NIST announces competition for new cryptographic hash algorithm

The National Institute of Standards and Technology today announced a public competition to pick a new cryptographic hash algorithm that would become the new federal information processing standard. This evaluation process is expected to run a minimum of three years.

In its essence, a cryptographic hash algorithm is a highly complex math formula that can be used to create digital signatures and authenticate data to ensure it hasn’t been tampered with. The current NIST federal hash standards include variations of the Secure Hash Algorithm, SHA-1, SHA-2, SHA-256, SHA-384 and SHA-512. But because cryptographic researchers have reported serious attacks against these algorithms, NIST has decided to start what’s expected to be a long process to find a new hash standard by eliciting public comment and submissions.

NIST successfully carried out this type of evaluation process several years ago to find the replacement for the older Digital Encryption Standard, which after a lively global competition, ended with the selection of the now widely used Advanced Encryption Standard, today a federal government standard. At that time, peer review by crypto experts of the published AES played a strong role in determining the future federal standard for non-classified encryption. NIST is hoping for similar success as it opens the hunt for a new hash algorithm.

“As a first step in this process, NIST is looking for comments on its recently published draft minimum acceptability requirements, submission requirements, and evaluation criteria for candidate algorithms,” stated NIST spokeswoman Jan Kosko, noting that this information has been published at the NIST site.

According to a statement in the Federal Register, the government’s official book of record, NIST today stated it is looking for “unclassified, publicly disclosed” algorithms that would be “royalty-free” and “capable of protecting sensitive government information well into the foreseeable future.”

The tentative schedule mapped out by NIST for receiving and evaluating technical proposals commences with the plan to present the “draft minimum acceptability requirements, submission requirements, and evaluation criteria for candidate hash functions” during the RSA Conference in San Francisco and at other conferences later.

NIST wants to finalize this baseline by the third quarter of this year, at which point NIST expects to be ready to entertain submissions of hash-function candidates. These submissions, due by the third quarter of 2008, would be subject to review in the fourth quarter that year.

As planned, public comment on the first round of selected candidates would start in the fourth quarter that year, inviting public comments until the fourth quarter of 2009. At that point, depending on the number and quality of the submissions, NIST may either extend the length of the public comment period or otherwise invite discussion about them through public workshops to discuss candidate algorithms.

NIST has already held public workshops at its headquarters in Gaithersburg, Md., to discuss the need for a new hash algorithm approved by the federal government.