Skyscraper-v2: Fast Hashing on Big Primes

Clémence Bouvier; Lorenzo Grassi; Dmitry Khovratovich; Katharina Koschatko; Christian Rechberger; Fabian Schmid; Markus Schofnegger

Paper 2025/058

Skyscraper-v2: Fast Hashing on Big Primes

Clémence Bouvier

, Université de Lorraine, CNRS, Inria, LORIA, Nancy, France

Lorenzo Grassi

, Ruhr University Bochum, Bochum, Germany, Ponos Technology, Zug, Switzerland

Dmitry Khovratovich

, Ethereum Foundation, Luxembourg, Luxembourg, ABDK Consulting, Tallinn, Estonia

Katharina Koschatko

, Graz University of Technology, Graz, Austria

Christian Rechberger

, Graz University of Technology, Graz, Austria

Fabian Schmid

, Graz University of Technology, Graz, Austria

Markus Schofnegger

, Fabric Cryptography, San Francisco, United States

Abstract

Arithmetic hash functions defined over prime fields have been actively developed and used in verifiable computation (VC) protocols. Among those, elliptic-curve-based SNARKs require large (256-bit and higher) primes. Such hash functions are notably slow, losing a factor of up to 1000 compared to regular constructions like SHA-2/3. In this paper, we present the hash function Skyscraper-v2, which is aimed at large prime fields and provides major improvements compared to Reinforced Concrete and Monolith. First, the design is exactly the same for all large primes, which simplifies analysis and deployment. Secondly, it achieves a performance comparable to cryptographic hash standards by using low-degree non-invertible transformations and minimizing modulo reductions. Concretely, it hashes two 256-bit prime field (BLS12-381 curve scalar field) elements in 256 nanoseconds, which makes it faster than Poseidon2 by a factor of more than 15, and faster than the current performance-leader Reinforced Concrete by a factor of more than 5 in this scenario. The low circuit complexity of Skyscraper-v2, together with its high native speed, should allow a substantial reduction in many VC scenarios, particularly in recursive proofs.

Note: This updated version of Skyscraper addresses recent cryptanalysis results by adding rounds at the beginning and at the end of the permutation. A detailed list of changes is provided in the Appendix.

Metadata

Available format(s): PDF
Category: Secret-key cryptography
Publication info: A minor revision of an IACR publication in TCHES 2025
DOI: 10.46586/tches.v2025.i2.743-780
Keywords: Hash functions Zero-knowledge Circuits
Contact author(s): clemence bouvier @ inria fr
lorenzo @ ponos technology
khovratovich @ gmail com
katharina koschatko @ tugraz at
christian rechberger @ tugraz at
fabian schmid @ tugraz at
markus schofnegger @ gmail com
History: 2025-05-06: revised; 2025-01-14: received; See all versions
Short URL: https://ia.cr/2025/058
License: CC BY

BibTeX

@misc{cryptoeprint:2025/058,
      author = {Clémence Bouvier and Lorenzo Grassi and Dmitry Khovratovich and Katharina Koschatko and Christian Rechberger and Fabian Schmid and Markus Schofnegger},
      title = {Skyscraper-v2: Fast Hashing on Big Primes},
      howpublished = {Cryptology {ePrint} Archive, Paper 2025/058},
      year = {2025},
      doi = {10.46586/tches.v2025.i2.743-780},
      url = {https://eprint.iacr.org/2025/058}
}