The guy that was arguing with me basically said NIST announced this competition just in case... What I'm asking is 'If they don't want to wait anymore and are acting now just in case, what are you waiting for and don't act just in case as well?'
How are you prepared for a possible change in SHA?
Because the process of analyzing and certifying a new hashing algorithm is lengthy and fraught with pitfalls - the competitions take like five years because if they didn't, there's a good chance everyone would move to a new algo that is weaker than the one they're moving from. Because it takes a few years lead time for everyone to make sure there's no show-stopping weakness in the algorithm, it's typical to start developing new algorithms before the old one is proven broken.
Bitcoin, on the other hand, has the luxury of taking a mere few months to get everyone ready to go before we pull the trigger. We also have the luxury of we don't really need to do
anything until there's a credible threat on the horizon - if we went ahead and began the upgrade to SHA-3 as soon as it's certified, then there's a few major issues:
a) It breaks backwards compatibility of the network;
b) There's still a tiny chance we could be moving to a weaker algorithm, as by that point SHA-2 will have had quite a lot of time of people trying to break it because it would be profitable to do so. SHA-3 on the other hand, if you break it now all you get is bragging rights;
c) It would be a political mess upgrading the hash mechanism for no good reason.
Now if there was a credible threat on the horizon, you'd probably be hard pressed to find anyone (save possibly a company that just dumped a few million bucks into SHA-2 ASICs) who'd disagree with making the gradual change. If someone released a "holy shit, it's broken now now now" attack on SHA-2, the community would gladly respond in a quicker, more violent and bloody manner.
I get the feeling that the conclusion you're leaping to is that they're working on SHA-3 because SHA-2 is broken. That's almost certainly false, the NIST competitions don't work that way - if the algorithm is broken, it's too late to still be working on the next one.
