Skip to Content


Announcing a Public Workshop on Cryptographic Hash

Document Details

Information about this document as published in the Federal Register.

Document Statistics
Document page views are updated periodically throughout the day and are cumulative counts for this document including its time on Public Inspection. Counts are subject to sampling, reprocessing and revision (up or down) throughout the day.
Published Document

This document has been published in the Federal Register. Use the PDF linked in the document sidebar for the official electronic format.

Start Preamble


National Institute of Standards and Technology (NIST).


Notice of public workshop.


A vulnerability was recently identified in the NIST-approved cryptographic hash algorithm, Secure Hash Algorithm-1 (SHA-1). In response, NIST is announcing a public workshop to discuss this vulnerability, assess the status of other NIST-approved hash algorithms, and discuss possible near- and long-term options.


The workshop will be held on October 31 and November 1, 2005, from 9 a.m. to 5:30 p.m.


The workshop will be held in the Green Auditorium, Building 101 at the National Institute of Standards and Technology, Gaithersburg, MD. Comments, presentations, and papers, including reports on preliminary work, are encouraged prior to the workshop and should be sent to: A detailed draft agenda and supporting documentation for the workshop will be available prior to the workshop at:​hash-function. The Web address for workshop registration is:​conferences/​.

Start Further Info


Additional information, when available, may be obtained from the Cryptographic Hash Workshop Web site or by contacting Sara Caswell, NIST, 100 Bureau Drive, Mail Stop 8930, Gaithersburg, MD 20899-8930. (301) 975-4634; Fax (301) 948-1233, or e-mail Questions regarding workshop registration should be addressed to Teresa Vicente on (301) 975-3883 or

End Further Info End Preamble Start Supplemental Information


A cryptographic hash function takes a variable length input string and generates a fixed length output called the message digest. Because the message digest can serve as a digital fingerprint on the input, a cryptographic hash function is an important primitive in various security applications, such as authentication, key derivation, and digital signatures. One of the most commonly used hash functions is the NIST-approved SHA-1; however, a vulnerability has recently been uncovered that affects SHA-1. Specifically, a team of researchers reported that the SHA-1 function offered significantly less collision resistance than could be expected from a cryptographic hash function of its output size. Since all NIST-approved cryptographic hash functions share basic design attributes, a SHA-1 vulnerability warrants a reassessment of the entire family of the NIST-approved Secure Hash Algorithms. The Cryptographic Hash Workshop aims to solicit public input on how to respond to the current state of research in this area. Topics of specific interests include, but are not limited to, the following:

Security Status of Approved Hash Functions

  • The latest results on the security of SHA-1;
  • The latest results on the security of SHA-256 and SHA-512;
  • Likely extensions to the latest results on the approved hash functions;
  • The impacts of the latest results on different applications of the approved hash functions.

Short Term Actions

  • How urgent are the current concerns with the approved hash functions?
  • What changes to applications and protocols could mitigate potential problems? Start Printed Page 34452
  • What guidance should NIST give with respect to hash functions and their applications?

Conditions for an Early Transition

  • How can hash functions be assessed for security properties such as collision resistance, preimage resistance, and pseudo-randomness?
  • What conditions would warrant a transition away from one of the approved hash functions earlier than currently planned?

Potential Replacement Options

  • Hash functions currently available for replacing one of the approved hash functions;
  • What paradigms, other than the Merkle-Damgård construction, might be appropriate to consider?
  • The need for an open competition, along the lines of the AES competition, for designing a new hash function.

Requirements for Unkeyed Cryptographic Hash Functions

  • Desirable (or undesirable) general properties of hash functions for security, performance, and implementability;
  • Desirable (or undesirable) properties of hash functions for particular applications, such as digital signatures, key derivation, message authentication, and random number generation;
  • Identifying and encouraging the proper use of hash functions for particular applications.

Submissions for the workshop are requested by July 15, 2005. NIST will provide the accepted papers and presentations in a workshop handout, and post them on the workshop Web site after the workshop. However, no formal workshop proceedings will be published. NIST encourages presentations and reports on preliminary work that participants plan to publish elsewhere.

Because of NIST security regulations, advance registration is mandatory; there will be no on-site, same-day registration. To register, please register via the Web at​conferences or fax the registration form with your name, address, telephone, fax and e-mail address to (301) 948-2067 (Attn: Cryptographic Hash Workshop) by October 21, 2005. The registration fee will be $125.00 ($50.00 for students). Payment can be made by credit card, check, purchase order, or government training form. Registration questions should be addressed to Teresa Vicente on (301) 975-3883 or

Start Authority

Authority: This work is being initiated pursuant to NIST's responsibilities under the Federal Information Security Management Act (FISMA) of 2002, Pub. L. 107-347.

End Authority Start Signature

Dated: June 7, 2005.

Hratch G. Semerjian,

Acting Director.

End Signature End Supplemental Information

[FR Doc. 05-11729 Filed 6-13-05; 8:45 am]