Skip to Content


Announcing Draft Federal Information Processing Standards (FIPS) 180-2, Secure Hash Standard, and Request for Comments

Document Details

Information about this document as published in the Federal Register.

Document Statistics
Document page views are updated periodically throughout the day and are cumulative counts for this document including its time on Public Inspection. Counts are subject to sampling, reprocessing and revision (up or down) throughout the day.
Published Document

This document has been published in the Federal Register. Use the PDF linked in the document sidebar for the official electronic format.

Start Preamble Start Printed Page 29287


National Institutes of Standards and Technology (NIST), Commerce.


Notice, request for comments.


This notice announces Draft Federal Information Processing Standard (FIPS) 180-2, Secure Hash Standard (SHS), for public review and comment. The draft standard, designated “Draft FIPS 180-2,” is proposed to supersede FIPS 180-1.

Published in 1992, FIPS 180-1 specified that the standard be reviewed within five years. The standard specifies a secure hash algorithm, designated SHA-1, which produces a 160-bit output called a message digest. To provide for comparability with the anticipated increase in security to be afforded by the use of the Advanced Encryption Standard (currently under development), NIST is proposing the expansion of the hash standard to include additional algorithms that produce a 256-bit, 384-bit, and 512-bit message digest. The proposed standard is available at​sha.

Prior to the submission of this proposed standard to the Secretary of Commerce for review and approval, it is essential that consideration is given to the needs and views of the public, users, the information technology industry, and Federal, State, and local government organizations. The purpose of this notice is to solicit such views.


Comments must be received on or before August 28, 20001.


Written comments may be sent to: Chief, Computer Security Division, Information Technology Laboratory, Attention: Comments on Draft FIPS 180-2, 100 Bureau Drive, Stop 8930, National Institute of Standards and Technology, Gaithersburg, MD 20899-8930.

Electronic Comments may be sent to: Proposed

The current FIPS 180-1 and its proposed replacement, Draft FIPS 180-2, are available electronically at​sha.

Comments received in response to this notice will be published electronically at​sha.

Start Further Info


Elaine Barker, Computer Security Division, National Institutes of Standards and Technology, Gaithersburg, MD 20899-8930, telephone (301) 975-2911, e-mail:

End Further Info End Preamble Start Supplemental Information


FIPS 180-1, Secure Hash Standard, issued in 1995, specifies a secure has algorithm, designated SHA-1, for computing a condensed representation of a message or a data file. When a data is input, the SHA-1 produces a 160-bit output called a message digest. The message digest can then be used as input to a digital signature algorithm that generates or verifies the digital signature for a message. Other uses of a message digest include the generation of random numbers and keyed hash message authentication codes.

As technology advances, the input parameters used by signature algorithms must be increased to provide adequate security. One of these inputs is the message digest. Therefore, as part of the five-year review of the hash standard, Draft FIPS 180-2 proposed additional has algorithms with outputs of 256-bit, 384-bit and 512-bits. The additional algorithms will produce outputs that will provide security comparable to that projected for the Advanced Encryption Standard.

Start Authority

Authority: NIST's activities to develop computer security standards to protect Federal sensitive (unclassified) systems are undertaken pursuant to specific responsibilities assigned to NIST in Section 5131 of the Information Technology Management Reform Act of 1996 (P.L. 104-106), the Computer Security Act of 1987 (P.L. 100-235), and Appendix III to Office of Management and Budget Circular A-130.

End Authority

Executive Order 12866: This notice has been determined to be non-significant for the purposes of Executive Order 12866.

Start Signature

Dated: May 21, 2001.

Karen H. Brown,

Acting Director, NIST.

End Signature End Supplemental Information

[FR Doc. 01-13522 Filed 5-29-01; 8:45 am]