ANSI - American National Standards Institute
 Print this article  Previous Next 

Digital Signature Standard to Safeguard Sensitive Government Information

New York, Apr 04, 2006

Used to validate the origin and integrity of e-mails, electronic funds transfer, software distribution and other electronic applications, digital signatures make use of algorithms and keys to protect messages, and to verify the source and integrity of information.

The National Institute of Standards and Technology (NIST) is soliciting comments from the public and private sectors on proposed changes to a standard used widely by federal agencies and private sector organizations to protect and verify the integrity of electronic data. The revision, Federal Information Processing Standard (FIPS) 186-3 - Digital Signature Standard would replace the current FIPS 186-2, and specifies methods that would enable a higher degree of data protection.

The number of key sizes specified by an algorithm is directly related to the level of security: the greater the number of key sizes, the higher the degree of protection.

Currently, FIPS 186-2 specifies the use of three algorithms to generate digital signatures: the Digital Signature Algorithm (DSA), the Elliptic Curve Digital Signature Algorithm, and the RSA Algorithm (named after its creators, Ron Rivest, Adi Shamir and Len Adleman). A proposed change would also allow federal agencies to use the Public Key Cryptography Standard (PKSC) 1 to generate RSA digital signatures.

The digital signature standard has been updated twice since its original publication in 1994 to incorporate enhanced security measures. Along with several new additions, the draft carries forward from FIPS 186-2 a number of requirements, including those contained within two American National Standards: ANSI/X9.31-1998, Digital Signatures Using Reversible Public Key Cryptography for the Financial Services Industry, and ANSI/X9.62-2005, Public Key Cryptography for the Financial Services Industry, The Elliptic Curve Digital Signature Algorithm.

FIPS 186-3 is intended for use by federal agencies to safeguard sensitive, unclassified information, but may also be adopted for use by non-governmental organizations.

A draft of an accompanying document to FIPS 186-3, NIST Special Publication (SP) 800-89, Recommendation for Obtaining Assurances for Digital Signature Applications is also available for public comment. This document defines requirements for obtaining the assurances necessary for valid digital signatures.

The comment periods for SP 800-89 and FIPS 186-3 close on April 28, 2006, and June 12, 2006, respectively. Comments should be submitted to Elaine Barker, NIST Computer Security Division, at

ANSI Membership