Signature

1. DSA
   FIPS PUB 186-2 with Change Notice 1, Digital Signature Standard (DSS), October 05, 2001.
   Note: The length of the parameter p shall be 1,024 bits or larger.
2. DSA
   FIPS PUB 186-3, Digital Signature Standard (DSS), June 2009.
3. ECDSA
   ANS X9.62-2005, Public Key Cryptography for the Financial Services Industry :
   The Elliptic Curve Digital Signature Algorithm (ECDSA)
4. ECDSA
   FIPS PUB 186-3, Digital Signature Standard (DSS), June 2009
5. ECDSA
   SEC 1: Elliptic Curve Cryptography (September 20, 2000 Version 1.0)
   Note: The underlying field of the elliptic curve and the curve order shall be 160 bits or larger.
6. RSASSA-PKCS1-v1_5
   PKCS#1 v2.1: RSA Cryptography Standard, June 14, 2002.
   Note: The length of the parameter n shall be 1,024 bits or larger.
7. RSASSA-PSS
   PKCS#1 v2.1: RSA Cryptography Standard, June 14, 2002.
   Note: The length of the parameter n shall be 1,024 bits or larger.

Confidentiality

7. RSA-OAEP
   PKCS#1 v2.1: RSA Cryptography Standard, June 14, 2002.
   Note: The length of the parameter n shall be 1,024 bits or larger.
8. RSAES-PKCS1-v1_5
   PKCS#1 v2.1: RSA Cryptography Standard, June 14, 2002.
   Note: The length of the parameter n shall be 1,024 bits or larger.

64-bit block cipher

1. CIPHERUNICORN-E
   Cipher technology specifications CIPHERUNICORN-E
2. Hierocrypt-L1
   Cipher technology specifications: Hierocrypt-L1 (May 2002)
3. MISTY1
   Cipher technology specifications: MISTY1 (updated May 13, 2002)
4. 3-key Triple DES
   SP 800-67, Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher, May 2004.
   Note: Only 3-key Triple-DES is approved.

128-bit block cipher

5. AES
   FIPS PUB 197, Advanced Encryption Standard (AES), November 26, 2001
6. Camellia
   128 bits block cipher Camellia algorithm specifications (the second edition: September 26, 2001)
7. CIPHERUNICORN-A
   Code technology specifications CIPHERUNICORN-A
8. Hierocrypt-3
   Code technology specifications: Hierocrypt-3(May 2002)
9. SC2000
   Symmetric key block code SC2000 code technology specifications (September 26, 2001)

n-bit block cipher modes of operations

10. Electronic Codebook (ECB), Cipher Block Chaining (CBC), Cipher Feedback (CFB), Output Feedback (OFB), and Counter (CTR)
    SP 800-38A, Recommendation for Block Cipher Modes of Operation, December 2001.

128-bit block cipher modes of operations

11. XTS
    SP 800-38E, Recommendation for Block Cipher Modes of Operation: The XTS-AES Mode for Confidentiality on Storage Devices, January 2010.

Stream cipher

12. MUGI
    Pseudorandom number generator MUGI specifications Ver. 1.3 (May 8, 2002)
13. MUlTI-S01
    MULTI-S01 Cipher Specifications Version1.2 (May 12, 2002)
14. 128-bit RC4 (Arcfour)
    Fluhrer Scott, Itsik Mantin, and Adi Shamir. Attacks On RC4 and WEP. CryptoBytes, Vol5, No.2, P.26, Summer/Fall 2002
    Note: The use of 128-bit RC4 is limited for SSL3.0/TLS1.0 or later.

1. RIPEMD-160
   The hash function RIPEMD-160
2. Secure Hash Standard (SHA-1, SHA-224, SHA-256, SHA-384 and SHA-512, SHA-512/224 and SHA-512/256)
   FIPS PUB 180-4, Secure Hash Standard, March, 2012.

1. HMAC (HMAC-SHA-1, HMAC-SHA-224, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512, HMAC-SHA-512/224, and HMAC-SHA-512/256)
   The Keyed-Hash Message Authentication Code, FIPS PUB 198-1, July 2008.
2. CMAC
   Recommendation for Block Cipher Modes of Operation: The CMAC Mode for Authentication, NIST Special Publication 800-38B, May 2005.
3. CCM
   Recommendation for Block Cipher Modes of Operation: The CCM Mode for Authentication and Confidentiality, NIST Special Publication 800-38C, May 2004.
4. GCM/GMAC
   Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC, NIST Special Publication 800-38D, November 2007.

Deterministic random number generators

1. PRNG based on SHA-1 in ANSI X9.42-2001 Annex C.1
   American Bankers Association, Public Key Cryptography for the Financial Services Industry, ANSI X9.42-2001 - Annex C.1
   
2. PRNG based on SHA-1 for general purpose in FIPS 186-2 (+ change notice 1) Appendix 3.1
   National Institute of Standards and Technology, Digital Signature Standard (DSS), Federal Information Processing Standards Publication 186-2, January 27, 2000 - Appendix 3.1.
3. PRNG based on SHA-1 for general purpose in FIPS 186-2 (+ change notice 1) revised Appendix 3.1
   National Institute of Standards and Technology, Digital Signature Standard (DSS), Federal Information Processing Standards Publication 186-2, January 27, 2000 - Appendix 3.1.
4. ANSI X9.31 Appendix A.2.4 Using 3-Key Triple DES
   National Institute of Standards and Technology, NIST-Recommended Random Number Generator Based on ANSI X9.31 Appendix A.2.4 Using the 3-Key Triple DES and AES Algorithms, January 31, 2005.
   
5. ANSI X9.31 Appendix A.2.4 Using AES
   National Institute of Standards and Technology, NIST-Recommended Random Number Generator Based on ANSI X9.31 Appendix A.2.4 Using the 3-Key Triple DES and AES Algorithms, January 31, 2005.
6. Hash_DRBG, HMAC_DRBG and CTR_DRBG
   National Institute of Standards and Technology, Recommendation for Random Number Generation Using Deterministic Random Bit Generators (Revised), Special Publication 800-90A, January 2012.

Non-deterministic Random number generators

Key agreement

1. DH
   ANS X9.42-2003, Public Key Cryptography for the Financial Services Industry:
   Agreement of Symmetric Keys Using Discrete Logarithm Cryptography
   Note: The length of the parameter p shall be 1,024 bits or larger.
2. DH
   National Institute of Standards and Technology, Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography (Revised), Special Publication 800-56A, March 2007.
3. MQV
   National Institute of Standards and Technology, Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography (Revised), Special Publication 800-56A, March 2007.
4. ECDH
   National Institute of Standards and Technology, Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography (Revised), Special Publication 800-56A, March 2007.
5. ECDH
   SEC 1: Elliptic Curve Cryptography(September 20, 2000 Version 1.0)
   Note: The underlying field of the elliptic curve and the curve order shall be 160 bits or larger.
6. ECMQV
   National Institute of Standards and Technology, Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography (Revised), Special Publication 800-56A, March 2007.
7. PSEC-KEM
   PSEC-KEM specifications version 2.2 (April 14, 2008)
   Note: The length of the parameter q shall be 1,024 bits or larger.
8. Key Establishment Schemes in NIST SP800-56B
   National Institute of Standards and Technology, Recommendation for Pair-Wise Key Establishment Schemes Using Integer Factorization Cryptography, Special Publication 800-56B, August 2009.
9. KDF
   National Institute of Standards and Technology, Recommendation for Key Derivation through Extraction-then-Expansion, Special Publication 800-56C, November 2011.
10. KDF
    National Institute of Standards and Technology, Recommendation for Key Derivation Using Pseudorandom Functions (Revised), Special Publication 800-108, October 2009.
11. KDF
    National Institute of Standards and Technology, Recommendation for Password-Based Key Derivation, Special Publication 800-132, December 2010.
12. KDF
    National Institute of Standards and Technology, Recommendation for Existing Application-Specific Key Derivation Functions, Special Publication 800-135 Revision 1, December 2011.
    Note: TPM KDF is excluded.