Search CSRC

NIST announces the final release of the best practices guide for privileged user PIV authentication. The paper is in response to the Office of Management and Budget (OMB)’s October 2015 Cybersecurity Strategy and Implementation Plan...

NIST requests comments on the Second Draft of Special Publication (SP) 800-150, Guide to Cyber Threat Information Sharing. This draft provides guidelines for establishing, participating in, and maintaining cyber threat information sharing relationships...

Special Publication (SP) 800-85A-4 provides derived test requirements and test assertions for testing PIV Middleware and PIV Card Applications for conformance to specifications in SP 800-73-4,...

NIST invites comments on the second draft of Special Publication (SP) 800-90C, Recommendation for Random Bit Generator (RBG) Constructions. This Recommendation specifies constructions for the implementation of RBGs...

NIST requests comments on Draft NIST Internal Report (NISTIR) 8071, LTE Architecture Overview and Security Analysis. Cellular technology plays an increasingly large role in society as it has become the primary portal to the Internet for a large segment of the population. ...

The Commission on Enhancing National Cybersecurity will meet Thursday, April 14, 2016, from 1 p.m. until 4 p.m. Eastern Time. 

NIST requests comments on Draft Special Publication (SP) 800-175A, Guideline for Using Cryptographic Standards in the Federal Government: Directives, Mandates and Policies. The SP 800-175 publications are intended to be a replacement for SP 800-21, ..

NIST announces the release of NIST Interagency Report (NISTIR) 7977,Cryptographic Standards and Guidelines Development Process. This document describes the principles, processes and procedures behind our cryptographic standards development efforts. ...

NIST requests comments on the second draft of Special Publication (SP) 800-177, Trustworthy Email. This draft is a complimentary guide to NIST SP 800-45 Guidelines on Electronic Mail Security and covers protocol security technologies to secure email transactions.

NIST is pleased to announce the release of Special Publication 800-38G, Recommendation for Block Cipher Modes of Operation: Methods for Format-Preserving Encryption. This publication specifies and approves the FF1 and FF3 encryption modes of operation of the AES algorithm. ...

NIST requests public comments on two draft Special Publications (SPs) on telework and BYOD security: Draft SP 800-46 Revision 2, Guide to Enterprise Telework, Remote Access, and Bring Your Own Device (BYOD) Security, and Draft SP 800-114 Revision 1, ...

NIST requests public comments on draft Special Publication (SP) 800-154, Guide to Data-Centric System Threat Modeling. Data-centric system threat modeling is a form of risk assessment that models aspects of the attack and defense sides for selected data within a system. ...

NIST requests comments on Special Publication 800-175B,Guideline for Using Cryptographic Standards in the Federal Government: Cryptographic Mechanisms. ...

NIST announces the release of final version of NIST Special Publication 800-125B, Secure Virtual Network Configuration for Virtual Machine (VM) Protection. VMs constitute the primary resource to be protected in a virtualized infrastructure, ...

Pursuant to the Federal Advisory Committee Act, as amended, 5 U.S.C. App., notice is hereby given that the Information Security and Privacy Advisory Board 

Recognizing the importance of maintaining the relevance and currency of Special Publication (SP) 800-53, NIST will update Revision 4 to Revision 5 during calendar year 2016 beginning with this pre-draft ...

The comment period for Draft Special Publication 800-116 Revision 1 has been extended, and now closes at 5:00 EST (US and Canada) on March 1, 2016

NIST requests public comments on DRAFT SP 800-180, NIST Definition of Microservices, Application Containers and System Virtual Machines. This document serves to provide a NIST-standard definition to application containers, microservices ...

On January 12-13, 2016 the Applied Cybersecurity Division (ACD) in the National Institute of Standards and Technology’s (NIST) Information Technology Laboratory hosted the “Applying Measurement Science in the Identity Ecosystem”...

NIST requests public comments on DRAFT NISTIR 8063, Primitives and Elements of Internet of Things (IoT) Trustworthiness. This report describes research on creating a vocabulary, namely primitives and elements, for composing IOT. ...

The National Institute of Standards and Technology (NIST) is extending the period for submitting comments relating to the “Framework for Improving Critical Infrastructure Cybersecurity” 

 the CMVP has removed cryptographic modules implementing RNG from the FIPS 140-2 validation list as of 1/1/16.

Draft SP 800-166 contains the derived test requirements and test assertions for testing the Derived PIV Application and associated Derived PIV data objects. The tests verify the conformance of these artifacts to the technical specifications of SP 800-157. ...

This draft white paper is a best practices guide. The paper is in response to the Cybersecurity Strategy and Implementation Plan (CSIP), published by the Office of Management and Budget (OMB) ...

NIST requests public comments on DRAFT NISTIR 8105, Report on Post-Quantum Cryptography. In recent years, there has been a substantial amount of research on quantum computers – machines that exploit quantum ...