Slashdot Mirror

← Back to Stories (view on slashdot.org)

Now From Bruce Schneier, the Skein Hash Function

Posted by timothy on from the renaissance-man dept.

An anonymous reader writes "Bruce Schneier and company have created a new hash function called Skein. From his blog entry: 'NIST is holding a competition to replace the SHA family of hash functions, which have been increasingly under attack. (I wrote about an early NIST hash workshop here.) Skein is our submission (myself and seven others: Niels Ferguson, Stefan Lucks, Doug Whiting, Mihir Bellare, Tadayoshi Kohno, Jon Callas, and Jesse Walker). Here's the paper."

19 of 139 comments (clear)

  1. Good to see Bruce back by CRCulver · · Score: 5, Funny

    I had long feared that the skilled cryptographer Bruce Schneier, author of Applied Cryptography , had been utterly replaced by Bruce Schneier the security consultant who peddles his wares in all of his recent lightweight publications. It's nice to see the cryptographer return.

    1. Re:Good to see Bruce back by ObsessiveMathsFreak · · Score: 5, Interesting

      Would you prefer that he had remained a quiet researcher for the last decade? Would the world be better off if he had?

      We've all seen the Schneier-Norris jokes, and it is true that he is something of a celebrity in cryptography and computer science circles. But does becoming a celebrity through making the effort to educate the public about your field automatically cheapen your worth as a scientist or researcher? Does it reduce the worth of the message?

      Celebrity has become a smear word, but smearing all celebrities reveals only our own inability to recognize true expertise and talent.

      --
      May the Maths Be with you!
  2. Time to get glasses by smooth+wombat · · Score: 4, Funny

    Read the title as "Skin Hash Function". For a moment, wasn't sure if this was a SFW article.

    --
    We will bankrupt ourselves in the vain search for absolute security. -- Dwight D. Eisenhower
    1. Re:Time to get glasses by gardyloo · · Score: 4, Funny

      Of course! Or it gets the hose again.

  3. From the fpdf by Bonker · · Score: 4, Informative

    http://www.schneier.com/skein.html

    --
    The next Slashdot story will be ready soon, but subscribers can beat the rush and slashdot the links early!
  4. Hax by mfh · · Score: 5, Interesting

    I love hearing about new functions, but the fundamental growth of the security industry has me concerned for the well-being of my cat -- HR director for a large corporation that shall remain nameless (although they dabble in web security). The growth of industry standards like SHA, typically stimulates additional growth in other market-based drives for change, and this is all pioneered by an industry that brought us the y2k bug, which was a total success. We made millions and did so in an unapologetic fashion. Keep em coming!

    Summary: I want more money, so keep hacking and we'll keep thinking up ways to protect people from ourselves.

    --
    The dangers of knowledge trigger emotional distress in human beings.
    1. Re:Hax by The+Clockwork+Troll · · Score: 5, Funny

      Did you know your uid is a prime number when interpreted in base 7 or 11?

      How do you sleep at night?

      --

      There are no karma whores, only moderation johns
  5. A likely story by Anonymous Coward · · Score: 5, Funny

    How do we know he's not just spinning a good yarn here?

    1. Re:A likely story by apathy+maybe · · Score: 4, Informative

      For those who didn't know and can't be bothered to even skim the PDF, the first footnote says:

      A âoeskeinââ"pronounced \sk Ìn\ and rhymes with âoerainââ"is a loosely coiled length of yarn or thread wound on reel.

      Of course, the copy and paste doesn't quite do it justice.

      (I blame Slashcode.)

      --
      I wank in the shower.
  6. Bruce should go to Washington by multiOSfreak · · Score: 4, Insightful

    Bruce is the friggin' man. He ought to get some kind of advisory role in the next administration. I think his views on security in general would help straighten out a lot of FUD...assuming that anyone in Washington would actually listen to him, that is. :)

    --
    Transistors and Beer!!
  7. Re:What the hell is Threefish by TorKlingberg · · Score: 5, Informative

    Threefish is the name of the block cipher part of Skein.

  8. Sounds good, but MD5 et al. still have a place by apathy+maybe · · Score: 5, Informative

    Disclaimer: I'm not a cryptographer, and I'm not a professional (anything). This post is based on my understanding, which may be wrong. Corrections accepted and welcomed.

    Yes, MD5 is broken. Given a specific dataset with a specific MD5 hash, you can create another dataset with the same hash in minimal time (a few minutes on a modern computer).

    You should thus not use MD5 to authenticate documents and other data as being "not-tampered with". As a checksum algorithm, it should not be used.

    However, this is not the only use for hash functions. Hash functions are also used to obscure passwords. "Wait", I hear you say, "what about rainbow tables?". Wikipedia says (from the link above)

    Recently, a number of projects have created MD5 "rainbow tables" which are easily accessible online, and can be used to reverse many MD5 hashes into strings that collide with the original input, usually for the purposes of password cracking. However, if passwords are combined with a salt before the MD5 digest is generated, rainbow tables become much less useful.

    That's right folks, if you know what you are doing, you can still use MD5.

    Basically, you have to salt your passwords before storing them in the DB (in case the DB gets broken into), send the original salt, and another (random) salt along with the login page, make sure that everyone hashes in the correct order and compare. Simplified, but I'm sure you're all intelligent enough to find what I'm talking about.

    VoilÃ, a safe method of using MD5. (As far as I know, there is still no way to convert an MD5 hash back into the original text, or even a possible original text without using a Rainbow table.)

    -----

    That said, new hashing methods are always welcome. Especially when it comes to things like checksums. (I can't believe some websites still relay on MD5...)

    --
    I wank in the shower.
    1. Re:Sounds good, but MD5 et al. still have a place by tangent3 · · Score: 5, Informative

      Yes, MD5 [wikipedia.org] is broken. Given a specific dataset with a specific MD5 hash, you can create another dataset with the same hash in minimal time (a few minutes on a modern computer).

      Wrong.
      The MD5 attacks demonstrated are collision attacks - attacks where you generate two datasets that hash to the same MD5 hash.

      What you are describing is a Preimage attack. Finding a dataset that has the same MD5 hash to an existing dataset is a different attack which is many orders of magnitude harder than collision attack, and AFAIK, has so far not been demonstrated yet for MD5.

    2. Re:Sounds good, but MD5 et al. still have a place by Lord+Ender · · Score: 4, Funny

      Given a specific dataset with a specific MD5 hash, you can create another dataset with the same hash in minimal time (a few minutes on a modern computer).

      That isn't even remotely true. MD5 has been demonstrated to be easier to break than advertised, therefore it is wise to use better hashes. But when I say "better than advertised" I'm saying defeating a good hash is about as easy as any of us getting Angelina Jolie in the sack; but someone has discovered a trick that makes defeating MD5 about as easy as bagging Paris Hilton. For all practical purposes, none of us will achieve either, but Paris is still no Angelina Jolie...

      --
      A slashdotter who didn't build his own computer is like a Jedi who didn't build his own lightsaber.
  9. Re:What the hell is Threefish by dnwq · · Score: 5, Informative
    Schneier, responding to 'shadowfirebird's comment on his blog:

    "Sooner or later some dumb ass is going to ask why Skein is based on Threefish, which was (apparently, according to the intertubes) broken." Threefish can't possibly be broken yet; we only just announced it yesterday. No one knew of its existence before then. I think your intertubes are clogged.

  10. Re:What the hell is Threefish by andrewd18 · · Score: 4, Funny

    Personally, I'm waiting for the cypher built on Onefish, Twofish, Redfish, and Bluefish.

  11. Re:What the hell is Threefish by Mister+Whirly · · Score: 4, Funny

    or what about Redfish and Bluefish?

    --
    "But this one goes to 11!"
  12. Quick trick function stack by TiggertheMad · · Score: 5, Funny

    Personally, I'm waiting for the cypher built on Onefish, Twofish, Redfish, and Bluefish.

    I do not like it encrypting my stocks,
    I do not like it securing my box,
    I do not like it, sam-I-am.

    --

    HA! I just wasted some of your bandwidth with a frivolous sig!
  13. Bruce Schneier Facts by brunes69 · · Score: 4, Funny

    There are no finite state machines. There are only a series of states that Bruce Schneier allows to exist.

    Bruce Schneier can tell you where to find your GPG key into the digits of PI.

    Bruce Schneier owns a chicken that lays scrambled eggs. Whenever he wants a hard-boiled egg, he just unscrambles one.

    SHA = "Schneier has access" SHA2 = "Schneier has access - and a spare too"

    When transmitted over any socket, Bruce Schneier's public key causes libpcap to enter an infinite malloc loop.

    Bruce Schneier knows Alice and Bob's shared secret.

    Bruce Schneier's secure handshake is so strong, you won't be able to exchange keys with anyone else for days.

    Bruce Schneier knows the state of schroedinger's cat

    When Bruce Schneier observes a quantum particle, it remains in the same state until he has finished observing it.

    Bruce Schneier once decrypted a box of AlphaBits.

    http://geekz.co.uk/schneierfacts/