What’s the Fastest Crypto Hash Around, and Can I Generate An Encryption Key and a MAC?

So what’s the fastest cryptographic hashing method? Well, there’s one method that wipes the floor with every other cryptographic hashing…
Photo by Saffu on Unsplash

What’s the Fastest Crypto Hash Around, and Can I Generate An Encryption Key and a MAC?

So what’s the fastest cryptographic hashing method? Well, there’s one method that wipes the floor with every other cryptographic hashing method, and it’s BLAKE3. In fact, BLAKE 3 can be more than 30 times faster than SHA-256:

So let’s do a bit of secure coding of Blake hashes such Rust.

Hashing with BLAKE3

For SHA-3, NIST published the new standard, based on Keccak, on 5 August 2015, and which beat off competition from BLAKE (Aumasson et al.), Grøstl (Knudsen et al), JH (Hongjun Wu), and Skein (Schneier et al.). After two rounds, the final round evaluated of security, performance and hardware space. Since then there have been two new versions of BLAKE: BLAKE2b and BLAKE3. BLAKE3 basically wipes the floor its previous version (BLAKE2b), and which was already faster than SHA-3. It gives the equivalent of 128 bits of security. At its core is the Bao tree mode and the original BLAKE2 method, and it was been created by Jack O’Connor, Jean-Philippe Aumasson, Samuel Neves, and Zooko Wilcox-O’Hearn.

In this case we will compute the hash of a string, a key derivation method using some key generation method, and a MAC (Message Authentication Code) of a message using a secret key. With a MAC, Bob and Alice share the same secret key. When sending a message, Bob produces the MAC for the message with the secret key. This is sent with the message. Alice then uses the secret key to check the MAC against the received message.

For the MAC, Bob and Alice share a secret key, and then created a message authentication code based on the message and the shared key:

For a key derivation function, the input is a context and the key content. Overall the context is a hardcoded string which defines the application content (such as “mysite.com”), and the key material is a set of bytes which are used to derive the key. This could be a password, but it would not be recommended to use a password, as there are improved methods of converting a password into a key value (such as PBKDF2 and bcrypt):

BLAKE3 with Rust

Rust is taking a key rule in security by design, and where we have fast implementations and which have a strong control of memory. First, we create the with:

cargo new blake3

We then go into the blake folder, and add the following to the cargo.toml file:

[package]
name = "blake3"
version = "0.1.0"
edition = "2021"
[dependencies]
blake3 = "1.3.1"
hex="0.4.2"

Next we will add code to derive the hash, and also to derive an encryption key, and to also implement a keyed hash [here]:

use blake3;
use std::env;
use hex::{self, FromHex};
fn main() {
    let mut str="hello";
    let mut secret="hello";
    let mut mykey="0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF";
 
    let args: Vec<String> = env::args().collect();
if args.len() >1 { str = args[1].as_str();}
    if args.len() >2 { secret = args[2].as_str();}
    if args.len() >2 { mykey = args[3].as_str();}
let key = <[u8; 32]>::from_hex(mykey).unwrap();
println!("String: {}",str );
    println!("Secret for key: {}",secret );
    println!("Key (for keyed hash): {}\n",mykey );
let hash1 = blake3::hash(str.as_bytes());
println!("Blake3 hash (using {}): {}\n",str, hash1);
let key1 = blake3::derive_key(secret,str.as_bytes());
    println!("Blake3 Derived key (using {} and {}): {}\n",secret,str, hex::encode(key1));
let keyhash1 = blake3::keyed_hash(&key,secret.as_bytes());
    println!("Blake3 Key hash (using {} and {}): {}\n",mykey,secret, keyhash1);
}

Finally we simply build with:

cargo build

A sample run is [here]:

String: The quick brown fox jumps over the lazy dog
Secret for key: qwerty
Key (for keyed hash): 0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF
Blake3 hash (using The quick brown fox jumps over the lazy dog): 2f1514181aadccd913abd94cfa592701a5686ab23f8df1dff1b74710febc6d4a
Blake3 Derived key (using qwerty and The quick brown fox jumps over the lazy dog): 67d3ab68aef60ffdcfbb7cf80420af6a8f3bef3b19d2a32f2e17e26f1ede5259
Blake3 Key hash (using 0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF and qwerty): ec3c21e709ff3d3c37f675083a31e83441134cda934168b2c1b69f68e22c0e3f

Here is the running code:

https://asecuritysite.com/rust/blake3_rust

If you want to know about BLAKE2, try here:

https://asecuritysite.com/rust/rust_blake