5

Functions such as SHA-3 from the Keccak family allow for a hash of arbitrary length output. These functions are (according to Wikipedia) useful for practical, lightweight applications.

I know that SHAKE-128 and SHAKE-256 can be applied for OAEP.

My question is: Are there currently any other applications found for such functions?

AleksanderCH
  • 6,511
  • 10
  • 31
  • 64

1 Answers1

7

Uses for SHAKE/XOF functions

Community wiki answer, please add and edit:

  • key derivation of any type
    • such as turning a 128-256 bit secret key into an ECC or RSA public/private key pair
  • deterministic secure uniform random number generation starting from a small seed
    • this might be used in fuzzing tools, simulations, etc. where you want a lot of random data for your experiment but you want it to be repeatable
  • stream ciphers
    • absorb the key and IV then output the key stream
  • authenticated encryption
  • length-preserving data obfuscation or anonymization
    • One might hash all customer data from a production environment when being copied into a development environment. An XOF can presereve the data cardinality distribution as well as the data size distribution of the "real" production data for accurate testing and performance comparisons in non-production environments.
  • digital signatures
    • digital signatures such as EdDSA employ hash functions whose output must be a specific size, some of them "awkward" (e.g. Ed448 requires a 912-bit hash function). This can be easily accomplished with a XOF. (In fact, Ed448 uses SHAKE256.)
Community
  • 1
rmalayter
  • 2,297
  • 17
  • 24