World Library  
Flag as Inappropriate
Email this Article

Skein (hash function)

Article Id: WHEBN0020007592
Reproduction Date:

Title: Skein (hash function)  
Author: World Heritage Encyclopedia
Language: English
Subject: NIST hash function competition, Rotational cryptanalysis, Rebound attack, Niels Ferguson, SIMD (hash function)
Publisher: World Heritage Encyclopedia

Skein (hash function)

Threefish word permutation
Designers Bruce Schneier, Niels Ferguson
Derived from Threefish
Certification SHA-3 finalist
Digest sizes arbitrary
Rounds 72 (256 & 512 block size), 80 (1024 block size)
Speed 6.1 cpb on Core 2.[1]

Skein is a cryptographic hash function and one of five finalists in the NIST hash function competition. Entered as a candidate to become the SHA-3 standard, the successor of SHA-1 and SHA-2, it ultimately lost to NIST hash candidate Keccak.[2]

The name Skein refers to how the Skein function intertwines the input, similar to a skein of yarn.[1]


Skein was created by Bruce Schneier, Niels Ferguson, Stefan Lucks, Doug Whiting, Mihir Bellare, Tadayoshi Kohno, Jon Callas and Jesse Walker.

Skein is based on the Threefish tweakable block cipher compressed using Unique Block Iteration (UBI) chaining mode while leveraging an optional low-overhead argument-system for flexibility.


Skein supports internal state sizes of 256, 512 and 1024 bits, and arbitrary output sizes.[3]

The authors claim 6.1 cycles per byte for any output size on an Intel Core 2 Duo in 64-bit mode.[4]

The core of Threefish is based on a MIX function that transforms 2 64-bit words using a single addition, rotation by a constant and XOR. The UBI chaining mode combines an input chaining value with an arbitrary length input string and produces a fixed size output.

Threefish's nonlinearity comes entirely from the combination of addition operations and exclusive-ORs; it does not use S-boxes. The function is optimized for 64-bit processors, and the Skein paper defines optional features such as randomized hashing, parallelizable tree hashing, a stream cipher, personalization, and a key derivation function.


In October 2010, an attack that combines rotational cryptanalysis with the rebound attack was published. The attack finds rotational collisions for 53 of 72 rounds in Threefish-256, and 57 of 72 rounds in Threefish-512. It also affects the Skein hash function.[5] This is a follow-up to the earlier attack published in February, which breaks 39 and 42 rounds respectively.[6]

The Skein team tweaked the key schedule constant for round 3 of the NIST hash function competition, to make this attack less effective, even though they believe the hash would be secure even without these tweaks.[1]


  1. ^ a b c Ferguson et al. (2010-10-01). "The Skein Hash Function Family". 
  2. ^ "NIST Selects Winner of Secure Hash Algorithm (SHA-3) Competition".  
  3. ^ "Now From Bruce Schneier, the Skein Hash Function".  
  4. ^ Paper describing the hash function, Version 1.3 (2010-10-01)
  5. ^ Dmitry Khovratovich, Ivica Nikolic, Christian Rechberger (2010-10-20). "Rotational Rebound Attacks on Reduced Skein". 
  6. ^ Dmitry Khovratovich and Ivica Nikolić (2010). "Rotational Cryptanalysis of ARX". University of Luxembourg. 

External links

  • Official Skein website
  • Bruce Schneier's Skein webpage


  • SPARKSkein - an implementation of Skein in SPARK, with proofs of type-safety
  • Botan contains a C++ implementation of Skein-512
  • nskein - A .NET implementation of Skein with support for all block sizes
  • Skein module for Python
  • Digest::Skein, an implementation in C and Perl
  • A C# implementation of Skein and Threefish (based on version 1.3)
  • Java, Scala, and Javascript implementations of Skein 512-512 (based on version 1.3)
  • A Java implementation of Skein (based on version 1.1)
  • An implementation of Skein in Ada
  • Skein hash function for Erlang, via NIFs
  • Skein 512-512 implemented in Bash
  • Skein implemented in Haskell
  • VHDL source code developed by the Cryptographic Engineering Research Group (CERG) at George Mason University
  • Skein implemented in Ruby
  • An efficient implementation of Skein-256 for 8-bit Atmel AVR microcontrollers, meeting the performance estimates outlined in the official specification
This article was sourced from Creative Commons Attribution-ShareAlike License; additional terms may apply. World Heritage Encyclopedia content is assembled from numerous content providers, Open Access Publishing, and in compliance with The Fair Access to Science and Technology Research Act (FASTR), Wikimedia Foundation, Inc., Public Library of Science, The Encyclopedia of Life, Open Book Publishers (OBP), PubMed, U.S. National Library of Medicine, National Center for Biotechnology Information, U.S. National Library of Medicine, National Institutes of Health (NIH), U.S. Department of Health & Human Services, and, which sources content from all federal, state, local, tribal, and territorial government publication portals (.gov, .mil, .edu). Funding for and content contributors is made possible from the U.S. Congress, E-Government Act of 2002.
Crowd sourced content that is contributed to World Heritage Encyclopedia is peer reviewed and edited by our editorial staff to ensure quality scholarly research articles.
By using this site, you agree to the Terms of Use and Privacy Policy. World Heritage Encyclopedia™ is a registered trademark of the World Public Library Association, a non-profit organization.

Copyright © World Library Foundation. All rights reserved. eBooks from Project Gutenberg are sponsored by the World Library Foundation,
a 501c(4) Member's Support Non-Profit Organization, and is NOT affiliated with any governmental agency or department.