NIST Retires SHA-1 Cryptographic Algorithm

National Institute of Standards and Technology (NIST) sent this bulletin at 12/15/2022 10:17 AM EST
nist

View as a Web Page
News

NIST Retires SHA-1 Cryptographic Algorithm

In illustration featuring a laptop, text with the letters SHA-1 is crossed out, with check marks next to the letters SHA-2 and SHA-3.

The SHA-1 algorithm, one of the first widely used methods of protecting electronic information, has reached the end of its useful life, according to security experts at the National Institute of Standards and Technology (NIST). The agency is now recommending that IT professionals replace SHA-1, in the limited situations where it is still used, with newer algorithms that are more secure.

SHA-1, whose initials stand for “secure hash algorithm,” has been in use since 1995 as part of the Federal Information Processing Standard (FIPS) 180-1. It is a slightly modified version of SHA, the first hash function the federal government standardized for widespread use in 1993. As today’s increasingly powerful computers are able to attack the algorithm, NIST is announcing that SHA-1 should be phased out by Dec. 31, 2030, in favor of the more secure SHA-2 and SHA-3 groups of algorithms.

Read More

IN CASE YOU MISSED IT
Post-quantum cryptography illustrations shows a tree with algorithms and a lattice pattern.

NIST Announces First Four Quantum-Resistant Cryptographic Algorithms

July 5, 2022
The U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) has chosen the first group of encryption tools that are designed to withstand the assault of a future quantum computer, which could potentially crack the security used to protect privacy in the digital systems we rely on every day — such as online banking and email software.

Read More