GET THE FACTS BEFORE YOU TRY TO WRITE ABOUT THEM
#1MD6 has not been withdrawn. You can read that from the MD6 web page here: http://groups.csail.mit.edu/cis/md6/ :
"We are not withdrawing our submission; NIST is free to select MD6 for further consideration in the next round if it wishes."
#2 The problem with MD6 was not performance, it was instead a recognition that there was a problem in their security proofs. As stated in the website:
"But at this point MD6 doesn't meet our own standards for what we believe should be required of a SHA-3 candidate, and we suggest that NIST might do better looking elsewhere. In particular, we feel that a minimum 'ticket of admission' for SHA-3 consideration should be a proof of resistance to basic differential attacks, and we don't know how to make such a proof for a reduced-round MD6."
Biting the hand that feeds IT
