Paper 2016/098

Haraka v2 - Efficient Short-Input Hashing for Post-Quantum Applications

Stefan Kölbl, Martin M. Lauridsen, Florian Mendel, and Christian Rechberger


Recently, many efficient cryptographic hash function design strategies have been explored, not least because of the SHA-3 competition. These designs are, almost exclusively, geared towards high performance on long inputs. However, various applications exist where the performance on short (fixed length) inputs matters more. Such hash functions are the bottleneck in hash-based signature schemes like SPHINCS or XMSS, which is currently under standardization. Secure functions specifically designed for such applications are scarce. We attend to this gap by proposing two short-input hash functions (or rather simply compression functions). By utilizing AES instructions on modern CPUs, our proposals are the fastest on such platforms, reaching throughputs below one cycle per hashed byte even for short inputs, while still having a very low latency of less than 60 cycles. Under the hood, this results comes with several innovations. First, we study whether the number of rounds for our hash functions can be reduced, if only second-preimage resistance (and not collision resistance) is required. The conclusion is: only a little. Second, since their inception, AES-like designs allow for supportive security arguments by means of counting and bounding the number of active S-boxes. However, this ignores powerful attack vectors using truncated differentials, including the powerful rebound attacks. We develop a general tool-based method to include arguments against attack vectors using truncated differentials.

Note: Updated performance numbers.

Available format(s)
Secret-key cryptography
Publication info
Preprint. MINOR revision.
Cryptographic hash functionssecond-preimage resistanceAES-NIhash-based signaturespost-quantum
Contact author(s)
stek @ dtu dk
2016-10-24: last of 5 revisions
2016-02-07: received
See all versions
Short URL
Creative Commons Attribution


      author = {Stefan Kölbl and Martin M.  Lauridsen and Florian Mendel and Christian Rechberger},
      title = {Haraka v2 - Efficient Short-Input Hashing for Post-Quantum Applications},
      howpublished = {Cryptology ePrint Archive, Paper 2016/098},
      year = {2016},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.