ASVS Requirement 11.4.1

• Level: 1
• Chapter: V11 Cryptography
• Section: V11.4 Hashing and Hash-based Functions
• Source: 0x20-V11-Cryptography.md

Description

Verify that only approved hash functions are used for general cryptographic use cases, including digital signatures, HMAC, KDF, and random bit generation. Disallowed hash functions, such as MD5, must not be used for any cryptographic purpose.