Cloud Key Management

NIST Revises the Digital Signature Standard (DSS) and Publishes a Guideline for Elliptic Curve Domain Parameters

  • 1.  NIST Revises the Digital Signature Standard (DSS) and Publishes a Guideline for Elliptic Curve Domain Parameters

    Posted Feb 04, 2023 01:45:00 AM
    Hi All,

    NIST just published Federal Information Processing Standard (FIPS) 186-5, Digital Signature Standard (DSS), along with NIST Special Publication (SP) 800-186, Recommendations for Discrete Logarithm-based Cryptography: Elliptic Curve Domain Parameters.

    FIPS 186-5 specifies three techniques for the generation and verification of digital signatures that can be used for the protection of data:
    1. Rivest-Shamir-Adleman (RSA) Algorithm
    2. Elliptic Curve Digital Signature Algorithm (ECDSA)
    3. Edwards Curve Digital Signature Algorithm (EdDSA)

    The Digital Signature Algorithm (DSA), specified in prior versions of FIPS 186, is retained only for verifying existing signatures.

    The companion document, NIST SP 800-186, specifies the set of recommended elliptic curves. In addition to the previously recommended Weierstrass curves, two newly specified Edwards curves are included for use with the EdDSA algorithm. Edwards curves provide increased performance, side-channel resistance, and simpler implementation than traditional curves. While NIST SP 800-186 includes the specifications for elliptic curves over binary fields, these curves are now deprecated, and other (prime) curves are strongly recommended.

    The algorithms in these standards are not expected to resist attacks from a large-scale quantum computer. Digital signature algorithms that provide security from quantum computers will be specified in future NIST publications.

    ------------------------------
    Michael Roza CPA, CISA, CIA, CC, MBA, Exec MBA
    ------------------------------