Skein (hash function)

Skein is a

Keccak.^[2]

The name Skein refers to how the Skein function intertwines the input, similar to a skein of yarn.^[1]

History

Skein was created by Bruce Schneier, Niels Ferguson, Stefan Lucks, Doug Whiting, Mihir Bellare, Tadayoshi Kohno, Jon Callas and Jesse Walker.

Skein is based on the

Matyas–Meyer–Oseas hash mode,^[3]

while leveraging an optional low-overhead argument-system for flexibility.

Skein's algorithm and a reference implementation was given to public domain.^[4]

Functionality

Skein supports internal state sizes of 256, 512 and 1024 bits, and arbitrary output sizes.^[5]

The authors claim 6.1

cycles per byte for any output size on an Intel Core 2 Duo in 64-bit mode.^[6]

The core of Threefish is based on a MIX function that transforms 2 64-bit words using a single addition, rotation by a constant and XOR. The UBI chaining mode combines an input chaining value with an arbitrary length input string and produces a fixed size output.

Threefish's

parallelizable tree hashing, a stream cipher, personalization, and a key derivation function

.

Cryptanalysis

In October 2010, an attack that combines rotational cryptanalysis with the rebound attack was published. The attack finds rotational collisions for 53 of 72 rounds in Threefish-256, and 57 of 72 rounds in Threefish-512. It also affects the Skein hash function.^[7] This is a follow-up to the earlier attack published in February, which breaks 39 and 42 rounds respectively.^[8]

The Skein team tweaked the key schedule constant for round 3 of the NIST hash function competition, to make this attack less effective, even though they believe the hash would still be secure without these tweaks.^[1]

Examples of Skein hashes

Hash values of empty string.

Skein-256-256("")
c8877087da56e072870daa843f176e9453115929094c3a40c463a196c29bf7ba
Skein-512-256("")
39ccc4554a8b31853b9de7a1fe638a24cce6b35a55f2431009e18780335d2621
Skein-512-512("")
bc5b4c50925519c290cc634277ae3d6257212395cba733bbad37a4af0fa06af41fca7903d06564fea7a2d3730dbdb80c1f85562dfcc070334ea4d1d9e72cba7a

Even a small change in the message will (with overwhelming probability) result in a mostly different hash, due to the avalanche effect. For example, adding a period to the end of the sentence:

Skein-512-256("The quick brown fox jumps over the lazy dog")
b3250457e05d3060b1a4bbc1428bc75a3f525ca389aeab96cfa34638d96e492a
Skein-512-256("The quick brown fox jumps over the lazy dog.")
41e829d7fca71c7d7154ed8fc8a069f274dd664ae0ed29d365d919f4e575eebb
Skein-512-512("The quick brown fox jumps over the lazy dog")
94c2ae036dba8783d0b3f7d6cc111ff810702f5c77707999be7e1c9486ff238a7044de734293147359b4ac7e1d09cd247c351d69826b78dcddd951f0ef912713
Skein-512-512("The quick brown fox jumps over the lazy dog.")
658223cb3d69b5e76e3588ca63feffba0dc2ead38a95d0650564f2a39da8e83fbb42c9d6ad9e03fbfde8a25a880357d457dbd6f74cbcb5e728979577dbce5436

References

^ ^a ^b ^c Ferguson; et al. (2010-10-01). "The Skein Hash Function Family" (PDF). Archived from the original (PDF) on 2014-08-24. Retrieved 2010-12-15. {{cite journal}}: Cite journal requires |journal= (help)
NIST
. 2012-10-02. Retrieved 2012-10-02.

^ http://www.skein-hash.info/sites/default/files/skein1.3.pdf Archived 2014-08-24 at the Wayback Machine p. 6

^ skein_NIST_CD_121508.zip Archived 2016-06-10 at the Wayback Machine on skein-hash.info, skein.c "Implementation of the Skein hash function. Source code author: Doug Whiting, 2008. This algorithm and source code is released to the public domain."

^ "Now From Bruce Schneier, the Skein Hash Function". Slashdot. 2008-10-31. Retrieved 2008-10-31.

^ "Paper describing the hash function, Version 1.3 (2010-10-01)" (PDF). Archived from the original (PDF) on 2014-08-24. Retrieved 2010-12-15.

^ Dmitry Khovratovich; Ivica Nikolic; Christian Rechberger (2010-10-20). "Rotational Rebound Attacks on Reduced Skein". Cryptology ePrint Archive.

^ Dmitry Khovratovich & Ivica Nikolić (2010). "Rotational Cryptanalysis of ARX" (PDF). University of Luxembourg. Archived from the original (PDF) on 2013-01-26. Retrieved 2010-10-25. {{cite journal}}: Cite journal requires |journal= (help)

External links

Official Skein website (dead, Wayback Machine archive)

Bruce Schneier's Skein webpage

Implementations

SPARKSkein – an implementation of Skein in SPARK, with proofs of type-safety

Botan contains a C++ implementation of Skein-512

nskein – a .NET implementation of Skein with support for all block sizes

pyskein Skein module for Python

PHP-Skein-Hash Skein hash for PHP on GitHub

Digest::Skein, an implementation in C and Perl

skeinfish A C# implementation of Skein and Threefish (based on version 1.3)

Java, Scala, and Javascript implementations of Skein 512-512 (based on version 1.3)

A Java implementation of Skein (based on version 1.1)

An implementation of Skein in Ada

skerl, Skein hash function for Erlang, via NIFs

Skein 512-512 implemented in Bash

Skein implemented in Haskell

VHDL source code developed by the Cryptographic Engineering Research Group (CERG) at George Mason University

skeinr Skein implemented in Ruby

fhreefish An efficient implementation of Skein-256 for 8-bit Atmel AVR microcontrollers, meeting the performance estimates outlined in the official specification

v
t
e
Cryptographic hash functions and message authentication codes

List

Comparison

Known attacks

Common functions

MD5 (compromised)

SHA-1 (compromised)

SHA-2

SHA-3

BLAKE2

SHA-3 finalists

BLAKE

Grøstl

JH

Skein

Keccak (winner)

Other functions

BLAKE3

CubeHash

ECOH

FSB

Fugue

GOST

HAS-160

HAVAL

Kupyna

LSH

Lane

MASH-1

MASH-2

MD2

MD4

MD6

MDC-2

N-hash

RIPEMD

RadioGatún

SIMD

SM3

SWIFFT

Shabal

Snefru

Streebog

Tiger

VSH

Whirlpool

Password hashing/
key stretching functions

Argon2

Balloon

bcrypt

Catena

crypt

LM hash

Lyra2

Makwa

PBKDF2

scrypt

yescrypt

General purpose
key derivation functions

HKDF

KDF1/KDF2

MAC functions

CBC-MAC

DAA

GMAC

HMAC

NMAC

OMAC/CMAC

PMAC

Poly1305

SipHash

UMAC

VMAC

Authenticated
encryption modes

CCM

ChaCha20-Poly1305

CWC

EAX

GCM

IAPM

OCB

Attacks

Collision attack

Preimage attack

Birthday attack

Brute-force attack

Rainbow table

Side-channel attack

Length extension attack

Design

Avalanche effect

Hash collision

Merkle–Damgård construction

Sponge function

HAIFA construction

Standardization

CAESAR Competition

CRYPTREC

NESSIE

NIST hash function competition

Password Hashing Competition

Utilization

Hash-based cryptography

Merkle tree

Message authentication

Proof of work

Salt

Pepper

v
t
e
Cryptography
General

History of cryptography

Outline of cryptography

Cryptographic protocol
Authentication protocol

Cryptographic primitive

Cryptanalysis

Cryptocurrency

Cryptosystem

Cryptographic nonce

Cryptovirology

Hash function
Cryptographic hash function

Key derivation function

Digital signature

Kleptography

Key (cryptography)

Key exchange

Key generator

Key schedule

Key stretching

Keygen

Cryptojacking malware

Ransomware

Random number generation
Cryptographically secure pseudorandom number generator (CSPRNG)

Pseudorandom noise (PRN)

Secure channel

Insecure channel

Subliminal channel

Encryption

Decryption

End-to-end encryption

Harvest now, decrypt later

Information-theoretic security

Plaintext

Codetext

Ciphertext

Shared secret

Trapdoor function

Trusted timestamping

Key-based routing

Onion routing

Garlic routing

Kademlia

Mix network

Mathematics

Cryptographic hash function

Block cipher

Stream cipher

Symmetric-key algorithm

Authenticated encryption

Public-key cryptography

Quantum key distribution

Quantum cryptography

Post-quantum cryptography

Message authentication code

Random numbers

Steganography

Category

Retrieved from "https://en.wikipedia.org/w/index.php?title=Skein_(hash_function)&oldid=1180510664"

[skein-1] Ferguson; et al. (2010-10-01). "The Skein Hash Function Family" (PDF). Archived from the original (PDF) on 2014-08-24. Retrieved 2010-12-15. {{cite journal}}: Cite journal requires |journal= (help)

[2] NIST
. 2012-10-02. Retrieved 2012-10-02.

[3] ttp://www.skein-hash.info/sites/default/files/skein1.3.pdf Archived 2014-08-24 at the Wayback Machine p. 6

[4] skein_NIST_CD_121508.zip Archived 2016-06-10 at the Wayback Machine on skein-hash.info, skein.c "Implementation of the Skein hash function. Source code author: Doug Whiting, 2008. This algorithm and source code is released to the public domain."

[5] "Now From Bruce Schneier, the Skein Hash Function". Slashdot. 2008-10-31. Retrieved 2008-10-31.

[6] "Paper describing the hash function, Version 1.3 (2010-10-01)" (PDF). Archived from the original (PDF) on 2014-08-24. Retrieved 2010-12-15.

[rotational-rebound-7] Dmitry Khovratovich; Ivica Nikolic; Christian Rechberger (2010-10-20). "Rotational Rebound Attacks on Reduced Skein". Cryptology ePrint Archive.

[8] Dmitry Khovratovich & Ivica Nikolić (2010). "Rotational Cryptanalysis of ARX" (PDF). University of Luxembourg. Archived from the original (PDF) on 2013-01-26. Retrieved 2010-10-25. {{cite journal}}: Cite journal requires |journal= (help)

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]