[openpgp] SHA3 is standardised as FIPS 202
ianG <iang@iang.org> Thu, 06 August 2015 18:53 UTC
Return-Path: <iang@iang.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0C6761ACD3E for <openpgp@ietfa.amsl.com>; Thu, 6 Aug 2015 11:53:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NjM-lv6yw6jq for <openpgp@ietfa.amsl.com>; Thu, 6 Aug 2015 11:52:53 -0700 (PDT)
Received: from virulha.pair.com (virulha.pair.com [209.68.5.166]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C90D61ACC85 for <openpgp@ietf.org>; Thu, 6 Aug 2015 11:52:53 -0700 (PDT)
Received: from tormenta.local (iang.org [209.197.106.187]) by virulha.pair.com (Postfix) with ESMTPSA id 6EB5B6D71D; Thu, 6 Aug 2015 14:52:52 -0400 (EDT)
Message-ID: <55C3AD0C.1060605@iang.org>
Date: Thu, 06 Aug 2015 19:53:00 +0100
From: ianG <iang@iang.org>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:31.0) Gecko/20100101 Thunderbird/31.7.0
MIME-Version: 1.0
To: openpgp@ietf.org
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/mctOUdSjx0ijmzazqHpJi8KTos4>
Subject: [openpgp] SHA3 is standardised as FIPS 202
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 06 Aug 2015 18:53:00 -0000
It looks like SHA3 is now out as FIPS 202. http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf I think. Now, SHA3 or Keccak as it was better known, is built using the sponge construction idea. Included in the design are a couple of XOFs or extendable output functions called SHAKE128 and SHAKE256. I think these XOFs can be used as encryption algorithms in XOR-stream mode. Which brings us to a point worth thinking about. For a future OpenPGP release, we could use SHA3 for both the hash algorithm and the stream cipher. Etc. (There are supposed to be modes that you can do for authenticated encryption as well.) Which then gives us the opportunity to have ONE algorithm provide a much larger space of our needs. If we the SHA3 engine were to form the basis of all the symmetric needs, then this would provide for a minimal implementation with less code and less complexity. E.g., we could simply set the Mandatory to Implement (MTI) algorthm to the SHA3 family. Worthwhile? I'm not saying this will work - I'm just holding out the thought experiment that we could substantially ease the burden on developers and implementers if we could simplify the set down to one common family. iang