X-From-Line: nobody Fri Aug 14 20:49:07 1998
Newsgroups: sci.crypt
Subject: Re: Implementing ciphers question (specifically, twofish)
References: <6qpq80$jj6$1@boeing.rutgers.edu>
From: Paul Crowley
Date: 14 Aug 1998 20:49:06 +0100
Message-ID: <87lnormjil.fsf@hedonism.demon.co.uk>
X-Newsreader: Gnus v5.5/XEmacs 20.4 - "Emerald"
Lines: 46
Xref: hedonism.demon.co.uk misc-news:546
X-Gnus-Article-Number: 546 Fri Aug 14 20:49:07 1998
mione@boeing.rutgers.edu (Tony Mione) writes:
> Anyhow, there are a couple of operations which involve taking a
> 32-bit word as 4 octets and then performing a matrix multiplication against
> their 'MDS' matrix. I understand matrix math. However, should this be
> signed or unsigned arithmatic? Either way, the values will likely overflow
> so I am assuming the results are modulo 256 (since the resulting bytes are
> used to contruct a 32-bit return value.)
Neither; the arithmetic is done in the field GF(2^8). In this field,
addition is just XOR ("^"), and multiplication looks like this:
uint32 gf8_mul(
uint32 a,
uint32 b,
uint32 m
)
{
uint32 res = 0;
while (b != 0) {
if (b & 1) {
res ^= a;
}
b >>= 1;
a <<= 1;
if (a & 0x100) {
a ^= m;
}
}
return res;
}
The third parameter "m" represents the polynomial defining the field.
The MDS matrix uses this value:
#define MDS_POLYNOMIAL ((1<<8)|(1<<6)|(1<<5)|(1<<3)|(1<<0))
and the RS matrix this value:
#define RS_POLYNOMIAL ((1<<8)|(1<<6)|(1<<3)|(1<<2)|(1<<0))
Hope this helps,
--
__
\/ o\ paul@hedonism.demon.co.uk Edinburgh fetish club Permission \ /
/\__/ Paul Crowley Sept 13 http://www.hedonism.demon.co.uk/permission /~\