NIST Releases Updates to Digital Signature Standard
From NIST Tech Beat: July 23, 2013
The National Institute of Standards and Technology (NIST) has released a revision to the digital standard used to ensure the integrity of electronic documents, as well as the identity of the signer.
The new document, Federal Information Processing Standard (FIPS) 186-4, concerns what is commonly known as the digital signature standard. First published in 1994 and revised several times since then, the standard provides a means of guaranteeing authenticity in the digital world. It uses complex math operations to encrypt and unscramble “signatures” that are all but impossible to forge. Updates to the standard are still necessary as technology changes.
According to NIST computer scientist Elaine Barker, FIPS 186-4 contains no major revisions, but rather focuses on keeping the standard consistent with other NIST cryptographic guidelines. Other than clarifying a number of terms and correcting typographical errors, most of the changes aim to align the standard with other publications, such as NIST Special Publication 131A, so that all NIST documents offer consistent guidance regarding the use of random number generators.
Another change concerns the use of prime number generators, which requires random initial values for searching for prime numbers. FIPS 186-3 specifically allowed saving these “seeds” only for use as evidence that the generated values were determined in an arbitrary manner; FIPS 186-4 permits saving them for additional purposes, such as the regeneration of the values.
FIPS 186-4 is available at http://csrc.nist.gov/publications/PubsFIPS.html