The New SHA-3 Encryption Standard: Keccak
Courtesy Jose R.C. Cruz, DrDobbs.com
After years of testing and analysis, the U.S. government selected the Keccak algorithm to be the new SHA-3 encryption standard. Here is how it works and how to use it.
In October 2012, the National Institute of Standards and Technology (NIST) chose the Keccak algorithm as the new SHA-3 standard. Keccak offers many benefits, such as performance and good resistance traits. In this article, I take a concise look at Keccak’s workings. I examine its engine and see how it renders the message text into a hash. In addition, I compare Keccak against SHA-1 and SHA-2 using four standard tests.
Readers should have a working knowledge of C and Objective-C, and a very basic understanding of encryption.
Limitations of SHA-1 and SHA-2
A notable problem with SHA-1 and SHA-2 is that they both use the same engine, called Merkle-Damgard, to process message text. This meansthat a successful attack on SHA-1 becomes a potential threat on SHA-2.
Consider SHA-1 for instance. A brute force attack usually takes at least 280 rounds (a round is a single cycle of transformation of the interim hash value) to find a collision in a full-round SHA-1. But in February 2005, Xiaoyun Wang and colleagues used a differential path attack to break a full-round SHA-1, and it took only 269 cycles to succeed. That same attack was later corroborated by Martin Cochran in August 2008.
In 2012, Mark Stevens used a series of cloud servers to perform a differential path attack on SHA-1. His attack produced a near-collision after 258.5 cycles. He also estimated a modified attack can manage a full-collision after 261 cycles.
As to SHA-2, the only successful attacks were those against a limited round SHA-2 hash. The most effective attack was against a 46-round SHA-2 (512-bit variant) and against a 41-round SHA-2 (256-bit variant). It took 2253.6 cycles to break the 256-bit variant and 2511.5 cycles for the 512-bit variant.
The fact remains that, while no successful attacks against a full-round SHA-2 have been announced, there is no doubt that attack mechanisms are being developed in private. This is one reason why NIST sponsored the SHA-3 competition, which led to the development and recent adoption of Keccak.