Pulse

By GCN Staff

Blog archive

NIST retires security standards

The National Institute of Standards and Technology is proposing to withdraw six Federal Information Processing Standards from its roster because of their obsolescence or lack of support from developers, according to a Jan. 16 notice in the Federal Register. The FIPS include:

FIPS 188, Standard Security Label for Information Transfer. This standard is now maintained, updated and kept current by the National Archives and Records Administration.

FIPS 191, Guideline for the Analysis of Local-Area Network Security. This standard is being withdrawn because new technologies, techniques and threats to computer networks have made the standard obsolete.

FIPS 185, Escrowed Encryption Standard. Released during the Clinton administration, this standard was based on a secret encryption algorithm called Skipjack that the National Security Agency began developing in 1985. Its goal was to hardwire an encryption standard into computers, communications networks and devices on a so-called Clipper chip that would be accessible to law enforcement agencies conducting lawful electronic surveillance. The system never caught on in the private sector and, according to the Federal Register notice, "is no longer approved to protect sensitive government information."

FIPS 190, Guideline for the Use of Advanced Authentication Technology Alternatives; FIPS 196, Entity Authentication using Public Key Cryptography; and FIPS 181, Automated Password Generator. These FIPS referenced withdrawn cryptographic standards, and newer guidance has been developed based on modern technologies.

Withdrawal means that the FIPS would no longer be part of a subscription service provided by the National Technical Information Service and federal agencies will no longer be required to comply with them. NIST said it will continue to provide relevant information on standards and guidelines by means of electronic dissemination methods.

Comments on the proposed withdrawal of the FIPS should be sent to [email protected] by March 2, 2015.

Posted by GCN Staff on Jan 20, 2015 at 10:06 AM


Featured

  • Defense
    Soldiers from the Old Guard test the second iteration of the Integrated Visual Augmentation System (IVAS) capability set during an exercise at Fort Belvoir, VA in Fall 2019. Photo by Courtney Bacon

    IVAS and the future of defense acquisition

    The Army’s Integrated Visual Augmentation System has been in the works for years, but the potentially multibillion deal could mark a paradigm shift in how the Defense Department buys and leverages technology.

  • Cybersecurity
    Deputy Secretary of Homeland Security Alejandro Mayorkas  (U.S. Coast Guard photo by Petty Officer 3rd Class Lora Ratliff)

    Mayorkas announces cyber 'sprints' on ransomware, ICS, workforce

    The Homeland Security secretary announced a series of focused efforts to address issues around ransomware, critical infrastructure and the agency's workforce that will all be launched in the coming weeks.

Stay Connected