The US National Institute of Standards and Technology (NIST) has announced the phasing out of the secure hash algorithm (SHA)-1 in the federal government.
The agency said it will stop using SHA-1 in its last remaining specified protocols by December 31 2030. It also recommended that all IT professionals replace the algorithm by the end of the decade, and modules that still use SHA-1 after December 2030 will not be permitted for purchase by the federal government, NIST said in an announcement on December 15.
NIST computer scientist Chris Celi commented: “Companies have eight years to submit updated modules that no longer use SHA-1. Because there is often a backlog of submissions before a deadline, we recommend that developers submit their updated modules well in advance, so that Cryptographic Module Validation Program (CMVP) has time to respond.”
He added: “We recommend that anyone relying on SHA-1 for security migrate to SHA-2 or SHA-3 as soon as possible.”
NIST has previously advised federal agencies to stop using SHA-1 in situations where collision attacks are a critical threat, such as the creation of digital signatures.
SHA-1 is a modified version of SHA, the first hash function standardized for widespread use in the federal government in 1993. It has provided a building block for many security applications, such as validating websites.
The cryptographic algorithm secures data by performing a complex mathematical operation on the characters of a message, producing a short string of characters called a hash. Any change to the hash will show the user whether the original message has been compromised.
However, NIST noted that today’s computers are able to create fraudulent messages that result in the same hash as the original, reducing its security impact.
Numerous tech firms including Microsoft, Google and Mozilla have previously announced the phasing out of SHA-1 on their platforms.
To meet the target of moving away from SHA-1 by the end of the decade, NIST will:
- Publish FIPS 180-5 (a revision of FIPS 180) to remove the SHA-1 specification
- Revise SP 800-131A and other affected NIST publications to reflect the planned withdrawal of SHA-1
- Create and publish a transition strategy for validating cryptographic modules and algorithms
In July 2022, NIST selected the first-ever group of encryption tools that could potentially withstand the attack of a quantum computer, with the part of NIST's post-quantum cryptographic (PQC) standard.