Federal Agencies Adopt SHA-256 For Enhanced Cryptographic Security

Federal agencies have been put on notice that National Institute of Standards and Technology officials plan to phase out a widely used cryptographic hash function known as SHA-1 in favor of larger and stronger hash functions such as SHA-256 and SHA-512.

The change will affect many federal cryptographic functions that incorporate hashes, particularly digital signatures, said William Burr, manager of NIST's security technology group, which advises federal agencies on electronic security standards.

"There's really no emergency here," Burr said. "But you should be planning how you're going to transition — whether you're a vendor or a user — so that you can do better cryptography by the next decade."

The link for this article located at FCW is no longer available.