This repository was archived by the owner on May 20, 2025. It is now read-only.
This repository was archived by the owner on May 20, 2025. It is now read-only.
Strange logic in kerl_squeeze #20
Description
kerl_squeeze function produces trits in chunks by HASH_LENGTH_TRIT. The code here looks suspicious.
First, it reinitializes keccak state and absorbs (inverted) bits that have just been squeezed. This makes the next HASH_LENGTH_TRIT output trits completely dependent on the previous ones (but not the secret state maintained by keccak state). This may potentially reduce security of the hash/tag/key produced.
Second, if the length of the output is HASH_LENGTH_TRIT then the lines mentioned just waste computational resources without producing any result, unless the new state is going to be used later. But in that case security may be compromised due to the first note above.