Talk:Whirlpool (hash function)

Shameless plug disclaimer
Since the original Whirlpool page has basically put the first two revisions of WHIRLPOOL in a memory hole, I have created a tarball of some code which generates hashes for all three versions of WHIRLPOOL and linked to it on the page. And, yes, everyone should use WHIRLPOOL v3 (the current revision). Samboy 12:18, 12 Jun 2005 (UTC)


 * Great investigation, Samboy! I would like to share also my findings with you. In the document of the 1st revision the WHIRLPOOL authors, Paulo Barreto and Vincent Rijmen tell us: "We propose renaming the original algorithm Whirlpool-0 and using the term Whirlpool for the final, modified version that uses the improved S-box design." Unfortunately, they didn't make a suggestion anymore about algorithm names of previous designs in their 2nd revision doc. However, if we take the words of the 1st revision doc into account, the original algorithm should be named Whirlpool-0 rather than Whirlpool1. Jonelo 5 July 2005 21:06 (UTC)


 * An additional shameless plug disclaimer: a Java implementation of all three revisions of Whirlpool can be found at http://www.jonelo.de/java/jacksum - Jonelo 04:27, 17 May 2006 (UTC)

Definition of Whirlpool
SHA-* got very nice looking definition in pseudo code for the functions. Can someone add this to whirlpool?

Avalanche Effect
The note describing the Avalanche Effect seems (to me) to end in an incorrect statement.

"Even a small change in the message will (with an extremely likely probability of 1-10-154) result in a completely different hash, e.g. changing d to e, resulting in a message that differs only in one single bit:"

This last part contradicts the first part of the sentence ("completely different hash"). The explanations on the SHA1 and RIPEMD pages do not contain this addition.

Am I wrong?

-- Node3 18:48, 19 October 2006


 * Yes, you missunderstood the sentence. It means THE MESSAGE is changed one bit, thus causing THE HASH SUM to change many bits. Say you have this message: "The d day" and change it to "The e day". That means we change only one bit in the message . That is the bit that causes the middle character in that message to become an "e" instead of a "d". Since d = 1100100 and e = 1100101, at least if using any of the usual character sets. But yeah, that sentence is easy to missunderstand and probably should be changed to something clearer. Perhaps with a link to avalanche effect.


 * Besides that sentence expresses the collision risk in a hard to understand way. It is a 512 bit hash sum thus the collision risk is about 1 in 2512. That corresponds to 1 in 10154. Which can be expressed as the non-collisions are 1 - 2-512 or 1 - 10-154 (that is 0.99999...) but that is an awkward way to state it. I'd prefer to say something like: "Since it is a 512 bit hash sum the risk of getting the same hash sum is about 1 in 2512."


 * --David Göthberg 22:51, 19 October 2006 (UTC)

Editing
In the statement "Even a small change in the message will (with an extremely likely probability of 1-10-154) result in a completely different hash, e.g. changing d to e, resulting in a message that differs only in one single bit:", the part sentence itself as well as the blocked demonstrations of the algorithm seem to contradict what is contained in the parenthesis.

-- ASBands 23:16, 27 October 2006

Weakness?
The article contains the following statement:
 * For hashes of data shorter than 32 bits (4 bytes) -- and equally so for hashes of data shorter than 64 bits (8 bytes) -- this hash function has some of the same fundamental problems of hashes like MD5 or SHA-1.

This statement is very unclear and a reader has to guess what kind of weakness is meant. One property that CRCs have but that cryptographic hash functions usually are lacking is this: If only a certain number of bits in two messages are different then the CRC of the two messages are different. Cryptographic hashes don't come with such a guarantee, but since they are not meant to be used for error correction that is not a weakness. Thus I think the paragraph should be removed. 85.2.32.244 09:40, 9 June 2007 (UTC)

Hash bits
Isn't everything said about its hashing exactly the same as with any hashing algorithm? I mean, yeah, if you add characters to the string to be hashed, or change them, you should get a totally different hash, and hashing an empty string also generates a hash. I'm not sure why it is worth noting here in particular. --24.147.86.187 22:53, 31 August 2007 (UTC)

Programming examples
I've removed the "Programming examples" section with the explanation "the API that individual programming languages use for WHIRLPOOL isn't that relevant to the algorithm itself." I appreciate the efforts of those who added the examples to the article, but they're more usage instructions than anything, which are available in the documentation for the libraries (linked in the "External links" section). The section was:

If you have any objections, feel free to mention them. Grace notes T § 05:46, 27 April 2009 (UTC)

My version is broken for files larger than 4k
My version of Whirlpool is broken for files larger than 4k; link removed until when and if I fix this bug. Samboy (talk) 16:41, 2 May 2009 (UTC)

External links section critique
Is it really necessary to provide a link to some implementation in nearly every programming language? If yes, I'll add one for the DEC open source library for Delphi as well, as that one has a Whirlpool implementation as well (all three versions) and this is not the only Delphi library providing this algorithm. => my suggestion is to remove all those links only pointing to some particular implementation in some particular programming language! --79.212.57.181 (talk) 21:43, 6 May 2020 (UTC)