Schneier: We Don't Need SHA-3

Trailrunner7 writes with this excerpt from Threatpost: "For the last five years, NIST, the government body charged with developing new standards for computer security, among other things, has been searching for a new hash function to replace the aging SHA-2 function. Five years is a long time, but this is the federal government and things move at their own pace in Washington, but NIST soon will be announcing the winner from the five finalists that were chosen last year. Despite the problems that have cropped up with some versions of SHA-2 in the past and the long wait for the new function, there doesn't seem to be much in the way of breathless anticipation for this announcement. So much so, in fact, that Bruce Schneier, a co-author of one of the finalists not only isn't hoping that his entry wins, he's hoping that none of them wins. ... It's not because Schneier doesn't think the finalists are worthy of winning. In fact, he says, they're all good and fast and perfectly capable. The problem is, he doesn't think that the world needs a new hash function standard at all. SHA-512, the stronger version of the SHA-2 function that's been in use for more than a decade, is still holding up fine, Schneier said, which was not what cryptographers anticipated would be the case when the SHA-3 competition was conceived. 'I expect SHA-2 to be still acceptable for the foreseeable future. That's the problem. It's not like AES. Everyone knew that DES was dead — and triple-DES was too slow and clunky — and we needed something new. So when AES appeared, people switched as soon as they could. This will be different,' Schneier said via email."

Re:Useful replacement

[commlinx]

True, I normally use a 8-bit checksum for my hashing for best performance. On passwords in particular some people think hashing and password recovery are incompatible, but on the server I simply maintain a list of 256 complex looking passwords so a match can be quickly looked up and e-mailed back.

Does anyone know if that idea has been thought of before, maybe I should take a patent?

Re:I have an idea

[Walterk]

You must be new here..

Re:Too slow?

[AlXtreme]

I just found an SQL injection attack and downloaded the whole password database. I know crack it at my own leisure.

If the passwords are decently salted and the salt is unknown good luck with that. Remember to switch planets when the Sun goes nova.

Re:I have an idea

[dkleinsc]

Besides, Bruce Schneier doesn't need his blog entries linked from anywhere - he just breaks into webservers and puts links wherever he wants.

for the uninitiated [schneierfacts.com]

Re:Too slow?

[fuzzyfuzzyfungus]

Conveniently, converting most of the planet's mass into energy serves as an effective substitute for diplomacy in many situations.