128.108]) by smtp.gmail.com with ESMTPSA id ma5sm739326wjb.47.2016.11.01.23.41.48 for <cfrg@irtf.org> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 01 Nov 2016 23:41:49 -0700 (PDT)
From: Otto Ersek <oersek@gmail.com>
To: cfrg@irtf.org
Message-ID: <568be574-a038-16e0-7e5a-52e39a23f660@gmail.com>
Date: Wed, 02 Nov 2016 07:41:48 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.3.0
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/f7zB6mVL3kRDXcGKAImVi_KtS1o>
Subject: [Cfrg] Password - final hash
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Nov 2016 06:41:53 -0000
Hi, No I don’t intend to just simply hash the final message! Assume sha512 was to be selected as the underlying hash function Transfer the submitted modified message appended with the positional data into M0 = (i,j) matrix. 1) Hash this matrix row by row → M1 = (i, 512) 2) then hash M1 column by column → M2 = (512, 512) this populates user changes across the whole matrix, and then: 3) then hash M2 alternating between rows/columns in a predefined *) order multiple times over all entries finally XOR the matrix thus we lose the “dimension” of a hash :-) *) predefined = different for “all” messages pseudo-random but deterministic with a seed based on M2 Otto
- [Cfrg] Password - final hash Otto Ersek