The hashtest package consists of 4 utilities (avalanche, collision, maurer, anfs) for testing/measuring characteristics of cryptographic hash functions. The utilities perform operations on pluggable hash-function implementations. 6 such implementations are bundled into the package: md5, sha1, edonc128, edonc160, edonr128, edonr160. It is not complicated to introduced new hash-plugins, as descibed on this page.
Further details on the architecture may be found in the thesis and in the commented source files.
Details on compiling the utilities and plugin-hashes can be found in the buildall.sh and buildall.bat scripts in the software package archive.
testovi.sh and testovi.bat files. The full meaning of tests and their arguments may not be graspable without reading the thesis or related papers.
avalanche [seq|rho] iterations plugin-hash
is used for measure the avalanche property. The walk through the space of originals (inputs to the hash function) can be done in two ways:
seq : sequentially, when the next value for the original is the previous value incremented by one; gives a more localized picturerho : with the rho-method, when the next input to the hash function is the previous output; gives a picture more uniformly distributed through-out the space of originalsiterations determines the size of the statistical sample.
collision [full|<bits>] plugin-hash
is used for searching full or partial (bits) collisions. A partial collision is a case where two hash values have a Hamming distance greater than a number of bits.
The originals' space is traversed with the rho-method (explaned above), which reduces the memory complexity of the problem to O(const), whereas the time complexity is only multiplied by a constant factor. [Knuth, The Art of Computer Programming, Volume 2, section 3.1, example 6]
In practice, if we first run avalanche on the hash function and note the maximum number of bit changes, a partial collision of this value bits is easily found.
maurer [short|normal|long] plugin-hash
performs a Maurer's universal statistical test (see thesis or papers) on the outputs of hash function, thus giving a picture of the hash function as a random number generator. The parameters determine the size of the statistical sample.
short : 6553600 iterations, which is below the suggested sample size for the test, but finishes quicklynormal : 65536000 iterations, which is a suggested minimum for the sample sizelong : 655360000 iterations, which is a solid sample size; it is questionable, nevertheless, concerning numerical cut-offs, whether increasing the number of iterations is reasonableanfs [1|2|3] plugin-hash
performs a Mobius statistical ANF analysis on the hash functions as a Boolean function. A degree of 1 to 3 is the degree of the ANF of that function. Linear increase in the degree, means a exponential increase in the problem complexity. For more information see the thesis or papers.
Pluggable hash function modules follow an interface. When developing a plugin for a hash function, only the following interface functions need be implemented:
/* returns the (fixed) bit length of the input data */ extern u16 hash_input_bit_length(); /* returns the (fixed) bit length of the hash value */ extern u16 hash_output_bit_length(); /* returns a unique string identifying the hash function (shown in the GUI) */ extern char *hash_name(); /* returns a string of description of the hash function (shown in the GUI) */ extern char *hash_description(); /* a procedure for initializing the hash function */ extern void hash_startup(); /* a procedure for de-initializing the hash function */ extern void hash_shutdown(); /* Calculates the hash for 'data' and stores it in 'hash_value' * returns 1 if everything went on OK, or 0 if something in the * internal implementation of the hash transform caused failure */ extern int hash_transform(byte*,byte*);And the following headers need be included:
#include "../defs.h" #include "hash_interface.h"For more details (and especially for a minor modification when compiling with Microsoft Visual C) see
hash_interface.h itself. Also, the bundled plugin-hashes are examples of implementing this interface.
The module is ready to be used in the 4 utilites after it is compiled as a dynamic library (.dll or .so). With the GNU C Compiler it is done with a command like:
gcc -O3 -o hash_md5.o -c hash/hash_md5.c
ld -shared -O3 -o md5.so hash_md5.o
With the Microsoft Visual Studio C compiler it is done with a command like:
cl /G6 /Ox /LD /DMSVC hash\hash_md5.c /Femd5.dll
See buildall.sh and buildall.bat for building examples. You may also be interested in optimizing the performance of the plugins by using compiler optimization and architecture options.