News Releases

Content Menu
The press releases on this website are provided for historical reference purposes only. Please note that certain information may have changed since the date of release.
December 15, 2008

Sony and Nagoya University Develop Next Generation Cryptographic Hash Algorithm (*1)

Tokyo, Japan, December 15, 2008 – Sony Corporation today announced "AURORA" (*2), a new secure and efficient cryptographic hash algorithm (*1) developed in cooperation with Tetsu Iwata, Associate Professor, Nagoya University. This technology is essential in the growing field of digital signatures (*3) and other security measures used in recent consumer electronics products. "AURORA" maintains high security levels while providing both efficient software and hardware implementation capabilities. Sony and Nagoya University have submitted "AURORA" for consideration in the "SHA-3 competition", a selection process for next generation cryptographic hash functions (*4) overseen by the National Institute of Standards and Technology (NIST)(*5).
In recent years, the rapid advancement of cryptanalytic technologies (*6) such as SHA-1 and MD5 (*7), capable of deciphering cryptographic hash functions, have increased the requirement for new types of hash functions that feature the properties to withstand this progress.
"AURORA" is a highly efficient cryptographic hash algorithm that leverages the experience and expertise that Sony has accumulated thought the development of its secure and efficient block cipher, "CLEFIA™" (*8). "AURORA" is designed to combine secure compression functions and advanced domain extension capabilities, with it's compression functions achieving advanced levels of security by connecting multiple functions to offer a broad mix of data. Furthermore, "AURORA" is suitable for use in various types of applications due to its repetitive structure and byte-oriented component design. "AURORA"'s domain extensions effectively connect underlying compression functions to each other to extend the applicable length of input messages and output values, realizing security levels capable of withstanding many state-of-the-art cryptanalytic techniques. When implemented in software, "AURORA-256(*9)" (the output length (*10) of which is 256-bit) achieves fastest speeds of 15.4 cycles/byte, while "AURORA-512(*11)" (the output length of which is 512-bit) achieves 27.4 cycles/byte (*12). When implemented in hardware using a 0.13µm CMOS standard cell library(*13), "AURORA-256" achieves a smallest gate size of just 11.1K/2.2Gbps, making it highly suitable for use in mobile devices, and a maximum throughput of 35.0Kgates/10.4 Gbps, ideal for servers. Meanwhile, "AURORA-512" achieves a smallest gate size of just 14.6K/1.2Gbps and maximum throughput of 56.7gates/9.1 Gbps. These results demonstrate that even when compared against key hash functions such as SHA-2(*14) the "AURORA" range is able to deliver highly secure hash functions across a wide range of implementations, without loss of performance on many types of platforms.
NIST invited entries to a competition for the selection of next generation secure hash functions with output lengths of 224-bit, 256-bit, 384-bit and 512-bits, and "AURORA" has been approved as an official candidate for this competition. Going forward, technological aspects of "AURORA" such as security and performance will be evaluated and compared under the same conditions as other selected candidates (*15). After this public evaluation process, in 2012 NIST will select the most suitable algorithm or algorithms as new algorithm standards, to be known as "SHA-3".
By participating in the selection process to determine the next generation of hash algorithms, Sony aims to contribute to the development of more secure technologies that its customers can use with confidence.

NIST web site :

Hash functions: Cryptographic hash functions. Functions to compress any arbitrary length message into a fixed size digest. Security criteria for hash functions include collision resistance and preimage resistance and so on.
AURORA: A Name for a family of cryptographic hash algorithms developed by Sony and Nagoya University. This name does not indicate one of specific products and services.
Digital Signature Scheme: A scheme to sign a digital document to protect against forgery. Typical digital signature schemes are constructed by combining a cryptographic hash function and a public key scheme.
Selection process for advanced hash standards: A project organized by NIST to select a suitable cryptographic algorithm(s) among candidate algorithms under an open evaluation process. The selected algorithm(s) will be included as SHA-3 in FIPS (Federal Information Processing Standard) and it is expected to be used world-wide.
NIST: The National Institute of Standards and Technology is a measurement standards laboratory which is an agency of the United States Department of Commerce. NIST establishes cryptographic algorithm standards for the US government.
Rapid advancement of research on cryptanalytic technologies: The intensive research of cryptographic hash functions has recently lead to the development of many cryptanalytic methods for attacking hash algorithms, even those that had previously been considered secure.
SHA-1, MD5: SHA-1 is a cryptographic hash algorithm developed by NIST, contained in the FIPS 180-2 standard. SHA-1 is well-known and widely used in many secure systems. MD5 is also a cryptographic hash function that had been widely used before the development of SHA-1. Recently, the vulnerability of both algorithms has been highlighted.
CLEFIA: A block cipher algorithm developed by Sony in 2007. CLEFIA supports 128bit, 192bit and 256bit key lengths and 128bit block length. CLEFIA is a highly efficient block cipher in terms of both software and hardware. In particular, its hardware efficiency when implemented in small size gates is very high compared with other block ciphers. CLEFIA is a lightweight cipher.
AURORA-256: A specific hash function in the AURORA range that outputs 256 bit hash rate.
Output length: Bit length of output generated by a hash function.
AURORA-512: A specific hash function in the AURORA range that outputs 512 bit hash value rate.
Measurement Environment of Software Implementation: Software performance is measured on Intel ® Core™ 2 Duo Processor(2.4GHz, Windows Vista Ultimate (64-bit).
CMOS standard cell library: Circuit library of basic logical operations prepared for CMOS hardware implementation.
SHA-2: SHA-2 is a cryptographic hash algorithm developed by NIST, and is included in the FIPS 180-2 standard. The design philosophy of SHA-2 is similar to that of SHA-1.
Other Candidates: NIST accepted 51 candidate algorithms as "proper and complete" among the 64 submitted for the SHA-3 contest. All of them will be compared and evaluated under equal conditions.
Page Top