Next generation cryptographic hash algorithm from Sony

By Koushik Saha on 16.12.08

Filed Under: , ,

Sony has developed a new secure and efficient cryptographic hash algorithm in cooperation with Tetsu Iwata, Associate Professor, Nagoya University, which has been considered as a candidate hash function for the future digital signatures and other security measures used in consumer electronics products.

Called "AURORA", the hash algorithm maintains high security levels while providing both efficient software and hardware implementation capabilities, according to Sony. Sony and Nagoya University have submitted "AURORA" for consideration in the "SHA-3 competition", a selection process for next generation cryptographic hash functions overseen by the National Institute of Standards and Technology (NIST).

In recent years, the rapid advancement of cryptanalytic technologies such as SHA-1 and MD5, capable of deciphering cryptographic hash functions, have increased the requirement for new types of hash functions that feature the properties to withstand this progress. SHA-1 is a cryptographic hash algorithm developed by NIST, contained in the FIPS 180-2 standard. SHA-1 is well-known and widely used in many secure systems. MD5 is alsoa cryptographic hash function that had been widely used before the development of SHA-1. Recently, the vulnerability of both algorithms has been highlighted.

"AURORA" is a highly efficient cryptographic hash algorithm uses Sony's expertise accumulated thought the development of its secure and efficient block cipher, "CLEFIA?" developed by Sony in 2007. "AURORA" is designed to combine secure compression functions and advanced domain extension capabilities, with it's compression functions achieving advanced levels of security by connecting multiple functions to offer a broad mix of data. Furthermore, "AURORA" is suitable for use in various types of applications due to its repetitive structure and byte-oriented component design. "AURORA"'s domain extensions effectively connect underlying compression functions to each other to extend the applicable length of input messages and output values, realizing security levels capable of withstanding many cryptanalytic techniques.

When implemented in software, "AURORA-256" (the output length of which is 256-bit) achieves fastest speeds of 15.4 cycles/byte, while "AURORA-512" (the output length of which is 512-bit) achieves 27.4 cycles/byte, according to performance measurements.

When implemented in hardware using a 0.13?m CMOS standard cell library, "AURORA-256" achieves a smallest gate size of just 11.1K/2.2Gbps, making it highly suitable for use in mobile devices, and a maximum throughput of 35.0Kgates/10.4 Gbps, ideal for servers. Meanwhile, "AURORA-512" achieves a smallest gate size of just 14.6K/1.2Gbps and maximum throughput of 56.7gates/9.1 Gbps.

Sony claims that even when compared against key hash functions such as SHA-2 - a cryptographic hash algorithm developed by NIST based on the SHA-1 - the "AURORA" range is able to deliver highly secure hash functions across a wide range of implementations, without loss of performance on many types of platforms.

NIST invited entries to a competition for the selection of next generation secure hash functions with output lengths of 224-bit, 256-bit, 384-bit and 512-bits, and "AURORA" has been approved as an official candidate for this competition. Going forward, technological aspects of "AURORA" such as security and performance will be evaluated and compared under the same conditions as other selected candidates. NIST has accepted 51 candidate algorithms as "proper and complete" among the 64 submitted for the SHA-3 contest. All of them will be compared and evaluated under equal conditions. After this public evaluation process, in 2012 NIST will select the most suitable algorithm or algorithms as new algorithm standards, to be known as "SHA-3".

0 comments for this post