ISO/IEC 10118-3:2018
IT Security techniques — Hash-functions — Part 3: Dedicated hash-functions
This document specifies dedicated hash-functions, i.e. specially designed hash-functions. The hash-functions in this document are based on the iterative use of a round-function. Distinct round-functions are specified, giving rise to distinct dedicated hash-functions.
The use of Dedicated Hash-Functions 1, 2 and 3 in new digital signature implementations is deprecated.
NOTE As a result of their short hash-code length and/or cryptanalytic results, Dedicated Hash-Functions 1, 2 and 3 do not provide a sufficient level of collision resistance for future digital signature applications and they are therefore, only usable for legacy applications. However, for applications where collision resistance is not required, such as in hash-functions as specified in ISO/IEC 9797‑2, or in key derivation functions specified in ISO/IEC 11770‑6, their use is not deprecated.
Numerical examples for dedicated hash-functions specified in this document are given in Annex B as additional information. For information purposes, SHA-3 extendable-output functions are specified in Annex C.
| Get this standard | Prices exclude GST | |
|---|---|---|
| PDF ( Single user document) |
$429.00 NZD
|
|
| HardCopy |
$473.00 NZD
|
|
| Networkable PDF |
Price varies
|
Foreword
1 Scope
2 Normative references
3 Terms and definitions
4 Symbols
4.1 Symbols specified in ISO/IEC 10118‑1
4.2 Symbols specific to this document
5 Requirements
6 Models for dedicated hash-functions
6.1 Use of models
6.2 Round-function model
6.3 Sponge model
7 Dedicated Hash-Function 1 (RIPEMD-160)
7.1 General
7.2 Parameters, functions and constants
7.2.1 Parameters
7.2.2 Byte ordering convention
7.2.3 Functions
7.2.4 Constants
7.2.5 Initializing value
7.3 Padding method
7.4 Description of the round-function
8 Dedicated Hash-Function 2 (RIPEMD-128)
8.1 General
8.2 Parameters, functions and constants
8.2.1 Parameters
8.2.2 Byte ordering convention
8.2.3 Functions
8.2.4 Constants
8.2.5 Initializing value
8.3 Padding method
8.4 Description of the round-function
9 Dedicated Hash-Function 3 (SHA-1)
9.1 General
9.2 Parameters, functions and constants
9.2.1 Parameters
9.2.2 Byte ordering convention
9.2.3 Functions
9.2.4 Constants
9.2.5 Initializing value
9.3 Padding method
9.4 Description of the round-function
10 Dedicated Hash-Function 4 (SHA-256)
10.1 General
10.2 Parameters, functions and constants
10.2.1 Parameters
10.2.2 Byte ordering convention
10.2.3 Functions
10.2.4 Constants
10.2.5 Initializing value
10.3 Padding method
10.4 Description of the round-function
11 Dedicated Hash-Function 5 (SHA-512)
11.1 General
11.2 Parameters, functions and constants
11.2.1 Parameters
11.2.2 Byte ordering convention
11.2.3 Functions
11.2.4 Constants
11.2.5 Initializing value
11.3 Padding method
11.4 Description of the round-function
12 Dedicated Hash-Function 6 (SHA-384)
12.1 General
12.2 Parameters, functions and constants
12.2.1 Parameters
12.2.2 Byte ordering convention
12.2.3 Functions
12.2.4 Constants
12.2.5 Initializing value
12.3 Padding method
12.4 Description of the round-function
13 Dedicated Hash-Function 7 (WHIRLPOOL)
13.1 General
13.2 Parameters, functions and constants
13.2.1 Parameters
13.2.2 Byte ordering convention
13.2.3 Functions
13.2.4 Constants
13.2.5 Initializing value
13.3 Padding method
13.4 Description of the round-function
14 Dedicated Hash-Function 8 (SHA-224)
14.1 General
14.2 Parameters, functions and constants
14.2.1 Parameters
14.2.2 Byte ordering convention
14.2.3 Functions
14.2.4 Constants
14.2.5 Initializing value
14.3 Padding method
14.4 Description of the round-function
15 Dedicated Hash-Function 9 (SHA-512/224)
15.1 General
15.2 Parameters, functions and constants
15.2.1 Parameters
15.2.2 Byte ordering convention
15.2.3 Functions
15.2.4 Constants
15.2.5 Initializing value
15.3 Padding method
15.4 Description of the round-function
16 Dedicated Hash-Function 10 (SHA-512/256)
16.1 General
16.2 Parameters, functions and constants
16.2.1 Parameters
16.2.2 Byte ordering convention
16.2.3 Functions
16.2.4 Constants
16.2.5 Initializing value
16.3 Padding method
16.4 Description of the round-function
17 Dedicated Hash-Function 11 (STREEBOG-512)
17.1 General
17.2 Parameters, functions and constants
17.2.1 Parameters
17.2.2 Byte ordering convention
17.2.3 Functions
17.2.4 Constants
17.2.5 Initializing value
17.3 Padding method
17.4 Description of the round-function
18 Dedicated Hash-Function 12 (STREEBOG-256)
18.1 General
18.2 Parameters, functions and constants
18.2.1 Parameters
18.2.2 Byte ordering convention
18.2.3 Functions
18.2.4 Constants
18.2.5 Initializing value
18.3 Padding method
18.4 Description of the round-function
19 Dedicated Hash-Function 13 (SHA3-224)
19.1 General
19.2 Parameters, functions and constants
19.2.1 Parameters
19.2.2 Byte ordering convention
19.2.3 Functions
19.3 Padding method
19.4 Description of a round-function
19.5 Output transformation
20 Dedicated Hash-Function 14 (SHA3-256)
20.1 General
20.2 Parameters, functions and constants
20.2.1 Parameters
20.2.2 Byte ordering convention
20.2.3 Functions
20.2.4 Constants
20.2.5 Initializing value
20.3 Padding method
20.4 Description of round-function
20.5 Output transformation
21 Dedicated Hash-Function 15 (SHA3-384)
21.1 General
21.2 Parameters, functions and constants
21.2.1 Parameters
21.2.2 Byte ordering convention
21.2.3 Functions
21.2.4 Constants
21.2.5 Initializing value
21.3 Padding method
21.4 Description of round-function
21.5 Output transformation
22 Dedicated Hash-Function 16 (SHA3-512)
22.1 General
22.2 Parameters, functions and constants
22.2.1 Parameters
22.2.2 Byte ordering convention
22.2.3 Functions
22.2.4 Constants
22.2.5 Initializing value
22.3 Padding method
22.4 Description of round-function
22.5 Output transformation
23 Dedicated Hash-Function 17 (SM3)
23.1 General
23.2 Parameters, functions and constants
23.2.1 Parameters
23.2.2 Byte ordering convention
23.2.3 Functions
23.2.4 Constants
23.2.5 Initializing value
23.3 Padding method
23.4 Description of the round-function
Annex A (normative) Object identifiers
Annex B (informative) Numerical examples
Annex C (informative) SHA-3 Extendable-Output Functions
Bibliography
Previous versions
Keep me up-to-date
Sign up to receive updates when there are changes to this standard
Related Information
Similar Standards
-
AS/NZS ISO/IEC 27001:2023
Information security, cybersecurity and privacy protection – Information security management systems – Requirements
-
AS/NZS ISO/IEC 27001:2023 A1
Information security, cybersecurity and privacy protection - Privacy enhancing data de-identification framework
-
AS/NZS ISO/IEC 27002:2022
Information security, cybersecurity and privacy protection — Information security controls
-
AS/NZS ISO/IEC 27011:2025
Information security, cybersecurity and privacy protection – Information security controls based on ISO/IEC 27002 for telecommunications organizations
Foreword
1 Scope
2 Normative references
3 Terms and definitions
4 Symbols
4.1 Symbols specified in ISO/IEC 10118‑1
4.2 Symbols specific to this document
5 Requirements
6 Models for dedicated hash-functions
6.1 Use of models
6.2 Round-function model
6.3 Sponge model
7 Dedicated Hash-Function 1 (RIPEMD-160)
7.1 General
7.2 Parameters, functions and constants
7.2.1 Parameters
7.2.2 Byte ordering convention
7.2.3 Functions
7.2.4 Constants
7.2.5 Initializing value
7.3 Padding method
7.4 Description of the round-function
8 Dedicated Hash-Function 2 (RIPEMD-128)
8.1 General
8.2 Parameters, functions and constants
8.2.1 Parameters
8.2.2 Byte ordering convention
8.2.3 Functions
8.2.4 Constants
8.2.5 Initializing value
8.3 Padding method
8.4 Description of the round-function
9 Dedicated Hash-Function 3 (SHA-1)
9.1 General
9.2 Parameters, functions and constants
9.2.1 Parameters
9.2.2 Byte ordering convention
9.2.3 Functions
9.2.4 Constants
9.2.5 Initializing value
9.3 Padding method
9.4 Description of the round-function
10 Dedicated Hash-Function 4 (SHA-256)
10.1 General
10.2 Parameters, functions and constants
10.2.1 Parameters
10.2.2 Byte ordering convention
10.2.3 Functions
10.2.4 Constants
10.2.5 Initializing value
10.3 Padding method
10.4 Description of the round-function
11 Dedicated Hash-Function 5 (SHA-512)
11.1 General
11.2 Parameters, functions and constants
11.2.1 Parameters
11.2.2 Byte ordering convention
11.2.3 Functions
11.2.4 Constants
11.2.5 Initializing value
11.3 Padding method
11.4 Description of the round-function
12 Dedicated Hash-Function 6 (SHA-384)
12.1 General
12.2 Parameters, functions and constants
12.2.1 Parameters
12.2.2 Byte ordering convention
12.2.3 Functions
12.2.4 Constants
12.2.5 Initializing value
12.3 Padding method
12.4 Description of the round-function
13 Dedicated Hash-Function 7 (WHIRLPOOL)
13.1 General
13.2 Parameters, functions and constants
13.2.1 Parameters
13.2.2 Byte ordering convention
13.2.3 Functions
13.2.4 Constants
13.2.5 Initializing value
13.3 Padding method
13.4 Description of the round-function
14 Dedicated Hash-Function 8 (SHA-224)
14.1 General
14.2 Parameters, functions and constants
14.2.1 Parameters
14.2.2 Byte ordering convention
14.2.3 Functions
14.2.4 Constants
14.2.5 Initializing value
14.3 Padding method
14.4 Description of the round-function
15 Dedicated Hash-Function 9 (SHA-512/224)
15.1 General
15.2 Parameters, functions and constants
15.2.1 Parameters
15.2.2 Byte ordering convention
15.2.3 Functions
15.2.4 Constants
15.2.5 Initializing value
15.3 Padding method
15.4 Description of the round-function
16 Dedicated Hash-Function 10 (SHA-512/256)
16.1 General
16.2 Parameters, functions and constants
16.2.1 Parameters
16.2.2 Byte ordering convention
16.2.3 Functions
16.2.4 Constants
16.2.5 Initializing value
16.3 Padding method
16.4 Description of the round-function
17 Dedicated Hash-Function 11 (STREEBOG-512)
17.1 General
17.2 Parameters, functions and constants
17.2.1 Parameters
17.2.2 Byte ordering convention
17.2.3 Functions
17.2.4 Constants
17.2.5 Initializing value
17.3 Padding method
17.4 Description of the round-function
18 Dedicated Hash-Function 12 (STREEBOG-256)
18.1 General
18.2 Parameters, functions and constants
18.2.1 Parameters
18.2.2 Byte ordering convention
18.2.3 Functions
18.2.4 Constants
18.2.5 Initializing value
18.3 Padding method
18.4 Description of the round-function
19 Dedicated Hash-Function 13 (SHA3-224)
19.1 General
19.2 Parameters, functions and constants
19.2.1 Parameters
19.2.2 Byte ordering convention
19.2.3 Functions
19.3 Padding method
19.4 Description of a round-function
19.5 Output transformation
20 Dedicated Hash-Function 14 (SHA3-256)
20.1 General
20.2 Parameters, functions and constants
20.2.1 Parameters
20.2.2 Byte ordering convention
20.2.3 Functions
20.2.4 Constants
20.2.5 Initializing value
20.3 Padding method
20.4 Description of round-function
20.5 Output transformation
21 Dedicated Hash-Function 15 (SHA3-384)
21.1 General
21.2 Parameters, functions and constants
21.2.1 Parameters
21.2.2 Byte ordering convention
21.2.3 Functions
21.2.4 Constants
21.2.5 Initializing value
21.3 Padding method
21.4 Description of round-function
21.5 Output transformation
22 Dedicated Hash-Function 16 (SHA3-512)
22.1 General
22.2 Parameters, functions and constants
22.2.1 Parameters
22.2.2 Byte ordering convention
22.2.3 Functions
22.2.4 Constants
22.2.5 Initializing value
22.3 Padding method
22.4 Description of round-function
22.5 Output transformation
23 Dedicated Hash-Function 17 (SM3)
23.1 General
23.2 Parameters, functions and constants
23.2.1 Parameters
23.2.2 Byte ordering convention
23.2.3 Functions
23.2.4 Constants
23.2.5 Initializing value
23.3 Padding method
23.4 Description of the round-function
Annex A (normative) Object identifiers
Annex B (informative) Numerical examples
Annex C (informative) SHA-3 Extendable-Output Functions
Bibliography