Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

NIST SP 800-107 Rev. 1

Recommendation for Applications Using Approved Hash Algorithms

Date Published: August 2012

Supersedes: SP 800-107 (02/25/2009)

Planning Note (12/20/2022):

NIST has decided to withdraw SP 800-107 Rev. 1.

  • The supplementary material currently in SP 800-107 Rev. 1 has been moved to the hash functions webpage.
  • Next, the requirements listed in SP 800-107 Rev.1 that are not currently addressed in other standards will be moved to a new Implementation Guidance (IG) developed by the Cryptographic Module Validation Program (CMVP). These requirements will again be considered when hash-function-related standards are revised. Once the new IG has been published, NIST will withdraw SP 800-107 Rev. 1. 

See the full announcement and Crypto Publication Review Project for more details.


Quynh Dang (NIST)



hash function; hash-based key derivation algorithms; hash value; HMAC; message digest; randomized hashing; random number generation; SHA; truncated hash values.; Digital signatures; cryptographic hash function; hash algorithms
Control Families

Identification and Authentication; System and Communications Protection; System and Information Integrity


Download URL

Supplemental Material:
None available

Document History:
08/24/12: SP 800-107 Rev. 1 (Final)