In February 2001, NIST announced that a draft of the Federal Information Processing Standard (FIPS) was available for public review and comment. Finally, AES was published as FIPS 197 in the Federal Register in December 2001.
The criteria defined by NIST for selecting AES fall into three areas:
1. Security 2. Cost 3. Implementation.
Federal Information Processing Standards Publications (FIPS PUBS) are issued by the National
Institute of Standards and Technology (NIST) after approval by the Secretary of Commerce
pursuant to Section 5131 of the Information Technology Management Reform Act of 1996
(Public Law 104-106) and the Computer Security Act of 1987 (Public Law 100-235).
The proliferation of computers and communications systems in the 1960s brought with
it a demand from the private sector for means to protect information in digital form and to
provide security services. Beginning with the work of Feistel at IBMin the early 1970s and
culminating in 1977 with the adoption as a U.S. Federal Information Processing Standard
for encrypting unclassified information, DES, the Data Encryption Standard, is the most
well-known cryptographic mechanism in history.
The report is outlined as follows. In chapter 2, we give an overview of, and a
background to, Cryptography, Public Key Infrastructure (PKI), DNS and Secure
Messaging, which is used throughout this report. In chapter 3 we demonstrate
our implementation of a secure mail application and of a certiﬁcate publishing
application. In chapter 4 we compare LDAP and DNS for certiﬁcate locating and
retrieval purposes. In chapter 5 we discuss privacy threats due to Secure DNS and
present a possible remedy.
Federal agencies in Germany are required to fully implement IT-Grundschutz according to the
specifications of the Federal Implementation Plan. In addition to being required to create and
implement a security concept, they are also required to follow the specifications in BSI standards
100-1 [BSI1] and 100-2 [BSI2] as well as to check the success of their implementation through IS
audits. In order to maintain and continuously improve information security.
The agency believes that NCAP has helped make significant safety improvements by providing
consumers with independent information that they can use in their purchasing decisions. This
information has helped drive consumer demand for safety and manufacturers have responded by
building vehicles that exceed Federal motor vehicle safety standards, thereby contributing to
NHTSA’s mission of reducing death and injuries from motor vehicle crashes.
These guidelines are for use by Federal organizations which process sensitive information. They are consistent with the requirements of OMB Circular A-130, Appendix III.
The guidelines herein are not mandatory and binding standards. This document may be used by non-governmental organizations on a voluntary basis. It is not subject to copyright.
Nothing in this document should be taken to contradict standards and guidelines made mandatory and binding upon Federal agencies by the Secretary of Commerce under his statutory authority.