- csrc home
- news & events
FIPS 180-4, Secure Hash Standard, specifies seven Approved algorithms for generating a condensed representation of a message (message digest): SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, and SHA-512/256. In addition, NIST plans to standardize a new set of hash algorithms as a result of the “SHA-3” Cryptographic Hash Algorithm Competition. When the KECCAK family of hash algorithms is standardized as the new SHA-3 hash algorithms, they will become NIST-Approved hash algorithms as well.
NIST’s policy on these hash algorithms is available here.
Test values of the implementation of SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224 and SHA-512/256 are available here.
Special Publication 800-106, Randomized Hashing for Digital Signatures provides recommendation for randomizing the hash input messages prior to signature generation to strengthen the security of the digital signatures being generated.
Special Publication 800-107, Revision 1, Recommendation for Using Approved Hash Algorithms provides security guidelines for achieving the required or desired security strengths when using cryptographic applications that employ the approved hash functions. These include applications such as digital signatures, Keyed-hash Message Authentication Codes (HMACs) and Hash-based Key Derivation Functions (Hash-based KDFs).
Testing requirements and validation lists are available from the Cryptographic Algorithm Validation Program (CAVP).Back to Top
In response to advances in cryptanalysis of hash algorithms, NIST launched a public competition in November 2007 to develop a new cryptographic hash algorithm. NIST announced KECCAK as the winner of the “SHA-3” Cryptographic Hash Algorithm Competition and the new SHA-3 hash algorithm in a press release issued on October 2, 2012. For more information on this competition and other hash related issues please see the Cryptographic Hash Project page.