Sign In

Communications of the ACM

ACM TechNews

Nist's Hash Algorithm Refresh Possibly Premature

View as: Print Mobile App Share:
Bruce Schneier

Bruce Schneier.

The U.S. National Institute of Standards and Technology soon will announce the winning hash algorithm, which eventually will become the next-generation industry standard SHA-3.

However, security expert Bruce Schneier, who developed one of the five finalists for SHA-3, says there currently is no need for a new hash standard because the existing one is still functional. "When we started this process [in 2006], we did think the whole SHA family's days were numbered," Schneier says. "But then the SHA hacks stopped."

The latest version of the algorithm for fingerprinting messages and files, SHA-512, so far has held up, Schneier notes. The submission and selection process for SHA-3 began in late 2007, and about 64 entries were part of the first round of the competition. Although SHA-512 is still acceptable, the benefits of faster hashing and other features that will be included in SHA-3 will make it worth the switch, says Errata Security CEO Robert Graham.

Meanwhile, Schneier notes SHA-512 eventually could be broken. "I don't know if we have tried hard enough to break SHA-512," he says.

From Dark Reading 
View Full Article

Abstracts Copyright © 2012 Information Inc., Bethesda, Maryland, USA 


No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account