I had assumed NIST would publish a revised specification with a fixed set of lengths, a la Rijndael. Is this stated somewhere, or is my presumption erroneous?
On Wed, Oct 3, 2012 at 6:42 PM, ianG <[email protected]> wrote: > On 3/10/12 14:10 PM, Landon Hurley wrote: >> >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA512 >> >> Thoughts? > > > Very welcome - it does set the scene for the next decade for those of us who > are free to chose the best algorithms for the job. > > "We'll just choose KECCAK." Although, see question at end. > > >> It wasn't the algorithm I had anticipated, > > > :) The nature of the process -- big kudos to NIST for running it as an > international competition -- ensures the result is likely pretty good. There > will be a lot of people arguing over the choice but if the AES experience is > anything to go by, that will dissipate in time. > > >> but does anyone >> really anticipate this seeing any wide spread adoption without a huge >> delay in between? > > > In the negative kudos department, NIST panicked over the "imminent" failure > of older hashes especially SHA1 and, etc, weaker certs, and pushed the CAs > and other vendors into a tizzy. Of course, once woken up, everyone had to > do something, anything. Doing anything, something (dasing?) is always a > good idea when the risks aren't understood. > > Now, a lot of vendors might be less inclined to blink, as they've rammed in > some measures already. Rumour has it that PKIX has closed down? SSL's OODA > cycle is measured at O(10^8 seconds). SHA1 still seems to be holding it's > own... NIST has shot its bolt, has it another chance? > > It's quite possible it doesn't take up. If that is the case, NIST can > hopefully remember this time it decides to take up the drums of war, and > beat more softly and strategically. > > One thing I don't understand from a quick reading is the business about > KECCAK's flexibility. At a theoretical level, it's all very well saying > that we can dial in security and performance, but in practical > cryptoplumbing we need some standard measurands. How do we do this? Are we > waiting on NIST to come out with some lengths, or are we really requiring > our cryptoplumbers to actually understand the innards of KECCAK and wind the > dials themselves? > > iang > > > > > >> //landon >> >> - -------- Original Message -------- >> Subject: NIST Selects Winner of Secure Hash Algorithm (SHA-3) Competition >> Date: Tue, 02 Oct 2012 23:13:01 +0200 >> From: Kristian Fiskerstrand <[email protected]> >> To: Gnupg <[email protected]> >> >> Dear all, >> >> >> >> The National Institute of Standards and Technology (NIST) today >> announced the winner of its five-year competition to select a new >> cryptographic hash algorithm, one of the fundamental tools of modern >> information security. >> >> The winning algorithm, Keccak (pronounced “catch-ack”), was created by >> Guido Bertoni, Joan Daemen and Gilles Van Assche of STMicroelectronics >> and Michaël Peeters of NXP Semiconductors. The team’s entry beat out 63 >> other submissions that NIST received after its open call for candidate >> algorithms in 2007, when it was thought that SHA-2, the standard secure >> hash algorithm, might be threatened. Keccak will now become NIST’s SHA-3 >> hash algorithm. >> >> You can read more at >> http://www.nist.gov/public_affairs/tech-beat/tb20121002.cfm#s >> >> - -- >> Violence is the last refuge of the incompetent. >> >> >> -----BEGIN PGP SIGNATURE----- >> Version: GnuPG v1.4.11 (GNU/Linux) >> Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ >> >> iQIcBAEBCgAGBQJQa7rLAAoJEDeph/0fVJWs5QsP/39z89h8HylUzCVpiP9j6yZh >> BBMZ/pBucE6JRzueZqr8+xn7sAv902KTEk3iMyaVAPMg9fTOX4ppL7oMefONCDuS >> wp9xNaR5lCdYTQa7uCBcmNfNX5A6S8x5W8feFmn+gzsTWytsbOgmy0+aGZ1g9qCp >> bvLpjV2CDFH851N1fw5lR6qn5VURcBFk5JeNRMMxukxmoyem6AxN7SYUZ8WVDQ/o >> N7xuRKMoP6h16Z74LsoACwP50rem6kWfaYHSOsrKzcL4svbLGHzw5pT/DOJr4DqW >> v9MxYjYKZ58OqVF0jgoWlcPHMNxZLgylYC3vGdDgC4KatXw3YhIsnCrE2MPxh77Q >> +dqiEEPc48Zy6JmS1nOsbpJcvUh1Gpq+gjPQPBRrSHGJ0v3RbPjQ4YTHO/tVTgQ7 >> P44h6hf8kb3XxhO/HAlBwMwjWKtqyw915bJKrKwetxgbGgL4POMfgFMjkmOergC8 >> FZP4o/XelUsT5HMSjojRnN5gB5vwNIxRwKtXervroprKs0DZECa1YasY+YC9RVrv >> MkjEZAJ04QPtwCY8j/ciqYqToniIRBnf0MxlmNbfxRSOavslFuKkOEtmuLPvEmie >> nlPcn58F7U7eHvE+On7sL5CbpVLAqG3bmjgB1Sb/ywND2a5JZaxOoaGp1JyF3DPC >> M4TmaUJHvSP80fL24br2 >> =/OU3 >> -----END PGP SIGNATURE----- >> _______________________________________________ >> cryptography mailing list >> [email protected] >> http://lists.randombit.net/mailman/listinfo/cryptography >> > > _______________________________________________ > cryptography mailing list > [email protected] > http://lists.randombit.net/mailman/listinfo/cryptography _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
