The NIST' s standard for {digital signatures} (authenticating both a message and the signer) that was fIRst announced in 1991. It is based on an algorithm using discrete logarithms, which is a variant of the Elgamal algorithm with Schnorr' s improvements. DSS' s security is currently considered very strong - comparable to RSA. It is estimated that DSS' s 1024-bit keys would take 1.4E16 MIPS-years to crack. (1995-11-16)