Publication #1: NIST Interagency Report (NISTIR) 8080
NIST is pleased to announce the release of NIST Interagency Report (NISTIR) 8080, Usability and Security Considerations for Public Safety Mobile Authentication. In the near future, mobile devices used by first responders will access the forthcoming Nationwide Public Safety Broadband Network (NPSBN) via long term evolution (LTE) technology. Although the NPSBN will offer first responders the ability to access new data and mobile applications in the field, it is important to evaluate the impact of mobile authentication on security and usability. NISTIR 8080 explores mobile authentication technologies for public safety networks. The overarching goal of this work is analyzing which authentication solutions are the most appropriate and usable for first responders using mobile devices in operational scenarios in the field. Although first responders work in a variety of disciplines, this report is focused on the Fire Service, Emergency Medical Services (EMS), and Law Enforcement.
Publication #2 and #3: Special Publication (SP) 800-46 Revision 2 & SP 800-114
NIST announces the release of two Special Publications (SPs) on telework and bring your own device (BYOD) security: SP 800-46 Revision 2, Guide to Enterprise Telework, Remote Access, and Bring Your Own Device (BYOD) Security, and SP 800-114 Revision 1, User's Guide to Telework and Bring Your Own Device (BYOD) Security. Organizations are increasingly threatened, attacked, and breached through compromised telework devices used by their employees, contractors, business partners, and vendors. These publications make recommendations for organizations (in SP 800-46 Revision 2) and users (in SP 800-114 Revision 1) to improve their telework and BYOD security practices.
Publication #4: DRAFT SP 800-185
SHA-3 Derived Functions: cSHAKE, KMAC, TupleHash, and ParallelHash
Draft NIST SP 800-185 specifies four types of SHA-3-derived functions: cSHAKE, KMAC, TupleHash, and ParallelHash, each defined for a 128- and 256-bit security level. cSHAKE is a customizable variant of the SHAKE function, as defined in FIPS 202. KMAC (for KECCAK Message Authentication Code) is a pseudorandom function and keyed hash function based on KECCAK. TupleHash is a variable-length hash function designed to hash tuples of input strings without trivial collisions. ParallelHash is a variable-length hash function that can hash very long messages in parallel.
Email comments to: SP800email@example.com(Subject: "Draft SP 800-185 Comments")
Comments due by: September 30, 2016
Publication #5: DRAFT NISTIR 8112
NIST invites comments on Draft NIST Internal Report (NISTIR) 8112, Attribute Metadata. This report proposes a schema intended to convey information about a subject's attribute(s) to allow for a relying party (RP) to:
- Obtain greater understanding of how the attribute and its value were obtained, determined, and vetted;
- Have greater confidence in applying appropriate authorization decisions to subjects external to the domain of a protected system or data;
- Develop more granular access control policies;
- Make more effective authorization decisions; and
- Promote federation of attributes.
Please visit the CSRC Draft Publications page to learn more about this draft, plus there are links to get the draft document and comment template form, along with an email address to submit comments or questions.
Deadline to submit comments: September 30, 2016.