[Cryptography] BLAKE2: "Harder, Better, Faster, Stronger" Than MD5
Zooko Wilcox-OHearn
zooko at leastauthority.com
Mon Mar 24 14:35:51 EDT 2014
On Mon, Mar 24, 2014 at 2:36 PM, Jerry Leichter <leichter at lrw.com> wrote:
>
>>> […] SHA-2 was published in 2001 but was under suspicion by 2012 or so - 13 years. Based on this history, it would be prudent to assume a maximum practical lifetime for a cryptographic hash function to be around 15 years.
…
> Note that the cloud over SHA-2 has lifted, so it has the opportunity to extend its run. That leaves it, at 15 years, the champion of cryptographic hash functions.
I'm compiling a history of such things, and I have SHA-2 as published
in 2002 in FIPS 180-2 ¹. Is there an earlier publication of SHA-2 that
I could reference? Thanks.
And by the way, I'd name Tiger as the champion hash function:
published in 1996 ², deployed in the real world ³, widely studied ⁴,
and we still don't know of any way to break it. On top of all that it
is almost twice as efficient (in software on 64-bit CPUs) as some
others such as SHA-2 or RIPEMD-160, which makes its longevity all the
more noteworthy. (Because there is a trade-off between CPU efficiency
and safety in hash functions.)
RIPEMD-160 is another candidate for champion: also published in 1996
⁵, widely studied ⁶ , used in practice, and no known weaknesses —
except that its output size is a little too short for the 21st
century. If only it had been RIPEMD-192 instead of RIPEMD-160 then it
would look at least as good as Tiger looks today.
This isn't to detract from SHA-2's greatness of course. As I wrote in
https://leastauthority.com/blog/, SHA-2 has been the most
widely-recommended standard for more than half a decade, and it too
shows no sign of weakness.
Oh, and Tiger and RIPEMD-160 were both designed without help from NSA,
as far as I know.
Regards,
Zooko
¹ http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf
² http://link.springer.com/chapter/10.1007/3-540-60865-6_46
³ https://en.wikipedia.org/wiki/Merkle_tree#Tiger_tree_hash
⁴ http://scholar.google.com/scholar?hl=en&q=tiger+hash&btnG=&as_sdt=1%2C6&as_sdtp=
⁵ http://link.springer.com/chapter/10.1007%2F3-540-60865-6_44
⁶ http://scholar.google.com/scholar?q=ripemd+160&btnG=&hl=en&as_sdt=0%2C6
More information about the cryptography
mailing list