The National Institute of Standards and Technology (NIST) launched a public competition in November 2007 to develop a new cryptographic hash algorithm for standardization to augment the Government standard hash algorithms specified in Federal Information Processing Standard (FIPS) 180, Secure Hash Standard. NIST announced the selection of KECCAK as the winning algorithm in a press release issued on October 2, 2012. Draft FIPS 202 specifies the new “Secure Hash Algorithm-3” (SHA-3) family of permutation-based functions based on KECCAK.
Four fixed-length cryptographic hash algorithms (SHA3-224, SHA3-256, SHA3-384, and SHA3-512) and two closely related, “extendable-output” functions (SHAKE128 and SHAKE256) are specified in Draft FIPS 202; all six algorithms are permutation-based “sponge” functions. The four SHA-3 hash functions provide alternatives to the SHA-2 family of hash functions. The extendable-output functions (XOFs) can be specialized to hash functions, subject to additional security considerations, or used in a variety of other applications. Hash algorithms are used in many information security applications, including (1) the generation and verification of digital signatures, (2) key-derivation functions, and (3) random bit generation.
Both FIPS 180-4 and Draft FIPS 202 specify cryptographic hash algorithms. FIPS 180-4 specifies SHA-1 and the SHA-2 family of hash functions, and mandates the use of one of these functions for Federal applications that require a cryptographic hash function. Draft FIPS 202 specifies the new SHA-3 family of hash and extendable-output functions. To allow the use of the functions specified in either FIPS 180-4 or Draft FIPS 202 for Federal applications that require a cryptographic hash function, NIST proposes revising the Applicability Clause (#6) of the Announcement Section of FIPS 180-4; the other sections of FIPS 180-4 remain unchanged. The NIST Policy on Hash Functions provides guidance on the choice of hash functions for specific applications.
NIST invites public comments on Draft FIPS 202, SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions, and on the proposed revision of the Applicability Clause of the Announcement Section of FIPS 180-4. After the comment period closes, NIST will analyze the comments, make changes to the respective documents, as appropriate, and then propose Draft FIPS 202 and the revised FIPS 180-4 to the Secretary of Commerce for approval.