對 SHA-3 的攻擊

隔壁棚剛順利打趴 SHA-1 (Google 與 CWI Amsterdam 合作,找到 SHA-1 第一個 collision),還是有人在針對比較新的演算法在攻擊:「SymSum: Symmetric-Sum Distinguishers Against Round Reduced SHA3」。

完整的 SHA-3 是 24 rounds,這次打的是 9 rounds 版本,雖然有段距離,但這等於是大進展:

Based on this we propose a new distinguisher called SymSum for the SHA3 family which penetrates up to 9 rounds and outperforms the ZeroSum distinguisher by a factor of four.

不過 SHA-3 用的人不算多,該不會在還沒成為主流就被打趴...

NIST 公告選出 SHA-3 的演算法...

NIST 公告選出了 SHA-3 演算法:「NIST Selects Winner of Secure Hash Algorithm (SHA-3) Competition」。

演算法是 Keccak (唸作 catch-ack),這個演算法其中一個優勢是硬體速度:

Keccak has higher performance in hardware implementations than SHA-2 or any of the other finalists.

由於選上的演算法會是 royalty-free license,接下來應該會看到許多 spec 開始納入 SHA-3... (參考 Announcing Request for Candidate Algorithm Nominations for a New Cryptographic Hash Algorithm (SHA-3) Family 這份文件)