Christmas Wish: Retrofitting Disco to other sponge constructions

[DonaldTsang]

Dear Santa,

I am a very good boy, and I don't like 3D array based sponge functions that much. Can I have a 2D array based cryptographic library? NORX already exists so I want that.

• Go https://github.com/Daeinar/norx-go
• JS https://github.com/kaepora/norx.js
• Python https://github.com/Daeinar/norx-py
• Python + NumPy https://github.com/therealmik/norxpy
• C https://github.com/ctz/cifra
• Java https://github.com/c-rack/norx-java
• Ruby https://github.com/gazay/norxrb

Please I would like this Rave abstraction for experimentation.

Love, D

(For serious though, Disco's model can be used to fit ANY sufficiently sized sponge function, maybe Fugue or Luffa for SHA3 candidates? pi-cipher or ICEPOLE for CAESAR parallelization candidates? Ascon or PRIMATEs or STRIBOB for non parallelization candidates? SPONGENT or PHOTON or QUARK for a more modern twist?)

[mimoo]

haha, isn't this more of a request for strobe than disco :) ?

on the other hand, there is now xoodyak to replace strobe as well.

[DonaldTsang]

@mimoo it is more of a strobe + noise thing to work in unison. xoodyak is cool but the more experimental (but well cited) sponges the better. Team Keccak are meanies...

[mimoo]

Disco should actually be permutation oblivious. I think there's interesting work in making Strobe compatible with any permutation you want, the first place I would start would be naming (since Strobe's naming doesn't include the name of the permutation).

Unfortunately I don't really have the cycles currently, but I can help if you want to drive this :)

[DonaldTsang]

@mimoo in that case my Christmas wish can be fulfilled in https://github.com/mimoo/StrobeGo or https://github.com/mimoo/disco-c ? Also a naming scheme change would be sweet since the more variation means more freedom, maybe call it blink as a superset of strobe?

P.S. take a look at these https://www.researchgate.net/figure/Hardware-performance-of-the-spongent-family-and-comparison-with-state-of-the-art_tbl1_221291933 https://www.researchgate.net/figure/Shows-All-Sponge-Function-Hashes-Regardless-Its-Construction-and-Cipher-Mode_tbl1_323705182

[mimoo]

that would be https://github.com/mimoo/StrobeGo for the Go implementation (which this repository makes use of), but there would be some work to be done on the protocol specification itself.

I think the outcome of NIST's LWC thingy will probably influence the direction of disco/strobe : o