The National Institute of Standards and Technology (NIST) has announced plans to revise Federal Information Processing Standard Publication FIPS 180-4, Secure Hash Standard (SHS). The primary change will be the removal of SHA-1 from the standard. While the SHA-1 specification will remain available in the archived copy of FIPS 180-4, NIST plans to transition away from SHA-1 for all applications.
NIST will revise NIST Special Publication (SP) 800-131A with more details on the transition. Other NIST publications referencing SHA-1 will be revised during their periodic review cycle. The Cryptographic Module Validation Program is also planning to develop FIPS 140-3 Implementation Guidance to discuss the Init, Update, Final interface for software implementations of hash functions.
Public comments on the decision to revise FIPS 180-4 are requested by January 31, 2023, and should be submitted to cryptopubreviewboard@nist.gov with the subject line “Comments on the Proposal to Revise FIPS 180-4.”
Keywords: SHA-1, NIST, Cryptographic standards
