hashes
hashes copied to clipboard
RustCrypto
Missing hash functions
List of "would be nice to have" hash functions:
- [ ] BLAKE #46
- [ ] BLAKE2X (BLAKE2 XOF, previous issue: #83)
- [ ] BLAKE2sp and BLAKE2bp (previous issue: #31)
- [x] cSHAKE
- [ ] ParallelHash
- [x] FSB #256
- [x] Grøstl #10
- [x] JH #484
- [ ] HAS-160
- [x] KangarooTwelve #45
- [x] Kupyna #621
- [ ] MarsupilamiFourteen (section 5, also see XKCP/XKCP#54)
- [x] MD2 #7
- [ ] MD6
- [ ] Poseidon
- [ ] Poseidon2
- [x] RIPEMD-128
- [x] Skein #483
- [x] Tiger #229
- [ ] VSH
It can be changed based on discussion.
MD2 explanation General information from wikipedia
The first link has an example of an implementation in C of MD2. Overall the implementation is around 100 lines of code and hence should be doable for anyone that knows a bit of rust.
bcrypt is a password hashing function. Perhaps those deserve their own toplevel project, as they are functionally different from hash functions (among other things they are PRFs, not hash functions)
@lilianmoraru
There is already bcrypt crate, but it needs a bit of work before publishing. And as tarcieri mentioned, bcrypt is better to be placed in the different repo. I was thinking about RustCrypto/kdf and I was planning to work on it after I'll finish with block modes for block ciphers. (bcrypt depends on blowfish after all)
I think it's "close enough". Also wiki. Either I am open to suggestions, but I think it's better to continue this discussion in the IRC.
Edit: after discussion I think we will go with "password-hashing" instead of "kdf"
@newpavlov There is also this implementation and this one(which seems better but I'd switch it from trait IntoBcryptSetup to the yet nightly TryInto/TryFrom).
The second also has the 72 bytes limit on the password... I'd rather go with SHA512 + bcrypt(512 bit as input from SHA512) - that's why I also thought that bcrypt would be good in combination with these crates, otherwise you'd have to recommend any random SHA crate, without a specific example of correct usage.
+1 for KangarooTwelve, seems like a great option for hashing files very quickly for content addressable filesystem situations (e.g., git, backups, etc).
Of this list, KangarooTwelve is the only one I'm even remotely interested in.
Hi,
Are you interested in Shabal? I have an implementation that would be fully compatible with the library. (https://github.com/spebern/shabal-rs)
All the best
Current link for KangarooTwelve: https://keccak.team/kangarootwelve.html. (Old link redirects there.)
Sure. It seems like you could put it in the tiger crate (possibly feature-gated)
I would like to propose the hash algorithm Argon2 for inclusion in RustCrypto.
We have an Argon2 implementation here: https://github.com/RustCrypto/password-hashes/tree/master/argon2
We have an Argon2 implementation here: https://github.com/RustCrypto/password-hashes/tree/master/argon2
Oversaw it. Thanks for the link.
Is the blake3 crate something that should be moved here https://github.com/BLAKE3-team/BLAKE3? I know it does runtime cpu detection and calls out to hand-tuned asm so that may be a problem. But it does work fine without the asm and has a pure feature (which is for "testing only" at the moment) that disables any of the assembly.
If the BLAKE3 team is interested in doing that, we'd love to have it. But they may not want to.
They do implement traits from the crypto-mac and digest crates, which means they're otherwise "compatible" with the other RustCrypto crates.
I've published a PR for the implementation of the FSB hash function. Seems to work as expected compared to the reference implementation. It still does not have the testing framework in the rest of the crates, nor the quality standards (code style, optimisations, proper README and documentation), but I'd be happy to change that and maintain if you want to include this implementation in the crate.
I have implemented the RIPEMD-256 hash function based on the existing RIPEMD-320 in RustCrypto - https://github.com/gavadinov/ripemd256
I would love to get some feedback on it and possibly move it to this project :crossed_fingers:
Any chance we can get IFSB, RFSB, and S-FSB? Wikipedia indicates nothing about IFSB's performance, but states that S-FSB is 30 percent faster than FSB and that RFSB is 10x faster than FSB-256. I would implement these myself but I have no knowledge of cryptography -- or at least not the mathematics and such. :-(
I've implemented cSHAKE, and I have a few open questions before I can open a PR:
- Do we want to expose
Nto the user? I think not, because it's technically reserved for NIST to define new functions. - How do the tests work? Is it written anywhere how do I add new test vectors? (what's this "blob" serialization?)
EDIT: Should we open a Zulip stream for RustCrypto? or is there a Discord/Matrix channel somewhere that I can join to ask these kinds of questions?
@elichai
Do we want to expose N to the user?
I think we can start without it and potentially expose it later if someone will request it.
How do the tests work? Is it written anywhere how do I add new test vectors? (what's this "blob" serialization?)
The format is described in the blobby crate docs. You can convert hex-encoded files into the blobby format using utility in examples/convert.rs. Input file should contain pairs of input data and resulting hash separated by new lines:
input data 1
hash for data 1
input data 2
hash for data 2
You can create PR with several test vectors and I can convert the rest for you.
Should we open a Zulip stream for RustCrypto?
We already have Zulip (note README badges): https://rustcrypto.zulipchat.com/
