Threefish

Threefish
	Structure of a round of threefish
developer	Bruce Schneier , Niels Ferguson , Stefan Lucks , Doug Whiting , Mihir Bellare , Tadayoshi Kohno , Jon Callas , Jesse Walker
Released	2008
Key length	256, 512 or 1024 bits ; (the key length is always the same as the block size)
Block size	256, 512 or 1024 bits
Round	72 for 256-bit block size ; 72 for 512-bit block size ; 80 for 1024-bit block size

Three Fish is a block cipher , as part of the cryptographic hash function Skein which at the NIST Selection Procedures ( English NIST hash function competition ) to SHA-3 was participated developed. Threefish does not use any S-boxes or other lookup tables to make temporal side-channel attacks (computing time attacks) more difficult. The necessary non-linearity is achieved by alternating additions and bit-wise XOR operations .

Part of the development team was already working together on the design of the Twofish and Blowfish block ciphers , which, however, have a different structure.

functionality

A data block consists of 4, 8 or 16 words of 64 bits each. In each round, pairs of two words, each consisting of one of two block halves, are modified by the MIX function, and then the words within each block half are permuted so that each word is paired with another for the MIX operation in the next round. The MIX function consists of the elementary operations addition modulo , bit rotation and XOR operation : ${\ displaystyle 2 ^ {64}}$

{\ displaystyle B \ leftarrow B + A; \; \; A \ leftarrow A \ lll R_ {i, j}; \; \; A \ leftarrow A \ oplus B}

The range of rotation depends on the round and the word pair and follows a pattern that is repeated every eight rounds. The word permutation is the same in every round. After every four rounds, and also before the first round, a round key word is added to each block word. ${\ displaystyle R_ {i, j}}$

Threefish is a so-called tweakable block encryption, which means that the type of permutations can be changed to a certain extent via an additional control input. The tweak has a similar function to an initialization vector or a nonce , can be public and can be changed faster than the key. This allows cyclical changes to the encryption during operation for time-critical applications such as hard disk encryption, without affecting the data throughput, as is the case with the comparatively time-consuming change of the primary key.

The key size is equal to the block size. To classify the key, an additional key word is first calculated by XORing all key words and a constant with one another. Each round key consists of 4, 8 or 16 of the key words that are rotated from one round key to the next, i.e. H. a different word is omitted for each round key. The lap number is added to the last word of the lap key. A tweak word is added to the second and third from the last round key word; these are also rotated so that two different tweak words are used in each round.

Individual evidence

^ Ferguson et al: The Skein Hash Function Family. (PDF; 479 kB) October 1, 2010, accessed on March 28, 2013 .

[skein-1] Ferguson et al: The Skein Hash Function Family. (PDF; 479 kB) October 1, 2010, accessed on March 28, 2013 .