To support its review, the committee has formed a panel of experts to assess NIST’s existing cryptographic standards and guidelines and the process by which they have been developed.
Called the Committee of Visitors, the panel members are: Vint Cerf of Google; Edward Felten of Princeton University; Steve Lipner of Microsoft Corporation; Bart Preneel of Katholieke Universiteit Leuven; Ellen Richey of Visa Inc.; Ron Rivest of the Massachusetts Institute of Technology (MIT); and Fran Schrotter of the American National Standards Institute (ANSI).
“Our mission is to protect the nation’s IT infrastructure and information by promoting strong cryptography. We look forward to the VCAT’s review to help ensure we have the most transparent and effective process for doing that,” said Under Secretary of Commerce for Standards and Technology and NIST Director Patrick D. Gallagher.
In November 2013, NIST initiated an internal review of its development process and announced it would seek public input and an independent review, following concerns raised by the cryptographic community about the integrity of NIST’s cryptographic standards and guidelines. NIST released the draft document NIST IR 7977: NIST Cryptographic Standards and Guidelines Development Process for a two-month public comment period in February 2014.
The expert panel will review NIST’s current processes as described in NIST IR 7977, the public comments and NIST cryptographic materials, such as standards and guidelines, and may seek input from other experts. Panel members will provide individual assessments to the VCAT Subcommittee on Cybersecurity, which will report its findings and any recommendations to the full VCAT.
The subcommittee will provide an update on its progress on June 11, 2014, at the next VCAT meeting. Upon reviewing the expert assessments and the proposed recommendations of the subcommittee, the VCAT will issue its recommendations to NIST.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.