[Federal Register Volume 79, Number 102 (Wednesday, May 28, 2014)]
[Notices]
[Pages 30549-30550]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2014-12336]


-----------------------------------------------------------------------

DEPARTMENT OF COMMERCE

National Institute of Standards and Technology


Announcing Draft Federal Information Processing Standard (FIPS) 
202, SHA-3 Standard: Permutation-Based Hash and Extendable-Output 
Functions, and Draft Revision of the Applicability Clause of FIPS 180-
4, Secure Hash Standard, and Request for Comments

Docket No.: [130917811-3811-01]

AGENCY: National Institute of Standards and Technology (NIST), 
Commerce.

ACTION: Notice; request for comments.

-----------------------------------------------------------------------

SUMMARY: The National Institute of Standards and Technology (NIST) 
launched a public competition in November 2007 to develop a new 
cryptographic hash algorithm for standardization to augment the 
Government standard hash algorithms specified in Federal Information 
Processing Standard (FIPS) 180, Secure Hash Standard. NIST announced 
the selection of Keccak as the winning algorithm in a press release 
issued on October 2, 2012, which is available at http://www.nist.gov/itl/csd/sha-100212.cfm. Draft FIPS 202 specifies the new ``Secure Hash 
Algorithm-3'' (SHA-3) family of permutation-based functions based on 
Keccak.
    Four fixed-length cryptographic hash algorithms (SHA3-224, SHA3-
256, SHA3-384, and SHA3-512) and two closely related, ``extendable-
output'' functions (SHAKE128 and SHAKE256) are specified in Draft FIPS 
202; all six algorithms are permutation-based ``sponge'' functions. The 
four SHA-3 hash functions provide alternatives to the SHA-2 family of 
hash functions. The extendable-output functions (XOFs) can be 
specialized to hash functions, subject to additional security 
considerations, or used in a variety of other applications. Hash 
algorithms are used in many information security applications, 
including (1) the generation and verification of digital signatures, 
(2) key-derivation functions, and (3) random bit generation.
    Both FIPS 180-4 and Draft FIPS 202 specify cryptographic hash 
algorithms. FIPS 180-4 specifies SHA-1 and the SHA-2 family of hash 
functions, and mandates the use of one of these functions for Federal 
applications that require a cryptographic hash function. Draft FIPS 202 
specifies the new SHA-3 family of hash and extendable-output functions. 
To allow the use of the functions specified in either FIPS 180-4 or 
Draft FIPS 202 for Federal applications that require a cryptographic 
hash function, NIST proposes revising the Applicability Clause 
(6) of the Announcement Section of FIPS 180-4; the other 
sections of FIPS 180-4 remain unchanged. The NIST Policy on Hash 
Functions, available at http://csrc.nist.gov/groups/ST/hash/policy.html, provides guidance on the choice of hash functions for 
specific applications.
    NIST invites public comments on Draft FIPS 202, which is available 
at http://csrc.nist.gov/publications/PubsDrafts.html, and on the 
proposed revision of the Applicability Clause of the Announcement 
Section of FIPS 180-4, available at http://csrc.nist.gov/publications/PubsFIPS.html. After the comment period closes, NIST will analyze the 
comments, make changes to the respective documents, as appropriate, and 
then propose Draft FIPS 202 and the revised FIPS 180-4 to the Secretary 
of Commerce for approval.

DATES: Comments on Draft FIPS 202 and the revised Applicability Clause 
of FIPS 180-4 must be received on or before August 26, 2014.

ADDRESSES: Comments on Draft FIPS 202 and the revised Applicability 
Clause of FIPS 180-4 may be sent electronically to 
[email protected] with the relevant Subject line: ``Comment on 
Draft FIPS 202,'' or

[[Page 30550]]

``Comment on draft revision to the Applicability Clause of FIPS 180.'' 
Comments may also be sent by mail to: Chief, Computer Security 
Division, Information Technology Laboratory, ATTN: Comments on Draft 
FIPS 202 for SHA-3, National Institute of Standards and Technology, 100 
Bureau Drive, Stop 8930, Gaithersburg, MD 20899-8930.

FOR FURTHER INFORMATION CONTACT: Ms. Shu-jen Chang (301) 975-2940, 
National Institute of Standards and Technology, 100 Bureau Drive, Mail 
Stop 8930, Gaithersburg, MD 20899-8930, email: [email protected].

SUPPLEMENTARY INFORMATION: On November 2, 2007, NIST announced a 
Request for Candidate Algorithm Nominations for a New Cryptographic 
Hash Algorithm (SHA-3) Family in the Federal Register (72 FR 62212), 
which is available at https://federalregister.gov/a/E7-21581. The 
notice requested the submission of candidate hash algorithms for 
consideration in a public competition to select a new hash algorithm 
that would augment the Government standard hash algorithms specified in 
Federal Information Processing Standard (FIPS) 180, Secure Hash 
Standard. The competition was referred to as the SHA-3 Cryptographic 
Hash Algorithm Competition, or the SHA-3 Competition.
    By October 31, 2008, NIST received sixty-four entries from 
cryptographers around the world. From these entries, NIST selected 
fifty-one first-round candidates in December 2008, fourteen second-
round candidates in July 2009, and five finalists in December 2010. 
NIST summarized its decision in a report at the end of each round; 
NISTIR 7620 for the first round and NISTIR 7764 for the second round 
are available at http://csrc.nist.gov/publications/PubsNISTIRs.html.
    Eighteen months were provided for the public review of the SHA-3 
finalists. The worldwide cryptographic community provided an enormous 
amount of analysis and public feedback on the candidates throughout the 
competition. NIST also hosted a SHA-3 candidate conference during each 
round of the competition to obtain public feedback. After much careful 
study and consideration of the finalists and public comments, NIST 
announced the selection of Keccak as the winner of the SHA-3 
Cryptographic Hash Algorithm Competition in a press release on October 
2, 2012. Keccak is a family of permutation-based sponge functions that 
cryptographic hash functions and other applications can be built from. 
The press release is available at http://www.nist.gov/itl/csd/sha-100212.cfm, and a report explaining this selection (NISTIR 7896) is 
available at http://dx.doi.org/10.6028/NIST.IR.7896.

Request for Comments

    NIST publishes this notice to solicit public comments on Draft FIPS 
202. Draft FIPS 202 specifies the new SHA-3 family of permutation-based 
hash and extendable-output functions based on Keccak. This algorithm is 
the core of the proposed SHA-3 Standard, but the standard does not 
standardize nor approve every variant that the Keccak family of 
functions can support.
    NIST strongly encourages the public to continue analyzing the 
security of the Keccak family of permutation-based sponge functions in 
general, and the six algorithms specified in Draft FIPS 202 in 
particular, and to submit those analyses as official comments in 
response to this request. NIST invites public comments on Draft FIPS 
202, which is available at http://csrc.nist.gov/publications/PubsDrafts.html. Such analyses and other comments received will be 
considered by NIST in preparing the final version of FIPS 202.
    NIST also invites public comments on the revised Applicability 
Clause in the Announcement Section of FIPS 180-4; the revision would 
permit compliance with FIPS 202 in lieu of FIPS 180-4 for Federal 
applications when a cryptographic hash function is called for. Public 
comments received in response to this request will be posted regularly 
at http://csrc.nist.gov/groups/ST/hash/sha-3/sha-3_standardization.html. NIST reminds all interested parties that the SHA-
3 development effort was conducted as an open standards-setting 
activity. NIST requests that all interested parties inform NIST of any 
patents or inventions that may be required for the use of Draft FIPS 
202 algorithms. This includes comments from all parties regarding 
specific claims that the use of Draft FIPS 202 algorithms infringes on 
their patent(s). Claims regarding the infringement of copyrighted 
software are also solicited. NIST views this input as a critical factor 
in the eventual widespread adoption and implementation of Draft FIPS 
202. All comments received by the deadline will be made publicly 
available at http://csrc.nist.gov/groups/ST/hash/sha-3/sha-3_standardization.html without change or redaction. Therefore, comments 
should not include proprietary or confidential information.
    To encourage on-going discussions related to the SHA-3 
standardization effort, NIST will continue to maintain its SHA-3 
electronic discussion forum at [email protected]. Please note that 
comments sent to this list will NOT be considered ``official'' 
comments; to be considered ``official,'' a comment must be submitted as 
described above in the ADDRESSES section of this Notice.

    Authority:  In accordance with the Information Technology 
Management Reform Act of 1996 (Pub. L. 104-106) and the Federal 
Information Security Management Act of 2002 (FISMA) (Pub. L. 107-
347), the Secretary of Commerce is authorized to approve FIPS. NIST 
activities to develop computer security standards to protect federal 
sensitive (unclassified) information systems are undertaken pursuant 
to specific responsibilities assigned to NIST by Section 20 of the 
National Institute of Standards and Technology Act (15 U.S.C. 278g-
3), as amended.

    E.O. 12866: This notice has been determined not to be significant 
for the purposes of E.O. 12866.

    Dated: May 21, 2014.
Willie E. May,
Associate Director for Laboratory Programs.
[FR Doc. 2014-12336 Filed 5-27-14; 8:45 am]
BILLING CODE 3510-13-P