Michaël Peeters

In April 2014, the American National Institute of Standards and Technology (NIST) published the draft FIPS 202 standard for the SHA-3 hash functions and the SHAKE extendable-output functions (XOFs), all based on the Keccak sponge function. Since the selection of Keccak as the winner of the SHA-3 cryptographic open competition, NIST announced that they will exploit Keccak's abilities for other purposes than just hashing, including key derivation, pseudo-random bit generation, authentication and (authenticated) encryption.

A first part of the talk will be to give a summary of the current developments around Keccak and the FIPS 202 standard.

In the meantime, we have gathered the most efficient implementations of Keccak, SHA-3 hash functions and SHAKE XOFs in the Keccak Code Package. These open source implementations are organized in a way that aims satisfying both the developer of optimized code and the cryptographic user. Central to this organization is a specific internal interface that allows interchangeable optimized codes and a user-friendly set of external services.

As a second part of the talk, we will briefly present the current status of this development and how the FOSS community can benefit from (and contribute to) this effort.

This is a follow-up of the talk "Keccak: more than sha3sum" at FOSDEM 2013.

Other people: Gilles Van Assche Joan Daemen

Recently, the American National Institute of Standards and Technology (NIST) announced the selection of Keccak as the winner of the SHA-3 Cryptographic Hash Algorithm Competition. This concluded an open competition that was remarkable both for its magnitude and the involvement of the cryptographic community. Public review is of paramount importance to increase the confidence in the new standard and to favor its quick adoption. The SHA-3 competition explicitly took this into account by giving open access to the candidate algorithms and everyone in the cryptographic community could try to break them, compare their performance, or simply give comments.

In this talk the authors of Keccak will introduce and highlight the strengths of their cryptographic primitive and explain how it can benefit to the FOSS community.

Although Keccak, as the SHA-3 standard, will coexist with the current standard SHA-2 hash function family, it is much more than just another "SHAxSUM" algorithm. Keccak relies at its core on a new construction, called the sponge construction, which allows for simpler and more flexible modes of use. The talk will illustrate this by giving various examples on how current software designs can benefit from this greater flexibility, e.g., for all the flavors of hashing, stream encryption, authentication, authenticated encryption and pseudo-random bit generation.

This talk will also focus on the different aspects that make the design of Keccak open, from the open source implementations on various platforms to initiatives to keep encouraging third-party cryptanalysis, such as the KeccakTools cryptanalysis software and the Crunchy Crypto Collision and Pre-image Contest.

Other people: Gilles Van Assche Joan Daemen