LLMpediaThe first transparent, open encyclopedia generated by LLMs

SHA-3

Generated by GPT-5-mini
Note: This article was automatically generated by a large language model (LLM) from purely parametric knowledge (no retrieval). It may contain inaccuracies or hallucinations. This encyclopedia is part of a research project currently under review.
Article Genealogy
Parent: OpenSSL Hop 4
Expansion Funnel Raw 98 → Dedup 0 → NER 0 → Enqueued 0
1. Extracted98
2. After dedup0 (None)
3. After NER0 ()
4. Enqueued0 ()
SHA-3
NameSHA-3
Designed byKeccak team
Published2015
Digest sizevariable
Structuresponge construction
PredecessorSHA-2

SHA-3 is a family of cryptographic hash functions selected as the winner of the NIST hash function competition and standardized to provide an alternative to predecessors. It emerged from a public competition that attracted international cryptographers and institutions and is intended for message integrity, digital signatures, and random-oracle instantiations. The design centers on a sponge construction and a permutation called Keccak, offering a different internal structure from predecessors and complementary assurances for standards bodies and implementers.

History and development

The selection process for the algorithm culminated from a multi-year contest organized by National Institute of Standards and Technology, which followed community-driven evaluations similar to previous contests that involved contributors from RSA Security, Microsoft Research, IBM, Google, and academic groups across University of California, Berkeley and Massachusetts Institute of Technology. Entrants included teams associated with Philippe Oechslin, Niels Ferguson, Bruce Schneier, and researchers who previously worked on Rivest–Shamir–Adleman-related topics at institutions like École Polytechnique Fédérale de Lausanne and University College London. Finalist designs underwent analysis from panels including members of IACR, scholars from Princeton University, Stanford University, and reviewers affiliated with CNRS and Max Planck Institute. After rounds of public commentary from organizations such as Internet Engineering Task Force and auditors from Common Criteria, the Keccak family was declared the winner and later incorporated into standards by ISO and NIST.

Design and algorithm

SHA-3's internal mechanism is based on a permutation developed by the Keccak team, originating in laboratories such as NXP Semiconductors labs and university groups including Radboud University Nijmegen. The sponge construction alternates absorbing and squeezing phases, with state transformations informed by Boolean operations and rotations similar in spirit to primitives seen in ciphers analyzed at Crypto 2008 and described in papers from EUROCRYPT proceedings. Its round function applies five steps over a 5×5×w state array, using operations that echo algebraic techniques published by researchers at University of Waterloo, Tsinghua University, and Seoul National University. The designers leveraged proof techniques and avalanche criteria studies from conferences like SAC and FSE to select permutation parameters, with optimization examples drawn from microarchitecture work at Intel and ARM. Keccak’s parametrization allows multiple output lengths, enabling variants analogous to digest choices historically used in libraries from OpenSSL, GNU Privacy Guard, and BIND.

Security analysis and properties

Cryptanalytic assessment involved contributions from teams at École Normale Supérieure, KAIST, University of Tokyo, ETH Zurich, and independent researchers such as those associated with CWI. Analysts explored collision resistance, preimage resistance, and second-preimage bounds, writing papers presented at CRYPTO, ASIACRYPT, and Eurocrypt. Security proofs relied on sponge model abstractions developed by theorists at Harvard University and Columbia University, while differential and linear cryptanalysis analogues were examined in work from University of Cambridge and Imperial College London. Post-quantum considerations prompted commentary from labs at University of Waterloo and Tsinghua University, with symmetric-key quantum attacks evaluated under frameworks popularized by researchers at QuTech and Microsoft Research. Formal verification efforts were carried out using tools from INRIA and projects associated with Carnegie Mellon University and University of Oxford.

Implementations and performance

Implementations of Keccak-based hashing span language ecosystems maintained by communities around GitHub, Debian, Red Hat, and companies like Google and Amazon Web Services. High-performance implementations were optimized for instruction sets from Intel (including AVX2 and AVX-512) and ARM (including NEON), with cryptographic engineering contributions from teams at Arm Ltd., AMD, and researchers at NVIDIA. Side-channel resistant implementations were developed in laboratories at ETH Zurich and TU Darmstadt, and constant-time libraries were contributed by projects like libsodium and BoringSSL. Hardware implementations appeared in FPGA and ASIC evaluations presented at Design Automation Conference and produced by vendors including Xilinx and Altera; profiling work cited microbenchmarks from SPEC and power-analysis studies by groups at Microsoft Research and Google. Language bindings and reference code were published for Python, Rust, Go, Java, and C# by maintainers at organizations such as Apache Software Foundation and Eclipse Foundation.

Applications and usage

Adopters integrated Keccak-based hashes into security protocols and products developed by IETF working groups, TLS stacks maintained by Mozilla and OpenSSL, and blockchain projects including teams behind Ethereum and academic pilots from MIT Media Lab. Standards bodies such as ISO and national agencies in Japan and Germany referenced the family for digital signature suites alongside schemes from ANSI and IEEE. Use cases extended to package integrity in ecosystems maintained by npm, PyPI, and Maven Central, and to secure boot workflows implemented by vendors like Intel and Qualcomm. Research deployments appeared in privacy-preserving constructions from projects at Stanford University and UC Berkeley, and in academic prototypes from Cornell University and Princeton University.

Standardization and variants

The family was standardized by National Institute of Standards and Technology in a publication that complements earlier standards referencing SHA-1 and SHA-2, and the algorithm family appears in international standards from ISO/IEC JTC 1/SC 27. Variants and related constructions have been proposed in literature from IACR authors and implemented in profiles tailored by companies such as Cisco Systems and Huawei. Extensions include authenticated modes and XOF (extendable-output function) variants used by projects at Linux Foundation and in implementations by Microsoft. Ongoing revisions and application notes have been discussed in meetings of NIST panels and at workshops sponsored by DARPA and research consortia including IARPA.

Category:Cryptographic hash functions