The Blake Secure Hashing algorithm is one of five algorithms that will become the new NIST SHA-3 Standard. BLAKE is a family of four hash functions: BLAKE-224, BLAKE-256, BLAKE-384, and BLAKE-512. BLAKE-256 and BLAKE-224 are based on 32 bit words, while BLAKE-512 and BLAKE-384 are based on 64 bit words. BLAKE-256 is BLAKE with 32-bit words, 14 rounds, and 256-bit output and BLAKE-512 is BLAKE with 64-bit words, 16 rounds, and 512-bit output.
The compression function of BLAKE is based on state represented by a 4×4 matrix of either 32 bit or 64 bit words. A round of BLAKE consists of performing independent column updates followed by independent updates of the diagonal elements of the state matrix. For each column and diagonal update two message words and two predetermined constants are input to the state.
The 16 word state v0 to v15 is represented in matrix form as:
|v0 v1 v2 v3|
|v4 v5 v6 v7|
|v8 v9 v10 v11|
|v12 v13 v14 v15|
A round of BLAKE is a transformation of the v0 to v15 state matrix that uses the function:
G(a,b,c,d) to first update the state matrix columns G0(v0, v4, v8, v12) G1(v1, v5, v9,v13) G2(v2, v6, v10, v14) G3(v3, v7, v11, v15) and then to update the diagonals of the state matrix G4(v0, v5, v10, v15) G5(v1,v6, v11, v12) G6(v2, v7, v8, v13) G7(v3, v4, v9, v14). This is illustrated in FIG. 1.
The G function consists of 8 dependent steps:a=a+b+(m—r(2i)^c—r(2i+1))d=(d^a)>>>16c=c+d b=(b^c)>>>12a=a+b+(m—r(2i+1)^c—r(2i))d=(d^a)>>>8c=c+d b=(b^c)>>>7where m_r(2i and m_r(2i+1) are two of 16 messages words input each round and c_r(2i) and c_r(2i+1) are two of 16 constants.
The column update functions G0, G1, G2, G3 are independent and can be executed in parallel. Upon completion of the column updates, the diagonal update functions G4, G5, G6, G7 are performed. G4, G5, G6, G7 are also completely independent and can be executed in parallel.
The G function requires 6 XORs, 6 adds, and 4 rotates as illustrated in FIG. 2. A round consisting of 8 G functions thus requires 48 XORs, 48 adds, and 32 rotates, for a total of 128 operations per round. An additional 28 XORs are needed for initialization and finalization. As an example, BLAKE-512 requires 16 rounds and 16*128=2048+28=2076 operations.
Skein algorithm is another of the five remaining algorithms in the NIST SHA3 secure hash standard. Skein is made up of 3 major functions MIX, Permute, and Sub-Key addition. The MIX function uses only three mathematical operations, XOR, Rotate, and carry-propagate additions on a pair of 64 bit words. An exemplary MIX function is illustrated in FIG. 3.
Each MIX function adds two 64 bit inputs producing the first 64 bits of the result, and an XOR of the addition result with a rotated version of the second input to produce the second 64 bits of the result. The MIX function is 128 bits wide, requiring two MIX functions per round for Skein-256, four MIX functions per round for Skein-512, and eight per round for Skein-1024.
A round of the Skein algorithm is the MIX functions across 256, 512 or 1024 bits, followed by a Permute of 64 bits words. There are 72 rounds of MIX/Permute with a Sub-key addition before the first round and then after every four rounds. FIG. 4 of 4 rounds of Skein-256 is from the Skein Hash Function Family document.