US Patent No. 9,288,041

APPARATUS AND METHOD FOR PERFORMING COMPRESSION OPERATION IN HASH ALGORITHM


Patent No. 9,288,041
Issue Date March 15, 2016
Title Apparatus And Method For Performing Compression Operation In Hash Algorithm
Inventorship Deukjo Hong, Daejeon (KR)
Dong-Chan Kim, Daejeon (KR)
Jung Keun Lee, Daejeon (KR)
Daesung Kwon, Daejeon (KR)
Assignee ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE, Daejeon (KR)

Claim of US Patent No. 9,288,041

1. An apparatus for performing a compression operation in a hash algorithm, comprising:
a message extension unit for receiving a message and generating 32, 384-bit extended messages;
a chaining variable initial conversion unit for receiving chaining variable data and converting the chaining variable data
into 512-bit initial state data;

a step function operation unit for repeatedly calculating a step function based on the initial state data and the plurality
of extended messages and then producing final state data, wherein:

the step function operation unit produces the final state data by repeatedly calculating the step function based on the 512-bit
initial state data (X0=X0[0]?X0[1]? • • • ?X0[14]?X0[15]) and the 32, 384-bit extended messages (Wr=Wr[0]?Wr[1]? • • • ?Wr[10]?Wr[11]), and

the step function is a function for calculating the following Equations (1) to (5):
Tr[i]=Xr[i]?Wr[i],0?i?11  (1)

Xr+1[i]=ROL9(Tr[i]Tr[i+4]),0?i?3  (2)

Xr+1[i]=ROL27(Tr[i]Tr[i+4]),4?i?7  (3)

Xr+1[i]=ROL29(Tr[i]Xr[i+4]),8?i?11  (4)

Xr+1[i]=Tr[i?12],12?i?15  (5)

where x?y denotes an exclusive OR operation on x and y which respectively have 32-bit values, xy denotes an operation of outputting a remainder of division when a sum of values representing the 32-bit x and y by positive
integers, respectively, is divided by 232, in 32 bits, and ROLa(x) denotes an operation of cyclically shifting the 32-bit x to left by ‘a’ bits and outputting a shifted value; and

a chaining variable final conversion, unit for generating updated chaining variable data from the chaining variable data using
the final state data, and outputting the updated chaining variable data.