Crypto appendix: allow HMAC-SHA-1 (#2399)

Co-authored-by: Gabriel Corona <gabriel.corona@enst-bretagne.fr> Co-authored-by: Josh Grossman <tghosth@users.noreply.github.com>
OWASP · Nov 22, 2024 · eea22c8 · eea22c8
1 parent acdec46
commit eea22c8
Showing 1 changed file with 5 additions and 2 deletions.
diff --git a/5.0/en/0x97-Appendix-V_Cryptography.md b/5.0/en/0x97-Appendix-V_Cryptography.md
@@ -242,18 +242,21 @@ The following MAC algorithms are approved for use in securing messages by provid
 | HMAC-SHA-256      | [RFC 2104](https://www.rfc-editor.org/info/rfc2104) & [FIPS 198-1](https://csrc.nist.gov/pubs/fips/198-1/final) | ✓                       | ✓  | ✓  | ✓  |
 | HMAC-SHA-384      | [RFC 2104](https://www.rfc-editor.org/info/rfc2104) & [FIPS 198-1](https://csrc.nist.gov/pubs/fips/198-1/final) | ✓                       |    | ✓  | ✓  |
 | HMAC-SHA-512      | [RFC 2104](https://www.rfc-editor.org/info/rfc2104) & [FIPS 198-1](https://csrc.nist.gov/pubs/fips/198-1/final) | ✓                       |    | ✓  | ✓  |
+| HMAC-SHA-1        | [RFC 2104](https://www.rfc-editor.org/info/rfc2104) & [FIPS 198-1](https://csrc.nist.gov/pubs/fips/198-1/final) | ✓                       |    | ✓  | ✓  |
 | KMAC128           | [NIST SP 800-185](https://csrc.nist.gov/pubs/sp/800/185/final)                             | ✓                       | ✓  | ✓  | ✓  |
 | KMAC256           | [NIST SP 800-185](https://csrc.nist.gov/pubs/sp/800/185/final)                             | ✓                       | ✓  | ✓  | ✓  |
 | Blake3            |                                                                                            | ✓                       | ✓  | ✓  | ✓  |
 
+Note that while SHA-1 should not be used in general, the usage of HMAC-SHA-1 is currently not considered to be problematic
+([NIST SP 800-57](https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt1r5.pdf)).
+
 ### Disallowed MAC Algorithms
 
 The following algorithms are explicitly banned and MUST NOT be used due to known vulnerabilities or insufficient security strength:
 
 | MAC Algorithm    | Reference                                                                          |
 | ---------------- | ---------------------------------------------------------------------------------- |
-| MD5-based HMAC   | [RFC 1321](https://www.rfc-editor.org/info/rfc1321)                                |
-| SHA-1-based HMAC | [RFC 3174](https://www.rfc-editor.org/info/rfc3174) & [RFC 6194](https://www.rfc-editor.org/info/rfc6194) |
+| HMAC-MD5         | [RFC 1321](https://www.rfc-editor.org/info/rfc1321)                                |
 
 ## Digital Signatures