encryption – Any reason why SHA-3 isn’t yet present in GnuPG?

I was curious about setting SHA-3 as the preferred hashing algorithm for GPG but that looks like it is not yet supported and the documentation states this:

SHA-3: SHA-3 is a completely new hash algorithm that makes a clean
break with the previous SHAs. It is believed to be safe, with no
warnings about its usage. It hasn’t yet been officially introduced
into the OpenPGP standard, and for that reason GnuPG doesn’t support
it. However, SHA-3 will probably be incorporated into the spec, and
GnuPG will support it as soon as it does.

What does this mean: “…and GnuPG will support it as soon as it does”?

Are there any development plans for supporting SHA3 or BLAKE?

Password hash check SHA-3 – Information Security Stack Exchange

It's worth adding Argon2 as a dependency. Or bcrypt if you can not use the optimized Argon2 and you manage to avoid all the possibilities that you can shoot with bcrypt in the foot. If you do not have a good option, you should pay particular attention to people not being allowed to choose their own passwords.

If you lose entropy through repeated hashing, do not worry, unless you trim the hash output between iterations or use a really bad hash function. That's no problem for a secure, high-performance function. Only if two different passwords cause hash chains to merge will you lose everything. In other words, only if you have an accidental collision.

The use of an RNG to create new inputs is completely unnecessary. The output of cryptographic hashes is also random, whether you are using random or non-random input. You could compound the situation if someone could use an optimized hardware implementation while using a slower software implementation. you are certainly Things get worse if the implementation is broken or the germ is reduced to a 64-bit number.

Your special method can enable a time-memory balance. Some candidates in the password hashing contest, including Argon2, have been designed so that you can not halve your storage requirements if you only want half the speed. (With Scrypt, you can make such tradeoffs, and this problem was one of the reasons to look for a better algorithm.) You may think that doubling the computation time is not worth the space, but in the end, you can expect higher throughput, less power or less cost if you can buy less expensive or more efficient hardware with less storage and run more operations in parallel.

Whatever algorithm you could develop would be competitive with PBKDF2 at best. (PBKDF2 is not great, but it's easy to implement if you already have a hash function.)

If you are using PBKDF2 or similar, you probably should not use SHA-3. SHA-3 hashes can be calculated quite efficiently, but they are relatively slow on CPUs. This could be beneficial to password crackers if they could use faster and more efficient implementations. It would actually be better with SHA-2-512. Or Blake2.