W3C home > Mailing lists > Public > www-forms@w3.org > January 2007

XForms 1.1 HMAC() sha-1 vs. sha-2

From: Klotz, Leigh <Leigh.Klotz@XEROX.COM>
Date: Wed, 24 Jan 2007 11:45:55 -0800
Message-ID: <E254B0A7E0268949ABFE5EA97B7D0CF402B2E1BD@usa7061ms01.na.xerox.net>
To: <www-forms@w3.org>

We've discussed this issue a bit in the past, but I wanted to report on
the US NIST policy of March 15, 2006, which although says that SHA-1
*may* be used for HMAC, it goes on to say that "[r]egardless of use"
SHA-1 *should* be discontinued.  So our decision to include both SHA-1
and SHA-2 family seems correct.

http://www.csrc.nist.gov/pki/HashWorkshop/NIST%20Statement/NIST_Policy_o
n_HashFunctions.htm

NIST's Policy on Hash Functions

March 15, 2006: The SHA-2 family of hash functions (i.e., SHA-224,
SHA-256, SHA-384 and SHA-512) may be used by Federal agencies for all
applications using secure hash algorithms. Federal agencies should stop
using SHA-1 for digital signatures, digital time stamping and other
applications that require collision resistance as soon as practical, and
must use the SHA-2 family of hash functions for these applications after
2010. After 2010, Federal agencies may use SHA-1 only for the following
applications: hash-based message authentication codes (HMACs); key
derivation functions (KDFs); and random number generators (RNGs).
Regardless of use, NIST encourages application and protocol designers to
use the SHA-2 family of hash functions for all new applications and
protocols.
Received on Wednesday, 24 January 2007 19:46:30 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Saturday, 10 March 2012 06:22:08 GMT