April 22, 1994                     Contact: Anne Enright Shepherd
                                            (301) 975-4858


                              MEDIA ADVISORY

        NIST ANNOUNCES TECHNICAL CORRECTION TO SECURE HASH STANDARD


     The National Institute of Standards and Technology today
announced it will initiate a technical modification to a computer
security standard used to support the authentication of
electronic messages.   The revision will correct a minor flaw
that government mathematicians discovered in a formula that
underlies the standard.

     The Secure Hash Standard, adopted as a federal information
processing standard (FIPS 180) in May 1993, can be used for
computing a digital signature and remains a highly secure way to
ensure the integrity and authenticity of data used in electronic
mail, electronic funds transfer, software distribution and data
storage applications.  NIST expects that products implementing
the current standard can be used until the technical correction
becomes effective.

     Researchers at the National Security Agency, who developed
the formula and discovered the flaw in a continuing evaluation
process, now believe that although the formula in 
FIPS 180 is less secure than originally thought, it is still
extremely reliable as a technical computer security mechanism. 
The discovery of this flaw indicates the value of continued
research on existing and new standards.

     The Secure Hash Standard specifies a secure hash algorithm
for computing a condensed representation of a message or data
file.  This 160-bit condensed message "digest" represents the
original message and can be used in computing a digital signature
to authenticate the integrity of the message.  It is highly
probable that any change to the message after it has been signed
will result in a different message digest, and the recipient will
not be able to verify the signature.  Signing the message digest
rather than the whole message usually improves the efficiency of
the digital signature process. 

     It is very highly improbable that today's computation
equipment can figure out any message that corresponds to a given
message digest. 

     The standard applies to agencies of the federal government
for protecting unclassified information when a secure hash
algorithm is required.  Private and commercial organizations have
been encouraged to use this standard on a voluntary basis.  The
SHS was designed to be used with the proposed Digital Signature
Standard, which is based on the digital signature algorithm and
has not yet been approved.

     As a non-regulatory agency of the Commerce Department's
Technology Administration, NIST promotes U.S. economic growth by
working with industry to develop and apply technology,
measurements and standards.  NIST also is responsible, under the
Computer Security Act of 1987, for developing standards and
guidelines for the cost-effective protection of unclassified
federal computer systems.

                                  - 30 -