Search CSRC

The following NIST-authored publications are directly related to this project. NIST IR 8454, Status Report on the Final Round of the NIST Lightweight Cryptography Standardization Process (June 16, 2023) NISTIR 8369, Status Report on the Second Round of the NIST Lightweight Cryptography Standardization Process (July 21, 2021) NISTIR 8268, Status Report on the First Round of the NIST Lightweight Cryptography Standardization Process (October 7, 2019) Call for Algorithms:  Submission Requirements and Evaluation Criteria for the Lightweight Cryptography Standardization Process (August 27,...

A generic application (app, for short) of beacon randomness is enabling public-verifiability of randomized procedures. For example, when randomly sampling for audits, auditors are prevented from biasing the selections (or being accused of it), and auditees are prevented from knowing the selections in advance (or being accused of it). An interesting randomness/determinism duality: although beacon applications relate to the use of randomness, their public auditability requires a well specified deterministic operation (which then uses as input the needed random values). The remainder of this...

Official comments on the Fourth Round Candidate Algorithms should be submitted using the "Submit Comment" link for the appropriate algorithm. Comments from the pqc-forum Google group subscribers will also be forwarded to the pqc-forum Google group list. We will periodically post and update the comments received to the appropriate algorithm. All relevant comments will be posted in their entirety and should not include PII information in the body of the email message. Please refrain from using OFFICIAL COMMENT to ask administrative questions, which should be sent to pqc-comments@nist.gov...

Official comments on the Selected Algorithms should be submitted using the "Submit Comment" link for the appropriate algorithm. Comments from the  pqc-forum Google group subscribers will also be forwarded to the pqc-forum Google group list. We will periodically post and update the comments received to the appropriate algorithm. All relevant comments will be posted in their entirety and should not include PII information in the body of the email message. Please refrain from using OFFICIAL COMMENT to ask administrative questions, which should be sent to pqc-comments@nist.gov History of...

Why are we doing this? NIST seeks to : Accelerate the adoption of our cybersecurity and privacy standards, guidelines, and frameworks by making it much easier for users of NIST products to identify, locate, compare, and customize content across NIST’s standards, guidelines, and practices. Add value to our existing reference datasets by delivering human- and machine-consumable reference datasets. The CPRT provides a centralized, standardized, and modernized mechanism for managing reference datasets, eventually creating the opportunity to correlate and establish relationships...

XLSX: All CPRT data and queries can be downloaded in XLSX format. This is the common format used by Microsoft Excel. JSON: All CPRT data uses a common format. Therefore, every document, and query, within the CPRT can use the same JSON schema. This schema provides a machine readable view into the CPRT for users to interact with the data in a repeatable and predictable way. The schema is flat, containing only 4 top level elements (documents, elements, relationships, relationship_types). This structure allows users to quickly iterate through the data and build any data structure that suits...

Our initial planning for the CPRT project comprises three phases: Phase 1: Free the Data We are currently in Phase 1, which involves developing the data format and freeing the data from a selection of our guidelines and frameworks with broad impact. This data is typically locked into publications. By moving it into a shared repository using a newly-developed unified data format, we will now be able to offer new ways to interact with and download the data. Phase 1 offers only basic tools for interacting within each reference datasets. Phase 2: Manage the Data Phase 2 in late 2023 will...

In January 2022, the George Mason University Cryptographic Engineering Research Group (CERG) team published three calls to assist in evaluating protected implementations of the finalists: Call for Protected Hardware Implementations, targeting low-cost modern FPGAs Call for Protected Software Implementations, targeting low-cost modern embedded processors Call for Side-Channel Security Evaluation Labs The NIST team encourages submitters and third parties to contribute to this initiative.  Performance benchmarking results are provided in the following pages: Microcontroller...

Date Event July 20-21, 2015  First Lightweight Cryptography Workshop at NIST  August 11, 2016  (Draft) NISTIR 8114 is published.  October 17-18, 2016 Second Lightweight Cryptography Workshop at NIST    October 31, 2016  End of public comment period to Draft NISTIR 8114  Public comments received (August 11 - October 31,2016)  March 28, 2017  NISTIR 8114, Report on Lightweight Cryptography is published.  April 26, 2017 (Draft) Profiles for Lightweight cryptography standardization process is...

Validation Number: 146 Vendor: BMC Product Name: BMC Client Management Product Major Version: 21 Product Version Tested: 21.02.03 Tested Platforms: Microsoft Windows 7 SP1 64-bit Microsoft Windows 8.1 SP0 64-bit Microsoft Windows 10 SP0 64-bit Microsoft Windows Server 2012 R2 SP0 64-bit Red Hat Enterprise Linux 6 64-bit Red Hat Enterprise Linux 7 64-bit SCAP 1.3 Capabilities: Authenticated Configuration Scanner Common Vulnerabilities and Exposures (CVE) Option Validated...

Security Requirements for Protecting CUI Purpose Recommended security requirements for protecting the confidentiality of CUI:      (1) when the CUI is resident in a nonfederal system and organization;      (2) when the nonfederal organization is not collecting or maintaining information on behalf of a federal agency or using or operating a system on behalf of an agency; and      (3) where there are no specific safeguarding requirements for protecting the confidentiality of CUI prescribed by the authorizing law, regulation, or governmentwide policy for the CUI category listed in the CUI...

Enhanced Security Requirements for Protecting Controlled Unclassified Information: A Supplement to NIST Special Publication 800-171 Purpose Enhanced security requirements to help protect the confidentiality, integrity, and availability of Controlled Unclassified Information (CUI) associated with critical programs or high value assets from the advanced persistent threat (APT). Scope The enhanced security requirements in NIST SP 800-172 are supplemental and do not impact the basic and derived security requirements contained in NIST SP 800-171, nor the scope of the implementation of the NIST...

Accessing Security Requirements for Controlled Unclassified Information Purpose Assessment procedures and a methodology that can be employed to conduct assessments of the CUI security requirements in NIST SP 800-171. Scope A system security plan describes how the SP 800-171 security requirements are met. The plan describes the system boundary; the environment in which the system operates; how the requirements are implemented; and the relationships with or connections to other systems. The scope of the assessments conducted using the procedures described in SP 800-171A are guided and...

Accessing Enhanced Security Requirements for Controlled Unclassified Information Purpose Assessment procedures and a methodology that can be employed to conduct assessments of the enhanced security requirements in NIST Special Publication 800-172. Scope Assessments conducted using the SP 800-172A procedures are guided and informed by the system security plans for the organizational systems processing, storing, or transmitting CUI. The assessments focus on the overall effectiveness of the security safeguards intended to satisfy the SP 800-172 enhanced security requirements. Download the SP...

November 1, 2022: NIST issues summary and analysis of responses to the CUI Series pre-draft call for comments. Comments received in response to the pre-draft call for comments on the CUI Series. Submitters’ names and affiliations (when provided) will be included, while contact information will be removed. Date  Received From July 19, 2022 Williams International July 19, 2022 Real IT Care July 19, 2022 RSM US LLP July19, 2022 ePlus Technology, Inc July 19, 2022 Mercy Medical Center July 20, 2022 ESN...

Examples of combinatorial coverage achieved by real-world test suites in various application domains.  The test suites studied in these examples were designed using conventional methods, i.e., they were not developed using ACTS or another covering array tool.   Application Config t = 2 t = 3 t = 4 t = 5 t = 6 Reference Spacecraft control 132754262 0.940 0.831 0.668 0.536   Maximoff, J. R., Kuhn, D. R., Trela, M. D., &...

Call for Additional Digital Signature Schemes for the Post-Quantum Cryptography Standardization Process (PDF) Closed June 1, 2023 NIST announced that the PQC standardization process is continuing with a fourth round, with the following KEMs still under consideration: BIKE, Classic McEliece, HQC, and SIKE. However, there are no remaining digital signature candidates under consideration. As such, NIST is calling for additional digital signature proposals to be considered in the PQC standardization process. NIST is primarily interested in additional general-purpose signature schemes that are...

Authority: This work is being initiated pursuant to NIST’s responsibilities under the Federal Information Security Management Act (FISMA) of 2002, Public Law 107–347. Call for Additional Digital Signature Schemes for the Post-Quantum Cryptography Standardization Process (PDF) Closed June 1, 2023   Submission packages must be received by NIST by June 1, 2023. Submission packages received before March 1, 2023, will be reviewed for completeness by NIST; the submitters will be notified of any deficiencies by March 31, 2023, allowing time for deficient packages to be amended by the submission...

API Notes Intermediate Values KAT Source Code Files for KATs 

Workshops Date   April 2024 (tentative)   Timeline *This is a tentative timeline, provided for information, and subject to change. Date   Sep 6, 2022 Call for Additional Digital Signature Schemes  June 1, 2023 Deadline for submissions July 17, 2023 Round 1 Additional Signatures announced (40 submissions accepted as "complete and proper")

NIST has set up a pqc-forum@list.nist.gov mailing list. The mailing list will be used to discuss the standardization and adoption of secure, interoperable and efficient post-quantum algorithms.  You must be subscribed to send email to the mailing list.  Please use the instructions below to subscribe. To join: mailto:pqc-forum+subscribe@list.nist.gov You will receive a response message from jupyter+subconfirm@list.nist.gov.  Please click the "Join" link inside that email to confirm your subscription request. To unsubscribe: mailto:pqc-forum+unsubscribe@list.nist.gov   Mailing List...

[This page will automatically redirect to the main Post-Quantum Cryptography Standardization page. It does not work in the preview mode, however.]

Go to our PQC Digital Signature Schemes project.