inside sha-3
TRANSCRIPT
26 IEEE POTENTIALS0278-6648/13/$31.00©2013IEEE
T he National Institute of Standards and Technology (NIST) has selected a new cryptographic hash algorithm
through a public competition. The new hash algorithm is referred to as the Secure Hash Algorithm 3 (SHA-3) and is intended to complement the SHA-2 hash algorithms currently specified in Federal Information Processing Standard (FIPS) 180-3, Secure Hash Standard. The selected algorithm is intended to be suit-able for use by the U.S. government as well as the private sector and is available royalty-free worldwide.
The winning design for SHA-3 was announced by NIST in October 2012. This article examines the internal struc-ture and functions of SHA-3 and talks about its future role in cryptographic and security products.
SHA-3 originsThroughout the 1990s, first MD5
and then SHA-1 were deployed in a wide variety of cryptographic applica-tions and security protocols. By 2004, however, MD5 had been effectively “broken.” In 2005, NIST announced the intention to phase out approval of SHA-1 and move to a reliance on SHA-2 by 2010. Shortly thereafter, a research team described an attack in which two separate messages could be found that deliver the same SHA-1 hash using 269 operations, far fewer than the 280 operations previously thought needed to find a collision with an SHA-1 hash.
SHA-2, particularly the 512-b ver-sion, would appear to provide unas-sailable security. However, SHA-2 shares the same structure and mathe-matical operations as SHA-1 and MD5, and this is a cause for concern. Because
it could take years to find a suitable replacement for SHA-2, should it become vulnerable, NIST decided to begin the process of developing a new hash standard.
Accordingly, NIST announced in 2007 a competition to produce the next generation NIST hash function, to be called SHA-3. NIST completed its evalu-ation process and announced a final
Date of publication: 4 November 2013
Digital Object Identifier 10.1109/MPOT.2013.2254508
© c
AN
STO
ck
Ph
OTO
/Sh
ky
O30
© cybrAIN/ShuTTErSTOck.cOm
Inside SHA-3
WIllIAm StAllIngS
Security & Privacy Lockdown
NOVEmbEr/DEcEmbEr 2013 27
standard in 2012. NIST selected Keccak for the SHA-3 algorithm. Keccak was designed by a team of cryptographers from Belgium and Italy inclusing Guido Bertoni, Joan Daemen, Michaël Peeters, and Gilles Van Assche. In their announcement, NIST explained the choice as follows:
NIST chose Keccak over the four other excellent finalists for its ele-gant design, large security margin, good general performance, excel-lent efficiency in hardware imple-mentations, and for its flexibil-ity. Keccak uses a new “sponge construction” chaining mode, based on a fixed permutation, that can readily be adjusted to trade generic security strength for throughput, and can gener-ate larger or smaller hash out-puts as required. The Keccak designers have also defined a modified chaining mode for Keccak that provides authenti-cated encryption.SHA-2 has held up well, and
NIST considers it secure for gen-eral use. So SHA-3 is a comple-ment to SHA-2 rather than a replacement. The relatively com-pact nature of SHA-3 may make it useful for so-called “embedded” or smart devices that connect to electronic networks but are not themselves full-fledged comput-ers. Examples include sensors in a building-wide security system and home appliances that can be controlled remotely.
The sponge constructionThe underlying structure of
SHA-3 is a scheme referred to by its designers as a sponge construc-tion. The sponge construction has the same general structure as other iterated hash functions. As with other iterated hash functions, the sponge function takes an input message and partitions it into fixed-size blocks. Each block is processed in turn with the output of each iteration fed into the next iteration, finally producing an output block.
The sponge function is defined by three parameters:
• f is the internal function used to process each input block
• r is the size in bits of the input blocks, called the bit rate
• pad is the padding algorithm.
A sponge function allows both vari-able length input and output, making it a flexible structure that can be used for a hash function (fixed length output), a pseudorandom number generator (fixed length input), and other cryptographic functions. Figure 1 illustrates this point. An input message of n b is partitioned into k fixed-size blocks of r b each. If necessary, the message is padded to achieve a length that is an integer multi-ple of r b. The resulting partition is the sequence of blocks , , ,,P P Pk0 1 1f - with
.n k r#= For uniformity, padding is always added, so that if n mod ,r 0= a padding block of r b is added. The actual padding algorithm is a parameter of the function.
After processing all of the blocks, the sponge function generates a sequence of output blocks , , ,Z Z Z j0 1 1f - . The number of output blocks generated is determined by the number of output bits desired. If the desired output is , b, then j blocks are produced, such that ( )j 1 #-
.r j r< #, #Figure 2 shows the iterated
structure of the sponge function. The sponge construction operates on a state variable s of b r c= + b, which is initialized to all zeros and modified at each iteration. The value r is called the bit rate. This value is the block size used to par-tition the input message. The term “bit rate” reflects the fact that r is the number of bits processed at each iteration: the larger the value of ,r the greater the rate at which message bits are processed by the sponge construction. The value c is referred to as the capacity. A dis-cussion of the security implications of the capacity is beyond our scope. In essence, the capacity is a measure of the achievable com-plexity of the sponge construction and therefore the achievable level of security.
A given implementation can trade claimed security for speed by increas-ing the capacity c and decreasing the bit rate r accordingly, or vice-versa. The default values for Keccak are
,c 1 024= b, r 576= b, and there-fore ,b 1 600= b.
The sponge construction con-sists of two phases. The absorbing phase proceeds as follows: For each iteration, the input block to be processed is padded with zeroes to extend its length from r b to b b. Then, the bitwise XOR of the extended message block and s is formed to create a b-b input to the iteration function .f The output of f is the value of s for the next iteration.
If the desired output length , satisfies ,b, # then at the comple-tion of the absorbing phase, the first , b of s are returned and the sponge construction terminates. Otherwise, the sponge construc-tion enters the squeezing phase. To begin, the first , b of s are
k # r bits
(a)
(b)
P0 P1
Z0 Z1
Pk-1
Zj-1
padMessage
r bits r bits r bits
r bits r bits r bitsI bits
n bits
Fig. 1 The sponge function (a) input and (b) output.
(a)
(b)
f
r c
r c 0r 0c
0cP0
0cP1
z0
z1
0cP2
0cPk-1
f
s
f
s
f
s
br cb
r
Fig. 2 Sponge construction. (a) Absorbing phase and (b) squeezing phase.
28 IEEE POTENTIALS
retained as block .Z0 Then, the value of s is updated with repeated executions of ,f and at each iteration, the first , b of s are retained as block Zi and concatenated with previous ly generated blocks. The process con-tinues through ( )j 1- iterations until we have ( )j r1 <# , #- .j r# At this point the first , b of the concatenated block Y are returned.
Note that the absorbing phase has the structure of a typical hash function. A common case will be one in which the desired hash length is less than or equal to the input block length; that is .r, # In that case, the sponge construction terminates after the absorb-ing phase. If a longer output than b b is required, then the squeezing phase is employed. Thus the sponge construction is quite flexible. For exam-ple, a short message with a length r could be used as a seed and the sponge construction would func-tion as a pseudorandom number generator.
To summarize, the sponge construction is a simple iterated construc-tion for building a func-tion F with variable-length
input and arbitrary output length based on a fixed-length transformation or per-mutation f operating on a fixed number b of bits.
SHA-3 makes use of an iteration func-tion ,f labeled Keccak- ,f which is described in the next section. The overall SHA-3 function is a sponge function expressed as Keccak [ , ]r c to reflect that SHA-3 has two operational parameters, ,r the message block size, and ,c the capac-ity. For SHA-3, the values of c and r determine the hash size n , as follows:
• , ,n r c224 1152 448= = =
• , ,n r c256 1088 512= = =
• , ,n r c384 832 768= = =
• , ,n r c512 576 1024= = = .
In terms of the sponge algorithm defined above, Keccak [ , ]r c is defined as
Keccak , SPONGEr c D6 @ Keccak6 - , pad ,f r c r10 1+ )6 @ @,
where pad 10 1) appends a single bit 1 followed by the minimum number of bits 0 followed by a single bit 1 such that the length of the result is a multiple of the block length. We now turn to a discussion of the iteration function Keccak- .f
The SHA-3 iteration function f The iteration function Keccak- f pro-
cesses each successive block of the input message. Recall that f takes as input a 1,600-b variable s consisting of r b, cor-responding to the message block size fol-lowed by c b, referred to as the capacity. For internal processing within ,f the input state variable s is organized as a 5 5 64# # array a. The 64-b units are referred to as lanes. For our purposes, we generally use the notation [ , , ]a x y z to refer to an indi-vidual bit in the state array. When we are more concerned with operations that affect entire lanes, we designate the 5 5# matrix as [ , ],L x y where each entry in L is a 64-b lane. The use of indices within this matrix is shown in Fig. 3. Thus, the col-umns are labeled x 0= through ,x 4= the rows are labeled y 0= through
,y 4= and the individual bits within a lane are labeled z 0= through .z 63= The mapping between the bits of s and those of a is
[ ( ) ] [ , , ] .s y x z a x y z64 5 + + =
We can visualize this with respect to the matrix in Fig. 3. When treating the state as a matrix of lanes, the first lane in the lower left corner, [ , ],L 0 0 corre-sponds to the first 64 b of s. The lane in
L60, 4@
x = 0 x = 1 x = 2 x = 3 x = 4
L60, 3@
L60, 2@
L60, 1@
L60, 0@
a6x, y, 0@ a6x, y, 1@ a6x, y, 2@ a6x, y, z@ a6x, y, 62@ a6x, y, 63@
y = 1
y = 0
y = 2
y = 3
y = 4 L61, 4@
L61, 3@
L61, 2@
L61, 1@
L61, 0@
L62, 4@
L62, 3@
L62, 2@
L62, 1@
L62, 0@
(a)
(b)
L63, 4@
L63, 3@
L63, 2@
L63, 1@
L63, 0@
L64, 4@
L64, 3@
L64, 2@
L64, 1@
L64, 0@
Fig. 3 The SHA-3 state matrix. (a) State variable as 5 # 5 matrix A of 64-b words and (b) bit labeling of 64-b words.
Theta i Step
Rho t Step ROTIx, yM
RCQ0U
Rou
nd 0
Pi r Step
Chi | Step
Iota k Step
Theta i Step
Rho t Step ROTIx, yM
RCQ23U
Rou
nd 2
3
Pi r Step
Chi | Step
Iota k Step
s
s
Fig. 4 The SHA-3 iteration function f.
NOVEmbEr/DEcEmbEr 2013 29
the second column, lowest row, L[1, 0], corresponds to the next 64 b of s. Thus, the array a is filled with the bits of s starting with row y 0= and proceeding row by row.
The function f is executed once for each input block of the message to be hashed. The function takes as input the 1,600-b state variable and converts it into a 5 5# matrix of 64-b lanes. This matrix then passes through 24 rounds of pro-cessing. Each round consists of five steps, and each step updates the state matrix by permutation or substitution operations. As shown in Fig. 4, the rounds are identi-cal with the exception of the final step in each round, which is modified by a round constant that differs for each round.
The steps have a simple description leading to a specification that is compact and in which no trap door can be hidden. The operations on lanes in the specification are limited to bitwise Bool-ean operations (XOR, AND, NOT) and rotations. There is no need for table-lookups, arithmetic operations, or data-dependent rotations. Thus, SHA-3 is easily and efficiently implemented in either hardware or software.
The Keccak reference defines the ifunction as follows. For bit z in column x, row y:
: , , , ,
( ), ,
( ), , ,
a x y z a x y z
a x y z
a x y z
1
1 1
y
y
0
4
0
4
!
5
5
/
/
i
-
+ -
=
=
l
l
l
l
e
^e
o
h o
6 6
6
6
@ @
@
@
(1)
where the summations are iterated bitwise XOR operations. We can see more clearly what this operation accomplishes with ref-erence to Figure 5a. First, define the bit-wise XOR of the lanes in column x as:
, , ,
, , .
C x L x L x L x
L x L x
0 1 2
3 4
5 5
5 5
=6 6 6 66 6
@ @ @ @@ @
Consider lane ,L x y6 @ in column x, row y. The first summation in (1) per-forms a bitwise XOR of the lanes in column x 1-^ h mod 4 to form the 64-b lane C x 1-6 @. The second summation performs a bitwise XOR of the lanes in column ( )x 1+ mod 4, and then rotates the bits within the 64-b lane so that the bit in position z is mapped into position z 1+ mod 64. This forms the lane ROT
, .C x 1 1+^ h6 @ These two lanes and ,L x y6 @ are combined by bitwise XOR
to form the updated value of , .L x y6 @ This can be expressed as
, ,
ROT , .
L x y L x y C x
C x
1
1 1
! 5
5
-
+^ h6 6 6
6@ @ @
@
Figure 5(a) illustrates the operation on L[3,2]. The same operation is per-formed on all of the other lanes in the matrix.
Several observations are in order. Each bit in a lane is updated using the bit itself and one bit in the same bit position from each lane in the preced-ing column and one bit in the adjacent bit position from each lane in the suc-ceeding column. Thus the updated value of each bit depends on 11 b. This provides good mixing. Also, the theta step provides good diffusion. The designers of Keccak state that the theta step provides a high level of diffusion on average and that without theta, the round function would not provide dif-fusion of any significance.
The t function is defined as follows:
: , , , , ifa x y z a x y z x y 0!t = =6 6@ @
otherwise,
: , , , ,a x y z a x y zt t
21 2
!t -+ +^ ^c h h m6 ;@ E
(2)
with t satisfying t0 24<# and
in GF( )xy
0 13
10
52
t2 2= #c c cm m m ,
where GF( )5 2 2# means that arithmetic will be done on 2 # 2 matrices and all additions and multiplications will be taken mod 5.
It is not immediately obvious what this step performs, so let us look at the process in detail.
1) The lane in position , , ,x y 0 0=^ ^h h that is , ,[ ]L 0 0 is unaffected. For all other words, a circular bit shift within the lane is performed.
2) The variable t, with ,t0 24<# is used to determine both the amount of the circular bit shift and which lane is assigned which shift value.
3) The 24 individual bit shifts that are performed have the respective values ] / .[ modt t1 2 2 64+ +^ ^h h
4) The shift determined by the value of t is performed on the lane in position (x, y) in the 5 5# matrix of lanes. Spe-cifically, for each value of t, the corre-sponding matrix position is defined by
.xy
02
13
10
t
=c c cm m m For example, for ,t 3=
we have:
modxy
02
13
10
53
=c c cm m m
mod02
13
02
13
02
13
10
5=c c c cm m m m
mod02
13
02
13 2
50
=c c cm m m
mod
mod
02
13
26
5
02
13
21
5
=
=
c c
c c
m m
m m
.mod17
512
= =c cm m
Table 1 shows the calculations that are performed to determine the amount of the bit shift and the location of each bit shift value. Note that all of the rota-tion amounts are different.
The t function thus consists of a simple permutation (circular shift) within each lane. The intent is to provide diffu-sion within each lane. Without this func-tion diffusion between lanes would be very slow.
The r function is defined as follows:
: , , ,a x y a x y!r l l6 6@ @
with
.xy
xy
02
13
=l
lc c em m o (3)
This can be rewritten as ,x y #^ h , .y x y2 3+^^ hh Thus, the lanes within the
5 5# matrix are moved so that the new x position equals the old y position and the new y position is determined by x y2 3+^ h mod 5. Figure 6 helps in visu-
alizing this permutation. Lanes that are along the same diagonal (increasing in y value going from left to right) prior to r are arranged on the same row in the matrix after r is executed. Note that the position of [ , ],L 0 0 is unchanged.
Thus the r step is a permutation of lanes: the lanes move position within the 5 5# matrix. The t step is a per-mutation of bits: bits within a lane are rotated. Note that the r step matrix positions are calculated in the same way that, for the t step, the one-dimensional sequence of rotation constants is mapped to the lanes of the matrix.
The | function is defined as follows:
:
AND .
a x a x a x
a x
1 1
2
! 5 5| +
+
^^ hh
6 6 66
@ @ @@
(4)
This function operates to update each bit based on its current value and the
30 IEEE POTENTIALS
value of the corresponding bit position in the next two lanes in the same row. The operation is more clearly seen if we consider a single bit , ,a x y z6 @ and write out the Boolean expression:
, , , ,
NOT , ,
AND , , .
a x y z a x y z
a x y z
a x y z
1
2
! 5
+
+
^^^
hhh
6 666
@ @@@
Figure 5(b) illustrates the operation of the | function on the bits of the 64-b lane L[3, 2]. This is the only one of the step functions that is a nonlin-ear mapping. Without it, the SHA-3 round function would be linear.
The k function is defined as
: a a RC ir! 5k 6 @. (5)
This function combines each 64-b array element with a round constant that differs for each round. It breaks up any symmetry induced by the other four routines. In fact, (5) is somewhat misleading. The round constant is applied
only to the first lane of the internal state array. We express this is as
, , RCL L i i0 0 0 0 0 24r r! 5 # #6 6 6@ @ @ .
From round to round, the permutations and substitutions propagate the effects of the k function to all of the lanes and all of the bit positions in the matrix. It is easily seen that the disruption diffuses through i and | to all lanes of the state after a single round.
The future of SHA-3NIST published SHA-3 as a draft stan-
dard for public comment in the latter part of 2013. As of this writing, it is expected that the final standard will be published by the middle of 2014. It may be some time before we see commercially available implementations in cryptographic algo-rithms and protocols. And because SHA-2 continues to be viewed as secure, it is unlikely that SHA-3 will completely sup-plant SHA-2. But, with its high level of security, its implementation efficiency, and the prestige of having prevailed in a com-petition, SHA-3 is likely to become a widely used hash function. An additional advan-tage of having both SHA-2 and SHA-3 as standard hash functions is that the two hash functions have fundamentally differ-ent structures and use quite different math-ematical operations. Thus, any cryptanalytic attack that is developed that tends to weaken one of the two hash functions is unlikely to be useful against the other.
AcknowledgmentI would like to thank the designers
of Keccak, who reviewed a draft of this article.
Read more about it• X. Wang and H. Yu, “How to
break MD5 and other hash functions,” in Advances in Cryptology, Proceedings Eurocrypt (Lecture Notes in Computer Science, vol. 3494), R. Cramer, Ed. New York: Springer-Verlag, 2005, pp. 19–35.
• X. Wang, Y. Yin, and H. Yu, “Finding collisions in the full SHA-1,” in Advances in Cryptology, Proceed-ings Crypto (Lecture Notes in Computer Science, vol. 3621), V. Shoup, Ed. New York: Springer-Verlag, 2005, pp. 1–16. • B. Preneel, “The first 30 years of cryptographic hash functions and the NIST SHA-3 competition,” in Proc. CT-RSA Int. Conf. Topics Cryptology, 2010, pp. 1–14. • W. Burr, “A new hash competi-tion,” IEEE Security Privacy, vol. 6, no. 3, pp. 60–62, May–June 2008. • National Institute of Standards and Technology, “Announcing request for candidate algorithm nominations for a new cryptographic hash algorithm (SHA-3) family,” Federal Register, vol. 72, no. 212, pp. 62212–62220, Nov. 2007.
• T. Harbert, “New King of security algorithms crowned,” IEEE Spectr., vol. 49, no. 12, pp. 12–13, Dec. 2012. • G. Bertoni, G. Bertoni, J. Daemen, M. Peeters, and G. Van Assche, “Sponge functions,” in Ecrypt Hash Workshop, May 2007.
Table 1. Rotation values used in SHA-3.
t g(t)g(t) mod 64 x, y t g(t)
g(t) mod 64 x, y
0 1 1 1, 0 12 91 27 4, 0
1 3 3 0, 2 13 105 41 0, 3
2 6 6 2, 1 14 120 56 3, 4
3 10 10 1, 2 15 136 8 4, 3
4 15 15 2, 3 16 153 25 3, 2
5 21 21 3, 3 17 171 43 2, 2
6 28 28 3, 0 18 190 62 2, 0
7 36 36 0, 1 19 210 18 0, 4
8 45 45 1, 3 20 231 39 4, 2
9 55 55 3, 1 21 253 61 2, 4
10 66 2 1, 4 22 276 20 4, 1
11 78 14 4, 4 23 300 44 1, 1
(a)
(b)
L60, 4@x = 0 x = 1 x = 2 x = 3 x = 4
L60, 3@
L60, 2@
L60, 1@
L60, 0@
y = 1
y = 0
y = 2
y = 3
y = 4 L61, 4@
L61, 3@
L61, 2@
L61, 1@
L61, 0@
L62, 4@
L62, 3@
L62, 2@
L62, 1@
L62, 0@
L63, 4@
L63, 3@
L63, 2@
L63, 1@
L63, 0@
L64, 4@
L64, 3@
L64, 2@
L64, 1@
L64, 0@
L60, 4@x = 0 x = 1 x = 2 x = 3 x = 4
L60, 3@
L60, 2@
L60, 1@
L60, 0@
y = 1
y = 0
y = 2
y = 3
y = 4 L61, 4@
L61, 3@
L61, 2@
L61, 1@
L61, 0@
L62, 4@
L62, 3@
L62, 2@
L62, 1@
L62, 0@
L63, 4@
L63, 3@
L63, 2@
L63, 1@
L63, 0@
L64, 4@
L64, 3@
L64, 2@
L64, 1@
L64, 0@
L62, 3@ Lt62, 3@C61@ ROT(C63@, 1)
L62, 3@ L62, 3@ L63, 3@ L64, 3@AND
Fig. 5 Theta and chi step functions. (a) i step function and (b) | step function.
NOVEmbEr/DEcEmbEr 2013 31
• G. Bertoni, J. Daemen, M. Peeters, and G. Van Assche. (2011, Jan.). Cryp-tographic sponge functions. [Online]. Available: http://sponge.noekeon.org/
• W. Stallings, Cryptography and Network Security: Principles and Prac-tice, 6th ed. Upper Saddle River, NJ: Pearson, 2013.
About the authorWilliam Stallings ([email protected]) is a
consultant, lecturer, and author of numer-ous computer science textbooks on cryp-tography, computer organization, operating systems, and computer networking. His latest book is Cryptography and Network Security (Pearson. 2013). He created and
maintains the Computer Science Student Resource Site at ComputerScienceStudent.com. This site provides documents and links on a variety of subjects of general interest to computer science students (and professionals). He is a member of the edi-torial board of Cryptologia, a scholarly journal devoted to all aspects of cryptology.
(a)
Row 0Row 3
Row 1Row 4
Row 2
Row 2
Row 4
Row 1
Row 3
x = 0 x = 1 x = 2 x = 3 x = 4
L60, 4@
L60, 3@
L60, 2@
L60, 1@
L60, 0@
y = 1
y = 0
y = 2
y = 3
y = 4 L61, 4@
L61, 3@
L61, 2@
L61, 1@
L61, 0@
L62, 4@
L62, 3@
L62, 2@
L62, 1@
L62, 0@
L63, 4@
L63, 3@
L63, 2@
L63, 1@
L63, 0@
L64, 4@
L64, 3@
L64, 2@
L64, 1@
L64, 0@
(b)
x = 0 x = 1 x = 2 x = 3 x = 4
L62, 0@
L64, 0@
L61, 0@
L63, 0@
L60, 0@
y = 1
y = 0
y = 2
y = 3
y = 4 L63, 1@
L60, 1@
L62, 1@
L64, 1@
L61, 1@
L64, 2@
L61, 2@
L63, 2@
L60, 2@
L62, 2@
L60, 3@
L62, 3@
L64, 3@
L61, 3@
L63, 3@
L61, 4@
L63, 4@
L60, 4@
L62, 4@
L64, 4@
Fig. 6 Pi step function. (a) Lane position at the start of step and (b) lane position after the permutation.
with SB Chapters and Chapters within your Section that align with the technical interests of IEEE, offers you, and your IEEE SB, maximum support and maximum exposure to the larger IEEE.
As a student, have you ever attended a Section meeting or any Section event? Do you invite your Section leaders to your IEEE SB events? The benefits of interaction between an IEEE Section and an IEEE SB include:
• increased number of successful Section and SB events and meetings with increased attendance
• open doors for meetings, networking opportunities, and other events held jointly between Sections and SBs
• future skilled volunteers for the Section as students graduate and elevate to higher grade membership
• potential increase in the number of active Chapters in SBs and Sections.
Some ideas for IEEE Section and IEEE SB engagement include: • holding Section Executive Committee meetings at universities • having a student serve on the Section ExCom as a vot-
ing member • the Section providing a mentor for the SB • planning and holding joint Section and SB technical
activities and professional awareness activities, such as a Stu-dent Professional Awareness Conference
• SBs can request modest funding support from Sections for specific campus events.
I encourage you, as an IEEE SB, to reach out to your local Section and build a relationship with them. The potential benefits are worth the effort to engage.
IEEE SB AWARDS: The Student Activities Committee (SAC) is pleased to announce this year’s recipients of the SAC Awards. There were a total of five awards for which students were eli-gible to submit nominations. Each award recognizes a differ-ent area of student leadership and success. The SAC is also pleased to report that there was a 200% increase in nominations received for this year’s award cycle compared to the previous year. Please check the Student Activities Web site (www.ieee.org/students) for a list of all recipients of the following awards:
• IEEE Student Enterprise Award • Larry K. Wilson Regional Student Activities Award • IEEE Regional Exemplary Student Branch Award • IEEE Outstanding Branch Counselor and Advisor Award
Recognition Program • The Darrel Chong Student Activity Award.
The nomination process for the upcoming year will begin in November 2013 with all nominations due by February 2014. Please check https://ieee-student-awards.myreviewroom.com for more details and specific deadlines. If you have questions regard-ing the awards program, please contact [email protected].
I like to close out each of my columns in the same manner—with a request to please drop me a note at anytime to share your thoughts on the value of your IEEE student membership and to share a story or example of what your IEEE membership engagement means to you. I would also like to here about how your IEEE SB has successfully interacted with your IEEE Section.
John PaserbaIEEE MGA Chair—Student Activities
(continued from page 3)the way ahead