[cryptography] Fwd: NIST Selects Winner of Secure Hash Algorithm (SHA-3) Competition

David Adamson adamson.david.jr at gmail.com
Thu Oct 4 07:12:13 EDT 2012


My previous post has even more sense now when we know that in
performance SHA-3 is significantly worse than SHA-2.


On 04/14/2012 06:39 AM, David Adamson wrote:

NSA designed SHA-2 to stay in libraries for a long time. Length
extension is not an issue for SHA-2 anymore with SHA-512/256. That is
a double-pipe hash function perfectly secure against length-extension
attack. According to [1], "Furthermore, even the fastest finalists
will probably  offer only a small performance advantage over the
current SHA-256 and SHA-512 implementations."

However, since SHA-2 and SHA-3 are 2, 3 or even 4 times slower than
MD5 or SHA-1, and NIST running the SHA-3 competition changed their own
initial goal SHA-3 to be significantly faster than SHA-2, I expect in
the following period several other influential international players
in the area of standardizing cryptographic primitives to use that
strategic mistake done by NIST, and to push for a hash standard that
will be significantly faster than SHA-2 and SHA-3.

SO: I expect a new hash competition (run by EU, Russia, China or
Japan) where US SHA-3 standard will be a reference point and the goal
will be to design 256 and 512 bits hash function that is 3-4 times
faster than SHA-3.

Regards,
David Adamson Jr

[1] Shay Gueron, Vlad Krasnov, "Parallelizing message schedules to
accelerate the computations of hash functions"



More information about the cryptography mailing list