zig

fork of https://codeberg.org/ziglang/zig
Log | Files | Refs | README | LICENSE

commit 95f6a5935a675efe6d30bc2388e7a0bc6b742c6d (tree)
parent 12b74b2c0587e1f3f0ce8fdae47ab76e790b0d8e
Author: Frank Denis <124872+jedisct1@users.noreply.github.com>
Date:   Thu,  9 Mar 2023 20:20:57 +0100

TurboSHAKE: change default delimiter to 0x1F (#14857)

The TurboSHAKE paper just got published:
https://eprint.iacr.org/2023/342.pdf

and unlike the previous K12 paper, suggests 0x1F instead of 0x01
as the default value for "D".
Diffstat:
Mlib/std/crypto/sha3.zig | 4++--
1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/std/crypto/sha3.zig b/lib/std/crypto/sha3.zig @@ -20,7 +20,7 @@ pub const Shake256 = Shake(256); /// TurboSHAKE128 is a XOF (a secure hash function with a variable output length), with a 128 bit security level. /// It is based on the same permutation as SHA3 and SHAKE128, but which much higher performance. -/// The delimiter is 0x01 by default, but can be changed for context-separation. +/// The delimiter is 0x1f by default, but can be changed for context-separation. pub fn TurboShake128(comptime delim: ?u8) type { return TurboShake(128, delim); } @@ -96,7 +96,7 @@ pub fn Shake(comptime security_level: u11) type { /// The TurboSHAKE extendable output hash function. /// https://datatracker.ietf.org/doc/draft-irtf-cfrg-kangarootwelve/ pub fn TurboShake(comptime security_level: u11, comptime delim: ?u8) type { - return ShakeLike(security_level, delim orelse 0x01, 12); + return ShakeLike(security_level, delim orelse 0x1f, 12); } fn ShakeLike(comptime security_level: u11, comptime delim: u8, comptime rounds: u5) type {