I am developing the keccak sponge function and have some strange behaviour about the hash result.
I use the string "abc" with 24 bits (3 bytes). The test vectors for SHA-3 on http://www.di-mgt.com.au/sha_testvectors.html say that the result of SHA3-512 is following:
SHA3-512 from Test Vector b751850b1a57168a 5693cd924b6b096e 08f621827444f70d 884f5d0240d2712e 10e116e9192af3c9 1a7ec57647e39340 57340b4cf408d5a5 6592f8274eec53f0
I also used cryptopp version 5.62 and it gives me this output:
CryptoPP 18587dc2ea106b9a1563e32b3312421ca164c7f1f07bc922a9c83d77cea3a1e5d0c69910739025372dc14ac9642629379540c17e2a65b19d77aa511a9d00bb96
I use HashTab 5.2.0.14 on Windows and it gives me for a file with "abc" the same output:
HashTab 5.2.0.14 18587dc2ea106b9a1563e32b3312421ca164c7f1f07bc922a9c83d77cea3a1e5d0c69910739025372dc14ac9642629379540c17e2a65b19d77aa511a9d00bb96
So, there are some references but one of them is different to the others. It is explained on the website, that the input message is attached with 2 bits "10" defined in the FIPS-202 draft. So, CryptoPP and HashTab use maybe another implementation but which one??
Now I have my program and the "reference code" from the keccak site and also another implementation in python:
My program returns this hash value for "abc":
My Program 20FF13D217D5789FA7FC9E0E9A2EE627363EC28171D0B6C52BBD2F240554DBC94289F4D61CB57DF72DF08AAC4366022D5DF23E703B8FDFF6306021DB4D5E6760
This is the keccak reference code (http://keccak.noekeon.org/KeccakReferenceAndOptimized-3.2.zip) on the http://keccak.noekeon.org/files.html which calculates the same value:
Keccak-Reference 3.2 Message of size 2040 bits with Keccak[r=1024, c=576] 20FF13D217D5789FA7FC9E0E9A2EE627363EC28171D0B6C52BBD2F240554DBC94289F4D61CB57DF72DF08AAC4366022D5DF23E703B8FDFF6306021DB4D5E6760 (truncated to the same length)
This is the python implementation from https://github.com/mgoffin/keccak-python/blob/master/Keccak.py resulting in the same value:
keccak-python Value after squeezing : 20FF13D217D5789FA7FC9E0E9A2EE627363EC28171D0B6C52BBD2F240554DBC94289F4D61CB57DF72DF08AAC4366022D5DF23E703B8FDFF6306021DB4D5E67601173D04BF5AEC3EBBCA87696355C5FB4D72D00D2CC4F843A0A3A0ED8924A16FC37769A3DB7C3A84F31E92375A7D74A0136D80A647FBC5AF8D733B43873A3709F
So my questions:
1) Is it true that Keccak and SHA-3 have different outputs based on the specification NIST made with FIPS 202?
2) Why do I have now three different hash values which are not unique?
3) Is the capacity changed in SHA3-512 so that it has 512 bits capacity and 1600-512 bitrate? This is another difference I read on a presentation about SHA-3 but I did not find it in the FIPS-202 document.
Thank you very much!
Regards,
Burak
2) Like mentioned in https://crypto.stackexchange.com/questions/15727/what-are-the-key-differences-between-the-draft-sha-3-standard-and-the-keccak-sub FIPS 202 was changed on April 7, 2014.
The last release from CryptoPP is from 2/20/2013 (which was the first release including SHA3) see http://www.cryptopp.com/
This explains why CryptoPP produces a different hash compared to actual test vectors. I think same will apply for HashTab.