News Bits, IEEE Cipher E92, E92.Sep-2009

NIST Press Release, September 3, 2009, from Elaine Barker:

NIST announces the completion of Special Publication (SP) 800-56B, Recommendation for Pair-Wise Key Establishment Schemes Using Integer Factorization Cryptography. This Recommendation provides the specifications of key establishment schemes that are based on a standard developed by the Accredited Standards Committee (ASC) X9, Inc.: ANS X9.44, Key Establishment using Integer Factorization Cryptography. SP 800-56B provides asymmetric-based key agreement and key transport schemes that are based on the Rivest Shamir Adleman (RSA) algorithm.  

NIST Cryptographic Key Management Workshop Summary, September 3, 2009, from Sarah Caswell:

NIST announces that the Draft NIST Interagency Report 7609, Cryptographic Key Management Workshop Summary (June 8-9, 200), is available for public comment at The Cryptographic Key Management (CKM) workshop was initiated by the NIST Computer Security Division to identify and develop technologies that would allow organizations to leap ahead of normal development lifecycles to vastly improve the security of future sensitive and valuable computer applications. The workshop was the first step in developing a CKM framework. This summary provides the highlights of the presentations, organized by both topic and by presenter. Please provide comments by September 18, 2009 to, with "Comments on the Key Management Workshop Report" in the subject line.


NIST Draft Secure Domain Name System (DNS) Deployment Guide, August 26, 2009

NIST has drafted another revision of the document "Secure Domain Name System (DNS) Deployment Guide" (SP 800-81) . This revision addresses all the comments and feedback received for the first revision through public comments in March 2009, in addition to adding 3 more subsections described below. After addressing the public comments received in this round, it will be published as NIST SP 800-81r1. Federal agencies and private organizations as well as individuals are invited to review this draft and submit comments to NIST by sending them to before September 30, 2009. Comments will be reviewed and posted on the CSRC website. All comments will be analyzed, consolidated, and used in revising the draft Guidelines before final publication. A brief description of the 3 new subsections is given below:

What is New in this revision leading to SP 800-81r1:
   (1) Guidelines on Procedures for migrating to a new Cryptographic Algorithm for signing of the Zone (Section 11.5).
   (2) Guidelines for Procedures for migrating to NSEC3 specifications from NSEC for providing authenticated denial of existence (Section 11.6).
   (3) Deployment Guidelines for Split-Zone under different scenarios (Section 11.7).

The draft report