[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: byte order



In message <9804142138.AA13847@kona.xedia.com>, Paul Koning writes:

> RFC 1851 explicitly discusses byte order for (3)DES, but the current
> I-Ds appear not to do so.

Yes, RFC 1851 mentions byte-order. IMHO, it is unecessary and confusing.


> I assume the various flavors of DES are indeed still big endian.  What 
> about SHA1?  Is it little endian by analogy to MD5?

The only real byte-order issue with MD5 and SHA1 is *internal*. The input and
output are defined as bit-strings, with a well-defined byte and word ordering
defined as part of the algorithms themselves. The IPsec transforms treat those
objects as opaque, and simply preserve order.

In the case of DES, the inputs and outputs are all octet strings, at least in
every definition I've seen.

(There was an implementation of MD5 in a library that output the digest in the
wrong order (last byte first). This was purely an implementation error.)

-- 
Harald Koch <chk@utcc.utoronto.ca>


Follow-Ups: References: