Items from security-related news (E82.Jan-2008)

November 27, 2007
NIST Press release, Morris Dworkin reporting.

FYI, yesterday NIST announced the approval of Special Publication 800-38D, which specifies Galois/Counter Mode (GCM), an AES mode of operation for authenticated encryption with associated data. GCM was submitted to NIST by David McGrew and John Viega. The URL for the document is

January 2, 2008
NIST Press release,
Elaine Barker reporting.


NIST requests comments on revised text for FIPS 186-3 related to the generation of RSA key pairs. The text is available at Please provide comments by February 1, 2008 to Elaine Barker National Institute of Standards and Technology
100 Bureau Drive, Stop 8930
Gaithersburg, MD 20899-8930

January 12, 2008
Gene Spafford reporting.

I learned this week that the information security world lost another of our lights in 2007: Bob Baldwin. This may have been more generally known, but a few people I contacted were also surprised and saddened by the news. His contributions to the field were wide-ranging. In addition to his published research results he also built tools that a generation of students and researchers found to be of great value. These included the Kuang tool for vulnerability analysis, which we included in the first edition of COPS, and the Crypt-Breaker's Workbench (CBW), which is still in use. See for a photo and more information.