NIST Competition for New Cryptographic Hash Function

National Institute of Standards and Technology (NIST) is having a competition for a new cryptographic hash function. NIST did a good job managing the AES process (competition for Advanced Encryption Standard). They are obviously going to do in similar way with hash functions. You’ll find Announcement for the Development of New Hash Algorithm(s) for the Revision of Federal Information Processing Standard (FIPS) 180–2, Secure Hash Standard here. Last year and the year before, NIST sponsored two workshops (2005 and 2006) to discuss the requirements for a new hash function, and last month it announced a competition to choose a replacement for SHA-1.

Submissions will be due in fall 2008, and a single standard is scheduled to be chosen by the end of 2011. This is a reasonable schedule. Designing a secure hash function seems harder than designing a secure encryption algorithm, although we don’t know whether this is inherently true of the mathematics or simply a result of our imperfect knowledge. Producing a new secure hash standard is going to take a while. Luckily, we have an interim solution in SHA-256.

This is big chance to create something really big and important in security area. Bruce Schneier told that his Twofish team is going to reconstitute and get to work on an Advanced Hash Standard submission.

Read Announcement, and more here and here.

4 Responses

  1. Dragan on Security

    MD5 Collisions…

    It seems that bad days came for MD5 and those who based hashes on it. It is possible to create two executable programs with different functionalities with identical MD5 hash. Therefore, it is possible to create malicious executable which has same MD5 h…

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.