X-From-Line: nobody Fri Aug 14 20:49:07 1998 Newsgroups: sci.crypt Subject: Re: Implementing ciphers question (specifically, twofish) References: <6qpq80$jj6$1@boeing.rutgers.edu> From: Paul Crowley Date: 14 Aug 1998 20:49:06 +0100 Message-ID: <87lnormjil.fsf@hedonism.demon.co.uk> X-Newsreader: Gnus v5.5/XEmacs 20.4 - "Emerald" Lines: 46 Xref: hedonism.demon.co.uk misc-news:546 X-Gnus-Article-Number: 546 Fri Aug 14 20:49:07 1998 mione@boeing.rutgers.edu (Tony Mione) writes: > Anyhow, there are a couple of operations which involve taking a > 32-bit word as 4 octets and then performing a matrix multiplication against > their 'MDS' matrix. I understand matrix math. However, should this be > signed or unsigned arithmatic? Either way, the values will likely overflow > so I am assuming the results are modulo 256 (since the resulting bytes are > used to contruct a 32-bit return value.) Neither; the arithmetic is done in the field GF(2^8). In this field, addition is just XOR ("^"), and multiplication looks like this: uint32 gf8_mul( uint32 a, uint32 b, uint32 m ) { uint32 res = 0; while (b != 0) { if (b & 1) { res ^= a; } b >>= 1; a <<= 1; if (a & 0x100) { a ^= m; } } return res; } The third parameter "m" represents the polynomial defining the field. The MDS matrix uses this value: #define MDS_POLYNOMIAL ((1<<8)|(1<<6)|(1<<5)|(1<<3)|(1<<0)) and the RS matrix this value: #define RS_POLYNOMIAL ((1<<8)|(1<<6)|(1<<3)|(1<<2)|(1<<0)) Hope this helps, -- __ \/ o\ paul@hedonism.demon.co.uk Edinburgh fetish club Permission \ / /\__/ Paul Crowley Sept 13 http://www.hedonism.demon.co.uk/permission /~\