NIST Announces SHA-3 Hash Function Finalists

The National Institute of Standards and Technology has chosen the five finalists for the last round of its competition to find the next hash function standard. The SHA-3 finalists include Skein, developed by a group including Bruce Schneier and Jon Callas.

The other four SHA-3 finalists are BLAKE, Grostl, JH and Keccak, three of which come from European teams. JH was developed by a group from Singapore. NIST made the announcement on Thursday, however the announcement of the actual winner of the competition won't be made until the middle of 2012. The comment period for the five finalists will be open until the end of 2011.

"Security was our greatest concern, and we took this very seriously, but none of these candidates was clearly broken.  However, it is meaningless to discuss the security of a hash function without relating security to performance, so in reality, NIST wanted highly secure algorithms that also performed well. We preferred to be conservative about security, and in some cases did not select algorithms with exceptional performance, largely because something about them made us 'nervous,' even though we knew of no clear attack against the full algorithm," Bill Burr, manager of the cryptographic technology group at NIST said in the announcement.

The competition is designed to find a hash algorithm to replace the venerable SHA-1 function, which has been found to be susceptible to collision attacks. NIST officials have been recommending for several years now that users begin migrating away from SHA-1 to the newer SHA-2 family of algorithms. But that's only an interim step until a final SHA-3 function is approved and released in 2012.

"The SHA-2 hash functions are well along in the commercial system deployment process and are available in many newer systems and applications, but are not yet available in the majority of deployed systems. The primary constraint on the current use of the SHA-2 hash functions for signatures is interoperability; many relying party systems do not yet implement them, and may not do so for several more years. NIST encourages a rapid adoption of the SHA-2 hash functions for digital signatures, and, in any event, Federal agencies must stop relying on digital signatures that are generated using SHA-1 by the end of 2010," NIST said in its analysis of the collision attack on SHA-1.

The Skein function is the sole U.S. finalist in the SHA-3 competition, and was developed by a large team of cryptographers. The team includes Niels Ferguson of Microsoft, Stefan Lucks, Schneier, Doug Whiting, Mihir Bellare, Tadayoshi Kohno, Callas of PGP and Jesse Walker.

Commenting on this Article is closed.