Cryptography is the art of creating mathematical assurances for who can do what with data, including but not limited to encryption of messages such that only the key-holder can read it. Cryptography lives at an intersection of math and computer science. This is a technical subreddit covering the theory and practice of modern and *strong* cryptography.
We know BLAKE was rejected in the SHA-3 competition. Yet I see BLAKE being used in certain network security applications such as WireGuard (uses BLAKE2b). What are the pros and cons of using BLAKE family of hash functions over SHA-3?
Sort by:
Best
Open comment sort options
Best
Top
New
Controversial
Old
Q&A
The "SHA-3" named hash functions SHA3-256 and SHA3-512 are both quite slow compared to BLAKE2/BLAKE3. This is primarily because NIST specified an unnecessarily large security margin.
Within the SHA-3 family are the XOFs SHAKE128 and SHAKE256 which are much faster. There's additionally a "TurboSHAKE" variant which is faster still, but that's stepping outside the SHA-3 family.
BLAKE3 employs tree hashing, which you can also find in KangarooTwelve, which is built on top of TurboSHAKE. Of course, in either case you are stepping outside of the NIST-approved SHA-3 family.