Pulse

By GCN Staff

Blog archive

NIST retires security standards

The National Institute of Standards and Technology is proposing to withdraw six Federal Information Processing Standards from its roster because of their obsolescence or lack of support from developers, according to a Jan. 16 notice in the Federal Register. The FIPS include:

FIPS 188, Standard Security Label for Information Transfer. This standard is now maintained, updated and kept current by the National Archives and Records Administration.

FIPS 191, Guideline for the Analysis of Local-Area Network Security. This standard is being withdrawn because new technologies, techniques and threats to computer networks have made the standard obsolete.

FIPS 185, Escrowed Encryption Standard. Released during the Clinton administration, this standard was based on a secret encryption algorithm called Skipjack that the National Security Agency began developing in 1985. Its goal was to hardwire an encryption standard into computers, communications networks and devices on a so-called Clipper chip that would be accessible to law enforcement agencies conducting lawful electronic surveillance. The system never caught on in the private sector and, according to the Federal Register notice, "is no longer approved to protect sensitive government information."

FIPS 190, Guideline for the Use of Advanced Authentication Technology Alternatives; FIPS 196, Entity Authentication using Public Key Cryptography; and FIPS 181, Automated Password Generator. These FIPS referenced withdrawn cryptographic standards, and newer guidance has been developed based on modern technologies.

Withdrawal means that the FIPS would no longer be part of a subscription service provided by the National Technical Information Service and federal agencies will no longer be required to comply with them. NIST said it will continue to provide relevant information on standards and guidelines by means of electronic dissemination methods.

Comments on the proposed withdrawal of the FIPS should be sent to fipswithdrawal@nist.gov by March 2, 2015.

Posted by GCN Staff on Jan 20, 2015 at 10:06 AM


Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.