In September 2017, this (legacy) site will be replaced with the new site you can see at beta.csrc.nist.rip. At that time, links to this legacy site will be automatically redirected to apporpriate links on the new site.
On July 8, 2013, NIST announced a period of public comment, ending September 3, 2013, on Draft Special Publication 800-38G, which specifies three modes of the AES block cipher for format preserving encryption. The comments that NIST received are posted here.
In subsequent analysis, NIST explains that one of the FPE modes in the draft, FF2, does not provide the expected 128 bits of security for some use cases
On August 2011, NIST announced a period of public comments on the draft NIST Special Publication 800-38F: Recommendation for Block Cipher Modes of Operation: Methods for Key Wrapping. The public comments that NIST received in response to this request are collected here.
On June 21, 2011, NIST announced a period of public comment, ending July 22, 2011, on a proposal to approve the EAX´ mode of operation. Comments are provided in two files. The first is an updated report from Toshiba. The second is a collection of all the other comments. Subsequently, Tetsu Iwata and Kazuhiko Minematsu provided public comments that reference their paper with HIraku Morita and Stefan Lucks, Cryptanalysis of EAX’ on the IACR eprint archive.
On June 9, 2011, NIST announced a period of public comment on a proposal to approve two schemes of the FFX framework for format preserving encryption: FFX[radix] and VAES3. The public comments that NIST received in response to this request are collected here.
In Request for Public Comments on XTS, NIST requested public comments on the proposal to approve the XTS-AES confidentiality mode by reference to IEEE Stnd. 1619-2007. The comment period ended September 3, 2008. The following are links to documents that NIST received from the indicated commenter:
Other public comments that were submitted within email messages are collected here.
Matthew Ball provided follow-up comments to the public comments on XTS-AES.
The public comments on the draft NIST Special Publication 800-38E, Recommendation for Block Cipher Modes of Operation: The XTS-AES Mode for Confidentiality in Block-Oriented Storage Devices are collected here.
The following public comments were submitted on the second (July 2007) draft NIST SP 800-38D: Recomendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC :
The following paper was submitted as a public comment on the first (April 2006) draft NIST SP 800-38D: Recomendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM):
Authentication Failures in NIST version of GCM - Antoine Joux
Other comments that NIST received on the draft are available in PDF here.
NIST requested public comments on its intention to recommend either the CWC mode or the GCM mode. Links to PDF files of papers that were submitted are given in the following table:
Other public comments on the draft are available in PDF here. The comment period ended June 1, 2005.
The public comments on the draft NIST Special Publication 800-38B, Recommendation for Block Cipher Modes of Operation: The CMAC Mode for Authentication are collected here.
Links to PDF files of papers that were submitted as public comments on the draft NIST Special Publication 800-38C, Recommendation for Block Cipher Modes of Operation: The CCM Mode for Authentication and Confidentiality are given in the table below:
Other public comments on the draft, submitted within email messages, are available in PDF here.
Another document briefly describes NIST's responses to the most significant public comments.
Links to PDF files of papers that were submitted as public comments on the early draft of NIST Special Publication 800-38B, Recommendation for Block Cipher Modes of Operation: The RMAC Authentication Mode are given in the table below. NIST subsequently decided to replace RMAC with CMAC.
Other public comments on the draft, submitted within email messages, are available in PDF here.
The general public comments on modes of operation that were submitted within email messages are available in two PDF files:
Links to PDF files of the papers on modes of operation that were submitted as public comments are given in the table below:
NIST continues to accept public comments on modes of operation, including comments on:
Comments may be submitted to EncryptionModes@nist.gov.