National Institute of Standards and Technology, Commerce.
Notice and request for comments.
This notice announces the Draft Federal Information Processing Standard (FIPS) 198-1, the Keyed-Hash Message Authentication Code (HMAC), for public review and comment. The draft standard, designated “Draft FIPS 198-1,” is proposed to supersede FIPS 198, the Keyed-Hash Message Authentication Code, issued March 2002. FIPS 198-1 specifies a keyed-hash message authentication code (HMAC), a mechanism for message authentication using cryptographic hash functions and shared secret keys. The proposed standard is available at http://csrc.nist.gov/publications/drafts.html.
Prior to the submission of this proposed standard to the Secretary of Commerce for review and approval, it is essential that consideration be given to the needs and views of the public, users, the information technology industry, and Federal, State, and local government organizations. The purpose of this notice is to solicit such views.
Comments must be received by September 10, 2007.
Written comments may be sent to: Chief, Computer Security Division, Information Technology Laboratory, Attention: Comments on Draft FIPS 198-1, 100 Bureau Drive—Stop 8930, National Institute of Standards and Technology, Gaithersburg, MD 20899-8930. Electronic comments may be sent to email@example.com. with a subject line of Keyed-Hash Message Authentication Code. The current FIPS 198 and its proposed replacement, Draft FIPS 198-1, are available electronically at http://csrc.nist.gov/publications/index.html.
Comments received in response to this notice will be published electronically at http://csrc.nist.gov/CryptoToolkit/tkhash.html.Start Further Info
FOR FURTHER INFORMATION CONTACT:
For general information, contact: Elaine Barker, National Institute of Standards and Technology, Stop 8930, Start Printed Page 32282Gaithersburg, MD 20899-8930, telephone: 301-975-2911 or via fax at 301-975-8670, e-mail: firstname.lastname@example.org. or Quynh Dang, telephone: 301-975-3610, e-mail: email@example.com.End Further Info End Preamble Start Supplemental Information
The changes between FIPS 198 and FIPS 198-1 are minor and are motivated by a desire to put informative information that may change in a separate, less formal publication that can be readily updated as necessary. FIPS 198 contained statements about the security provided by the HMAC algorithm and specified a truncation technique for the HMAC output. Since the security provided by the HMAC algorithm and its applications might be altered by future cryptanalysis, the security statements were not included in FIPS 198-1. The security of HMAC will be addressed in NIST Special Publications (SP) 800-57, Recommendation for Key Management, and 800-107, Recommendation for Using Approved Hash Algorithms. Draft FIPS 198-1 also does not include the truncation technique; the truncation technique of HMAC will be specified in the NIST Special Publication 800-107. Draft NIST Special Publications and NIST Special Publications are available at http://csrc.nist.gov/publications/index.html. Examples of the implementation of the HMAC algorithm can be found at http://www.nist.gov/CryptoToolkitExamples. NIST will continue to review these examples and to update them as needed.Start Signature
Dated: June 5, 2007.
James M. Turner,
Deputy Director, NIST.
[FR Doc. E7-11309 Filed 6-11-07; 8:45 am]
BILLING CODE 3510-13-P