search

RustCrypto / hashes

Collection of cryptographic hash functions written in pure Rust
1.81k stars 245 forks source link

Draft: Add MarsupilamiFourteen (m14) #475

Closed aewag closed 1 year ago

aewag commented 1 year ago

This is a draft to add the MarsupilamiFourteen hash function (related issue #1). As m14 is a variant of KangarooTwelve, the implementation can reuse parts of the k12 crate. (Ignore the first commit as it is part of the open PR #353)

Therefore, the k12 crate is modified to export a macro to generate the hasher. Further is the sha3 crate changed to expose a more low-level, but "hazmat", API. Shall this gated behind a "hazmat" feature?

~I didnot find yet any test vectors, therefore tests are currently missing, but will be added.~

gvanas commented 1 year ago

Of course, nothing prevents you from adding M14 to RustCrypto. But as written here, I would have a 256-bit secure function, similar to K12, that calls TurboSHAKE256 instead of TurboSHAKE128. Given the status on cryptanalysis, I don't see the need for the 14 rounds anymore; having 12 rounds everywhere just seems simpler and cleaner.

aewag commented 1 year ago

Of course, nothing prevents you from adding M14 to RustCrypto. But as written here, I would have a 256-bit secure function, similar to K12, that calls TurboSHAKE256 instead of TurboSHAKE128. Given the status on cryptanalysis, I don't see the need for the 14 rounds anymore; having 12 rounds everywhere just seems simpler and cleaner.

That definitely simplifies the implementation. I will therefore close this PR and better integrate a k12-256 or similar to the k12 crate.