LSH (hash function)
LSH is a cryptographic hash function designed in 2014 by South Korea to provide integrity in general-purpose software environments such as PCs and smart devices. LSH is one of the cryptographic algorithms approved by the Korean Cryptographic Module Validation Program.
And it is the national standard of South Korea.
Specification
The overall structure of the hash function LSH is shown in the following figure.The hash function LSH has the wide-pipe Merkle-Damgård structure with one-zeros padding.
The message hashing process of LSH consists of the following three stages.
- Initialization:
- * One-zeros padding of a given bit string message.
- * Conversion to 32-word array message blocks from the padded bit string message.
- * Initialization of a chaining variable with the initialization vector.
- Compression:
- * Updating of chaining variables by iteration of a compression function with message blocks.
- Finalization:
- * Generation of an -bit hash value from the final chaining variable.
Generation of message blocks, where from the padded bit string for 'to do end for return' |
The specifications of the hash function LSH are as follows.
| Algorithm | Digest size in bits | Number of step functions | Chaining variable size in bits | Message block size in bits | Word size in bits |
| LSH-256-224 | 224 | 26 | 512 | 1024 | 32 |
| LSH-256-256 | 256 | 26 | 512 | 1024 | 32 |
| LSH-512-224 | 224 | 28 | 1024 | 2048 | 64 |
| LSH-512-256 | 256 | 28 | 1024 | 2048 | 64 |
| LSH-512-384 | 384 | 28 | 1024 | 2048 | 64 |
| LSH-512-512 | 512 | 28 | 1024 | 2048 | 64 |
Initialization
Let be a given bit string message.The given is padded by one-zeros, i.e., the bit ‘1’ is appended to the end of, and the bit ‘0’s are appended until a bit length of a padded message is, where and is the smallest integer not less than.
Let be the one-zeros-padded -bit string of.
Then is considered as a -byte array, where for all.
The -byte array converts into a -word array as follows.
From the word array, we define the 32-word array message blocks as follows.
The 16-word array chaining variable is initialized to the initialization vector.
The initialization vector is as follows.
In the following tables, all values are expressed in hexadecimal form.
| 068608D3 | 62D8F7A7 | D76652AB | 4C600A43 | BDC40AA8 | 1ECA0B68 | DA1A89BE | 3147D354 |
| 707EB4F9 | F65B3862 | 6B0B2ABE | 56B8EC0A | CF237286 | EE0D1727 | 33636595 | 8BB8D05F |
| 46A10F1F | FDDCE486 | B41443A8 | 198E6B9D | 3304388D | B0F5A3C7 | B36061C4 | 7ADBD553 |
| 105D5378 | 2F74DE54 | 5C2F2D95 | F2553FBE | 8051357A | 138668C8 | 47AA4484 | E01AFB41 |
| 0C401E9FE8813A55 | 4A5F446268FD3D35 | FF13E452334F612A | F8227661037E354A |
| A5F223723C9CA29D | 95D965A11AED3979 | 01E23835B9AB02CC | 52D49CBAD5B30616 |
| 9E5C2027773F4ED3 | 66A5C8801925B701 | 22BBC85B4C6779D9 | C13171A42C559C23 |
| 31E2B67D25BE3813 | D522C4DEED8E4D83 | A79F5509B43FBAFE | E00D2CD88B4B6C6A |
| 6DC57C33DF989423 | D8EA7F6E8342C199 | 76DF8356F8603AC4 | 40F1B44DE838223A |
| 39FFE7CFC31484CD | 39C4326CC5281548 | 8A2FF85A346045D8 | FF202AA46DBDD61E |
| CF785B3CD5FCDB8B | 1F0323B64A8150BF | FF75D972F29EA355 | 2E567F30BF1CA9E1 |
| B596875BF8FF6DBA | FCCA39B089EF4615 | ECFF4017D020B4B6 | 7E77384C772ED802 |
| 53156A66292808F6 | B2C4F362B204C2BC | B84B7213BFA05C4E | 976CEB7C1B299F73 |
| DF0CC63C0570AE97 | DA4441BAA486CE3F | 6559F5D9B5F2ACC2 | 22DACF19B4B52A16 |
| BBCDACEFDE80953A | C9891A2879725B3E | 7C9FE6330237E440 | A30BA550553F7431 |
| BB08043FB34E3E30 | A0DEC48D54618EAD | 150317267464BC57 | 32D1501FDE63DC93 |
| ADD50F3C7F07094E | E3F3CEE8F9418A4F | B527ECDE5B3D0AE9 | 2EF6DEC68076F501 |
| 8CB994CAE5ACA216 | FBB9EAE4BBA48CC7 | 650A526174725FEA | 1F9A61A73F8D8085 |
| B6607378173B539B | 1BC99853B0C0B9ED | DF727FC19B182D47 | DBEF360CF893A457 |
| 4981F5E570147E80 | D00C4490CA7D3E30 | 5D73940C0E4AE1EC | 894085E2EDB2D819 |