Tim Polk posted this to the IETF Working Group chairs and the PKIX Working
Group. I am forwarding it to this list to make sure everyone got the word.
Russ
= = = = = = = = = =
NIST has just posted a white paper that specifies hashing algorithms
(SHA-256, SHA-384, and SHA-512) that are intended to provide security
similar to that of the three AES key sizes. Information can be found at
<http://www.nist.gov/sha/>.
These algorithms "will be proposed in a draft Federal Information
Processing Standard (FIPS) in 2001. These algorithms are being made
available for information purposes prior to the publication of the draft
FIPS. SHA-256 is a 256-bit hash function that is intended to provide 128
bits of security against collision attacks, and SHA-512 is a 512-bit hash
function that is intended to provide 256 bits of security. A 384-bit hash
may be obtained by truncating the SHA-512 output."
The web site has the NIST contact points.
One side note about AES: http://csrc.nist.gov/csor/algorithms.htm contains
the object identifiers and ASN.1 type definitions for AES parameters for
protocols built on ASN.1. The OIDs for the new hash algorithms will follow
next week.
Thanks,
Tim Polk