Announcing Draft Federal Information Processing Standard (FIPS) 202, SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions, and Draft Revision of the Applicability Clause of FIPS 180-4, Secure Hash Standard, and Request for Comments, 30549-30550 [2014-12336]
Download as PDF
<![CDATA[
Federal Register / Vol. 79, No. 102 / Wednesday, May 28, 2014 / Notices
product or service. In the case of a trade
association, the applicant must certify
that, for each company to be represented
by the trade association or trade
organization, the products and services
the represented company seeks to
export are either produced in the United
States, or, if not, marketed under the
name of a U.S. firm and have
demonstrable U.S. content. In the case
of an academic or research institution,
the applicant must certify that as part of
its activities at the event, it will
represent the interests of constituents
that meet the criteria above.
Applicants from a company,
organization or institution that is
majority owned or controlled by a
foreign government entity will not be
considered for participation in the U.S.
Industry Program.
emcdonald on DSK67QTVN1PROD with NOTICES
Selection Criteria
Selection will be based on the
following criteria:
• Suitability of the company’s (or, in
the case of another organization,
represented companies’ or constituents’)
products or services to each of the
markets the company or organization
has expressed an interest in exporting to
as part of this trade mission.
• The company’s (or, in the case of
another organization, represented
companies’ or constituents’) potential
for business in each of the markets to
which the company or organization has
expressed an interest in exporting as
part of this trade mission, including
likelihood of exports resulting from the
mission.
• Consistency of the applicant
company’s (or, in the case of another
organization, represented companies’ or
constituents’) goals and objectives with
the stated mission scope.
Diversity of company size, sector or
subsector, and location also may be
considered in the review process.
Referrals from political organizations
and any documents containing
references to partisan political activities
(including political contributions) will
be removed from an applicant’s
submission and will not be considered.
Timeframe for Recruitment and
Participation
Recruitment for participation in the
U.S. Industry Program as a
representative of the U.S. nuclear
industry will be conducted in an open
and public manner, including
publication in the Federal Register,
posting on the DOC trade mission
calendar, notices to industry trade
associations and other multiplier
groups. Recruitment will begin two
weeks after publication in the Federal
VerDate Mar<15>2010
16:58 May 27, 2014
Jkt 232001
Register and conclude no later than
June 14, 2014. The ITA will review
applications and make selection
decisions on a rolling basis.
Applications received after June 14,
2014, will be considered only if space
and scheduling permit.
Contacts
Jonathan Chesebro, Industry & Analysis,
Office of Energy and Environmental
Industries, Washington, DC, Tel: (202)
482–1297, Email: jonathan.chesebro@
trade.gov.
Marta Haustein, Embassy of the United
States of America, U.S. Commercial
Service, Vienna, Austria, Tel: +43(0) 1
313 39 2205, Email: marta.haustein@
trade.gov.
Shannon Fraser, International Business
Development, U.S. Commercial
Service—Silicon Valley, San Jose, CA,
Tel: (408) 535–2757, ext. 106, Email:
shannon.fraser@trade.gov.
Dated: May 21, 2014.
Edward A. O’Malley,
Director, Office of Energy and Environmental
Industries.
[FR Doc. 2014–12173 Filed 5–27–14; 8:45 am]
BILLING CODE 3510–DR–P
DEPARTMENT OF COMMERCE
National Institute of Standards and
Technology
Announcing Draft Federal Information
Processing Standard (FIPS) 202, SHA–
3 Standard: Permutation-Based Hash
and Extendable-Output Functions, and
Draft Revision of the Applicability
Clause of FIPS 180–4, Secure Hash
Standard, and Request for Comments
Docket No.: [130917811–3811–01]
AGENCY: National Institute of Standards
and Technology (NIST), Commerce.
ACTION: Notice; request for comments.
The National Institute of
Standards and Technology (NIST)
launched a public competition in
November 2007 to develop a new
cryptographic hash algorithm for
standardization to augment the
Government standard hash algorithms
specified in Federal Information
Processing Standard (FIPS) 180, Secure
Hash Standard. NIST announced the
selection of Keccak as the winning
algorithm in a press release issued on
October 2, 2012, which is available at
https://www.nist.gov/itl/csd/sha100212.cfm. Draft FIPS 202 specifies the
new ‘‘Secure Hash Algorithm-3’’ (SHA–
3) family of permutation-based
functions based on Keccak.
SUMMARY:
PO 00000
Frm 00011
Fmt 4703
Sfmt 4703
30549
Four fixed-length cryptographic hash
algorithms (SHA3–224, SHA3–256,
SHA3–384, and SHA3–512) and two
closely related, ‘‘extendable-output’’
functions (SHAKE128 and SHAKE256)
are specified in Draft FIPS 202; all six
algorithms are permutation-based
‘‘sponge’’ functions. The four SHA–3
hash functions provide alternatives to
the SHA–2 family of hash functions.
The extendable-output functions (XOFs)
can be specialized to hash functions,
subject to additional security
considerations, or used in a variety of
other applications. Hash algorithms are
used in many information security
applications, including (1) the
generation and verification of digital
signatures, (2) key-derivation functions,
and (3) random bit generation.
Both FIPS 180–4 and Draft FIPS 202
specify cryptographic hash algorithms.
FIPS 180–4 specifies SHA–1 and the
SHA–2 family of hash functions, and
mandates the use of one of these
functions for Federal applications that
require a cryptographic hash function.
Draft FIPS 202 specifies the new SHA–
3 family of hash and extendable-output
functions. To allow the use of the
functions specified in either FIPS 180–
4 or Draft FIPS 202 for Federal
applications that require a
cryptographic hash function, NIST
proposes revising the Applicability
Clause (#6) of the Announcement
Section of FIPS 180–4; the other
sections of FIPS 180–4 remain
unchanged. The NIST Policy on Hash
Functions, available at https://
csrc.nist.gov/groups/ST/hash/
policy.html, provides guidance on the
choice of hash functions for specific
applications.
NIST invites public comments on
Draft FIPS 202, which is available at
https://csrc.nist.gov/publications/
PubsDrafts.html, and on the proposed
revision of the Applicability Clause of
the Announcement Section of FIPS 180–
4, available at https://csrc.nist.gov/
publications/PubsFIPS.html. After the
comment period closes, NIST will
analyze the comments, make changes to
the respective documents, as
appropriate, and then propose Draft
FIPS 202 and the revised FIPS 180–4 to
the Secretary of Commerce for approval.
DATES: Comments on Draft FIPS 202 and
the revised Applicability Clause of FIPS
180–4 must be received on or before
August 26, 2014.
ADDRESSES: Comments on Draft FIPS
202 and the revised Applicability
Clause of FIPS 180–4 may be sent
electronically to SHA3comments@
nist.gov with the relevant Subject line:
‘‘Comment on Draft FIPS 202,’’ or
E:\FR\FM\28MYN1.SGM
28MYN1
emcdonald on DSK67QTVN1PROD with NOTICES
30550
Federal Register / Vol. 79, No. 102 / Wednesday, May 28, 2014 / Notices
‘‘Comment on draft revision to the
Applicability Clause of FIPS 180.’’
Comments may also be sent by mail to:
Chief, Computer Security Division,
Information Technology Laboratory,
ATTN: Comments on Draft FIPS 202 for
SHA–3, National Institute of Standards
and Technology, 100 Bureau Drive, Stop
8930, Gaithersburg, MD 20899–8930.
FOR FURTHER INFORMATION CONTACT: Ms.
Shu-jen Chang (301) 975–2940, National
Institute of Standards and Technology,
100 Bureau Drive, Mail Stop 8930,
Gaithersburg, MD 20899–8930, email:
Shu-jen.Chang@nist.gov.
SUPPLEMENTARY INFORMATION: On
November 2, 2007, NIST announced a
Request for Candidate Algorithm
Nominations for a New Cryptographic
Hash Algorithm (SHA–3) Family in the
Federal Register (72 FR 62212), which
is available at https://
federalregister.gov/a/E7-21581. The
notice requested the submission of
candidate hash algorithms for
consideration in a public competition to
select a new hash algorithm that would
augment the Government standard hash
algorithms specified in Federal
Information Processing Standard (FIPS)
180, Secure Hash Standard. The
competition was referred to as the SHA–
3 Cryptographic Hash Algorithm
Competition, or the SHA–3
Competition.
By October 31, 2008, NIST received
sixty-four entries from cryptographers
around the world. From these entries,
NIST selected fifty-one first-round
candidates in December 2008, fourteen
second-round candidates in July 2009,
and five finalists in December 2010.
NIST summarized its decision in a
report at the end of each round; NISTIR
7620 for the first round and NISTIR
7764 for the second round are available
at https://csrc.nist.gov/publications/
PubsNISTIRs.html.
Eighteen months were provided for
the public review of the SHA–3
finalists. The worldwide cryptographic
community provided an enormous
amount of analysis and public feedback
on the candidates throughout the
competition. NIST also hosted a SHA–
3 candidate conference during each
round of the competition to obtain
public feedback. After much careful
study and consideration of the finalists
and public comments, NIST announced
the selection of Keccak as the winner of
the SHA–3 Cryptographic Hash
Algorithm Competition in a press
release on October 2, 2012. Keccak is a
family of permutation-based sponge
functions that cryptographic hash
functions and other applications can be
built from. The press release is available
VerDate Mar<15>2010
19:27 May 27, 2014
Jkt 232001
at https://www.nist.gov/itl/csd/sha100212.cfm, and a report explaining this
selection (NISTIR 7896) is available at
https://dx.doi.org/10.6028/NIST.IR.7896.
Request for Comments
NIST publishes this notice to solicit
public comments on Draft FIPS 202.
Draft FIPS 202 specifies the new SHA–
3 family of permutation-based hash and
extendable-output functions based on
Keccak. This algorithm is the core of the
proposed SHA–3 Standard, but the
standard does not standardize nor
approve every variant that the Keccak
family of functions can support.
NIST strongly encourages the public
to continue analyzing the security of the
Keccak family of permutation-based
sponge functions in general, and the six
algorithms specified in Draft FIPS 202
in particular, and to submit those
analyses as official comments in
response to this request. NIST invites
public comments on Draft FIPS 202,
which is available at https://
csrc.nist.gov/publications/
PubsDrafts.html. Such analyses and
other comments received will be
considered by NIST in preparing the
final version of FIPS 202.
NIST also invites public comments on
the revised Applicability Clause in the
Announcement Section of FIPS 180–4;
the revision would permit compliance
with FIPS 202 in lieu of FIPS 180–4 for
Federal applications when a
cryptographic hash function is called
for. Public comments received in
response to this request will be posted
regularly at https://csrc.nist.gov/groups/
ST/hash/sha-3/sha-3_
standardization.html. NIST reminds all
interested parties that the SHA–3
development effort was conducted as an
open standards-setting activity. NIST
requests that all interested parties
inform NIST of any patents or
inventions that may be required for the
use of Draft FIPS 202 algorithms. This
includes comments from all parties
regarding specific claims that the use of
Draft FIPS 202 algorithms infringes on
their patent(s). Claims regarding the
infringement of copyrighted software
are also solicited. NIST views this input
as a critical factor in the eventual
widespread adoption and
implementation of Draft FIPS 202. All
comments received by the deadline will
be made publicly available at https://
csrc.nist.gov/groups/ST/hash/sha-3/
sha-3_standardization.html without
change or redaction. Therefore,
comments should not include
proprietary or confidential information.
To encourage on-going discussions
related to the SHA–3 standardization
effort, NIST will continue to maintain
PO 00000
Frm 00012
Fmt 4703
Sfmt 4703
its SHA–3 electronic discussion forum
at hash-forum@nist.gov. Please note that
comments sent to this list will NOT be
considered ‘‘official’’ comments; to be
considered ‘‘official,’’ a comment must
be submitted as described above in the
ADDRESSES section of this Notice.
Authority: In accordance with the
Information Technology Management Reform
Act of 1996 (Pub. L. 104–106) and the
Federal Information Security Management
Act of 2002 (FISMA) (Pub. L. 107–347), the
Secretary of Commerce is authorized to
approve FIPS. NIST activities to develop
computer security standards to protect
federal sensitive (unclassified) information
systems are undertaken pursuant to specific
responsibilities assigned to NIST by Section
20 of the National Institute of Standards and
Technology Act (15 U.S.C. 278g–3), as
amended.
E.O. 12866: This notice has been
determined not to be significant for the
purposes of E.O. 12866.
Dated: May 21, 2014.
Willie E. May,
Associate Director for Laboratory Programs.
[FR Doc. 2014–12336 Filed 5–27–14; 8:45 am]
BILLING CODE 3510–13–P
DEPARTMENT OF COMMERCE
National Institute of Standards and
Technology
Board of Overseers of the Malcolm
Baldrige National Quality Award and
Judges Panel of the Malcolm Baldrige
National Quality Award
National Institute of Standards
and Technology, Department of
Commerce.
ACTION: Notice of open meeting.
AGENCY:
The Board of Overseers of the
Malcolm Baldrige National Quality
Award (Board of Overseers) and the
Judges Panel of the Malcolm Baldrige
National Quality Award (Judges Panel)
will meet together in open session on
Thursday, June 12, 2014, from 8:30 a.m.
to 3:00 p.m. Eastern time. The Board of
Overseers, appointed by the Secretary of
Commerce, reports the results of the
Malcolm Baldrige National Quality
Award (Award) activities to the Director
of The National Institute of Standards
and Technology (NIST) each year, along
with its recommendations for the
improvement of the Award process. The
Judges Panel, also appointed by the
Secretary of Commerce, ensures the
integrity of the Award selection process
and recommends Award recipients to
the Secretary of Commerce. The purpose
of this meeting is to discuss and review
information received from the National
SUMMARY:
E:\FR\FM\28MYN1.SGM
28MYN1
]]>Agencies
[Federal Register Volume 79, Number 102 (Wednesday, May 28, 2014)]
[Notices]
[Pages 30549-30550]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: 2014-12336]
-----------------------------------------------------------------------
DEPARTMENT OF COMMERCE
National Institute of Standards and Technology
Announcing Draft Federal Information Processing Standard (FIPS)
202, SHA-3 Standard: Permutation-Based Hash and Extendable-Output
Functions, and Draft Revision of the Applicability Clause of FIPS 180-
4, Secure Hash Standard, and Request for Comments
Docket No.: [130917811-3811-01]
AGENCY: National Institute of Standards and Technology (NIST),
Commerce.
ACTION: Notice; request for comments.
-----------------------------------------------------------------------
SUMMARY: The National Institute of Standards and Technology (NIST)
launched a public competition in November 2007 to develop a new
cryptographic hash algorithm for standardization to augment the
Government standard hash algorithms specified in Federal Information
Processing Standard (FIPS) 180, Secure Hash Standard. NIST announced
the selection of Keccak as the winning algorithm in a press release
issued on October 2, 2012, which is available at https://www.nist.gov/itl/csd/sha-100212.cfm. Draft FIPS 202 specifies the new ``Secure Hash
Algorithm-3'' (SHA-3) family of permutation-based functions based on
Keccak.
Four fixed-length cryptographic hash algorithms (SHA3-224, SHA3-
256, SHA3-384, and SHA3-512) and two closely related, ``extendable-
output'' functions (SHAKE128 and SHAKE256) are specified in Draft FIPS
202; all six algorithms are permutation-based ``sponge'' functions. The
four SHA-3 hash functions provide alternatives to the SHA-2 family of
hash functions. The extendable-output functions (XOFs) can be
specialized to hash functions, subject to additional security
considerations, or used in a variety of other applications. Hash
algorithms are used in many information security applications,
including (1) the generation and verification of digital signatures,
(2) key-derivation functions, and (3) random bit generation.
Both FIPS 180-4 and Draft FIPS 202 specify cryptographic hash
algorithms. FIPS 180-4 specifies SHA-1 and the SHA-2 family of hash
functions, and mandates the use of one of these functions for Federal
applications that require a cryptographic hash function. Draft FIPS 202
specifies the new SHA-3 family of hash and extendable-output functions.
To allow the use of the functions specified in either FIPS 180-4 or
Draft FIPS 202 for Federal applications that require a cryptographic
hash function, NIST proposes revising the Applicability Clause
(6) of the Announcement Section of FIPS 180-4; the other
sections of FIPS 180-4 remain unchanged. The NIST Policy on Hash
Functions, available at https://csrc.nist.gov/groups/ST/hash/policy.html, provides guidance on the choice of hash functions for
specific applications.
NIST invites public comments on Draft FIPS 202, which is available
at https://csrc.nist.gov/publications/PubsDrafts.html, and on the
proposed revision of the Applicability Clause of the Announcement
Section of FIPS 180-4, available at https://csrc.nist.gov/publications/PubsFIPS.html. After the comment period closes, NIST will analyze the
comments, make changes to the respective documents, as appropriate, and
then propose Draft FIPS 202 and the revised FIPS 180-4 to the Secretary
of Commerce for approval.
DATES: Comments on Draft FIPS 202 and the revised Applicability Clause
of FIPS 180-4 must be received on or before August 26, 2014.
ADDRESSES: Comments on Draft FIPS 202 and the revised Applicability
Clause of FIPS 180-4 may be sent electronically to
SHA3comments@nist.gov with the relevant Subject line: ``Comment on
Draft FIPS 202,'' or
[[Page 30550]]
``Comment on draft revision to the Applicability Clause of FIPS 180.''
Comments may also be sent by mail to: Chief, Computer Security
Division, Information Technology Laboratory, ATTN: Comments on Draft
FIPS 202 for SHA-3, National Institute of Standards and Technology, 100
Bureau Drive, Stop 8930, Gaithersburg, MD 20899-8930.
FOR FURTHER INFORMATION CONTACT: Ms. Shu-jen Chang (301) 975-2940,
National Institute of Standards and Technology, 100 Bureau Drive, Mail
Stop 8930, Gaithersburg, MD 20899-8930, email: Shu-jen.Chang@nist.gov.
SUPPLEMENTARY INFORMATION: On November 2, 2007, NIST announced a
Request for Candidate Algorithm Nominations for a New Cryptographic
Hash Algorithm (SHA-3) Family in the Federal Register (72 FR 62212),
which is available at https://federalregister.gov/a/E7-21581. The
notice requested the submission of candidate hash algorithms for
consideration in a public competition to select a new hash algorithm
that would augment the Government standard hash algorithms specified in
Federal Information Processing Standard (FIPS) 180, Secure Hash
Standard. The competition was referred to as the SHA-3 Cryptographic
Hash Algorithm Competition, or the SHA-3 Competition.
By October 31, 2008, NIST received sixty-four entries from
cryptographers around the world. From these entries, NIST selected
fifty-one first-round candidates in December 2008, fourteen second-
round candidates in July 2009, and five finalists in December 2010.
NIST summarized its decision in a report at the end of each round;
NISTIR 7620 for the first round and NISTIR 7764 for the second round
are available at https://csrc.nist.gov/publications/PubsNISTIRs.html.
Eighteen months were provided for the public review of the SHA-3
finalists. The worldwide cryptographic community provided an enormous
amount of analysis and public feedback on the candidates throughout the
competition. NIST also hosted a SHA-3 candidate conference during each
round of the competition to obtain public feedback. After much careful
study and consideration of the finalists and public comments, NIST
announced the selection of Keccak as the winner of the SHA-3
Cryptographic Hash Algorithm Competition in a press release on October
2, 2012. Keccak is a family of permutation-based sponge functions that
cryptographic hash functions and other applications can be built from.
The press release is available at https://www.nist.gov/itl/csd/sha-100212.cfm, and a report explaining this selection (NISTIR 7896) is
available at https://dx.doi.org/10.6028/NIST.IR.7896.
Request for Comments
NIST publishes this notice to solicit public comments on Draft FIPS
202. Draft FIPS 202 specifies the new SHA-3 family of permutation-based
hash and extendable-output functions based on Keccak. This algorithm is
the core of the proposed SHA-3 Standard, but the standard does not
standardize nor approve every variant that the Keccak family of
functions can support.
NIST strongly encourages the public to continue analyzing the
security of the Keccak family of permutation-based sponge functions in
general, and the six algorithms specified in Draft FIPS 202 in
particular, and to submit those analyses as official comments in
response to this request. NIST invites public comments on Draft FIPS
202, which is available at https://csrc.nist.gov/publications/PubsDrafts.html. Such analyses and other comments received will be
considered by NIST in preparing the final version of FIPS 202.
NIST also invites public comments on the revised Applicability
Clause in the Announcement Section of FIPS 180-4; the revision would
permit compliance with FIPS 202 in lieu of FIPS 180-4 for Federal
applications when a cryptographic hash function is called for. Public
comments received in response to this request will be posted regularly
at https://csrc.nist.gov/groups/ST/hash/sha-3/sha-3_standardization.html. NIST reminds all interested parties that the SHA-
3 development effort was conducted as an open standards-setting
activity. NIST requests that all interested parties inform NIST of any
patents or inventions that may be required for the use of Draft FIPS
202 algorithms. This includes comments from all parties regarding
specific claims that the use of Draft FIPS 202 algorithms infringes on
their patent(s). Claims regarding the infringement of copyrighted
software are also solicited. NIST views this input as a critical factor
in the eventual widespread adoption and implementation of Draft FIPS
202. All comments received by the deadline will be made publicly
available at https://csrc.nist.gov/groups/ST/hash/sha-3/sha-3_standardization.html without change or redaction. Therefore, comments
should not include proprietary or confidential information.
To encourage on-going discussions related to the SHA-3
standardization effort, NIST will continue to maintain its SHA-3
electronic discussion forum at hash-forum@nist.gov. Please note that
comments sent to this list will NOT be considered ``official''
comments; to be considered ``official,'' a comment must be submitted as
described above in the ADDRESSES section of this Notice.
Authority: In accordance with the Information Technology
Management Reform Act of 1996 (Pub. L. 104-106) and the Federal
Information Security Management Act of 2002 (FISMA) (Pub. L. 107-
347), the Secretary of Commerce is authorized to approve FIPS. NIST
activities to develop computer security standards to protect federal
sensitive (unclassified) information systems are undertaken pursuant
to specific responsibilities assigned to NIST by Section 20 of the
National Institute of Standards and Technology Act (15 U.S.C. 278g-
3), as amended.
E.O. 12866: This notice has been determined not to be significant
for the purposes of E.O. 12866.
Dated: May 21, 2014.
Willie E. May,
Associate Director for Laboratory Programs.
[FR Doc. 2014-12336 Filed 5-27-14; 8:45 am]
BILLING CODE 3510-13-P
