Slashdot Mirror

← Back to Stories (view on slashdot.org)

NIST Opens Competition for a New Hash Algorithm

Posted by Zonk on from the not-that-long-to-wait dept.

Invisible Pink Unicorn writes "The National Institute of Standards and Technology has opened a public competition for the development of a new cryptographic hash algorithm, which will be called Secure Hash Algorithm-3 (SHA-3), and will augment the current algorithms specified in the Federal Information Processing Standard (FIPS) 180-2. This is in response to serious attacks reported in recent years against cryptographic hash algorithms, including SHA-1, and because SHA-1 and the SHA-2 family share a similar design. Submissions are being accepted through October 2008, and the competition timeline indicates that a winner will be announced in 2012."

5 of 187 comments (clear)

  1. Encryption != Hashing by rock217 · · Score: 4, Informative

    Encryption implies that you can reconstruct the original string from the encoded. Methods like md5, sha1, etc are one way algorithms that cannot be reversed* in a realistic amount of time.



    * - Rainbow tables

    --
    Wah Sig!
  2. Re:Very similar to the AES competition by lgw · · Score: 5, Informative

    1) That the NSA is so amazingly far ahead of everyone else in crypto that they were able to find something in AES that no one else has in over a decade. When the DES standard was created, the NSA was so amazing far ahead of everyone else that they were able to find somehting in DES that no one else found for over a decade. The NSA provided very specific technical advice (without explanation) that was followed in the creation of DES. Many years later, the rest of the world caught up and discovered that the NSA had corrected a very subtle weakness in DES.

    The NSA has an actual track record here, and their motives have proven good so far. However, they claim that (due to lack of funding and too much competition from financial firms for math PhDs) they aren't so far ahead any more.
    --
    Socialism: a lie told by totalitarians and believed by fools.
  3. Re:Very similar to the AES competition by Llywelyn · · Score: 3, Informative

    It is worth emphasizing that the NSA has said that AES 128/192/256 can be used to protect information up to the secret level, and that top secret information can be secured with AES 192 or 256. That's a pretty strong statement coming from the NSA, which if acting rationally they would not want to leave weaknesses in something that is used to secure information that would be, by definition, "very damaging to the US and its interests if released."

    Now, it is possible that such statements are just for show, but it takes a belief that they are playing an incredulously deep game that they would make those statements as a denial and deception practice.

    --
    Integrate Keynote and LaTeX
  4. Re:No, you're right. by smallfries · · Score: 3, Informative

    Maybe you should chase the etymology one level deeper. If the original data cannot be recovered then it is not "hidden" but "destroyed". You may not believe that the term encryption means a two-way process with an available decryption function - but that is the definition that the crypto community uses, and so it's good enough for me.

    --
    Slashdot: where don knuth is an idiot because he cant grasp the awesome power of php
  5. Re:Very similar to the AES competition by James+Youngman · · Score: 4, Informative

    If the NSA really is so good that they can outdo the entire rest of the crypto community, well then they can probably break pretty much any of the cryptosystems out there.
    Actually I think you're right, but to play Devil's Advocate for a moment, I will note that the UK government agency GCHQ developed a public-key cryptosystem between 1969 and 1973, significantly before Diffie and Hellman's (apparently) ground-breaking paper. So, government agencies are quite capable of beating the public state of the art and not telling anyone about it.