When using SHA-2 for hashing, an output size of at least 224 bits is used, preferably SHA-384 or SHA-512.
Topic
Using Secure Hashing Algorithms
Applicable to
Non Classified, Official, Protected
History
Dec 2024
When using SHA-2 for hashing, an output size of at least 224 bits is used, preferably SHA-384 or SHA-512.
The existing control recommending that when using SHA-2 for hashing, an output size of at least 224 bits is used, preferably SHA-384 was amended to ‘preferably SHA-384 or SHA-512’ and extended to the protection of non- classified data.
Mar 2022
When using SHA-2 for hashing, an output size of at least 224 bits is used, preferably SHA-384.
While existing recommendations for the use of ASD-Approved Cryptographic Algorithms to protect OFFICIAL through to PROTECTED data addressed minimum key lengths, they didn’t address recommended key lengths.