26 August 2002
Source: http://www.access.gpo.gov/su_docs/aces/fr-cont.html
-------------------------------------------------------------------------
[Federal Register: August 26, 2002 (Volume 67, Number 165)]
[Notices]
[Page 54786-54787]
From the Federal Register Online via GPO Access [wais.access.gpo.gov]
[DOCID:fr26au02-38]
-----------------------------------------------------------------------
DEPARTMENT OF COMMERCE
National Institute of Standards and Technology
[Docket No. 001214352-2097-02]
Announcing Approval of Federal Information Processing Standard
(FIPS) 180-2, Secure Hash Standard; a Revision of FIPS 180-1
AGENCY: National Institute of Standards and Technology (NIST),
Commerce.
ACTION: Notice.
-----------------------------------------------------------------------
SUMMARY: The Secretary of Commerce has approved FIPS 180-2, Secure Hash
Standard, and has determined that the standard is compulsory and
binding on Federal agencies for the protection of sensitive,
unclassified information.
FIPS 180-2, Secure Hash Standard, replaces FIPS 180-1, which was
issued in 1992 and which specified an algorithm (SHA-1) for producing a
160-bit output called a message digest. The message digest is a
condensed representation of electronic data and is used in
cryptographic processes such as digital signatures and message
authentication. FIPS 180-2 includes three additional algorithms, which
produce 256-bit, 384-bit, and 512-bit message digests. These expanded
capabilities are compatible with and support the strengthened security
requirements of FIPS 197, Advanced Encryption Standard.
EFFECTIVE DATE: This standard is effective February 1, 2003.
Specifications: FIPS 180-2 is available on the NIST web page at:
http://csrc.nist.gov/encryption/tkhash.html.
FOR FURTHER INFORMATION CONTACT: Ms. Elaine Barker, (301) 975-2911,
National Institute of Standards and Technology, 100 Bureau Drive, STOP
8930, Gaithersburg, Maryland 20899-8930. Email: elaine.barker@nist.gov.
SUPPLEMENTARY INFORMATION: A notice was published in the Federal
Register (66 FR 29287) on May 30, 2001, announcing the proposed FIPS
180-2, Secure Hash Standard, for public review and comment. The Federal
Register notice solicited comments from the public, academic and
research communities, manufacturers, voluntary standards organizations,
and Federal, state, and local government organizations. In addition to
being published in the Federal Register, the notice was posted on the
NIST web pages; information was provided about the submission of
electronic comments. Comments and responses were received from three
private sector organizations
[[Page 54787]]
or individuals, and from one federal government organization.
The comments raised technical issues related to the standard, asked
for clarification of technical issues, and recommended editorial
changes. None of the comments opposed the adoption of the revised
Federal Information Processing Standard. All of the editorial and
related comments were carefully reviewed, and changes were made to the
standard where appropriate. NIST recommended that the Secretary approve
FIPS 180-2. Following is an analysis of the comments received.
Comment: NIST should provide a security evaluation of the
algorithms added to FIPS 180-2, and give the rationale for the various
design choices. Such an analysis would increase confidence in the
algorithms and facilitate external evaluation.
Response: The standard provides four secure hash algorithms, which
differ in the number of bits of security provided for the data being
processed. Secure hash algorithms are designed for use in conjunction
with another algorithm, which may have requirements that the hash
algorithm have a certain number of bits of security. For example, a
digital signature algorithm that provides 128 bits of security may
require that the secure hash algorithm also provide 128 bits of
security.
NIST believes that these algorithms are secure because it is
computationally infeasible to find a message that corresponds to a
given message digest, or to find two different messages that produce
the same message digest. It is highly probable that a change to a
message will result in a different message digest.
FIPS 180-2 includes the technical specifications for the four
algorithms that have been selected to provide 160, 256, 384 and 512
bits of security. NIST anticipates and invites external examination and
scrutiny concerning the security of the algorithms.
Comment: NIST should include a note in the standard indicating
whether SHA-256 could be truncated to 160 bits for use as an
alternative to SHA-1 (also 160 bits).
Response: The use of hash functions will be addressed in
application standards (e.g., in the upcoming revision of Federal
Information Processing Standard 186-2, the Digital Signature Standard).
Comment: NIST should mention in the standard that SHA-256 constants
are easily extracted from the SHA-512 constants.
Response: NIST believes that the decisions concerning the use of
constants and how to extract them should be made by those organizations
that develop implementations of the standard.
Comment: One comment suggested that there may be weaknesses in the
algorithms, and proposed a method to change the standard to address the
perceived weaknesses.
Response: It would be more appropriate for the perceived weaknesses
to be addressed in application standards such as the Federal
Information Processing Standard for the Keyed-Hash Message
Authentication Code (HMAC), which has been approved as FIPS 198, as
opposed to addressing this in FIPS 180-2 itself. Furthermore, NIST
expects to issue guidance on the implementation of secure hash
functions.
Authority: Under section 5131 of the Information Technology
Management Reform Act of 1996 and the Computer Security Act of 1987,
the Secretary of Commerce is authorized to approve standards and
guidelines for the cost effective security and privacy of sensitive
information processed by federal computer systems.
Executive Order 12866: This notice has been determined not to be
significant for purposes of E.O. 12866.
Dated: August 19, 2002.
Karen Brown,
Deputy Director, NIST.
[FR Doc. 02-21599 Filed 8-23-02; 8:45 am]
BILLING CODE 3510-CN-P