The National Institute of Standards and Technology has chosen the five finalists for the last round of its competition to find the next hash function standard. The SHA-3 finalists include Skein, developed by a group including Bruce Schneier and Jon Callas.
The other four SHA-3 finalists are BLAKE, Grostl, JH and Keccak, three of which come from European teams. JH was developed by a group from Singapore. NIST made the announcement on Thursday, however the announcement of the actual winner of the competition won’t be made until the middle of 2012. The comment period for the five finalists will be open until the end of 2011.
“Security was our greatest concern, and we took this very seriously, but
none of these candidates was clearly broken. However, it is meaningless
to discuss the security of a hash function without relating security to
performance, so in reality, NIST wanted highly secure algorithms that
also performed well. We preferred to be conservative about security, and
in some cases did not select algorithms with exceptional performance,
largely because something about them made us ‘nervous,’ even though we
knew of no clear attack against the full algorithm,” Bill Burr, manager of the cryptographic technology group at NIST said in the announcement.
The competition is designed to find a hash algorithm to replace the venerable SHA-1 function, which has been found to be susceptible to collision attacks. NIST officials have been recommending for several years now that users begin migrating away from SHA-1 to the newer SHA-2 family of algorithms. But that’s only an interim step until a final SHA-3 function is approved and released in 2012.
“The SHA-2 hash functions are well along in the commercial system
deployment process and are available in many newer systems and
applications, but are not yet available in the majority of deployed
systems. The primary constraint on the current use of the SHA-2 hash
functions for signatures is interoperability; many relying party systems
do not yet implement them, and may not do so for several more years.
NIST encourages a rapid adoption of the SHA-2 hash functions for
digital signatures, and, in any event, Federal agencies must stop
relying on digital signatures that are generated using SHA-1 by the
end of 2010,” NIST said in its analysis of the collision attack on SHA-1.
The Skein function is the sole U.S. finalist in the SHA-3 competition, and was developed by a large team of cryptographers. The team includes Niels Ferguson of Microsoft, Stefan Lucks, Schneier, Doug Whiting, Mihir Bellare, Tadayoshi Kohno, Callas of PGP and Jesse Walker.