81 FR 50686 - Request for Comments on Post-Quantum Cryptography Requirements and Evaluation Criteria
DEPARTMENT OF COMMERCE
National Institute of Standards and Technology Federal Register Volume 81, Issue 148 (August 2, 2016)
National Institute of Standards and Technology
Federal Register Volume 81, Issue 148 (August 2, 2016)
| Page Range | 50686-50687 | |
| FR Document | 2016-18150 |
[Federal Register Volume 81, Number 148 (Tuesday, August 2, 2016)] [Notices] [Pages 50686-50687] From the Federal Register Online [www.thefederalregister.org] [FR Doc No: 2016-18150] ----------------------------------------------------------------------- DEPARTMENT OF COMMERCE National Institute of Standards and Technology [Docket No. 160606494-6494-01] Request for Comments on Post-Quantum Cryptography Requirements and Evaluation Criteria AGENCY: National Institute of Standards and Technology (NIST), Commerce. ACTION: Notice; request for comments ----------------------------------------------------------------------- SUMMARY: The National Institute of Standards and Technology (NIST) is requesting comments on a proposed process to solicit, evaluate, and standardize one or more quantum-resistant public-key cryptographic algorithms. Current algorithms are vulnerable to attacks from large- scale quantum computers. The purpose of this notice is to solicit comments on the draft minimum acceptability requirements, submission requirements, evaluation criteria, and evaluation process of candidate algorithms from the public, the cryptographic community, academic/ research communities, manufacturers, voluntary standards organizations, and Federal, state, and local government organizations so that their needs can be considered in the process of developing new public-key cryptography standards. The draft requirements and evaluation criteria are available on the NIST Computer Security Resource Center Web site: http://www.nist.gov/pqcrypto. DATES: Comments must be received on or before September 16, 2016. ADDRESSES: Comments may be sent electronically to [email protected] with ``Comment on Post-Quantum Cryptography Requirements and Evaluation Criteria'' in the subject line. Written comments may also be submitted by mail to Information Technology Laboratory, ATTN: Post-Quantum Cryptography Comments, National Institute of Standards and Technology, 100 Bureau Drive, Mail Stop 8930, Gaithersburg, MD 20899-8930. Comments received in response to this notice will be published electronically at http://www.nist.gov/pqcrypto, so commenters should not include information they do not wish to be posted (e.g., personal or confidential business information). FOR FURTHER INFORMATION CONTACT: Dr. Lily Chen, National Institute of Standards and Technology, 100 Bureau Drive, Mail Stop 8930, Gaithersburg, MD 20899-8930, email: [email protected], by telephone (301) 975-6974. Technical inquiries regarding the proposed draft acceptability requirements, submission requirements, or the evaluation criteria should be sent electronically to [email protected]. A public email list-serve has been set up for announcements, as well as a forum to discuss the standardization effort being initiated by NIST. For directions on how to subscribe, please visit http://www.nist.gov/pqcrypto. SUPPLEMENTARY INFORMATION: In recent years, there has been a substantial amount of research on quantum computers--machines that exploit quantum mechanical phenomena to solve mathematical problems that are difficult or intractable for conventional computers. If large- scale quantum computers are ever built, they will compromise the security of many commonly used cryptographic algorithms. In particular, quantum computers would completely break many public-key cryptosystems, including those standardized in FIPS 186-4, Digital Signature Standard (http://dx.doi.org/10.6028/NIST.FIPS.186-4), SP 800-56A Revision 2, Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography (http://dx.doi.org/10.6028/NIST.SP.800-56Ar2), and SP 800-56B Revision 1, Recommendation for Pair-Wise Key- Establishment Schemes Using Integer Factorization Cryptography (http://dx.doi.org/10.6028/NIST.SP.800-56Br1). Due to this concern, many researchers have begun to investigate post-quantum cryptography (PQC) (also called quantum-resistant cryptography). The goal of this research is to develop cryptographic algorithms that would be secure against both quantum and classical computers. A significant effort will be required in order to develop, standardize, and deploy new post-quantum algorithms. In addition, this transition needs to take place well before any large-scale quantum computers are built, so that any information that is later compromised by quantum cryptanalysis is no longer sensitive when that compromise occurs. NIST has taken a number of steps in response to this potential threat. On April 2-3, 2015, NIST held a public workshop on Cybersecurity in a Post-Quantum World to solicit input on public-key cryptographic policy in the time of quantum computers. NIST also published NISTIR 8105, Report on Post-Quantum Cryptography (http://dx.doi.org/10.6028/NIST.IR.8105), in April 2016 which shares NIST's understanding of the status of quantum computing and post-quantum cryptography. As a result of study and public feedback, NIST has decided to develop additional public-key cryptographic algorithms through a public standardization process, similar to the development processes for the hash function SHA-3 and the Advanced Encryption Standard (AES). To begin the process, NIST has drafted a set of minimum acceptability requirements, submission requirements, and evaluation criteria for candidate algorithms. The draft document containing these requirements and criteria is available at the Web site: http://www.nist.gov/pqcrypto. NIST seeks comments on these draft minimum acceptability requirements, submission requirements, evaluation criteria, and the evaluation process, as well as suggestions for other criteria and for the relative importance of each individual criterion in the evaluation process. Since neither the submission requirements nor the evaluation criteria have been finalized, and may evolve over time as a result of the public comments that NIST receives, candidate algorithms should NOT be submitted at this time. Authority: In accordance with the Information Technology Management Reform Act of 1996 (Pub. L. 104-106) and the Federal Information Security Management Act of 2002 (Pub. L. 107-347), the Secretary of Commerce is authorized to approve FIPS. NIST activities to develop computer security standards to protect federal sensitive (unclassified) information systems are undertaken pursuant to specific responsibilities assigned to NIST by Section 20 of the National Institute of Standards and Technology Act (15 U.S.C. 278g- 3), as amended. [[Page 50687]] Dated: July 27, 2016. Kent Rochford, Associate Director for Laboratory Programs. [FR Doc. 2016-18150 Filed 8-1-16; 8:45 am] BILLING CODE 3510-13-P
![50686 Federal Register / Vol. 81, No. 148 / Tuesday, August 2, 2016 / Notices
Dated: July 27, 2016. Quantum Cryptography Requirements secure against both quantum and
Ronald K. Lorentzen, and Evaluation Criteria’’ in the subject classical computers. A significant effort
Acting Assistant Secretary for Enforcement line. Written comments may also be will be required in order to develop,
and Compliance. submitted by mail to Information standardize, and deploy new post-
Appendix Technology Laboratory, ATTN: Post- quantum algorithms. In addition, this
Quantum Cryptography Comments, transition needs to take place well
List of Topics Discussed in the Preliminary National Institute of Standards and before any large-scale quantum
Decision Memorandum Technology, 100 Bureau Drive, Mail computers are built, so that any
1. Summary. Stop 8930, Gaithersburg, MD 20899– information that is later compromised
2. Background. 8930. by quantum cryptanalysis is no longer
3. Partial Rescission. Comments received in response to sensitive when that compromise occurs.
4. Scope of the Order.
this notice will be published NIST has taken a number of steps in
5. Comparisons to Normal Value.
6. Product Comparisons. electronically at http://www.nist.gov/ response to this potential threat. On
7. Date of Sale. pqcrypto, so commenters should not April 2–3, 2015, NIST held a public
8. Export Price. include information they do not wish to workshop on Cybersecurity in a Post-
9. Normal Value. be posted (e.g., personal or confidential Quantum World to solicit input on
10. Currency Conversion. business information). public-key cryptographic policy in the
11. Companies Not Selected for Individual FOR FURTHER INFORMATION CONTACT: Dr. time of quantum computers. NIST also
Review.
Lily Chen, National Institute of published NISTIR 8105, Report on Post-
12. Recommendation.
Standards and Technology, 100 Bureau Quantum Cryptography (http://
[FR Doc. 2016–18333 Filed 8–1–16; 8:45 am] dx.doi.org/10.6028/NIST.IR.8105), in
Drive, Mail Stop 8930, Gaithersburg,
BILLING CODE 3510–DS–P MD 20899–8930, email: Lily.Chen@ April 2016 which shares NIST’s
nist.gov, by telephone (301) 975–6974. understanding of the status of quantum
Technical inquiries regarding the computing and post-quantum
DEPARTMENT OF COMMERCE proposed draft acceptability cryptography.
National Institute of Standards and requirements, submission requirements, As a result of study and public
Technology or the evaluation criteria should be sent feedback, NIST has decided to develop
electronically to pqc-comments@ additional public-key cryptographic
[Docket No. 160606494–6494–01] nist.gov. algorithms through a public
A public email list-serve has been set standardization process, similar to the
Request for Comments on Post- up for announcements, as well as a development processes for the hash
Quantum Cryptography Requirements forum to discuss the standardization function SHA–3 and the Advanced
and Evaluation Criteria effort being initiated by NIST. For Encryption Standard (AES). To begin
AGENCY: National Institute of Standards directions on how to subscribe, please the process, NIST has drafted a set of
and Technology (NIST), Commerce. visit http://www.nist.gov/pqcrypto. minimum acceptability requirements,
ACTION: Notice; request for comments SUPPLEMENTARY INFORMATION: In recent submission requirements, and
years, there has been a substantial evaluation criteria for candidate
SUMMARY: The National Institute of amount of research on quantum algorithms. The draft document
Standards and Technology (NIST) is computers—machines that exploit containing these requirements and
requesting comments on a proposed quantum mechanical phenomena to criteria is available at the Web site:
process to solicit, evaluate, and solve mathematical problems that are http://www.nist.gov/pqcrypto. NIST
standardize one or more quantum- difficult or intractable for conventional seeks comments on these draft
resistant public-key cryptographic computers. If large-scale quantum minimum acceptability requirements,
algorithms. Current algorithms are computers are ever built, they will submission requirements, evaluation
vulnerable to attacks from large-scale compromise the security of many criteria, and the evaluation process, as
quantum computers. The purpose of commonly used cryptographic well as suggestions for other criteria and
this notice is to solicit comments on the algorithms. In particular, quantum for the relative importance of each
draft minimum acceptability computers would completely break individual criterion in the evaluation
requirements, submission requirements, many public-key cryptosystems, process. Since neither the submission
evaluation criteria, and evaluation including those standardized in FIPS requirements nor the evaluation criteria
process of candidate algorithms from 186–4, Digital Signature Standard have been finalized, and may evolve
the public, the cryptographic (http://dx.doi.org/10.6028/ over time as a result of the public
community, academic/research NIST.FIPS.186-4), SP 800–56A Revision comments that NIST receives, candidate
communities, manufacturers, voluntary 2, Recommendation for Pair-Wise Key algorithms should NOT be submitted at
standards organizations, and Federal, Establishment Schemes Using Discrete this time.
state, and local government Logarithm Cryptography (http:// Authority: In accordance with the
organizations so that their needs can be dx.doi.org/10.6028/NIST.SP.800-56Ar2), Information Technology Management Reform
considered in the process of developing and SP 800–56B Revision 1, Act of 1996 (Pub. L. 104–106) and the
new public-key cryptography standards. Recommendation for Pair-Wise Key- Federal Information Security Management
The draft requirements and evaluation Establishment Schemes Using Integer Act of 2002 (Pub. L. 107–347), the Secretary
criteria are available on the NIST Factorization Cryptography (http:// of Commerce is authorized to approve FIPS.
mstockstill on DSK3G9T082PROD with NOTICES
Computer Security Resource Center dx.doi.org/10.6028/NIST.SP.800-56Br1). NIST activities to develop computer security
Web site: http://www.nist.gov/pqcrypto. Due to this concern, many researchers standards to protect federal sensitive
DATES: Comments must be received on
(unclassified) information systems are
have begun to investigate post-quantum undertaken pursuant to specific
or before September 16, 2016. cryptography (PQC) (also called responsibilities assigned to NIST by Section
ADDRESSES: Comments may be sent quantum-resistant cryptography). The 20 of the National Institute of Standards and
electronically to pqc-comments@ goal of this research is to develop Technology Act (15 U.S.C. 278g–3), as
nist.gov with ‘‘Comment on Post- cryptographic algorithms that would be amended.
VerDate Sep<11>2014 18:35 Aug 01, 2016 Jkt 238001 PO 00000 Frm 00005 Fmt 4703 Sfmt 4703 E:\FR\FM\02AUN1.SGM 02AUN1](https://thefederalregister.org/doc/81_FR_50834/page/1.svg)
![Federal Register / Vol. 81, No. 148 / Tuesday, August 2, 2016 / Notices 50687
Dated: July 27, 2016. should be directed to M. Jan Saunders, presentations via webinar and allow
Kent Rochford, (302) 526–5251, at least 5 days prior to public comment during identified times
Associate Director for Laboratory Programs. the meeting date. on the agenda.
[FR Doc. 2016–18150 Filed 8–1–16; 8:45 am] Authority: 16 U.S.C. 1801 et seq. FOR FURTHER INFORMATION CONTACT:
BILLING CODE 3510–13–P Peter Cooper or Margo Schulze-Haugen
Dated: July 28, 2016.
at (301) 427–8503.
Tracey L. Thompson,
SUPPLEMENTARY INFORMATION: The
DEPARTMENT OF COMMERCE Acting Director, Office of Sustainable
Fisheries, National Marine Fisheries Service.
Magnuson-Stevens Fishery
Conservation and Management Act, 16
National Oceanic and Atmospheric [FR Doc. 2016–18217 Filed 8–1–16; 8:45 am]
U.S.C. 1801 et seq., as amended by the
Administration BILLING CODE 3510–22–P
Sustainable Fisheries Act, Public Law
RIN 0648–XE769 104–297, provided for the establishment
DEPARTMENT OF COMMERCE of an AP to assist in the collection and
Mid-Atlantic Fishery Management evaluation of information relevant to the
Council (MAFMC); Public Meeting National Oceanic and Atmospheric development of any Fishery
AGENCY: National Marine Fisheries Administration Management Plan (FMP) or FMP
Service (NMFS), National Oceanic and amendment for Atlantic HMS. NMFS
RIN 0648–XE761 consults with and considers the
Atmospheric Administration (NOAA),
Commerce. comments and views of AP members
Atlantic Highly Migratory Species;
when preparing and implementing
ACTION: Notice of public meeting. Meeting of the Atlantic Highly
FMPs or FMP amendments for Atlantic
Migratory Species Advisory Panel
SUMMARY: The Mid-Atlantic Fishery tunas, swordfish, billfish, and sharks.
Management Council (Council) will AGENCY: National Marine Fisheries The AP has previously consulted with
hold a Webinar-based meeting of its Service (NMFS), National Oceanic and NMFS on: Amendment 1 to the Billfish
River Herring and Shad (RH/S) Atmospheric Administration (NOAA), FMP (April 1999); the HMS FMP (April
Committee. Commerce. 1999); Amendment 1 to the HMS FMP
ACTION: Notice of public meeting and (December 2003); the Consolidated HMS
DATES: The meeting will be held webinar/conference call. FMP (October 2006); and Amendments
Monday, August 15, 2016, from 1 p.m. 1, 2, 3, 4, 5a, 5b, 6, 7, 8, 9 and 10 to
to 4:30 p.m. SUMMARY: NMFS will hold a 2-day the 2006 Consolidated HMS FMP (April
ADDRESSES: The meeting will be held Atlantic Highly Migratory Species and October 2008, February and
via Webinar (http:// (HMS) Advisory Panel (AP) meeting in September 2009, May and September
mafmc.adobeconnect.com/rh-s-com- September 2016. The intent of the 2010, April and September 2011, March
aug15-2016/) with a telephone audio meeting is to consider options for the and September 2012, January and
connection (provided when connecting). conservation and management of September 2013, April and September
Council address: Mid-Atlantic Fishery Atlantic HMS. The meeting is open to 2014, March and September 2015,
Management Council, 800 N. State St., the public. March 2016), among other things.
Suite 201, Dover, DE 19901; telephone: DATES: The AP meeting and webinar The intent of this meeting is to
(302) 674–2331. will be held from 9 a.m. to 6 p.m. on consider alternatives for the
FOR FURTHER INFORMATION CONTACT: both Wednesday and Thursday, conservation and management of all
Christopher M. Moore, Ph.D. Executive September 7 and September 8, 2016. Atlantic tunas, swordfish, billfish, and
Director, Mid-Atlantic Fishery ADDRESSES: The meeting will be held at shark fisheries. We anticipate discussing
Management Council; telephone: (302) the Sheraton Silver Spring Hotel, 8777 the results of the 2016 dusky shark stock
526–5255. The Council’s Web site, Georgia Avenue, Silver Spring, MD assessment and the Amendment 5b
www.mafmc.org, also has details on the 20910. The meeting presentations will timeline; Draft Amendment 10 on
proposed agenda, Webinar access, and also be available via WebEx webinar/ Essential Fish Habitat, including
briefing materials. conference call. potential Habitat Areas of Particular
SUPPLEMENTARY INFORMATION: On Wednesday, September 7, 2016, Concern; implementation updates for
the conference call information is phone Final Amendment 7 on bluefin tuna
Agenda number 1–888–469–2188; Participant management; and progress updates on
In October 2016, the Council will Code: 7954019; and the webinar event various other rulemakings, including
consider whether to develop an address is: https:// archival tag requirements, blacknose
Amendment that could add several noaaevents2.webex.com/noaaevents2/ and small coastal shark management;
species of river Herrings and Shads as onstage/g.php?MTID=eec1bb3 domestic implementation of
Council-managed species. This RH/S 2466dd8905125c5db01b539623; event recommendations from the 2015
Committee meeting will review a white password: NOAA. meeting of the International
paper and draft decision document On Thursday, September 8, 2016, the Commission for the Conservation of
related to the need for Council conference call information is phone Atlantic Tunas; and potential changes to
management of blueback Herring, number 1–888–469–2188; Participant limited access vessel upgrading
Lewife, American Shad, and hickory Code: 7954019; and the webinar event requirements and Individual Bluefin
address is: https:// Quota program inseason transfer
mstockstill on DSK3G9T082PROD with NOTICES
Shad. Public comments will also be
taken. noaaevents2.webex.com/noaaevents2/ criteria. We also anticipate discussing
onstage/g.php?MTID=e9fcef19f3 recreational topics regarding data
Special Accommodations c43ce6255dfad07807a71f4; event collection and economic surveys, as
These meetings are physically password: NOAA. well as progress updates regarding the
accessible to people with disabilities. Participants are strongly encouraged exempted fishing permit request to
Requests for sign language to log/dial in 15 minutes prior to the conduct research in pelagic longline
interpretation or other auxiliary aid meeting. NMFS will show the closed areas. Finally, we also intend to
VerDate Sep<11>2014 18:35 Aug 01, 2016 Jkt 238001 PO 00000 Frm 00006 Fmt 4703 Sfmt 4703 E:\FR\FM\02AUN1.SGM 02AUN1](https://thefederalregister.org/doc/81_FR_50834/page/2.svg)
Document Created: 2016-08-02 01:47:31
Document Modified: 2016-08-02 01:47:31
| Category | Regulatory Information | |
| Collection | Federal Register | |
| sudoc Class | AE 2.7: GS 4.107: AE 2.106: | |
| Publisher | Office of the Federal Register, National Archives and Records Administration | |
| Section | Notices | |
| Action | Notice; request for comments | |
| Dates | Comments must be received on or before September 16, 2016. | |
| Contact | Dr. Lily Chen, National Institute of Standards and Technology, 100 Bureau Drive, Mail Stop 8930, Gaithersburg, MD 20899-8930, email: [email protected], by telephone (301) 975-6974. | |
| FR Citation | 81 FR 50686 |
2025 Federal Register | Disclaimer | Privacy Policy
USC | CFR | eCFR