Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Keccak is SHA-3
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Off the Wall
View previous topic :: View next topic  
Author Message
wswartzendruber
Veteran
Veteran


Joined: 23 Mar 2004
Posts: 1224
Location: Jefferson, USA

PostPosted: Mon Oct 08, 2012 1:24 pm    Post subject: Keccak is SHA-3 Reply with quote

It looks like the Keccak algorithm won the NIST's SHA-3 competition. It has the ability to generate arbitrary hash sizes. I don't see anywhere that a specific hash size is considered "SHA-3."
Back to top
View user's profile Send private message
pigeon768
l33t
l33t


Joined: 02 Jan 2006
Posts: 669

PostPosted: Mon Oct 08, 2012 6:07 pm    Post subject: Reply with quote

SHA-2 was similar. SHA-224, SHA-256, SHA-384, and SHA-512 are all SHA-2.

SHA-3 is just more flexible.
_________________
My political bias.
Back to top
View user's profile Send private message
mdeininger
Veteran
Veteran


Joined: 15 Jun 2005
Posts: 1740
Location: Emerald Isles, overlooking Dublin's docklands

PostPosted: Mon Oct 08, 2012 7:32 pm    Post subject: Reply with quote

interesting.

how did the other algorithms do? iirc for sha-1 or 2 they rejected an algorithm that was known to be more secure in favour of another that is easier to compute. did they do that this time, too?
_________________
"Confident, lazy, cocky, dead." -- Felix Jongleur, Otherland

( Twitter | Blog | GitHub )
Back to top
View user's profile Send private message
ichbinsisyphos
Guru
Guru


Joined: 08 Dec 2006
Posts: 547

PostPosted: Mon Oct 08, 2012 8:54 pm    Post subject: Reply with quote

http://www.nist.gov/itl/csd/sha-100212.cfm
Quote:
and Keccak has higher performance in hardware implementations than SHA-2 or any of the other finalists.


"more secure" is relative though. Bruce Schneier is convinced that switching to SHA-3 is not useful for security reasons alone any time soon, so at the time SHA-2 was picked the security benefit of other competitors was more than likely not worth sacrificing performance.
Back to top
View user's profile Send private message
mdeininger
Veteran
Veteran


Joined: 15 Jun 2005
Posts: 1740
Location: Emerald Isles, overlooking Dublin's docklands

PostPosted: Mon Oct 08, 2012 9:12 pm    Post subject: Reply with quote

ichbinsisyphos wrote:
http://www.nist.gov/itl/csd/sha-100212.cfm
Quote:
and Keccak has higher performance in hardware implementations than SHA-2 or any of the other finalists.


"more secure" is relative though. Bruce Schneier is convinced that switching to SHA-3 is not useful for security reasons alone any time soon, so at the time SHA-2 was picked the security benefit of other competitors was more than likely not worth sacrificing performance.
aah, thanks for the link. I found the first part of the paragraph to be far more reassuring though, so I'll quote it in full:

Quote:
The NIST team praised the Keccak algorithm for its many admirable qualities, including its elegant design and its ability to run well on many different computing devices. The clarity of Keccak’s construction lends itself to easy analysis (during the competition all submitted algorithms were made available for public examination and criticism), and Keccak has higher performance in hardware implementations than SHA-2 or any of the other finalists.


I remember that for sha-2 (or maybe sha-1) one candidate was specifically rejected because it took slightly longer to computer, even though it was theoretically harder to break (which is bad). sha-3 looks good so far though. Very good even :3.

But yeah, no need to switch anytime soon. Hell even sha-1's best attack requires 2^51 operations. The algorithm looks nice to implement in hardware though.
_________________
"Confident, lazy, cocky, dead." -- Felix Jongleur, Otherland

( Twitter | Blog | GitHub )
Back to top
View user's profile Send private message
wswartzendruber
Veteran
Veteran


Joined: 23 Mar 2004
Posts: 1224
Location: Jefferson, USA

PostPosted: Mon Oct 08, 2012 10:22 pm    Post subject: Reply with quote

AES was the same way. Twofish was seen as far more secure, but Rijndael was picked for performance.
Back to top
View user's profile Send private message
avx
Advocate
Advocate


Joined: 21 Jun 2004
Posts: 2094

PostPosted: Tue Oct 09, 2012 1:41 am    Post subject: Reply with quote

Meh, don't like it. Performing good/easily doable in specialized hardware usually benefits the parties you actually wanna leave out. I for one will stay with Tiger for hashes and Serpent for encryption; come to think of it, Tiger&Serpent is a pretty naming combo.
_________________
++++++++++[>+++++++>++++++++++>+++>+<<<<-]>++.>+.+++++++..+++.>++.<<+++++++++++++++.>.+++.------.--------.>+.>.
Back to top
View user's profile Send private message
wswartzendruber
Veteran
Veteran


Joined: 23 Mar 2004
Posts: 1224
Location: Jefferson, USA

PostPosted: Tue Oct 09, 2012 1:46 am    Post subject: Reply with quote

Serpent's probably up to snuff, at least according to the NIST. Who's reviewed Tiger?
Back to top
View user's profile Send private message
avx
Advocate
Advocate


Joined: 21 Jun 2004
Posts: 2094

PostPosted: Tue Oct 09, 2012 2:35 am    Post subject: Reply with quote

http://en.wikipedia.org/wiki/Tiger_(cryptography)

It's also by the same guys who designed Serpent. Don't really know why it's not used as widespread as others, though.
_________________
++++++++++[>+++++++>++++++++++>+++>+<<<<-]>++.>+.+++++++..+++.>++.<<+++++++++++++++.>.+++.------.--------.>+.>.
Back to top
View user's profile Send private message
mdeininger
Veteran
Veteran


Joined: 15 Jun 2005
Posts: 1740
Location: Emerald Isles, overlooking Dublin's docklands

PostPosted: Tue Oct 09, 2012 8:08 am    Post subject: Reply with quote

avx wrote:
http://en.wikipedia.org/wiki/Tiger_(cryptography)

It's also by the same guys who designed Serpent. Don't really know why it's not used as widespread as others, though.
everyone's really only aiming for AES and SHA. it gives managers a warm feeling in their boxers because they're standard-y.

not sure why "standard encryption" would be good to sell though...

but yeah, tiger is nice, and I've always used serpent on everything simply because it's a solid algorithm. and AES breakers can't really work with it :D.
_________________
"Confident, lazy, cocky, dead." -- Felix Jongleur, Otherland

( Twitter | Blog | GitHub )
Back to top
View user's profile Send private message
wswartzendruber
Veteran
Veteran


Joined: 23 Mar 2004
Posts: 1224
Location: Jefferson, USA

PostPosted: Tue Oct 09, 2012 3:57 pm    Post subject: Reply with quote

AES breakers haven't really broken AES, either.
Back to top
View user's profile Send private message
mdeininger
Veteran
Veteran


Joined: 15 Jun 2005
Posts: 1740
Location: Emerald Isles, overlooking Dublin's docklands

PostPosted: Tue Oct 09, 2012 4:15 pm    Post subject: Reply with quote

wswartzendruber wrote:
AES breakers haven't really broken AES, either.
true, but they'd have a much harder time with serpent if they ever do break it ;).
_________________
"Confident, lazy, cocky, dead." -- Felix Jongleur, Otherland

( Twitter | Blog | GitHub )
Back to top
View user's profile Send private message
wswartzendruber
Veteran
Veteran


Joined: 23 Mar 2004
Posts: 1224
Location: Jefferson, USA

PostPosted: Tue Oct 09, 2012 9:30 pm    Post subject: Reply with quote

I personally use DES for everything. IBM makes the best stuff.
Back to top
View user's profile Send private message
Bones McCracker
Veteran
Veteran


Joined: 14 Mar 2006
Posts: 1566
Location: U.S.A.

PostPosted: Wed Oct 10, 2012 8:26 am    Post subject: Reply with quote

DES has been considered insecure for years.

Maybe you're using Triple-DES?
_________________
pjp wrote:
I didn't misquote you, I just misunderstood you.
Back to top
View user's profile Send private message
wswartzendruber
Veteran
Veteran


Joined: 23 Mar 2004
Posts: 1224
Location: Jefferson, USA

PostPosted: Wed Oct 10, 2012 1:07 pm    Post subject: Reply with quote

Hah, no. I'm just being an ass.
Back to top
View user's profile Send private message
Bones McCracker
Veteran
Veteran


Joined: 14 Mar 2006
Posts: 1566
Location: U.S.A.

PostPosted: Wed Oct 10, 2012 4:46 pm    Post subject: Reply with quote

wswartzendruber wrote:
Hah, no. I'm just being an ass.

Oh. My sarcasm LED didn't go on. :lol: :oops:
_________________
pjp wrote:
I didn't misquote you, I just misunderstood you.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Off the Wall All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum