Belgium to Host First Conference for New Hash Algorithm Competition

The National Institute of Standards and Technology (NIST) has announced the first conference on an open cryptographic competition to select a new "hash" algorithm for securing digital signatures and other information security applications. The First SHA-3 Candidate Conference will be held Feb. 25-28, 2009, at the Katholieke Universiteit Leuven, a university in Belgium, immediately following the 16th International Workshop on Fast Software Encryption.

The ultimate purpose of the NIST-sponsored competition, which has inspired dozens of entries from around the world, will be to select a new algorithm—SHA-3—that is more secure and efficient than its predecessors.  A hash algorithm is a widely-used mathematical tool that converts a file, message or block of data to a short "fingerprint" for use in digital signatures, message authentication and other computer security applications.

NIST has been determining which of the 64 entries it has received are "complete and proper" and therefore can be accepted as first-round candidates. At the February conference, the first-round candidates will be presented by their submitters, and NIST will discuss the next steps for the competition.  By 2012, NIST plans to hold two more conferences to narrow down the candidates and decide upon the finalist, which will then be incorporated into government cryptographic standards.

Because of the large response to the competition, it appears that the number of accepted submissions will considerably exceed the number that NIST and the community can analyze thoroughly in a reasonable time. NIST is considering ways to involve the cryptographic community in quickly reducing the number of submissions to a more manageable number. The process and criteria for this selection will be a major topic of this conference.

More information on the conference can be found at NIST's Computer Security Resource Center Web page on "The First SHA-3 Candidate Conference."