Le 27 mai 2016 12:05 PM, "Donald Stufft" <donald@stufft.io> a écrit :
> BLAKE2 is an interesting one, because while SHA3 is a NIST standard (so it’s going to gain adoption because of that), BLAKE2 is at least as strong as SHA3 but is better in many ways, particularly in speed— it’s actually faster than MD5 while being as secure as SHA3.
BLAKE2 was part of the SHA3 competition and it was in finalists. The SHA3 competition is interesting because each algorithm is deeply tested and analyzed by many teams all around the world. Obvious vulnerabilities are quickly found.
The advantage of putting SHA3 and BLAKE2 in the stdlib is that they have a different design. I don't expect that two designs have the same vulnerabilities, but I'm not ax expert :-)
SHA3 (Keccak) is based on a new sponge construction:
https://en.m.wikipedia.org/wiki/SHA-3
BLAKE is based on ChaCha:
https://en.m.wikipedia.org/wiki/BLAKE_(hash_function)
https://en.m.wikipedia.org/wiki/Salsa20#ChaCha_variant
Victor