Cryptographic Algorithms and Key Sizes for Personal Identity Verification

Polk, W.; Dodson, Donna; Burr, William

doi:https://doi.org/10.6028/NIST.SP.800-78-1

July 19, 2023: URLs for CSRC publication details pages have changed. Legacy URLs should automatically redirect to the new URLs. However, links to the actual publications have NOT changed (e.g., DOIs and PDFs on nvlpubs.nist.gov). Please send inquiries to csrc-inquiry@nist.gov.

NIST SP 800-78-1

Withdrawn on February 13, 2010. Superseded by SP 800-78-2

Cryptographic Algorithms and Key Sizes for Personal Identity Verification

Documentation

Date Published: August 2007

Supersedes: SP 800-78 (04/25/2005)

Author(s)

W. Polk (NIST), Donna Dodson (NIST), William Burr (NIST)

Abstract

SP 800-78-1 has been modified to enhance interoperability, simplify the development of relying party applications, and enhance alignment with the National Security Agency's Suite B Cryptography [SUITE B]. Revision 1 reduces the set of elliptic curves approved for use with PIV cards and the supporting infrastructure from six curves to two. Also, SHA-384 has been added for use with Curve P-384 in this revision. And finally, this revision eliminates the largest size of RSA keys (3072 bits) on PIV cards. These changes simplify applications that require maximum interoperability: the number of OIDs that must be recognized (e.g., in certificates) has been significantly reduced; and elliptic curve implementations of elliptic curve cryptography can be optimized for operations over two specific curves.

Keywords

conformance test; Personal Identity Verification; FIPS 201; cryptographic algorithms; key sizes; PKI

Control Families

None selected

Documentation

Publication:
https://doi.org/10.6028/NIST.SP.800-78-1
Download URL

Supplemental Material:
None available

Document History:
08/01/07: SP 800-78-1 (Final)