Date Published: July 2019
Comments Due:
Email Comments to:
Author(s)
Elaine Barker (NIST)
Announcement
Network and data security are essential in today's environment of increasingly open and interconnected systems, networks, and mobile devices. Critical security services include confidentiality, identity authentication, data integrity authentication, source authentication, and the support of non-repudiation. Cryptographic techniques can offer such protection for data that is sensitive, has high value, or is vulnerable to unauthorized disclosure or undetected modification during transmission or while in storage.
This document is part of a series that provides recommendations for protecting sensitive, unclassified digitized information using cryptography and NIST’s cryptographic standards. The document discusses cryptographic methods and services and refers to the recently published strategy for deprecating the Triple Data Encryption Algorithm (TDEA). Additional changes are listed in Appendix B.
NOTE: A call for patent claims is included on page iii of this draft. For additional information, see the Information Technology Laboratory (ITL) Patent Policy--Inclusion of Patents in ITL Publications.
This document is intended to provide guidance to the Federal Government for using cryptography and NIST’s cryptographic standards to protect sensitive, but unclassified digitized information during transmission and while in storage. The cryptographic methods and services to be used are discussed.
This document is intended to provide guidance to the Federal Government for using cryptography and NIST’s cryptographic standards to protect sensitive, but unclassified digitized information during transmission and while in storage. The cryptographic methods and services to be used are discussed.
Keywords
asymmetric-key algorithm; authentication; confidentiality; cryptography; digital signatures; encryption; integrity; key agreement; key derivation; key management; key transport; key wrapping; message authentication codes; non-repudiation; Public Key Infrastructure (PKI); random bit generation; symmetric-key algorithm
Control Families
Identification and Authentication;
System and Communications Protection;
System and Information Integrity;