Whirlpool (algorithm)

Functions

Whirlpool was developed according to the Square block cipher and can be counted to this family of block cipher functions.

Whirlpool is a Miyaguchi Preneel construction which is based on the substantially modified Advanced Encryption Standard .

Whirlpool takes a message of any length less than 2 ²⁵⁶ bits and returns a 512 bit.

The developers stated:

"Whirlpool is not patented (and never will be). The cipher can be used for anything free of charge"

Versions

The original cipher was published under the name Whirlpool-0 . The first revision of Whirlpool was called Whirlpool-T and the newest version was Whirlpool in the following test vectors.

• In the first revision in 2001, the S-Box was changed from a randomly generated one with good cryptographic properties to one with better cryptographic properties, whereby the implementation in the hardware was also simplified.
• In the second revision in 2003, a bug in the diffusion matrix, which reduced the security of the algorithm, was corrected by changing the rotating 8x8 matrix constants from (1, 1, 3, 1, 5, 8, 9, 5) to (1, 1, 4, 1, 8, 5, 2, 9) have been changed.

structure

The Whirlpool hash function is a Merkle – Damgård construction which is based on the AES -like block cipher W in Miyaguchi – Preneel style.

The block cipher W consists of a static 8x8 matrix of bytes with a total of 512 bits. ${\ displaystyle S}$

The encryption process involves renewing the state of four round functions over 10 rounds. The four round functions are SubBytes (SB), ShiftColumns (SC), MixRows (MR) and AddRoundKey (AK). During each round, a new state is generated as: . ${\ displaystyle S = AK \ circ MR \ circ SC \ circ SB (S)}$

SubBytes

The SubBytes operation uses a non-linear permutation independent of each byte of the state. The 8-bit S-box consists of three smaller 4-bit S-boxes.

ShiftColumns

The ShiftColumns operation cyclically shifts each byte into a new line of the status. Line j shifts its bytes down to j positions.

MixRows

The MixRows operation is a multiplication of each row by an 8x8 matrix across . The matrix is ​​chosen so that the branch number is 9, which is the maximum. ${\ displaystyle GF ({2 ^ {8}})}$

AddRoundKey

The AddRoundKey operation uses bitwise XOR to add a key calculated by the key schedule of the current state. The key schedule is identical to the encryption itself, except that the AddRoundKey function is replaced by the AddRoundConstant function, which adds a predetermined constant every round.

Implementation

The developers provide a reference implementation of the Whirlpool algorithm, which includes a version in C and Java . These reference implementations have been released to the public.

use

Two of the greatest pioneers of cryptographic programs, FreeOTFE and TrueCrypt, implemented Whirlpool in 2005.

VeraCrypt (a descendant of TrueCrypt ) supports Whirlpool (the latest version) as a hash algorithm.

Web links

• Official website (English)

Individual evidence

1. ↑ Florian Mendel, Christian Rechberger, Martin Schläffer, Søren S. Thomsen: The Rebound Attack: Cryptanalysis of Reduced Whirlpool and Grøstl . In: Fast Software Encryption Volume 5665. Springer Berlin Heidelberg 2009, pp. 260-276. ISBN 978-3-642-03316-2
2. ↑ Wayback Machine. October 26, 2017, accessed May 25, 2020 . 
3. ↑ "And if that is also in the political arena, then there will be tactics too". The Bruchhausen case study . In: Between two worlds? VS Verlag für Sozialwissenschaften, Wiesbaden, ISBN 978-3-531-16479-3 , p. 171-216 , doi : 10.1007 / 978-3-531-91421-3_8 . 
4. ↑ Hougham, Gareth .: Fluoropolymers 1 . Kluwer Academic / Plenum, 1999, ISBN 0-306-46918-9 ( worldcat.org [accessed May 25, 2020]). 
5. ^ The Whirlpool Hash Function. November 29, 2017, accessed May 25, 2020 . 
6. ^ The Whirlpool Hash Function. November 29, 2017, accessed May 25, 2020 . 
7. ^ The Whirlpool Hash Function. November 29, 2017, accessed May 25, 2020 . 
8. ↑ VeraCrypt - Free Open Source Disk Encryption with Strong Security for the Paranoid. Retrieved May 25, 2020 .