NIST Logo and ITL Banner Link to the NIST Homepage Link to the ITL Homepage Link to the NIST Homepage
Search CSRC:

cryptographic hash and SHA-3 Standard development

A cryptographic hash algorithm (alternatively, hash "function") is designed to provide a random mapping from a string of binary data to a fixed-size “message digest” and achieve certain security properties. Hash algorithms can be used for digital signatures, message authentication codes, key derivation functions, pseudo random functions, and many other security applications. The Federal Information Processing Standard 180-4, Secure Hash Standard, specifies seven cryptographic hash algorithms — SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, and SHA-512/256 for federal use; the standard is also widely adopted by the information technology industry.

In 2004-2005, several cryptographic hash algorithms were successfully attacked, and serious attacks were published against the NIST-approved SHA-1. In response, NIST held two public workshops to assess the status of its approved hash algorithms, and to solicit public input on its cryptographic hash algorithm policy and standard. As a result of these workshops, NIST decided to develop a new cryptographic hash algorithm for standardization through a public competition. The new hash algorithm would be referred to as SHA-3. NIST announced the SHA-3 Cryptographic Hash Algorithm Competition on November 2, 2007, and ended the competition on October 2, 2012, when it announced Keccak as the winning algorithm to be standardized as the new SHA-3.

FIPS 202, SHA-3 Standard:  Permutation-Based Hash and Extendable-Output Functions was announced in the Federal Register, FRN 80 FR 46543, on August 5, 2015. Four fixed-length hash algorithms (SHA3-224, SHA3-256, SHA3-384, and SHA3-512) and two closely related, “extendable-output” functions (SHAKE128 and SHAKE256) are specified in FIPS 202. The same Federal Register Notice also announced the approval of a revision of the Applicability Clause of FIPS 180-4. The revision approves the use of hash functions specified in either FIPS 180-4 or FIPS 202 for Federal applications when a secure hash function is required, including as a component within other cryptographic algorithms and protocols. Guidance for the use of approved hash algorithms is available here.

The NIST hash website is organized in three major components presented in chronological order:

      1. Pre-SHA-3 Competition (2004-2007)
      2. SHA-3 Competition (2007-2012)
      3. SHA-3 Standardization (2013-2015)

A public forum is also provided for dialogue and feedback.