Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.


The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

SHA-3 Derived Functions: cSHAKE, KMAC, TupleHash and ParallelHash



John M. Kelsey, Shu-jen H. Chang, Ray A. Perlner


This Recommendation specifies four types of SHA-3-derived functions: cSHAKE, KMAC, TupleHash, and ParallelHash, each defined for a 128- and 256-bit security strength. cSHAKE is a customizable variant of the SHAKE function, as defined in FIPS 202. KMAC (for KECCAK Message Authentication Code) is a variable-length message authentication code algorithm based on KECCAK; it can also be used as a pseudorandom function. TupleHash is a variable-length hash function designed to hash tuples of input strings without trivial collisions. ParallelHash is a variable-length hash function that can hash very long messages in parallel.
Special Publication (NIST SP) - 800-185
Report Number


authentication, cryptography, cSHAKE, customizable SHAKE function, hash function, information security, integrity, KECCAK, KMAC, message authentication code, parallel hashing, ParallelHash, PRF, pseudorandom function, SHA-3, SHAKE, tuple hashing, TupleHash.
Created December 22, 2016, Updated November 10, 2018