Forgot your password?
typodupeerror
Encryption News Technology

SHA-3 Winner Announced 100

Posted by Soulskill
from the cryptic-announcement dept.
An anonymous reader writes "The National Institute of Standards and Technology (NIST) has just announced the winner of the SHA-3 competition: Keccak, created by Guido Bertoni, Joan Daemen and Gilles Van Assche of STMicroelectronics and Michaël Peeters of NXP Semiconductors. 'Keccak has the added advantage of not being vulnerable in the same ways SHA-2 might be,' says NIST computer security expert Tim Polk. 'An attack that could work on SHA-2 most likely would not work on Keccak because the two algorithms are designed so differently.' For Joan Daemen it must be a 'two in a row' feeling, since he also is one of the authors of AES."
This discussion has been archived. No new comments can be posted.

SHA-3 Winner Announced

Comments Filter:
  • by Anonymous Coward
    It's time to start building some new rainbow tables?
    • by plover (150551) on Tuesday October 02, 2012 @05:34PM (#41531875) Homepage Journal

      Now I may as well delete all the Skein rainbow tables I have been generating. Boy, did I back the wrong horse.

  • by Anonymous Coward

    Congratulations to the whole Keccak team! I happen to know some of them in person and have all confidence that this is an excellent piece of work. True quality always wins in the end.

  • 'Keccak has the added advantage of not being vulnerable in the same ways SHA-2 might be,'

    Out of all the ways a hash function could be vulnerable, not being vulnerable to a few of them hardly looks impressive without more context... But what do I know, I'm not a crytographer.

    • Re: (Score:2, Insightful)

      by Anonymous Coward

      What makes you extrapolate from "It's safe against the most likely issues SHA-2 might have" to "We chose it because of that but for the rest didn't bother to study it at all?" You surely are not a cryptographer, given that you can't even spell the word.

      • Re: (Score:2, Insightful)

        by rbarreira (836272)

        I did not extrapolate that, I just said that this sentence in the summary does not sound impressive. In fact it should be a given that SHA-X does not suffer from the same vulnerabilities as SHA-X-1.

        Oh and thanks for the spell check.

        • by FrangoAssado (561740) on Wednesday October 03, 2012 @02:29AM (#41535235)

          In fact it should be a given that SHA-X does not suffer from the same vulnerabilities as SHA-X-1.

          No, it shouldn't. Both SHA-1 and SHA-2 are based on the Merkle–Damgard construction [wikipedia.org]. If there's something really wrong with it (not that there's any reason to believe so, today), both SHA-1 and SHA-2 would be affected.

          Keccak (SHA-3) has a completely different design based on the sponge construction [noekeon.org].

    • It makes it somewhat more impressive when the vulnerabilities of SHA-2 are not known yet.

      • by rbarreira (836272)

        It makes it somewhat more impressive when the vulnerabilities of SHA-2 are not known yet.

        It's a new design, so without further knowledge all we can say is that it replaces "unknown vulnerabilities" with "unknown vulnerabities". Great :P

        • It still works somehow.
          In case SHA3 is broken: whatever, we'll make a new one.
          In case SHA2 is broken: whatever, we have SHA3.

  • According to the (extensive) benchmark data here [cr.yp.to], this is even slower than the previous SHAx.

    Somewhat disappointing, when both Skein and Blake are about twice as fast, and appear to be perfectly acceptable from a security standpoint. (From what I have read anyway.) So, out of curiosity, what is the argument for keccak that puts it ahead?

    • Perhaps this secure hashing algorithm was chosen above the others because it was more secure than the others?
      • by F.Ultra (1673484)
        Since none of the remaining candidates in round 3 where broken this is probably not the case. I think that the simplicity of the design (which makes analysis more easy) was the real reason. However we do not know yet since the report from round 3 hasn't been released yet.
      • Security is only one of the factors. Speed is one of the big reasons AES was chosen IIRC.

      • by Anonymous Coward

        It was chosen because of speed on a variety of hardware (desktop/server CPUs, embedded, smart cards, ...), because it has very low gate/memory requirements (making it implementable on really small stuff), because it's secure, and because the design is very different from SHA-2.

        The choice makes it clear that the last was an important criterion. When the SHA-3 competition was announced, everyeone expected SHA-2 to fall soon. It didn't, so likely SHA-2 won't go away anytime soon. However if it were to be broke

  • How can a strange Balinese dance perform better than SHA2 as a hash algorithm. I'm sure that hash had something to do with the creation of the Kecak dance, but not the cryptographic sort.

Never ask two questions in a business letter. The reply will discuss the one you are least interested, and say nothing about the other.

Working...