Projects

Showing 25 matching records.
Automated Cryptographic Validation Testing ACVT
The Cryptographic Algorithm Validation Program (CAVP) and the Cryptographic Module Validation Program (CMVP) were established on July 17, 1995 by NIST to validate cryptographic modules conforming to the Federal Information Processing Standards (FIPS) 140-1, Security Requirements for Cryptographic Modules, and other FIPS cryptography based standards. FIPS 140-2 was released on May 25, 2001 and supersedes FIPS 140-1. The current implementation of the CMVP is shown in Figure 1 below. The CAVP is a...
Block Cipher Techniques
Approved Algorithms Currently, there are two (2) Approved* block cipher algorithms that can be used for both applying cryptographic protection (e.g., encryption) and removing or verifying the protection that was previously applied (e.g., decryption): AES and Triple DES. Two (2) other block cipher algorithms were previously approved: DES and Skipjack; however, their approval has been withdrawn. See the discussions below for further information; also see SP 800-131A Rev. 1, Transitions:...
Circuit Complexity
Circuit complexity is a topic of great relevance to cryptography. Optimization of circuits leads to efficiency improvement in a wide range of algorithms and protocols, such as for symmetric-key and public-key cryptography, zero-knowledge proofs and secure multi-party computation. The circuit complexity project has two main goals: improve our understanding of the circuit complexity of Boolean functions and vectorial Boolean functions; develop...
Computer Security Objects Register CSOR
Information objects that convey information used to maintain the security of resources in computerized environments are known as Computer Security Objects (CSOs). The Computer Security Objects Register (CSOR) specifies names that uniquely identify CSOs. These unique names are used to reference these objects in abstract specifications and during the negotiation of security services for a transaction or application. The CSOR is also a repository of parameters associated with the registered...
Crypto Reading Club
The Computer Security Division hosts Crypto Reading Club talks to foster research and collaboration in cryptography. When: Wednesday (bi-weekly), 10:00am-12:00pm (Eastern Time), unless noted otherwise. Where: NIST Building 222, Room B341 Gaithersburg, MD 20899 NIST Visitor Information Email List: Meeting reminders will be sent to subscribers of the Crypto Reading Club List. To be added to the list and/or give a...
Cryptographic Algorithm Validation Program CAVP
The NIST Cryptographic Algorithm Validation Program (CAVP) provides validation testing of Approved (i.e., FIPS-approved and NIST-recommended) cryptographic algorithms and their individual components. Cryptographic algorithm validation is a prerequisite of cryptographic module validation. Vendors may use any of the NVLAP-accredited Cryptographic and Security Testing (CST) Laboratories to test algorithm implementations. An algorithm implementation successfully tested by a lab and validated by...
Cryptographic Module Validation Program CMVP
Welcome to the CMVP The Cryptographic Module Validation Program (CMVP) is a joint effort between the National Institute of Standards and Technology under the Department of Commerce and the Canadian Centre for Cyber Security, a branch of the Communications Security Establishment. The goal of the CMVP is to promote the use of validated cryptographic modules and provide Federal agencies with a security metric to use in procuring equipment containing validated cryptographic modules.  Cryptographic...
Cryptographic Standards and Guidelines Development Process
In 2013, news reports about leaked classified documents caused concern from the cryptographic community about the security of NIST cryptographic standards and guidelines. NIST is also deeply concerned by these reports, some of which have questioned the integrity of the NIST standards development process. NIST has a proud history in open cryptographic standards, beginning in the 1970s with the Data Encryption Standard. We strive for a consistently open and transparent process that enlists the...
Digital Signatures
As an electronic analogue of a written signature, a digital signature provides assurance that: the claimed signatory signed the information, and the information was not modified after signature generation. Federal Information Processing Standard (FIPS) 186-4, Digital Signature Standard (DSS), specifies three NIST-approved digital signature algorithms: DSA, RSA, and ECDSA. All three are used to generate and verify digital signatures, in conjunction with an approved hash function specified...
Elliptic Curve Cryptography ECC
Elliptic curve cryptography is critical to the adoption of strong cryptography as we migrate to higher security strengths. NIST has standardized elliptic curve cryptography for digital signature algorithms in FIPS 186 and for key establishment schemes in SP 800-56A.  In FIPS 186-4, NIST recommends fifteen elliptic curves of varying security levels for use in these elliptic curve cryptographic standards. However, more than fifteen years have passed since these curves were first developed, and...
Entropy as a Service EaaS
Cryptography is critical for securing data at rest or in transit over the IoT. But cryptography fails when a device uses easy-to-guess (weak) keys generated from low-entropy random data. Standard deterministic computers have trouble producing good randomness, especially resource-constrained IoT-class devices that have little opportunity to collect local entropy before they begin network communications. The best sources of true randomness are based on unpredictable physical phenomena, such as...
FIPS 140-3 Development
THIS PAGE IS FOR HISTORICAL PURPOSES ONLY SEE FIPS 140-3 TRANSITION EFFORT FOR THE CURRENT STATUS Approval of FIPS 140-3  |  SP 800-140x Development  |  Implementation Schedule  |  2015 RFI FIPS 140-3 approved On March 22, 2019, the Secretary of Commerce approved Federal Information Processing Standards Publication (FIPS) 140-3, Security Requirements for Cryptographic Modules, which supersedes FIPS 140-2. This was announced in the Federal Register on May 1, 2019. FIPS 140-3 aligns with...
FIPS 140-3 Transition Effort FIPS 140-3
While FIPS 140-2 continues on through 2026, development to support and validate FIPS 140-3 modules must be in place by September 2020. This project addresses questions concerning the process of migrating from FIPS 140-2 to FIPS 140-3.  The transition process includes organizational, documentation and procedural changes necessary to update and efficiently manage the ever increasing list of security products that are tested for use in the US and Canadian governments.  Changes also support the...
Hash Functions
Approved Algorithms Approved hash algorithms for generating a condensed representation of a message (message digest) are specified in two Federal Information Processing Standards: FIPS 180-4, Secure Hash Standard and FIPS 202, SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions.  FIPS 180-4 specifies seven hash algorithms: SHA-1 (Secure Hash Algorithm-1), and the SHA-2 family of hash algorithms: SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, and SHA-512/256. FIPS 202...
Interoperable Randomness Beacons
The Randomness Beacons project at NIST intends to promote the availability of trusted public randomness as a public utility. Such utility can be used for example to promote auditability and transparency of services that depend on randomized processes. The project is spearheaded by the Cryptographic Technology Group in the Computer Security Division of the Information Technology Laboratory (ITL), and has counted with the participation of many collaborators over the years (see historical note...
Key Management
Publications that discuss the generation, establishment, storage, use and destruction of the keys used NIST’s cryptographic algorithms Project Areas: Key Management Guidelines Key Establishment Cryptographic Key Management Systems Generally-speaking, there are two types of key establishment techniques: 1) techniques based on asymmetric (public key) algorithms, and 2) techniques based on symmetric (secret key) algorithms. However, hybrid techniques are also commonly used, whereby public...
Lightweight Cryptography
There are several emerging areas (e.g. sensor networks, healthcare, distributed control systems, the Internet of Things, cyber physical systems) in which highly-constrained devices are interconnected, typically communicating wirelessly with one another, and working in concert to accomplish some task. Because the majority of current cryptographic algorithms were designed for desktop/server environments, many of these algorithms do not fit into constrained devices.   NIST has initiated a process...
Message Authentication Codes MAC
The message authentication code (MAC) is generated from an associated message as a method for assuring the integrity of the message and the authenticity of the source of the message.  A secret key to the generation algorithm must be established between the originator of the message and its intended receiver(s). Approved Algorithms Currently, there are three (3) approved* general purpose MAC algorithms:  HMAC, KMAC and CMAC. Keyed-Hash Message Authentication Code (HMAC) FIPS 198-1, The...
Pairing-Based Cryptography
Recently, what are known as “pairings” on elliptic curves have been a very active area of research in cryptography. A pairing is a function that maps a pair of points on an elliptic curve into a finite field. Their unique properties have enabled many new cryptographic protocols that had not previously been feasible. In particular, identity-based encryption (IBE) is a pairing-based scheme that has received considerable attention. IBE uses some form of a person (or entity’s) identification to...
Post-Quantum Cryptography PQC
Round 3 Seminars Kick-Off: October 27 NIST has initiated a process to solicit, evaluate, and standardize one or more quantum-resistant public-key cryptographic algorithms.  Full details can be found in the Post-Quantum Cryptography Standardization page.   The Round 3 candidates were announced July 22, 2020.  NISTIR 8309, Status Report on the Second Round of the NIST Post-Quantum Cryptography Standardization Process is now available.  NIST has developed Guidelines for Submitting Tweaks for...
Privacy-Enhancing Cryptography PEC
PEC. The Cryptographic Technology Group (CTG) at the Computer Security Division (CSD) at NIST intends to follow the progress of emerging technologies in the area of privacy enhancing cryptography (PEC). The PEC project seeks to promote the use of cryptographic protocols that enable promoting privacy goals. In this area, the technical challenge is often to enable parties to interact meaningfully, towards achieving an application goal, without revealing unneeded private information to one another...
Random Bit Generation RBG
Include revised/updated text from  http://csrc.nist.gov/groups/ST/toolkit/rng/index.html ??   --> The following publications specify the design and implementation of random bit generators (RBGs), in two classes: Deterministic Random Bit Generators (pseudo RBGs); and Non-Deterministic Random bit Generators (True RBGs). SP 800-90A, Recommendation for Random Number Generation Using Deterministic Random Bit Generators June 25, 2015:  This Recommendation specifies mechanisms for the...
Roots of Trust RoT
Modern computing devices consist of various hardware, firmware, and software components at multiple layers of abstraction. Many security and protection mechanisms are currently rooted in software that, along with all underlying components, must be trustworthy. A vulnerability in any of those components could compromise the trustworthiness of the security mechanisms that rely upon those components. Stronger security assurances may be possible by grounding security mechanisms in roots of trust....
Stateful Hash-Based Signatures HBS
In Special Publication 800-208, Recommendation for Stateful Hash-Based Signature Schemes NIST approves two schemes for stateful hash-based signatures (HBS) as part of the post-quantum cryptography development effort.  The two schemes were developed through the Internet Engineering Task Force: 1) XMSS, specified in Request for Comments (RFC) 8391 in May 2018, and 2) LMS, in RFC 8554 in April 2019. Background HBS schemes were the topic for a session of talks during the first public workshop on...
Threshold Cryptography TC
The Computer Security Division (CSD) at the National Institute of Standards and Technology (NIST) is interested in promoting the security of implementations and operation of cryptographic primitives. This security depends not only on the theoretical properties of the primitives but also on the ability to withstand attacks on their implementations and operations. It is thus important to mitigate breakdowns that result from differences between ideal and real implementations of cryptographic...