Project Overview

In 2013, news reports about leaked classified documents caused concern from the cryptographic community about the security of NIST cryptographic standards and guidelines. NIST is also deeply concerned by these reports, some of which have questioned the integrity of the NIST standards development process.

NIST has a proud history in open cryptographic standards, beginning in the 1970s with the Data Encryption Standard. We strive for a consistently open and transparent process that enlists the worldwide cryptography community to help us develop and vet algorithms included in our cryptographic guidance. NIST endeavors to promote confidence in our cryptographic guidance through these inclusive and transparent development processes, which we believe are the best in use.

Trust is crucial to the adoption of strong cryptographic algorithms. To ensure that our guidance has been developed according the highest standard of inclusiveness, transparency and security, NIST initiated a formal review of our standards development efforts. We documented our goals and objectives, principles of operation, processes for identifying cryptographic algorithms for standardization, methods for reviewing and resolving public comments, and other important procedures necessary for a rigorous process. NIST solicited public input on this process through two public comment periods in February 2014 and January 2015. Revised processes and procedures were finalized in March 2016 as NISTIR 7977.

At the request of the NIST Director, the Visiting Committee on Advanced Technology (VCAT) conducted a review of NIST's cryptographic standards and guidelines development process. The VCAT convened a blue ribbon panel of experts called the Committee of Visitors (COV) and asked each expert to review the process and provide individual reports of their conclusions and recommendations. The VCAT issued their report in July 2014, and their recommendations were incorporated in the process and procedures documented in NISTIR 7977.

Our mission is to protect the nation’s IT infrastructure and information through strong cryptography. We cannot carry out that mission without the trust and assistance of the world’s cryptographic experts. We’re committed to continually earning that trust.

Development of NISTIR 7977, NIST Cryptographic Standards and Guidelines Development Process