[Federal Register Volume 59, Number 96 (Thursday, May 19, 1994)]
[Unknown Section]
[Page 0]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 94-12218]


[[Page Unknown]]

[Federal Register: May 19, 1994]


-----------------------------------------------------------------------

DEPARTMENT OF COMMERCE
National Institute of Standards and Technology
[Docket No. 940535-4135]
RIN 0693-AA86

 

Approval of Federal Information Processing Standards Publication 
186, Digital Signature Standard (DSS)

AGENCY: National Institute of Standards and Technology (NIST), 
Commerce.

ACTION: Notice of approval of Federal Information Processing Standard 
186, Digital Signature Standard.

-----------------------------------------------------------------------

SUMMARY: This notice announces that the Secretary of Commerce has 
approved the Digital Signature Standard (DSS) as Federal Information 
Processing Standard (FIPS) 186. The DSS provides the capability to 
generate digital signatures that cannot be forged. This capability is 
needed by Federal government agencies to carry out their 
responsibilities for electronic exchanges and to improve government 
operations through the use of information technology.

EFFECTIVE DATE: This standard is effective December 1, 1994.

ADDRESSES: Interested parties may purchase copies of this standard, 
including the technical specifications section, from the National 
Technical Information Service (NTIS). Specific ordering information 
from NTIS for this standard is set out in the ``Where to Obtain 
Copies'' Section of the announcement section of the standard.

FOR FURTHER INFORMATION CONTACT:
Mr. Miles Smid, National Institute of Standards and Technology, 
Gaithersburg, MD 20899, telephone (301) 975-2938.

SUPPLEMENTARY INFORMATION: On August 30, 1991, NIST published in the 
Federal Register (56 FR 42980) a notice which announced the proposed 
FIPS for DSS. On December 2, 1991, the comment period for the proposed 
FIPS for DSS was extended by notice published in the Federal Register 
(56 FR 61231).
    NIST received comments from 109 organizations and individuals in 
response to the Federal Register notice and to information sent to 
Federal agencies on the proposed FIPS for DSS. Many of the comments 
supported the proposed DSS and stated requirements for a digital 
signature capability for use in electronic data applications. Other 
comments in support of the DSS backed NIST's goal of a digital 
signature standard that is free of patent impediments and that provides 
for interoperability and a uniform level of security.
    NIST also received many comments criticizing the adoption of the 
proposed DSS. Some of the arguments in opposition included: The 
selection process for the Digital Signature Algorithm (DSA) was not 
public; time provided for analysis of the DSA was not sufficient; the 
DSA may infringe on other patents; the DSA does not provide for secret 
key distribution; the DSA is incomplete because no hash algorithm is 
specified; the DSA is not compatible with international standards; the 
DSA is not secure; the DSA is not efficient.
    NIST considered all of the issues raised and believes that is has 
addressed them. The development of this standard was carried out 
through NIST's usual procedures including solicitation of input from 
different sources. To provide more time for analysis of the DSA, NIST 
extended the original three month review and comment period for an 
additional three months. NIST has addressed the possible patent 
infringement claims, and has concluded that there are no valid claims.
    The DSA does not provide for secret key distribution since it is 
not intended for that purpose. Since the proposed DSS was announced, a 
Secure Hash Standard was proposed and approved as FIPS 180. With 
respect to the compatibility of the DSS with international standards, 
NIST has proposed that the DSA be an alternative signature standard 
within the appropriate international standard (IS 9796). Concerning the 
security of the DSA, no cryptographic shortcut attacks on the DSA have 
been discovered. However, NIST has revised the proposed standard to 
provide a larger modulus size. This modification will accommodate 
requirements for long term security of digital signatures. NIST 
believes that the efficiency of the DSA is adequate for most 
applications.
    Given the complexity of the public comments, NIST proceeded 
deliberatively in its consideration of the August 1991 proposal. The 
written comments submitted by interested parties and other available 
material were carefully reviewed and considered in the determination to 
finalize the proposed FIPS for DSS. On the basis of this review, NIST 
recommended that the Secretary approve the standard as a Federal 
Information Processing Standards Publication, and prepared a detailed 
justification document for the Secretary's review in support of that 
recommendation. The detailed justification document which was presented 
to the Secretary is part of the public record and is available for 
inspection and copying in the Department's Central Reference and 
Records Inspection Facility, room 6020, Herbert C. Hoover Building, 
14th Street between Pennsylvania and Constitution Avenues, NW., 
Washington, DC 20230.
    This FIPS contains two sections: (1) An announcement section, which 
provides information concerning the applicability, implementation, and 
maintenance of the standard; and (2) a specifications section which 
deals with the technical requirements of the standard. Only the 
announcement section is provided in this notice.


    Dated: May 13, 1994.
Samuel Kramer,
Associate Director.
Processing Standards Publication 186

Announcing the Digital Signature Standard (DSS)

    Federal Information Processing Standards Publications (FIPS PUBS) 
are issued by the National Institute of Standards and Technology (NIST) 
after approval by the Secretary of Commerce pursuant to Section 111(d) 
of the Federal Property and Administrative Services Act of 1949 as 
amended by the Computer Security Act of 1987, Public law 100-235.
    Name of Standard: Digital Signature Standard (DSS).
    Category of Standard: Computer Security; Cryptography.
    Explanation: This Standard specifies a Digital Signature Algorithm 
(DSA) appropriate for applications requiring a digital rather than 
written signature. The DSA digital signature is a pair of large numbers 
represented in a computer as strings of binary digits. The digital 
signature is computed using a set of rules (i.e., the DSA) and a set of 
parameters such that the identity of the signatory and integrity of the 
data can be verified. The DSA provides the capability to generate and 
verify signatures. Signature generation makes use of a private key to 
generate a digital signature. Signature verification makes use of a 
public key which corresponds to, but is not the same as, the private 
key. Each user possesses a private and public key pair. Public keys are 
assumed to be known to the public in general. Private keys are never 
shared. Anyone can verify the signature of a user by employing that 
user's public key. Signature generation can be performed only by the 
possessor of the user's private key.
    A hash function is used in the signature generation process to 
obtain a condensed version of data, called a message digest (see Figure 
1). The message digest is then input to the DSA to generate the digital 
signature. The digital signature is sent to the intended verifier along 
with the signed data (often called the message). The verifier of the 
message and signature verifies the signature by using the sender's 
public key. The same hash function must also be used in the 
verification process. The hash function is specified in a separate 
standard, the Secure Hash Standard (SHS), FIPS 180. Similar procedures 
may be used to generate and verify signatures for stored as well as 
transmitted data.

Billing Code 3410-11-M

TN19MY94.057


BILLING CODE 3410-11-C

    Approving Authority: Secretary of Commerce.
    Maintenance Agency: U.S. Department of Commerce, National Institute 
of Standards and Technology (NIST), Computer Systems Laboratory (CSL).
    Applicability: This standard is applicable to all Federal 
departments and agencies for the protection of unclassified information 
that is not subject to section 2315 of Title 10, United States Code, or 
section 3502(2) of Title 44, United States Code. This standard shall be 
used in designing and implementing public-key based signature systems 
which Federal departments and agencies operate or which are operated 
for them under contract. Adoption and use of this standard is available 
to private and commercial organizations.
    Applications: The DSA authenticates the integrity of the signed 
data and the identity of the signatory. The DSA may also be used in 
proving to a third party that data was actually signed by the generator 
of the signature. The DSA is intended for use in electronic mail, 
electronic funds transfer, electronic data interchange, software 
distribution, data storage, and other applications which require data 
integrity assurance and data origin authentication.
    Implementations: The DSA may be implemented in software, firmware, 
hardware, or any combination thereof. NIST is developing a validation 
program to test implementations for conformance to this standard. 
Information about the planned validation program can be obtained from 
the National Institute of Standards and Technology, Computer Systems 
Laboratory, Attn: DSS Validation, Gaithersburg, MD 20899.
    Export Control: Implementations of this standard are subject to 
Federal Government export controls as specified in Title 15, Code of 
Federal Regulations, Parts 768 through 799. Exporters are advised to 
contact the Department of Commerce, Bureau of Export Administration for 
more information.
    Patents: The Department of Commerce is not aware of any patents 
that would be infringed by this standard.
    Implemented Schedule: This standard becomes effective December 1, 
1994.
    Specifications: Federal Information Processing Standard (FIPS186) 
Digital Signature Standard (DSS), (affixed).

Cross Index

    a. Federal Information Resources Management Regulations (FIRMR) 
subpart 201.20.303, Standards, and subpart 201.39.1002, Federal 
Standards.
    b. FIPS PUB 46-2, Data Encryption Standard.
    c. FIPS PUB 73, Guidelines for Security of Computer Applications.
    d. FIPS PUB 140-1, Security Requirements for Cryptographic Modules.
    e. FIPS PUB 171, Key Management Using ANSI X9.17.
    f. FIPS PUB 180, Secure Hash Standard.
    Qualifications: The security of a digital signature system is 
dependent on maintaining the secrecy of users' private keys. Users must 
therefore guard against the unauthorized acquisition of their private 
keys. While it is the intent of this standard to specify general 
security requirements for generating digital signatures, conformance to 
this standard does not assure that a particular implementation is 
secure. The responsible authority in each agency or department shall 
assure that an overall implementation provides an acceptable level of 
security. This standard will be reviewed every five years in order to 
assess its adequacy.
    Waiver Procedure: Under certain exceptional circumstances, the 
heads of Federal departments and agencies may approve waivers to 
Federal Information Processing Standards (FIPS). The head of such 
agency may redelegate such authority only to a senior official 
designated pursuant to section 3506(b) of Title 44, United States Code. 
Waiver shall be granted only when:
    a. Compliance with a standard would adversely affect the 
accomplishment of the mission of an operator of a Federal computer 
system; or
    b. Compliance with a standard would cause a major adverse financial 
impact on the operator which is not offset by Government-wide savings.
    Agency heads may act upon a written waiver request containing the 
information detailed above. Agency heads may also act without a written 
waiver request when they determine that conditions for meeting the 
standard cannot be met. Agency heads may approve waivers only by a 
written decision which explains the basis on which the agency head made 
with required finding(s). A copy of each decision, with procurement 
sensitive or classified portions clearly identified, shall be sent to: 
National Institute of Standards and Technology; ATTN: FIPS Waiver 
Decisions, Technology Building, room B-154, Gaithersburg, MD 20899.
    In addition, notice of each waiver granted and each delegation of 
authority to approve waivers shall be sent promptly to the Committee on 
Government Operations of the House of Representatives and the Committee 
on Government Affairs of the Senate and shall be published promptly in 
the Federal Register.
    When the determination on a waiver applies to the procurement of 
equipment and/or services, a notice of the waiver determination must be 
published in the Commerce Business Daily as a part of the notice of 
solicitation for offers of an acquisition or, if the waiver 
determination is made after that notice is published, by amendment to 
such notice.
    A copy of the waiver, any supporting documents, the document 
approving the waiver and any accompanying documents, with such 
deletions as the agency is authorized and decides to make under 5 
U.S.C. 552(b), shall be part of the procurement documentation and 
retained by the agency.
    Where to Obtain Copies of the Standard: Copies of this publication 
are for sale by the National Technical Information Service, U.S. 
Department of Commerce, Springfield, VA 22161. When ordering, refer to 
Federal Information Processing Standards Publication 186 (FIPSPUB186), 
and identify the title. When microfiche is desired, this should be 
specified. Prices are published by NTIS in current catalogs and other 
issuances. Payment may be made by check, money order, deposit account 
or charged to a credit card accepted by NTIS.

[FR Doc. 94-12218 Filed 5-18-94; 8:45 am]
BILLING CODE 3510-CN-M