[Cryptography] BLAKE2: "Harder, Better, Faster, Stronger" Than MD5

Zooko Wilcox-OHearn zooko at leastauthority.com
Mon Mar 24 14:35:51 EDT 2014

On Mon, Mar 24, 2014 at 2:36 PM, Jerry Leichter <leichter at lrw.com> wrote:
>>> […] SHA-2 was published in 2001 but was under suspicion by 2012 or so - 13 years.  Based on this history, it would be prudent to assume a maximum practical lifetime for a cryptographic hash function to be around 15 years.
> Note that the cloud over SHA-2 has lifted, so it has the opportunity to extend its run.  That leaves it, at 15 years, the champion of cryptographic hash functions.

I'm compiling a history of such things, and I have SHA-2 as published
in 2002 in FIPS 180-2 ¹. Is there an earlier publication of SHA-2 that
I could reference? Thanks.

And by the way, I'd name Tiger as the champion hash function:
published in 1996 ², deployed in the real world ³, widely studied ⁴,
and we still don't know of any way to break it. On top of all that it
is almost twice as efficient (in software on 64-bit CPUs) as some
others such as SHA-2 or RIPEMD-160, which makes its longevity all the
more noteworthy. (Because there is a trade-off between CPU efficiency
and safety in hash functions.)

RIPEMD-160 is another candidate for champion: also published in 1996
⁵, widely studied ⁶ , used in practice, and no known weaknesses —
except that its output size is a little too short for the 21st
century. If only it had been RIPEMD-192 instead of RIPEMD-160 then it
would look at least as good as Tiger looks today.

This isn't to detract from SHA-2's greatness of course. As I wrote in
https://leastauthority.com/blog/, SHA-2 has been the most
widely-recommended standard for more than half a decade, and it too
shows no sign of weakness.

Oh, and Tiger and RIPEMD-160 were both designed without help from NSA,
as far as I know.



¹ http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf
² http://link.springer.com/chapter/10.1007/3-540-60865-6_46
³ https://en.wikipedia.org/wiki/Merkle_tree#Tiger_tree_hashhttp://scholar.google.com/scholar?hl=en&q=tiger+hash&btnG=&as_sdt=1%2C6&as_sdtp=http://link.springer.com/chapter/10.1007%2F3-540-60865-6_44http://scholar.google.com/scholar?q=ripemd+160&btnG=&hl=en&as_sdt=0%2C6

More information about the cryptography mailing list