Kittens v Kangaroos

In [1], Jean-Philippe (JP) Aumasson proposes that we reduce the number of rounds in SHA-3 (Keccak) from 24 to just 10 rounds, and names it…

Kittens v Kangaroos

In [1], Jean-Philippe (JP) Aumasson proposes that we reduce the number of rounds in SHA-3 (Keccak) from 24 to just 10 rounds, and names it KitTen (get it … “10”). This, he proposes, would create a speedup of 2.4 times. JP’s focus is that it is possible to reduce the number of rounds within a given cryptography method without compromising security, and which then improves the overall performance of the method. He also proposes that we could reduce the number of rounds from 12 to 8 for the BLAKE2b hashing method, and with a resulting 1.5×speed-up [here]:

BLAKE2, BLAKE2b, Keccak and KangerooTwelve

The problem with competitions is that the winner will often take all, until the next competition. Those competing could thus get better than the winner, but it is often too late. So let’s look at the SHA-3 competition, and how things have evolved.

NIST created a competition for SHA-3, and it was Keccak that was crowned the champion. Since then, SHA-3 has received good adoption levels, but you’ll also see BLAKE2 — one of the finalists — being used in many applications. Keccak won because it was fast, and where BLAKE2 was submitted too late to compete against it. Since many have seen BLAKE2 as the better alternative [here]. We see here that BLAKE2 (BLAKE2b — the 64-bit version — and BLAKE2s) performs much better than SHA3 implementations:

BLAKE2b improved its speed by reducing the number of rounds from 16 to 12 and where BLAKE2s went from 14 to 10 rounds, with respect to BLAKE. BLAKE2b had has been benchmarked at being faster than MD5 and using 30% less memory, along with a 25% speed improvement over BLAKE.

Here is the running code:

BLAKE (SHA-3 contender)
BLAKE2b-512("") = 786A02F742015903C6C6FD852552D272912F4740E15847618A86E217F71F5419…asecuritysite.com

and here:

https://asecuritysite.com/encryption/blake3

So, in 2016, the Keccak research team came up with a new method: KangarooTwelve. For this, they managed to get significant speed improvements and managed to reduce the number of rounds from 24 to 12 (and with a security level of around 128 bits). A new method of tree hashing was also added, and which supports the parallel hashing of large files [paper]:

Here is the running code:

KangarooTwelve
Back] NIST created a competition for SHA-3, and it was Keccak that was crowned the champion. Since then, SHA-3 has…asecuritysite.com

Conclusions

What really matters? Security that would take all the energy in the solar system to crack a single key, or that our crypto can work efficiently for their battery drain?

References

[1] Aumasson, J. P. (2019). Too Much Crypto. IACR Cryptol. ePrint Arch., 2019, 1492.