NIST Revises the Digital Signature Standard (DSS) and Publishes a Guideline for Elliptic Curve Domain Parameters

 Today, NIST is publishing Federal Information Processing Standard
(FIPS) 186-5,
Digital Signature
Standard (DSS)
, along with NIST Special Publication (SP)
for Discrete Logarithm-based Cryptography: Elliptic Curve Domain Parameters

FIPS 186-5 specifies three techniques for the generation and
verification of digital signatures that can be used for the protection of data:

  1. Rivest-Shamir-Adleman (RSA)
  2. Elliptic Curve Digital
    Signature Algorithm (ECDSA)
  3. Edwards Curve Digital Signature
    Algorithm (EdDSA)

The Digital Signature Algorithm (DSA), which was specified in
prior versions of FIPS 186, is retained only for the purposes of verifying
existing signatures. 

The companion document, NIST SP 800-186, specifies the set of
recommended elliptic curves. In addition to the previously recommended
Weierstrass curves, there are two newly specified Edwards curves included for
use with the EdDSA algorithm. Edwards curves provide increased
performance, side-channel resistance, and simpler implementation when compared
to traditional curves. While NIST SP 800-186 includes the specifications
for elliptic curves over binary fields, these curves are now deprecated, and the
use of other (prime) curves is strongly recommended.

The algorithms in these standards are not expected to provide
resistance to attacks from a large-scale quantum computer. Digital
signature algorithms that will provide security from quantum computers will be specified
in future NIST publications. For more information, see the Post-Quantum
Cryptography Standardization project