In September 2017, this (legacy) site will be replaced with the new site you can see at beta.csrc.nist.rip. At that time, links to this legacy site will be automatically redirected to apporpriate links on the new site.

View the beta site
NIST Logo and ITL Banner Link to the NIST Homepage Link to the ITL Homepage Link to the NIST Homepage

Secure Hashing

Approved Algorithms

Approved hash algorithms for generating a condensed representation of a message (message digest) are specified in two Federal Information Processing Standards: FIPS 180-4, Secure Hash Standard and FIPS 202, SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions.

 FIPS 180-4 specifies seven hash algorithms:

      • SHA-1 (Secure Hash Algorithm-1), and the
      • SHA-2 family of hash algorithms: SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, and SHA-512/256.

FIPS 202 specifies the new SHA-3 family of permutation-based functions based on Keccak as a result of the “SHA-3” Cryptographic Hash Algorithm Competition. FIPS 202 specifies:

      • Four fixed-length hash algorithms: SHA3-224, SHA3-256, SHA3-384, and SHA3-512; and
      • Two closely related, “extendable-output” functions (XOFs): SHAKE128 and SHAKE256.

Currently only the four fixed-length SHA-3 algorithms are approved hash algorithms, providing alternatives to the SHA-2 family of hash functions. The XOFs can be specialized to hash functions, subject to additional security considerations. Guideline for using the XOFs will be provided in the future.

NIST’s policy on these hash algorithms is available here.

Examples with intermediate values for SHA-1, SHA-2 and SHA-3 families of hash algorithms are available here.

Special Publication 800-106, Randomized Hashing for Digital Signatures provides recommendation for randomizing the hash input messages prior to signature generation to strengthen the security of the digital signatures being generated.

Special Publication 800-107, Revision 1, Recommendation for Using Approved Hash Algorithms provides security guidelines for achieving the required or desired security strengths when using cryptographic applications that employ the approved hash functions. These include applications such as digital signatures, Keyed-hash Message Authentication Codes (HMACs) and Hash-based Key Derivation Functions (Hash-based KDFs).

Back to Top

Testing Products

Testing requirements and validation lists are available from the Cryptographic Algorithm Validation Program (CAVP).

Back to Top

Additional Information

NIST maintains a Cryptographic Hash Project web page that details the SHA-3 development process.