As a part of the periodic review of NIST’s cryptographic standards and guidelines, NIST's Crypto Publication Review Board announced the review of NIST Special Publication (SP) 800-106, Randomized Hashing for Digital Signatures. NIST subsequently received and posted public comments.
NIST proposes to withdraw SP 800-106. Submit your comments on this decision by November 18, 2022 to cryptopubreviewboard [at] nist.gov (subject: Comments%20on%20Decision%20Proposal%20of%20SP%20800-106) with "Comments on Decision Proposal of SP 800-106" in the subject line. Comments received in response to this request will be posted on the Crypto Publication Review Project site after the due date. Submitters’ names and affiliations (when provided) will be included, while contact information will be removed. See the project site for additional information about the review process.
Rationale for the Withdrawal of SP 800-106
Digital signatures rely on collision-resistant hash functions to assure the authenticity of the signed message. SP 800-106 provides a method for randomized hashing to protect digital signatures that utilize hash functions with weak collision resistance. The standard offers a specific technique but allows any randomized hashing technique to be used in FIPS-approved systems.
SP 800-106 was published in 2009 when SHA-1 was demonstrated to contain weaknesses with respect to collision resistance. Since then, Federal Information Processing Standard (FIPS) 202 has been published announcing the SHA-3 family of hash functions. SHA-1 has also been deprecated for generating new digital signatures in SP 800-131A Revision 1 as of 2015.
SP 800-106 ac ..
Support the originator by clicking the read the rest link below.
