Threefish is available without Tweaks

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Threefish is available without Tweaks

Jeffrey Walton-3
Hi Everyone,

Threefish was checked-in at https://github.com/weidai11/cryptopp/commit/8c34a5f7f5d1.

The block cipher provides key sizes of 256-bit, 512-bit and 1024-bit. It has very good performance, especially Threeish-512. 512 out-performs the 256-bit version, and it achieves almost 400 Mib/s on a modern Skylake.

We had to disable the Tweak at the moment. We are arriving at the wrong result for G2 after Key Injection, but its not readily apparent why (so it has not been fixed). It was disabled at https://github.com/weidai11/cryptopp/commit/f60f21268751.

As soon as we get to the bottom of the key injection issue for tweaks, it will be re-enabled.

Jeff

--
--
You received this message because you are subscribed to the "Crypto++ Users" Google Group.
To unsubscribe, send an email to [hidden email].
More information about Crypto++ and this group is available at http://www.cryptopp.com.
---
You received this message because you are subscribed to the Google Groups "Crypto++ Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
For more options, visit https://groups.google.com/d/optout.
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Threefish is available without Tweaks

Jeffrey Walton-3

We had to disable the Tweak at the moment. We are arriving at the wrong result for G2 after Key Injection, but its not readily apparent why (so it has not been fixed). It was disabled at <a href="https://github.com/weidai11/cryptopp/commit/f60f21268751" target="_blank" rel="nofollow" onmousedown="this.href=&#39;https://www.google.com/url?q\x3dhttps%3A%2F%2Fgithub.com%2Fweidai11%2Fcryptopp%2Fcommit%2Ff60f21268751\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNGcDBfKMtJQPxVpiu61eSajLB75_g&#39;;return true;" onclick="this.href=&#39;https://www.google.com/url?q\x3dhttps%3A%2F%2Fgithub.com%2Fweidai11%2Fcryptopp%2Fcommit%2Ff60f21268751\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNGcDBfKMtJQPxVpiu61eSajLB75_g&#39;;return true;">https://github.com/weidai11/cryptopp/commit/f60f21268751.

As soon as we get to the bottom of the key injection issue for tweaks, it will be re-enabled

Arg... A typo was holding things up...

The original code used the following in UncheckedSetKey, which is where ciphers are keyed:

    m_tweak[2] = m_tweak[0] + m_tweak[1];

The correct code is:

    m_tweak[2] = m_tweak[0] ^ m_tweak[1];

We also needed a helper function for PutDecodedDatumInto. The test vectors are little-endian, so they don't copy/paste into a text file.

I'm going to add some test vectors and check-in the change.

Jeff

--
--
You received this message because you are subscribed to the "Crypto++ Users" Google Group.
To unsubscribe, send an email to [hidden email].
More information about Crypto++ and this group is available at http://www.cryptopp.com.
---
You received this message because you are subscribed to the Google Groups "Crypto++ Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
For more options, visit https://groups.google.com/d/optout.
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Threefish is available without Tweaks

Jeffrey Walton-3


On Monday, May 15, 2017 at 6:11:05 PM UTC-4, Jeffrey Walton wrote:

We had to disable the Tweak at the moment. We are arriving at the wrong result for G2 after Key Injection, but its not readily apparent why (so it has not been fixed). It was disabled at <a href="https://github.com/weidai11/cryptopp/commit/f60f21268751" rel="nofollow" target="_blank" onmousedown="this.href=&#39;https://www.google.com/url?q\x3dhttps%3A%2F%2Fgithub.com%2Fweidai11%2Fcryptopp%2Fcommit%2Ff60f21268751\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNGcDBfKMtJQPxVpiu61eSajLB75_g&#39;;return true;" onclick="this.href=&#39;https://www.google.com/url?q\x3dhttps%3A%2F%2Fgithub.com%2Fweidai11%2Fcryptopp%2Fcommit%2Ff60f21268751\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNGcDBfKMtJQPxVpiu61eSajLB75_g&#39;;return true;">https://github.com/weidai11/cryptopp/commit/f60f21268751.

As soon as we get to the bottom of the key injection issue for tweaks, it will be re-enabled

Arg... A typo was holding things up...

The original code used the following in UncheckedSetKey, which is where ciphers are keyed:

    m_tweak[2] = m_tweak[0] + m_tweak[1];

The correct code is:

    m_tweak[2] = m_tweak[0] ^ m_tweak[1];

We also needed a helper function for PutDecodedDatumInto. The test vectors are little-endian, so they don't copy/paste into a text file.

I'm going to add some test vectors and check-in the change.

Done at https://github.com/weidai11/cryptopp/commit/5bf43f4ef37c.

Jeff

--
--
You received this message because you are subscribed to the "Crypto++ Users" Google Group.
To unsubscribe, send an email to [hidden email].
More information about Crypto++ and this group is available at http://www.cryptopp.com.
---
You received this message because you are subscribed to the Google Groups "Crypto++ Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
For more options, visit https://groups.google.com/d/optout.
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Threefish is available without Tweaks

Jeffrey Walton-3
In reply to this post by Jeffrey Walton-3

Threefish was checked-in at <a href="https://github.com/weidai11/cryptopp/commit/8c34a5f7f5d1" target="_blank" rel="nofollow" onmousedown="this.href=&#39;https://www.google.com/url?q\x3dhttps%3A%2F%2Fgithub.com%2Fweidai11%2Fcryptopp%2Fcommit%2F8c34a5f7f5d1\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNGJxgl0n8hqI-2rJlDrsh2CNTYaSQ&#39;;return true;" onclick="this.href=&#39;https://www.google.com/url?q\x3dhttps%3A%2F%2Fgithub.com%2Fweidai11%2Fcryptopp%2Fcommit%2F8c34a5f7f5d1\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNGJxgl0n8hqI-2rJlDrsh2CNTYaSQ&#39;;return true;">https://github.com/weidai11/cryptopp/commit/8c34a5f7f5d1.

We are tracking the addition of Threefish with https://github.com/weidai11/cryptopp/issues/422. I closed the ticket out because the core functionality and self tests were cut-in.

We will handle the design changes for the Tweak under a new ticket. I'm going to open it when we start on Skein. Skein will need to reach into Threefish for the plain text feed forwarding, so we can evaluate the necessary changes then.

Also, if someone wants to jump on Skein, then feel free. Hashes are pretty easy. Just follow the way Adler, CRC32, SHA3 or Keccack does things. It mostly boils down to implementing Restart, Update and TruncatedFinal.
 
The block cipher provides key sizes of 256-bit, 512-bit and 1024-bit. It has very good performance, especially Threeish-512. 512 out-performs the 256-bit version, and it achieves almost 400 Mib/s on a modern Skylake.

By the way, I uploaded benchmarks based on Master. They are available at https://cryptopp.com/benchmarks-skylake.html. Kalyna and Threefish are rocking performance.

I also regenerated the Doxygen documentation.

Jeff

--
--
You received this message because you are subscribed to the "Crypto++ Users" Google Group.
To unsubscribe, send an email to [hidden email].
More information about Crypto++ and this group is available at http://www.cryptopp.com.
---
You received this message because you are subscribed to the Google Groups "Crypto++ Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
For more options, visit https://groups.google.com/d/optout.
Loading...