NIST selects the winner of Secure Hash Algorithm (SHA-3) competition

The United States National Institute of Standards and Technology (NIST) has announced the winner of its competition to select a cryptographic hash algorithm to bear the name SHA-3.

In case you don’t know what a cryptographic hash algorithm is, you may check on Wikipedia but as a summary, it is one of the fundamental tools of modern information security. Hash algorithms are used widely for cryptographic applications that ensure the authenticity of digital documents, such as digital signatures and message authentication codes. These algorithms take an electronic file and generate a short “digest,” a sort of digital fingerprint of the content.

A good hash algorithm has a few vital characteristics:

  • any change in the original message, however small, must cause a change in the digest
  • for any given file and digest, it must be infeasible for a forger to create a different file with the same digest.

There are plenty of known hashing algorithms known, but most of them, were proven to be vulnerable to crypto attacks. In 2005, security flaws were identified in SHA-1, namely that a mathematical weakness might exist, indicating that a stronger hash function would be desirable. Although SHA-2 bears some similarity to the SHA-1 algorithm, these attacks have not been successfully extended to SHA-2 family of hash functions.

That’s why in 2007, NIST has organized a contest for choosing the next hash algorithm, called SHA-3. Wikipedia is also keeping a summary of the competition updated here.

The winning SHA-3 algorithm had to augment the hash algorithms currently specified in FIPS 180-4, Secure Hash Standard.

NIST received sixty-four entries from cryptographers around the world by October 31, 2008, and selected fifty-one first-round candidates in December 2008, and fourteen second-round candidates in July 2009. On December 9, 2010, NIST announced five third-round candidates – BLAKE, Grøstl, JH, Keccak and Skein, to enter the final round of the competition. Based on the public comments and internal review of the candidates,

NIST announced Keccak as the winner of the SHA-3 Cryptographic Hash Algorithm Competition on October 2, 2012, and ended the five-year competition.

Keccak was designed by a team of cryptographers from Belgium and Italy, they are:

    • Guido Bertoni (Italy) of STMicroelectronics,
    • Joan Daemen (Belgium) of STMicroelectronics,
    • Michaël Peeters (Belgium) of NXP Semiconductors, and
    • Gilles Van Assche (Belgium) of STMicroelectronics.

A more detailed announcement is available here on the NIST website.

This is not just a new hash function, it marks a new chapter in the history of cryptography in general. The SHA-2 hashing algorithm has not yet be publicly proved to be vulnerable, but yet there is a predecessor which had the requirement to have nothing in common with it.

I use this chance to congratulate the authors and I am looking forward to see how the new algorithm will be used in practice.


Sorin Mustaca

Data Security Expert