Try the new CSRC.nist.gov and let us know what you think!
(Note: Beta site content may not be complete.)
Date | Received From | Response |
July 7, 2014 | NSA | The suggested changes were accepted. |
July 18, 2014 | European Telecommunications Standards Institute - Technical Committee "Security Algorithms Group of Experts" (TC SAGE) | No change to the Standard was requested. |
July 22, 2014 | Thales e-Security | The editorial comments were accepted, with a modification to the suggested resolution in one case. Although the stated rationale for the general comment is reasonable, it is preferable to omit the hyphens, as originally specified, in order to help distinguish the different roles of the parameters. In particular, the numerical suffixes in “SHAKE128” and “SHAKE256” indicate security strengths, while for the SHA-3 hash functions such as SHA3-256, the suffix indicates the digest length of the hash function. |
August 14, 2014 | Clinton Bowen | The restructuring proposal was not accepted. The text in Section 7 on conformance already explicitly accommodates the possibility of future approved sponge functions based on the KECCAK-p permutations and other intermediate functions. Moreover, the primary goal of FIPS 202 is to standardize the winning algorithm from the SHA-3 Competition, as initiated in the Federal Register Notice on November 2, 2007. The proposed restructuring would detract from the perception of the Standard as fulfilling that goal. |
August 19, 2014 | Peter Rombouts | The comment was accepted and addressed with new text in the conformance section. |
August 26, 2014 | Centers for Disease Control and Prevention (CDC) | No change was requested. |
August 26, 2014 | Scott Fluhrer | The text in Section 7 on conformance explicitly asserts that approved uses of the extendable-output functions will be specified in NIST special publications. NIST will consider these comments in the development of those publications. Also, text was added to clarify that extendable-output functions are not yet approved as variable-length hash functions. |
Date | Received From | Response |
August 26, 2014 | Alexey Bagaev | The comment does not directly apply to the Revised Applicability Clause of FIPS 180-4, which simply acknowledges that FIPS 202 specifies valid options for secure hash functions. Moreover, NIST has already developed and implemented an appropriate policy for the use of SHA-1, based on the latest security information, as described in NIST Special Publication 800-131A. |