gnu.crypto.mac

Class UHash32

Implemented Interfaces:
IMac

public class UHash32
extends BaseMac

UHASH is a keyed hash function, which takes as input a string of arbitrary length, and produces as output a string of fixed length (such as 8 bytes). The actual output length depends on the parameter UMAC-OUTPUT-LEN.

UHASH has been shown to be epsilon-ASU ("Almost Strongly Universal"), where epsilon is a small (parameter-dependent) real number. Informally, saying that a keyed hash function is epsilon-ASU means that for any two distinct fixed input strings, the two outputs of the hash function with a random key "look almost like a pair of random strings". The number epsilon measures how non-random the output strings may be. UHASH has been designed to be fast by exploiting several architectural features of modern commodity processors. It was specifically designed for use in UMAC. But UHASH is useful beyond that domain, and can be easily adopted for other purposes. UHASH does its work in three layers. First, a hash function called NH is used to compress input messages into strings which are typically many times smaller than the input message. Second, the compressed message is hashed with an optimized polynomial hash function into a fixed-length 16-byte string. Finally, the 16-byte string is hashed using an inner-product hash into a string of length WORD-LEN bytes. These three layers are repeated (with a modified key) until the outputs total UMAC-OUTPUT-LEN bytes.

References:

  1. UMAC: Message Authentication Code using Universal Hashing.
    T. Krovetz, J. Black, S. Halevi, A. Hevia, H. Krawczyk, and P. Rogaway.
Version:
$Revision: 1.7 $

Nested Class Summary

(package private) class
UHash32.L1Hash32
First hash stage of the UHash32 algorithm.
(package private) class
UHash32.L2Hash32
Second hash stage of the UHash32 algorithm. 5.4 L2-HASH-32: Second-layer hash.

  • Input:
    K string of length 24 bytes.
    M string of length less than 2^64 bytes.
  • Returns:
    Y, string of length 16 bytes.
(package private) class
UHash32.L3Hash32
Third hash stage of the UHash32 algorithm.

Field Summary

(package private) static byte[]
ALL_ZEROES
(package private) static long
BOUNDARY
(package private) static BigInteger
LOWER_RANGE
(package private) static BigInteger
TWO
(package private) static BigInteger
UPPER_RANGE
(package private) UHash32.L1Hash32[]
l1hash
(package private) int
streams

Fields inherited from class gnu.crypto.mac.BaseMac

name, truncatedSize, underlyingHash

Fields inherited from interface gnu.crypto.mac.IMac

MAC_KEY_MATERIAL, TRUNCATED_SIZE

Constructor Summary

UHash32()
Trivial 0-arguments constructor.

Method Summary

Object
clone()
Returns a clone copy of this instance.
byte[]
digest()
Completes the MAC by performing final operations such as padding and resetting the instance.
void
init(Map attributes)
Initialises the algorithm with designated attributes.
int
macSize()
Returns the output length in bytes of this MAC algorithm.
(package private) static BigInteger
prime(int n)
The prime numbers used in UMAC are:
   +-----+--------------------+---------------------------------------+
   |  x  | prime(x) [Decimal] | prime(x) [Hexadecimal]                |
   +-----+--------------------+---------------------------------------+
   | 19  | 2^19  - 1          | 0x0007FFFF                            |
   | 32  | 2^32  - 5          | 0xFFFFFFFB                            |
   | 36  | 2^36  - 5          | 0x0000000F FFFFFFFB                   |
   | 64  | 2^64  - 59         | 0xFFFFFFFF FFFFFFC5                   |
   | 128 | 2^128 - 159        | 0xFFFFFFFF FFFFFFFF FFFFFFFF FFFFFF61 |
   +-----+--------------------+---------------------------------------+
void
reset()
Resets the algorithm instance for re-initialisation and use with other characteristics.
boolean
selfTest()
A basic test.
void
update(byte b)
Continues a MAC operation using the input byte.
void
update(byte[] b, int offset, int len)
Continues a MAC operation, by filling the buffer, processing data in the algorithm's MAC_SIZE-bit block(s), updating the context and count, and buffering the remaining bytes in buffer for the next operation.

Methods inherited from class gnu.crypto.mac.BaseMac

clone, digest, init, macSize, name, reset, selfTest, update, update

Field Details

ALL_ZEROES

(package private) static final byte[] ALL_ZEROES

BOUNDARY

(package private) static final long BOUNDARY

LOWER_RANGE

(package private) static final BigInteger LOWER_RANGE

TWO

(package private) static final BigInteger TWO

UPPER_RANGE

(package private) static final BigInteger UPPER_RANGE

l1hash

(package private)  UHash32.L1Hash32[] l1hash

streams

(package private)  int streams

Constructor Details

UHash32

public UHash32()
Trivial 0-arguments constructor.

Method Details

clone

public Object clone()
Returns a clone copy of this instance.
Specified by:
clone in interface IMac
Overrides:
clone in interface BaseMac
Returns:
a clone copy of this instance.

digest

public byte[] digest()
Completes the MAC by performing final operations such as padding and resetting the instance.
Specified by:
digest in interface IMac
Overrides:
digest in interface BaseMac
Returns:
the array of bytes representing the MAC value.

init

public void init(Map attributes)
            throws InvalidKeyException,
                   IllegalStateException
Initialises the algorithm with designated attributes. Permissible names and values are described in the class documentation above.
Specified by:
init in interface IMac
Overrides:
init in interface BaseMac
Parameters:
attributes - a set of name-value pairs that describe the desired future instance behaviour.

macSize

public int macSize()
Returns the output length in bytes of this MAC algorithm.
Specified by:
macSize in interface IMac
Overrides:
macSize in interface BaseMac
Returns:
the output length in bytes of this MAC algorithm.

prime

(package private) static final BigInteger prime(int n)
The prime numbers used in UMAC are:
   +-----+--------------------+---------------------------------------+
   |  x  | prime(x) [Decimal] | prime(x) [Hexadecimal]                |
   +-----+--------------------+---------------------------------------+
   | 19  | 2^19  - 1          | 0x0007FFFF                            |
   | 32  | 2^32  - 5          | 0xFFFFFFFB                            |
   | 36  | 2^36  - 5          | 0x0000000F FFFFFFFB                   |
   | 64  | 2^64  - 59         | 0xFFFFFFFF FFFFFFC5                   |
   | 128 | 2^128 - 159        | 0xFFFFFFFF FFFFFFFF FFFFFFFF FFFFFF61 |
   +-----+--------------------+---------------------------------------+
Parameters:
n - a number of bits.
Returns:
the largest prime number less than 2**n.

reset

public void reset()
Resets the algorithm instance for re-initialisation and use with other characteristics. This method always succeeds.
Specified by:
reset in interface IMac
Overrides:
reset in interface BaseMac

selfTest

public boolean selfTest()
A basic test. Ensures that the MAC of a pre-determined message is equal to a known pre-computed value.
Specified by:
selfTest in interface IMac
Overrides:
selfTest in interface BaseMac
Returns:
true if the implementation passes a basic self-test. Returns false otherwise.

update

public void update(byte b)
Continues a MAC operation using the input byte.
Specified by:
update in interface IMac
Overrides:
update in interface BaseMac
Parameters:
b - the input byte to digest.

update

public void update(byte[] b,
                   int offset,
                   int len)
Continues a MAC operation, by filling the buffer, processing data in the algorithm's MAC_SIZE-bit block(s), updating the context and count, and buffering the remaining bytes in buffer for the next operation.
Specified by:
update in interface IMac
Overrides:
update in interface BaseMac
Parameters:
offset - start of meaningful bytes in input block.

Copyright © 2001, 2002, 2003 Free Software Foundation, Inc. All Rights Reserved.