In a Discussion Paper titled “The Transitioning of Cryptographic Algorithms and Key Sizes” NIST summarizes which cryptographic algorithms will no longer be allowed in secure applications once 2010 is over.
Encryption Algorithms
Two-Key Triple DES and SKIPJACK will be disallowed on January 1, 2011.
Three-Key Triple DES and AES will continue to be allowed.
Signature Generation
New signatures generated in support of data authentication or software and firmware tests which are less than 112 bits in length will be disallowed on January 1, 2011.
In addition to these changes, NIST will be looking for a number of other stringent requirements (as spelled out in NIST 186-3) for new validations once the year turns to 2011.
Random Number Generation
New validations must conform to SP 800-90 (HASH, HMAC, CTR, DUAL_EC) on or after January 1, 2011.
Key Agreement
New validations may no longer depend on non-tested Diffie-Hellman (DH) or MQV primitives on or after January 1, 2011. Instead, new validations must use SP 800-56A primitives or one of the specifically approved key derivation functions (KDFs).
Hashes
Unless keyed in the manner of a digital signature (see related section above), the use of SHA-1 hashes is disallowed on January 1, 2010 and beyond. Instead, digital signatures (essentially “keyed hashes”) or stronger hash algorithms such as SHA-224, SHA-256, SHA-384 or SHA-512 must be used.
