Pulse

By GCN Staff

Blog archive

NIST retires security standards

The National Institute of Standards and Technology is proposing to withdraw six Federal Information Processing Standards from its roster because of their obsolescence or lack of support from developers, according to a Jan. 16 notice in the Federal Register. The FIPS include:

FIPS 188, Standard Security Label for Information Transfer. This standard is now maintained, updated and kept current by the National Archives and Records Administration.

FIPS 191, Guideline for the Analysis of Local-Area Network Security. This standard is being withdrawn because new technologies, techniques and threats to computer networks have made the standard obsolete.

FIPS 185, Escrowed Encryption Standard. Released during the Clinton administration, this standard was based on a secret encryption algorithm called Skipjack that the National Security Agency began developing in 1985. Its goal was to hardwire an encryption standard into computers, communications networks and devices on a so-called Clipper chip that would be accessible to law enforcement agencies conducting lawful electronic surveillance. The system never caught on in the private sector and, according to the Federal Register notice, "is no longer approved to protect sensitive government information."

FIPS 190, Guideline for the Use of Advanced Authentication Technology Alternatives; FIPS 196, Entity Authentication using Public Key Cryptography; and FIPS 181, Automated Password Generator. These FIPS referenced withdrawn cryptographic standards, and newer guidance has been developed based on modern technologies.

Withdrawal means that the FIPS would no longer be part of a subscription service provided by the National Technical Information Service and federal agencies will no longer be required to comply with them. NIST said it will continue to provide relevant information on standards and guidelines by means of electronic dissemination methods.

Comments on the proposed withdrawal of the FIPS should be sent to fipswithdrawal@nist.gov by March 2, 2015.

Posted by GCN Staff on Jan 20, 2015 at 10:06 AM


Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.