Month: August 2017

SHA-3 Hash Construction

· 1 Comment ·

Keccak hash (or SHA-3, a ‘qualified successor’ to SHA-2) is a hash function based on interesting and novel ideas and claims to be post-quantum sufficient or quantum resistant.

Some Keccak sponge-hash-function pointers:

A sponge function is a generalization of both a) hash functions, which have a fixed output length, and b) stream ciphers (=state cipher), which have a fixed input length.

Random sponge = Random permutation

The sponge construction:

First, the input string is padded with a reversible padding rule and cut into blocks of r bits. Then the b bits of the state are initialized to zero and the sponge construction proceeds in two phases:

  • In the absorbing phase, the r-bit input blocks are XORed into the first r bits of the state, interleaved with applications of the function f, a fixed length permutation/transformation function function. When all input blocks are processed, the sponge construction switches to the squeezing phase.
  • In the squeezing phase, the first r bits of the state are returned as output blocks, interleaved with applications of the function f. The number of output blocks is chosen at will by the user.

The last c bits of the state are never directly affected by the input blocks and are never output during the squeezing phase.”

https://keccak.team/keccak_specs_summary.html

https://stackoverflow.com/questions/45158351/sha-3-in-python-implementation

https://stackoverflow.com/questions/43063282/qcryptographichash-what-is-sha3-here-in-reality

What security does Keccak offer against quantum attacks, specifically Grover’s algorithm?

“SHA-3 was designed to be very efficient in hardware but is relatively slow in software. SHA-3 takes about double the time compared to SHA-2 to run in software and about a quarter of the time to run in hardware.” This makes it less suitable than SHA-2 for key stretching, at least against an attacker that is hardware equipped.

The advantage of SHA-3 is that a computationally-simpler SHA-3(key | data) can suffice as a MAC.”

Differences between SHA-2 and SHA-3 – https://stackoverflow.com/questions/14356526/whats-the-difference-between-the-hash-algorithms-sha-2-and-sha-3

Discussion of git and it’s use of SHA-1 and SHA-2 hashes – https://stackoverflow.com/questions/28159071/why-doesnt-git-use-more-modern-sha/