Skein (hash function)
|Designers||Bruce Schneier, Niels Ferguson, et al.|
|Rounds||72 (256 & 512 block size), 80 (1024 block size)|
|Speed||6.1 cpb on Core 2.|
Skein is a cryptographic hash function and one of five finalists in the NIST hash function competition. Entered as a candidate to become the SHA-3 standard, the successor of SHA-1 and SHA-2, it ultimately lost to NIST hash candidate Keccak.
Skein supports internal state sizes of 256, 512 and 1024 bits, and arbitrary output sizes.
The core of Threefish is based on a MIX function that transforms 2 64-bit words using a single addition, rotation by a constant and XOR. The UBI chaining mode combines an input chaining value with an arbitrary length input string and produces a fixed size output.
Threefish's nonlinearity comes entirely from the combination of addition operations and exclusive-ORs; it does not use S-boxes. The function is optimized for 64-bit processors, and the Skein paper defines optional features such as randomized hashing, parallelizable tree hashing, a stream cipher, personalization, and a key derivation function.
Examples of Skein hashes
Hash values of empty string.
Skein-256-256("") 0x c8877087da56e072870daa843f176e9453115929094c3a40c463a196c29bf7ba Skein-512-256("") 0x 39ccc4554a8b31853b9de7a1fe638a24cce6b35a55f2431009e18780335d2621 Skein-512-512("") 0x bc5b4c50925519c290cc634277ae3d6257212395cba733bbad37a4af0fa06af41fca7903d06564fea7a2d3730dbdb80c1f85562dfcc070334ea4d1d9e72cba7a
Even a small change in the message will (with overwhelming probability) result in a mostly different hash, due to the avalanche effect. For example, adding a period to the end of the sentence:
Skein-512-256("The quick brown fox jumps over the lazy dog") 0x b3250457e05d3060b1a4bbc1428bc75a3f525ca389aeab96cfa34638d96e492a Skein-512-256("The quick brown fox jumps over the lazy dog.") 0x 41e829d7fca71c7d7154ed8fc8a069f274dd664ae0ed29d365d919f4e575eebb Skein-512-512("The quick brown fox jumps over the lazy dog") 0x 94c2ae036dba8783d0b3f7d6cc111ff810702f5c77707999be7e1c9486ff238a7044de734293147359b4ac7e1d09cd247c351d69826b78dcddd951f0ef912713 Skein-512-512("The quick brown fox jumps over the lazy dog.") 0x 658223cb3d69b5e76e3588ca63feffba0dc2ead38a95d0650564f2a39da8e83fbb42c9d6ad9e03fbfde8a25a880357d457dbd6f74cbcb5e728979577dbce5436
In October 2010, an attack that combines rotational cryptanalysis with the rebound attack was published. The attack finds rotational collisions for 53 of 72 rounds in Threefish-256, and 57 of 72 rounds in Threefish-512. It also affects the Skein hash function. This is a follow-up to the earlier attack published in February, which breaks 39 and 42 rounds respectively.
The Skein team tweaked the key schedule constant for round 3 of the NIST hash function competition, to make this attack less effective, even though they believe the hash would still be secure without these tweaks.
- Ferguson; et al. (2010-10-01). "The Skein Hash Function Family" (PDF).
- "NIST Selects Winner of Secure Hash Algorithm (SHA-3) Competition". NIST. Retrieved 2012-10-02.
|last1=in Authors list (help)
- "Now From Bruce Schneier, the Skein Hash Function". Slashdot. Retrieved 2008-10-31.
|last1=in Authors list (help)
- Paper describing the hash function, Version 1.3 (2010-10-01)
- Dmitry Khovratovich, Ivica Nikolic, Christian Rechberger (2010-10-20). "Rotational Rebound Attacks on Reduced Skein".
- Dmitry Khovratovich and Ivica Nikolić (2010). "Rotational Cryptanalysis of ARX" (PDF). University of Luxembourg.
- SPARKSkein - an implementation of Skein in SPARK, with proofs of type-safety
- Botan contains a C++ implementation of Skein-512
- nskein - A .NET implementation of Skein with support for all block sizes
- Skein module for Python
- Digest::Skein, an implementation in C and Perl
- A C# implementation of Skein and Threefish (based on version 1.3)
- A Java implementation of Skein (based on version 1.1)
- An implementation of Skein in Ada
- Skein hash function for Erlang, via NIFs
- Skein 512-512 implemented in Bash
- Skein implemented in Haskell
- VHDL source code developed by the Cryptographic Engineering Research Group (CERG) at George Mason University
- Skein implemented in Ruby
- An efficient implementation of Skein-256 for 8-bit Atmel AVR microcontrollers, meeting the performance estimates outlined in the official specification