- CSRC Home
- Projects / Research
- news & events
Approved hash algorithms for generating a condensed representation of a message (message digest) are specified in two Federal Information Processing Standards: FIPS 180-4, Secure Hash Standard and FIPS 202, SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions.
FIPS 180-4 specifies seven hash algorithms:
Currently only the four fixed-length SHA-3 algorithms are approved hash algorithms, providing alternatives to the SHA-2 family of hash functions. The XOFs can be specialized to hash functions, subject to additional security considerations. Guideline for using the XOFs will be provided in the future.
NIST’s policy on these hash algorithms is available here.
Examples with intermediate values for SHA-1, SHA-2 and SHA-3 families of hash algorithms are available here.
Special Publication 800-106, Randomized Hashing for Digital Signatures provides recommendation for randomizing the hash input messages prior to signature generation to strengthen the security of the digital signatures being generated.
Special Publication 800-107, Revision 1, Recommendation for Using Approved Hash Algorithms provides security guidelines for achieving the required or desired security strengths when using cryptographic applications that employ the approved hash functions. These include applications such as digital signatures, Keyed-hash Message Authentication Codes (HMACs) and Hash-based Key Derivation Functions (Hash-based KDFs).
Testing requirements and validation lists are available from the Cryptographic Algorithm Validation Program (CAVP).Back to Top
NIST maintains a Cryptographic Hash Project web page that details the SHA-3 development process.