U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

Computer Security Resource Center

Computer Security Resource Center

This is an archive
(replace .gov by .rip)
    Projects Crypto Publication Review Project

Crypto Publication Review Project

Background and Approach

Background

NIST cryptography standards (Federal Information Processing Standards, or “FIPS”) and other publications (typically specified in the Special Publication (SP) 800 series) are intended to protect non-national security federal information and information systems. Outside the Federal Government, these publications are voluntarily relied upon across many sectors to promote economic development and protect sensitive personal and corporate information.  

Cryptography standards and other publications must be reviewed and maintained regularly because of rapid technological advances, the specific applications and assets for which these publications are used, the threat environment, and the tolerance for risk by a particular sector or organization. NIST is committed to the periodic review and maintenance of these publications. 

Maintenance can include updating or withdrawing the publication. When each cryptography standard or other publication is released, the Crypto Publication Review Board ("the Board") identifies when the document will be subject to a review of its relevance and for possible updating. The current goal is to review each publication at least every five years, or more frequently if issues arise. 

Back to Top

Approach

Below is a description of NIST’s planned approach for reviewing cryptography standards and other publications. 

  1. The Board initiates a public comment period for reviewing a publication or a set of publications.

  2. NIST conducts an internal review of the publications and considers public comments received. 

  3. The Board announces a proposed decision (e.g., reaffirm, revise, withdraw, etc.) for the publication, prepares a summary of the internal analysis, and initiates a second public comment period. 

  4. NIST considers the public comments received on the proposed decision and determines whether to proceed with the proposed decision.

  5. NIST announces the final decision and takes appropriate steps to execute the decision. See additional information about the possible decisions

Back to Top

Contacts

Crypto Publication Review Board
cryptopubreviewboard@nist.gov

Morris Dworkin

Daniel Apon

Elaine Barker

Chris Celi

Jim Foti

Meltem Sönmez Turan

Topics

Security and Privacy: cryptography

Activities and Products: standards development

Created March 23, 2021, Updated October 18, 2021