Don't forget that NIST has mentioned they'll standardize *variable-output-length... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		pbsd on Sept 25, 2013 \| parent \| context \| favorite \| on: What is going on with NIST’s SHA-3? Don't forget that NIST has mentioned they'll standardize variable-output-length SHA3: SHAKE512 with 20 byte output would be perfectly fine. They've also mentioned they might include MAC and AEAD standards, so I'm not convinced the situation is as bad as you make it.

marshray on Sept 25, 2013 [–]

OK so NIST-SHAKE512-[0 <= bit < 256] is basically what was proposed as round 3 Keccak-256.

But it's a) unwieldy to specify, and b) reveals the output of NIST-SHAKE512-[0 <= bit < 128] unlike other truncated hash standards.

Note: I am definitely not saying this is the end of the world.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact