Search Results | CSRC (2024)

1 | 2 | 3>>>

1 | 2 | 3>>>

Events

September 25, 2020 - September 25, 2020
https://csrc.nist.gov/events/2020/challenges-with-encrypted-protocols

(Updated: Friday, September 18, 2020): This workshop was rescheduled from August 13 to Friday, September 25. Workshop Objectives The National Institute of Standards and Technology (NIST) will host a virtual workshop to discuss compliance, operations, and security challenges with modern encrypted protocols on Friday, September 25, 2020. Deployment of these protocols, in particular TLS 1.3, can impact some organizations ability to meet their regulatory, security, and operational requirements. The workshop will investigate the practical and implementable approaches to help those industries...

Presentations

July 6, 2021
https://csrc.nist.gov/presentations/2021/stppa3-encrypted-search

Type: Presentation

Presentations

July 6, 2021
https://csrc.nist.gov/presentations/2021/stppa3-private-ai

Type: Presentation

Projects

https://csrc.nist.gov/projects/message-authentication-codes

The message authentication code (MAC) is generated from an associated message as a method for assuring the integrity of the message and the authenticity of the source of the message. A secret key to the generation algorithm must be established between the originator of the message and its intended receiver(s). Approved Algorithms Currently, there are three (3) approved* general purpose MAC algorithms: HMAC, KMAC and CMAC. Keyed-Hash Message Authentication Code (HMAC) FIPS 198-1, The Keyed-Hash Message Authentication Code (HMAC) (July 2008), specifies a mechanism for message...

Projects

https://csrc.nist.gov/projects/pec

The PEC project in the Cryptographic Technology Group (CTG), Computer Security Division (CSD) at NIST accompanies the progress of emerging technologies in the area of privacy-enhancing cryptography (PEC). News: WPEC 2024: NIST Workshop on Privacy-Enhancing Cryptography (Sept 24–26 @ Virtual). Quick links: Free Registration (ZoomGov Event); Call for Talks (PDF file); Submission Form (PDF file). The PEC project seeks to promote the development of reference material that can contribute to a better understanding of PEC, namely how advanced cryptographic tools can be used to enable achieving...

Events

December 8, 2011 - December 9, 2011
https://csrc.nist.gov/events/2011/meeting-on-privacy-enhancing-cryptography

"Working with encrypted data without decrypting" We have long known that encryption has some amazing properties. Those of us who don't think in terms of mathematical formulas often think of encryption as "putting a message in a secure vault, or a tamper-proof envelope, or some other such physical model". These analogies are useful, but they hide some of the magic powers of encryption. For example, it would be hard to see how we could prove to others that we know the contents of the "vault" without opening it for them and revealing at least some of the contents. Yet encryption does allow us to...

Events

March 11, 2019 - March 12, 2019
https://csrc.nist.gov/events/2019/ntcw19

Two days of presentations about threshold schemes for multi-party and single-device settings. Scroll down to see the embedded videos of the presentations Agenda Click here for a printable PDF version of the workshop schedule. 1st day (March 11, 2019) All talks take place in the Green Auditorium in the Main Building (101) at the NIST campus in Gaithersburg, MD, USA Badge pick-up (for on time and late arrivals) is done in front of the the Green auditorium — attendees need to pre-register to attend the conference. Expected speakers are highlighted in bold. Click on each...

Events

July 6, 2021 - July 6, 2021
https://csrc.nist.gov/events/2021/stppa3

STPPA Event #3: Featured topics: private information retrieval (PIR); searchable encryption; fully hom*omorphic encryption (FHE). Structure: welcome; three invited talks; panel conversation. Date, time, location/format: July 06, 2021, 13:30–16:30 EDT @ virtual event over Webex video conference Attendance: open and free to the public, upon registration Schedule 13:30--13:40: STPPA#3 intro 13:40--14:20: Private Information Retrieval with Near-Optimal Online Bandwidth and Time, by Elaine Shi (Carnegie Mellon University) 14:20--15:00: An Overview of Encrypted Databases, by Seny...

Events

February 9, 2023 - February 9, 2023
https://csrc.nist.gov/events/2023/stppa5

Featured topics: identity-based encryption (IBE), attribute-based encryption (ABE) and broadcast encryption Structure: welcome; 3 invited talks; panel conversation. Date and time: February 9th (Thursday), 2023, 12:00–15:50 EST Location/format: virtual event over Webex video conference Attendance: open and free to the public, upon registration (attendees can pose questions via chat / Q&A functionality) Registration direct link: https://nist-secure.webex.com/weblink/register/r92f4ffc27fc2534733799ac4161f454e Schedule Event schedule, Eastern Standard Time (GMT-5): 12:00–12:10:...

Events

July 25, 2023 - July 25, 2023
https://csrc.nist.gov/events/2023/stppa6

Event #6's theme: Community Efforts on Advanced Cryptographic Techniques Featured topics: FHE, MPC, ZKP, ABE, Threshold Crypto, PAKE. Structure: Welcome/introduction; 6 invited talks; panel conversation. Date and time: July 25th (Tuesday), 2023, 09:30–15:00 EDT. Location: Virtual event (video conference). Attendance: Open and free to the public, upon registration. Format: Webinar (presenters can share video and audio; attendees can use text for questions and comments). Tweet: https://twitter.com/NISTcyber/status/1678435569284812802 Schedule Welcome and introduction...

Project Pages

https://csrc.nist.gov/projects/pki-testing/x-509-path-validation-test-suite

Version 1.07 enabling tools for PKI client software developers This page contains conformance tests for relying parties that validate X.509 certification paths. Each test consists of a set of X.509 certificates and CRLs. The tests are fully described in the Conformance Testing of Relying Party Client Certificate Path Processing Logic document. The goal for the first release of these tests was to address the X.509 features used in the DoD Class 3 PKI. While this test suite remains available for use, it has been superseded by the Public Key Interoperability Test Suite (PKITS), which...

Project Pages

https://csrc.nist.gov/projects/piv/nist-piv-test-cards

Test PKI Info | Sample Messages | Version 1 Test Cards | Email List In order to facilitate the development of applications and middleware that support the Personal Identity Verification (PIV) Card, the National Institute of Standards and Technology (NIST) has developed a set of test PIV Cards, which are available for purchase as a NIST Special Database. An overview of the test PIV Cards is provided in NIST 8347, NIST Test Personal Identity Verification (PIV) Cards Version 2. NISTIR 8347 also contains technical details about the contents of each of the test cards in the set....

Project Pages

https://csrc.nist.gov/projects/entropy-as-a-service/architectures

Base EaaS Architecture Without A Decentralized Root Of Trust In this example, the client system is equipped with a Hardware Root of Trust (HRT) device. Examples of HRT devices are the Trusted Platform Module, Intel® Identity Protection Technology, and the ARM® TrustZone technology. The client system runs a dedicated software application capable of interfacing with the local HRT device on the one end and with the EaaS on the other end. The application communicates with the entropy server using standard plaintext protocols, such as HTTP. The dedicated application initiates the procedure for...

Project Pages

https://csrc.nist.gov/projects/pec/stppa

The “Special Topics on Privacy and Public Auditability” (STPPA) series is organized by the Privacy Enhancing Cryptography (PEC) project in the Cryptographic Technology Group at NIST-ITL-CSD. A main goal of the series is to gather reference material about "PEC tools", which may facilitate future reflections on aspects of standardization and of development of recommendations/guidelines about advanced cryptography, namely for uses related to privacy and public auditability. Each event will include talks on various interconnected topics, aiming to convey basic technical background, incite...

Project Pages

https://csrc.nist.gov/projects/post-quantum-cryptography/post-quantum-cryptography-standardization/minimum-acceptability-requirements

Post-quantum candidate algorithm nominations are due November 30, 2017. Call for Proposals Those submission packages that are deemed by NIST to be “complete” will be evaluated for the inclusion of a “proper” post-quantum public-key cryptosystem. To be considered as a “proper” post-quantum public-key cryptosystem (and continue further in the standardization process), the scheme shall meet the following minimum acceptability requirements: The algorithms shall be publicly disclosed and made available for public review and the evaluation process, and for standardization if selected, freely...

Project Pages

https://csrc.nist.gov/projects/block-cipher-techniques/bcm/current-modes

SP 800-38A: Five Confidentiality Modes In Special Publication 800-38A, five confidentiality modes are specified for use with any approved block cipher, such as the AES algorithm. The modes in SP 800-38A are updated versions of the ECB, CBC, CFB, and OFB modes that are specified in FIPS Pub. 81; in addition, SP 800-38A specifies the CTR mode. In the Addendum to SP 800-38A, NIST has specified three variants for extending the domain of the CBC mode using "ciphertext stealing." SP 800-38B: An Authentication Mode The CMAC authentication mode is specified in Special Publication...

Project Pages

https://csrc.nist.gov/projects/pec/pec-tools

PEC tools include a variety of cryptographic primitives, protocols and techniques useful for enabling privacy. This page uses simplified illustrations of "ideal functionalities" to convey a brief intuition about some representative PEC tools. It should be noted that real protocols for these PEC tools use cryptographic techniques in place of the trusted party (\(\mathcal{F}\)) represented in the figures. Zero Knowledge Proof of Knowledge (ZKPoK) A ZKPoK allows a prover to prove knowledge of a secret \(\color{red}w\) (also called witness), without disclosing it to the verifier. The secret is...

Publications IR 8450 (Final)

December 20, 2023
https://csrc.nist.gov/pubs/ir/8450/upd1/final

Abstract: Encryption technology can be incorporated into access control mechanisms based on user identities, user attributes, or resource attributes. Traditional public-key encryption requires different data to have different keys that can be distributed to users who satisfy perspective access control policie...

Publications IR 8450 (Final) (Withdrawn)

September 7, 2023

Withdrawn on December 20, 2023.

https://csrc.nist.gov/pubs/ir/8450/final

Abstract: Encryption technology can be incorporated into access control mechanisms based on user identities, user attributes, or resource attributes. Traditional public-key encryption requires different data to have different keys that can be distributed to users who satisfy perspective access control policie...

Publications Project Description (Final)

May 26, 2021
https://csrc.nist.gov/pubs/pd/2021/05/26/addressing-visibility-challenges-with-tls-13/final

Abstract: Enterprises use encryption—a cryptographic technique—to protect data transmission and storage. While encryption in transit protects data confidentiality and integrity, it also reduces the organization’s visibility into the data flowing through their systems. The NCCoE initiated a project to address...

Publications CSWP 16 (Initial Public Draft)

September 8, 2020
https://csrc.nist.gov/pubs/cswp/16/trusted-iot-device-networklayer-onboarding-and-lcm/ipd

Abstract: Internet of Things (IoT) devices are typically connected to a network. The steps performed to provision a device with its network credentials are referred to as network-layer onboarding (or simply, onboarding). This paper proposes a taxonomy for IoT device onboarding that can clearly express the cap...

Publications Conference Paper (Final)

August 1, 2018
https://csrc.nist.gov/pubs/conference/2018/08/01/quantifying-information-exposure-in-internet-routi/final

Conference: 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications (TrustCom) Abstract: Data sent over the Internet can be monitored and manipulated by intermediate entities in the data path from the source to the destination. For unencrypted communications (and some encrypted communications with known weaknesses), eavesdropping and man-in-the-middle attacks are possible. For encrypted...

Publications Journal Article (Final)

January 24, 2018
https://csrc.nist.gov/pubs/journal/2018/01/psst-can-you-keep-a-secret/final

Journal: Computer (IEEE Computer) Abstract: The security of encrypted data depends not only on the theoretical properties of cryptographic primitives but also on the robustness of their implementations in software and hardware. Threshold cryptography introduces a computational paradigm that enables higher assurance for such implementations.

Publications Conference Paper (Final)

January 10, 2017
https://csrc.nist.gov/pubs/conference/2017/01/10/full-disk-encryption-bridging-theory-and-practice/final

Conference: RSA Conference 2017 Abstract: We revisit the problem of Full Disk Encryption (FDE), which refers to the encryption of each sector of a disk volume. In the context of FDE, it is assumed that there is no space to store additional data, such as an IV (Initialization Vector) or a MAC (Message Authentication Code) value. We formally...

Publications Book Section (Final)

July 3, 2015
https://csrc.nist.gov/pubs/book-section/2015/07/common-biometric-exchange-formats-framework-standa/final

In: Encyclopedia of Biometrics Abstract: Common Biometric Exchange Formats Framework (CBEFF) provides a standardized set of definitions and procedures that support the interchange of biometric data in standard data structures called CBEFF biometric information records (BIRs). CBEFF permits considerable flexibility regarding BIR structures...