The FINANCIAL — Sony Corporation on December 15 announced "AURORA" (2), a new secure and efficient cryptographic hash algorithm (1) developed in cooperation with Tetsu Iwata, Associate Professor, Nagoya University.
According to Sony, this technology is essential in the growing field of digital signatures (3) and other security measures used in recent consumer electronics products. "AURORA" maintains high security levels while providing both efficient software and hardware implementation capabilities. Sony and Nagoya University have submitted "AURORA" for consideration in the "SHA-3 competition", a selection process for next generation cryptographic hash functions (4) overseen by the National Institute of Standards and Technology (NIST)(5).
In recent years, the rapid advancement of cryptanalytic technologies (6) such as SHA-1 and MD5 (7), capable of deciphering cryptographic hash functions, have increased the requirement for new types of hash functions that feature the properties to withstand this progress.
"AURORA" is a highly efficient cryptographic hash algorithm that leverages the experience and expertise that Sony has accumulated thought the development of its secure and efficient block cipher, "CLEFIA" (8). "AURORA" is designed to combine secure compression functions and advanced domain extension capabilities, with it's compression functions achieving advanced levels of security by connecting multiple functions to offer a broad mix of data. Furthermore, "AURORA" is suitable for use in various types of applications due to its repetitive structure and byte-oriented component design. "AURORA"'s domain extensions effectively connect underlying compression functions to each other to extend the applicable length of input messages and output values, realizing security levels capable of withstanding many state-of-the-art cryptanalytic techniques. When implemented in software, "AURORA-256(9)" (the output length (10) of which is 256-bit) achieves fastest speeds of 15.4 cycles/byte, while "AURORA-512(11)" (the output length of which is 512-bit) achieves 27.4 cycles/byte (12). When implemented in hardware using a 0.13µm CMOS standard cell library(13), "AURORA-256" achieves a smallest gate size of just 11.1K/2.2Gbps, making it highly suitable for use in mobile devices, and a maximum throughput of 35.0Kgates/10.4 Gbps, ideal for servers. Meanwhile, "AURORA-512" achieves a smallest gate size of just 14.6K/1.2Gbps and maximum throughput of 56.7gates/9.1 Gbps. These results demonstrate that even when compared against key hash functions such as SHA-2(14) the "AURORA" range is able to deliver highly secure hash functions across a wide range of implementations, without loss of performance on many types of platforms.
NIST invited entries to a competition for the selection of next generation secure hash functions with output lengths of 224-bit, 256-bit, 384-bit and 512-bits, and "AURORA" has been approved as an official candidate for this competition. Going forward, technological aspects of "AURORA" such as security and performance will be evaluated and compared under the same conditions as other selected candidates (15). After this public evaluation process, in 2012 NIST will select the most suitable algorithm or algorithms as new algorithm standards, to be known as "SHA-3".
By participating in the selection process to determine the next generation of hash algorithms, Sony aims to contribute to the development of more secure technologies that its customers can use with confidence.