[fc-discuss] Financial Cryptography Update: NIST opens new DSA format for comments
iang@iang.org
iang@iang.org
Tue, 14 Mar 2006 18:02:21 +0000 (GMT)
( Financial Cryptography Update: NIST opens new DSA format for comments )
March 14, 2006
------------------------------------------------------------------------
https://www.financialcryptography.com/mt/archives/000676.html
------------------------------------------------------------------------
http://csrc.nist.gov/publications/drafts.html
In what looks like a surprise announcement, NIST has published a
request-for-comments on a new Digital Signature Algorithm that expands
the hash size to the newer SHA-2 family.
====================
March 13, 2006: Draft Federal Information Processing Standard (FIPS)
186-3 - Digital Signature Standard (DSS)
Adobe PDF (474 KB)
Draft FIPS 186-3 is the proposed revision of FIPS 186-2. The draft
defines methods for digital signature generation that can be used for
the protection of messages, and for the verification and validation of
those digital signatures. Three techniques are allowed: DSA, RSA and
ECDSA. This draft includes requirements for obtaining the assurances
necessary for valid digital signatures. Methods for obtaining these
assurances are provided in Draft NIST Special Publication 800-89,
Recommendation for Obtaining Assurances for Digital Signature
Applications. (see write-up for draft SP 800-89 below)
=====================
David Shaw notes the larger sizes:
=====================
In the OpenPGP context, probably the most interesting bit is that the
160-bit hash limit has been removed. The sizes supported are:
* 1024-bit key, 160-bit hash (the current DSA)
* 2048-bit key, 224-bit hash (presumably aimed at SHA-224)
* 2048-bit key, 256-bit hash (presumably aimed at SHA-256)
* 3072-bit key, 256-bit hash (presumably aimed at SHA-256)
It also adds the concept of using a larger hash than will fit by
taking the leftmost bits.
=====================
More later ...
--
Powered by Movable Type
Version 2.64
http://www.movabletype.org/