3个版本
| 0.1.2 | 2023年3月23日 |
|---|---|
| 0.1.1 | 2023年3月22日 |
| 0.1.0 | 2023年3月22日 |
#1048在密码学
38每月下载量
36KB
316 行
kangarootwelve
BlaKE12:12轮的极速KEccak
概述
袋鼠Twelve是一种快速且安全的任意输出长度的哈希函数,其性能优于FIPS 202中规定的哈希和可扩展输出函数(更多请参阅https://dx.doi.org/10.6028/NIST.FIPS.202)。袋鼠Twelve(又称K12或BlaKE12 - 更多请参阅https://blake12.org)建立在keccak-p[1600, 12]轮变换之上。具体来说,袋鼠Twelve可以建立在TurboSHAKE之上,TurboSHAKE是一系列可扩展输出函数,最近在https://ia.cr/2023/342中指定。袋鼠Twelve的海绵模式使用256位宽的容量,即它可以使用TurboSHAKE128作为底层构造。K12具有内置的并行哈希模式,适用于长(>=8KB)消息,可以由多核或SIMD指令有效利用。K12的另一项重要优势是其并行设计不会影响短(<8KB)消息的哈希性能。袋鼠Twelve在https://keccak.team/files/KangarooTwelve.pdf中指定。
在这里,我正在开发/维护一个Rust库,该库实现了袋鼠Twelve规范,因此它实现了非增量吸收API和任意次数挤压支持。在接下来的几周内,我计划支持增量哈希API,即可以构建一个K12哈希对象,任意多次吸收消息字节,然后使用定制字符串进行最终化,最后从海绵状态中挤压字节。请参阅以下示例,展示K12 XOF API的使用。
先决条件
Rust稳定工具链;有关安装指南,请参阅https://rustup.rs。
# When developing this library, I was using
$ rustc --version
rustc 1.68.0 (2c8cc3432 2023-03-06)
测试
为了确保袋鼠Twelve XOF实现的函数正确性,我使用来自https://datatracker.ietf.org/doc/draft-irtf-cfrg-kangarootwelve第4节(第9页)和附录A(第17页)的测试向量。运行测试用例的命令如下。
cargo test --lib # by default it's single-threaded
cargo test --lib --features multi_threaded
基准测试
使用以下命令对袋鼠Twelve可扩展输出函数(XOF)实现进行基准测试,输入大小不同,固定挤压输出大小(=32字节)。
RUSTFLAGS="-C opt-level=3 -C target-cpu=native" cargo bench # single-threaded absorption
RUSTFLAGS="-C opt-level=3 -C target-cpu=native" cargo bench --features multi_threaded # multi-threaded absorption
在Intel(R) Core(TM) i5-8279U CPU @ 2.40GHz(单线程)上
K12/1024/32 (cached) time: [1.5607 µs 1.5674 µs 1.5746 µs]
thrpt: [620.20 MiB/s 623.05 MiB/s 625.73 MiB/s]
Found 2 outliers among 100 measurements (2.00%)
2 (2.00%) low mild
K12/1024/32 (random) time: [1.6377 µs 1.6485 µs 1.6613 µs]
thrpt: [587.84 MiB/s 592.39 MiB/s 596.29 MiB/s]
Found 8 outliers among 100 measurements (8.00%)
7 (7.00%) high mild
1 (1.00%) high severe
K12/2048/32 (cached) time: [2.5271 µs 2.5323 µs 2.5378 µs]
thrpt: [769.61 MiB/s 771.29 MiB/s 772.86 MiB/s]
Found 6 outliers among 100 measurements (6.00%)
3 (3.00%) low mild
2 (2.00%) high mild
1 (1.00%) high severe
K12/2048/32 (random) time: [2.7143 µs 2.7763 µs 2.8618 µs]
thrpt: [682.49 MiB/s 703.51 MiB/s 719.57 MiB/s]
Found 6 outliers among 100 measurements (6.00%)
3 (3.00%) high mild
3 (3.00%) high severe
K12/4096/32 (cached) time: [4.5423 µs 4.5512 µs 4.5609 µs]
thrpt: [856.47 MiB/s 858.30 MiB/s 859.98 MiB/s]
Found 6 outliers among 100 measurements (6.00%)
4 (4.00%) high mild
2 (2.00%) high severe
K12/4096/32 (random) time: [4.8527 µs 4.9012 µs 4.9540 µs]
thrpt: [788.50 MiB/s 797.00 MiB/s 804.97 MiB/s]
Found 9 outliers among 100 measurements (9.00%)
9 (9.00%) high mild
K12/8192/32 (cached) time: [9.1117 µs 9.1528 µs 9.2036 µs]
thrpt: [848.86 MiB/s 853.56 MiB/s 857.41 MiB/s]
Found 6 outliers among 100 measurements (6.00%)
2 (2.00%) high mild
4 (4.00%) high severe
K12/8192/32 (random) time: [9.6723 µs 9.7596 µs 9.8542 µs]
thrpt: [792.81 MiB/s 800.49 MiB/s 807.72 MiB/s]
Found 12 outliers among 100 measurements (12.00%)
11 (11.00%) high mild
1 (1.00%) high severe
K12/16384/32 (cached) time: [18.295 µs 18.404 µs 18.524 µs]
thrpt: [843.51 MiB/s 849.01 MiB/s 854.07 MiB/s]
Found 7 outliers among 100 measurements (7.00%)
4 (4.00%) high mild
3 (3.00%) high severe
K12/16384/32 (random) time: [18.790 µs 18.964 µs 19.173 µs]
thrpt: [814.96 MiB/s 823.94 MiB/s 831.57 MiB/s]
Found 8 outliers among 100 measurements (8.00%)
6 (6.00%) high mild
2 (2.00%) high severe
K12/32768/32 (cached) time: [35.931 µs 36.051 µs 36.189 µs]
thrpt: [863.52 MiB/s 866.83 MiB/s 869.73 MiB/s]
Found 7 outliers among 100 measurements (7.00%)
3 (3.00%) high mild
4 (4.00%) high severe
K12/32768/32 (random) time: [37.553 µs 39.232 µs 42.030 µs]
thrpt: [743.52 MiB/s 796.54 MiB/s 832.15 MiB/s]
Found 8 outliers among 100 measurements (8.00%)
3 (3.00%) high mild
5 (5.00%) high severe
Benchmarking K12/1048576/32 (cached): Warming up for 3.0000 s
Warning: Unable to complete 100 samples in 5.0s. You may wish to increase target time to 5.9s, enable flat sampling, or reduce sample count to 60.
K12/1048576/32 (cached) time: [1.1502 ms 1.1557 ms 1.1621 ms]
thrpt: [860.54 MiB/s 865.31 MiB/s 869.43 MiB/s]
Found 11 outliers among 100 measurements (11.00%)
7 (7.00%) high mild
4 (4.00%) high severe
Benchmarking K12/1048576/32 (random): Warming up for 3.0000 s
Warning: Unable to complete 100 samples in 5.0s. You may wish to increase target time to 8.7s, enable flat sampling, or reduce sample count to 50.
K12/1048576/32 (random) time: [1.2591 ms 1.2692 ms 1.2807 ms]
thrpt: [780.81 MiB/s 787.88 MiB/s 794.22 MiB/s]
Found 9 outliers among 100 measurements (9.00%)
6 (6.00%) high mild
3 (3.00%) high severe
K12/2097152/32 (cached) time: [2.3188 ms 2.3336 ms 2.3496 ms]
thrpt: [851.21 MiB/s 857.05 MiB/s 862.53 MiB/s]
Found 11 outliers among 100 measurements (11.00%)
8 (8.00%) high mild
3 (3.00%) high severe
K12/2097152/32 (random) time: [2.5263 ms 2.5515 ms 2.5794 ms]
thrpt: [775.36 MiB/s 783.87 MiB/s 791.68 MiB/s]
Found 17 outliers among 100 measurements (17.00%)
2 (2.00%) high mild
15 (15.00%) high severe
K12/4194304/32 (cached) time: [4.6883 ms 4.7201 ms 4.7552 ms]
thrpt: [841.19 MiB/s 847.43 MiB/s 853.20 MiB/s]
Found 17 outliers among 100 measurements (17.00%)
13 (13.00%) high mild
4 (4.00%) high severe
K12/4194304/32 (random) time: [4.9172 ms 4.9354 ms 4.9555 ms]
thrpt: [807.18 MiB/s 810.46 MiB/s 813.46 MiB/s]
Found 4 outliers among 100 measurements (4.00%)
3 (3.00%) high mild
1 (1.00%) high severe
K12/8388608/32 (cached) time: [9.6927 ms 9.7635 ms 9.8413 ms]
thrpt: [812.90 MiB/s 819.38 MiB/s 825.36 MiB/s]
Found 15 outliers among 100 measurements (15.00%)
6 (6.00%) high mild
9 (9.00%) high severe
K12/8388608/32 (random) time: [10.085 ms 10.110 ms 10.136 ms]
thrpt: [789.28 MiB/s 791.32 MiB/s 793.23 MiB/s]
Found 7 outliers among 100 measurements (7.00%)
7 (7.00%) high mild
K12/16777216/32 (cached)
time: [19.412 ms 19.465 ms 19.524 ms]
thrpt: [819.51 MiB/s 821.99 MiB/s 824.23 MiB/s]
Found 6 outliers among 100 measurements (6.00%)
4 (4.00%) high mild
2 (2.00%) high severe
K12/16777216/32 (random)
time: [20.295 ms 20.372 ms 20.465 ms]
thrpt: [781.83 MiB/s 785.39 MiB/s 788.37 MiB/s]
Found 6 outliers among 100 measurements (6.00%)
2 (2.00%) high mild
4 (4.00%) high severe
K12/33554432/32 (cached)
time: [38.981 ms 39.092 ms 39.212 ms]
thrpt: [816.08 MiB/s 818.57 MiB/s 820.92 MiB/s]
Found 3 outliers among 100 measurements (3.00%)
2 (2.00%) high mild
1 (1.00%) high severe
K12/33554432/32 (random)
time: [40.963 ms 41.106 ms 41.270 ms]
thrpt: [775.38 MiB/s 778.48 MiB/s 781.19 MiB/s]
Found 2 outliers among 100 measurements (2.00%)
1 (1.00%) high mild
1 (1.00%) high severe
在Intel(R) Core(TM) i5-8279U CPU @ 2.40GHz(多线程)上
K12/1024/32 (cached) time: [1.5234 µs 1.5303 µs 1.5377 µs]
thrpt: [635.06 MiB/s 638.17 MiB/s 641.04 MiB/s]
Found 1 outliers among 100 measurements (1.00%)
1 (1.00%) high mild
K12/1024/32 (random) time: [1.7047 µs 1.7214 µs 1.7407 µs]
thrpt: [561.03 MiB/s 567.31 MiB/s 572.85 MiB/s]
Found 20 outliers among 100 measurements (20.00%)
5 (5.00%) low mild
6 (6.00%) high mild
9 (9.00%) high severe
K12/2048/32 (cached) time: [2.4866 µs 2.4927 µs 2.4994 µs]
thrpt: [781.45 MiB/s 783.53 MiB/s 785.47 MiB/s]
Found 1 outliers among 100 measurements (1.00%)
1 (1.00%) high mild
K12/2048/32 (random) time: [2.7111 µs 2.7326 µs 2.7558 µs]
thrpt: [708.72 MiB/s 714.76 MiB/s 720.42 MiB/s]
Found 12 outliers among 100 measurements (12.00%)
11 (11.00%) high mild
1 (1.00%) high severe
K12/4096/32 (cached) time: [4.4709 µs 4.4844 µs 4.4995 µs]
thrpt: [868.14 MiB/s 871.08 MiB/s 873.70 MiB/s]
Found 6 outliers among 100 measurements (6.00%)
4 (4.00%) high mild
2 (2.00%) high severe
K12/4096/32 (random) time: [4.9004 µs 4.9472 µs 4.9969 µs]
thrpt: [781.73 MiB/s 789.60 MiB/s 797.13 MiB/s]
Found 6 outliers among 100 measurements (6.00%)
5 (5.00%) high mild
1 (1.00%) high severe
K12/8192/32 (cached) time: [51.266 µs 53.230 µs 56.058 µs]
thrpt: [139.36 MiB/s 146.77 MiB/s 152.39 MiB/s]
Found 11 outliers among 100 measurements (11.00%)
4 (4.00%) high mild
7 (7.00%) high severe
K12/8192/32 (random) time: [52.633 µs 53.242 µs 53.895 µs]
thrpt: [144.96 MiB/s 146.74 MiB/s 148.43 MiB/s]
Found 7 outliers among 100 measurements (7.00%)
5 (5.00%) high mild
2 (2.00%) high severe
K12/16384/32 (cached) time: [65.168 µs 65.468 µs 65.911 µs]
thrpt: [237.06 MiB/s 238.67 MiB/s 239.76 MiB/s]
Found 8 outliers among 100 measurements (8.00%)
4 (4.00%) high mild
4 (4.00%) high severe
K12/16384/32 (random) time: [66.082 µs 66.230 µs 66.393 µs]
thrpt: [235.34 MiB/s 235.92 MiB/s 236.45 MiB/s]
Found 17 outliers among 100 measurements (17.00%)
1 (1.00%) low mild
8 (8.00%) high mild
8 (8.00%) high severe
K12/32768/32 (cached) time: [103.50 µs 103.99 µs 104.56 µs]
thrpt: [298.87 MiB/s 300.52 MiB/s 301.94 MiB/s]
Found 8 outliers among 100 measurements (8.00%)
3 (3.00%) high mild
5 (5.00%) high severe
K12/32768/32 (random) time: [104.99 µs 106.87 µs 109.35 µs]
thrpt: [285.78 MiB/s 292.41 MiB/s 297.65 MiB/s]
Found 13 outliers among 100 measurements (13.00%)
5 (5.00%) high mild
8 (8.00%) high severe
K12/1048576/32 (cached) time: [595.11 µs 600.65 µs 606.11 µs]
thrpt: [1.6112 GiB/s 1.6258 GiB/s 1.6410 GiB/s]
Found 3 outliers among 100 measurements (3.00%)
3 (3.00%) high mild
Benchmarking K12/1048576/32 (random): Warming up for 3.0000 s
Warning: Unable to complete 100 samples in 5.0s. You may wish to increase target time to 5.5s, enable flat sampling, or reduce sample count to 60.
K12/1048576/32 (random) time: [644.87 µs 652.94 µs 660.56 µs]
thrpt: [1.4784 GiB/s 1.4956 GiB/s 1.5144 GiB/s]
Found 3 outliers among 100 measurements (3.00%)
3 (3.00%) low mild
K12/2097152/32 (cached) time: [963.57 µs 970.18 µs 977.03 µs]
thrpt: [1.9990 GiB/s 2.0132 GiB/s 2.0270 GiB/s]
Found 2 outliers among 100 measurements (2.00%)
2 (2.00%) high mild
Benchmarking K12/2097152/32 (random): Warming up for 3.0000 s
Warning: Unable to complete 100 samples in 5.0s. You may wish to increase target time to 9.7s, enable flat sampling, or reduce sample count to 50.
K12/2097152/32 (random) time: [1.0573 ms 1.0669 ms 1.0769 ms]
thrpt: [1.8136 GiB/s 1.8306 GiB/s 1.8473 GiB/s]
Found 1 outliers among 100 measurements (1.00%)
1 (1.00%) high mild
Benchmarking K12/4194304/32 (cached): Warming up for 3.0000 s
Warning: Unable to complete 100 samples in 5.0s. You may wish to increase target time to 8.6s, enable flat sampling, or reduce sample count to 50.
K12/4194304/32 (cached) time: [1.6748 ms 1.6845 ms 1.6939 ms]
thrpt: [2.3060 GiB/s 2.3189 GiB/s 2.3324 GiB/s]
Found 2 outliers among 100 measurements (2.00%)
1 (1.00%) high mild
1 (1.00%) high severe
K12/4194304/32 (random) time: [1.8045 ms 1.8168 ms 1.8295 ms]
thrpt: [2.1351 GiB/s 2.1501 GiB/s 2.1647 GiB/s]
Found 4 outliers among 100 measurements (4.00%)
4 (4.00%) high mild
K12/8388608/32 (cached) time: [3.1208 ms 3.1417 ms 3.1636 ms]
thrpt: [2.4695 GiB/s 2.4867 GiB/s 2.5033 GiB/s]
Found 3 outliers among 100 measurements (3.00%)
2 (2.00%) high mild
1 (1.00%) high severe
K12/8388608/32 (random) time: [3.2660 ms 3.2813 ms 3.2974 ms]
thrpt: [2.3693 GiB/s 2.3810 GiB/s 2.3920 GiB/s]
Found 6 outliers among 100 measurements (6.00%)
1 (1.00%) low mild
4 (4.00%) high mild
1 (1.00%) high severe
K12/16777216/32 (cached)
time: [5.9027 ms 5.9612 ms 6.0277 ms]
thrpt: [2.5922 GiB/s 2.6211 GiB/s 2.6471 GiB/s]
Found 3 outliers among 100 measurements (3.00%)
1 (1.00%) high mild
2 (2.00%) high severe
K12/16777216/32 (random)
time: [6.2938 ms 6.3308 ms 6.3723 ms]
thrpt: [2.4520 GiB/s 2.4681 GiB/s 2.4826 GiB/s]
Found 6 outliers among 100 measurements (6.00%)
4 (4.00%) high mild
2 (2.00%) high severe
K12/33554432/32 (cached)
time: [11.659 ms 11.741 ms 11.829 ms]
thrpt: [2.6417 GiB/s 2.6617 GiB/s 2.6802 GiB/s]
Found 21 outliers among 100 measurements (21.00%)
7 (7.00%) high mild
14 (14.00%) high severe
K12/33554432/32 (random)
time: [12.109 ms 12.183 ms 12.266 ms]
thrpt: [2.5478 GiB/s 2.5651 GiB/s 2.5808 GiB/s]
Found 14 outliers among 100 measurements (14.00%)
9 (9.00%) high mild
5 (5.00%) high severe
用法
使用袋鼠Twelve可扩展输出函数API开始使用非常简单
- 在您的
Cargo.toml文件中添加kangarootwelve作为项目依赖项
[dependencies]
# either
kangarootwelve = { git = "https://github.com/itzmeanjan/kangarootwelve" }
# or
kangarootwelve = "0.1.1"
# or if interested in using multi-threaded K12 absorption for long messages
kangarootwelve = { version = "0.1.1", features = "multi_threaded" }
- 目前,KangarooTwelve 仅提供非增量吸收 API,因此请使用
hash函数将消息和自定义字符串吸收到海绵状态中,该函数返回一个包含最终化海绵的 XOF 对象。
use kangarootwelve::KangarooTwelve;
use rand::{thread_rng, RngCore};
fn main() {
const MLEN: usize = 64;
const CSTRLEN: usize = 1;
const DLEN: usize = 32;
let mut msg = vec![0u8; MLEN];
let mut cstr = vec![0u8; CSTRLEN]; // you can keep it empty
let mut dig = vec![0u8; DLEN];
let mut rng = thread_rng();
rng.fill_bytes(&mut msg);
cstr[0] = 0xff;
let mut hasher = KangarooTwelve::hash(&msg, &cstr);
// ...
}
- 海绵已准备好被挤压,即现在您可以使用返回的 XOF 对象进行任意次数的任意字节数的挤压。
hasher.squeeze(&mut dig[..DLEN / 2]);
hasher.squeeze(&mut dig[DLEN / 2..]);
我维护以下示例,展示了 KangarooTwelve 可扩展输出函数(XOF)的用法。
cargo run --release --example k12
Message = 03959c2ffc95ac27dbf150fa1bbd4eebeaf531cf5bfd93680a197453350260ca86d78ba9376c8bf55350a7b695f473c486853d955de5eef456a7bc14d22316c5
Customization String = ff
Digest = 1ab580fbc34d1e49d4c6b1b34b8e9d6b25e0ee60185559e3c7384e5c15629781
依赖项
~90–400KB