Wednesday, August 25, 2010

2nd SHA-3 candidate conference - day 2

We got presentations from two software benchmarking efforts. One is eBASH by the ECRYPT-2 network of excellence. Performance figures are currently predominantly on various desktop processors but with the help of the XBX project, more embedded platforms should be covered soon. The other effort is sphlib which focuses on portable C implementations for embedded platforms.

After some presentations on some specialized software implementations and another round of security analysis presentations, each of the 14 teams had the chance to report on the status of their submission. The arguments on some security observations were carried on in humorous form through the mentioning of so-called "banana attacks" by several presenters (a term that has originated in the discussion on the NIST SHA-3 mailing list). Everybody presented arguments why their submission should make it into the final round, highlighting available security proofs and analyses, but also eventual advantages for implementation in software in hardware.

As there have been no dramatic break of the security of any of the 14 candidates, NIST is certainly facing a though choice for the final round competitors. One point William Burr from NIST made in his closing statement was that the choice will probably aim to select a diverse set of candidates (and not just algorithms based on the same design principle). As we have roughly three categories of candidates (Add-Rotate-XOR based, AES based, Sponge based), one might speculate that we will maybe see six finalists with two from each category (rather than just four or five finalists). In any case, in a couple of weeks we will know for sure.

No comments:

Post a Comment