Search CSRC

Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence (October 30, 2023). For more information, see this NIST website.

Quick Start Guides are intended to give users an easy starting point for understanding relevant NIST technical publications and resources. 

Federal agencies and departments are required to comply with FIPS 140-1, Security Requirements for Cryptographic Modules. This involves the acquisition of validated cryptographic modules (which may be incorporated in a product/application) for protecting sensitive but unclassified data. Cryptographic modules are used to provide security services such as confidentiality, integrity, and authentication. FIPS 140-1 provides users with 1) a specification of security features that are required at each security level, 2) flexibility in choosing security requirements and environments, and 3) a guide...

Here are all the Agendas and Minutes for the 3 CSSPAB Meetings that were held in 1999.   March 1999 Agenda Minutes June 1999 Agenda Minutes September 1999 Agenda  Minutes If you have any questions or need information please e-mail Matt Scholl .    

NIST held a public workshop for the presentation and discussion of block cipher modes of operation. The papers, presentations, and discussions from that workshop are summarized in a workshop report. NIST received a number of public comments in response to its announcement of the "Modes of Operation" effort. Paper of Interest: IBM Patent Letter

(All files in .pdf format.)   March 2000 Agenda Meeting Minutes June 2000 Meeting Minutes June 2000 Workshop "Approaches to Measuring Security" Agenda  Summary from Day 1 September 2000 Agenda December 2000 Meeting Minutes   If you have any questions or need information, please e-mail Matt Scholl .  

This workshop focused on the security and interoperability requirements of the Federal government, the key establishment options available, and the planned development of a FIPS that will address those needs.  Federal Register Notice Background and Objectives Workshop Report Presentations Government User Perspective (Richard Guida, Treasury) Wireless Applications (Doug Rahikka, NSA) ANSI X9.42 (Sharon Keller, NIST) ANSI X9.44 (Burt Kaliski, RSA Security) ANSI X9.63 (Simon Blake-Wilson, Certicom) Internet Key Exchange (Sheila Frankel, NIST) TLS Protocol (Chris Hawk, Certicom)...

NIST held the Second Modes of Operation Workshop to continue to facilitate the analysis and development of new modes. The workshop was held to Present and discuss modes proposals Discuss technical comments on the NIST "Recommendation for Block Cipher Modes of Operation" Discuss of the next steps in the process and related issues The presentations, and discussions from the workshop are summarized in a workshop report. Legacy Presentations Selected Comments and Issues on the July, 2001 draft “Recommendation for Block Cipher Modes of Operation” Modes of Operation: Where do we go from...

March 2001 Agenda Meeting Minutes June 2001 Agenda Meeting Minutes December 2001 Agenda  Meeting Minutes   If you have any questions or need information please e-mail Matt Scholl .  

A key establishment scheme definition document and a key management guidance document are currently under development as discussed in the white paper.The workshop versions of the key establishment schemes document and the key management guideline were discussed. A report of the workshop will be available soon. The agenda and presentation slides are provided below. Comments have been received. A list of issues discussed at the workshop is also available. Welcome, History, etc. (notes) - Elaine Barker Key Establishment Schemes Document Overview - Miles Smid Key Establishment Schemes...

The Cryptographic Module Validation Program Conference 2002 will be held on March 26-27, 2002 at the Washington Plaza Hotel in Washington DC. Sponsored by NIST and the Canadian Security Establishment (CSE), this conference will focus on the Cryptographic Module Validation Program (CMVP). The CMVP Conference will include presentations and discussions on the new FIPS 140-2 standard, Security Requirements for Cryptographic Modules, differences between FIPS 140-1 and FIPS 140-2, algorithm testing suites, Common Criteria and the CMVP, a number of panel discussions from Federal and user agencies...

(All presentations in .pdf format.) Federal Regsiter Notice Announcing Meeting Minutes Computer Security: Standards? Recommendations? Guidelines?  Edward Roback, NIST Computer Security Division DMCA and the Effects of Regulating Computer Security Research and Discussion Professor Edward Felton, Department of Computer Science, Princeton University National Information Assurance Education and Training Program Ms. Sherry Borror, National Infosec Education and Training Program, NSA Baseline Information Security Standards: An Audit Perspective  Mr. Russell A. Rau, Assistant Inspector General...

(All presentations in .pdf format.) Federal Regsiter Notice Announcing Meeting Minutes Toward Performance-Based IT Security at Nasa: A Journey  Dr. David B. Nelson, CISSP, NASA Deputy CIO, NASA   If you have any questions or need information please e-mail Annie Sokol .  

(All presentations in pdf format.) Federal Register Notice Announcing Meeting Minutes Briefing on Homeland Security David Howe, Chief of Staff, Office of Homeland Security Update on Activities of the NIST Computer Security Division Ed Roback, Chief, Computer Security Division, NIST OMB Updates Norman Lorentz, Federal Chief Technology Officer, Office of Information and Regulatory Affairs Activities of NARA's Electronic Records Archive Group & Activites, Part 2 L. Reynolds Cahoon, Chief Information Officer, National Archives and Records Administration (NARA) Data Preservation: What's...

(All presentations in .pdf format.) Federal Regsiter Notice Announcing Meeting Minutes GAO Assignments on Privacy and Their Relationship to CSSPAB’s Proposed Recommendations  Alan Stapleton, General Accounting Office (GAO) Liberty Alliance Project  Chris Hankin, Sun Microsystems, Inc. Security and Privacy at the IRS  Len Baptiste, Internal Revenue Service (IRS)   If you have any questions or need information please e-mail Annie Sokol .  

(All presentations are in .pdf format.) Federal Register Notice Announcing Meeting Minutes NIST Computer Security Division Update Mr. Edward Roback, Chief, Computer Security Division, NIST NIST Security Testing & Metrics Group Program Mr. Ray Snouffer, Group Leader, Computer Security Division, NIST NIST Security Technology Group Program Mr. William Burr, Group Leader, Computer Security Division, NIST Briefing on the General Accounting Office's (GAO's) Report on the Privacy Act Ms. Linda Koontz, Director of Information Management, GAO Department of Veterans Affairs Cyber Security Program...

A meeting of the Information Security and Privacy Advisory Board (ISPAB) was held in Rockville, Maryland, on June 10-12, 2003. Federal Register Notice Announcing Meeting Minutes Selected Presentations Large Scale Consumer eAuthentication Khaja Ahmed, Software Architect, Microsoft Corporation An Overview of the National Criminal Justice Index Tim Bouma, Senior Consultant, CGI Managing Consultant Group Security Checklists for Commercial IT Products Tim Grance, Manager, National Institute of Standards and Technology Professional Certification Briefing Hun Kim, U.S. Navy National...

(All presentations in .pdf format.) Federal Register Notice Announcing Meeting Minutes Biometric Accuracy Standards Charles L. Wilson, Information Access Division, NIST Computer Forensics: Tool Testing & National Software Reference Library Barbara Guttman, Software Diagnostics & Conformance Testing Division, NIST Information Technology Laboratory at NIST Susan Zevin, Information Technology Laboratory, NIST NIST Distributed Testbed for First Responders Nader Moayeri, Advanced Network Technologies Division, NIST Protecting Federal Information Systems: The NIST Strategy for Implementing...

The September 2003 meeting of the Information Security and Privacy Advisory Board. Minutes Selected Presentations Liberty Alliance and "Touching the Browser" Paul Madsen, Entrust and Chair of the Liberty Trust, Security, and Privacy Subteam Browser Extensions and Security Wayne A. Jansen, Computer Security Division, NIST Guideline for Mapping Types of Information and Information Systems to Security Categorization Levels William Curt Barker, Computer Security Division, NIST

The Cryptographic Module Validation Program Symposium 2004 will be held on September 14-15, 2004 at the DoubleTree Hotel & Executive Meeting Center in Rockville, MD. NIST and the Communications Security Establishment (CSE) invite you to this event. The CMVP Symposium will include presentations and discussions on the FIPS 140-2, Security Requirements for Cryptographic Modules, supporting documents such as the Derived Test Requirements and Implementation Guidance, cryptographic algorithm testing suites, expectations, future direction, panel discussions from Federal and user agencies and...

Purpose To discuss federal requirements for a Personal Identity Verification (PIV) standard. Topics PIV credentials, cards, systems. Presentations Personal Identity Verification For Federal Employees and Contractors  Curt Barker, NIST Identity Proofing and Request Process  Donna Dodson, NIST Personal Identity Verification For Federal Employees and Contractors  Tim Grance, NIST Identity Authentication using the PIV Token  Sarbari Gupta, Electrosoft, Inc. PIV Token Issuance  Ketan Mehta, NIST PIV Life Cycle Management: Maintaining Assurance and Enhancing Utility  Tim Polk, NIST

(All presentations in .pdf format.) Federal Register Notice Announcing Meeting Minutes The Way Ahead for the Common Criteria - A Discussion Panel ICCC5 Berlin Stuart Katzke, National Institute of Standards and Technology (NIST) Perspectives on NIAP and the Common Criteria Stuart Katzke, NIST IA Training, Certification and Workforce Management in DoD George Bieber, Defense-wide IA Program at the Department of Defense (DOD) Email Based Identity Theft, Phishing and SPAM. What is the Banking Industry Doing? Stephen Lange Ranzini, University Bank & Michigan Business Development Company U.S....

(All presentations in .pdf format.) Federal Register Notice Announcing Meeting Minutes NIST Special Publication 800-53, Recommended Security Controls for Federal Information Systems Ron Ross, Computer Security Division, NIST Trusted Computing Group Secure Platform Specifications and Implementations Monty Wiseman, Intel Corporation Draft NIST Special Publication 800-58, Security Considerations for Voice Over IP Systems Rick Kuhn, Computer Security Division, NIST   If you have any questions or need information please e-mail Annie Sokol .