Whirlpool (algorithm)
Whirlpool | |
---|---|
developer | Vincent Rijmen and Paulo SLM Barreto |
Released | 2003 (latest version) |
Derived from | AES |
Certification | NESSIE |
Length of the hash value (bit) | 512 |
construction | Merkle Damgård construction |
Round | 10 |
Best known cryptanalysis | |
Collision with rebound attack by Mendel et al. on 4.5 rounds with a time complexity of 2 120 and a space complexity of 2 16 |
Whirlpool is a cryptological hash function designed by Vincent Rijmen and Paulo SLM Barreto . It was named after the Whirlpool galaxy in the constellation of the hounds .
Whirlpool works with files up to 2 256 bits in size and outputs a hash value of 512 bits. So far, there are no known weaknesses in the algorithm, but this has to be put into perspective, as it has so far been little investigated.
The authors stated that Whirlpool is and never will be patented . Whirlpool can be used free of charge for any purpose. The reference implementation is in the public domain .
Whirlpool is one of the cryptographic algorithms recommended by the NESSIE project and has been standardized by ISO with ISO / IEC 10118-3: 2004.
Functions
Whirlpool was developed according to the Square block cipher and can be counted to this family of block cipher functions.
Whirlpool is a Miyaguchi Preneel construction which is based on the substantially modified Advanced Encryption Standard .
Whirlpool takes a message of any length less than 2 256 bits and returns a 512 bit.
The developers stated:
"Whirlpool is not patented (and never will be). The cipher can be used for anything free of charge"
Versions
The original cipher was published under the name Whirlpool-0 . The first revision of Whirlpool was called Whirlpool-T and the newest version was Whirlpool in the following test vectors.
- In the first revision in 2001, the S-Box was changed from a randomly generated one with good cryptographic properties to one with better cryptographic properties, whereby the implementation in the hardware was also simplified.
- In the second revision in 2003, a bug in the diffusion matrix, which reduced the security of the algorithm, was corrected by changing the rotating 8x8 matrix constants from (1, 1, 3, 1, 5, 8, 9, 5) to (1, 1, 4, 1, 8, 5, 2, 9) have been changed.
structure
The Whirlpool hash function is a Merkle – Damgård construction which is based on the AES -like block cipher W in Miyaguchi – Preneel style.
The block cipher W consists of a static 8x8 matrix of bytes with a total of 512 bits.
The encryption process involves renewing the state of four round functions over 10 rounds. The four round functions are SubBytes (SB), ShiftColumns (SC), MixRows (MR) and AddRoundKey (AK). During each round, a new state is generated as: .
SubBytes
The SubBytes operation uses a non-linear permutation independent of each byte of the state. The 8-bit S-box consists of three smaller 4-bit S-boxes.
ShiftColumns
The ShiftColumns operation cyclically shifts each byte into a new line of the status. Line j shifts its bytes down to j positions.
MixRows
The MixRows operation is a multiplication of each row by an 8x8 matrix across . The matrix is chosen so that the branch number is 9, which is the maximum.
AddRoundKey
The AddRoundKey operation uses bitwise XOR to add a key calculated by the key schedule of the current state. The key schedule is identical to the encryption itself, except that the AddRoundKey function is replaced by the AddRoundConstant function, which adds a predetermined constant every round.
Implementation
The developers provide a reference implementation of the Whirlpool algorithm, which includes a version in C and Java . These reference implementations have been released to the public.
use
Two of the greatest pioneers of cryptographic programs, FreeOTFE and TrueCrypt, implemented Whirlpool in 2005.
VeraCrypt (a descendant of TrueCrypt ) supports Whirlpool (the latest version) as a hash algorithm.
Web links
- Official website (English)
Individual evidence
- ↑ Florian Mendel, Christian Rechberger, Martin Schläffer, Søren S. Thomsen: The Rebound Attack: Cryptanalysis of Reduced Whirlpool and Grøstl . In: Fast Software Encryption Volume 5665. Springer Berlin Heidelberg 2009, pp. 260-276. ISBN 978-3-642-03316-2
- ↑ Wayback Machine. October 26, 2017, accessed May 25, 2020 .
- ↑ "And if that is also in the political arena, then there will be tactics too". The Bruchhausen case study . In: Between two worlds? VS Verlag für Sozialwissenschaften, Wiesbaden, ISBN 978-3-531-16479-3 , p. 171-216 , doi : 10.1007 / 978-3-531-91421-3_8 .
- ↑ Hougham, Gareth .: Fluoropolymers 1 . Kluwer Academic / Plenum, 1999, ISBN 0-306-46918-9 ( worldcat.org [accessed May 25, 2020]).
- ^ The Whirlpool Hash Function. November 29, 2017, accessed May 25, 2020 .
- ^ The Whirlpool Hash Function. November 29, 2017, accessed May 25, 2020 .
- ^ The Whirlpool Hash Function. November 29, 2017, accessed May 25, 2020 .
- ↑ VeraCrypt - Free Open Source Disk Encryption with Strong Security for the Paranoid. Retrieved May 25, 2020 .