Core Cryptographic Standards
IEEE P1363 - ECC is included in IEEE P1363 which was approved as an IEEE standard in February 2000. This document includes comprehensive coverage of the three types of well known, widely marketed public key cryptosystems (ECC, DL, and RSA). Certicom researchers were the primary authors of the ECC portions of the standard.

ANSI X9F - ECC is being incorporated into two American National Standards Institute (ANSI) Accredited Standards Committee (ASC) X9F (Financial Services) drafts. Other ANSI standards reference the algorithms and schemes contained in these two drafts. Financial institutions, governments and technology companies send representatives to the ANSI X9 standards bodies. This is a critical forum for an algorithm to be considered as acceptable for use in the delivery of financial services. Certicom authored these standards.
  • ANSI X9.62 - "Elliptic Curve Digital Signature Algorithm (ECDSA)." ECDSA is an analog of the NIST Digital Signature Algorithm (DSA) using elliptic curves. X9.62 will meet the unusually stringent security requirements of the financial services industry. X9.62 was published as an ANSI standard in January 1999.
  • ANSI X9.63 - "Elliptic Curve Key Agreement and Key Management." This standard is expected to be passed in 2000.
images/bullet_brown.gif FIPS (Federal Information Processing Standard) 186-2: The US government's National Institute of Standards and Technology (NIST) announced in February 2000 the extension of its Digital Signature Standard (DSS) to include the ECDSA as specified in ANSI X9.62. The revised standard is FIPS 186-2. This standard is a landmark in the commercial acceptance of ECC since government agencies are now able to purchase security products containing ECC without having to receive special approval. NIST is also including specifications for ECC in its Minimum Interoperability Specification (MISPC).

ISO/IEC - ECC is being incorporated into several ISO/IEC drafts
  • ISO/IEC 14888: "Digital Signature with Appendix Part 3: Certificate-based Mechanisms"
  • ISO/IEC 9796-4: "Digital Signature with Message Recovery, Discrete Logarithm-based Mechanisms"
  • ISO/IEC 14946: "Cryptographic Techniques Based on Elliptic Curves"
Vertical Market Standards
Vertical market standards, or application standards, usually reference the work already completed in core cryptographic standards. Numerous initiatives are underway to develop protocols that use public-key certificates and other types of public-key management systems. Most of these protocols are being written so that they are algorithm-independent, allowing any commonly used public-key algorithm to be implemented. This enables ECC use in environments where other types of public-key systems would be impractical, especially as key sizes increase. Given the growth in non-PC Internet appliances, strong support for ECC inclusion exists in these standards. The following are examples of some standards which include ECC.

ATM Forum - Asynchronous Transport Mode (ATM).
WAP (Wireless Application Protocol) - Version 1.0 (released May 1998) provides secure Internet access and other advanced services to digital cellular phones and wireless terminals. ECC is incorporated into the WAP security layer through wTLS (Wireless Transport Layer Security).
ANSI X12 and UN/EDIFACT - ECC is currently at the initial stage of incorporation into Electronic Data Interchange (EDI) standards. Nothing is preventing the use of ECC for EDI, new data elements simply need to be defined.
FSTC (Financial Services Technology Consortium) - Electronic checking specification.
OTP 0.9 (Open Trading Protocol) - Framework for encapsulating payment protocols.
IETF - SSL/TLS, IPSEC, PKIX, S/MIME.
CPDP (Cellular Digital Packet Data) - ECC for key agreement.
ReFLEX - Two-way paging standard by Motorola.