New Video from @Computerphile Explains SHA-3 and Its Security Advantages

The video begins by explaining the existence of SHA-3, a cryptographic hash function, and its advantages over SHA-2 and MD5, particularly its resistance to length extension attacks. These attacks exploit a vulnerability in hash functions like SHA-2, where an attacker can add data to a message without knowing the secret key used for the initial hashing.

The general operation of hash functions is then explained. A hash function takes pieces of a digital file, mixes them, and produces a unique summary called a hash. This hash can be used for various applications, including authentication, which verifies the integrity and authenticity of a message transmitted over the Internet.

The video compares SHA-2 and SHA-3 in detail. SHA-2 uses a structure where each message block is compressed and the intermediate hash is used as input for the next block. SHA-3, on the other hand, introduces the notion of "capacity," a secret part of the hash that is not revealed in the final hash. This capacity makes it impossible for an attacker to resume the hash from an intermediate point without knowing this secret part, which prevents length extension attacks.

The importance of this difference is illustrated by a practical example: message authentication. Alice sends an encrypted message to Bob, accompanied by a hash of the message and the shared secret key. Bob can verify the integrity and authenticity of the message by recalculating the hash with his own key. However, with SHA-2, an attacker could add data to the message and recalculate a valid hash without knowing the key, which is a serious flaw.

A concrete example is given with a bank transaction. If an attacker intercepts a transaction and adds additional data (such as a higher amount of money), they could potentially trick the banking system into accepting the modified transaction. This attack is possible because SHA-2 allows resuming the hash from an intermediate point, which SHA-3 prevents thanks to its secret capacity.

The video concludes by emphasizing that although SHA-2 is vulnerable to these attacks, methods like HMAC (Hash-based Message Authentication Code) can be used to strengthen security. HMAC performs two hashes to mask the process and make length extension attacks much more difficult.

In summary, SHA-3 offers enhanced security against length extension attacks thanks to its unique structure with a secret capacity. This feature makes SHA-3 particularly useful for applications requiring robust and secure authentication.