Abstract
Fourteen candidates have been selected for further review in the second round of the SHA-3 competition being held by the National Institute of Standards and Technology (NIST), aimed at selecting a new cryptographic hash algorithm. One of these candidates is Skein, a simple, fast, and secure hash function proposed by a team including Niels Ferguson and Bruce Schneier.
At its core, Skein uses only three primitive operations, including exclusive-or, unsigned addition, and rotations; however, the speed and simplicity that such a design provides is irrelevant if the resulting algorithm is not secure. As public scrutiny of the remaining hash function candidates continues, one of the most fundamental aspects that must be questioned is the security that is provided by the algorithms.
Security analyses have been conducted both on the Skein algorithm itself as well as the main component of the hash function, the Threefish block cipher. Throughout the published works thus far, no security attacks extend to the full Skein hash, providing supporting evidence that Skein is not only a simple and fast hash function, but it is also secure. An examination of these proposed attacks against the Threefish block cipher will be summarized.
Deliverables
Presentation PDF PPT
Summary Paper PDF DOC
References
[1]
N. Ferguson, S. Lucks, B. Schneier, D. Whiting, M. Bellare, T. Kohno, J. Callas, J. Walker. The Skein Hash Function Family v1.2. Available online at http://www.skein-hash.info/sites/default/files/skein1.2.pdf, September 2009.
[2] M. Bellare, T. Kohno, S. Lucks, N. Ferguson, B. Schneier, D. Whiting, J. Callas, J. Walker. Provable Secuirty Support for the Skein Hash Family. Available online at http://www.skein-hash.info/sites/default/files/skein-proofs.pdf, April 2009.
[3] J. Aumasson, C. Calik, W. Meier, O. Ozen, R. Phan, K. Varici. Improved Cryptanalysis of Skein. In Advances in Cryptology - ASIACRYPT 2009, volume 5912 of Lecture Notes in Computer Science. Springer, Berlin, Germany, 2009.
[4] A. Schorr. Performance Analysis of a Scalable Hardware FPGA Skein Implementation. Master’s thesis, Rochester Institute of Technology, Rochester, New York, February 2010.
[5] P. Hoffman, B. Schneier. Attacks on Cryptographic Hashes in Internet Protocols. RFC 4270: Network Working Group. November 2005. Available online at http://tools.ietf.org/html/rfc4270