SHA-3 Winner Announced 100
An anonymous reader writes "The National Institute of Standards and Technology (NIST) has just announced the winner of the SHA-3 competition: Keccak, created by Guido Bertoni, Joan Daemen and Gilles Van Assche of STMicroelectronics and Michaël Peeters of NXP Semiconductors. 'Keccak has the added advantage of not being vulnerable in the same ways SHA-2 might be,' says NIST computer security expert Tim Polk. 'An attack that could work on SHA-2 most likely would not work on Keccak because the two algorithms are designed so differently.' For Joan Daemen it must be a 'two in a row' feeling, since he also is one of the authors of AES."
Re:So is SHA1 unsafe now? (Score:3, Informative)
you're trying (poorly) to troll, but for those who actually are curious, no, you should not do anything of the sort. you should use a proper password hashing framework which makes use of hash functions actually intended for use with authentication systems, such as phpass [openwall.com].
Re:Not vulnerable in the same ways? (Score:5, Informative)
In fact it should be a given that SHA-X does not suffer from the same vulnerabilities as SHA-X-1.
No, it shouldn't. Both SHA-1 and SHA-2 are based on the Merkle–Damgard construction [wikipedia.org]. If there's something really wrong with it (not that there's any reason to believe so, today), both SHA-1 and SHA-2 would be affected.
Keccak (SHA-3) has a completely different design based on the sponge construction [noekeon.org].