In 2005, the first serious attacks on the widely use hash function SHA-1 were published. Researchers were able to generate some collisions. The new generation SHA-2 was also prone to these attacks. In 2007, NIST launched a contest to select the future replacing algorithm. At the first round, there were 63 submissions. The second round kept only five algorithms. On Tuesday, NIST published the winner: KECCAK
KECCAK was designed by researchers from STMicroelectronics and NXP. According to NIST, KECCAK won because it was elegantly simple and had higher performance in hardware implementation than the other competitors. As it is foreseen that SHA-3 may be used in many lite weight embedded devices (smart dust, intelligent captors, RFID…) , this was a strong asset. No surprise that its implementation was optimized for hardware; Its four fathers are working for companies designing such chipset. STMicroelectronics is one of the leaders in secure components for smart cards, whereas NXP is the leader in NFC. Another interesting argument is as KECCAK uses totally different principles than SHA-2, attacks that would work on SHA-2, most likely will not work for SHA-3.
On September 24, 2012, Bruce Schneier, one of the five finalists with his Skein algorithm, called for a “no award”. Currently, SHA-512 is still secure for many years. Thus,according to him, there was no need to switch to another algorithm.
In its announcement of the winner, NIST confirmed that
SHA-2 has held up well and NIST considers SHA-2 to be secure and suitable for general use.
Thus, be not afraid when you will still find SHA-2 in designs for the coming years. We’re safe. It will take several years to tame this new algorithm. Nevertheless, NIST estimates that having a successor to SHA-2, if ever it weakens, is a good insurance policy.