WHIRLPOOL
Encyclopedia
In computer science
and cryptography
, Whirlpool (sometimes styled WHIRLPOOL) is a cryptographic hash function
designed by Vincent Rijmen
(co-creator of the Advanced Encryption Standard
) and Paulo S. L. M. Barreto
first described in 2000. The hash has been recommended by the NESSIE
project. It has also been adopted by the International Organization for Standardization
(ISO) and the International Electrotechnical Commission
(IEC) as part of the joint ISO/IEC 10118-3 international standard
.
block cipher
. Whirlpool is a Miyaguchi-Preneel construction based on a substantially modified Advanced Encryption Standard
(AES). It takes a message of any length less than 2256 bits and returns a 512-bit message digest.
The authors have declared that "WHIRLPOOL is not (and will never be) patented and may be used free of charge for any purpose. The reference implementations are in the public domain."
The algorithm is named after the Whirlpool Galaxy
in Canes Venatici
.
Two of the first widely-used mainstream cryptographic programs that started using Whirlpool were FreeOTFE
, followed by TrueCrypt
in 2005.
People incorporating Whirlpool will most likely use the most recent revision of Whirlpool; while there are no known security weaknesses in earlier versions of Whirlpool, the most recent revision has better hardware implementation efficiency characteristics, and is also likely to be more secure. As mentioned earlier, it is also the version adopted in the ISO/IEC 10118-3 international standard
.
The 512-bit (64-byte) Whirlpool hashes (also termed message digests) are typically represented as 128-digit hexadecimal
numbers. The following demonstrates a 43-byte ASCII
input and the corresponding Whirlpool hashes:
Whirlpool-0("The quick brown fox jumps over the lazy dog
") =
4F8F5CB531E3D49A61CF417CD133792CCFA501FD8DA53EE368FED20E5FE0248C
3A0B64F98A6533CEE1DA614C3A8DDEC791FF05FEE6D971D57C1348320F4EB42D
Whirlpool-T("The quick brown fox jumps over the lazy dog") =
3CCF8252D8BBB258460D9AA999C06EE38E67CB546CFFCF48E91F700F6FC7C183
AC8CC3D3096DD30A35B01F4620A1E3A20D79CD5168544D9E1B7CDF49970E87F1
Whirlpool("The quick brown fox jumps over the lazy dog") =
B97DE512E91E3828B40D2B0FDCE9CEB3C4A71F9BEA8D88E75C4FA854DF36725F
D2B52EB6544EDCACD6F8BEDDFEA403CB55AE31F03AD62A5EF54E42EE82C3FB35
Even a small change in the message will (with an extremely high probability of
) result in a different hash, which will usually
look completely different just like two unrelated random numbers do. The following demonstrates the result of changing the previous input by a single letter (a single bit, even, in ASCII-compatible encodings), replacing d with e:
Whirlpool-0("The quick brown fox jumps over the lazy eog") =
228FBF76B2A93469D4B25929836A12B7D7F2A0803E43DABA0C7FC38BC11C8F2A
9416BBCF8AB8392EB2AB7BCB565A64AC50C26179164B26084A253CAF2E012676
Whirlpool-T("The quick brown fox jumps over the lazy eog") =
C8C15D2A0E0DE6E6885E8A7D9B8A9139746DA299AD50158F5FA9EECDDEF744F9
1B8B83C617080D77CB4247B1E964C2959C507AB2DB0F1F3BF3E3B299CA00CAE3
Whirlpool("The quick brown fox jumps over the lazy eog") =
C27BA124205F72E6847F3E19834F925CC666D0974167AF915BB462420ED40CC5
0900D85A1F923219D832357750492D5C143011A76988344C2635E69D06F2D38C
Adding a line feed to the string of characters would also completely change the resulting hash, even if the character itself is not displayed.
The hash of a zero-length string is:
Whirlpool-0("") =
B3E1AB6EAF640A34F784593F2074416ACCD3B8E62C620175FCA0997B1BA23473
39AA0D79E754C308209EA36811DFA40C1C32F1A2B9004725D987D3635165D3C8
Whirlpool-T("") =
470F0409ABAA446E49667D4EBE12A14387CEDBD10DD17B8243CAD550A089DC0F
EEA7AA40F6C2AAAB71C6EBD076E43C7CFCA0AD32567897DCB5969861049A0F5A
Whirlpool("") =
19FA61D75522A4669B44E39C1D2E1726C530232130D407F89AFEE0964997F7A7
3E83BE698B288FEBCF88E3E03C4F0757EA8964E59B63D93708B138CC42A66EB3
Computer science
Computer science or computing science is the study of the theoretical foundations of information and computation and of practical techniques for their implementation and application in computer systems...
and cryptography
Cryptography
Cryptography is the practice and study of techniques for secure communication in the presence of third parties...
, Whirlpool (sometimes styled WHIRLPOOL) is a cryptographic hash function
Cryptographic hash function
A cryptographic hash function is a deterministic procedure that takes an arbitrary block of data and returns a fixed-size bit string, the hash value, such that an accidental or intentional change to the data will change the hash value...
designed by Vincent Rijmen
Vincent Rijmen
Vincent Rijmen is a Belgian cryptographer and one of the two designers of the Rijndael, the Advanced Encryption Standard. Rijmen is also the co-designer of the WHIRLPOOL cryptographic hash function, and the block ciphers Anubis, KHAZAD, Square, NOEKEON and SHARK.In 1993, Rijmen obtained a degree...
(co-creator of the Advanced Encryption Standard
Advanced Encryption Standard
Advanced Encryption Standard is a specification for the encryption of electronic data. It has been adopted by the U.S. government and is now used worldwide. It supersedes DES...
) and Paulo S. L. M. Barreto
Paulo S. L. M. Barreto
Paulo S. L. M. Barreto is a Brazilian cryptographer and one of the designers of the Whirlpool hash function and the block ciphers Anubis and KHAZAD, together with Vincent Rijmen...
first described in 2000. The hash has been recommended by the NESSIE
NESSIE
NESSIE was a European research project funded from 2000–2003 to identify secure cryptographic primitives. The project was comparable to the NIST AES process and the Japanese Government-sponsored CRYPTREC project, but with notable differences from both...
project. It has also been adopted by the International Organization for Standardization
International Organization for Standardization
The International Organization for Standardization , widely known as ISO, is an international standard-setting body composed of representatives from various national standards organizations. Founded on February 23, 1947, the organization promulgates worldwide proprietary, industrial and commercial...
(ISO) and the International Electrotechnical Commission
International Electrotechnical Commission
The International Electrotechnical Commission is a non-profit, non-governmental international standards organization that prepares and publishes International Standards for all electrical, electronic and related technologies – collectively known as "electrotechnology"...
(IEC) as part of the joint ISO/IEC 10118-3 international standard
International standard
International standards are standards developed by international standards organizations. International standards are available for consideration and use, worldwide...
.
Design features
Whirlpool is a hash designed after the SquareSquare (cipher)
In cryptography, Square is a block cipher invented by Joan Daemen and Vincent Rijmen. The design, published in 1997, is a forerunner to the Rijndael algorithm, which has been adopted as the Advanced Encryption Standard...
block cipher
Block cipher
In cryptography, a block cipher is a symmetric key cipher operating on fixed-length groups of bits, called blocks, with an unvarying transformation. A block cipher encryption algorithm might take a 128-bit block of plaintext as input, and output a corresponding 128-bit block of ciphertext...
. Whirlpool is a Miyaguchi-Preneel construction based on a substantially modified Advanced Encryption Standard
Advanced Encryption Standard
Advanced Encryption Standard is a specification for the encryption of electronic data. It has been adopted by the U.S. government and is now used worldwide. It supersedes DES...
(AES). It takes a message of any length less than 2256 bits and returns a 512-bit message digest.
The authors have declared that "WHIRLPOOL is not (and will never be) patented and may be used free of charge for any purpose. The reference implementations are in the public domain."
The algorithm is named after the Whirlpool Galaxy
Whirlpool Galaxy
The Whirlpool Galaxy is an interacting grand-design spiral galaxy that is estimated to be 23 ± 4 million light-years from the Milky Way Galaxy. in the constellation Canes Venatici...
in Canes Venatici
Canes Venatici
Canes Venatici is one of the 88 official modern constellations. It is a small northern constellation that was created by Johannes Hevelius in the 17th century. Its name is Latin for "hunting dogs", and the constellation is often depicted in illustrations as representing the dogs of Boötes the...
.
Two of the first widely-used mainstream cryptographic programs that started using Whirlpool were FreeOTFE
FreeOTFE
FreeOTFE is an open source on-the-fly disk encryption computer program for PCs running Microsoft Windows, and personal digital assistants running Windows Mobile . It creates virtual drives, or disks, to which anything written is automatically encrypted before being stored on a computer's hard or...
, followed by TrueCrypt
TrueCrypt
TrueCrypt is a software application used for on-the-fly encryption . It is free and open source. It can create a virtual encrypted disk within a file or encrypt a partition or the entire storage device .- Operating systems :TrueCrypt supports Microsoft Windows, Mac OS X, and...
in 2005.
Version changes
The original Whirlpool will be called Whirlpool-0, the first revision of Whirlpool will be called Whirlpool-T and the latest version will be called Whirlpool in the following test vectors.- In the first revision in 2001, the s-box was changed from a randomly generated one with good cryptographic properties to one which has better cryptographic properties and is easier to implement in hardware.
- In the second revision (2003), a flaw in the diffusion matrixMDS matrixAn MDS matrix is a matrix representing a function with certain diffusion properties that have useful applications in cryptography...
was found that lowered the estimated security of the algorithm below its potential. Changing the 8x8 rotating matrix constants from (1, 1, 3, 1, 5, 8, 9, 5) to (1, 1, 4, 1, 8, 5, 2, 9) solved this issue.
Whirlpool hashes
The Whirlpool algorithm has undergone two revisions since its original 2000 specification.People incorporating Whirlpool will most likely use the most recent revision of Whirlpool; while there are no known security weaknesses in earlier versions of Whirlpool, the most recent revision has better hardware implementation efficiency characteristics, and is also likely to be more secure. As mentioned earlier, it is also the version adopted in the ISO/IEC 10118-3 international standard
International standard
International standards are standards developed by international standards organizations. International standards are available for consideration and use, worldwide...
.
The 512-bit (64-byte) Whirlpool hashes (also termed message digests) are typically represented as 128-digit hexadecimal
Hexadecimal
In mathematics and computer science, hexadecimal is a positional numeral system with a radix, or base, of 16. It uses sixteen distinct symbols, most often the symbols 0–9 to represent values zero to nine, and A, B, C, D, E, F to represent values ten to fifteen...
numbers. The following demonstrates a 43-byte ASCII
ASCII
The American Standard Code for Information Interchange is a character-encoding scheme based on the ordering of the English alphabet. ASCII codes represent text in computers, communications equipment, and other devices that use text...
input and the corresponding Whirlpool hashes:
Whirlpool-0("The quick brown fox jumps over the lazy dog
The quick brown fox jumps over the lazy dog
"The quick brown fox jumps over the lazy dog" is an English-language pangram, that is, a phrase that contains all of the letters of the alphabet. It has been used to test typewriters and computer keyboards, and in other applications involving all of the letters in the English alphabet...
") =
4F8F5CB531E3D49A61CF417CD133792CCFA501FD8DA53EE368FED20E5FE0248C
3A0B64F98A6533CEE1DA614C3A8DDEC791FF05FEE6D971D57C1348320F4EB42D
Whirlpool-T("The quick brown fox jumps over the lazy dog") =
3CCF8252D8BBB258460D9AA999C06EE38E67CB546CFFCF48E91F700F6FC7C183
AC8CC3D3096DD30A35B01F4620A1E3A20D79CD5168544D9E1B7CDF49970E87F1
Whirlpool("The quick brown fox jumps over the lazy dog") =
B97DE512E91E3828B40D2B0FDCE9CEB3C4A71F9BEA8D88E75C4FA854DF36725F
D2B52EB6544EDCACD6F8BEDDFEA403CB55AE31F03AD62A5EF54E42EE82C3FB35
Even a small change in the message will (with an extremely high probability of
) result in a different hash, which will usuallyClustering illusion
The clustering illusion refers to the tendency erroneously to perceive small samples from random distributions to have significant "streaks" or "clusters", caused by a human tendency to underpredict the amount of variability likely to appear in a small sample of random or semi-random data due to...
look completely different just like two unrelated random numbers do. The following demonstrates the result of changing the previous input by a single letter (a single bit, even, in ASCII-compatible encodings), replacing d with e:
Whirlpool-0("The quick brown fox jumps over the lazy eog") =
228FBF76B2A93469D4B25929836A12B7D7F2A0803E43DABA0C7FC38BC11C8F2A
9416BBCF8AB8392EB2AB7BCB565A64AC50C26179164B26084A253CAF2E012676
Whirlpool-T("The quick brown fox jumps over the lazy eog") =
C8C15D2A0E0DE6E6885E8A7D9B8A9139746DA299AD50158F5FA9EECDDEF744F9
1B8B83C617080D77CB4247B1E964C2959C507AB2DB0F1F3BF3E3B299CA00CAE3
Whirlpool("The quick brown fox jumps over the lazy eog") =
C27BA124205F72E6847F3E19834F925CC666D0974167AF915BB462420ED40CC5
0900D85A1F923219D832357750492D5C143011A76988344C2635E69D06F2D38C
Adding a line feed to the string of characters would also completely change the resulting hash, even if the character itself is not displayed.
The hash of a zero-length string is:
Whirlpool-0("") =
B3E1AB6EAF640A34F784593F2074416ACCD3B8E62C620175FCA0997B1BA23473
39AA0D79E754C308209EA36811DFA40C1C32F1A2B9004725D987D3635165D3C8
Whirlpool-T("") =
470F0409ABAA446E49667D4EBE12A14387CEDBD10DD17B8243CAD550A089DC0F
EEA7AA40F6C2AAAB71C6EBD076E43C7CFCA0AD32567897DCB5969861049A0F5A
Whirlpool("") =
19FA61D75522A4669B44E39C1D2E1726C530232130D407F89AFEE0964997F7A7
3E83BE698B288FEBCF88E3E03C4F0757EA8964E59B63D93708B138CC42A66EB3
External links
- Whirlpool homepage Includes detailed algorithm information, C and Java implementations, the paper, etc.
- A Java implementation of all three revisions of Whirlpool
- A Matlab Implementation of the Whirlpool Hashing Function
- RHash, an open sourceOpen sourceThe term open source describes practices in production and development that promote access to the end product's source materials. Some consider open source a philosophy, others consider it a pragmatic methodology...
command-line tool, which can calculate and verify Whirlpool hash. - Perl Whirlpool module at CPAN
- Ruby Whirlpool library
- Ironclad: a Common Lisp cryptography package containing a Whirlpool implementation
- The ISO/IEC 10118-3 standard
- Test vectors for the Whirlpool hash from the NESSIE project
- Managed C# implementation