Conversation

Notices

1. Embed this notice
   Ryan Castellucci :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 12-Nov-2023 00:24:15 JST Ryan Castellucci :nonbinary_flag:

   Several of my personal projects should probably say:

   WARNING: This source code contains techniques which are known to the State of California to cause cancer.

   My cryptographic hash library does approximately the following to build, via a makefile:

   • Uses a bunch of make functions to generate target lists for wildcard recipes.
   • Run the Python scripts that generate a series of header files full of macros.
   • Runs the C preprocessor on meta-implementations of Merkel-Damgård hash functions once for each algorithm.
   • Concatenates some of the files together so the compiler can inline them better.
   • Compiles the files (a second pass of the preprocessor runs).
   • Links everything together.

   To the best of my knowledge, it's the fastest non-parallel x86_64 implementation of all the hash algorithms it supports, and it allows for building things like length extension attacks.

   • Embed this notice
     Ryan Castellucci :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 12-Nov-2023 00:44:07 JST Ryan Castellucci :nonbinary_flag:

     in reply to

     • Opalescent

     @opal There are extensive tests for correctness.

     Also, there's technically only one implementation for all the hash functions this way, yet the compiler can still do maximum optimizations.

     Other than the transform function, there's only a couple variables:

     • Name
     • Digest length
     • Block length
     • Word size
     • State size (in words)
     • Endianness
     • Transform function
   • Embed this notice
     Opalescent (opal@ioc.exchange)'s status on Sunday, 12-Nov-2023 00:44:08 JST Opalescent

     in reply to

     @ryanc

     My employer pays me to analyze cryptographic implementations for security and correctness.

     This sort of thing is why they pay me enough to buy decent Bourbon.