Sign In

Communications of the ACM

ACM TechNews

Nist's Hash Algorithm Refresh Possibly Premature

Bruce Schneier

Bruce Schneier.

The U.S. National Institute of Standards and Technology soon will announce the winning hash algorithm, which eventually will become the next-generation industry standard SHA-3.

However, security expert Bruce Schneier, who developed one of the five finalists for SHA-3, says there currently is no need for a new hash standard because the existing one is still functional. "When we started this process [in 2006], we did think the whole SHA family's days were numbered," Schneier says. "But then the SHA hacks stopped."

The latest version of the algorithm for fingerprinting messages and files, SHA-512, so far has held up, Schneier notes. The submission and selection process for SHA-3 began in late 2007, and about 64 entries were part of the first round of the competition. Although SHA-512 is still acceptable, the benefits of faster hashing and other features that will be included in SHA-3 will make it worth the switch, says Errata Security CEO Robert Graham.

Meanwhile, Schneier notes SHA-512 eventually could be broken. "I don't know if we have tried hard enough to break SHA-512," he says.

From Dark Reading 
View Full Article

Abstracts Copyright © 2012 Information Inc., Bethesda, Maryland, USA 


No entries found