Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Encryption Security Technology

NIST Announces Round 1 Candidates For SHA-3 Competition 125

Posted by Soulskill from the time-to-pick-them-apart dept.
jd writes "NIST has announced the round 1 candidates for the Cryptographic Hash Algorithm Challenge. Of the 64 who submitted entries, 51 were accepted. Of those, in mere days, one has been definitely broken, and three others are believed to have been. At this rate, it won't take the couple of years NIST was reckoning to whittle down the field to just one or two. (In comparison, the European Union version, NESSIE, received just one cryptographic hash function for its contest. One has to wonder if NIST and the crypto experts are so concerned about being overwhelmed with work for this current contest, why they all but ignored the European effort. A self-inflicted wound might hurt, but it's still self-inflicted.) Popular wisdom has it that no product will have any support for any of these algorithms for years — if ever. Of course, popular wisdom is ignoring all Open Source projects that support cryptography (including the Linux kernel) which could add support for any of these tomorrow. Does it really matter if the algorithm is found to be flawed later on, if most of these packages support algorithms known to be flawed today? Wouldn't it just be geekier to have passwords in Blue Midnight Wish or SANDstorm rather than boring old MD5, even if it makes no practical difference whatsoever?"
This discussion has been archived. No new comments can be posted.

NIST Announces Round 1 Candidates For SHA-3 Competition More

NIST Announces Round 1 Candidates For SHA-3 Competition

Comments Filter:

  • Salts... (Score:3, Interesting)

    by Manip ( 656104 ) on Sunday December 21, 2008 @11:58AM (#26191539)

    In answer to - "have passwords in Blue Midnight Wish or SANDstorm rather than boring old MD5, even if it makes no practical difference whatsoever?"

    I'm going into the "no practical difference whatsoever" camp. In fact you're taking a huge risk if any of them are broken and you gain nothing that simply salting your hashes doesn't already give you.

    We know that MD5 is secure to a degree. Just salt that bad boy up so rainbow tables no longer have any impact.

  • Triple MD5 Anyone? (Score:3, Interesting)

    by Nom du Keyboard ( 633989 ) on Sunday December 21, 2008 @02:59PM (#26192731)
    Triple MD5 anyone? Hey it worked to extend DES!

    (Triple MD5 is is composed of the XOR of standard MD5 first byte to last byte, MD5 last byte to first byte, MD5 middle out to the ends. Faster hardware makes this feasible now.)

  • Re:Triple MD5 Anyone? (Score:3, Interesting)

    by owlstead ( 636356 ) on Sunday December 21, 2008 @05:21PM (#26193951)

    Replying on myself here, but any algorithm that starts with encoding the hash size is bad as well, IMHO, and there are some examples of that in the SHA-3 zoo. If you have e.g. XML base 64 encoding you may not know the full length before decoding, so you cannot hash at the same time.

  • It looks slow. (Score:3, Interesting)

    by DamnStupidElf ( 649844 ) <Fingolfin@linuxmail.org> on Sunday December 21, 2008 @06:10PM (#26194419)

    IIRC, Skein is getting about 6 cycles a byte in 512-bit mode on 64 bit platforms, which on a 2.4GHz dual core CPU would yield a theoretical 800 MB/s in a parallel tree hashing mode, 400 MB/s in standard mode. Apparently MD6 has a parallel mode also, and it's striking that both hash functions are trying to be minimalist by employing only three fundamental operations (AND, XOR, SHIFT for MD6; XOR, ADD, ROLL for Skein) and lots of rounds. It's odd that MD6 should be so much slower. Perhaps it hasn't been fully optimized yet?

Slashdot Top Deals

If you think the system is working, ask someone who's waiting for a prompt.

Close