The National Institute of Standards and Technology on April 10 issued the draft of a fifth revision since 1994 to what is known as the “Digital Signature Standard,” which specifies the digital signature algorithm that should be used to generate and verify digital signatures. “Digital signatures are used to detect unauthorized modifications to data and to authenticate the identity of the signatory,” explains an abstract of that new standard.
The initial standard was first published in 1994, according to a NIST notice posted in the Federal Register on April 10. “Later revisions (FIPS 186-1, FIPS 186-2, and FIPS 186-3, adopted in 1998, 1999 and 2009, respectively) adopted two additional algorithms: The Elliptical Curve Digital Signature Algorithm (ECDSA) and the RSA digital signature algorithm,” explained the NIST notice.
In part, says the NIST notice, the proposed revision:
- Allows the use of any random bit/number generator that is approved for use in FIPS-140-validated modules;
- Reduces restrictions on the retention and use of prime number generation seeds for generating RSA key pairs; and,
- Corrects statements in FIPS 186-3 regarding the generation of the integer k, which is used as a secret number in the generation of DSA and ECDSA digital signatures.
The complete proposed revision is available by clicking here.
The public can submit comments about the proposed revisions by sending an email to fips_186-3_change_notice@nist.gov
Further information about these proposed revisions is available from Elaine Barker, of NIST’s computer security division, at 301-975-2911 or elaine.barker@nist.gov.