SHA-384 Security API

Version: 1.0.0
Last Updated: 2025-01-02
Security Classification: Cryptographic Hash Function
Author: MetaMUI Security Team

Overview

SHA-384 is a truncated version of SHA-512, providing 192-bit collision resistance with improved performance on 64-bit systems.

• Algorithm Family: SHA-2 family
• Security Level: 192-bit collision resistance
• Output Size: 384 bits (48 bytes)
• Block Size: 1024 bits
• Standard: FIPS 180-4

Security Warnings ⚠️

1. Truncated SHA-512: Uses same algorithm as SHA-512 with truncated output
2. 64-bit Optimized: Best performance on 64-bit architectures
3. Length Extension: Vulnerable to length extension attacks (use HMAC for MACs)
4. Not Post-Quantum: Not resistant to quantum attacks (Grover’s algorithm)

API Functions

Hashing

def sha384(data: bytes) -> bytes:
    """Compute SHA-384 hash of data"""

Incremental Hashing

class SHA384:
    def update(self, data: bytes) -> None:
        """Update hash state with new data"""
    
    def finalize(self) -> bytes:
        """Finalize and return hash"""

Security Best Practices

• Use for digital signatures requiring 192-bit security
• Prefer over SHA-256 for higher security requirements
• Use HMAC-SHA384 for message authentication
• Consider SHA3-384 for new applications

Security Analysis

Threat Model: SHA-384 Threat Model

The comprehensive threat analysis covers:

• Algorithm-specific attack vectors
• Implementation vulnerabilities
• Side-channel considerations
• Quantum resistance analysis (where applicable)
• Deployment recommendations

For complete security analysis and risk assessment, see the dedicated threat model documentation.

References

1. FIPS 180-4: Secure Hash Standard

---

Back to Algorithm Security APIs