| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <alpine.DEB.2.11.1502121109250.14964@debian> Date: Thu, 12 Feb 2015 11:22:26 +0100 (CET) From: Stefan.Lucks@...-weimar.de To: "discussions@...sword-hashing.net" <discussions@...sword-hashing.net> Subject: Re: [PHC] PHC status report On Wed, 11 Feb 2015, Tony Arcieri wrote: > I'm sure NIST tried quite hard with the SHA-3 competition, but the > reality (at least IMNSHO) is the entire process was a debacle that > resulted in a highly contested, poorly-received candidate which was > selected before the PHC started... *and yet* still has not been fully > standardized by NIST. I think, this is unfair! When the SHA-3 process started, there was panic in the community, especially on the side of the industry. People expected SHA-2 to fall as badly as SHA-0 and SHA-1, and where urgently waiting for something to replace all the old hash functions. During the time of the SHA-3 competition, the confidence in SHA-2 grew, and now there is no real interest in SHA-3 any more. Also not that for many years, the cryptographic community had deep trust in the NIST as a fair broker for cryptographic competitions and standards. With recent disappointments (if you don't know what i mean, google for "Dual_EC_DRBG"), the NIST lost much of its good reputation. Which doesn't improve the perception of new NIST standards (SHA-3 or whatever), regardless of the quality of the process for these standards. Stefan ------ I love the taste of Cryptanalysis in the morning! ------ uni-weimar.de/de/medien/professuren/mediensicherheit/people/stefan-lucks --Stefan.Lucks (at) uni-weimar.de, Bauhaus-Universität Weimar, Germany--
Powered by blists - more mailing lists