DSS Approval

[David Farber <farber () central cis upenn edu>]

Note: The following notice was published in the Federal Register on
May 19, 1994 on page 26208.  Note that the announcement section
mentioned is not included in this electronic file.
- --------------------------------------------------


                     DEPARTMENT OF COMMERCE
         National Institute of Standards and Technology


                    [Docket No. 940535-4135]
                         RIN   0693-AA86


                           APPROVAL OF
    FEDERAL INFORMATION PROCESSING STANDARDS PUBLICATION 186,
                DIGITAL SIGNATURE STANDARD (DSS)


AGENCY:  National Institute of Standards and Technology (NIST),
Commerce.


ACTION:  Notice of approval of Federal Information Processing
Standard 186, Digital Signature Standard.


SUMMARY:  This notice announces that the Secretary of Commerce has
approved the Digital Signature Standard (DSS) as Federal
Information Processing Standard (FIPS) 186.  The DSS provides the
capability to generate digital signatures that cannot be forged.
This capability is needed by Federal government agencies to carry
out their responsibilities for electronic exchanges and to improve
government operations through the use of information technology.


EFFECTIVE DATE:  This standard is effective December 1, 1994.


ADDRESSES:  Interested parties may purchase copies of this
standard, including the technical specifications section, from the
National Technical Information Service (NTIS).  Specific ordering
information from NTIS for this standard is set out in the "Where to
Obtain Copies" Section of the announcement section of the standard.




FOR FURTHER INFORMATION CONTACT:  Mr. Miles Smid, National
Institute of Standards and Technology, Gaithersburg, MD 20899,
telephone (301) 975-2938.


SUPPLEMENTARY INFORMATION:  On August 30, 1991, NIST published in
the Federal Register (56 FR 42980) a notice which announced the
proposed FIPS for DSS.  On December 2, 1991, the comment period for
the proposed FIPS for DSS was extended by notice published in the
Federal Register (56 FR 61231).


NIST received comments from 109 organizations and individuals in
response to the Federal Register notice and to information sent to
Federal agencies on the proposed FIPS for DSS.  Many of the
comments supported the proposed DSS and stated requirements for a
digital signature capability for use in electronic data
applications.  Other comments in support of the DSS backed NIST's
goal of a digital signature standard that is free of patent
impediments and that provides for interoperability and a uniform
level of security.


NIST also received many comments criticizing the adoption of the
proposed DSS.  Some of the arguments in opposition included: the
selection process for the Digital Signature Algorithm (DSA) was not
public; time provided for analysis of the DSA was not sufficient;
the DSA may infringe on other patents; the DSA does not provide for
secret key distribution; the DSA is incomplete because no hash
algorithm is specified; the DSA is not compatible with
international standards; the DSA is not secure; the DSA is not
efficient.


NIST considered all of the issues raised and believes that it has
addressed them.  The development of this standard was carried out
through NIST's usual procedures including solicitation of input
from different sources.  To provide more time for analysis of the
DSA, NIST extended the original three month review and comment
period for an additional three months.  NIST has addressed the
possible patent infringement claims, and has concluded that there
are no valid claims.


The DSA does not provide for secret key distribution since it is
not intended for that purpose.  Since the proposed DSS was
announced, a Secure Hash Standard was proposed and approved as FIPS
180.  With respect to the compatibility of the DSS with
international standards, NIST has proposed that the DSA be an
alternative signature standard within the appropriate international
standard (IS 9796).  Concerning the security of the DSA, no
cryptographic shortcut attacks on the DSA have been discovered.
However, NIST has revised the proposed standard to provide a larger
modulus size.  This modification will accommodate requirements for
long term security of digital signatures.  NIST believes that the
efficiency of the DSA is adequate for most applications.


Given the complexity of the public comments, NIST proceeded
deliberatively in its consideration of the August 1991 proposal.
The written comments submitted by interested parties and other
available material were carefully reviewed and considered in the
determination to finalize the proposed FIPS for DSS.  On the basis
of this review, NIST recommended that the Secretary approve the
standard as a Federal Information Processing Standards Publication,
and prepared a detailed justification document for the Secretary's
review in support of that recommendation.  The detailed
justification document which was presented to the Secretary is part
of the public record and is available for inspection and copying in
the Department's Central Reference and Records Inspection Facility,
Room 6020, Herbert C. Hoover Building, 14th Street between
Pennsylvania and Constitution Avenues, NW, Washington, DC  20230.


This FIPS contains two sections:  (1) An announcement section,
which provides information concerning the applicability,
implementation, and maintenance of the standard; and (2) a
specifications section which deals with the technical requirements
of the standard.  Only the announcement section is provided in this
notice.


Samuel Kramer, Associate Director


(May 13, 1994)
_______________________________
Date