mbedtls icon indicating copy to clipboard operation
mbedtls copied to clipboard
verified publisher icon Mbed-TLS

Whether keccak-256 is supported

Open meixi1203 opened this issue 5 years ago • 4 comments

Note: This is just a template, so feel free to use/remove the unnecessary things

Description

  • Type: Bug | Enhancement\Feature Request | Question
  • Priority: Blocker | Major | Minor

Bug

OS
Mbed OS|linux|windows|

mbed TLS build:
Version: x.x.x or git commit id
OS version: x.x.x
Configuration: please attach config.h file where possible
Compiler and options (if you used a pre-built binary, please indicate how you obtained it):
Additional environment information:

Peer device TLS stack and version
OpenSSL|GnuTls|Chrome|NSS(Firefox)|SecureChannel (IIS/Internet Explorer/Edge)|Other
Version:

Expected behavior

Actual behavior

Steps to reproduce

Enhancement\Feature Request

Justification - why does the library need this feature?

Suggested enhancement

Question

Please first check for answers in the Mbed TLS knowledge Base, and preferably file an issue in the Mbed TLS support forum

meixi1203 avatar Mar 03 '20 04:03 meixi1203

We're planning to add support for SHA-3, SHAKE and cSHAKE (and subsequently KMAC), thanks to Daniel King's contribution. It's been a long time (with several aborted attempts) but I personally hope we can finally get it in in 2020.

We currently have no plans to expose the original Keccak function without the NIST padding schemes. I'm a bit surprised to see a request for it after SHA-3 has been standardized. Why do you need it?

gilles-peskine-arm avatar Mar 04 '20 16:03 gilles-peskine-arm

This is not an urgent ticket, but I definitely foresee us adding more crypto libraries. mbedTLS is pretty old-school, and we'd need more libraries to support new cryptography used in crypto/blockchain.

yanofearth avatar Jul 05 '22 17:07 yanofearth

Hello! I just wanted to mention that this request is still relevant due to the increasing demand for "open" hardware wallets in the cryptocurrency world.

fastchain avatar Oct 01 '24 12:10 fastchain

Mbed TLS now supports SHA-3. It took longer than I would have liked, but we've had it since version 3.5.0.

We're planning to add KMAC and SHAKE, probably cSHAKE as well, hopefully in 2025.

We still have no plans to expose Keccak itself. If you want some other Keccak-based mechanism, please let us know which one and where it's used. We'll likely support a Keccak-based AEAD once the standard crystallizes.. We'd add new mechanisms to the PSA crypto API. before (or at the same time) we add them in Mbed TLS.

gilles-peskine-arm avatar Oct 01 '24 12:10 gilles-peskine-arm

blockchain hardware wallets, there is a great need to support this feature.

zhang-wenchao avatar Dec 29 '24 07:12 zhang-wenchao

@zhang-wenchao What blockchain or wallet uses a nonstandard variant of Keccak?

gilles-peskine-arm avatar Jan 02 '25 12:01 gilles-peskine-arm

99% of wallets are using Keccak, that’s for sure, because they support Ethereum.

zhang-wenchao avatar Jan 03 '25 00:01 zhang-wenchao

Just a note - mbedtls/psa's lack of Keccak support represents a major missed opportunity in this trillion-dollar market.

zhang-wenchao avatar Jan 03 '25 00:01 zhang-wenchao