ASVS Requirement 11.4.3

• Level: 2
• Chapter: V11 Cryptography
• Section: V11.4 Hashing and Hash-based Functions
• Source: 0x20-V11-Cryptography.md

Description

Verify that hash functions used in digital signatures, as part of data authentication or data integrity are collision resistant and have appropriate bit-lengths. If collision resistance is required, the output length must be at least 256 bits. If only resistance to second pre-image attacks is required, the output length must be at least 128 bits.