Communications of the ACM
Let the Cracking Begin
Analysts have started the process of testing new Secure Hash Algorithm (SHA) candidates for flaws as part of the first round of the National Institute of Standards and Technology's (NIST's) competition to select the next government standard for cryptographic tools. So far, three of the initial 51 submissions have been eliminated. NIST's Bill Burr says there are probably more than three or four more broken algorithms that have not been withdrawn from consideration yet. The winning submission will become SHA-3, and will augment and eventually replace the algorithms currently specified in Federal Information Processing Standard 180-2, which uses SHA-1 and SHA-2.
Officials decided to create a competition to design SHA-3 in 2007 after weaknesses were discovered in the existing algorithms. The final selection of a new standard is expected to take place in 2012. Candidates for SHA-3 must be publicly disclosed and available without royalties, work on a wide variety of hardware and software platforms, and support 224-, 256-, and 512-bit encryption. NIST will hold several public workshops to continue to narrow the field, and expects to reduce the number of submissions to 15 by late summer, with the final five being selected in 2010.
From Government Computer News
View Full ArticleNo entries found