Thursday, January 27, 2011

IT Contest Promotes Steaming Hash

    IT Contest Promotes Steaming Hash
  • Five finalists have been chosen in a federally sponsored contest to create the next generation of hash algorithms for IT.A federally sponsored contest seeks to develop next-generation hash algorithms. One of five new algorithms, chosen from among an original field of 64, will be used for everything from storage access to cryptography—making it a key instrument in the toolbox of modern IT organizations.
    Hash algorithms improve data storage access times, provide random number generation, ensure the authenticity of digital documents—from digital signatures to authentication codes—as well as streamline cryptographic applications. The contest winner will augment the hash algorithms currently specified in Federal Information Processing Standards Secure Hash Standard, authorizing a third-generation of Secure Hash Algorithms (called SHA-3).

    The hash functions by transforming the content to be stored (here telephone numbers) into index codes that can quickly retrieve that data (source: Wikipedia). 
    A hash function implements a simple, easy-to-execute algorithm that maps input values (derived from the content to be stored) to an index—called the hash code—that can be used for quick retrieval. Hash tables hold these index values plus the real physical address of the stored data, allowing quick retrieval of documents from the hash table. The bane of hash functions are collisions—data sets that produce the same hash code—which must be gracefully reconciled by the hash algorithm.
    The current SHA-3 Cryptography Competition concentrates on security applications of hash functions, which take arbitrary blocks of data and derive a fixed-size index (called a digest). Indexing secure messages with a hash digest aims to satisfy four competing goals: ease of computing the digest, minimizing collisions, guaranteeing that changes in the message will result in a different digest, and guaranteeing that the message cannot be "reverse-engineered" from the digest.

    The National Institute of Standards and Technology (NIST), which recently selected the five finalists, is sponsoring the contest to counter advances in cryptanalysis of hash algorithms that security-busting organizations—from hackers to foreign governments—have recently demonstrated as capable of defeating the current SHA-2 standard. The winner of the contest will help fill this security hole with SHA-3.

    Cryptographic hash functions transform messages into digest codes that are unique, and which cannot be reverse-engineered to reveal the original (source: Wikipedia).  
    Three rounds of selection have narrowed the field of competitors from 64 to 14 in the second round, which has now advanced to the third round with NIST's selection of five finalists:
    ● "Blake" submitted by Jean-Philippe Aumasson (Nagravision SA, Cheseaux, Switzerland), Luca Henzen (ETHZ, Zürich, Switzerland), Willi Meier (FHNW, Windisch, Switzerland) and Raphael C.-W. Phan (Loughborough University, UK)
    ● "Grøstl" submitted by Søren Steffen Thomsen, Martin Schläffer, Christian Rechberger, Florian Mendel, Krystian Matusiewicz, Lars R. Knudsen and Praveen Gauravaram from Technical University of Denmark (DTU) and TU Graz
    ● "JH" submitted by Hongjun Wu
    ● "Keccak" submitted by Guido Bertoni, Joan Daemen and Gilles Van Assche (STMicroelectronics), and Michaël Peeters (NXP Semiconductors)
    ● "Skein" submitted by Niels Ferguson, Stefan Lucks, Bruce Schneier, Doug Whiting, Mihir Bellare, Tadayoshi Kohno, Jon Callas and Jesse Walker.
    2011 will allow a yearlong public review of the algorithms, the winner of which will be announced in 2012. See details on the review process here.

No comments: