Does anyone have the FIPS reference for the latest SHA? I'm writing up the SHA-AH document and I find that I don't have such a reference -- the best I've got is "Proposed Federal Information Processing Standard for Secure Hash Standard", Federal Register, v57, n21, 31 Jan 1992, p. 3747-3749 And I know that this has since been corrected. Perry
I've since found a reference to NIST FIPS Pub #180, but this is apparently also pre-correction. Anyone know the proper reference for the corrected text? .pm Perry E. Metzger says:
Does anyone have the FIPS reference for the latest SHA? I'm writing up the SHA-AH document and I find that I don't have such a reference -- the best I've got is
"Proposed Federal Information Processing Standard for Secure Hash Standard", Federal Register, v57, n21, 31 Jan 1992, p. 3747-3749
And I know that this has since been corrected.
Perry
"Perry E. Metzger" <perry@imsi.com> writes: apparently also pre-correction. Anyone know the proper reference for the corrected text?
I append the latest reference I've seen, posted by Robert Perillo in Aug. Check rand.org:pub/jim/sha.tar.gz for my latest C code. An #ifdef will select the broken or fixed versions. Jim Gillogly 7 Solmath S.R. 1995, 20:25 ---------------------------- Federal Register 07/11/94 Citation="59 FR 35317" [Docket No. 940675-4175] RIN 0693-AB33 Proposed Revision of Federal Information Processing Standard (FIPS) 180, Secure Hash Standard AGENCY: National Institute of Standards and Technology (NIST), Commerce. ACTION: Notice; Request for comments. SUMMARY: A revision of Federal Information Processing Standard (FIPS) 180, Secure Hash Standard (SHS), is being proposed. This proposed revision corrects a technical flaw that made the standard less secure than had been thought. The algorithm is still reliable as a security mechanism, but the correction returns the SHS to the original level of security. The SHS produces a 160-bit output called a message digest for a message of any size. This message digest can be used with FIPS 186, Digital Signature Standard (DSS), to compute a signature for the message. The same message digest should be obtained by the verifier of the signature when the received version of the message is used as input to the Secure Hash Algorithm (SHA). -------------- Proposed Modification of the Secure Hash Algorithm In Section 7 of [1](page 9), the line which reads b) For t=16 to 79 let W(t) = W(t-3) XOR W(t-8) XOR W(t-14) XOR W(t-16). is to be replaced by b) For t=16 to 79 let W(t) = S1( W(t-3) XOR W(t-8) XOR W(t-14) XOR W(t-16) ). where S1 is a left circular shift by one bit as defined in Section 3 of [1](page 6), namely S1(X) = (X<<1) V (X>>31). ASCII translator's note : S1 is actually, S superscript 1. W(t-n) is actually, W subscript, t or t-n. References: [1] FIPS PUB 180; Secure Hash Standard Computer Systems Laboratory National Institute of Standards and Technology 1993 May 11 _____________________________________________________________________
Just a question about SHA: how does one distinguish between them? Is the older sha called "SHA" and the newer one "Revised SHA" or is it "Former-SHA" and "SHA"? It's a minor point, but still a confusing one. (It'll be more confusing if there are more than two...)
Robert Rothenberg <rrothenb@ic.sunysb.edu> writes: Just a question about SHA: how does one distinguish between them?
I think of them as SHA-1 and SHA-2, but I don't know if that's usual. When I say simply "SHA" I mean the Revised Standard Version. Jim Gillogly Trewesday, 8 Solmath S.R. 1995, 05:11
participants (5)
-
Jim Gillogly -
Jim Gillogly -
Perry E. Metzger -
perry@imsi.com
-
Robert Rothenberg