NIST Revises the Digital Signature Standard (DSS) and Publishes a Guideline for Elliptic Curve Domain Parameters

Today, NIST is publishing Federal Information Processing Standard (FIPS) 186-5, Digital Signature Standard (DSS), along with NIST Special Publication (SP) 800-186, Recommendations for Discrete Logarithm-based Cryptography: Elliptic Curve Domain Parameters. 

FIPS 186-5 specifies three techniques for the generation and verification of digital signatures that can be used for the protection of data:

1. Rivest-Shamir-Adleman (RSA) Algorithm
2. Elliptic Curve Digital Signature Algorithm (ECDSA)
3. Edwards Curve Digital Signature Algorithm (EdDSA)

The Digital Signature Algorithm (DSA), which was specified in prior versions of FIPS 186, is retained only for the purposes of verifying existing signatures. 

The companion document, NIST SP 800-186, specifies the set of recommended elliptic curves. In addition to the previously recommended Weierstrass curves, there are two newly specified Edwards curves included for use with the EdDSA algorithm. Edwards curves provide increased performance, side-channel resistance, and simpler implementation when compared to traditional curves. While NIST SP 800-186 includes the specifications for elliptic curves over binary fields, these curves are now deprecated, and the use of other (prime) curves is strongly recommended.

The algorithms in these standards are not expected to provide resistance to attacks from a large-scale quantum computer. Digital signature algorithms that will provide security from quantum computers will be specified in future NIST publications. For more information, see the Post-Quantum Cryptography Standardization project.