Implementation of Kangaroo Twelve in Go posted June 2017
I've released an implementation of KangarooTwelve in Go
It is heavily based on the official Go's x/crypto/sha3 library. But because of minor implementation details the relevant files have been copied and modified there so you do not need Go's SHA-3 implementation to run this package. Hopefully one day Go's SHA-3 library will be more flexible to allow other keccak construction to rely on it.
I have tested this implementation with different test vectors and it works fine. Note that it has not received proper peer review. If you look at the code and find issues (or not) please let me know!
See here why you should use KangarooTwelve instead of SHA-3. But see here first why you should still not skip SHA-3.
This implementation does not yet make use of SIMD to parallelize the implementation. But we can already see improvements due to the smaller number of rounds:
100 bytes | 1000 bytes | 10,000 bytes | |
K12 | 761 ns/op | 1875 ns/op | 15399 ns/op |
SHA3 | 854 ns/op | 3962 ns/op | 34293 ns/op |
SHAKE128 | 668 ns/op | 2853 ns/op | 29661 ns/op |
This was done with a very simple bench script on my 2 year-old macbook pro.
Comments
Don
Question: if you were to use plain English to explain how BLAKE2 and K12 (and maybe compare that with SHA2, Skein and others) are implemented, which one would be easier to explain? Maybe this could explain why K12 is so rarely used?
david
I think:
* sponges are easier to understand in general
* SHA-3 specifically is a mess of a standard, and so not straight forward to implement imo (see my other blog about this)
* K12 is a bit more complicated than SHA-3, but also very new, so it's hard to compare to BLAKE2. It's currently being standardized.
Don
What if we have a rule that requires you to explain the whole of BLAKE2b vs SHA-512 or BLAKE2s vs SHA-256 (including all function and logic) using plain English, or explain it to a teenager that is easy to understand. Which one would require more words?
Don
*SHA3-256 and SHA3-512 not SHA-256 and SHA-512
Don
This is one of the way we try and explain things... https://www.youtube.com/watch?v=2p_8gx-XHJo (but of course top 1000 words are hard to deal with so this challenge would be 8th grade level)
david
I think the design of SHA-3 is easier to understand in 1000 words. Just explain what a permutation is, and then explain a sponge, and voila.
leave a comment...