Updates readied for cryptographic hashes
- By William Jackson
- Jun 13, 2007
The National Institute of Standards and Technology has revised two Federal Information Processing Standards specifying algorithms for cryptographic hashing. Drafts of FIPS 180-3
and FIPS 198-1
have been released for three months of public comment.
FIPS 180-3 replaces Publication 180-2 and specifies five secure hash algorithms (SHAs). The algorithms, when combined with a message, produce a message digest that should be unique to the original message. These can be used for digital signatures and message authentication codes. In the new draft, SHA-1, SHA-224 and SHA-256 are used to produce digests of shorter messages, while SHA-384 and SHA-512 can be used for longer messages. They produce digests ranging in length from 160 to 512 bits, depending on the algorithm used.
The algorithms are called secure because it is unlikely that the original message could be derived from the digest produce by the algorithm, or that the algorithm could produce the same digest for more than one message. This gives a high probability that each digest is unique to its message and that the digest can be used to accurately verify a digital signature or a message authentication code.
FIPS 198-1 replaces Publication 198 and specifies an algorithm for applications requiring message authentication. Using a secret key that is shared with the intended recipient of a message, the sender produces a code or message digest unique to the message being sent. The recipient uses the same key to produce a code of the message being received. If the codes match, the recipient can be sure that the message has not been altered and that it came from the other holder of the key.
Comments are being accepted on both proposed standards until Sept. 10. Comments should be sent either to email@example.com
or to firstname.lastname@example.org
, with a subject line that reads 'Comments on draft 180-3' or 'Comments on draft 198-1.'
William Jackson is a Maryland-based freelance writer.