Many of NIST's cybersecurity and privacy publications are posted as drafts for public comment. Comment periods are still open for the following publications. Select the publication title to access downloads, related content, and instructions for submitting comments. Your thoughtful reviews and comments are greatly appreciated and help us to improve our standards and guidance.
Also see a complete list of public drafts that includes those whose comment periods have closed.
The NIST National Cybersecurity Center of Excellence (NCCoE) has released two new draft publications to help organizations address cybersecurity and privacy risks associated with processing genomic data. Both drafts are open for public comment until 11:59 PM (ET) on Thursday, January 30, 2025.About... |
The NIST National Cybersecurity Center of Excellence (NCCoE) has released two new draft publications to help organizations address cybersecurity and privacy risks associated with processing genomic data. Both drafts are open for public comment until 11:59 PM (ET) on Thursday, January 30, 2025.About... |
The NIST National Cybersecurity Center of Excellence (NCCoE) has released the initial public draft of the practice guide, Implementing a Zero Trust Architecture (NIST SP 1800-35), for public comment. This publication outlines results and best practices from the NCCoE effort working with 24 vendors... |
This draft standard introduces a new Ascon-based family of symmetric-key cryptographic primitives that provides robust security, efficiency, and flexibility. With its compact state and range of cryptographic functions, it is ideal for resource-constrained environments, such as Internet of Things... |
In recent years, numerous Internet routing incidents — such as Border Gateway Protocol (BGP) prefix hijacking, and route leaks — have resulted in denial of service (DoS), unwanted data traffic detours, and performance degradation. Large-scale distributed denial-of-service (DDoS) attacks on servers... |
NIST recently published FIPS 203, Module-Lattice-Based Key-Encapsulation Mechanism Standard, to update its cryptographic standards with an algorithm designed to provide protection from quantum attacks. In addition, NIST will select one or two additional quantum-resistant key-encapsulation... |
Summary In March 2024, NIST announced its intention to revise NIST Special Publication (SP) 800-38D, Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC (2007). See NIST’s Crypto Publication Review Project site for information about the review. NIST requests... |
This draft Ransomware Community Profile reflects changes made to the Cybersecurity Framework (CSF) from CSF 1.1 to CSF 2.0 which identifies security objectives that support managing, detecting, responding to, and recovering from ransomware events. Ransomware can attack organizations of all sizes... |
The Advanced Encryption Standard (AES) specifies a subset of the Rijndael block cipher family with 128-bit blocks that was submitted to the NIST AES development effort. While this block size remains sufficient for many applications, the increasing demand for processing large volumes of data... |