[Federal Register Volume 59, Number 96 (Thursday, May 19, 1994)]
[Unknown Section]
[Page 0]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 94-12218]
[[Page Unknown]]
[Federal Register: May 19, 1994]
-----------------------------------------------------------------------
DEPARTMENT OF COMMERCE
National Institute of Standards and Technology
[Docket No. 940535-4135]
RIN 0693-AA86
Approval of Federal Information Processing Standards Publication
186, Digital Signature Standard (DSS)
AGENCY: National Institute of Standards and Technology (NIST),
Commerce.
ACTION: Notice of approval of Federal Information Processing Standard
186, Digital Signature Standard.
-----------------------------------------------------------------------
SUMMARY: This notice announces that the Secretary of Commerce has
approved the Digital Signature Standard (DSS) as Federal Information
Processing Standard (FIPS) 186. The DSS provides the capability to
generate digital signatures that cannot be forged. This capability is
needed by Federal government agencies to carry out their
responsibilities for electronic exchanges and to improve government
operations through the use of information technology.
EFFECTIVE DATE: This standard is effective December 1, 1994.
ADDRESSES: Interested parties may purchase copies of this standard,
including the technical specifications section, from the National
Technical Information Service (NTIS). Specific ordering information
from NTIS for this standard is set out in the ``Where to Obtain
Copies'' Section of the announcement section of the standard.
FOR FURTHER INFORMATION CONTACT:
Mr. Miles Smid, National Institute of Standards and Technology,
Gaithersburg, MD 20899, telephone (301) 975-2938.
SUPPLEMENTARY INFORMATION: On August 30, 1991, NIST published in the
Federal Register (56 FR 42980) a notice which announced the proposed
FIPS for DSS. On December 2, 1991, the comment period for the proposed
FIPS for DSS was extended by notice published in the Federal Register
(56 FR 61231).
NIST received comments from 109 organizations and individuals in
response to the Federal Register notice and to information sent to
Federal agencies on the proposed FIPS for DSS. Many of the comments
supported the proposed DSS and stated requirements for a digital
signature capability for use in electronic data applications. Other
comments in support of the DSS backed NIST's goal of a digital
signature standard that is free of patent impediments and that provides
for interoperability and a uniform level of security.
NIST also received many comments criticizing the adoption of the
proposed DSS. Some of the arguments in opposition included: The
selection process for the Digital Signature Algorithm (DSA) was not
public; time provided for analysis of the DSA was not sufficient; the
DSA may infringe on other patents; the DSA does not provide for secret
key distribution; the DSA is incomplete because no hash algorithm is
specified; the DSA is not compatible with international standards; the
DSA is not secure; the DSA is not efficient.
NIST considered all of the issues raised and believes that is has
addressed them. The development of this standard was carried out
through NIST's usual procedures including solicitation of input from
different sources. To provide more time for analysis of the DSA, NIST
extended the original three month review and comment period for an
additional three months. NIST has addressed the possible patent
infringement claims, and has concluded that there are no valid claims.
The DSA does not provide for secret key distribution since it is
not intended for that purpose. Since the proposed DSS was announced, a
Secure Hash Standard was proposed and approved as FIPS 180. With
respect to the compatibility of the DSS with international standards,
NIST has proposed that the DSA be an alternative signature standard
within the appropriate international standard (IS 9796). Concerning the
security of the DSA, no cryptographic shortcut attacks on the DSA have
been discovered. However, NIST has revised the proposed standard to
provide a larger modulus size. This modification will accommodate
requirements for long term security of digital signatures. NIST
believes that the efficiency of the DSA is adequate for most
applications.
Given the complexity of the public comments, NIST proceeded
deliberatively in its consideration of the August 1991 proposal. The
written comments submitted by interested parties and other available
material were carefully reviewed and considered in the determination to
finalize the proposed FIPS for DSS. On the basis of this review, NIST
recommended that the Secretary approve the standard as a Federal
Information Processing Standards Publication, and prepared a detailed
justification document for the Secretary's review in support of that
recommendation. The detailed justification document which was presented
to the Secretary is part of the public record and is available for
inspection and copying in the Department's Central Reference and
Records Inspection Facility, room 6020, Herbert C. Hoover Building,
14th Street between Pennsylvania and Constitution Avenues, NW.,
Washington, DC 20230.
This FIPS contains two sections: (1) An announcement section, which
provides information concerning the applicability, implementation, and
maintenance of the standard; and (2) a specifications section which
deals with the technical requirements of the standard. Only the
announcement section is provided in this notice.
Dated: May 13, 1994.
Samuel Kramer,
Associate Director.
Processing Standards Publication 186
Announcing the Digital Signature Standard (DSS)
Federal Information Processing Standards Publications (FIPS PUBS)
are issued by the National Institute of Standards and Technology (NIST)
after approval by the Secretary of Commerce pursuant to Section 111(d)
of the Federal Property and Administrative Services Act of 1949 as
amended by the Computer Security Act of 1987, Public law 100-235.
Name of Standard: Digital Signature Standard (DSS).
Category of Standard: Computer Security; Cryptography.
Explanation: This Standard specifies a Digital Signature Algorithm
(DSA) appropriate for applications requiring a digital rather than
written signature. The DSA digital signature is a pair of large numbers
represented in a computer as strings of binary digits. The digital
signature is computed using a set of rules (i.e., the DSA) and a set of
parameters such that the identity of the signatory and integrity of the
data can be verified. The DSA provides the capability to generate and
verify signatures. Signature generation makes use of a private key to
generate a digital signature. Signature verification makes use of a
public key which corresponds to, but is not the same as, the private
key. Each user possesses a private and public key pair. Public keys are
assumed to be known to the public in general. Private keys are never
shared. Anyone can verify the signature of a user by employing that
user's public key. Signature generation can be performed only by the
possessor of the user's private key.
A hash function is used in the signature generation process to
obtain a condensed version of data, called a message digest (see Figure
1). The message digest is then input to the DSA to generate the digital
signature. The digital signature is sent to the intended verifier along
with the signed data (often called the message). The verifier of the
message and signature verifies the signature by using the sender's
public key. The same hash function must also be used in the
verification process. The hash function is specified in a separate
standard, the Secure Hash Standard (SHS), FIPS 180. Similar procedures
may be used to generate and verify signatures for stored as well as
transmitted data.
Billing Code 3410-11-M
TN19MY94.057
BILLING CODE 3410-11-C
Approving Authority: Secretary of Commerce.
Maintenance Agency: U.S. Department of Commerce, National Institute
of Standards and Technology (NIST), Computer Systems Laboratory (CSL).
Applicability: This standard is applicable to all Federal
departments and agencies for the protection of unclassified information
that is not subject to section 2315 of Title 10, United States Code, or
section 3502(2) of Title 44, United States Code. This standard shall be
used in designing and implementing public-key based signature systems
which Federal departments and agencies operate or which are operated
for them under contract. Adoption and use of this standard is available
to private and commercial organizations.
Applications: The DSA authenticates the integrity of the signed
data and the identity of the signatory. The DSA may also be used in
proving to a third party that data was actually signed by the generator
of the signature. The DSA is intended for use in electronic mail,
electronic funds transfer, electronic data interchange, software
distribution, data storage, and other applications which require data
integrity assurance and data origin authentication.
Implementations: The DSA may be implemented in software, firmware,
hardware, or any combination thereof. NIST is developing a validation
program to test implementations for conformance to this standard.
Information about the planned validation program can be obtained from
the National Institute of Standards and Technology, Computer Systems
Laboratory, Attn: DSS Validation, Gaithersburg, MD 20899.
Export Control: Implementations of this standard are subject to
Federal Government export controls as specified in Title 15, Code of
Federal Regulations, Parts 768 through 799. Exporters are advised to
contact the Department of Commerce, Bureau of Export Administration for
more information.
Patents: The Department of Commerce is not aware of any patents
that would be infringed by this standard.
Implemented Schedule: This standard becomes effective December 1,
1994.
Specifications: Federal Information Processing Standard (FIPS186)
Digital Signature Standard (DSS), (affixed).
Cross Index
a. Federal Information Resources Management Regulations (FIRMR)
subpart 201.20.303, Standards, and subpart 201.39.1002, Federal
Standards.
b. FIPS PUB 46-2, Data Encryption Standard.
c. FIPS PUB 73, Guidelines for Security of Computer Applications.
d. FIPS PUB 140-1, Security Requirements for Cryptographic Modules.
e. FIPS PUB 171, Key Management Using ANSI X9.17.
f. FIPS PUB 180, Secure Hash Standard.
Qualifications: The security of a digital signature system is
dependent on maintaining the secrecy of users' private keys. Users must
therefore guard against the unauthorized acquisition of their private
keys. While it is the intent of this standard to specify general
security requirements for generating digital signatures, conformance to
this standard does not assure that a particular implementation is
secure. The responsible authority in each agency or department shall
assure that an overall implementation provides an acceptable level of
security. This standard will be reviewed every five years in order to
assess its adequacy.
Waiver Procedure: Under certain exceptional circumstances, the
heads of Federal departments and agencies may approve waivers to
Federal Information Processing Standards (FIPS). The head of such
agency may redelegate such authority only to a senior official
designated pursuant to section 3506(b) of Title 44, United States Code.
Waiver shall be granted only when:
a. Compliance with a standard would adversely affect the
accomplishment of the mission of an operator of a Federal computer
system; or
b. Compliance with a standard would cause a major adverse financial
impact on the operator which is not offset by Government-wide savings.
Agency heads may act upon a written waiver request containing the
information detailed above. Agency heads may also act without a written
waiver request when they determine that conditions for meeting the
standard cannot be met. Agency heads may approve waivers only by a
written decision which explains the basis on which the agency head made
with required finding(s). A copy of each decision, with procurement
sensitive or classified portions clearly identified, shall be sent to:
National Institute of Standards and Technology; ATTN: FIPS Waiver
Decisions, Technology Building, room B-154, Gaithersburg, MD 20899.
In addition, notice of each waiver granted and each delegation of
authority to approve waivers shall be sent promptly to the Committee on
Government Operations of the House of Representatives and the Committee
on Government Affairs of the Senate and shall be published promptly in
the Federal Register.
When the determination on a waiver applies to the procurement of
equipment and/or services, a notice of the waiver determination must be
published in the Commerce Business Daily as a part of the notice of
solicitation for offers of an acquisition or, if the waiver
determination is made after that notice is published, by amendment to
such notice.
A copy of the waiver, any supporting documents, the document
approving the waiver and any accompanying documents, with such
deletions as the agency is authorized and decides to make under 5
U.S.C. 552(b), shall be part of the procurement documentation and
retained by the agency.
Where to Obtain Copies of the Standard: Copies of this publication
are for sale by the National Technical Information Service, U.S.
Department of Commerce, Springfield, VA 22161. When ordering, refer to
Federal Information Processing Standards Publication 186 (FIPSPUB186),
and identify the title. When microfiche is desired, this should be
specified. Prices are published by NTIS in current catalogs and other
issuances. Payment may be made by check, money order, deposit account
or charged to a credit card accepted by NTIS.
[FR Doc. 94-12218 Filed 5-18-94; 8:45 am]
BILLING CODE 3510-CN-M