FIPS 186-5 and SP 800-186 published today
Moody, Dustin (Fed)
Today, NIST is publishing Federal Information Processing Standard (FIPS) 186-5, Digital Signature Standard (DSS), along with NIST Special Publication (SP) 800-186, Recommendations for Discrete Logarithm-based Cryptography: Elliptic Curve Domain Parameters.
FIPS 186-5 specifies three techniques for the generation and verification of digital signatures that can be used for the protection of data:
- Rivest-Shamir-Adleman (RSA) Algorithm
- Elliptic Curve Digital Signature Algorithm (ECDSA)
- Edwards Curve Digital Signature Algorithm (EdDSA)
The Digital Signature Algorithm (DSA), which was specified in prior versions of FIPS 186, is retained only for the purposes of verifying existing signatures.
The companion document, NIST SP 800-186, specifies the set of recommended elliptic curves. In addition to the previously recommended Weierstrass curves, there are two newly specified Edwards curves included for use with the EdDSA algorithm. Edwards curves provide increased performance, side-channel resistance, and simpler implementation when compared to traditional curves. While NIST SP 800-186 includes the specifications for elliptic curves over binary fields, these curves are now deprecated, and the use of the other (prime) curves is strongly recommended.
The algorithms in these standards are not expected to provide resistance to attacks from a large-scale quantum computer. Digital signature algorithms that will provide security from quantum computers will be specified in future NIST publications. For more information, see the Post-Quantum Cryptography Standardization project.
John Mattsson
Thank you!
Cheers,
John
--
You received this message because you are subscribed to the Google Groups "pqc-forum" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
pqc-forum+...@list.nist.gov.
To view this discussion on the web visit
https://groups.google.com/a/list.nist.gov/d/msgid/pqc-forum/SA1PR09MB866942D51474E237F1A2A956E5D79%40SA1PR09MB8669.namprd09.prod.outlook.com.
Q R
If someone implemented and is currently using binary (Koblitz) curves,
I assume the deprecation does not impact this implementation and they
can leave it as-is.
That is, do not change to prime fields or the new curves, keep the
binary curves.
Is that correct?
Cheers ~A
On 2/3/23, 'John Mattsson' via pqc-forum <pqc-...@list.nist.gov> wrote:
> Thank you!
>
> Cheers,
> John
>
> From: 'Moody, Dustin (Fed)' via pqc-forum <pqc-...@list.nist.gov>
> Date: Friday, 3 February 2023 at 15:19
> To: pqc-forum <pqc-...@list.nist.gov>
> Subject: [pqc-forum] FIPS 186-5 and SP 800-186 published today
> All,
>
> While this is not strictly PQC, I wanted to let everybody know that NIST
> published the latest revision of our digital signature standard FIPS 186
> today, along with a related document SP 800-186.
>
> Dustin Moody
> NIST
>
>>>>>>>>>>>>>>>>>>>>
>
> Federal Register Notice:
> https://www.federalregister.gov/documents/2023/02/03/2023-02273/announcing-issuance-of-federal-information-processing-standard-fips-186-5-digital-signature-standard
>
>>>>>>>>>>>>>>>>>>>>
> Announcement:
>
> Today, NIST is publishing Federal Information Processing Standard (FIPS)
> 186-5, Digital Signature Standard
> Logarithm-based Cryptography: Elliptic Curve Domain
> FIPS 186-5 specifies three techniques for the generation and verification of
> digital signatures that can be used for the protection of data:
>
> 2. Elliptic Curve Digital Signature Algorithm (ECDSA)
> 3. Edwards Curve Digital Signature Algorithm (EdDSA)
> The Digital Signature Algorithm (DSA), which was specified in prior versions
> of FIPS 186, is retained only for the purposes of verifying existing
> signatures.
>
> The companion document, NIST SP 800-186, specifies the set of recommended
> elliptic curves. In addition to the previously recommended Weierstrass
> curves, there are two newly specified Edwards curves included for use with
> the EdDSA algorithm. Edwards curves provide increased performance,
> side-channel resistance, and simpler implementation when compared to
> traditional curves. While NIST SP 800-186 includes the specifications for
> elliptic curves over binary fields, these curves are now deprecated, and the
> use of the other (prime) curves is strongly recommended.
>
> The algorithms in these standards are not expected to provide resistance to
> attacks from a large-scale quantum computer. Digital signature algorithms
> that will provide security from quantum computers will be specified in
> future NIST publications. For more information, see the Post-Quantum
> Cryptography Standardization
> --
> You received this message because you are subscribed to the Google Groups
> "pqc-forum" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to
> --
> You received this message because you are subscribed to the Google Groups
> "pqc-forum" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to pqc-forum+...@list.nist.gov.
> To view this discussion on the web visit
>