Threefish is available without Tweaks
14 views
Skip to first unread message
Jeffrey Walton
May 15, 2017, 2:58:43 PM5/15/17
to Crypto++ Users
Hi Everyone,
Threefish was checked-in at https://github.com/weidai11/cryptopp/commit/8c34a5f7f5d1.
The block cipher provides key sizes of 256-bit, 512-bit and 1024-bit. It has very good performance, especially Threeish-512. 512 out-performs the 256-bit version, and it achieves almost 400 Mib/s on a modern Skylake.
We had to disable the Tweak at the moment. We are arriving at the wrong result for G2 after Key Injection, but its not readily apparent why (so it has not been fixed). It was disabled at https://github.com/weidai11/cryptopp/commit/f60f21268751.
As soon as we get to the bottom of the key injection issue for tweaks, it will be re-enabled.
Jeff
Threefish was checked-in at https://github.com/weidai11/cryptopp/commit/8c34a5f7f5d1.
The block cipher provides key sizes of 256-bit, 512-bit and 1024-bit. It has very good performance, especially Threeish-512. 512 out-performs the 256-bit version, and it achieves almost 400 Mib/s on a modern Skylake.
We had to disable the Tweak at the moment. We are arriving at the wrong result for G2 after Key Injection, but its not readily apparent why (so it has not been fixed). It was disabled at https://github.com/weidai11/cryptopp/commit/f60f21268751.
As soon as we get to the bottom of the key injection issue for tweaks, it will be re-enabled.
Jeff
Jeffrey Walton
May 15, 2017, 6:11:05 PM5/15/17
to Crypto++ Users
We had to disable the Tweak at the moment. We are arriving at the wrong result for G2 after Key Injection, but its not readily apparent why (so it has not been fixed). It was disabled at https://github.com/weidai11/cryptopp/commit/f60f21268751.
As soon as we get to the bottom of the key injection issue for tweaks, it will be re-enabled
Arg... A typo was holding things up...
The original code used the following in UncheckedSetKey, which is where ciphers are keyed:
m_tweak[2] = m_tweak[0] + m_tweak[1];
The correct code is:
m_tweak[2] = m_tweak[0] ^ m_tweak[1];
We also needed a helper function for PutDecodedDatumInto. The test vectors are little-endian, so they don't copy/paste into a text file.
I'm going to add some test vectors and check-in the change.
Jeff
Jeffrey Walton
May 15, 2017, 10:57:19 PM5/15/17
to Crypto++ Users
Jeffrey Walton
May 16, 2017, 12:41:09 AM5/16/17
to Crypto++ Users
Threefish was checked-in at https://github.com/weidai11/cryptopp/commit/8c34a5f7f5d1.
We are tracking the addition of Threefish with https://github.com/weidai11/cryptopp/issues/422. I closed the ticket out because the core functionality and self tests were cut-in.
We will handle the design changes for the Tweak under a new ticket. I'm going to open it when we start on Skein. Skein will need to reach into Threefish for the plain text feed forwarding, so we can evaluate the necessary changes then.
Also, if someone wants to jump on Skein, then feel free. Hashes are pretty easy. Just follow the way Adler, CRC32, SHA3 or Keccack does things. It mostly boils down to implementing Restart, Update and TruncatedFinal.
The block cipher provides key sizes of 256-bit, 512-bit and 1024-bit. It has very good performance, especially Threeish-512. 512 out-performs the 256-bit version, and it achieves almost 400 Mib/s on a modern Skylake.
By the way, I uploaded benchmarks based on Master. They are available at https://cryptopp.com/benchmarks-skylake.html. Kalyna and Threefish are rocking performance.
I also regenerated the Doxygen documentation.
Jeff
Reply all
Reply to author
Forward
0 new messages