SHA-3

简介

SHA-3 (Secure Hash Algorithm 3), a subset of the cryptographic primitive family Keccak, is a cryptographic hash function designed by Guido Bertoni, Joan Daemen, Michaël Peeters, and Gilles Van Assche, building upon RadioGatún. SHA-3 is a member of the Secure Hash Algorithm family. The SHA-3 standard was released by NIST on August 5, 2015.[4][5] The reference implementation source code was dedicated to public domain via CC0 waiver.[6]

源代码

python, C, VHDL实现
http://keccak.noekeon.org/files.html

技术细节

KECCAK-p PERMUTATIONS

The KECCAK-p permutations are specified, with two parameters:
1. the fixed length of the strings that are permuted, called the width of the permutation
2. the number of iterations of an internal transformation, called a round. The width is denoted by $b$, and the number of rounds is denoted by $n_r$. The $KECCAK-p$ permutation with $n_r$ rounds and width $b$ is denoted by $KECCAK-p[b, n_r]$; the permutation is defined for any $b\in \{25, 50, 100, 200, 400, 800, 1600\}$ and any positive integer $n_r$.
A round of a $KECCAK-p$ permutation, denoted by $Rnd$, consists of a sequence of five transformations, which are called the step mappings. The permutation is specified in terms of an array of values for $b$ bits that is repeatedly updated, called the $state$; the $state$ is initially set to the input values of the permutation.

state

The state for the $KECCAK-p[b, n_r]$ permutation is comprised of $b$ bits. The specifications in this Standard contain two other quantities related to $b$: $b/25$ and $log2(b/25)$, denoted by $w$ and $l$, respectively. The seven possible values for these variables that are defined for the $KECCAK-p$ permutations are given in the columns of Table 1 below.

permutation

具体各个函数定义参见官方文档，主要是对三维state的各种变换
$Rnd(A, ir) = ι(χ(π(ρ(θ(A)))), i_r)$.

SPONGE

－阶段1:吸收需要hash的二进制串（padding后的）
－阶段2:输出hash值
＃思考
－SHA-3结构应该不太适合流水线结构，因为sponge函数的内部相关性
－SHA-3应用在block chain中，在大量尝试hash值的时候，随机数之间可以设置相关性，这样应该可以降低proof-of-work的功耗