The final version of the “Secure Hash Algorithm-3” standard, the next-generation tool for securing the integrity of electronic information, just released.
SHA-3 is the first cryptographic hash algorithm developed using a public competition and vetting process that drew 64 submissions worldwide of proposed hashing algorithms, said officials at the National Institute of Standards and Technology (NIST).
The new standard, Federal Information Processing Standard (FIPS) 202, SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions, is available for download from NIST’s website.
Hash algorithms are useful in the world of electronic communications. They transform a digital message into a short “message digest” for use in digital signatures and other applications.
Even a small change in the original message creates a change in the digest, making it easier to detect accidental or intentional changes to the original message. Hash functions can end up used in a variety of security applications such as message authentication. They also are useful during routine software upgrades to make sure new software did not end up tampered with.
The SHA-3 standard does not differ markedly from the draft version released for public comment in May last year. It specifies a family of functions based on Keccak, the winning algorithm selected from NIST’s SHA-3 Cryptographic Hash Algorithm Competition.
SHA-3 is not the only family of hash functions NIST approves for hashing electronic messages; the SHA-2 family, specified in FIPS 180-4 that NIST approved for use in 2002, remains secure and viable.
“SHA-3 is very different from SHA-2 in design,” said NIST’s Shu-jen Chang. “It doesn’t replace SHA-2, which has not shown any problem, but offers a backup. It takes years to develop a new standard, and we wanted to be prepared in case problems do occur.”
The two standards will complement each other and offer more options to designers of both hardware and software, Chang said. Some of the SHA-3 functions can end up implemented without requiring much additional circuitry on a chip, potentially making them useful alternatives for securing very small devices.
Click here for the final version of the “Secure Hash Algorithm-3” standard.