The DCH Hash Function

The DCH algorithm is a byte-oriented, endian-neutral, block-cipher-based hash function. It generally follows the Merkle-Damg̊ard structure [4] [11], and compression is performed via Miyaguchi-Preneel iteration [13] on successive message blocks. Each message block consists of 504 bits (63 bytes); the block is then preprocessed to form a 512-bit input to the compression function. The algorithm uses standard MD-strengthening; the final block is padded to 504 bits and one additional block is added containing the length. The compression function consists of several rounds, each of which includes a nonlinear substitution, a diffusive linear transform, and a round key addition. The message itself and the previous compression function output are then added together to generate the output. After all message blocks have been processed, the final hash function output is simply the last compression function output, truncated if necessary to meet the desired digest length. A full definition of DCH follows. Note. DCH frequently treats data bytes as elements of the Galois field GF (28); thus, additions and other operations on data bytes should be considered to be over GF (28) unless otherwise specified. This extends to text descriptions; for example, we will frequently use the term “added” to refer