For a long time, I've been waiting to use the newly accepted SHA3 in Linux for file integrity and other uses. Like the md5sum(1), sha1sum(1), sha224sum(1), sha256sum(1), sha384sum(1), and sha512sum(1), I was hoping that a similar "sha3-224sum(1)", etc would be developed, and make its way into the GNU/Linux library. Unfortunately, I kept waiting and waiting, until eventually, I just stopped worrying about it. Well, to my surprise, it appears that there is a package that ships SHA3, as accepted by NIST in the rhash package (it also does a number of other hashes as well).
Keccak was chosen by NIST as the SHA3 winner, due to it's performance, security and construction. Keccak uses the sponge function for creating the cryptographic hash, which truly sets it apart from SHA1 and SHA2. This means any successful attack against SHA1 or SHA2 will likely be ineffective on SHA3. SHA3 clams 12.5 cycles per byte on an Intel Core 2 CPU in a software implementation. Unfortunately, it appears that SHA3 as it appears in the rhash package still needs some optimizations, as SHA2, which requires more cycles per byte due to its construction, can calculate a SHA2-256 hash faster than a SHA3-256 hash. SHA3 support was added in September 2013.
The implementation of SHA3 in rhash uses the offical acceptance of the original Keccak function as approved by NIST. This means that it does not contain the 2 bits "01" which are appended to the message for padding. It should be noted that SHA3 is only a FIPS draft as of the time of this blog post. As such, outputs could change until the standard is formalized.
Below are examples of hashing:
$ echo -n "" | rhash --sha3-224 - f71837502ba8e10837bdd8d365adb85591895602fc552b48b7390abd (stdin) $ echo -n "" | rhash --sha3-256 - c5d2460186f7233c927e7db2dcc703c0e500b653ca82273b7bfad8045d85a470 (stdin) $ echo -n "" | rhash --sha3-384 - 2c23146a63a29acf99e73b88f8c24eaa7dc60aa771780ccc006afbfa8fe2479b2dd2b21362337441ac12b515911957ff (stdin) $ echo -n "" | rhash --sha3-512 - 0eab42de4c3ceb9235fc91acffe746b29c29a8c366b7c60e4e67c466f36a4304c00fa9caf9d87976ba469bcbe06713b435f091ef2769fb160cdab33d3670680e (stdin)
$ echo -n "The quick brown fox jumps over the lazy dog." | rhash --sha3-224 - c59d4eaeac728671c635ff645014e2afa935bebffdb5fbd207ffdeab (stdin) $ echo -n "The quick brown fox jumps over the lazy dog." | rhash --sha3-256 - 578951e24efd62a3d63a86f7cd19aaa53c898fe287d2552133220370240b572d (stdin) $ echo -n "The quick brown fox jumps over the lazy dog." | rhash --sha3-384 - 9ad8e17325408eddb6edee6147f13856ad819bb7532668b605a24a2d958f88bd5c169e56dc4b2f89ffd325f6006d820b (stdin) $ echo -n "The quick brown fox jumps over the lazy dog." | rhash --sha3-512 - ab7192d2b11f51c7dd744e7b3441febf397ca07bf812cceae122ca4ded6387889064f8db9230f173f6d1ab6e24b6e50f065b039f799f5592360a6558eb52d760 (stdin)
In my limited testing, it appears that the SHA3 implementation in rhash(1) is not quite up to par, and could use some additional performance improvements. I'm sure these will be committed over time. However, it's hardly a poor performer. I've been very happy with the performance results so far.