[cryptography] New analysis results for Skein

Steven Bellovin smb at cs.columbia.edu
Fri Dec 10 07:02:40 EST 2010

On Dec 9, 2010, at 10:45 54PM, Peter Gutmann wrote:

> * Skein is soft and succumbs to brute force 
> * Skein has been successfully linearized 
> * Skein has clear output patterns 
> * Skein is easily distinguishable from a random oracle
> http://eprint.iacr.org/2010/623
Despite that, it was selected as one of the five finalists; the other four are BLAKE, JH, Keccak, and Grøstl.  Security was the main concern; algorithms were ruled out if they hadn't received enough analysis.  Algorithms with round structures were favored, because the number of rounds could be increased.  Performance across a very wide range of platforms was also important.  NIST has promised a detailed report in the near future.  (This is taken from an email sent yesterday by Bill BUrr; I found an unofficial copy at http://www.reddit.com/r/crypto/comments/ej7m2/sha3_finalists ; the official archive requires a password.)

		--Steve Bellovin, http://www.cs.columbia.edu/~smb

More information about the cryptography mailing list