Upcoming SlideShare
×

# Keccak

1,612 views

Published on

Basic Presentation for Keccak Understanding.

Published in: Engineering, Technology, Education
0 Likes
Statistics
Notes
• Full Name
Comment goes here.

Are you sure you want to Yes No
• Be the first to comment

• Be the first to like this

Views
Total views
1,612
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
66
0
Likes
0
Embeds 0
No embeds

No notes for slide

### Keccak

1. 1. Keccak Presenters: Pratheep Joe Siluvai Rajeev Verma
2. 2. Overview ● Introduction to Hash function. ● Secure Hash Algorithm (SHA) ● SHA-3/Keccak ○ Design approach ○ Inside Keccak ○ Parts of Keccak-f ● Application & Strength ● Efficiency ● Our work ● References
3. 3. Hashing and Hash Function • Hashing is the transformation of a string of characters into a usually shorter fixed-length value or key that represents the original string. • In addition to faster data retrieval, hashing is also used to encrypt and decrypt digital signatures. • The hashing algorithm is called the Hash Function which generates hash codes. • Hash codes are stored in a table called hash table.
4. 4. Hash function • Algorithm that takes an arbitrary block of data and returns a fixed-size bit string. • Used from digital signature to git repository to peer to peer transmission. • Encoded data is called the "message," and the hash value is sometimes called the “message digest” or simply “digest”. MD5 MD = 128 (Ron Rivest, 1992) SHA-1 MD = 160 (NSA, NIST, 1995) SHA-2 MD = 224/256/384/512 (NSA, NIST, 2001)
5. 5. Secure Hash Algorithms (SHA’s) • Family of cryptographic hash functions published by the National Institute of Standards and Technology (NIST) • SHA defines as U.S. Federal Information Processing Standard (FIPS) • SHA determine the integrity of a message. So, that any change in the message in the message result in different hash values with high probability. • Steps for SHA : – Preprocessing : Padding the data for blocking – Hash Computation : Process blocks using the hash function.
6. 6. SHA basics
7. 7. SHA History
8. 8. SHA–3 / Keccak ● Selected on October 2012 as the winner of the NIST hash function competition ● Not only a hash function. ● Based on the sponge function. ● Not meant to replace SHA-2.
9. 9. Keccak Team Guido Bertoni, Joan Daemen, Michaël Peeters and Gilles Van Assche
10. 10. Keccak, a sponge function ● Variable input and output length ● More Flexible than regular hash function ● Parameters ○ r bits– rate (defines the speed) ○ c bits – capacity (defines the security level)
11. 11. Design Approach ● Instantiate a sponge function ● Select the capacity and rate parameters ○ capacity + rate = 1600 ● Rata and capacity decides the strength. ● Building an iterated permutation ● Like a block cipher ○ Sequence of identical rounds ○ Round consists of sequence of simple step mappings ● No key Schedule , instead round constants Capacity Rate Strength 256 1344 128 384 1216 192 512 1088 256
12. 12. Inside Keccak ● The permutation Keccak-f ○ 7 permutations: b → {25, 50, 100, 200, 400, 800, 1600} ● Uses 24 permutation rounds ○ Each round invokes 5 modules ○ Theta(θ), rho(ρ), Pi(Π), Chi(χ), iota(ϊ)
13. 13. Pieces of states Note : State is 5x5x64 bits block.
14. 14. Theta ● Renders the internal state into a 5-by-5 array of 64-bit elements. ● Computes the parities of each column and combines them with an exclusive-or (XOR) operator. ● Then it XORs the resulting parity to each state bit as follows: S[i][j][k] ^= parity(S[0...4][j-1][k]) ^ parity(S[0...4][j+1][k-1]) where i = 0...4; j = 0...4; k = 0...63
15. 15. Rho • The rho module rotates each 64-bit element by a triangular number 0, 1, 3, 6, 10, 15, …..
16. 16. Pi • The pi module permutes the 64-bit elements. • Permutation follows the fixed pattern assignment shown below: S[j][2*i + 3*j] = S[i][j]
17. 17. Chi • The chi module adds a non-linear aspect to the permutation round. • It combines the row elements using only three bitwise operators: AND, NOT, and XOR. • Then it writes the result back to the state array as follows: S[i][j][k] ^= ~S[i][j + 1][k] & S[i][j + 2][k]
18. 18. Iota ● The iota module breaks up any symmetry caused by the other modules. ● This is done by XORing one of the array elements to a round constant ● The module has 24 round constants to choose from. These constants are defined internally by Keccak ● Without ϊ , the round mapping would be symmetric ● Without ϊ , all rounds would be the same ○ susceptibility to slide attacks ○ defective cycle structure
19. 19. Code Reference Keccak-f[b](A) { forall i in 0…nr -1 A = Round[b](A, RC[i]) return A } Round[b](A,RC) { θ step C[x] = A[x,0] xor A[x,1] xor A[x,2] xor A[x,3] xor A[x,4], forall x in 0…4 D[x] = C[x-1] xor rot(C[x+1],1), forall x in 0…4 A[x,y] = A[x,y] xor D[x], forall (x,y) in (0…4,0…4) ρ and π steps B[y,2*x+3*y] = rot(A[x,y], r[x,y]), forall (x,y) in (0…4,0…4) χ step A[x,y] = B[x,y] xor ((not B[x+1,y]) and B[x+2,y]), forall (x,y) in (0…4,0…4) ι step A[0,0] = A[0,0] xor RC return A }
20. 20. Keccak Summary • Round function: R = (ϊ) XOR (χ) XOR (Π) XOR (ρ) XOR (θ) • Number of rounds: 12 + 2ℓ – Keccak-f[25] has 12 rounds – Keccak-f[1600] has 24 rounds • Eﬃciency – high level of parallelism – ﬂexibility: bit-interleaving – software: competitive on wide range of CPU – dedicated hardware: very competitive – suited for protection against side-channel attack
21. 21. Applications • Regular hashing – Electronic signatures – Data integrity – Data identifier • Salted hashing (more complex security measure) – Randomized hashing – Password Storage and verification • Message Authentication Code (MAC) • Single Pass authenticated encryption – Authentication and Encryption in a single pass – Secure messaging ( SSL, TLS, SSH,…. ) – Version control systems. • Reseedable Pseudorandom sequence generator
22. 22. Strength of Keccak • High level of parallelism • Flexibility: bit-interleaving • Software: competitive on wide range of CPU (also implem. for CUDA) • Dedicated hardware: very competitive • Suited for protection against side-channel attack • Faster than SHA-2 on all modern PC
23. 23. Efficiency
24. 24. Our Work • Keccak source code is available for public access. • Keccak hash function implementation on microblaze and analyze the hardware performance to perform hashing. • Analysing the the factors like timing/clock cycles for different bit-rate and capacity factors.
25. 25. References ● J.-P. Aumasson and D. Khovratovich, First analysis of Keccak, Available online, 2009, http://131002.net/data/papers/AK09.pdf. ● Online Keccak reference site, http://keccak.noekeon.org/ ● G. Bertoni, J. Daemen, M. Peeters, G. Van Assche and R. Van Keer, Keccak implementation overview, round 3 submission to NIST SHA-3, 2011
26. 26. Thank you