ARCHIVED PUBLICATION

ARCIVED PUBLICATIO Th hd pulon, FIPS Pulon 8- dd Oor 8, ws suprsdd on Mrh 6, nd s provdd hr only for hsorl purposs. For h mos urrn rvson of hs pulon, s: hp://sr.ns.gov/pulons/pusfips.hml#fps8-.

FIPS PUB 8- FEDERAL IFORMATIO PROCESSIG STADARDS PUBLICATIO Sur sh Sndrd SS CATEGORY: COMPUTER SECURITY SUBCATEGORY: CRYPTOGRAPY Informon Thnology Lorory onl Insu of Sndrds nd Thnology Ghrsurg, MD 899-89 Oor 8 U.S. Dprmn of Commr Crlos M. Gurrz, Srry onl Insu of Sndrds nd Thnology Prk Gllghr, Ang Dror

FOREWORD Th Fdrl Informon Prossng Sndrds Pulon Srs of h onl Insu of Sndrds nd Thnology IST s h offl srs of pulons rlng o sndrds nd gudlns dopd nd promulgd undr h provsons of h Fdrl Informon Sury Mngmn A FISMA of. Commns onrnng FIPS pulons r wlomd nd should ddrssd o h Dror, Informon Thnology Lorory, onl Insu of Sndrds nd Thnology, Buru Drv, Sop 89, Ghrsurg, MD 899-89. C Furln, Dror Informon Thnology Lorory

Asr Ths sndrd spfs fv hsh lgorhms h n usd o gnr dgss of mssgs. Th dgss r usd o d whhr mssgs hv n hngd sn h dgss wr gnrd. Ky words: ompur sury, rypogrphy, mssg dgs, hsh funon, hsh lgorhm, Fdrl Informon Prossng Sndrds, Sur sh Sndrd.

Fdrl Informon Prossng Sndrds Pulon 8- Oor 8 Announng h SECURE AS STADARD Fdrl Informon Prossng Sndrds Pulons FIPS PUBS r ssud y h onl Insu of Sndrds nd Thnology IST fr pprovl y h Srry of Commr pursun o Son 5 of h Informon Thnology Mngmn Rform A of 996 Pul Lw -6, nd h Compur Sury A of 987 Pul Lw -5.. m of Sndrd: Sur sh Sndrd SS FIPS PUB 8-.. Cgory of Sndrd: Compur Sury Sndrd, Crypogrphy.. Explnon: Ths Sndrd spfs fv sur hsh lgorhms - SA-, SA-, SA- 56, SA-8, nd SA-5 - for ompung ondnsd rprsnon of lron d mssg. Whn mssg of ny lngh lss hn 6 s for SA-, SA- nd SA-56 or lss hn 8 s for SA-8 nd SA-5 s npu o hsh lgorhm, h rsul s n oupu lld mssg dgs. Th mssg dgss rng n lngh from 6 o 5 s, dpndng on h lgorhm. Sur hsh lgorhms r yplly usd wh ohr rypogrph lgorhms, suh s dgl sgnur lgorhms nd kyd-hsh mssg uhnon ods, or n h gnron of rndom numrs s. Th fv hsh lgorhms spfd n hs Sndrd r lld sur us, for gvn lgorhm, s ompuonlly nfsl o fnd mssg h orrsponds o gvn mssg dgs, or o fnd wo dffrn mssgs h produ h sm mssg dgs. Any hng o mssg wll, wh vry hgh proly, rsul n dffrn mssg dgs. Ths wll rsul n vrfon flur whn h sur hsh lgorhm s usd wh dgl sgnur lgorhm or kyd-hsh mssg uhnon lgorhm. Ths Sndrd suprsds FIPS 8- [FIPS 8-].. Approvng Auhory: Srry of Commr. 5. Mnnn Agny: U.S. Dprmn of Commr, onl Insu of Sndrds nd Thnology IST, Informon Thnology Lorory ITL. 6. Applly: Ths Sndrd s ppll o ll Fdrl dprmns nd gns for h proon of snsv unlssfd nformon h s no suj o Tl Und Ss Cod v

Son 5 USC 5 nd h s no whn nonl sury sysm s dfnd n Tl Und Ss Cod Son 5 USC 5. Ths sndrd shll mplmnd whnvr sur hsh lgorhm s rqurd for Fdrl pplons, nludng us y ohr rypogrph lgorhms nd proools. Th dopon nd us of hs Sndrd s vll o prv nd ommrl orgnzons. 7. Spfons: Fdrl Informon Prossng Sndrd FIPS 8-, Sur sh Sndrd SS ffxd. 8. Implmnons: Th sur hsh lgorhms spfd hrn my mplmnd n sofwr, frmwr, hrdwr or ny omnon hrof. Only lgorhm mplmnons h r vldd y IST wll onsdrd s omplyng wh hs sndrd. Informon ou h vldon progrm n ond hp://sr.ns.gov/groups/stm/ndx.hml. 9. Implmnon Shdul: Gudn rgrdng h sng nd vldon o FIPS 8- nd s rlonshp o FIPS - n found n IG. of h Implmnon Gudn for FIPS PUB - nd h Crypogrph Modul Vldon Progrm hp://sr.ns.gov/groups/stm/mvp/ndx.hml.. Pns: Implmnons of h sur hsh lgorhms n hs sndrd my ovrd y U.S. or forgn pns.. Expor Conrol: Crn rypogrph dvs nd hnl d rgrdng hm r suj o Fdrl xpor onrols. Expors of rypogrph moduls mplmnng hs sndrd nd hnl d rgrdng hm mus omply wh hs Fdrl rgulons nd lnsd y h Buru of Expor Admnsron of h U.S. Dprmn of Commr. Informon ou xpor rgulons s vll : hp://www.s.do.gov/ndx.hm.. Qulfons: Whl s h nn of hs Sndrd o spfy gnrl sury rqurmns for gnrng mssg dgs, onformn o hs Sndrd dos no ssur h prulr mplmnon s sur. Th rsponsl uhory n h gny or dprmn shll ssur h n ovrll mplmnon provds n pl lvl of sury. Ths Sndrd wll rvwd vry fv yrs n ordr o ssss s dquy.. Wvr Produr: Th Fdrl Informon Sury Mngmn A FISMA dos no llow for wvrs o Fdrl Informon Prossng Sndrds FIPS h r md mndory y h Srry of Commr.. Whr o On Cops of h Sndrd: Ths pulon s vll lronlly y ssng hp://sr.ns.gov/pulons/. Ohr ompur sury pulons r vll h sm w s. v

Fdrl Informon Prossng Sndrds Pulon 8- Spfons for h SECURE AS STADARD Tl of Conns. ITRODUCTIO.... DEFIITIOS.... GLOSSARY OF TERMS AD ACROYMS.... ALGORITM PARAMETERS, SYMBOLS, AD TERMS..... Prmrs..... Symols nd Oprons...5. OTATIO AD COVETIOS...7. BIT STRIGS AD ITEGERS...7. OPERATIOS O WORDS...8. FUCTIOS AD COSTATS.... FUCTIOS..... SA- Funons..... SA- nd SA-56 Funons..... SA-8 nd SA-5 Funons.... COSTATS..... SA- Consns..... SA- nd SA-56 Consns..... SA-8 nd SA-5 Consns... 5. PREPROCESSIG... 5. PADDIG TE MESSAGE... 5.. SA-, SA- nd SA-56... 5.. SA-8 nd SA-5... 5. PARSIG TE PADDED MESSAGE... 5.. SA-, SA- nd SA-56... 5.. SA-8 nd SA-5... 5. SETTIG TE IITIAL AS VALUE... 5.. SA-... 5.. SA-... 5.. SA-56...5 5.. SA-8...5 5..5 SA-5...5 6. SECURE AS ALGORITMS...7 6. SA-...7 6.. SA- Prprossng...7 6.. SA- sh Compuon...7 6.. Alrn Mhod for Compung SA- Mssg Dgs...9

6. SA-56... 6.. SA-56 Prprossng... 6.. SA-56 sh Compuon... 6. SA-... 6. SA-5... 6.. SA-5 Prprossng... 6.. SA-5 sh Compuon... 6.5 SA-8...5 7. TRUCATIO OF A MESSAGE DIGEST...5 APPEDIX A: ADDITIOAL IFORMATIO...6 A. SECURITY OF TE SECURE AS ALGORITMS...6 A. IMPLEMETATIO OTES...6 A. OBJECT IDETIFIERS...6 APPEDIX B: REFERECES...7

. ITRODUCTIO Ths Sndrd spfs fv sur hsh lgorhms, SA-, SA-, SA-56, SA-8, nd SA-5. All fv of h lgorhms r rv, on-wy hsh funons h n pross mssg o produ ondnsd rprsnon lld mssg dgs. Ths lgorhms nl h drmnon of mssg s ngry: ny hng o h mssg wll, wh vry hgh proly, rsul n dffrn mssg dgs. Ths propry s usful n h gnron nd vrfon of dgl sgnurs nd mssg uhnon ods, nd n h gnron of rndom numrs or s. Eh lgorhm n dsrd n wo sgs: prprossng nd hsh ompuon. Prprossng nvolvs pddng mssg, prsng h pddd mssg no m- loks, nd sng nlzon vlus o usd n h hsh ompuon. Th hsh ompuon gnrs mssg shdul from h pddd mssg nd uss h shdul, long wh funons, onsns, nd word oprons o rvly gnr srs of hsh vlus. Th fnl hsh vlu gnrd y h hsh ompuon s usd o drmn h mssg dgs. Th fv lgorhms dffr mos sgnfnly n h sury srnghs h r provdd for h d ng hshd. Th sury srnghs of hs fv hsh funons nd h sysm s whol whn h of hm s usd wh ohr rypogrph lgorhms, suh s dgl sgnur lgorhms nd kyd-hsh mssg uhnon ods, n found n [SP 8-57] nd [SP 8-7]. Addonlly, h fv lgorhms dffr n rms of h sz of h loks nd words of d h r usd durng hshng. Fgur prsns h s proprs of hs hsh lgorhms. Algorhm Mssg Sz s Blok Sz s Word Sz s Mssg Dgs Sz s SA- < 6 5 6 SA- < 6 5 SA-56 < 6 5 56 SA-8 < 8 6 8 SA-5 < 8 6 5 Fgur : Sur sh Algorhm Proprs

. DEFIITIOS. Glossry of Trms nd Aronyms B A nry dg hvng vlu of or. By FIPS IST SA SP Word A group of gh s. Fdrl Informon Prossng Sndrd. onl Insu of Sndrds nd Thnology. Sur sh Algorhm. Spl Pulon A group of hr s ys or 6 s 8 ys, dpndng on h sur hsh lgorhm.. Algorhm Prmrs, Symols, nd Trms.. Prmrs Th followng prmrs r usd n h sur hsh lgorhm spfons n hs Sndrd.,,,, h Workng vrls h r h w- words usd n h ompuon of h hsh vlus,. Th h hsh vlu. s h nl hsh vlu; s h fnl hsh vlu nd s usd o drmn h mssg dgs. j Th j h word of h h hsh vlu, whr s h lf-mos word of hsh vlu. K k l Consn vlu o usd for h ron of h hsh ompuon. umr of zros ppndd o mssg durng h pddng sp. Lngh of h mssg, M, n s. m umr of s n mssg lok, M. M Mssg o hshd.

M Mssg lok, wh sz of m s. M Th j h word of h h mssg lok, whr M s h lf-mos word of j mssg lok. n T w W umr of s o rod or shfd whn word s oprd upon. umr of loks n h pddd mssg. Tmporry w- word usd n h hsh ompuon. umr of s n word. Th h w- word of h mssg shdul... Symols nd Oprons Th followng symols r usd n h sur hsh lgorhm spfons; h oprs on w- words. Bws AD opron. Bws OR nlusv-or opron. Bws XOR xlusv-or opron. Bws omplmn opron. Addon modulo w. << Lf-shf opron, whr x << n s ond y dsrdng h lf-mos n s of h word x nd hn pddng h rsul wh n zros on h rgh. >> Rgh-shf opron, whr x >> n s ond y dsrdng h rghmos n s of h word x nd hn pddng h rsul wh n zros on h lf. Th followng oprons r usd n h sur hsh lgorhm spfons: ROTL n x ROTR n x Th ro lf rulr lf shf opron, whr x s w- word nd n s n ngr wh n < w, s dfnd y ROTL n xx << n x >> w - n. Th ro rgh rulr rgh shf opron, whr x s w- word nd n s n ngr wh n < w, s dfnd y ROTR n xx >> n x << w - n. 5

SR n x Th rgh shf opron, whr x s w- word nd n s n ngr wh n < w, s dfnd y SR n xx >> n. 6

. OTATIO AD COVETIOS. B Srngs nd Ingrs Th followng rmnology rld o srngs nd ngrs wll usd.. A hx dg s n lmn of h s {,,, 9,,, f}. A hx dg s h rprsnon of - srng. For xmpl, h hx dg 7 rprsns h - srng, nd h hx dg rprsns h - srng.. A word s w- srng h my rprsnd s squn of hx dgs. To onvr word o hx dgs, h - srng s onvrd o s hx dg quvln, s dsrd n ov. For xmpl, h - srng n xprssd s f, nd h 6- srng n xprssd s ff. Throughou hs spfon, h g-ndn onvnon s usd whn xprssng oh - nd 6- words, so h whn h word, h mos sgnfn s sord n h lf-mos poson.. An ngr my rprsnd s word or pr of words. A word rprsnon of h mssg lngh, l, n s, s rqurd for h pddng hnqus of S. 5.. An ngr wn nd - nlusv my rprsnd s - word. Th ls sgnfn four s of h ngr r rprsnd y h rgh-mos hx dg of h word rprsnon. For xmpl, h ngr 9 8 5 56 s rprsnd y h hx word. Th sm holds ru for n ngr wn nd 6 - nlusv, whh my rprsnd s 6- word. If Z s n ngr, Z < 6, hn Z X Y, whr X < nd Y <. Sn X nd Y n rprsnd s - words x nd y, rspvly, h ngr Z n rprsnd s h pr of words x, y. Ths propry s usd for SA-, SA- nd SA-56. 7

If Z s n ngr, Z < 8, hn Z 6 X Y, whr X < 6 nd Y < 6. Sn X nd Y n rprsnd s 6- words x nd y, rspvly, h ngr Z n rprsnd s h pr of words x, y. Ths propry s usd for SA-8 nd SA-5.. For h sur hsh lgorhms, h sz of h mssg lok - m s - dpnds on h lgorhm. For SA-, SA- nd SA-56, h mssg lok hs 5 s, whh r rprsnd s squn of sxn - words. For SA-8 nd SA-5, h mssg lok hs s, whh r rprsnd s squn of sxn 6- words.. Oprons on Words Th followng oprons r ppld o w- words n ll fv sur hsh lgorhms. SA-, SA- nd SA-56 opr on - words w, nd SA-8 nd SA-5 opr on 6- words w6.. Bws logl word oprons:,,, nd s S..... Addon modulo w. Th opron x y s dfnd s follows. Th words x nd y rprsn ngrs X nd Y, whr X < w nd Y < w. For posv ngrs U nd V, l U modv h rmndr upon dvdng U y V. Compu Z X Y mod w. Thn Z < w. Convr h ngr Z o word, z, nd dfn zx y.. Th rgh shf opron SR n x, whr x s w- word nd n s n ngr wh n < w, s dfnd y SR n xx >> n. Ths opron s usd n h SA-, SA-56, SA-8, nd SA-5 lgorhms.. Th ro rgh rulr rgh shf opron ROTR n x, whr x s w- word nd n s n ngr wh n < w, s dfnd y ROTR n xx >> n x << w - n. 8

Thus, ROTR n x s quvln o rulr shf roon of x y n posons o h rgh. Ths opron s usd y h SA-, SA-56, SA-8, nd SA-5 lgorhms. 5. Th ro lf rulr lf shf opron, ROTL n x, whr x s w- word nd n s n ngr wh n < w, s dfnd y ROTL n xx << n x >> w - n. Thus, ROTL n x s quvln o rulr shf roon of x y n posons o h lf. Ths opron s usd only n h SA- lgorhm. 6. o h followng quvln rlonshps, whr w s fxd n h rlonshp: ROTL n x ROTR n x ROTR w-n x ROTL w-n x 9

. FUCTIOS AD COSTATS. Funons Ths son dfns h funons h r usd y h of h lgorhms. Alhough h SA-, SA-56, SA-8, nd SA-5 lgorhms ll us smlr funons, hr dsrpons r sprd no sons for SA- nd SA-56 S... nd for SA-8 nd SA- 5 S..., sn h npu nd oupu for hs funons r words of dffrn szs. Eh of h lgorhms nlud Chx, y, z nd Mjx, y, z funons; h xlusv-or opron n hs funons my rpld y ws OR opron nd produ dnl rsuls... SA- Funons SA- uss squn of logl funons, f, f,, f 79. Eh funon f, whr < 79, oprs on hr - words, x, y, nd z, nd produs - word s oupu. Th funon f x, y, z s dfnd s follows: Chx, y, zx y x z 9 Pryx, y, zx y z 9 f x, y, z. Mjx, y, zx y x z y z 59 Pryx, y, zx y z 6 79... SA- nd SA-56 Funons SA- nd SA-56 oh us sx logl funons, whr h funon oprs on - words, whh r rprsnd s x, y, nd z. Th rsul of h funon s nw - word. Ch x, y, z x y x z. Mj x, y, z x y x z y z. { 56 } 56 { } x ROTR x ROTR x ROTR x. x ROTR 6 x ROTR x ROTR 5 x.5 {56} σ ROTR 7 x x ROTR 8 x SR x.6 {56} σ ROTR 7 x ROTR 9 x SR x.7 x.. SA-8 nd SA-5 Funons SA-8 nd SA-5 oh us sx logl funons, whr h funon oprs on 6- words, whh r rprsnd s x, y, nd z. Th rsul of h funon s nw 6- word.

Ch x, y, z x y x z.8 Mj x, y, z x y x z y z.9 { 5 } 5 { } x ROTR 8 x ROTR x ROTR 9 x. x ROTR x ROTR 8 x ROTR x. {5} σ ROTR x x ROTR 8 x SR 7 x. {5} σ ROTR 9 x ROTR 6 x SR 6 x. x. Consns.. SA- Consns SA- uss squn of ghy onsn - words, K, K,, K 79, whh r gvn y 587999 9 6d9 9 K. 8fd 59 6d6 6 79.. SA- nd SA-56 Consns SA- nd SA-56 us h sm squn of sxy-four onsn - words, {56} {56} {56} K, K, K, K 6. Ths words rprsn h frs hry-wo s of h fronl prs of h u roos of h frs sxy-four prm numrs. In hx, hs onsn words r from lf o rgh 8f98 779 5ff 95d5 9565 59ff 9f8 5d5 d8798 85 85 557d 75d7 8df 9d67 9f7 969 f786 f9d6 d96f 78 59d 76f988d 9855 866d 78 f597f7 6f d5797 665 9967 7785 8 d6df 58d 6575 766 89 9785 f8 866 87 765 d989 d6996 f585 67 96 768 7877 5 9 d8 59f 686ff 78f8 78566f 8878 878 9fff 56 f9f7 6778f.. SA-8 nd SA-5 Consns SA-8 nd SA-5 us h sm squn of ghy onsn 6- words, {5} {5} {5} K, K, K, K 79. Ths words rprsn h frs sxy-four s of h fronl prs of h u roos of h frs ghy prm numrs. In hx, hs onsn words r from lf o rgh 8f98d78 779f65d 5ffdf 95d5889d

9565f858 59ff65d9 9f8f9f9 5d5d6d88 d8798 85576f 858 557dd5ff 75d7f7896f 8df696 9d67575 9f7f6969 9699fd f7868f5 f9d688d55 77965 d96f5975 78668 59ddfd 76f988d855 985566df 866dd 7898ff f597f7f 6fd88f d5797975 66586f 996767 77856dff 85696 d6df5d 58d9d95df 65758f6d 766778 897d6 978585 f8f6 866 87df8979 76565 d989d6f58 d699655659 f585577 67d8 968dd8 76855 7877df899 5988 95956 d88 59f7767 686ffd68 78f85dff 78566f7f6 8878f7 87869 9fff68 56d8d9 f9f76795 6778f75 7669 d86877 d7dd6d f57df7f6d78 6f67776f 67d58986 f98f9d 757 8d77f57d8 779 959 d679d 5d6 597f99f657 5f6fd6f 6987587

5. PREPROCESSIG Prprossng shll k pl for hsh ompuon gns. Ths prprossng onsss of hr sps: pddng h mssg, M S. 5., prsng h pddd mssg no mssg loks S. 5., nd sng h nl hsh vlu, S. 5.. 5. Pddng h Mssg Th mssg, M, shll pddd for hsh ompuon gns. Th purpos of hs pddng s o nsur h h pddd mssg s mulpl of 5 or s, dpndng on h lgorhm. 5.. SA-, SA- nd SA-56 Suppos h h lngh of h mssg, M, s l s. Appnd h o h nd of h mssg, followd y k zro s, whr k s h smlls, non-ngv soluon o h quon l k 8mod5. Thn ppnd h 6- lok h s qul o h numr l xprssd usng nry rprsnon. For xmpl, h 8- ASCII mssg hs lngh 8, so h mssg s pddd wh on, hn 8 zro s, nd hn h mssg lngh, o om h 5- pddd mssg 6 678 678 l Th lngh of h pddd mssg should now mulpl of 5 s. 5.. SA-8 nd SA-5 Suppos h lngh of h mssg M, n s, s l s. Appnd h o h nd of h mssg, followd y k zro s, whr k s h smlls non-ngv soluon o h quon l k 896 mod. Thn ppnd h 8- lok h s qul o h numr l xprssd usng nry rprsnon. For xmpl, h 8- ASCII mssg hs lngh 8, so h mssg s pddd wh on, hn 896 87 zro s, nd hn h mssg lngh, o om h - pddd mssg 87 8 678 678 l Th lngh of h pddd mssg should now mulpl of s.

5. Prsng h Pddd Mssg Afr mssg hs n pddd, mus prsd no m- loks for h hsh ompuon n gn. 5.. SA-, SA- nd SA-56 For SA-, SA- nd SA-56, h pddd mssg s prsd no 5- loks, M, M,, M. Sn h 5 s of h npu lok my xprssd s sxn - words, h frs s of mssg lok r dnod M, h nx s r M, nd so on up o M 5. 5.. SA-8 nd SA-5 For SA-8 nd SA-5, h pddd mssg s prsd no - loks, M, M,, M. Sn h s of h npu lok my xprssd s sxn 6- words, h frs 6 s of mssg lok r dnod M, h nx 6 s r M, nd so on up o M. 5 5. Sng h Inl sh Vlu Bfor hsh ompuon gns for h of h sur hsh lgorhms, h nl hsh vlu,, mus s. Th sz nd numr of words n dpnds on h mssg dgs sz. 5.. SA- For SA-, h nl hsh vlu,, shll onss of h followng fv - words, n hx: 675 fd89 98df 576 df 5.. SA- For SA-, h nl hsh vlu,, shll onss of h followng gh - words, n hx: 5 59d8 67d57 7dd7 f7599 ff 68585

6 7 6f98f7 ff 5.. SA-56 For SA-56, h nl hsh vlu,, shll onss of hx: 69667 6785 6f7 5ff5 557f 5 95688 6 f8d9 5d9 7 h followng gh - words, n Ths words wr ond y kng h frs hry-wo s of h fronl prs of h squr roos of h frs gh prm numrs. 5.. SA-8 For SA-8, h nl hsh vlu,, shll onss of h followng gh 6- words, n hx: 9d5d59d8 69967d57 95957dd7 5fd8f7599 67667ff 5 88768585 dd6f98f7 6 7 758dff Ths words wr ond y kng h frs sxy-four s of h fronl prs of h squr roos of h nnh hrough sxnh prm numrs. 5..5 SA-5 For SA-5, h nl hsh vlu,, shll onss of h hx: 69667f98 followng gh 6- words, n 5

5 6 7 678587 6f7f9f8 5ff55fd6f 557fd68d 956886f f8d9fd6 5d9779 Ths words wr ond y kng h frs sxy-four s of h fronl prs of h squr roos of h frs gh prm numrs. 6

6. SECURE AS ALGORITMS In h followng sons, h hsh lgorhms r no dsrd n sndng ordr of sz. SA- 56 s dsrd for SA- us h spfon for SA- s dnl o SA- 56, xp h dffrn nl hsh vlus r usd, nd h fnl hsh vlu s rund o s for SA-. Th sm s ru for SA-5 nd SA-8, xp h h fnl hsh vlu s rund o 8 s for SA-8. For h of h sur hsh lgorhms, hr my xs lrn ompuon mhods h yld dnl rsuls; on xmpl s h lrnv SA- ompuon dsrd n S. 6... Suh lrn mhods my mplmnd n onformn o hs sndrd. 6. SA- 6 SA- my usd o hsh mssg, M, hvng lngh of l s, whr l <. Th lgorhm uss mssg shdul of ghy - words, fv workng vrls of s h, nd hsh vlu of fv - words. Th fnl rsul of SA- s 6- mssg dgs. Th words of h mssg shdul r lld W, W,, W 79. Th fv workng vrls r lld,,, d, nd. Th words of h hsh vlu r lld,, K,, whh wll hold h nl hsh vlu,, rpld y h sussv nrmd hsh vlu fr h mssg lok s prossd,, nd ndng wh h fnl hsh vlu,. SA- lso uss sngl mporry word, T. 6.. SA- Prprossng. Pd h mssg, M, ordng o S. 5..;. Prs h pddd mssg no 5- mssg loks, M, M,, M, ordng o S. 5..; nd. S h nl hsh vlu,, s spfd n S. 5... 6.. SA- sh Compuon Th SA- hsh ompuon uss funons nd onsns prvously dfnd n S... nd S..., rspvly. Addon s prformd modulo. Afr prprossng s ompld, h mssg lok, M, M,, M, s prossd n ordr, usng h followng sps: For o : {. Prpr h mssg shdul, {W }: 7

M 5 W ROTL 6 8 W W W W 79 6. Inlz h fv workng vrls,,,, d, nd, wh h - s hsh vlu: d. For o 79: { T ROTL d d W K d f ROTL T,, 5 }. Compu h h nrmd hsh vlu : d } Afr rpng sps on hrough four ol of ms.., fr prossng M, h rsulng 6- mssg dgs of h mssg, M, s 8

6.. Alrn Mhod for Compung SA- Mssg Dgs Th SA- hsh ompuon mhod dsrd n S. 6.. ssums h h mssg shdul W, W,, W 79 s mplmnd s n rry of ghy - words. Ths s ffn from h sndpon of h mnmzon of xuon m, sn h ddrsss of W -,, W -6 n sp of S. 6.. r sly ompud. owvr, f mmory s lmd, n lrnv s o rgrd {W } s rulr quu h my mplmnd usng n rry of sxn - words, W, W,, W 5. Th lrn mhod h s dsrd n hs son ylds h sm mssg dgs s h SA- ompuon mhod dsrd n S. 6... Alhough hs lrn mhod svs sxy-four - words of sorg, s lkly o lnghn h xuon m du o h nrsd omplxy of h ddrss ompuons for h {W } n sp. For hs lrn SA- mhod, l MASKf n hx. As n S. 6.., ddon s prformd modulo. Assumng h h prprossng s dsrd n S. 6.. hs n prformd, h prossng of M s s follows: For o : {. For o 5: { W M }. Inlz h fv workng vrls,,,, d, nd, wh h - s hsh vlu: d. For o 79: { s MASK If { } 6 hn W ROTL W s s MASK s 8 MASK s MASK W W W s 9

T ROTL d d W K d f ROTL T s,, 5 }. Compu h h nrmd hsh vlu : d } Afr rpng sps on hrough four ol of ms.., fr prossng M, h rsulng 6- mssg dgs of h mssg, M, s 6. SA-56 SA-56 my usd o hsh mssg, M, hvng lngh of s, whr. Th lgorhm uss mssg shdul of sxy-four - words, gh workng vrls of s h, nd hsh vlu of gh - words. Th fnl rsul of SA-56 s 56- mssg dgs. l 6 < l Th words of h mssg shdul r lld W, W,, W 6. Th gh workng vrls r lld,,, d,, f, g, nd h. Th words of h hsh vlu r lld, whh wll hold h nl hsh vlu,, rpld y h sussv nrmd hsh vlu fr h mssg lok s prossd,, nd ndng wh h fnl hsh vlu,. SA- 56 lso uss wo mporry words, T nd T. 7,,, K 6.. SA-56 Prprossng. Pd h mssg, M, ordng o S. 5..;

. Prs h pddd mssg no 5- mssg loks, M, M,, M, ordng o S. 5..; nd. S h nl hsh vlu,, s spfd n S. 5... 6.. SA-56 sh Compuon Th SA-56 hsh ompuon uss funons nd onsns prvously dfnd n S... nd S..., rspvly. Addon s prformd modulo. Afr prprossng s ompld, h mssg lok, usng h followng sps: For o : {. Prpr h mssg shdul, { W }: M, M,, M, s prossd n ordr, W M 5 σ 6 6 {56} { 56} W W 7 σ W 5 W 6. Inlz h gh workng vrls,,,, d,, f, g, nd h, wh h - s hsh vlu: d f g h 5 6 7. For o 6: {

{56} {56} {56},,,, T T d T d f f g g h Mj T W K g f Ch h T }. Compu h h nrmd hsh vlu : 7 7 6 6 5 5 h g f d } Afr rpng sps on hrough four ol of ms.., fr prossng M, h rsulng 56- mssg dgs of h mssg, M, s 7 6 5 6. SA- SA- my usd o hsh mssg, M, hvng lngh of l s, whr l < 6. Th funon s dfnd n h x sm mnnr s SA-56 Son 6., wh h followng wo xpons:. Th nl hsh vlu,, shll s s spfd n S. 5..; nd. Th - mssg dgs s ond y runng h fnl hsh vlu,, o s lf-mos s:

5 6 6. SA-5 8 SA-5 my usd o hsh mssg, M, hvng lngh of l s, whr l <. Th lgorhm uss mssg shdul of ghy 6- words, gh workng vrls of 6 s h, nd hsh vlu of gh 6- words. Th fnl rsul of SA-5 s 5- mssg dgs. Th words of h mssg shdul r lld W, W,, W 79. Th gh workng vrls r lld,,, d,, f, g, nd h. Th words of h hsh vlu r lld,, K, 7, whh wll hold h nl hsh vlu,, rpld y h sussv nrmd hsh vlu fr h mssg lok s prossd,, nd ndng wh h fnl hsh vlu,. SA- 5 lso uss wo mporry words, T nd T. 6.. SA-5 Prprossng. Pd h mssg, M, ordng o S. 5..;. Prs h pddd mssg no - mssg loks, M, M,, M, ordng o S. 5..; nd. S h nl hsh vlu,, s spfd n S. 5..5. 6.. SA-5 sh Compuon Th SA-5 hsh ompuon uss funons nd onsns prvously dfnd n S... nd S..., rspvly. Addon s prformd modulo 6. Afr prprossng s ompld, h mssg lok, M, M,, M, s prossd n ordr, usng h followng sps: For o : {. Prpr h mssg shdul, {W }: W M 5 σ 6 79 {5} {5} W W 7 σ W 5 W 6. Inlz h gh workng vrls,,,, d,, f, g, nd h, wh h - s hsh vlu:

7 6 5 h g f d. For o 79: { {5} {5} {5},,,, T T d T d f f g g h Mj T W K g f Ch h T }. Compu h h nrmd hsh vlu : 7 7 6 6 5 5 h g f d }

Afr rpng sps on hrough four ol of ms.., fr prossng M, h rsulng 5- mssg dgs of h mssg, M, s 5 6 7 6.5 SA-8 8 SA-8 my usd o hsh mssg, M, hvng lngh of l s, whr l <. Th lgorhm s dfnd n h x sm mnnr s SA-5 S. 6., wh h followng wo xpons:. Th nl hsh vlu,, shll s s spfd n S. 5..; nd. Th 8- mssg dgs s ond y runng h fnl hsh vlu,, o s lf-mos 8 s: 5 7. TRUCATIO OF A MESSAGE DIGEST Som pplon my rqur hsh funon wh mssg dgs lngh dffrn hn hos provdd y h hsh funons n hs Sndrd. In suh ss, rund mssg dgs my usd, whry hsh funon wh lrgr mssg dgs lngh s ppld o h d o hshd, nd h rsulng mssg dgs s rund y slng n ppropr numr of h lfmos s. For gudlns on hoosng h lngh of h rund mssg dgs nd nformon ou s sury mplons for h rypogrph pplon h uss, s SP 8-7. 5

APPEDIX A: Addonl Informon A. Sury of h Sur sh Algorhms Th sury of h fv hsh lgorhms, SA-, SA-, SA-56, SA-8, nd SA-5 s dsussd n [SP 8-7]. A. Implmnon os Exmpls of SA-, SA-, SA-56, SA-8 nd SA-5 r vll hp://sr.ns.gov/groups/st/oolk/xmpls.hml. A. Oj Idnfrs Oj dnfrs OIDs for h SA-, SA-, SA-56, SA-8 nd SA-5 lgorhms r posd hp://sr.ns.gov/groups/st/rypo_pps_nfr/sor/lgorhms.hml. 6

APPEDIX B: REFERECES [FIPS 8-] [SP 8-57] [SP 8-7] IST, Fdrl Informon Prossng Sndrds Pulon 8-, Sur sh Sndrds SS, Augus. IST Spl Pulon SP 8-57, Pr, Rommndon for Ky Mngmn: Gnrl, Augus 5. IST Spl Pulon SP 8-7, Rommndon for Applons Usng Approvd sh Algorhms, Drf July 8. 7