By Saqib Ali
January 23,2007
In light of recent attacks on the SHA-1 hash function specified in FIPS 180-2 , Secure Hash Standard, NIST is initiating an effort to develop one or more additional hash algorithms through a public competition, similar to the development process for the Advanced Encryption Standard (AES). The National Institute of Standards and Technology is planning a competition to develop one or more cryptographic hash algorithms to augment and revise the current Secure Hash Standard (Federal Information Processing Standard 180-2).
As a first step in this process, NIST is publishing draft minimum acceptability requirements, submission requirements, and evaluation criteria for candidate algorithms, and requests public comment by April 27, 2007. See Federal Register Announcement for more information.
In addition, NIST has published its policy on the use of the current hash functions. Which essentially commands the federal agencies to stop using SHA-1, and instead use SHA-2 family of hash functions (i.e., SHA-224, SHA-256, SHA-384 and SHA-512).
The proposed tentative timeline for the competition is available at:
http://www.csrc.nist.gov/pki/HashWorkshop/timeline.html.
Related Links
NIST's Plan for New Cryptographic Hash Functions
Draft minimum acceptability requirements, submission requirements, and evaluation criteria
If you would like to discuss more about this topic, please join the Encryption Mailing List