SHA-3

Secure Hash Algorithms
Concepts
hash functions, SHA, DSA
Main standards
SHA-0, SHA-1, SHA-2, SHA-3


SHA-3 (Secure Hash Algorithm 3) is the latest[1] member of the Secure Hash Algorithm family of standards, released by NIST on August 5, 2015.[2][3][4] Although part of the same series of standards, SHA-3 is internally different from the MD5-like structure of SHA-1 and SHA-2.

SHA-3 is a subset of the broader cryptographic primitive family Keccak (/ˈkɛæk/ or /ˈkɛɑːk/),[5][6] designed by Guido Bertoni, Joan Daemen, Michaël Peeters, and Gilles Van Assche, building upon RadioGatún. Keccak's authors have proposed additional uses for the function, not (yet) standardized by NIST, including a stream cipher, an authenticated encryption system, a "tree" hashing scheme for faster hashing on certain architectures,[7][8] and AEAD ciphers Keyak and Ketje.[9][10]

Keccak is based on a novel approach called sponge construction.[11] Sponge construction is based on a wide random function or random permutation, and allows inputting ("absorbing" in sponge terminology) any amount of data, and outputting ("squeezing") any amount of data, while acting as a pseudorandom function with regard to all previous inputs. This leads to great flexibility.

As of 2007, NIST did not plan to withdraw SHA-2 or remove it from the revised Secure Hash Standard.[needs update?] The purpose of SHA-3 is that it can be directly substituted for SHA-2 in current applications if necessary, and to significantly improve the robustness of NIST's overall hash algorithm toolkit.[12]

For small message sizes, the creators of the Keccak algorithms and the SHA-3 functions suggest using the faster function KangarooTwelve with adjusted parameters and a new tree hashing mode without extra overhead.

  1. ^ Computer Security Division, Information Technology Laboratory (January 4, 2017). "Hash Functions | CSRC | CSRC". CSRC | NIST. Retrieved April 19, 2024.
  2. ^ "Hash Functions". NIST. June 22, 2020. Retrieved February 17, 2021.
  3. ^ Information Technology Laboratory (August 2015). SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions (PDF). National Institute of Standards and Technology. doi:10.6028/NIST.FIPS.202. S2CID 64734386. Federal Information Processing Standard Publication 202. Retrieved February 29, 2020.
  4. ^ Dworkin, Morris J. (August 4, 2015). "SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions". Federal Information Processing Standards (NIST FIPS).
  5. ^ Cite error: The named reference nist was invoked but never defined (see the help page).
  6. ^ Cruz, José R.C. (May 7, 2013). "Keccak: The New SHA-3 Encryption Standard". Dr. Dobbs.
  7. ^ Bertoni, Guido; Daemen, Joan; Peeters, Michaël; Van Assche, Gilles. "Keccak specifications summary". Retrieved March 27, 2023.
  8. ^ Chang, Shu-jen; Perlner, Ray; Burr, William E.; Sonmez Turan, Meltem; Kelsey, John M.; Paul, Souradyuti; Bassham, Lawrence E. (November 2012). Third-Round Report of the SHA-3 Cryptographic Hash Algorithm Competition (PDF). doi:10.6028/NIST.IR.7896. Retrieved February 29, 2020. Sections 5.1.2.1 (mentioning "tree mode"), 6.2 ("other features", mentioning authenticated encryption), and 7 (saying "extras" may be standardized in the future).
  9. ^ Bertoni, Guido; Daemen, Joan; Peeters, Michaël; Van Assche, Gilles; Van Keer, Ronny (March 13, 2014). "CAESAR submission: Ketje v1" (PDF). Retrieved February 29, 2020.
  10. ^ Bertoni, Guido; Daemen, Joan; Peeters, Michaël; Van Assche, Gilles; Van Keer, Ronny (March 13, 2014). "CAESAR submission: Keyak v1" (PDF). Retrieved February 29, 2020.
  11. ^ Cite error: The named reference sponge was invoked but never defined (see the help page).
  12. ^ "Announcing Request for Candidate Algorithm Nominations for a New Cryptographic Hash Algorithm (SHA-3) Family [U.S. Federal Register Vol. 72 No. 212)]" (PDF). November 2, 2007. Archived (PDF) from the original on March 31, 2011. Retrieved July 18, 2017.