Thread Links			Date Links
Thread Prev	Thread Next	Thread Index	Date Prev	Date Next	Date Index

Re: [P1619-2] the EME2 ref code vs. byte-oriented pseudocode

To: P1619-2@xxxxxxxxxxxxxxxxx
Subject: Re: [P1619-2] the EME2 ref code vs. byte-oriented pseudocode
From: Matt Ball <matt.ball@xxxxxxxx>
Date: Tue, 17 Jun 2008 17:44:53 -0600
In-Reply-To: <da7b3ce30806171508l3bfdcc7cwc78e22d59628691f@mail.gmail.com>
List-Help: <http://listserv.ieee.org/cgi-bin/wa?LIST=P1619-2>, <mailto:LISTSERV@LISTSERV.IEEE.ORG?body=INFO%20P1619-2>
List-Owner: <mailto:P1619-2-request@LISTSERV.IEEE.ORG>
List-Subscribe: <mailto:P1619-2-subscribe-request@LISTSERV.IEEE.ORG>
List-Unsubscribe: <mailto:P1619-2-unsubscribe-request@LISTSERV.IEEE.ORG>
References: <485829FF.2050101@alum.mit.edu> <da7b3ce30806171508l3bfdcc7cwc78e22d59628691f@mail.gmail.com>
Reply-To: Matt Ball <matt.ball@xxxxxxxx>

Hi Hal,

Using 0x80 vs. 0x01 is a Big-Endian vs. Little-Endian issue. In a strict Little-Endian world, bit 0 of byte 0 comes first in the stream, which means that the little-endian byte stream 01 00 00 00, represents a binary stream of a 1 followed by zeros, which is identical to the big-endian byte stream of 80 00 00 00, which is also a binary 1 followed by zeros.

Here's an example:

Binary Stream 1 0 0 0 0 0 0 0 - 0 0 0 0 0 0 0 0
LittleEnd BitOrder 00 01 02 03 04 05 06 07 - 08 09 10 11 12 13 14 15
BigEndian BitOrder 15 14 13 12 11 10 09 08 - 07 06 05 04 03 02 01 00
LittleEnd Byte Rep [ 01 ] [ 00 ]
BigEndian Byte Rep [ 80 ] [ 00 ]

The confusion comes because in America we represent numbers in big endian format, where the most-significant digits come first. That's why 01 00 00 00 looks strange, but makes perfect sense when converted to a little endian binary stream.

If the byte stream is in little-endian order, then using 0x01 00 00 as padding is the logical choice over 0x80 00 00 00.

Cheers,
-Matt

On Tue, Jun 17, 2008 at 4:08 PM, Hal Finney <hal.finney@gmail.com> wrote:

Well, either one would work. I did 0x80 because that is how padding is
done in some other algorithms, like SHA. It also leaves open the
possibility of a future extension that would allow for odd bit
lengths. If we had a 513 bit value then we could pad with 0x40 0 0
.... (This assumes that the 513th bit would be 0x80, but we do sort of
assume that anyway in our multByAlpha representation.) So I'd prefer
changing the byte oriented pseudo-code to do padding with 0x80 0 0....

Hal

On Tue, Jun 17, 2008 at 2:17 PM, Shai Halevi <shaih@alum.mit.edu> wrote:
> The current EME2 reference code on sourceforge uses padding with
>
> 0x80 0 0 ...
>
> whenever one needs to pad things to 16-byte boundaries. On the other
> hand, The byte-oriented pseudo-code says to pad with
>
> 1 0 0 ...
>
> So we need to change either the pseudo-code in the spec or the
> reference code.
>
> -- Shai
>

--
Thanks!
Matt Ball, IEEE P1619.x SISWG Chair
M.V. Ball Technical Consulting, Inc.
Phone: 303-469-2469, Cell: 303-717-2717
http://www.mvballtech.com
http://www.linkedin.com/in/matthewvball

Follow-Ups:
- Re: [P1619-2] the EME2 ref code vs. byte-oriented pseudocode
  - From: Hal Finney

References:
- [P1619-2] the EME2 ref code vs. byte-oriented pseudocode
  - From: Shai Halevi
- Re: [P1619-2] the EME2 ref code vs. byte-oriented pseudocode
  - From: Hal Finney

Prev by Date: Re: [P1619-2] the EME2 ref code vs. byte-oriented pseudocode
Next by Date: Re: [P1619-2] the EME2 ref code vs. byte-oriented pseudocode
Prev by thread: Re: [P1619-2] the EME2 ref code vs. byte-oriented pseudocode
Next by thread: Re: [P1619-2] the EME2 ref code vs. byte-oriented pseudocode
Index(es):
- Date
- Thread