Next week, the first real public review of the contenders for the SHA-3 algorithm will take place in Belgium at Leuven University. The competition is run by the National Institute of Standards and Technology (NIST); the winner of the competition will likely become the default hash algorithm for US agencies by 2012, replacing the current SHA and SHA-2 algorithms.

 

Iteration of the SHA-2 compression function

Iteration of the SHA-2 compression function


The list of candidates that will be reviewed in the first round can be found here; according to the NIST the list of algorithms is far too large to work with, so they are actively looking for help with reducing the list to a more manageable size:

It appears that the number of accepted submissions will considerably exceed the number that NIST and the community can analyze thoroughly in a reasonable time period. NIST is considering ways to involve the cryptographic community in quickly reducing the number of submissions to a more manageable number. The process and criteria for this selection will be a major topic of this conference. 

The easiest way to keep track of the status of the different submissions is via Graz University; they have created a “SHA-3 Zoo” page on their cryptography wiki that summarizes the different candidates along with the possible attacks against them. According to their summary, the list of candidates has already been reduced by about 20%:

So far, 10 out of 51 first round candidates have been officially conceded broken or withdrawn by the designers.

Fortify has been running several tests against the reference implementations that had to be included with the submissions, which has also shown interesting results. The public comment period starts after the conference, and will run until Q2 2010, after which a second conference will be organized. But the NIST is already preparing for an extension of that timetable:

Depending on the number and quality of the submissions, NIST may either extend the length of the initial public comment period to allow sufficient time for the public analysis of the candidate algorithms, or may include additional rounds of analysis in order to successively reduce the number of candidate algorithms for further consideration as finalist algorithms. In these cases, NIST may host multiple workshops to discuss analysis results on candidate algorithms until it is ready to select the finalists.

If you want to browse through the entire table of hash algorithms, it might be helpful to keep this legend handy:

hash_zoo