Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

SHA-3 Derived Functions: cSHAKE, KMAC, TupleHash and ParallelHash

Published

Author(s)

John M. Kelsey, Shu-jen H. Chang, Ray Perlner

Abstract

This Recommendation specifies four types of SHA-3-derived functions: cSHAKE, KMAC, TupleHash, and ParallelHash, each defined for a 128- and 256-bit security strength. cSHAKE is a customizable variant of the SHAKE function, as defined in FIPS 202. KMAC (for KECCAK Message Authentication Code) is a variable-length message authentication code algorithm based on KECCAK; it can also be used as a pseudorandom function. TupleHash is a variable-length hash function designed to hash tuples of input strings without trivial collisions. ParallelHash is a variable-length hash function that can hash very long messages in parallel.
Citation
Special Publication (NIST SP) - 800-185
Report Number
800-185

Keywords

authentication, cryptography, cSHAKE, customizable SHAKE function, hash function, information security, integrity, KECCAK, KMAC, message authentication code, parallel hashing, ParallelHash, PRF, pseudorandom function, SHA-3, SHAKE, tuple hashing, TupleHash.

Citation

Kelsey, J. , Chang, S. and Perlner, R. (2016), SHA-3 Derived Functions: cSHAKE, KMAC, TupleHash and ParallelHash, Special Publication (NIST SP), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.SP.800-185, https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=922422 (Accessed October 14, 2024)

Issues

If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.

Created December 21, 2016, Updated October 14, 2021