New digital signature standard draft open for comment
- By William Jackson
- Nov 13, 2008
A new version of the federal standard for digital signatures would add the RSA algorithm to the list of approved algorithms, increase the key sizes allowed for the original Digital Signature Algorithm and adds requirements for using an approved elliptic curve algorithm.
The changes are included in the most recent draft of Federal Information Processing Standard 186-3
, Digital Signature Standard, which has been released for comment by the National Institute of Standards and Technology.
This is the second draft of FIPS 186-3, which will replace the current standard, FIPS 186-2
. The first draft was released for public comment in 2006, and NIST has incorporated suggestions and corrections made in those comments in the current release. Comments are due by Dec. 12.
Digital signatures use public key cryptography to create a type of signature that is tied mathematically to the message being signed. It can be used in electronic documents much the way a written signature is used on a paper document.
'Digital signatures are used to detect unauthorized modifications to data and to authenticate the identity of the signatory,' the standard says. 'In addition, the recipient of signed data can use a digital signature in proving to a third party that the signature was, in fact, generated by the claimed signatory. This is known as non-repudiation, since the signatory cannot repudiate the signature at a later time.'
Government cryptographic tools must comply with Federal Information Procession Standards, and FIPS 186 defines methods for digital signature generation that can be used for the protection of electronic binary data and for the verification and validation of those signatures. This standard originally was published in 1994 and specified DSA as the only approved algorithm. Later revisions added versions of Elliptic Curve DSA (ECDSA). The Rivest-Shamir-Adelman (RSA) algorithm would be included in the third version.
The standard originally specified DSA key sizes of 512 to 1024 bits. 'With advances in technology, it is prudent to consider larger key sizes,' NIST said. 'Draft FIPS 186-3 allows the use of 1024, 2048 and 3072-bit keys.'
But the government plans to move away from key size as a way to ensure the security and reliability of its digital signature and does not specify correspondingly large keys for RSA.
'The length of the larger keys has a huge impact on communications and storage requirements,' NIST said in announcing the new draft release. 'The strategy of the U.S. government is to transition to elliptic curve algorithms in order to reduce the key sizes.'
FIPS 186-3 does not include specifications for random number generators, referring instead to NIST Special Publication 800-90 for obtaining random numbers. Methods for random number generation now specified in FIPS 186-2 will be phased out when the new version of the standard is approved, and the only approved methods will be those in SP 800-90.
This is part of a trend of moving technical specifications out of standards documents and referring instead to the NIST special publication series, which can be more quickly updated as technology changes. Methods for obtaining assurances for the validity of digital signatures are provided in NIST SP 800-89, 'Recommendation for Obtaining Assurances for Digital Signature Applications.'
Commend on FIPS 186-3 can be e-mailed to email@example.com or sent to Chief, Computer Security Division, Information Technology Laboratory, attention: Comments on Draft FIPS 186-3, 100 Bureau Drive ' stop 8930, NIST, Gaithersburg, MD 20899-8930. For further information in the publication, e-mail Elaine Barker at firstname.lastname@example.org.
William Jackson is a Maryland-based freelance writer.