Encryption algorithm with 'sponge construction' picked to succeed SHA-2

SHA-3 features a fundamentally different architecture from SHA-2

By , IDG News Service |  Security

NIST also praised Keccak for being able to run easily across a wide range of computing devices and requiring fewer computational resources to run than any of the other finalists, or even the SHA-2 variants themselves.

Although NIST was concerned in 2007 about the SHA-2 algorithm being vulnerable, based on attacks on some of the variants, its worries turned out to be unfounded. Today, NIST maintains that SHA-2 is secure for everyday use. In fact, Polk cautioned that those still using SHA-1 for digital signatures should not wait to upgrade to SHA-3, because there are no commercial versions of the new hash algorithm yet. SHA-2 is perfectly secure, he said.

In fact, critics have questioned the need for SHA-3 at all, at least for the immediate future.

"When we started this process back in 2006, it looked as if we would be needing a new hash function soon," noted security expert Bruce Schneier wrote in a blog post. Schneier authored one of the five finalists in the competition. "We didn't know how long the various SHA-2 variants would remain secure. But it's 2012, and SHA-512 is still looking good."

Joab Jackson covers enterprise software and general technology breaking news for The IDG News Service. Follow Joab on Twitter at @Joab_Jackson. Joab's e-mail address is Joab_Jackson@idg.com

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question