[ISN] NIST stages competition to improve encryption standard

From: InfoSec News (alerts@private)
Date: Tue Jan 23 2007 - 22:21:51 PST


By Brian Robinson
Jan. 23, 2007

Faced with declining confidence in the decade-old encryption algorithm 
that has been the basis for much of the security protecting transactions 
on the Internet, the National Institute of Standards and Technology has 
begun a competition to define a new standard.

Federal Information Processing Standard 180-1 otherwise known as Secure 
Hash Algorithm-1 (SHA-1)  has been widely used in government and 
industry since 1994. Its the basis for the Secure Sockets Layer 
private-key technology that secures online information such as credit 
card numbers and other security technologies.

Chip makers also used it for the hardware-based security that is built 
into many PCs and other devices.

SHA-1 been considered the gold standard among encryption algorithms, and 
because as many as 280 hash operations were considered necessary to find 
a weakness in it, it is considered virtually unbreakable.

But that confidence began to slip several years ago when a group of 
Chinese researchers published a method for breaking SHA-1 with just 269 
operations. In the past two years, the number has been decreased even 

If the break point is brought down to about 240 operations, that can 
easily be executed on current high-end PCs in a few hours.

That has had little practical effect because SHA-1 has still been 
considered adequate for most purposes, and NIST had recommended phasing 
out the standard by 2010 anyway. But the Chinese groups findings spurred 
it to organize several workshops in 2005 and 2006 to find out if 
anything further needed to be done.

As a result of those workshops, NIST said it has decided to develop one 
or more additional hash functions through a public competition similar 
to the development process used for the Advanced Encryption Standard.

It published a request for comments today on the requirements and 
evaluation criteria it set for candidate algorithms that the public will 
submit. The eventual winner will be publicly disclosed and available 
worldwide on a nonexclusive, royalty-free basis.

According to the NIST notice, the new algorithm must support 224-, 256-, 
384- and 512-bit key encryption, with a maximum message length of at 
least 264 bits.

Comments on the proposed requirements and criteria must be received by 
NIST on or before April 27.

Subscribe to InfoSec News

This archive was generated by hypermail 2.1.3 : Tue Jan 23 2007 - 22:36:34 PST