Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 23 Sep 2015 20:42:14 +0200
From: magnum <john.magnum@...hmail.com>
To: john-dev@...ts.openwall.com
Subject: Re: Reverse steps for single round sha(sha-1,
 sha256/384/512)

On 23/09/15 18:12, Aleksey Cherepanov wrote:
> Recently Solar mentioned a macro with reverse of 3 rounds of SHA2, but
> 7 rounds can be reversed.

> Below there are my formulas with t1 and t2 substituted and without
> parts that depend onto unknown data.
>
> i = 63
> g63 = h64
> f63 = g64
> e63 = f64
> c63 = d64
> b63 = c64
> a63 = b64
> s0 = ror(b64, 2) ^ ror(b64, 13) ^ ror(b64, 22)
> maj = (b64 & c64) ^ (b64 & d64) ^ (c64 & d64)
> d63 = e64 - (a64 - (s0 + maj))
>
> i = 62
> f62 = g63
> e62 = f63
> c62 = d63
> b62 = c63
> a62 = b63
> s0 = ror(b63, 2) ^ ror(b63, 13) ^ ror(b63, 22)
> maj = (b63 & c63) ^ (b63 & d63) ^ (c63 & d63)
> d62 = e63 - (a63 - (s0 + maj))
>
> i = 61
> e61 = f62
> c61 = d62
> b61 = c62
> a61 = b62
> s0 = ror(b62, 2) ^ ror(b62, 13) ^ ror(b62, 22)
> maj = (b62 & c62) ^ (b62 & d62) ^ (c62 & d62)
> d61 = e62 - (a62 - (s0 + maj))
>
> i = 60
> c60 = d61
> b60 = c61
> a60 = b61
> s0 = ror(b61, 2) ^ ror(b61, 13) ^ ror(b61, 22)
> maj = (b61 & c61) ^ (b61 & d61) ^ (c61 & d61)
> d60 = e61 - (a61 - (s0 + maj))
>
> i = 59
> c59 = d60
> b59 = c60
> a59 = b60
>
> i = 58
> b58 = c59
> a58 = b59
>
> i = 57
> a57 = b58

Way cool, I will take a stab at this. Should be another 5% boost.

Thanks!
magnum

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ