search

DaGenix / rust-crypto

A (mostly) pure-Rust implementation of various cryptographic algorithms.
Apache License 2.0
1.39k stars 297 forks source link

Include a kaccak implementation? #10

Closed dcrewi closed 8 years ago

dcrewi commented 10 years ago

Someone ported the kaccak reference implementation to rust. Since it is the winner for SHA-3, it might be within the scope of the project to include an implementation in rust-crypto (even if it's not that implementation)?

DaGenix commented 10 years ago

Sha3 would definitely be a good fit. However, as far as I understand it, although Keccak won the competition, the actual official standardization of Sha3 hasn't happened quite yet and isn't expected to be final until sometime in Q2 of 2014. I read something in August about NIST considering some tweaks to Keccak before standardization, so, the final Sha3 might be a little different than Keccak as it exists today. So, I think it would probably be best to wait until Sha3 is official standardized before adding it.

omasanori commented 10 years ago

FYI, a draft of FIPS 202, SHA-3 standard (yes, it's a draft) was published on May 28, 2014. Comments will be accepted until August 26, 2014.

DaGenix commented 10 years ago

I'd love to merge implementations of any crypto function that is in general use. What I want to avoid is rust-crypto gaining algorithms that aren't really being used anywhere else. I'm sure that SHA-3 will gain traction, so, I'd be excited to merge an implementation of it. I'm just a bit wary of merging anything until SHA-3 is fully standardized since the non-standard Keccak algorithm doesn't seem to have gotten significant adoption, although I could be wrong since I haven't researched it too much.Thanks for the update and sorry for the belated response!

omasanori commented 10 years ago

Definitely. We should not implement the algorithm in the draft of FIPS 202 as the official SHA-3, just as we should not do Keccak so. AFAIK, the outputs of the algorithm is actually different from ones of Keccak submitted to the NIST hash function competition. See the examples for details.

ebfe commented 10 years ago

The core algorithm hasn't changed between Keccak and Sha3. The output differences are due to the 2 extra bits (the "domain separator") Sha3 inserts between the message and the padding.

omasanori commented 10 years ago

@ebfe Thank you for letting me know!

calvinmetcalf commented 9 years ago

sha3 and shake are subsets of keccak so a generic one could be written that is used to impliment the 6 versions from sha3 (4 drop in replacements for sha2 and then the 2 shake functions)

sciyoshi commented 8 years ago

I've taken a Rust implementation of SHA-3 (FIPS 202) by Sébastien Martini and updated it to work with the latest versions of Rust. See #346 @DaGenix