This site displays a prototype of a “Web 2.0” version of the daily Federal Register. It is not an official legal edition of the Federal Register, and does not replace the official print version or the official electronic version on GPO’s govinfo.gov.
The documents posted on this site are XML renditions of published Federal Register documents. Each document posted on the site includes a link to the corresponding official PDF file on govinfo.gov. This prototype edition of the daily Federal Register on FederalRegister.gov will remain an unofficial informational resource until the Administrative Committee of the Federal Register (ACFR) issues a regulation granting it official legal status. For complete information about, and access to, our official publications and services, go to About the Federal Register on NARA's archives.gov.
The OFR/GPO partnership is committed to presenting accurate and reliable regulatory information on FederalRegister.gov with the objective of establishing the XML-based Federal Register as an ACFR-sanctioned publication in the future. While every effort has been made to ensure that the material on FederalRegister.gov is accurately displayed, consistent with the official SGML-based PDF version on govinfo.gov, those relying on it for legal research should verify their results against an official edition of the Federal Register. Until the ACFR grants it official status, the XML rendition of the daily Federal Register on FederalRegister.gov does not provide legal notice to the public or judicial notice to the courts.
National Institute of Standards and Technology (NIST), Commerce.
Notice; Request for Comments.
This notice announces a draft Federal Information Processing Standard (FIPS) for the Keyed-Hash Message Authentication Code (HMAC), for public review and comment.
This draft FIPS describes a keyed-hash message authentication code (HMAC), A MECHANISM FOR MESSAGE AUTHENTICATION USING CRYPTOGRAPHIC HASH FUNCTIONS, HMAC can be used with any FIPS-approved cryptographic hash function, in combination with a shared secrete key. The cryptographic strength of HMAC depends on the properties of the underlying hash function. The HMAC specification in this draft FIPS is a generalization of HMAC as specified in Internet RFC 2104, HMAC, Keyed-Hashing for Message Authentication, and ANSI X9.71, Keyed Hash Message Authentication Code.
Prior to the submission of this proposed standard to the Secretary of Commerce for review and approval, it is essential that consideration is given to Start Printed Page 1089the needs and views of the public, users, the information technology industry, and Federal, State and local government organizations. The purpose of this notice is to solicit such views.
Comments must be received on or before April 5, 2001.
Written comments may be sent to: Chief, Computer Security Division, Information Technology Laboratory, Attention: Comments on the draft FIPS for HMAC, 100 Bureau Drive—Stop 8930 National Institute of Standards and Technology, Gaithersburg, MD 20899-8930.
Electronic comments may also be sent to: “HMAC@nist.gov”.
Comments received in response to this notice will be published electronically at http://www.nist.gov/hmac/.Start Further Info
FOR FURTHER INFORMATION CONTACT:
Elaine Barker, Computer Security Division, National Institute of Standards and Technology, Gaithersburg, MD 20899-8930, telephone (301) 975-2911, email: firstname.lastname@example.org.End Further Info End Preamble Start Supplemental Information
This draft FIPS for The Keyed-Hash Message Authentication Code (HMAC) specifies an algorithm for applications requiring message authentication. Message authentication is achieved via the construction of a message authentication code (MAC). MACs based on cryptographic hash functions are known as HMACs.
The purpose of a MAC is to authenticate both the source of a message and its integrity without the use of any additional mechanisms. HMACs have two functionally distinct parameters, message input and a secret key known only to the message originator and intended receiver(s). Additional applications of keyed hash functions include their use in challege-response identification protocols for computing responses. which are a function of both a secret key and a challenge message.
An HMAC function is used by the originator to produce a value (the MAC) that is formed by condensing the secret key and the message input. The MAC is typically sent to the message receiver along with the message. The receiver computes the MAC on the received message using the same key and HMAC function as was used by the originator, and compares the result computed with the received MAC. If the two values match, the message has been correctly received, and the receiver is assured that the message originator is a member of the community of users that share the key.
E.O. 12866: This notice has been determined to be non-significant for the purposes of E. O. 12866.Start Signature
Dated: January 2, 2001.
Karen H. Brown,
Deputy Director, NIST.
[FR Doc. 01-381 Filed 1-4-01; 8:45 am]
BILLING CODE 3510-CN-M