Since its adoption as the SHA-3 standard, Keccak has grown out of the mere hashing functionality. We present a consistent set of cryptographic functions, for fast hashing, pseudo-random bit generation, authentication or authenticated encryption, that enjoy very competitive safety margin vs speed ratios. We highlight the bases for the security of these functions and dive into their software implementations.
Beyond the FIPS 202 standard functions derived from Keccak (i.e., SHA-3 hash functions and SHAKE{128,256} extendable output functions), we present several interesting proposals, consistently based on the same permutation or its round function. Among others:
Two key aspects will be covered.
First, the essential goal of these functions is to remain secure despite advances in cryptanalysis. We will explain explain how we base the security on two strong pillars: the track record of third-party cryptanalysis and the generic security of the underlying construction.
Second, we will explore the Keccak Code Package and its two-level structure. The high-level cryptographic services are implemented in plain C, without any specific optimizations. The low-level services implement the permutations and the state input/output functions, for which we provide optimized code for different platforms. Another interesting topic to discuss is how the parallelism is exploited on modern processors with SIMD units.
Speakers: Gilles Van Assche