Digital signatures: GSA tosses a hot potato back to NIST lab

Digital signatures are what the government needs for electronic
commerce, but a way to use on-line John Hancocks remains unresolved and agencies shouldn't
expect any help before 1997.

Responsibility for a prototype on which agencies would model their digital signature
applications has passed back and forth between the General Services Administration and the
National Institute of Standards and Technology. NIST officials agreed last year to build a
pilot system. GSA took over the effort this spring.

Now GSA has tossed the digital signature ball back into NIST's court, although NIST is
one of the agencies facing the chopping block. NIST's new plan calls for implementing a
small pilot project next summer.

Agencies have little choice but to watch from the sidelines as the drawn out game over
the creation of a public-key infrastructure (PKI) prototype continues.

GSA's Security Infrastructure Program Management Office (SI-PMO) had assumed
responsibility for the PKI pilot in April when Congress decided not to provide NIST with
any more money for a pilot contractor [GCN, May 1, Page 1].

But now the SI-PMO is fighting for survival. With funding assured only through the end
of the year, the SI-PMO decided NIST is better equipped to handle the PKI prototype, GSA
officials said.

"We're working closely with NIST. But we do not have the total resources
necessary," said Thomas Burke, chief of the SI-PMO in GSA's Information Technology

Before handing the project off to GSA, NIST had announced plans to launch a series of
automated PKI pilots. Now NIST is backing a scaled-down prototype, using digital
signatures for a travel management system run by the Energy and Defense departments.

Cash shortages forced NIST to scrap its original PKI blueprint. It called for setting
up an interagency network of nine workstations to serve as the policy, certification and
registration authorization for roughly 1,000 users.

Nevertheless, NIST officials said they are confident the travel system project will be
an adequate proving ground for digital signature applications.

"This is an opportunity for implementing the infrastructure to support digital
signature technology for a limited class of applications with a view toward leveraging the
lessons learned," said Robert Rosenthal, manager of the Protocol Security Group in
NIST's Computer Systems Laboratory. "What we're focused on now is understanding the
technology and demonstrating through the prototype how to support digital

The Digital Signature Standard is based on public-key cryptography techniques and uses
the NIST-developed Digital Signature Algorithm (DSA) to generate user-specific digital

For the travel manager prototype, Rosenthal said NIST will work with DOD and Energy to
build an infrastructure that will issue, revoke and archive signature certificates, which
bind users with their keys in a digital message.

But the new prototype plan raises more questions about DSS' future as a mandatory
Federal Information Processing Standard. Unlike last year's planned pilot, this PKI
prototype will not support DSA exclusively.

"It will be algorithm-independent. There is nothing in the infrastructure that
demands a particular algorithm," Rosenthal said. "The PKI is about issuing,
revoking and archiving certificates and other management activities. If a user needs to do
a disbursement of government funds, then an agency may require the use of FIPS
140-1," which is the DSS standard.

F. Lynn McNulty, president of McNulty & Associates, a McLean, Va. security
consulting firm, is a former NIST security official who helped draft the agency's original
PKI pilot project. He said that leaving the algorithm option open is another step toward
creating a dual signature system. The government now seems willing to accommodate both DSA
and the popular digital signature techniques created by RSA Data Security Inc. of Redwood
City, Calif., McNulty said.

"This reflects the reality that DSS has not taken off," he said. "It was
not picked up by anyone in the field of mass-market commercial software. A lot of agencies
looking at re-engineering are looking for a digital signature already embedded in the

Agencies are not supposed to use any other signature algorithms unless they get a
waiver from the Office of Management and Budget. To skip using DSS, agencies must make a
case that using the standard would be too costly or disruptive.

Yet the administration appears to be backing away from its DSS-only view. The SI-PMO
officials have acknowledged that a governmentwide public-key infrastructure would have to
be able to handle multiple signature technologies.

Raymond G. Kammer, NIST's associate director, recently agreed that an absolute
signature algorithm policy is needed to end the DSA-RSA feud.

"There's quite an appetite for using RSA," Kammer said at a recent NIST
meeting. "It should be on the table and resolved. We get a lot of single point
pressure, and we'd like to get it over one way or another."

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.