A comprehensive toolkit of cryptographic standards and associated guideline that covers a wide range of cryptographic technology is currently under development by the Computer Security Division at NIST. These standards and guidelines will enable U.S. Government agencies to select cryptographic security components and functionality for protecting their data communications and operations. This bulletin provides a status report on the development of these standards and guidelines and advises Federal agencies on their use. Advice provided in this bulletin includes 1) a warning that the use of single DES (as specified in FIPS 46-3) will no longer be approved when FIPS 46-3 comes up for review in 2004, 2) a recommendation that three distinct keys should be used when Triple DES is used for encryption (Triple DES was adopted in FIPS 46-3 and specified in ANSI X9.52), 3) a statement that all three AES key sizes are considered adequate for Federal Government applications (AES is specified in FIPS 197), and 4) a comparison of the use of AES and Triple DES. Web links to the current standards and guidelines and to documents under development are also provided.
Citation: ITL Bulletin -
NIST Pub Series: ITL Bulletin
Pub Type: NIST Pubs
cryptography, digital signatures, encryption, entity authentication, hash functions, key management, message authentication codes