The designers of the Skein hash function have published a small tweak to the algorithm for the second round of the SHA-3 competition. A new search technique has been used to generate an updated set of rotation constants in the Threefish round function, which increase the diffusion of the block cipher used in Skein.
This means there are effectively two incompatible versions of Skein - the original design, and the tweaked version. Botan has contained an implementation of Skein-512 since version 1.8.3, which used the original rotation constants. A change has already been checked into source control which alters to use the new tweaked constants; these will be used in future releases.
Unfortunately this means botan's Skein implementation will be incompatible with not only the previous versions, but also most other existing Skein implementations. However it seems reasonable to think that most other implementations will be modified to use the tweaked variant relatively shortly.
For the record, I think it would be unwise to use Skein (either the original or tweaked versions) in new systems just yet - while some analysis has been made, suggesting that Skein is in fact quite strong, it is still very early in the SHA-3 process and vulnerabilities may well be discovered between now and the SHA-3 conference next summer.
Posted 2009/09/16 in devnotes; no comments
< Botan 1.9.0: SIMD encryption and Rivest's package transform | Blue Midnight Wish in Botan >