NIST Transitioning Away from SHA-1 for All Applications

NIST is introducing a plan to transition away from the current limited use of the Secure Hash Algorithm 1 (SHA-1) hash function. Other approved hash functions are already available. The transition will be completed by December 31, 2030.

NIST responded in 2006 with an announcement encouraging a rapid transition to the use of the SHA-2 family of hash functions for digital signature applications, which were initially specified in FIPS 180-2. NIST began a competitive process to develop an additional hash function, which resulted in the SHA-3 family of hash functions published in 2015 as FIPS 202. In 2011, NIST released SP 800-131A, which announced the deprecation of SHA-1 when generating new digital signatures and restricted further use of SHA-1 to only where allowed in NIST protocol-specific guidance.

Cryptanalytic attacks on the SHA-1 hash function as used in other applications have become increasingly severe in recent years (“SHA-1 is a Shambles” by Leurent and Peyrin, 2020 As a result, NIST will transition away from the use of SHA-1 for applying cryptographic protection to all applications by December 31, 2030.