NSRL Test Data

A common request the NSRL project receives is to provide hashing algorithms to customers. It is not the mission of the NSRL project to provide hashing implementations. However, we can provide two avenues of assistance.

First, we can point you to the Secure Hash Standard (SHS) Validation List, where implementations have been validated as conforming to the Secure Hash Algorithms specified in Federal Information Processing Standard (FIPS) 180-2, Secure Hash Standard (SHS), using tests described in The Secure Hash Algorithm Validation System (SHAVS). These tests validate implementations of SHA-1, SHA-256, SHA-384, and SHA-512.

Second, if you are not a Federal agency bound by the FIPS 140-2 Security Requirements for Cryptographic Modules, and are not seeking a rigorously validated SHA implementation, we can provide you with test data that will enable you to informally verify the correctness of an SHA-1 or MD5 implementation.

The Secure Hash Algorithms (SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512) are specified in FIPS 180-2 with Change Notice 1 dated February 25, 2004, Secure Hash Standard (SHS).

Within FIPS 180-2 are SHA-1 example messages.

• A file containing the ASCII string "abc" results in a 160 bit message digest of a9993e36 4706816a ba3e2571 7850c26c 9cd0d89d.
• A file containing the ASCII string "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"results in a 160-bit message digest of 84983e44 1c3bd26e baae4aa1 f95129e5 e54670f1.
• A file containing the binary-coded form of the ASCII string which consists of 1,000,000 repetitions of the character "a" results in a SHA-1 message digest of 34aa973c d4c4daa4 f61eeb2b dbad2731 6534016f.

If the SHA-1 implementation you are using does not yield the expected results shown above for the example message strings, you may have a problem.

For the sake of informal testing, here are the MD5 equivalents of the same message strings:

• A file containing the ASCII string "abc" results in a 128-bit message digest of 90015098 3CD24FB0 D6963F7D 28E17F72.
• A file containing the ASCII string "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" results in a 128-bit message digest of 8215EF07 96A20BCA AAE116D3 876C664A.
• A file containing the binary-coded form of the ASCII string which consists of 1,000,000 repetitions of the character "a" results in a MD5 message digest of 7707D6AE 4E027C70 EEA2A935 C2296F21.

Be aware, MD5 is not recognized by FIPS 140-2, Security Requirements for Cryptographic Modules.

For the sake of informal testing, here are the SHA-256 equivalents of the same message strings:

• A file containing the ASCII string "abc" results in a 256-bit message digest of BA7816BF 8F01CFEA 414140DE 5DAE2223 B00361A3 96177A9C B410FF61 F20015AD.
• A file containing the ASCII string "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"results in a 256-bit message digest of 248D6A61 D20638B8 E5C02693 0C3E6039 A33CE459 64FF2167 F6ECEDD4 19DB06C1.
• Let the message be the binary-coded form of the ASCII string which consists of 1,000,000 repetitions of the character "a" results in a SHA-256 message digest of CDC76E5C 9914FB92 81A1C7E2 84D73E67 F1809A48 A497200E 046D39CC C7112CD0.

If the SHA-256 implementation you are using does not yield the expected results shown above for the example message strings, you may have a problem.

To assist you in using the sample vectors, you can download a subset of the SHA-1 Sample Vectors, customized by the NSRL, which includes a pre-built collection of 196 byte-oriented files, a support file, the SHA-1 and MD5 digests. Extract the files from this Zip file, run your SHA-1 and/or MD5 implementation against the files, and compare the output to the expected hash values.

Using the test data above, you can informally verify the correctness of SHA-1 or MD5 implementations that either come preinstalled on your computer system, or that you have acquired through other means.