NIST seeks comments on digital signatures draft regulation

The National Institute for Standards and Technology wants government and industry to comment by June 12 on its new draft standards for digital signatures, according to a request for comments issued today.

The draft Federal Information Processing Standard (FIPS) 186-3, Digital Signatures Standard, would replace the existing FIPS 186-2, which was first issued in 1994 and last revised in 1999.

The draft standard would improve the security of digital signatures, which rely on cryptographic keys for their algorithms.

FIPS 186-3 specifies criteria for creating keys and digital signatures at higher security levels. It would permit 1,024-, 2,048- and 3,072-bit cryptographic key sizes, compared with only 512-bit and 1,024-bit keys under FIPS 186-2.

“With advances in technology, the size of these keys must be increased to provide adequate security,” the RFC said.

The 1,024-, 2,048- and 3,072-bit digital signature key sizes offer security equal to 80-, 112- and 128-bit key sizes in the Advanced Encryption Standard.

FIPS 186-3 would be interoperable with the Public Key Cryptography Standard (PKCS) 1 that RSA Security developed and specifies criteria for creating keys for PKCS 1 digital signatures.

FIPS 186-3 includes new requirements consistent with proposed changes in two elements of FIPS 186-2: the American National Standards (ANS) X9.31, Digital Signatures Using Reversible Public Key Cryptography for the Financial Services Industry, and ANS X9.62, Elliptic Curve Digital Signature Algorithm.

The new draft standard also mandates that senders and receivers provide certain assurances when creating and verifying digital signatures.

NIST will share the methods for acquiring those assurances in an upcoming publication, Special Publication 800-89, Recommendation for Obtaining Assurances for Digital Signature Applications.