NIST announces the release of Draft NISTIR 8214, Threshold Schemes for Cryptographic Primitives. This publication provides a high-level overview of the possibilities that threshold schemes bring for enhancing the robustness...

Draft NIST Special Publication (SP) 800-163 Revision 1, Vetting the Security of Mobile Applications, defines the app vetting process—a software assurance method for mobile applications. Revision 1 updates this publication to...

Draft NIST Special Publication (SP) 800-131A Revision 2, Transitioning the Use of Cryptographic Algorithms and Key Lengths, is now available for public comment, until September 7, 2018.

NIST’s Computer Security Division intends to withdraw eleven (11) SP 800 publications on August 1, 2018. They are out of date and will not be revised or superseded.

The National Cybersecurity Center of Excellence (NCCoE) has released the final NIST Cybersecurity Practice Guide 1800-2, Identity and Access Management for Electric Utilities, and invites you to download the guide.

Draft SP 800-56B Revision 2 specifies key-agreement and key-transport schemes that are based on the RSA algorithm. The public comment period for this draft is open until October 5, 2018.

Draft NIST Special Publication (SP) 800-71, Recommendations for Key Establishment Using Symmetric Block Ciphers, addresses key establishment techniques that .....

NIST has published Special Publication (SP) 800-116 Revision 1, Guidelines for the Use of PIV Credentials in Facility Access.

NIST's Computer Security Division is seeking input on the development of standards for stateful hash-based signatures, including XMSS (see IETF RFC 8391).

NIST is publishing Special Publication (SP) 800-171A, Assessing Security Requirements for Controlled Unclassified Information (CUI). It is intended to help organizations develop assessment plans and conduct efficient,...

Today, NIST is releasing an update for Special Publication (SP) 800-171 Revision 1, Protecting Controlled.....

Server Virtualization is now a key component for enterprise IT infrastructure in data centers and cloud services. Virtual servers provide.....

"A Data Structure for Integrity Protection with Erasure Capability" is a draft white paper available for public comment until August 3, 2018. It describes a "block matrix" data structure .

NIST is seeking public comments on Draft NISTIR 8204, Cybersecurity Framework Online Informative References (OLIR) Submissions: Specification for Completing the OLIR Template. The public comment period is open until July 16,...

The National Institute of Standards and Technology (NIST) is requesting comments on a proposed process to.....

Data recovered from digital devices is often helpful in providing clues for incidents and potential criminal.....

The initial public draft of SP 800-37 Revision 2, Risk Management Framework for Information Systems and Organizations, is available for public comment until June 22, 2018.

NIST announces the release of Special Publication 800-193, Platform Firmware Resiliency Guidelines, a document that provides technical guidelines and recommendations supporting resiliency of the collection of hardware and...

NIST has published NIST Internal Report (NISTIR) 7511 Revision 5, Security Content Automation Protocol (SCAP) Version 1.3 Validation Program Test Requirements.

NIST has updated the federal agency organizational codes specified in Special Publication (SP) 800-87, Codes for the Identification of Federal and Federally-Assisted Organizations. The changes included in this update,...

Secret cryptographic keying material may be electronically established between parties by using a.....

Ensuring the Security of Virtualized Server Platforms Against Potential Threats: NIST Releases Draft Special Publication 800-125A Revision 1, Security Recommendations for Server-based Hypervisor Platforms

Best practices for organizations to manage cryptographic keys:  NIST releases Draft SP 800-57 Part 2 Revision 1 for public comment

NIST is releasing NIST Internal Report (NISTIR) 8179, Criticality Analysis Process Model: Prioritizing Systems and Components, to help organizations identify those systems and components that are most vital and which may need...

When software programs in a network are unmanaged, or unidentified, they are vulnerable to attacks, and.....