2010/12/4 Permjacov Evgeniy
near cryptographic) security. To quote Wikipedia again: "The avalanche effect is evident if, when an input is changed slightly (for example, flipping a single bit) the output changes significantly (e.g., half the output bits flip)." This simply means, that active set of bits must be at least of the size of final value and value to be added must be added somehow to every byte in active set. The simplest way to do it is multiplication of vector [active-state-bits++current-byte] and some matrix of size [resulting bytes count|resulting bytes count + 1] (of cource, not in floating-point math, but, for example, using modulo-256 arithmetic or even hand-coded tables for "mul" and "sum"). This, of course, means, that byte-streaming hashes needs some initial seed (that must be paired with resulting value to check) and that every byte will cause much operations to perform, resulting in poor performance. So, the conclusion is: byte-streaming hashes are possible, but because of requirements definitly will have poor performance, much worse then block ones. Am I correct?
I think you are correct. PS The note about matrices is interesting one. The total matrix should be dense, but we could factor it. For example, by multiplying two N wide and M wide band matrices we will get (N+M) wide band matrix. You are free to choose multiplication and addition operations, like addition could be XOR and multiplication could be ROTATE_LEFT (like in RC5). I did a little experiment: http://thesz.mskhug.ru/svn/cryptomatrix/ Just to demonstrate interesting properties of your suggestion.