LOGBOOK

HELP

Quiz Entry - updated: 2026.07.14

Which hash functions (MDCs) are still approved for digital signatures as of 2023, and which ones are deprecated?

Only SHA-2 (256/384/512 bit) and SHA-3 (256/384/512 bit) are still approved for signatures. Everything else is deprecated.

Algorithm Output (bits) Status
MD4, MD5 128 Broken — must not be used
SHA-0 160 Broken — must not be used
RIPEMD 160 Broken — must not be used
SHA-1 160 No signatures! Still OK for HMAC per BSI guidance, but not recommended
SHA2-224, SHA3-224 224 Not for signatures since 2023 (min. 240 bit required for collision attacks)
SHA-2 256, 384, 512 Approved — min. 240 bit for signatures
SHA-3 256, 384, 512 Approved — same as SHA-2

Key rule since 2023: Hash functions used for signatures must have at least 240 bits output (for collision resistance of at least 120 bits).

Tip: MD5 still appears in legacy systems like PRFs (pseudo-random functions), but never for integrity or signatures.

Go deeper:

From Quiz: KRYPTOG / One-Way and Hash Functions | Updated: Jul 14, 2026