NIST stages competition to improve cryptographic standard

Related Links

Data protection

Editor's note: This story was updated at 4:10 p.m. Jan. 26, 2007. Please go to Corrections & Clarifications to see what has changed.

Faced with declining confidence in the decade-old cryptographic algorithm that has been the basis for much of the security protecting transactions on the Internet, the National Institute of Standards and Technology has begun a competition to define a new standard.

Federal Information Processing Standard 180-1 – otherwise known as Secure Hash Algorithm-1 (SHA-1) – has been widely used in government and industry since 1994. It’s the basis for the Secure Sockets Layer private-key technology that secures online information such as credit card numbers and other security technologies.

Chip makers also used it for the hardware-based security that is built into many PCs and other devices.

SHA-1 been considered the gold standard among cryptographic hash algorithms, and because as many as 280 hash operations were considered necessary to find a weakness in it, it is considered virtually unbreakable.

But that confidence began to slip several years ago when a group of Chinese researchers published a method for breaking SHA-1 with just 269 operations. In the past two years, the number has been decreased even further.

If the break point is brought down to about 240 operations, breaking SHA-1 can easily be executed on current high-end PCs in a few hours.

That has had little practical effect because SHA-1 has still been considered adequate for most purposes, and NIST had recommended phasing out the standard by 2010 anyway. But the Chinese group’s findings spurred it to organize several workshops in 2005 and 2006 to find out if anything further needed to be done.

As a result of those workshops, NIST said it has decided to develop one or more additional hash functions through a public competition similar to the development process used for the Advanced Encryption Standard.

It published a request for comments today on the requirements and evaluation criteria it set for candidate algorithms that the public will submit. The eventual winner will be publicly disclosed and available worldwide on a nonexclusive, royalty-free basis.

According to the NIST notice, the new algorithm must support 224-, 256-, 384- and 512-bit key encryption, with a maximum message length of at least 264 bits.

Comments on the proposed requirements and criteria must be received by NIST on or before April 27.

About the Author

Brian Robinson is a freelance writer based in Portland, Ore.


  • Federal 100 Awards
    Federal 100 logo

    Fed 100 nominations are now open

    Help us identify this year's outstanding individuals in federal IT.

  • Defense
    The U.S. Army Corps of Engineers and the National Geospatial-Intelligence Agency (NGA) reveal concept renderings for the Next NGA West (N2W) campus from the design-build team McCarthy HITT winning proposal. The entirety of the campus is anticipated to be operational in 2025.

    How NGA is tackling interoperability challenges

    Mark Munsell, the National Geospatial-Intelligence Agency’s CTO, talks about talent shortages and how the agency is working to get more unclassified data.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.