SHA-2 is an advanced,
Cryptographic Hash Function that was initiated to
correct flaws in its predecessor, SHA-1. The security
flaws where identified in 2005 involving mathematical
weakness in the hash function. The SHA cryptographic
algorithms where designed in 2001 by the NSA (National
Security Agency) and published in 2001 by the NIST. The
original publication was as a Federal Information
Processing Standard for the US government.
SHA-2 consists of four separate hash functions, each of
which operates with four different digest sizes, 224,
256,384 and 512. The digest size is a function of the
strength of the encryption. This family of encryption
algorithms is mandated for use by the federal government
in a number of applications such as the encryption of
sensitive unclassified information or the encryption of
data transmitted within other cryptographic systems.
Upon adoption of the stronger SHA-2 system, the SHA-1
system was retired out of government service. SHA-1 is
used in several widely used security protocols such as
TLS, SSL, IPsec and others. In the case of these
particular systems, SHA-1 forms a part of the main
function of the system dealing with data integrity.
SHA-2 is also used in the same security systems as SHA-1
but is dependent on the age of the implementation.
When SHA-1 is retired, sometimes in 2010, SHA-2 will be
the new standard and it will be required by all now
using SHA-1 to implement as fully as possible the new
system. This means that all government applications and
systems still using the SHA-1 system must migrate to
SHA-2. The commercial adoption of SHA-2 has been limited
in spite of its superior security.
Some of the reasons for the limitations include the fact
that there is no support for these systems because they
are versions of certain operating systems, which are no
longer being supported. Advanced SHA-2 is not supported
in these operating systems and in many cases, the lack
of demonstrated collisions found. Collisions are
security flaws in the system. Additionally, SHA-3 is
currently under development and is slated to be
certified in 2012. As a result, many commercial
applications and vendors are waiting as long as they can
to switch, or at least until the new standard is
released.
SHA-2 bears little resemblance to its predecessor,
SHA-1. In the same manner, SHA-3 is not being derived
from SHA-2. It is a significantly stronger, more
flexible system but is not expected to reach widespread
adoption until at least 2015. Currently there are 14
separate submissions before the selection committee and
they are all in round two from which the winner will be
announced in 2012 by the NIST. The competition is an
open competition held by various vendors to select the
encryption systems that will form SHA-3. This is the
same type of public competition that has led to the
development of AES.
If
you are looking to insure your house in the UK you could
do far worse than buy
churchill home insurance or
direct line home insurance!
Copyright Devon
Institute 2006 All Rights Reserved |