U.S. flag   An official website of the United States government

White Paper (Draft)

[Project Description] Addressing Visibility Challenges with TLS 1.3

Date Published: February 2021
Comments Due: March 29, 2021 (public comment period is CLOSED)
Email Questions to: applied-crypto-visibility@nist.gov

Author(s)

W. Polk (NIST), Murugiah Souppaya (NIST), William Barker (Dakota Consulting)

Announcement

The National Cybersecurity Center of Excellence (NCCoE) has released a new draft project description, Addressing Visibility Challenges with TLS 1.3. Publication of this draft project description begins a process to solicit feedback about the project scope, demonstration scenarios, and high-level architecture.
 
The NCCoE will solicit participation from industry to build one or more visibility solution examples using commercially available technology, which will address a set of cybersecurity challenges. These challenges impact the ability of some organizations to meet their regulatory, security, and operational requirements due to loss of visibility into the content of communications within their enterprise environments. The project will demonstrate various approaches and practices, which will result in a freely available NIST Cybersecurity Practice Guide that documents a range of approaches for enterprises to regain visibility into the content of TLS-protected information being exchanged within the enterprise environment.
 
The public comment period for this draft is open through March 29, 2021. You can also help shape and contribute to this project. Join the Community of Interest by sending an email to applied-crypto-visibility@nist.gov.

Abstract

Keywords

application; compliance; cryptography; encryption; forensics; forward secrecy; protocol; transport layer; visibility
Control Families

None selected

Documentation

Publication:
Project Description

Supplemental Material:
Submit comments (web)
Project homepage (web)

Document History:
02/24/21: White Paper (Draft)

Topics

Security and Privacy
encryption; intrusion detection & prevention; key management

Technologies
networks

Applications
enterprise