[cryptography] Fwd: NIST Selects Winner of Secure Hash Algorithm (SHA-3) Competition

Patrick Mylund Nielsen cryptography at patrickmylund.com
Wed Oct 3 19:54:02 EDT 2012


I had assumed NIST would publish a revised specification with a fixed
set of lengths, a la Rijndael. Is this stated somewhere, or is my
presumption erroneous?

On Wed, Oct 3, 2012 at 6:42 PM, ianG <iang at iang.org> wrote:
> On 3/10/12 14:10 PM, Landon Hurley wrote:
>>
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA512
>>
>> Thoughts?
>
>
> Very welcome - it does set the scene for the next decade for those of us who
> are free to chose the best algorithms for the job.
>
> "We'll just choose KECCAK."  Although, see question at end.
>
>
>> It wasn't the algorithm I had anticipated,
>
>
> :)  The nature of the process -- big kudos to NIST for running it as an
> international competition -- ensures the result is likely pretty good. There
> will be a lot of people arguing over the choice but if the AES experience is
> anything to go by, that will dissipate in time.
>
>
>> but does anyone
>> really anticipate this seeing any wide spread adoption without a huge
>> delay in between?
>
>
> In the negative kudos department, NIST panicked over the "imminent" failure
> of older hashes especially SHA1 and, etc, weaker certs, and pushed the CAs
> and other vendors into a tizzy.  Of course, once woken up, everyone had to
> do something, anything.  Doing anything, something (dasing?) is always a
> good idea when the risks aren't understood.
>
> Now, a lot of vendors might be less inclined to blink, as they've rammed in
> some measures already.  Rumour has it that PKIX has closed down? SSL's OODA
> cycle is measured at O(10^8 seconds).  SHA1 still seems to be holding it's
> own...  NIST has shot its bolt, has it another chance?
>
> It's quite possible it doesn't take up.  If that is the case, NIST can
> hopefully remember this time it decides to take up the drums of war, and
> beat more softly and strategically.
>
> One thing I don't understand from a quick reading is the business about
> KECCAK's flexibility.  At a theoretical level, it's all very well saying
> that we can dial in security and performance, but in practical
> cryptoplumbing we need some standard measurands.  How do we do this? Are we
> waiting on NIST to come out with some lengths, or are we really requiring
> our cryptoplumbers to actually understand the innards of KECCAK and wind the
> dials themselves?
>
> iang
>
>
>
>
>
>> //landon
>>
>> - -------- Original Message --------
>> Subject: NIST Selects Winner of Secure Hash Algorithm (SHA-3) Competition
>> Date: Tue, 02 Oct 2012 23:13:01 +0200
>> From: Kristian Fiskerstrand <kristian.fiskerstrand at sumptuouscapital.com>
>> To: Gnupg <gnupg-users at gnupg.org>
>>
>> Dear all,
>>
>>
>>
>> The National Institute of Standards and Technology (NIST) today
>> announced the winner of its five-year competition to select a new
>> cryptographic hash algorithm, one of the fundamental tools of modern
>> information security.
>>
>> The winning algorithm, Keccak (pronounced “catch-ack”), was created by
>> Guido Bertoni, Joan Daemen and Gilles Van Assche of STMicroelectronics
>> and Michaël Peeters of NXP Semiconductors. The team’s entry beat out 63
>> other submissions that NIST received after its open call for candidate
>> algorithms in 2007, when it was thought that SHA-2, the standard secure
>> hash algorithm, might be threatened. Keccak will now become NIST’s SHA-3
>> hash algorithm.
>>
>> You can read more at
>> http://www.nist.gov/public_affairs/tech-beat/tb20121002.cfm#s
>>
>> - --
>> Violence is the last refuge of the incompetent.
>>
>>
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG v1.4.11 (GNU/Linux)
>> Comment: Using GnuPG with Mozilla - http://www.enigmail.net/
>>
>> iQIcBAEBCgAGBQJQa7rLAAoJEDeph/0fVJWs5QsP/39z89h8HylUzCVpiP9j6yZh
>> BBMZ/pBucE6JRzueZqr8+xn7sAv902KTEk3iMyaVAPMg9fTOX4ppL7oMefONCDuS
>> wp9xNaR5lCdYTQa7uCBcmNfNX5A6S8x5W8feFmn+gzsTWytsbOgmy0+aGZ1g9qCp
>> bvLpjV2CDFH851N1fw5lR6qn5VURcBFk5JeNRMMxukxmoyem6AxN7SYUZ8WVDQ/o
>> N7xuRKMoP6h16Z74LsoACwP50rem6kWfaYHSOsrKzcL4svbLGHzw5pT/DOJr4DqW
>> v9MxYjYKZ58OqVF0jgoWlcPHMNxZLgylYC3vGdDgC4KatXw3YhIsnCrE2MPxh77Q
>> +dqiEEPc48Zy6JmS1nOsbpJcvUh1Gpq+gjPQPBRrSHGJ0v3RbPjQ4YTHO/tVTgQ7
>> P44h6hf8kb3XxhO/HAlBwMwjWKtqyw915bJKrKwetxgbGgL4POMfgFMjkmOergC8
>> FZP4o/XelUsT5HMSjojRnN5gB5vwNIxRwKtXervroprKs0DZECa1YasY+YC9RVrv
>> MkjEZAJ04QPtwCY8j/ciqYqToniIRBnf0MxlmNbfxRSOavslFuKkOEtmuLPvEmie
>> nlPcn58F7U7eHvE+On7sL5CbpVLAqG3bmjgB1Sb/ywND2a5JZaxOoaGp1JyF3DPC
>> M4TmaUJHvSP80fL24br2
>> =/OU3
>> -----END PGP SIGNATURE-----
>> _______________________________________________
>> cryptography mailing list
>> cryptography at randombit.net
>> http://lists.randombit.net/mailman/listinfo/cryptography
>>
>
> _______________________________________________
> cryptography mailing list
> cryptography at randombit.net
> http://lists.randombit.net/mailman/listinfo/cryptography



More information about the cryptography mailing list