Try the new and let us know what you think!
(Note: Beta site content may not be complete.)

View the beta site
NIST Logo and ITL Banner Link to the NIST Homepage Link to the ITL Homepage Link to the NIST Homepage

Message Authentication

Approved Algorithms

Currently, there is one (1) Approved algorithm for generating and verifying message/data authentication codes: HMAC.

Keyed-Hash Message Authentication Code (HMAC)

FIPS 198-1, The Keyed-Hash Message Authentication Code (HMAC) July 2008.

FIPS 198-1 is a revision of FIPS 198. The FIPS specifies a mechanism for message authentication using cryptographic hash functions in Federal information systems. The technical information about the security provided by the HMAC algorithm, and the length limit and security implications of truncated HMAC outputs have been removed from the revised standard. This information may need frequent updating, and its removal from the specification will enable NIST to employ a more effective process for keeping the information current. NIST will provide specific guidelines about the security provided by the HMAC and the use of the truncation technique in Special Publication (SP) 800-107, which can be updated in a timely manner if the technical conditions change.

Note: NIST Special Publications 800-107, Recommendation for Applications Using Approved Hash Algorithms is currently under development. For more information on draft SP 800-107 go here.

FIPS 113 Computer Data Authentication, was withdrawn in September 2008.


Back to Top

Testing Products

Testing requirements and validation lists are available from the Cryptographic Algorithm Validation Program (CAVP).

Back to Top

Additional Information

July 10, 2015: NIST requests comments on a revision of Special Publication (SP) 800-131A, Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths, which was originally published in January 2011. The most significant differences in this revision are 1) declaring the Dual_EC_DRBG as a disallowed method for random bit generation, 2) the deprecation of the non-approved key-agreement and key-transport schemes, and the non-approved key-wrapping methods through December 31, 2017, and the intent to disallow them thereafter, and 3) the inclusion of the SHA-3 hash functions specified in FIPS 202.

Please submit comments by August 14, 2015 to, with "SP 800-131A Comments" in the subject line.

January 13, 2011: NIST announces the completion of Special Publication (SP) 800-131A, Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths. This Recommendation provides the approach for transitioning from the use of one algorithm or key length to another, as initially addressed in Part 1 of SP 800-57. SP 800-131B, Transitions: Validation of Transitioning Cryptographic Algorithms and Key Lengths, is under development and will address the validation of cryptographic modules during the transition period.


Note: An algorithm or technique that is either specified in a FIPS or NIST Recommendation.