NIST, Computer Security Division, Computer Security Resource Center
Secure Hashing
Approved Algorithms
There are five (5) Approved algorithms for generating a condensed representation of a message (message digest): SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512.
March 15, 2006: The SHA-2 family of hash functions (i.e., SHA-224, SHA-256, SHA-384 and SHA-512) may be used by Federal agencies for all applications using secure hash algorithms. Federal agencies should stop using SHA-1 for digital signatures, digital time stamping and other applications that require collision resistance as soon as practical, and must use the SHA-2 family of hash functions for these applications after 2010. After 2010, Federal agencies may use SHA-1 only for the following applications: hash-based message authentication codes (HMACs); key derivation functions (KDFs); and random number generators (RNGs). Regardless of use, NIST encourages application and protocol designers to use the SHA-2 family of hash functions for all new applications and protocols.
SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512
FIPS 180-3, Secure Hash Standard (SHS), October 2008
FIPS 180-3 is a revision of FIPS 180-2. The FIPS specifies five secure hash algorithms for use in computing a condensed representation, called a message digest, of electronic data. The technical information about the security provided by the secure hash algorithms, and the length limits and security implications of truncated hash outputs is provided in Special Publication 800-107, Recommendation for Applications Using Approved Hash Algorithms.
In August, 2004, researchers announced that they discovered a new way to break a number of cryptographic hash algorithms. Those initial attacks did not break any of the SHA family algorithms, as is reflected in NIST's comments at that time.
In February, 2005, however, researchers announced an attack on the full SHA-1 algorithm. Click here for NIST's brief comments on these latest attacks. (Statement revised April 25, 2006.)
NIST announces the release of Special Publication 800-106, Randomized Hashing for Digital Signatures. This Recommendation provides a technique to randomize the input messages to hash functions prior to the generation of digital signatures to strengthen security of the digital signatures.
NIST announces the release of the Special Publication 800-107, Recommendation for Using Approved Hash Algorithms. This Recommendation provides guidance on using the Approved hash algorithms in digital signatures applications, Keyed-hash Message Authentication Codes (HMACs), key derivation functions (KDFs) and random number generators.
Second Cryptographic Hash Workshop August 24-25, 2006, UCSB, Santa Barbara
NIST plans to host a series of public workshops to focus on hash function research in preparation for developing additional hash function(s) through a public competition.
Back to TopTesting Products
Testing requirements and validation lists are available from the Cryptographic Algorithm Validation Program (CAVP).
Back to TopAdditional Information
Second Cryptographic Hash Workshop August 24-25, 2006, UCSB, Santa Barbara
As a follow-up to the first Cryptographic Hash Workshop held on Oct. 31-Nov. 1, 2005, NIST plans to host a series of public workshops to focus on hash function research in preparation for developing additional hash function(s) through a public competition. The next workshop will be held on August 24-25 at UCSB, Santa Barbara, in conjunction with Crypto 2006.
Cryptographic Hash Workshop October 31 - November 1, 2005
Recently a team of researchers reported that the SHA-1 function offers significantly less collision resistance than could be expected from a cryptographic hash function of its ouput size. NIST hosted a workshop to solicit public input in how best to respond to the current state of research in this area. An agenda and presentations from this workshop are available.