Score:4

Crypto

SHA2 vs SHA3 popularity

user104734

10/31/23, 11:33 AM

Does anybody know or can point me to a source about SHA2 vs SHA3 usage statistics. SHA3 is newer and is claimed to be more secure but ... is it more widely used in real life deployments?

311

1 + 8

sha-2

sha-3

Maarten Bodewes

10/31/23, 12:05 PM

Compared to SHA-2? No, SHA-3 is definitely not more used. I'd hazard a guess that even SHA-1 surpasses the use of SHA-3. Define "more secure". One of the outcomes of the SHA-3 hashing competition was that SHA-2 withstand attacks surprisingly well (even though it uses the same basic construction as SHA-1, but with rounds of a higher complexity).

samuel-lucas6

10/31/23, 12:40 PM

@MaartenBodewes I'd primarily define 'more secure' as SHA-3 doesn't suffer length extension attacks. It's also the result of a competition, and Keccak has had [lots](https://keccak.team/third_party.html) of third-party cryptanalysis considering its more limited use.

Maarten Bodewes

10/31/23, 12:45 PM

@samuel-lucas6 Length extension attacks are not that important. They are only useful when the hash algorithm is used together with a secret, and in that case we generally just use the HMAC construction. So the issue is mainly one for cryptographers and protocol designers (and probably crypto-newbe's that assume that they are one of those, of course).

samuel-lucas6

10/31/23, 2:25 PM

@MaartenBodewes True, I'm really just referring to [this](https://www.cryptologie.net/article/400/maybe-dont-skip-sha-3/) argument. From a misuse perspective, it makes more sense to use SHA-3. Personally though, I'd advocate for BLAKE2 or SHAKE. I don't think it makes sense to still use SHA-2 unless it's the only thing available/a requirement.

Maarten Bodewes

10/31/23, 2:55 PM

@samuel-lucas6 Hardware acceleration is a major reason to still use SHA-2. There isn't any for SHA-3 on common hardware (x64 and generic ARM processors), as far as I know anyway. And maybe the whole issue with using SHA-3 *or* SHAKE is an issue all by itself. By the way, ever lagging libraries such as the .NET framework don't yet support SHA-3 - of course if it was up to Microsoft you'd be waiting forever for it.

user104734

10/31/23, 3:54 PM

Hmm, interesting conversation. @MaartenBodewes, @ samuel-lucas6, thank you for your comments. However, this just highlights the point: various arguments for and against. Statistics is a good indicator, albeit taken with a pinch of salt ...

samuel-lucas6

10/31/23, 7:19 PM

@MaartenBodewes Oops, I forgot about that. I expect the only thing that competes is accelerated BLAKE3, which is likely used less than SHA-3. Yes, as someone who codes in C#, the state of .NET crypto compared to Go/Rust is quite sad. @ user104734 Indeed. They're both fine, just don't trust the statistics for SHA-1.

Andrea

11/3/23, 2:07 PM

@MaartenBodewes (Some) ARMv8 CPUs have hardware instructions to compute Keccak operations, including Apple's A-line and M-line (this doesn't affect the main point about hardware acceleration, it's mostly just a FYI)

Score:1

Crypto

Evgeni Vaknin

11/2/23, 4:23 AM

SHA-256 is used in bitcoin mining, and the number of calculations done with this function for mining by dedicated hardware, GPU, and software means for years is enormous. You can find a daily statistics of the usage in SHA-256 in many bitcoin sites. SHA-256 is secure and efficient. One of the motivations for the development of SHA-3 is the fact that in security proofs SHA-256 is assumed to represent a "random oracle", while it can be proved that SHA-2 is not a random oracle. The sponge function avoids this problem, and if the permutation is uses assumed to be pseudo random, the sponge can be shown to be a random function.

+ 2

user104734

11/2/23, 10:55 AM

Interesting point @Evgeni-Vaknin. Bitcoin does many transactions indeed, but I doubt it beats the rest of the IT/Internet/Electronics use cases in numbers ... BTW, I wonder if the BTC community has tabled a proposal to move from SHA2 to SHA3 ?

poncho

11/2/23, 1:03 PM

As for bitcoin moving to SHA3, well, that would make the existing hardware miners worthless (as they are designed around SHA-2). I would expect some amount of pushback...

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: SHA2 vs SHA3 popularity

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.