A hash algorithm is used to verify the contents of a message (perhaps a file or a document) as being unchanged. Consider it to be a validation signature; it is not encryption and has no part to play in protecting the contents of a message; merely proof that the message received was the same as the one transmitted.
This task is performed using a computationally complex algorithm that is impossible to reverse - of course it cannot be revered when a multi-megabyte source file will generate the same sized hash as a small text file. Furthermore, the slightest change to the source file (perhaps adding a single space character to the end of a document) will produce a totally different hash. Conversely, it is also important to be sure that there cannot be two different source files that produce the same hash (this is normally referred to as a collision).
Many observers had expected Bruce Schneier's Skein algorithm to win this competition although Schneier himself argued a week ago that there was no pressing need to select a winner at all; "It's probably too late for me to affect the final decision, but I am hoping for 'no award'."
|
|
Many respondents to the blog disagreed with him, primarily on the basis that there was merit in having two unrelated standards which could be interchanged quickly. That way, if one was suddenly discovered to be 'broken,' the other could take up the workload with minimal interruption.
Later in a reply to his own blog post, Schneier opines, "I have no inside information on when SHA-3 will be announced. My guess is that they've made the decision, and are going over the final rationale again and again.
"My guess is that it won't be Skein."
He was correct.
Just a few hours ago Keccack (pronounced 'catch-ack') was announced by the US' National Institute of Standards and Technology (NIST) as the winner.
