how to phase in new hash algorithms?

Ian G iang at
Sun Mar 20 19:42:02 EST 2005

Steven M. Bellovin wrote:

> So -- what should we as a community be doing now?  There's no emergency 
> on SHA1, but we do need to start, and soon.

The wider question is how to get moving on new hash
algorithms.  That's a bit tricky.

Normally we'd look to see NIST or the NESSIE guys
lead a competition.  But NESSIE just finished a
comp, and may not have the appetite for another.
NIST likewise just came out with SHA256 et al, and
they seem to have a full work load as it is trying
to get DSS-2 out.

How about the IACR?  Would they be up to leading
a competition?  I don't know them at all myself,
but if the Shandong results are heard at IACR
conferences, then maybe it's time to take on a
larger role.

Most of the effort could be volunteer, and it would
also be easy enough to schedule everything aligned
with the conference circuit.

Just a thought.  Anyone know anyone at the IACR?

News and views on what matters in finance+crypto:

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list