Jump to content

Skein (hash function)

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by Two Bananas (talk | contribs) at 21:26, 16 September 2013 (Updated links from CPAN to MetaCPAN). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

For other uses, see Skein.
Skein
Threefish word permutation
General
DesignersBruce Schneier, Niels Ferguson
Derived fromThreefish
CertificationSHA-3 finalist
Detail
Digest sizesarbitrary
Rounds72 (256 & 512 block size), 80 (1024 block size)
Speed6.1 cpb on Core 2.[1]

Skein is a cryptographic hash function and one out of five finalists in the NIST hash function competition. Entered as a candidate to become the SHA-3 standard, the successor of SHA-1 and SHA-2, it ultimately lost to NIST hash candidate Keccak.[2]

The name Skein refers to how the Skein function intertwines the input, similar to a skein of yarn.[1]

History

Skein was created by Bruce Schneier, Stefan Lucks, Niels Ferguson, Doug Whiting, Mihir Bellare, Tadayoshi Kohno, Jon Callas and Jesse Walker.

Skein is based on the Threefish tweakable block cipher compressed using Unique Block Iteration (UBI) chaining mode while leveraging an optional low-overhead argument-system for flexibility.

Functionality

Skein supports internal state sizes of 256, 512 and 1024 bits, and arbitrary output sizes.[3]

The authors claim 6.1 cycles per byte for any output size on an Intel Core 2 Duo in 64-bit mode.[4]

The core of Threefish is based on a MIX function that transforms 2 64-bit words using a single addition, rotation by a constant and XOR. The UBI chaining mode combines an input chaining value with an arbitrary length input string and produces a fixed size output.

  • Threefish Mix Function
    Threefish Mix Function

Threefish's nonlinearity comes entirely from the combination of addition operations and exclusive-ORs; it does not use S-boxes. The function is optimized for 64-bit processors, and the Skein paper defines optional features such as randomized hashing, parallelizable tree hashing, a stream cipher, personalization, and a key derivation function.

Cryptanalysis

In October 2010, an attack that combines rotational cryptanalysis with the rebound attack was published. The attack finds rotational collisions for 53 of 72 rounds in Threefish-256, and 57 of 72 rounds in Threefish-512. It also affects the Skein hash function.[5] This is a follow-up to the earlier attack published in February, which breaks 39 and 42 rounds respectively.[6]

The Skein team tweaked the key schedule constant for round 3 of the NIST hash function competition, to make this attack less effective, even though they believe the hash would be secure even without these tweaks.[1]

References

  1. ^ a b c Ferguson; et al. (2010-10-01). "The Skein Hash Function Family" (PDF). {{cite journal}}: Cite journal requires |journal= (help); Explicit use of et al. in: |author= (help)
  2. ^ "NIST Selects Winner of Secure Hash Algorithm (SHA-3) Competition". NIST. Retrieved 2012-10-02. {{cite web}}: |first= has numeric name (help); |first= missing |last= (help)
  3. ^ "Now From Bruce Schneier, the Skein Hash Function". Slashdot. Retrieved 2008-10-31. {{cite web}}: |first= has numeric name (help); |first= missing |last= (help)
  4. ^ Paper describing the hash function, Version 1.3 (2010-10-01)
  5. ^ Dmitry Khovratovich, Ivica Nikolic, Christian Rechberger (2010-10-20). "Rotational Rebound Attacks on Reduced Skein". {{cite journal}}: Cite journal requires |journal= (help)CS1 maint: multiple names: authors list (link)
  6. ^ Dmitry Khovratovich and Ivica Nikolić (2010). "Rotational Cryptanalysis of ARX" (PDF). University of Luxembourg. {{cite journal}}: Cite journal requires |journal= (help)

External links

Implementations

Retrieved from "https://en.wikipedia.org/w/index.php?title=Skein_(hash_function)&oldid=573214313"