Fluid Attacks logo
Login
Contact Us
Young hacker smiling
Zero false positives

Expert intelligence + effective automation

Contact logo Contact Us
GET A DEMO

R150. Set minimum size for hash functions

This document contains the details of the security requirements related to the definition and management of cryptographic systems. This requirement establishes the importance of protecting encrypted sensitive information by setting a minimum size for all hash functions in the system.

Requirement

Hash functions must be used with a minimum size of 256 bits.

References

  1. OWASP-ASVS v4.0.1 V1.6 Cryptographic Architectural Requirements.(1.6.1) Verify that there is an explicit policy for management of cryptographic keys and that a cryptographic key lifecycle follows a key management standard such as NIST SP 800-57.


Service status - Terms of Use