On 3/10/12 14:10 PM, Landon Hurley wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Thoughts?
Very welcome - it does set the scene for the next decade for those of us
who are free to chose the best algorithms for the job.
"We'll just choose KECCAK." Although, see question at end.
It wasn't the algorithm I had anticipated,
:) The nature of the process -- big kudos to NIST for running it as an
international competition -- ensures the result is likely pretty good.
There will be a lot of people arguing over the choice but if the AES
experience is anything to go by, that will dissipate in time.
but does anyone
really anticipate this seeing any wide spread adoption without a huge
delay in between?
In the negative kudos department, NIST panicked over the "imminent"
failure of older hashes especially SHA1 and, etc, weaker certs, and
pushed the CAs and other vendors into a tizzy. Of course, once woken
up, everyone had to do something, anything. Doing anything, something
(dasing?) is always a good idea when the risks aren't understood.
Now, a lot of vendors might be less inclined to blink, as they've rammed
in some measures already. Rumour has it that PKIX has closed down?
SSL's OODA cycle is measured at O(10^8 seconds). SHA1 still seems to be
holding it's own... NIST has shot its bolt, has it another chance?
It's quite possible it doesn't take up. If that is the case, NIST can
hopefully remember this time it decides to take up the drums of war, and
beat more softly and strategically.
One thing I don't understand from a quick reading is the business about
KECCAK's flexibility. At a theoretical level, it's all very well saying
that we can dial in security and performance, but in practical
cryptoplumbing we need some standard measurands. How do we do this?
Are we waiting on NIST to come out with some lengths, or are we really
requiring our cryptoplumbers to actually understand the innards of
KECCAK and wind the dials themselves?
iang
//landon
- -------- Original Message --------
Subject: NIST Selects Winner of Secure Hash Algorithm (SHA-3) Competition
Date: Tue, 02 Oct 2012 23:13:01 +0200
From: Kristian Fiskerstrand <[email protected]>
To: Gnupg <[email protected]>
Dear all,
The National Institute of Standards and Technology (NIST) today
announced the winner of its five-year competition to select a new
cryptographic hash algorithm, one of the fundamental tools of modern
information security.
The winning algorithm, Keccak (pronounced catch-ack), was created by
Guido Bertoni, Joan Daemen and Gilles Van Assche of STMicroelectronics
and Michaël Peeters of NXP Semiconductors. The teams entry beat out 63
other submissions that NIST received after its open call for candidate
algorithms in 2007, when it was thought that SHA-2, the standard secure
hash algorithm, might be threatened. Keccak will now become NISTs SHA-3
hash algorithm.
You can read more at
http://www.nist.gov/public_affairs/tech-beat/tb20121002.cfm#s
- --
Violence is the last refuge of the incompetent.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/
iQIcBAEBCgAGBQJQa7rLAAoJEDeph/0fVJWs5QsP/39z89h8HylUzCVpiP9j6yZh
BBMZ/pBucE6JRzueZqr8+xn7sAv902KTEk3iMyaVAPMg9fTOX4ppL7oMefONCDuS
wp9xNaR5lCdYTQa7uCBcmNfNX5A6S8x5W8feFmn+gzsTWytsbOgmy0+aGZ1g9qCp
bvLpjV2CDFH851N1fw5lR6qn5VURcBFk5JeNRMMxukxmoyem6AxN7SYUZ8WVDQ/o
N7xuRKMoP6h16Z74LsoACwP50rem6kWfaYHSOsrKzcL4svbLGHzw5pT/DOJr4DqW
v9MxYjYKZ58OqVF0jgoWlcPHMNxZLgylYC3vGdDgC4KatXw3YhIsnCrE2MPxh77Q
+dqiEEPc48Zy6JmS1nOsbpJcvUh1Gpq+gjPQPBRrSHGJ0v3RbPjQ4YTHO/tVTgQ7
P44h6hf8kb3XxhO/HAlBwMwjWKtqyw915bJKrKwetxgbGgL4POMfgFMjkmOergC8
FZP4o/XelUsT5HMSjojRnN5gB5vwNIxRwKtXervroprKs0DZECa1YasY+YC9RVrv
MkjEZAJ04QPtwCY8j/ciqYqToniIRBnf0MxlmNbfxRSOavslFuKkOEtmuLPvEmie
nlPcn58F7U7eHvE+On7sL5CbpVLAqG3bmjgB1Sb/ywND2a5JZaxOoaGp1JyF3DPC
M4TmaUJHvSP80fL24br2
=/OU3
-----END PGP SIGNATURE-----
_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography
_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography
