NIST created a competition for SHA-3, and it was Keccak that was crowned the champion. Since then, SHA-3 has received good adoption levels, but you’ll also see BLAKE2 — one of the finalists — being used in many applications. Keccak won because it was fast, and where BLAKE2 was submitted too late to compete against it. Since many have seen BLAKE2 as the better alternative [article]. So, in 2016, the Keccak research team came up with a new method: KangarooTwelve. For this they managed to get significant speed improvements and managed to reduce the number of rounds from 24 to 12 (and with a security level of around 128 bits). A new method of tree hashing has also been added, and which supports the parallel hashing of large files [article].
KangarooTwelve using CIRCL |
Outline
NIST created a competition for SHA-3, and it was Keccak that was crowned the champion. Since then, SHA-3 has received good adoption levels, but you’ll also see BLAKE2 — one of the finalists — being used in many applications. Keccak won because it was fast, and where BLAKE2 was submitted too late to compete against it. Since many have seen BLAKE2 as the better alternative [here]. We see here that BLAKE2 (BLAKE2b — the 64-bit version — and BLAKE2s) performs much better than SHA3 implementations:
BLAKE2b improved its speed by reducing the number of rounds from 16 to 12 and where BLAKE2s went from 14 to 10 rounds, with respect to BLAKE. BLAKE2bvhad been benchmarked as being faster than MD5 and using 30% less memory, along with a 25% speed improvement over BLAKE.
So, in 2016, the Keccak research team came up with a new method: KangarooTwelve. For this, they got significant speed improvements and reduced the number of rounds from 24 to 12 (with a security level of around 128 bits). A new method of tree hashing was also added, and which supports the parallel hashing of large files [here]:
SHA-3
SHA-3 was known as Keccak and is a hash function designed by Guido Bertoni, Joan Daemen, Michaël Peeters, and Gilles Van Assche. MD5 and SHA-0 have been shown to be susceptible to attacks, along with theoretical attacks on SHA-1. NIST thus defined there was a need for a new hashing method which did not use the existing methods for hashing and competition for competing algorithms.
In October 2012, Keccak won the NIST hash function competition and is proposed as the SHA-3 standard. It should be noted that it is not a replacement SHA-2, which is currently a secure method. Overall Keccak uses the sponge construction where the message blocks are XORed into the initial bits of the state, and then inevitably permuted.
The sponge function takes a simple function f and involves a number of stages, and where we create a fixed output (dependent on the bit length of the hash function). Simple operations of XOR, AND, and bit shifts are used, and which leads to a fast generation of the hash function:
The f permutation function takes a variable-length input and produces an arbitrary output length. A is the bit rate, and each f function operates on b bits, and where a capacity is defined as c = b — r.
The SHAKE method is useful as it can be used to create a hash method of a variable length. The 128-bit version will produce a hash value is 32 hex characters.
Speed tests
While Blake2 manages to beat MD5 for speed, KangarooTwelve beats off the other common hashing functions — in tests for the cycles per byte — by a considerable factor:Coding
The coding is:
package main import ( "fmt" "encoding/hex" "os" "strconv" "github.com/cloudflare/circl/xof/k12" ) func main() { writeSize:=16 l:=128 argCount := len(os.Args[1:]) m:="Hello" if argCount > 0 { m = os.Args[1] } if argCount > 1 { l,_ = strconv.Atoi(os.Args[2]) } msg:=[]byte(m) h := k12.NewDraft10([]byte{}) for len(msg) > 0 { to := writeSize if len(msg) < to { to = len(msg) } _, _ = h.Write(msg[:to]) msg = msg[to:] } buf := make([]byte, l) _, _ = h.Read(buf) res := hex.EncodeToString(buf) fmt.Printf("Message: %s\n", m) fmt.Printf("Hash: %s\n", res) }
and a sample run:
Message: Hello Hash: b571a076b74451eaf4995a0b6d06aa74fdbd478a12395434e942e5610b9a0341519c240d4902cb56f8ec0e2949ff83aaab7df63902287ca1c536695b2ab20e47f4e8ac77e6ca29cc76ba4a64387c9c894bc5a011cc61a20a8eaf5b2123321a03a03ea0340bbe22aa353c6e094bcfd12cb6387292798e6cbfbfe7b318e5546e82