Comment Re:links to NIST (Score 2) 134
NIST's comments on their selection of Keccak to be SHA-3: (PDF)
Additionally, KECCAK complements the existing SHA-2 family of hash algorithms well. NIST remains confident in the security of SHA-2 which is now widely implemented, and the SHA-2 hash algorithms will continue to be used for the foreseeable future, as indicated in the NIST hash policy statement. One benefit that KECCAK offers as the SHA-3 winner is its difference in design and implementation properties from that of SHA-2. It seems very unlikely that a single new cryptanalytic attack or approach could threaten both algorithms. Similarly, the very different implementation properties of the two algorithms will allow future application and protocol designers greater flexibility in finding one of the two hash algorithms that fits well with their requirements.
So, Keccak wasn't necessarily chosen because it was "superior" to the other finalists (note that it's slow when implemented in software, especially in comparison to the other finalists), but because it was different enough that, should SHA-2 be found to be fundamentally broken, SHA-3 should remain unaffected.
An optimized version of BLAKE would be useful because it can run faster than SHA-3 in software, while also being (theoretically) stronger than SHA-2 (or other older algorithms).
Mind you, I'm not an expert in cryptography; regardless, it probably wouldn't be the greatest choice to use BLAKE2 right away. It's still not been held up to the level of scrutiny that something like SHA-2 has. (Although I'm certain that being a finalist has helped it come under much closer scrutiny than if it hadn't been one.)
As for why a fast cryptographically secure hash function is desirable, others have already answered that question better than I can.
