The described processing steps are ambiguous. In particular SHR and SHL give different results on different machines and with signed and unsigned values The description of the hash algorithm shall be made informative. We suggest that in the first section of this part of the document a recommendation is made to use existing security hash algorithms e.g. FIPS 180 compliant algorithms. It should be emphasized that the described hash algorithm is for backwards compatibility only.

Proposed Disposition of DIS 29500 Comment DK-0158 (Modified: 2008-01-13) Agreed; to ensure this process is described in a platform-independent manner, the following changes will be made in Part 4, §2.15.1.28, page 1,158, line 15: The following steps assume that all words are unsigned, the word size is two bytes, and that bit-level SHL/SHR operations shift in the direction of the highest-order and lowest-order bit, respectively. [Example: 0x61 SHR 1 is 0xC2, as 01100001 shifted one position in the direction of its highest-order bit is 11000010. end example] First, t T he password shall be hashed using the following algorithm: Similar Comments: BR-0005 , CA-0017 , GB-0222 , IR-0014 , KE-0022 , PT-0041 , US-0054