Threefish is a large, tweakable block cipher. It is defined for three different block sizes: 256 bits, 512 bits, and 1024 bits. The key is the same size as the block, and the tweak value is 128 bits for all block sizes.

Threefish was created in 2008 as part of the Skein hash function, a submission to NIST's SHA-3 competition. A full specification of Threefish can be found in sections 2.2 and 3.3 of the Skein submission document. Source code and test vectors are also available.

Threefish consists of just three operations—addition, XOR, and rotations of a fixed amount—all operating on 64-bit words. Threefish-256 and Threefish-512 consist of 72 rounds; Threefish-1024 consists of 80 rounds. Because Threefish only uses simple operations, and because it was designed with performance in mind, Threefish-512 encrypts data at 6.1 clock cycles per byte on 64-bit machines; Threefish-1024 encrypts data at 6.5 clock cycles per byte. Detailed performance information, in both software and hardware, can be found in the Skein submission document.

There is currently no successful cryptanalysis of Threefish. More information can be found on the Skein page.

Threefish is unpatented, and the source code is uncopyrighted and license-free; it is free for all uses.

Threefish was created and analyzed by:
Niels Ferguson - Stefan Lucks - Bruce Schneier - Doug Whiting - Mihir Bellare - Tadayoshi Kohno - Jon Callas - Jesse Walker

C# implementation of Skein and Threefish by Alberto Fajardo
.NET/Mono implementation of Threefish-256 by Marcus Griep
AVR 8-bit implementation of Threefish and Skein by Jörg Walter
Skein and Threefish functions for Java, C, and Go (Skein3Fish)
Threefish for Linux kernel by bogdankernel
S4 Cryptographic Library (includes Skein and Threefish)

up to Skein

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.