I want to use SHA-512 for hashing in a system that must be FIPS-compliant. When

Question

I want to use SHA-512 for hashing in a system that must be FIPS-compliant. When I look at the FIPS 140 list of approved providers, I don't see SHA from any provider as being an approved algorithm, I only see it as an "other" algorithm. In FIPS 180, SHA-512 is listed as being approved, although I don't see any specific references for approved providers.

Is there another list of approved providers of SHA-512 (or SHA-256, or whatever) that I have not found? Or is there no list of approved providers because they are all acceptable for use?

Explanation / Answer

Actually, it's there on the list, just with a different name -- the approved algorithm you want is listed as "SHS" (Secure Hashing Standard).

Now, the term "SHS" doesn't distinguish between the various flavors of SHA-2 (and SHA-1, which is still approved for some uses); however if you look at this more detailed list, that gives details on what vendors have implemented (and certified) what; that should tell you who can meet your requirements.

(Oh, and in case you're wondering, the designation "BYTE-only" means that an implementation can only hash sequences of bytes, while "BIT" means that they can hash arbitrary bit strings; for example, a sequence of 73 bits). Of course, for virtually all purposes, "BYTE-only" is sufficient.

Related Questions

Navigate

• Browse (All)
• Browse I
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.