FIPS 180-4 Section 5.3.6, Page 16
Denote H(0)' to be the initial hash value of SHA-512 as specified in Section 5.3.5 above.
Denote H(0)'' to be the initial hash value computed below.
H(0) is the IV for SHA-512/t.
For i= 0 to 7{
Hi(0)'' = Hi(0)' XOR a5a5a5a5a5a5a5a5 (in hex).
}
H(0) = SHA-512 (“SHA-512/t”) using H(0)'' as the IV, where *t* is the specific truncation value.
This explanation is a little bit confusing if you ask me.
H(0)' = [
0x6a09e667f3bcc908,
0xbb67ae8584caa73b,
0x3c6ef372fe94f82b,
0xa54ff53a5f1d36f1,
0x510e527fade682d1,
0x9b05688c2b3e6c1f,
0x1f83d9abfb41bd6b,
0x5be0cd19137e2179
]
H(0)'' = [
0x6a09e667f3bcc908 XOR 0xa5a5a5a5a5a5a5a5,
0xbb67ae8584caa73b XOR 0xa5a5a5a5a5a5a5a5,
0x3c6ef372fe94f82b XOR 0xa5a5a5a5a5a5a5a5,
0xa54ff53a5f1d36f1 XOR 0xa5a5a5a5a5a5a5a5,
0x510e527fade682d1 XOR 0xa5a5a5a5a5a5a5a5,
0x9b05688c2b3e6c1f XOR 0xa5a5a5a5a5a5a5a5,
0x1f83d9abfb41bd6b XOR 0xa5a5a5a5a5a5a5a5,
0x5be0cd19137e2179 XOR 0xa5a5a5a5a5a5a5a5
]
Which means, H(0)'' is now:
['cfac43c256196cad',
'1ec20b20216f029e',
'99cb56d75b315d8e',
'00ea509ffab89354',
'f4abf7da08432774',
'3ea0cd298e9bc9ba',
'ba267c0e5ee418ce',
'fe4568bcb6db84dc']
variable s = 'SHA-512/t' REPLACE t with value of t, for example 256:
variable s = 'SHA-512/256'
Now perform the normal SHA-512 algorithm on that string, but use the previously generated H(0)'' values as H for SHA-512
variable H(0) = SHA-512(s)
This results in 8 64 bit words, use thoose words as H values for your SHA-512/t algorithm.
For Example: SHA-512 with H(0)'' as H on the string 'SHA-512/256' results in this string (In Hex):
22312194FC2BF72C9F555FA3C84C64C22393B86B6F53B151963877195940EABD96283EE2A88EFFE3BE5E1E25538639922B0199FC2C85B8AA0EB72DDC81C52CA2
Or in these 8 words (Also in hex):
22312194FC2BF72C
9F555FA3C84C64C2
2393B86B6F53B151
963877195940EABD
96283EE2A88EFFE3
BE5E1E2553863992
2B0199FC2C85B8AA
0EB72DDC81C52CA2
These are the H(0) values for SHA-512/256 specifed in FIPS 180-4 Section 5.3.6.2, Page 17.