Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Proper SHA3 implementation? #6
I'm trying to find a SHA3 library for Ruby, but it seems like every library (this one included) is, if I'm not mistaken, using an old version of Keccak for validation, not the actual standardized SHA3.
The most recent SHA3 test vectors say that the hash of the blank string should be:
however, in this library, it works out to:
After some research, I found some pages that calculate both the original keccak and the sha3, and it confirms that the first output is correct. Here's one such page:
And here's a blank test vector from the original docs:
Which agrees with everything else, and shows that the output is wrong.
Is there any chance of getting this fixed? Or of adding an option to use the new variation?
It appears to be a padding issue.. NIST changed the padding to be:
But this implementation doesn't account for the 01 bits in the padding. After padding the empty string, the first byte should be '06', not '01', to account for the extra 01 at the start (6 = 00000110, reversing endian = 01100000, the current padding is 10000......, but the proper padding is that one, 01 then 10000.......
@iagox86 This version of the gem is based on the original (optimized) C reference implementation released by Keccak team. I know that they have updated their implementation, and provide FIPS 202 support, but the gem's backing code MAY require a good amount of rewrite. Nonetheless, this is something I've been wanting to do, and I suppose it should be done sooner rather than later.
I'll look into this, but considering my schedule, I'm doubtful that I'll be able to complete a new release quickly (2 - 3 weeks would be optimistic). Of course, pull requests are welcome. :)
On Wed, Oct 21, 2015 at 11:34 AM, Johanns Gregorian <
@iagox86 I think it's done. I haven't cut a new gem yet, but you can grab a pre-release here:
A few notes:
Let me know if this meets your expectations, and/or if you find any bugs.
Awesome, I'll check it out! Thanks for the update!
On Thu, Oct 22, 2015 at 12:11 AM, Johanns Gregorian <