Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Hash Standards ? Where Do We Go From Here?



William E. Burr


The two most commonly used cryptographic hash functions, MD5 and SHA-1, have been successfully attacked?it is no longer advisable to use them in some applications, although other applications are not affected. Furthermore, these attacks have triggered a kind of feeding-frenzy in the cryptographic community; many cryptographers are now working on hash function attacks, and new results may be expected in this area for the next several years. This article discusses the SHA-1 attack and describes NIST?s plans to replace SHA-1.
IEEE Security & Privacy
4 No 2


algorithms, cryptographic hash functions, cryptography, hash functions, MD5, Merkle-Damgaard, SHA-1


Burr, W. (2006), Cryptographic Hash Standards ? Where Do We Go From Here?, IEEE Security & Privacy (Accessed July 22, 2024)


If you have any questions about this publication or are having problems accessing it, please contact

Created April 1, 2006, Updated January 27, 2020