[cryptography] Fwd: NIST Selects Winner of Secure Hash Algorithm (SHA-3) Competition
iang at iang.org
Wed Oct 3 19:42:31 EDT 2012
On 3/10/12 14:10 PM, Landon Hurley wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
Very welcome - it does set the scene for the next decade for those of us
who are free to chose the best algorithms for the job.
"We'll just choose KECCAK." Although, see question at end.
> It wasn't the algorithm I had anticipated,
:) The nature of the process -- big kudos to NIST for running it as an
international competition -- ensures the result is likely pretty good.
There will be a lot of people arguing over the choice but if the AES
experience is anything to go by, that will dissipate in time.
> but does anyone
> really anticipate this seeing any wide spread adoption without a huge
> delay in between?
In the negative kudos department, NIST panicked over the "imminent"
failure of older hashes especially SHA1 and, etc, weaker certs, and
pushed the CAs and other vendors into a tizzy. Of course, once woken
up, everyone had to do something, anything. Doing anything, something
(dasing?) is always a good idea when the risks aren't understood.
Now, a lot of vendors might be less inclined to blink, as they've rammed
in some measures already. Rumour has it that PKIX has closed down?
SSL's OODA cycle is measured at O(10^8 seconds). SHA1 still seems to be
holding it's own... NIST has shot its bolt, has it another chance?
It's quite possible it doesn't take up. If that is the case, NIST can
hopefully remember this time it decides to take up the drums of war, and
beat more softly and strategically.
One thing I don't understand from a quick reading is the business about
KECCAK's flexibility. At a theoretical level, it's all very well saying
that we can dial in security and performance, but in practical
cryptoplumbing we need some standard measurands. How do we do this?
Are we waiting on NIST to come out with some lengths, or are we really
requiring our cryptoplumbers to actually understand the innards of
KECCAK and wind the dials themselves?
> - -------- Original Message --------
> Subject: NIST Selects Winner of Secure Hash Algorithm (SHA-3) Competition
> Date: Tue, 02 Oct 2012 23:13:01 +0200
> From: Kristian Fiskerstrand <kristian.fiskerstrand at sumptuouscapital.com>
> To: Gnupg <gnupg-users at gnupg.org>
> Dear all,
> The National Institute of Standards and Technology (NIST) today
> announced the winner of its five-year competition to select a new
> cryptographic hash algorithm, one of the fundamental tools of modern
> information security.
> The winning algorithm, Keccak (pronounced catch-ack), was created by
> Guido Bertoni, Joan Daemen and Gilles Van Assche of STMicroelectronics
> and Michaël Peeters of NXP Semiconductors. The teams entry beat out 63
> other submissions that NIST received after its open call for candidate
> algorithms in 2007, when it was thought that SHA-2, the standard secure
> hash algorithm, might be threatened. Keccak will now become NISTs SHA-3
> hash algorithm.
> You can read more at
> - --
> Violence is the last refuge of the incompetent.
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.11 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://www.enigmail.net/
> -----END PGP SIGNATURE-----
> cryptography mailing list
> cryptography at randombit.net
More information about the cryptography