National Institute of Standards and Technology (NIST) unveiled the winner of its competition to select a cryptographic hash algorithm to bear the name SHA-3.
The five-year competition attracted 64 entries with the winner being the Keccak (pronounced “catch-ack” according to NIST, and “ketchak” according to its creators) algorithm created by Guido Bertoni, Joan Daemen, Gilles Van Assche and Michaël Peeters.
The competition started in 2007 when NIST thought the current SHA-2 algorithm might suffer a threat.
Keccak won because of its ability to run on a large variety of computing hardware and because, in tests carried out by NIST and independent reviewers, it was the fastest algorithm when implemented in hardware.
NIST also highlighted the fact, unlike all other members of the Secure Hash Algorithm (SHA) family and the related MD4 and MD5 algorithms, Keccak does not use a Merkle-Damgard approach to creating hashes.
Instead, Keccak uses a design called a “sponge function.” This function, NIST computer security expert Tim Polk said, is desirable as it makes it unlikely that an attack that would defeat SHA-2 could also defeat SHA-3.
The conceptual differences between the two approaches provide added insurance against future vulnerabilities and would enable NIST to fall back to the other family of hashing functions if anyone finds one approach is vulnerable to attack.
SHA-2 is still a secure environment suitable for general use by NIST, but having a second algorithm gives “security designers more flexibility,” Polk said. The ability to run very efficiently in hardware implementation also makes SHA-3 interesting for embedded and mobile applications.