2 Secure Hash Algorithms set for 64-bit platforms
Proposed NIST standard would add two new Secure Hash Algorithms to the approved list
- By William Jackson
- Feb 22, 2011
The National Institute of Standards and Technology is updating the federal Secure Hash Standard by proposing two new algorithms for the approved list that could be easier to use on 64-bit platforms.
The Secure Hash Algorithms are cryptographic tools that create a unique message digest, or fingerprint, that can be used to verify that the contents of a digital document have not been altered. The approved algorithms are contained in Federal Information Processing Standard 180. NIST has released a draft of FIPS 180-4 with the additional algorithms for comment. If approved, the new standard would replace the current FIPS 180-3, which was approved in October 2008.
Running a hash algorithm against a digital message creates a string of bits of a specific length that is unique to that message.
Secure hash competition down to the final 5
The next Secure Hash Algorithm had better be a good one
“The hash algorithms specified in this standard are called secure because, for a given algorithm, it is computationally infeasible 1) to find a message that corresponds to a given message digest, or 2) to find two different messages that produce the same message digest,” the document states. “Any change to a message will, with a very high probability, result in a different message digest,” which would result in a verification failure.
The current standard specifies five secure hash algorithms: SHA-1 and SHA-224, 256, 384 and 512, collectively known as SHA-2. Each algorithm produces a message digest of a specific length: SHA-1 produces a digest of 160 bits, SHA-224 produces one of 224 bits, and so on.
The updated standard would add SHA-512/224 and SHA-512/256. They are based on the SHA-512 algorithm but produce a truncated output of 224 or 256 bits, respectively. They are being added because they might be a more efficient alternative to using SHA-224 or SHA-256 on platforms that are optimized for 64-bit operations, NIST officials said in introducing the proposed standard.
Other algorithms based on SHA-512 could be specified in the future as the need arises.
The new standard also removes a requirement that a pre-processing step called padding be done before hash computation begins. Padding is the addition of bits to a message so that its length is a multiple of 512 or 1,024 bits, depending on the algorithm being used. In FIPS 180-3, padding was inserted before hash computation. Under FIPS 180-4, padding can be inserted before hash computation begins or at any other time during the hash computation before processing the message blocks containing the padding.
NIST’s website offers examples of the implementation of the Secure Hash Algorithms.
NIST is in the process of a multiyear competition to select the next secure hash algorithm — SHA-3 — which is expected to be chosen in 2012. SHA-3 will augment and eventually replace the algorithms now specified in FIPS 180-3 or 180-4. The competition for SHA-3 was opened in 2007 after weaknesses were discovered in the existing algorithms. Despite the weaknesses, the algorithms have not yet been cracked.
Last month, the field of possible new algorithms was whittled down to the final five from an initial field of 51.
Comments on the draft standard should be sent by May 12 to Proposed180firstname.lastname@example.org with the phrase “Comments on Draft FIPS 180-4” in the subject line.
William Jackson is a Maryland-based freelance writer.