Security

Inside SHA-3 & Privacy

Lockdown

© cybrain/shutterstock.com

William Stallings

T
 he National Institute of Standards it could take years to find a suitable Accordingly, NIST announced in
and Technology (NIST) has selected replacement for SHA-2, should it 2007 a competition to produce the next
a new cryptographic hash algorithm become vulnerable, NIST decided to generation NIST hash function, to be
through a public competition. The new begin the process of developing a new called SHA-3. NIST completed its evalu-
hash algorithm is referred to as the hash standard. ation process and announced a final
Secure Hash Algorithm 3 (SHA-3) and is
intended to complement the SHA-2 hash
algorithms currently specified in Federal
Information Processing Standard (FIPS)
180-3, Secure Hash Standard. The
selected algorithm is intended to be suit-
able for use by the U.S. government as
well as the private sector and is available
royalty-free worldwide.
The winning design for SHA-3 was
announced by NIST in October 2012.
This article examines the internal struc-
ture and functions of SHA-3 and talks
about its future role in cryptographic
and security products.

SHA-3 origins
Throughout the 1990s, first MD5
and then SHA-1 were deployed in a
wide variety of cryptographic applica-
tions and security protocols. By 2004,
however, MD5 had been effectively
“broken.” In 2005, NIST announced the
intention to phase out approval of
SHA-1 and move to a reliance on
SHA-2 by 2010. Shortly thereafter, a
research team described an attack in
which two separate messages could be
found that deliver the same SHA-1
hash using 2 69 operations, far fewer
than the 2 80 operations previously
thought needed to find a collision with
an SHA-1 hash.
SHA-2, particularly the 512-b ver-
sion, would appear to provide unas-
© can stock photo/shkyo30

sailable security. However, SHA-2
shares the same structure and mathe-
matical operations as SHA-1 and MD5,
and this is a cause for concern. Because

Digital Object Identifier 10.1109/MPOT.2013.2254508

Date of publication: 4 November 2013

26 0278-6648/13/$31.00©2013IEEE IEEE POTENTIALS

standard in 2012. NIST selected Keccak
for the SHA-3 algorithm. Keccak was
designed by a team of cryptographers
from Belgium and Italy inclusing Guido
Bertoni, Joan Daemen, Michaël Peeters,
and Gilles Van Assche. In their
announcement, NIST explained the
choice as follows:
NIST chose Keccak over the four
other excellent finalists for its ele-
gant design, large security margin,
good general performance, excel-
lent efficiency in hardware imple-
mentations, and for its flexibil-
ity. Keccak uses a new “sponge
construction” chaining mode,
based on a fixed permutation,
that can readily be adjusted to
trade generic security strength
for throughput, and can gener-
ate larger or smaller hash out-
puts as required. The Keccak
designers have also defined a
modified chaining mode for
Keccak that provides authenti-
cated encryption.
SHA-2 has held up well, and
NIST considers it secure for gen-
eral use. So SHA-3 is a comple-
ment to SHA-2 rather than a
replacement. The relatively com-
pact nature of SHA-3 may make it
useful for so-called “embedded”
or smart devices that connect to
electronic networks but are not
themselves full-fledged comput-
ers. Examples include sensors in
a building-wide security system
and home appliances that can be
controlled remotely.
The sponge construction
The underlying structure of
SHA-3 is a scheme referred to by
its designers as a sponge construc-
tion. The sponge construction has
the same general structure as other
iterated hash functions. As with
other iterated hash functions, the
sponge function takes an input
message and partitions it into
fixed-size blocks. Each block is
processed in turn with the output
of each iteration fed into the next
iteration, finally producing an
output block.
The sponge function is defined by
three parameters:
•• f is the internal function
used to process each input block
•• r is the size in bits of the
input blocks, called the bit rate
•• pad is the padding algorithm.
NOVEMBER/DECEMBER 201327
A sponge function allows both vari- n = k # r. For uniformity, padding is
able length input and output, making it aalways added, so that if n mod r = 0, a
flexible structure that can be used for apadding block of r b is added. The actual
hash function (fixed length output), a padding algorithm is a parameter of
pseudorandom number generator (fixed the function.
length input), and other cryptographic After processing all of the blocks, the
functions. Figure 1 illustrates this point.
sponge function generates a sequence
An input message of n b is partitioned of  output blocks Z 0, Z 1, f, Z j - 1 . The
into k fixed-size blocks of r b each. If number of output blocks generated is
necessary, the message is padded to determined by the number of output bits
desired. If the desired output is , b, then j
achieve a length that is an integer multi-
ple of r b. The resulting partition is the
blocks are produced, such that (j - 1) #
sequence of blocks P0, P1, f, Pk -1, withr < , # j # r.
Figure 2 shows the iterated
structure of the sponge function.
The sponge construction operates
k # r bits on a state variable s of b = r + c b,
n bits
which is initialized to all zeros and
Message pad
modified at each iteration. The
value r is called the bit rate. This
value is the block size used to par-
tition the input message. The term
r bits r bits r bits “bit rate” reflects the fact that r is
the number of bits processed at
P0 P1 Pk-1
each iteration: the larger the value
(a) of r, the greater the rate at which
I bits message bits are processed by the
r bits r bits r bits sponge construction. The value c
Z0 Z1 is referred to as the capacity. A dis-
cussion of the security implications
Zj-1 of the capacity is beyond our
(b) scope. In essence, the capacity is a
measure of the achievable com-
plexity of the sponge construction
Fig. 1 The sponge function (a) input and (b) output.
and therefore the achievable level
of security.
A given implementation can trade
b b claimed security for speed by increas-
r c c r ing the capacity c and decreasing the
r c 0r 0c r bit rate r accordingly, or vice-versa.
P0 0 c z 0 The default values for Keccak are
c = 1, 024 b, r = 576 b, and there-
f f fore b = 1, 600 b.
The sponge construction con-
s
sists of two phases. The absorbing
P1 0 c z1 phase proceeds as follows: For
each iteration, the input block to
f be processed is padded with
s (b)
zeroes to extend its length from r
b to b b. Then, the bitwise XOR of
P2 0 c the extended message block and s
is formed to create a b-b input
to the iteration function f. The
output of f is the value of s for the
next iteration.
Pk-1 0 c
If the desired output length ,
f
satisfies , # b, then at the comple-
tion of the absorbing phase, the
s first , b of s are returned and the
(a) sponge construction terminates.
Otherwise, the sponge construc-
Fig. 2 Sponge construction. (a) Absorbing phase and (b) tion enters the squeezing phase.
squeezing phase. To begin, the first , b of s are
 input and arbitrary output length based
x=0 x=1 x=2 x=3 x=4 on a fixed-length transformation or per-
y=4 L60, 4@ L61, 4@ L62, 4@ L63, 4@ L64, 4@
mutation f operating on a fixed number
b of bits.
y=3 L60, 3@ L61, 3@ L62, 3@ L63, 3@ L64, 3@ SHA-3 makes use of an iteration func-
tion f, labeled Keccak- f, which is
y=2 L60, 2@ L61, 2@ L62, 2@ L63, 2@ L64, 2@ described in the next section. The overall
y=1 L60, 1@ L61, 1@ L62, 1@ L63, 1@ L64, 1@ SHA-3 function is a sponge function
expressed as Keccak [r, c] to reflect that
y=0 L60, 0@ L61, 0@ L62, 0@ L63, 0@ L64, 0@ SHA-3 has two operational parameters, r,
the message block size, and c, the capac-
(a)
a6x, y, 0@ a6x, y, 1@ a6x, y, 2@ a6x, y, z@ a6x, y, 62@ a6x, y, 63@ ity. For SHA-3, the values of c and r
determine the hash size n , as follows:
•• n = 224, r = 1152, c = 448
•• n = 256, r = 1088, c = 512
(b) •• n = 384, r = 832, c = 768
•• n = 512, r = 576, c = 1024 .
Fig. 3 The SHA-3 state matrix. (a) State variable as 5 # 5 matrix A of 64-b words and In terms of the sponge algorithm
(b) bit labeling of 64-b words. defined above, Keccak [r, c] is defined as

retained as block Z 0 . Keccak 6r, c@ D SPONGE

Then, the value of s is  6Keccak - f 6r + c@, pad10 ) 1, r @ ,
s updated with repeated
executions of  f,  and at where pad 10 ) 1 appends a single bit 1
each iteration, the first , b followed by the minimum number of bits
Theta i Step
of s are retained as block 0 followed by a single bit 1 such that the
Z i and concatenated with length of the result is a multiple of the
p r ev i o u s l y   g e n e r a t e d block length. We now turn to a discussion
Rho t Step ROTIx, yM
blocks. The process con- of the iteration function Keccak- f.
tinues through  ( j - 1)
Round 0

Pi r Step
iterations until we have
( j - 1) # r < , # j # r. At
this point the first , b of
Chi | Step
the concatenated block Y
are returned.
Note that the absorbing
Iota k Step RCQ0U phase has the structure of
a typical hash function. A
common case will be one
in which the desired hash
length is less than or equal
to the input block length;
that is , # r. In that case,
the sponge construction
Theta i Step
terminates after the absorb-
ing phase. If a longer
Rho t Step ROTIx, yM output than b b is required,
then the squeezing phase
is employed. Thus the
Round 23
The SHA-3 iteration function f
The iteration function Keccak- f pro-
cesses each successive block of the input
message. Recall that f takes as input a
1,600-b variable s consisting of r b, cor-
responding to the message block size fol-
lowed by c b, referred to as the capacity.
For internal processing within f, the input
state variable s is organized as a 5 # 5 # 64
array a. The 64-b units are referred to as
lanes. For our purposes, we generally use
the notation a [x, y, z] to refer to an indi-
vidual bit in the state array. When we are
more concerned with operations that
affect entire lanes, we designate the 5 # 5
matrix as L [x, y], where each entry in L is
a 64-b lane. The use of indices within this
matrix is shown in Fig. 3. Thus, the col-
umns are labeled x = 0 through x = 4,

Pi r Step sponge construction is the rows are labeled y = 0 through

quite flexible. For exam-
ple, a short message with a
Chi | Step length r could be used as a
seed and the sponge
construction would func-
Iota k Step RCQ23U tion as a pseudorandom
number generator.
To   s u m m a r i z e ,  t h e
s sponge construction is a
simple iterated construc-
tion for building a func-
Fig. 4 The SHA-3 iteration function f. tion F with variable-length
y = 4, and the individual bits within a
lane are labeled z = 0 through z = 63.
The mapping between the bits of s and
those of a is
s [64 (5y + x) + z] = a [x, y, z] .
We can visualize this with respect to
the matrix in Fig. 3. When treating the
state as a matrix of lanes, the first lane in
the lower left corner, L [0, 0], corre-
sponds to the first 64 b of s. The lane in

28 IEEE POTENTIALS

the second column, lowest row, L[1, 0],
corresponds to the next 64 b of s. Thus,
the array a is filled with the bits of s
starting with row y = 0 and proceeding
row by row.
The function f is executed once for
each input block of the message to be
hashed. The function takes as input the
1,600-b state variable and converts it into
a 5 # 5 matrix of 64-b lanes. This matrix
then passes through 24 rounds of pro-
cessing. Each round consists of five steps,
and each step updates the state matrix by
permutation or substitution operations.
As shown in Fig. 4, the rounds are identi-
cal with the exception of the final step in
each round, which is modified by a round
constant that differs for each round.
The steps have a simple description
leading to a specification that is compact
and in which no trap door can be
hidden. The operations on lanes in the
specification are limited to bitwise Bool-
ean operations (XOR, AND, NOT) and
rotations. There is no need for table-
lookups, arithmetic operations, or data-
dependent rotations. Thus, SHA-3 is
easily and efficiently implemented in
either hardware or software.
The Keccak reference defines the i
function as follows. For bit z in column
x, row y:
i: a 6x, y, z @ ! a 6x, y, z @
5e a 6(x - 1), y l , z @o
4
/
yl =0
5e a 6(x + 1), y l , ^z - 1 h@o,
4
/
yl =0
(1)
where the summations are iterated bitwise
XOR operations. We can see more clearly
what this operation accomplishes with ref-
erence to Figure 5a. First, define the bit-
wise XOR of the lanes in column x as:
C 6x@ = L 6x, 0@ 5 L 6x, 1@ 5 L 6x, 2@
5 L 6x, 3@ 5 L 6x, 4@ .
Consider lane L 6x, y@ in column x,
row y. The first summation in (1) per-
forms a bitwise XOR of the lanes in
column ^ x - 1 h mod 4 to form the 64-b
lane C 6x - 1@ . The second summation
performs a bitwise XOR of the lanes in
column (x + 1) mod 4, and then rotates
the bits within the 64-b lane so that the
bit in position z is mapped into position
z + 1 mod 64. This forms the lane ROT
^ C 6x + 1@, 1 h . These two lanes and
L 6x, y@ are combined by bitwise XOR
to form the updated value of L 6x, y@ .
This can be expressed as
NOVEMBER/DECEMBER 201329
L 6x, y@ ! L 6x, y@ 5 C 6x - 1@
5 ROT ^C 6x + 1@, 1 h .
Figure 5(a) illustrates the operation
on L[3,2]. The same operation is per-
formed on all of the other lanes in
the matrix.
Several observations are in order.
Each bit in a lane is updated using the
bit itself and one bit in the same bit
position from each lane in the preced-
ing column and one bit in the adjacent
bit position from each lane in the suc-
ceeding column. Thus the updated
value of each bit depends on 11 b. This
provides good mixing. Also, the theta
step provides good diffusion. The
designers of Keccak state that the theta
step provides a high level of diffusion
on average and that without theta, the
round function would not provide dif-
fusion of any significance.
The t function is defined as follows:
t: a 6x, y, z @ ! a 6x, y, z @ if x = y = 0
otherwise,
^t + 1 h^t + 2 h
t: a 6x, y, z @ ! a ;x, y, c z -
2 with
(2)
with t satisfying 0 # t < 24 and
c m c m = c m in GF (5) 2 # 2 ,
0 1 t 1 x
2 3 0 y
where GF (5) 2 # 2 means that arithmetic
will be done on 2 # 2 matrices and all
additions and multiplications will be
taken mod 5.
It is not immediately obvious what
this step performs, so let us look at the
process in detail.
1) The lane in position ^ x, y h = ^0, 0 h,
that is L [0, 0], is unaffected. For all other
words, a circular bit shift within the lane
is performed.
2) The variable t, with 0 # t < 24, is
used to determine both the amount of
the circular bit shift and which lane is
assigned which shift value.
3) The 24 individual bit shifts that
are performed have the respective
values [^t + 1 h^t + 2 h] /2 mod 64.
4) The shift determined by the value
of t is performed on the lane in position
(x, y) in the 5 # 5 matrix of lanes. Spe-
cifically, for each value of t, the corre-
sponding matrix position is defined by
c m =c m c m . For example, for t = 3,
x 0 1 1
t
y 2 3 0
we have:
c m =c m c m mod 5
x 0 1 3 1
y 2 3 0
=c mc mc m c m mod 5
0 1 0 1 0 1 1
2 3 2 3 2 3 0
=c mc m c m mod 5
0 1 0 1 0
2 3 2 3 2
=c m c m mod 5
0 1 2
2 3 6
=c m c m mod 5
0 1 2
2 3 1
= c m mod 5 = c m .
1 1
7 2
Table 1 shows the calculations that
are performed to determine the amount
of the bit shift and the location of each
bit shift value. Note that all of the rota-
tion amounts are different.
The t function thus consists of a
simple permutation (circular shift) within
each lane. The intent is to provide diffu-
sion within each lane. Without this func-
tion diffusion between lanes would be
very slow.
The r function is defined as follows:
r: a 6x, y@ ! a 6x l , y l@,
mE
c m=c m e o . (3)
x 0 1 xl
y 2 3 yl
This can be rewritten as ^ x, y h #
^ y, ^2x + 3y hh . Thus, the lanes within the
5 # 5 matrix are moved so that the new
x position equals the old y position and
the new y position is determined by
^ 2x + 3y h mod 5. Figure 6 helps in visu-
alizing this permutation. Lanes that are
along the same diagonal (increasing in y
value going from left to right) prior to r
are arranged on the same row in the
matrix after r is executed. Note that the
position of L [0, 0], is unchanged.
Thus the r step is a permutation of
lanes: the lanes move position within
the 5 # 5 matrix. The t step is a per-
mutation of bits: bits within a lane are
rotated. Note that the r step matrix
positions are calculated in the same
way that, for the t step, the one-
dimensional sequence of rotation
constants is mapped to the lanes of
the matrix.
The | function is defined as follows:
|: a 6x@ ! a 6x@ 5 ^^ a 6x + 1@ 5 1 h
AND a 6x + 2@h .

(4)
This function operates to update each
bit based on its current value and the
 The future of SHA-3
NIST published SHA-3 as a draft stan-
x=0 x=1 x=2 x=3 x=4
dard for public comment in the latter part
y=4 L60, 4@ L61, 4@ L62, 4@ L63, 4@ L64, 4@ of 2013. As of this writing, it is expected
y=3 L60, 3@ L61, 3@ L62, 3@ L63, 3@ L64, 3@ that the final standard will be published by
the middle of 2014. It may be some time
y=2 L60, 2@ L61, 2@ L62, 2@ L63, 2@ L64, 2@ before we see commercially available
implementations in cryptographic algo-
y=1 L60, 1@ L61, 1@ L62, 1@ L63, 1@ L64, 1@
rithms and protocols. And because SHA-2
y=0 L60, 0@ L61, 0@ L62, 0@ L63, 0@ L64, 0@ continues to be viewed as secure, it is
unlikely that SHA-3 will completely sup-
plant SHA-2. But, with its high level of
L62, 3@ C61@ Lt62, 3@ ROT(C63@, 1)
security, its implementation efficiency, and
(a) the prestige of having prevailed in a com-
petition, SHA-3 is likely to become a widely
x=0 x=1 x=2 x=3 x=4
used hash function. An additional advan-
y=4 L60, 4@ L61, 4@ L62, 4@ L63, 4@ L64, 4@ tage of having both SHA-2 and SHA-3 as
y=3 L60, 3@ L61, 3@ L62, 3@ L63, 3@ L64, 3@ standard hash functions is that the two
hash functions have fundamentally differ-
y=2 L60, 2@ L61, 2@ L62, 2@ L63, 2@ L64, 2@ ent structures and use quite different math-
y=1 L60, 1@ L61, 1@ L62, 1@ L63, 1@ L64, 1@ ematical operations. Thus, any cryptanalytic
attack that is developed that tends to
y=0 L60, 0@ L61, 0@ L62, 0@ L63, 0@ L64, 0@ weaken one of the two hash functions is
unlikely to be useful against the other.
L62, 3@ L62, 3@ L63, 3@ AND L64, 3@
Acknowledgment
(b) I would like to thank the designers
of Keccak, who reviewed a draft of
Fig. 5 Theta and chi step functions. (a) i step function and (b) | step function. this article.

Read more about it

Table 1. Rotation values used in SHA-3.
Figure 5(b) illustrates • X. Wang and H. Yu, “How to
the operation of the | break MD5 and other hash functions,”
g(t) g(t)
t g(t) mod 64 x, y t g(t) mod 64 x, y function on the bits of the in Advances in Cryptology, Proceedings
64-b lane L[3, 2]. This is Eurocrypt (Lecture Notes in Computer
0 1 1 1, 0 12 91 27 4, 0
the only one of the step Science, vol. 3494), R. Cramer, Ed. New
1 3 3 0, 2 13 105 41 0, 3 functions that is a nonlin- York: Springer-Verlag, 2005, pp. 19–35.
2 6 6 2, 1 14 120 56 3, 4
ear mapping. Without it, • X. Wang, Y. Yin, and H. Yu,
the SHA-3 round function “Finding collisions in the full SHA-1,”
3 10 10 1, 2 15 136 8 4, 3 would be linear. in Advances in Cryptology, Proceed-
4 15 15 2, 3 16 153 25 3, 2 The k function is ings Crypto (Lecture Notes in Computer
5 21 21 3, 3 17 171 43 2, 2 defined as Science, vol. 3621), V. Shoup, Ed. New
k: a ! a 5 RC 6i r@ .(5)
York: Springer-Verlag, 2005, pp. 1–16.
6 28 28 3, 0 18 190 62 2, 0
• B. Preneel, “The first 30 years of
7 36 36 0, 1 19 210 18 0, 4 This function combines cryptographic hash functions and the NIST
8 45 45 1, 3 20 231 39 4, 2 each 64-b array element SHA-3 competition,” in Proc. CT-RSA Int.
9 55 55 3, 1 21 253 61 2, 4 with a round constant that Conf. Topics Cryptology, 2010, pp. 1–14.
differs for each round. It • W. Burr, “A new hash competi-
10 66 2 1, 4 22 276 20 4, 1
breaks up any symmetry tion,” IEEE Security Privacy, vol. 6, no.
11 78 14 4, 4 23 300 44 1, 1 induced by the other four 3, pp. 60–62, May–June 2008.
routines. In fact, (5) is • National Institute of Standards
somewhat misleading. The and Technology, “Announcing request
round constant is applied for candidate algorithm nominations
value of the corresponding bit position only to the first lane of the internal state for a new cryptographic hash algorithm
in the next two lanes in the same row. array. We express this is as (SHA-3) family,” Federal Register, vol. 72,
L 60, 0@ ! L 60, 0@ 5 RC 6i r@
The operation is more clearly seen if we no. 212, pp. 62212–62220, Nov. 2007.
consider a single bit a 6x, y, z @ and write
0 # i r # 24 .
• T. Harbert, “New King of security
out the Boolean expression: From round to round, the permutations algorithms crowned,” IEEE Spectr., vol.
and substitutions propagate the effects of 49, no. 12, pp. 12–13, Dec. 2012.
a 6x, y, z @ ! a 6x, y, z @ 5 the k function to all of the lanes and all of the • G. Bertoni, G. Bertoni, J. Daemen,
bit positions in the matrix. It is easily seen M. Peeters, and G. Van Assche, “Sponge
^NOT ^ a 6x + 1, y, z @hh
that the disruption diffuses through i and | functions,” in Ecrypt Hash Workshop,
AND ^a 6x + 2, y, z @h . to all lanes of the state after a single round. May 2007.

30 IEEE POTENTIALS

 x=0 x=1 x=2 x=3 x=4
w2 w4 w1 w 3
w 0
Ro Ro Ro Ro Ro x=0 x=1 x=2 x=3 x=4
y = 4 L60, 4@ L61, 4@ L62, 4@ L63, 4@ L64, 4@ w2 y = 4 L62, 0@ L63, 1@ L64, 2@ L60, 3@ L61, 4@
Ro
y = 3 L60, 3@ L61, 3@ L62, 3@ L63, 3@ L64, 3@ w4 y = 3 L64, 0@ L60, 1@ L61, 2@ L62, 3@ L63, 4@
Ro
y = 2 L60, 2@ L61, 2@ L62, 2@ L63, 2@ L64, 2@ w1 y = 2 L61, 0@ L62, 1@ L63, 2@ L64, 3@ L60, 4@
Ro
y = 1 L60, 1@ L61, 1@ L62, 1@ L63, 1@ L64, 1@ w3 y = 1 L63, 0@ L64, 1@ L60, 2@ L61, 3@ L62, 4@
Ro
y = 0 L60, 0@ L61, 0@ L62, 0@ L63, 0@ L64, 0@ y = 0 L60, 0@ L61, 1@ L62, 2@ L63, 3@ L64, 4@

(b)

(a)

Fig. 6 Pi step function. (a) Lane position at the start of step and (b) lane position after the permutation.

• G. Bertoni, J. Daemen, M. Peeters,
and G. Van Assche. (2011, Jan.). Cryp-
tographic sponge functions. [Online].
Available: http://sponge.noekeon.org/
• W. Stallings, Cryptography and
Network Security: Principles and Prac-
tice, 6th ed. Upper Saddle River, NJ:
Pearson, 2013.
About the author
William Stallings (wllmst@me.com) is a
consultant, lecturer, and author of numer-
ous computer science textbooks on cryp-
tography, computer organization, operating
systems, and computer networking. His
latest book is Cryptography and Network
Security (Pearson. 2013). He created and
maintains the Computer Science Student
Resource Site at ComputerScienceStudent.
com. This site provides documents and
links on a variety of subjects of general
interest to computer science students (and
professionals). He is a member of the edi-
torial board of Cryptologia, a scholarly
journal devoted to all aspects of cryptology.

the way ahead (continued from page 3)

with SB Chapters and Chapters within your Section that align
with the technical interests of IEEE, offers you, and your
IEEE SB, maximum support and maximum exposure to the
larger IEEE.
As a student, have you ever attended a Section meeting or
any Section event? Do you invite your Section leaders to your
IEEE SB events? The benefits of interaction between an IEEE
Section and an IEEE SB include:
•• increased number of successful Section and SB events
and meetings with increased attendance
•• open doors for meetings, networking opportunities,
and other events held jointly between Sections and SBs
•• future skilled volunteers for the Section as students
graduate and elevate to higher grade membership
•• potential increase in the number of active Chapters in
SBs and Sections.
Some ideas for IEEE Section and IEEE SB engagement include:
•• holding Section Executive Committee meetings at universities
•• having a student serve on the Section ExCom as a vot-
ing member
•• the Section providing a mentor for the SB
•• planning and holding joint Section and SB technical
activities and professional awareness activities, such as a Stu-
dent Professional Awareness Conference
•• SBs can request modest funding support from Sections
for specific campus events.
I encourage you, as an IEEE SB, to reach out to your local
Section and build a relationship with them. The potential
benefits are worth the effort to engage.
IEEE SB AWARDS: The Student Activities Committee (SAC)
is pleased to announce this year’s recipients of the SAC Awards.
There were a total of five awards for which students were eli-
gible to submit nominations. Each award recognizes a differ-
ent area of student leadership and success. The SAC is also
pleased to report that there was a 200% increase in nominations
received for this year’s award cycle compared to the previous
year. Please check the Student Activities Web site (www.ieee.
org/students) for a list of all recipients of the following awards:
•• IEEE Student Enterprise Award
•• Larry K. Wilson Regional Student Activities Award
•• IEEE Regional Exemplary Student Branch Award
•• IEEE Outstanding Branch Counselor and Advisor Award
Recognition Program
•• The Darrel Chong Student Activity Award.
The nomination process for the upcoming year will begin
in November 2013 with all nominations due by February 2014.
Please check https://ieee-student-awards.myreviewroom.com for
more details and specific deadlines. If you have questions regard-
ing the awards program, please contact student-services@ieee.org.
I like to close out each of my columns in the same manner—
with a request to please drop me a note at anytime to share
your thoughts on the value of your IEEE student membership
and to share a story or example of what your IEEE membership
engagement means to you. I would also like to here about how
your IEEE SB has successfully interacted with your IEEE Section.
John Paserba
IEEE MGA Chair—Student Activities
(j.paserba@ieee.org)

NOVEMBER/DECEMBER 201331