On January 2, 1997, NIST published the following announcement in the Federal Register:
A process to develop a Federal Information Processing Standard (FIPS) for Advanced Encryption Standard (AES) incorporating an Advanced Encryption Algorithm (AEA) is being initiated by the National Institute of Standards and Technology (NIST). As the first step in this process, draft minimum acceptability requirements and draft criteria to evaluate candidate algorithms are being published for comment. Also announced for comment are draft submission requirements. An open, public workshop on the draft minimum acceptability requirements, evaluation criteria and submission requirements has also been scheduled. It is intended that the AES will specify an unclassified, publicly disclosed encryption algorithm capable of protecting sensitive government information well into the next century.A workshop on this subject is to be held at NIST on April 15. The Federal Register announcment can be found at URL: http://csrc.ncsl.nist.gov/encryption/newcrypt.txt and the workshop announcement is at URL: http://csrc.ncsl.nist.gov/encryption/workshop.html
Last fall, a Technical Advisory Committee to Develop a Federal Information Processing Standard for the Federal Key Management Infrastructure was formed. Dr. Stephen Kent of BBN was appointed to chair the committee.
The Committee's assignment, as discussed in the charter, is to make technical recommendations regarding the development of a draft FIPS for Cryptographic Escrow Systems which could be incorporated into a Federal Key Management Infrastructure. The Committee will focus on the data recovery services of the Federal Key Management Infrastructure for both stored and communicated information. Its initial work assignments are as follows:
The committee's meetings are open to the public. Following its first meeting in Dallas December 5-6, 1996, its will meet in San Francisco on February 19-20. The agenda and minutes of the first meeting, as well as further details on the second meeting, are available at http://csrc.nist.gov/tacdfipsfkmi/.
The Computer System Security and Privacy Advisory Board, at its December 10, 1996 meeting, passed the following resolution:
As part of its work plan for 1997, the Board has decided to examine the effects of new information technology and government information practices on privacy. The fundamental legal protections for information privacy were established in the Privacy Act of 1974. In the 22 intervening years since passage of the Act, computer and communications technology have gone through enormous change. Congress has legislated more demands on agencies to establish data bases of personal information. Budgetary restrictions are changing federal record-keeping practices. Consistent with its statutory obligation to identify latent issues, the Board wishes to hear from the public in order to become more fully informed and to make better recommendations.Hearings and reports will presumably follow in due course. The CSSPAB is next scheduled to meet March 24-25 at NIST.