Cryptography Stack Exchange
Cryptography Stack Exchange

Questions tagged [skein]

Skein is a cryptographic hash function. It was designed for the SHA-3 competition where it became a finalist, but wasn't chosen as SHA-3.

Skein is a family of cryptographic hash functions with internal states of 256, 512 and 1024 bits, each of which is based on the tweakable symmetric block-cipher of the same block size, and a variable output size.

As well as operation as a cryptographic hash, Skein has an extendable argument system that allows it to be used as a , a randomized hash, a personalized hash, a , or a .

The Skein hash function was a finalist in the NIST , but was not selected as .

See the NIST “SHA-3 Cryptographic Hash Algorithm Competition”) information, or check the related Wikipedia article for more information.

11 questions
11
votes
1 answer

Why does Skein use an output transform, but other similar hashes don't?

Skein uses an additional compression function call to finalize the output, even when the output isn't larger than the native output size. The Skein paper says: Due to Skein’s output transformation, it remains an open problem how to create…
CodesInChaos
  • 25,121
  • 2
  • 90
  • 129
11
votes
1 answer

Can Skein be used as a secure MAC in format H(k || m)?

Can Skein be used as a secure MAC in format H(k || m)? I understand it can work with HMAC, but it is fine as a one-pass MAC in the format above and resists length extension attacks. Is this assumption correct? One of the Skein authors mentions that…
user13183
  • 145
  • 6
5
votes
1 answer

Skein state size advantages

Skein is defined for three different internal state sizes: 256 bits, 512 bits, and 1024 bits – with Skein-512 as the “primary proposal”. Is there any advantage, other than potential memory or speed performance reasons, when picking a state size…
Mike Edward Moras
  • 18,161
  • 12
  • 87
  • 240
4
votes
2 answers

Can a secret message be securely transmitted within a MAC tag?

A sender wants to transmit an ultra secret code $M$ which could be either 'go', 'stop' or 'wait'. This could be any selection of code words really and adopted for any use such as transmitting short commands or short status messages. The code list…
ushadm
  • 53
  • 5
3
votes
1 answer

Security of XORing hashes vs concatenating

On this question https://stackoverflow.com/questions/5889238/why-is-xor-the-default-way-to-combine-hashes a couple of the answers say that xoring is a bad/insecure choice for combining hashes. However, most of them say that in regards to xoring two…
Lev Knoblock
  • 422
  • 5
  • 19
2
votes
1 answer

Tree hash and multithreading for parallelism

I am using tree hash mode of Skein on a 16 core processor. Will it automatically employ parallelism using more than one cores or do I have to use multi-threading within the tree hash for parallel processing? Also, the tree hash mode requires three…
ash
  • 29
  • 1
2
votes
1 answer

Using Skein as PRNG

I have read that the Skein hash can be used for quite a few different functions, including a PRNG. Would using the 1024 Skein hash to return 16KB of data be appropriate for a PRNG? Or would it only be appropriate to use the 128 bytes of data as a…
user27526
  • 21
  • 1
1
vote
1 answer

What's the difference between "HashX-512" and "HashX-1024"?

I need to make a Skein hash's, specifically, Skein-1024; however, I only have access currently to Skein-512. Is there any way to utilize a Skein-512 function to get the result of a Skein-1024 hash? What's the difference between the two?
Freesnöw
  • 111
  • 2
1
vote
1 answer

Skein Hash padding

I do some research with the candidates of the sha-3 competition. I am interested in the padding mechanisms of the skein hashfunction. For Example. I use the skein hash with 256 internal state size. Is it correct, if my message is a multiple of 256,…
chris000r
  • 519
  • 3
  • 15
1
vote
0 answers

Security of simple Skein PBKDF mentioned in the paper

From the Skein 1.3 paper section 4.8, Skein as a Password-Based Key Derivation Function (PBKDF), it mentions the following as a simple PBKDF (S = seed and P = password): An even simpler PBKDF is to simply create a very long repetition of S and P;…
504811E
  • 51
  • 3
1
vote
1 answer

Can MCOE AEAD mode be modified to work with Threefish tweak block cipher and generate intermediate tags

The MCOE mode provides a really nice way to implement a nonce-misuse resistant AEAD and is based on an arbitrary tweak block cipher. A specific requirement of the tweak block cipher is that the data block length is the same size as the tweak. As I…
cookiecipher
  • 359
  • 1
  • 8