NIST, Computer Security Division, Computer Security Resource Center
Secure Hashing
Approved Algorithms
There are five (5) Approved algorithms for generating a condensed representation of a message (message digest): SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512.
March 15, 2006: The SHA-2 family of hash functions (i.e., SHA-224, SHA-256, SHA-384 and SHA-512) may be used by Federal agencies for all applications using secure hash algorithms. Federal agencies should stop using SHA-1 for digital signatures, digital time stamping and other applications that require collision resistance as soon as practical, and must use the SHA-2 family of hash functions for these applications after 2010. After 2010, Federal agencies may use SHA-1 only for the following applications: hash-based message authentication codes (HMACs); key derivation functions (KDFs); and random number generators (RNGs). Regardless of use, NIST encourages application and protocol designers to use the SHA-2 family of hash functions for all new applications and protocols.
SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512
NIST announces the publication of FIPS 180-4, Secure Hash Standard. FIPS 180-4 updates FIPS 180-3 by providing a general procedure for creating an initialization value, adding two additional secure hash algorithms to the Standard (SHA-512/224 and SHA-512/256) and removing a restriction that padding must be done before hash computation begins, which was required in FIPS 180-3. The Federal Register Notice of the approval is here. Examples of the implementation of the secure hash algorithms SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224 and SHA-512/256, can be found at http://www.nist.gov/CryptoToolkitExamples.
In August, 2004, researchers announced that they discovered a new way to break a number of cryptographic hash algorithms. Those initial attacks did not break any of the SHA family algorithms, as is reflected in NIST's comments at that time.
In February, 2005, however, researchers announced an attack on the full SHA-1 algorithm. Click here for NIST's brief comments on these latest attacks. (Statement revised April 25, 2006.)
NIST announces the release of Special Publication 800-106, Randomized Hashing for Digital Signatures. This Recommendation provides a technique to randomize the input messages to hash functions prior to the generation of digital signatures to strengthen security of the digital signatures.
NIST announces the release of the Special Publication 800-107, Recommendation for Using Approved Hash Algorithms. This Recommendation provides guidance on using the Approved hash algorithms in digital signatures applications, Keyed-hash Message Authentication Codes (HMACs), key derivation functions (KDFs) and random number generators.
September 14, 2011: NIST requests comments on Draft (Revised) Special Publication 800-107. This Special Publication provides security guidelines for achieving the desired security strengths of several cryptographic applications that employ the approved cryptographic hash functions specified in FIPS 180-4. The current version of this document was published in February 2009. This revision includes the security properties for SHA-512/224 and SHA-512/256, provides additional security information about HMAC and revises the discussions on hash-based Key Derivation Functions. Please provide comments by October 31st, 2011 to Revised_SP-800-107_Comments@nist.gov, with “Comments on Revised_SP-800-107” in the subject line.
Back to TopTesting Products
Testing requirements and validation lists are available from the Cryptographic Algorithm Validation Program (CAVP).
Back to TopAdditional Information
NIST is currently conducting a competition to develop a new cryptographic hash algorithm. For more infomation on this competition and other hash related issues please see the Cryptographic Hash Project page.
July 29, 2011: NIST requests comments on Special Publication (SP) 800-133, Recommendation for Cryptographic Key Generation. Cryptography relies upon two basic components: an algorithm (or cryptographic methodology) and a cryptographic key. This Recommendation discusses the generation of the keys to be managed and used by NIST’s approved cryptographic algorithms. Please provide comments by September 30th, 2011 to SP-800-133_Comments@nist.gov, with “Comments on SP 800-133 Key Generation” in the subject line.
April 12, 2011: NIST requested comments for Draft Special Publication (SP) 800-131B, Transitions: Validation of Transitioning Cryptographic Algorithm and Key Lengths. on February 10, 2001. SP 800-131B provides details about the validation of the cryptographic algorithms and cryptographic modules in transition, as specified in SP 800-131A. These are the comments received.
April 12, 2011: NIST requested comments for Draft Special Publication (SP) 800-131C, Transitions: Validating the Transition from FIPS 186-2 to FIPS 186-3 on February 10, 2011. SP 800-131C addresses both the cryptographic algorithm validations and the cryptographic module validations that are conducted by NIST’s Cryptographic Algorithm Validation Program (CAVP) and the Cryptographic Module Validation Program (CMVP), respectively. These are the comments received.
January 13, 2011: NIST announces the completion of Special Publication (SP) 800-131A, Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths. This Recommendation provides the approach for transitioning from the use of one algorithm or key length to another, as initially addressed in Part 1 of SP 800-57. SP 800-131B, Transitions: Validation of Transitioning Cryptographic Algorithms and Key Lengths, is under development and will address the validation of cryptographic modules during the transition period.