NIST Releases SHA-256, SHA-512

An Anonymous Coward writes: "The National Institute of Standards and Technology (NIST) has just released a series of cryptographic hash functions (SHA-256, SHA-384, SHA-512) to work with the new Advanced Encryption Standard. Of course, they must be secure since they're designed by our good friends at the NSA."

Good 'ole NSA: Not-very-good Security Agency

[NeuralAbyss]

Goodonya NSA.. creating another couple of hashing algorithms that we KNOW to be secure - hey, they're our friends at the NSA creating them ;)

Give it a few months of peer review, then the cynics should settle down - unless the review gashes open NIST's credibility....

- NeuralAbyss
www.neuralabyss.com

Re:Cryptographic hashes

[luckykaa]

What did the NSA provide as evidence that their new hashes are secure?

They're the NSA. Don't you trust them? Good lord. Next thing you'll make suggestions that Bill Clinton told lies.

Peer reviews

[JoelClark]

I guess we will find out if they are secure once the algoriths go under the ever-watchful eye of peer review, now won't we. If they were found to be snake oil, it will hurt the NIST's credibility considerably.

Did anyone ever find issues with SHA-160?

Re:I Dont trust the NSA

[Coz]

In what way does "open source" ensure safety/reliability/security? The algorithm's the thing being published - since it's published, publicly, the world can try to attack it.

It's closed, proprietary implementations that I worry about. If the algorithm has a back door, there's a good chance someone will find it... if the source code has a back door, only serious hackers will have a shot at finding it... if you can't see the source, who do you trust?

The functions formerly known as SHA-xxx

[billybob2001]

will now be known as AYATOLLAH-xxx

(sp)

And while we're at it, can you imagine a Beowulf cluster of these?

Soon everyone will know everyone else's secrets.

Re:Peer reviews

[Slynkie'sEvilTwin]

But what if peer review -doesn't- turn up any problems, yet they still exist (and the NSA knows this, and uses it for it's own benefit)? Call me paranoid, but I don't like trusting an algorithm because my government tells me it's secure. And I also don't trust peer review enough to believe that if there's a problem, it will be found.

Re:Cryptographic hashes

[neotek(maas)]

What did the NSA provide as evidence that their new hashes are secure?
Despite this lack of evidence, how many commercial products will use this algorithm simply on the basis that it was designed by the NSA, so must be secure?
In essence, the NSAs reputation creates a certain trust that the algorithm will be secure. No evidence, other than the fact it was designed by the NSA is needed by many.

Cryptographic hashes

[Pseudonym]

Remember that this is the same NSA who produced the original SHA, then made a small modification (SHA-1) to secure it against some attack which they wouldn't tell us about, and nobody outside the NSA has yet been able to work out what the problem actually was.

What gets me is that to qualify for AES, you had to provide (virtual) reams of documentation about the creators' attempts to break it, and with good reason. What did the NSA provide as evidence that their new hashes are secure?

The problem with SHA-0 was found.

[Paul Crowley]

I can't remember the details now, but an attack on SHA-0 was found that does not work on SHA-1. Perhaps this means that the open crypto field is not as far behind the NSA as people think?

As a cryptographer I *am* inclined to trust these hash functions. Designing a back door would essentially require inventing a whole new - and much faster - way of doing public key crypto, and then hiding it from the world. And a back door into a hash function isn't as much use as one into, say, a block cipher - though we now know that all the secret tweaks NSA did on DES were aimed at increasing its strength. SHA-1 has stood the test of time where other hash functions (MD5 for example) look shaky. I strongly suspect that these are good for the purposes advertised.
--