|
1.
|
Clear description of the referenced document:
|
|
|
|
Name:
|
NIST SP 800-38A
|
|
Title:
|
Recommendation for Block Cipher Modes of Operation - Methods and Techniques, Morris Dworkin, NIST, December 2001
|
|
|
2.
|
Status of approval:
|
|
|
Approved
|
|
3.
|
Justification for the specific reference:
|
|
|
AES 128 cipher used in Counter mode is specified in NIST SP 800-38A (*). This method is used in G.9804.2 as a default cipher method.
|
|
4.
|
Current information, if any, about IPR issues:
|
|
|
Some information may be available in the NIST Patents Database that can be accessed through http://patapsco.nist.gov/ts/220/sharedpatent/index.cfm
|
|
5.
|
Other useful information describing the "Quality" of the document:
|
|
|
This NIST document has been produced by Computer Security Division's (CSD) Security Technology Group of NIST has a subgroup that deals specifically with Cryptographic Technology Standards and Guidance (CTSG). CTSG is involved in the development, maintenance, and promotion of a number of standards and guidance that cover a wide range of cryptographic technology.
NIST held a public workshop in the fall of 2000, and a second public workshop in the summer of 2001 that both provided input into this particular document.
Currently, there are five confidentiality modes of operation that can be used with NIST's current encryption algorithms. NIST is considering developing a variety of symmetric key block cipher modes of operation for use with any current and future approved block cipher algorithms.
NIST has long term technical experience in dealing with cryptographic matters. The document has been publicly and internally reviewed before publication.
|
|
6.
|
The degree of stability or maturity of the document:
|
|
|
SP 800-38A 2001 ED was published December 2001. Current standards status of this document can be found at http://www.csrc.nist.gov/publications/nistpubs/
|
|
7.
|
Relationship with other existing or emerging documents:
|
|
|
NIST is actively involved in standardization of cryptographic techniques. The crypto tools are of wide general applicability (see e.g. DES, AES, modes of operation and guidelines). NIST continues its research and standardization in the area of modes of operation. Special Publication 800-38B will specify an authentication mode and draft Special Publication 800-38C will specify the CCM mode of the AES algorithm. NIST also expects to publish a new edition of SP 800-38A in which the domain of the CBC mode is extended (to include plaintexts whose bit lengths are not a multiple of the block size); all of the technical material that is specified in the 2001 edition is expected to remain valid. NIST continues to accept modes proposals.
|
|
8.
|
Any explicit references within that referenced document should also be listed:
|
|
|
[1] American National Standard for Financial Services X9.52-1998, “Triple Data Encryption Algorithm Modes of Operation.” American Bankers Association, Washington, D.C., July 29, 1998./
[2] FIPS Publication 197, “Advanced Encryption Standard (AES).” U.S. DoC/NIST, November 26, 2001./
[3] FIPS Publication 46-3, “Data Encryption Standard (DES).” U.S. DoC/NIST, October 25, 1999./
[4] FIPS Publication 81, “DES Modes of Operation.” U.S. DoC/NIST, December 1980./
[5] A. Menezes, P. van Oorschot, and S. Vanstone, “Handbook of Applied Cryptography.” CRC Press, New York, 1997.
|
|
9.
|
Qualification of
NIST:
|
|
|
Qualification of NIST: NIST is recognized under the provisions of ITU-T Recommendation A.5. Qualifying information is on file in TSB.
|
|
10.
|
Other (for any supplementary information):
|
|
|
SP 800-38A 2001 ED is freely available at
http://www.csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf.
|
