Closed dcrewi closed 8 years ago
Sha3 would definitely be a good fit. However, as far as I understand it, although Keccak won the competition, the actual official standardization of Sha3 hasn't happened quite yet and isn't expected to be final until sometime in Q2 of 2014. I read something in August about NIST considering some tweaks to Keccak before standardization, so, the final Sha3 might be a little different than Keccak as it exists today. So, I think it would probably be best to wait until Sha3 is official standardized before adding it.
FYI, a draft of FIPS 202, SHA-3 standard (yes, it's a draft) was published on May 28, 2014. Comments will be accepted until August 26, 2014.
I'd love to merge implementations of any crypto function that is in general use. What I want to avoid is rust-crypto gaining algorithms that aren't really being used anywhere else. I'm sure that SHA-3 will gain traction, so, I'd be excited to merge an implementation of it. I'm just a bit wary of merging anything until SHA-3 is fully standardized since the non-standard Keccak algorithm doesn't seem to have gotten significant adoption, although I could be wrong since I haven't researched it too much.Thanks for the update and sorry for the belated response!
Definitely. We should not implement the algorithm in the draft of FIPS 202 as the official SHA-3, just as we should not do Keccak so. AFAIK, the outputs of the algorithm is actually different from ones of Keccak submitted to the NIST hash function competition. See the examples for details.
The core algorithm hasn't changed between Keccak and Sha3. The output differences are due to the 2 extra bits (the "domain separator") Sha3 inserts between the message and the padding.
@ebfe Thank you for letting me know!
sha3 and shake are subsets of keccak so a generic one could be written that is used to impliment the 6 versions from sha3 (4 drop in replacements for sha2 and then the 2 shake functions)
I've taken a Rust implementation of SHA-3 (FIPS 202) by Sébastien Martini and updated it to work with the latest versions of Rust. See #346 @DaGenix
Someone ported the kaccak reference implementation to rust. Since it is the winner for SHA-3, it might be within the scope of the project to include an implementation in rust-crypto (even if it's not that implementation)?