In article <··············@gondolin.local.net>, Alain Picard
<·······················@optushome.com.au> wrote:
> ;;;; Blowfish Constants.
> ;;
> ;; These values taken from constants.txt,
> ;; at counterpane.com, in the description of blowfish.
> ;; They're actually the digits of pi, in Hex.
> ;;
Here's a wizzy piece of code that will allow you to compute these values
instead of having them clutter up your source. (It's also less
error-prone.)
(defun compute-pi-hex (n &aux (p 0) r)
(dotimes (i n)
(incf p (- (/ 4 (+ 1 (* 8 i)))
(/ 2 (+ 4 (* 8 i)))
(/ 1 (+ 5 (* 8 i)))
(/ 1 (+ 6 (* 8 i)))))
(multiple-value-setq (r p) (truncate p 16))
(format t "~X" r)
(if (= (mod i 8) 1) (princ #\space))
(setf p (* p 16))))
FWIW, here's a decimal pi-computer as well:
(defun compute-pi-decimal (n &aux (p 0) r)
(dotimes (i n)
(incf p (/ (- (/ 4 (+ 1 (* 8 i)))
(/ 2 (+ 4 (* 8 i)))
(/ 1 (+ 5 (* 8 i)))
(/ 1 (+ 6 (* 8 i))))
(expt 16 i))))
(dotimes (i n)
(multiple-value-setq (r p) (truncate p 10))
(format t "~X" r)
(if (= (mod i 10) 1) (princ #\space))
(setf p (* p 10))))
E.
···@jpl.nasa.gov (Erann Gat) writes:
> In article <··············@gondolin.local.net>, Alain Picard
> <·······················@optushome.com.au> wrote:
>
> > ;;;; Blowfish Constants.
> > ;;
> > ;; These values taken from constants.txt,
> > ;; at counterpane.com, in the description of blowfish.
> > ;; They're actually the digits of pi, in Hex.
> > ;;
>
> Here's a wizzy piece of code that will allow you to compute these values
> instead of having them clutter up your source. (It's also less
> error-prone.)
>
[SNIP]
Thanks, but no thanks. If Bruce Schneier made a mistake in the constants,
at least he and I (and all other implementors in the world) are making
the same mistake. :-)
Ob. conjecture: I'm guessing that PI is used to initialize the s-boxes
because there was long standing suspicion in the cryptographic community
that NSA had diddled the s-boxes of DES (presumably to give themselves
a back door). Bruce probably thought that using PI only gives God a
back door.
Ob lisp: I've metered my code a bit more, and CMU is > 120X faster
that Lispworks. Those kernel:32bit-logical-xor functions sure do
make a difference. I've been reading the fast modulo exponentiation
thread with interest; there doesn't seem to be an API in LW to do
this 32bit diddling, and even if there were, I suspect all the return
values would still have to be coerced to bignums, sort of defeating the
purpose. I'm starting to think CMUCL is pretty cool.
In article <··············@gondolin.local.net>, Alain Picard
<·······················@optushome.com.au> wrote:
> ···@jpl.nasa.gov (Erann Gat) writes:
>
> > In article <··············@gondolin.local.net>, Alain Picard
> > <·······················@optushome.com.au> wrote:
> >
> > > ;;;; Blowfish Constants.
> > > ;;
> > > ;; These values taken from constants.txt,
> > > ;; at counterpane.com, in the description of blowfish.
> > > ;; They're actually the digits of pi, in Hex.
> > > ;;
> >
> > Here's a wizzy piece of code that will allow you to compute these values
> > instead of having them clutter up your source. (It's also less
> > error-prone.)
> >
> [SNIP]
>
> Thanks, but no thanks. If Bruce Schneier made a mistake in the constants,
> at least he and I (and all other implementors in the world) are making
> the same mistake. :-)
Well, you can check the algorithm against Bruce's constants once to
convince yourself that he got them right, then use the algorithm to
protect yourself against future typos and bit-rot. But whatever.
E.
···@jpl.nasa.gov (Erann Gat) writes:
> > Thanks, but no thanks. If Bruce Schneier made a mistake in the constants,
> > at least he and I (and all other implementors in the world) are making
> > the same mistake. :-)
>
> Well, you can check the algorithm against Bruce's constants once to
> convince yourself that he got them right, then use the algorithm to
> protect yourself against future typos and bit-rot. But whatever.
...but isn't the usage of pi in blowfish pretty random anyway (just
used as a useful non-repeating pattern)?
--
(espen)
Espen Vestre <·····@*do-not-spam-me*.vestre.net> writes:
> ...but isn't the usage of pi in blowfish pretty random anyway (just
> used as a useful non-repeating pattern)?
Of course it is (*), here's a quote from B. Schneier:
I chose the digits of pi as the initial subkey table for two
reasons: because it is a random sequence not related to the
algorithm, and because it could either be stored as part of the
algorithm or derived when needed. There is nothing sacred about pi;
any string of random bits--digits of e, RAND tables, output of a
random number generator--will suffice.
(http://www.counterpane.com/bfsverlag.html)
(*) I apologize for posting before I had checked my bookmarks.
--
(espen)