Try the new and let us know what you think!
(Note: Beta site content may not be complete.)

View the beta site
NIST Logo and ITL Banner Link to the NIST Homepage Link to the ITL Homepage Link to the NIST Homepage

Federal Register Notices

November 2, 2007 - Announcing Request for Candidate Algorithm Nominations for a New Cryptographic Hash Algorithm (SHA-3) Family


    Correction (8/28/08)

    4.A.ii Bullet 3 should have stated:

    • If a construct is specified for the use of the candidate algorithm in an n-bit randomized hashing scheme, the construct must, with overwhelming probability, provide n-k bits of security against the following attack: The attacker chooses a message, M1 of length at most 2k bits. The specified construct is then used on M1 with a randomization value r1 that has been randomly chosen without the attacker’s control after the attacker has supplied M1. Given r1 , the attacker then attempts to find a second message M2 and randomization value r2 that yield the same randomized hash value. Note that in order to meet this specific security requirement, the specified randomized hashing construct may place restrictions on the length of the randomization value.


January 23, 2007 - Announcing the Development of New Hash Algorithm(s) for the Revision of Federal Information Processing Standard (FIPS) 180–2, Secure Hash Standard

Correction for the Federal Register Notice:

A.3 of the Proposed Draft Minimum Acceptability Requirements for Candidate Algorithms (Section A) should have stated:

"A.3 The algorithm must support 224, 256, 384, and 512-bit message digests, and must support a maximum message length of at least 264 bits."