International Telecommunication Union   ITU
 
 
Site Map Contact us Print Version
 Tuesday, February 27, 2007

The SHA-1 algorithm, which has been widely used in many of today's mainstream security products since 1995, was significantly compromised in February 2005 by a team of researchers led by Xiaoyun Wang based at China’s Shandong University. (This team had already undertaken attacks against the MD5 and SHA: hash functions previously, prior to their attack on SHA-1).

Their success prompted calls for a replacement algorithm. The U.S. National Institute of Standards and Technology had already announced that they planned to phase out the use of SHA-1 by 2010 in favour of the SHA-2 variants. The need for a replacement algorithm has now led NIST to launch a contest to devise a successor on 27 January 2007. The competition is to begin in the fall of 2008, and continue until 2011, with full completion and approval by 2012. Contests like this one have a promising history in cryptography. Notably, the Advanced Encryption Standard (devised as a more secure replacement to the prior Data Encryption Standard) was devised through an open competition between fifteen teams of cryptographers between 1997-2000.