NIST issues SHA-3 cryptographic hash standard

NIST issues SHA-3 cryptographic hash standard

The National Institute of Standards and Technology has released the final version of its Secure Hash Algorithm-3 standard, which it calls “a next-generation tool for securing the integrity of electronic information.”

The SHA-3 family of hash functions was developed through a public competition that drew 64 submissions for proposed hashing algorithms. The new standard, Federal Information Processing Standard (FIPS) 202, SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions, is based on an instance of the KECCAK algorithm that NIST selected as the winner of the SHA-3 Cryptographic Hash Algorithm Competition in October 2012.

A hash algorithm is a cryptographic tool that can create a digest – a unique string of bits of a specific length – specific to a digital document. Even a small change in the original message creates a change in the digest, making it easier to detect accidental or intentional changes to the original message. In an environment when most documents are created and used digitally, hashing is an essential tool for verifying the authenticity of documents and digital signatures. Hash functions also can be used for message authentication and to verify that software has not been tampered with. Other applications of cryptographic hash functions include pseudorandom bit generation, message authentication codes and key derivation functions, according to NIST.

SHA-3 is not the only family of hash functions that NIST approves for hashing electronic messages; the SHA-2 family, approved for use in 2002, remains secure and viable. The two standards will complement each other and offer more options to designers of both hardware and software, according to NIST’s Shu-jen Chang. Some of the SHA-3 functions can, for example, be implemented without requiring much additional circuitry on a chip, potentially making them useful alternatives for securing very small devices, he said.

"SHA-3 is very different from SHA-2 in design," Chang said. "It doesn't replace SHA-2, which has not shown any problem, but offers a backup. It takes years to develop a new standard, and we wanted to be prepared in case problems do occur."

About the Author

Connect with the GCN staff on Twitter @GCNtech.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.