Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Randomized Hashing for Digital Signatures



Quynh H. Dang


NIST-approved digital signature algorithms require the use of an approved cryptographic hash function in the generation and verification of signatures. Approved cryptographic hash functions and digital signature algorithms can be found in FIPS 180-3, Secure Hash Standard (SHS), and FIPS 186-3, Digital Signature Standard (DSS), respectively. The security provided by the cryptographic hash function is vital to the security of a digital signature application. This Recommendation specifies a method to enhance the security of the cryptographic hash functions used in digital signature applications by randomizing the messages that are signed.
Special Publication (NIST SP) - 800-106
Report Number


digital signature, cryptographic hash function, hash function, collision resistance, randomized hashing.


Dang, Q. (2009), Randomized Hashing for Digital Signatures, Special Publication (NIST SP), National Institute of Standards and Technology, Gaithersburg, MD, [online], (Accessed June 25, 2024)


If you have any questions about this publication or are having problems accessing it, please contact

Created February 25, 2009, Updated February 19, 2017