---
title: "Secure Hash (FIPS 180-4 SHA-2, FIPS 202 SHA-3, SHAKE)"
canonical_url: "https://www.sorena.io/artifacts/global/fips-crypto-algorithms/secure-hash-fips-180-4-and-fips-202"
source_url: "https://www.sorena.io/artifacts/global/fips-crypto-algorithms/secure-hash-fips-180-4-and-fips-202"
author: "Sorena AI"
description: "Deep guide to FIPS secure hash standards: SHA-2 under FIPS 180-4 and SHA-3 plus SHAKE under FIPS 202. Learn digest selection, XOF rules, and evidence strategy."
published_at: "2026-03-04"
updated_at: "2026-03-04"
keywords:
  - "FIPS 180-4"
  - "FIPS 202"
  - "SHA-2"
  - "SHA-3"
  - "SHAKE128"
  - "SHAKE256"
  - "secure hash standard"
  - "hash selection guide"
  - "cryptographic hash functions"
  - "XOF extendable-output function"
  - "GLOBAL compliance"
  - "SHAKE"
---
**[SORENA](https://www.sorena.io/)** - AI-Powered GRC Platform

[Home](https://www.sorena.io/) | [Solutions](https://www.sorena.io/solutions) | [Artifacts](https://www.sorena.io/artifacts) | [About Us](https://www.sorena.io/about-us) | [Contact](https://www.sorena.io/contact) | [Portal](https://app.sorena.io)

---

# Secure Hash (FIPS 180-4 SHA-2, FIPS 202 SHA-3, SHAKE)

Deep guide to FIPS secure hash standards: SHA-2 under FIPS 180-4 and SHA-3 plus SHAKE under FIPS 202. Learn digest selection, XOF rules, and evidence strategy.

*Selection guide* *GLOBAL*

## FIPS Crypto Algorithms Secure hash

Hashing affects signatures, integrity checks, KDFs, random generation, and protocol transcripts. Choose the digest deliberately.

This page explains SHA-2, SHA-3, and SHAKE with practical selection rules.

FIPS 180-4, published in August 2015, specifies the Secure Hash Standard and includes SHA-1 and the SHA-2 family. FIPS 202, also published in August 2015, specifies SHA-3 and the XOFs SHAKE128 and SHAKE256. FIPS 202 explicitly says SHA-3 supplements the functions in FIPS 180-4 and that the two standards together provide resilience because they rely on different design principles. The engineering challenge is choosing the right digest or XOF for the actual use case and then keeping those choices stable across implementations and time.

## What the two standards cover

FIPS 180-4 covers SHA-1 and the SHA-2 family: SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, and SHA-512/256. It says either FIPS 180-4 or FIPS 202 must be implemented wherever a secure hash algorithm is required for Federal applications.

FIPS 202 covers SHA3-224, SHA3-256, SHA3-384, SHA3-512, and the XOFs SHAKE128 and SHAKE256. It also defines the underlying Keccak-based structure and makes clear that the XOFs are different from fixed-output hash functions.

- SHA-2 gives a mature fixed-output family with broad interoperability
- SHA-3 adds design diversity and different implementation characteristics
- SHAKE functions give variable-length output but come with additional parameter rules

## When SHAKE is useful and when it needs extra care

SHAKE128 and SHAKE256 are approved XOFs under FIPS 202, but the standard says their approved uses are specified in NIST Special Publications. That matters because they are not simply drop-in replacements for every hash use case.

Because output length is variable, teams have to pin output length and context explicitly. Otherwise, related outputs can create protocol or interoperability surprises.

- Publish fixed output lengths per use case
- Use explicit domain separation for structured or multi-role inputs
- Test that every verifier and peer uses the same output-length rule
- Keep XOF use aligned to an approved or documented application profile

## How hash choices affect signatures and protocols

Hash functions are part of signature-system interoperability, not just internal plumbing. FIPS 186-5 references both FIPS 180 and FIPS 202 because digest choice affects signature validity, verification behavior, and security strength.

The same problem appears in protocols. If one side upgrades or switches digests without explicit agreement, verification and transcript handling can fail.

- Pin digest choice per signature scheme and protocol profile
- Do not mix digests inside one profile unless the profile explicitly defines it
- Treat digest changes as change-controlled compatibility events

## Evidence that proves hashing choices are controlled

Hashing is easy to implement and easy to get subtly wrong. Reviewers will want to know where each hash or XOF is used, which parameters are allowed, and how mismatch or downgrade is prevented.

A strong evidence pack makes those answers obvious.

- Crypto inventory showing every SHA-2, SHA-3, and SHAKE use case
- Algorithm and parameter registry, including SHAKE output length
- Known-answer tests, integration tests, and interoperability tests
- Domain-separation rules for protocols and structured data
- Change-control history for digest or XOF changes

*Recommended next step*

*Placement: near the end of the main content before related guides*

## Use FIPS Crypto Algorithms Secure hash as a cited research workflow

Research Copilot can take FIPS Crypto Algorithms Secure hash from getting cited answers and faster research on this topic to a reusable workflow inside Sorena. Teams working on FIPS Crypto Algorithms can keep owners, evidence, and next steps aligned without copying this guide into separate documents.

- [Open Research Copilot for FIPS Crypto Algorithms Secure hash](/solutions/research-copilot.md): Start from FIPS Crypto Algorithms Secure hash and answer scope, timing, and interpretation questions with cited outputs.
- [Talk through FIPS Crypto Algorithms](/contact.md): Review your current process, evidence gaps, and next steps for FIPS Crypto Algorithms Secure hash.

## Primary sources

- [FIPS 180-4 (Secure Hash Standard)](https://doi.org/10.6028/NIST.FIPS.180-4?ref=sorena.io) - Primary source for SHA-2 family hashes and federal applicability.
- [FIPS 202 (SHA-3 Standard)](https://doi.org/10.6028/NIST.FIPS.202?ref=sorena.io) - Primary source for SHA-3 and the approved XOFs SHAKE128 and SHAKE256.
- [FIPS 186-5 (Digital Signature Standard)](https://doi.org/10.6028/NIST.FIPS.186-5?ref=sorena.io) - Reference for how hash choices interact with signature systems.

## Related Topic Guides

- [AES (FIPS 197) - How to Use AES Safely](/artifacts/global/fips-crypto-algorithms/aes-fips-197.md): Advanced implementation guide for AES under FIPS 197 upd1: AES-128, AES-192, AES-256, approved modes.
- [Digital Signatures (FIPS 186-5 DSS and FIPS 204 ML-DSA)](/artifacts/global/fips-crypto-algorithms/digital-signatures-fips-186-5-and-fips-204.md): Advanced guide to FIPS digital signatures: RSA, ECDSA, deterministic ECDSA, EdDSA, and post-quantum ML-DSA.
- [FIPS Crypto Algorithms FAQ (AES, SHA, Signatures, PQC)](/artifacts/global/fips-crypto-algorithms/faq.md): FAQ for FIPS crypto adoption: AES, SHA-2 and SHA-3, digital signatures, post-quantum standards.
- [Post-Quantum Cryptography (FIPS 203, 204, 205) - Migration Guide](/artifacts/global/fips-crypto-algorithms/post-quantum-fips-203-204-205.md): Practical post-quantum cryptography migration guidance grounded in FIPS 203, FIPS 204, and FIPS 205.


---

[Privacy Policy](https://www.sorena.io/privacy) | [Terms of Use](https://www.sorena.io/terms-of-use) | [DMCA](https://www.sorena.io/dmca) | [About Us](https://www.sorena.io/about-us)

(c) 2026 Sorena AB (559573-7338). All rights reserved.

Source: https://www.sorena.io/artifacts/global/fips-crypto-algorithms/secure-hash-fips-180-4-and-fips-202