Cryptographic Standards Process Comments Sought

Wednesday, February 26, 2014 @ 10:02 AM gHale


As part of a review of its cryptographic standards development process, the National Institute of Standards and Technology (NIST) is requesting public comment on a new draft document that describes how the agency develops those standards.

NIST Cryptographic Standards and Guidelines Development Process” (NIST IR 7977) outlines the principles, processes and procedures of NIST’s cryptographic standards efforts.

RELATED STORIES
Cyber Security Framework Released
NIST to Update Role-Based Security Training
NIST Cybersecurity Framework: What it Means
NIST Seeks Smart Grid Comments

NIST is responsible for developing standards, guidelines, tools and metrics to protect non-national security federal information systems. To ensure it provides high-quality, cost-effective security mechanisms, NIST works closely with a broad stakeholder community to select, define and promulgate its standards and guidelines.

In November 2013, NIST said it would review its cryptographic standards development process after there were concerns about the security of a cryptographic algorithm in NIST Special Publication 800-90, originally published in 2006 (an updated version, 800-90A, was published in 2007). Based on those concerns, that publication ended up re-issued in September 2013 for a new period of public review and undergoing revision to address comments received.

With the draft NIST IR 7977, NIST is seeking feedback on how it develops its documents; engages experts in industry, academia and government; and communicates with stakeholders. Public comments will post on the NIST website and used to create a revised document. NIST will then review its existing standards and guidelines to ensure they adhere to the principles laid out in NIST IR 7977. “If any issues are found,” said NIST’s Donna Dodson, who oversees the process, “they will be addressed as quickly as possible.”

Click here to email comments to crypto-review@nist.gov by April 18.



Leave a Reply

You must be logged in to post a comment.