NIST announces Draft Federal Information Processing Standard (FIPS) 202 and Draft Revision of the Applicability Clause of FIPS 180-4

May 27

Editor’s Note:  NIST’s Federal Register notice requesting comments on the draft documents is available here.  Below is an except.

From: NIST

SUMMARY: The National Institute of Standards and Technology (NIST) launched a public competition in November 2007 to develop a new cryptographic hash algorithm for standardization to augment the Government standard hash algorithms specified in Federal Information Processing Standard (FIPS) 180, Secure Hash Standard. NIST announced the selection of KECCAK as the winning algorithm in a press release issued on October 2, 2012, which is available at http://www.nist.gov/itl/csd/sha-100212.cfm. Draft FIPS 202 specifies the new “Secure Hash Algorithm-3” (SHA-3) family of permutation-based functions based on KECCAK.

Four fixed-length cryptographic hash algorithms (SHA3-224, SHA3-256, SHA3-384, and SHA3-512) and two closely related, “extendable-output” functions (SHAKE128 and SHAKE256) are specified in Draft FIPS 202; all six algorithms are permutation-based “sponge” functions. The four SHA-3 hash functions provide alternatives to the SHA-2 family of hash functions. The extendable-output functions (XOFs) can be specialized to hash functions, subject to additional security considerations, or used in a variety of other applications. Hash algorithms are used in many information security applications, including 1) the generation and verification of digital signatures, 2) key-derivation functions, and 3) random bit generation.

Both FIPS 180-4 and Draft FIPS 202 specify cryptographic hash algorithms. FIPS 180-4 specifies SHA-1 and the SHA-2 family of hash functions, and mandates the use of one of these functions for Federal applications that require a cryptographic hash function. Draft FIPS 202 specifies the new SHA-3 family of hash and extendable-output functions. To allow the use of the functions specified in either FIPS 180-4 or Draft FIPS 202 for Federal applications that require a cryptographic hash function, NIST proposes revisingthe Applicability Clause (#6) of the Announcement Section of FIPS 180-4; the other sections of FIPS 180-4 remain unchanged. The NIST Policy on Hash Functions, available at ttp://csrc.nist.gov/groups/ST/hash/policy.html, provides guidance on the choice of hash functions for specific applications.  

Facebooktwittergoogle_plusredditpinterestlinkedinmail

Leave a Reply

Your email address will not be published.

Please Answer: *