NIST SP800-107 rev1：安全使用批准哈希算法的指南

需积分: 9 101 浏览量更新于2024-07-16 收藏 336KB PDF 举报

"NIST SP800-107 rev1.pdf 提供了使用FIPS 180-3中规定的安全哈希算法的安全指南，包括SHA-1、SHA-224、SHA-256、SHA-384和SHA-512。这些算法常用于数字签名、HMACs和Hash-based KDFs等加密应用。" NIST（美国国家标准与技术研究所）的特殊出版物800-107修订版1提供了关于使用批准的哈希算法构建安全应用程序的建议。这份文档关注的核心是将任意长度的消息转化为固定长度消息摘要的哈希算法，这些算法在信息安全性领域有广泛的应用。 FIPS 180-3，即安全哈希标准（SHS），定义了五种被批准的哈希算法：SHA-1、SHA-224、SHA-256、SHA-384和SHA-512。这些安全哈希算法通常与其他加密算法一起使用，以增强数据保护和验证完整性。例如： 1. **数字签名**：使用哈希函数，结合非对称加密，可以创建对消息的数字签名，确保信息的完整性和发送者的身份。FIPS 186-3对此进行了规范。 2. **Keyed-hash Message Authentication Codes (HMACs)**：HMACs结合了密钥和哈希函数，用于验证消息的完整性和发送者的身份。FIPS 198-1定义了HMAC的标准。 3. **Hash-based Key Derivation Functions (HKDFs)**：这些函数利用哈希函数生成密钥，常用于密码学中的密钥派生。SP 800-56A和SP 800-56B分别提供了HKDF的规范和指导。 NIST SP800-107着重于在使用这些批准的哈希函数时如何实现所需的或期望的安全强度。文档中包含的关键概念包括： - **消息摘要**：哈希算法将任意长度的消息压缩成固定长度的摘要，使得原始消息无法通过摘要逆向推导。 - **随机化哈希**：某些应用可能需要使用随机化过程来增强哈希函数的安全性，防止特定攻击模式。 - **哈希值**：哈希算法计算出的固定长度输出，是消息的数字指纹。 - **HMAC**：结合密钥的哈希函数，提供认证功能，同时保护密钥不被泄露。 - **哈希基键衍生算法**：这些算法使用哈希函数生成新的密钥，可用于密钥管理和其他安全目的。 NIST SP800-107 rev1为依赖哈希算法的各类加密应用提供了关键的安全指导，帮助确保在实际应用中达到预期的安全水平。无论是数字签名的实施，还是HMACs和HKDFs的设计，遵循这些指南都能提高系统的安全性和可靠性。

Recommendation for Applications Using Approved Hash

Algorithms

1 Introduction

A hash algorithm is used to map a message of arbitrary length to a fixed-length message

digest. Federal Information Processing Standard (FIPS) 180-4, the Secure Hash Standard

(SHS) [FIPS 180-4], specifies seven approved hash algorithms: SHA-1, SHA-224, SHA-

256, SHA-384, SHA-512, SHA-512/224 and SHA-512/256.

This Recommendation provides security guidelines for supporting the required or desired

security strengths of several cryptographic applications that employ the approved hash

functions specified in FIPS 180-4, such as digital signature applications specified in FIPS

186-3 [FIPS 186-3], Keyed-hash Message Authentication Codes (HMACs) specified in

FIPS 198-1 [FIPS 198-1] and Hash-based Key Derivation Functions specified in SP 800-

56A [SP 800-56A] and SP 800-56B [SP 800-56B]. While the use of hash functions in

HMAC-based key derivation functions is specified in SP 800-56C [SP 800-56C] and SP

800-108 [SP 800-108], these documents sufficiently address the security aspects of their

use, so discussions of SP 800-56C and SP 800-108 are not included herein.

2 Authority

This Recommendation has been developed by the National Institute of Standards and

Technology (NIST) in furtherance of its statutory responsibilities under the Federal

Information Security Management Act (FISMA) of 2002, Public Law 107-347.

NIST is responsible for developing standards and guidelines, including minimum

requirements, for providing adequate information security for all agency operations and

assets, but such standards and guidelines shall not apply to national security systems.

This recommendation is consistent with the requirements of the Office of Management

and Budget (OMB) Circular A-130, Section 8b(3), Securing Agency Information

Systems, as analyzed in A-130, Appendix IV: Analysis of Key Sections. Supplemental

information is provided in A-130, Appendix III.

This Recommendation has been prepared for use by Federal agencies. It may be used by

non-governmental organizations on a voluntary basis and is not subject to copyright

(attribution would be appreciated by NIST).

Nothing in this Recommendation should be taken to contradict standards and guidelines

made mandatory and binding on Federal agencies by the Secretary of Commerce under

statutory authority. Nor should this Recommendation be interpreted as altering or

superseding the existing authorities of the Secretary of Commerce, Director of the OMB,

or any other federal official.

剩余24页未读，继续阅读

艾米的爸爸

粉丝: 800
资源: 314

NIST SP800-107 rev1：安全使用批准哈希算法的指南

NIST SP800-66 Rev1：HIPAA安全规则实施指南

NIST SP800-67 Rev1：三重数据加密算法（TDEA）

NIST SP800-135 Rev1: 安全应用特定密钥衍生函数要求

NIST SP800-18 Rev1.pdf

NIST SP800-66 Rev1.pdf

NIST SP800-22rev1a.pdf

NIST SP800-135 rev1.pdf

NIST SP800-61 rev1.pdf

NIST SP800-51rev1.pdf

NIST SP800-67 Rev1.pdf

最新资源