(LiveHacking.Com) – The National Institute of Standards and Technology (NIST) has announced the winner of its five-year competition to select a new cryptographic hash algorithm. At the end of 2007, NIST announced a free-for-all competition to find the next Secure Hash Algorithm (known as SHA-3). Now after five years, 64 entries and three rounds of eliminations, there is a winner: Keccak. Pronounced “catch-ack”, it was created by Guido Bertoni, Joan Daemen and Gilles Van Assche of STMicroelectronics and Michaël Peeters of NXP Semiconductors.
Hash algorithms are widely-used to creates “fingerprints”, or “message digests” of a file. The marks of a good hash algorithm are that any change in the original data will change the digest, and for any given file it must be infeasible for a forger to create a different file with the same hash. NIST liked Keccak because of its elegant design and its ability to run well on many different computing devices.
NIST received sixty-four entries in total. Fifty-one were selected as first-round candidates, and this was narrowed down to fourteen second-round candidates in July 2009. On December 9, 2010, NIST announced five third-round candidates – BLAKE, Grøstl, JH, Keccak and Skein.
“Keccak has the added advantage of not being vulnerable in the same ways SHA-2 might be,” says NIST computer security expert Tim Polk. “An attack that could work on SHA-2 most likely would not work on Keccak because the two algorithms are designed so differently. The Internet as we know it is expanding to link devices that many people do not ordinarily think of as being part of a network. SHA-3 provides a new security tool for system and protocol designers, and that may create opportunities for security in networks that did not exist before.”