U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

Search CSRC

Use this form to search content on CSRC pages.

For a phrase search, use " "


Limit results to content tagged with of the following topics:
Showing 726 through 750 of 13602 matching records.
Project Pages https://csrc.nist.rip/projects/cryptographic-module-validation-program/notices/2017-2014-notices

2016 [Updated 12-19-2016] -- Module Drop Policy Effective July 1, 2017, the CMVP will automatically drop modules in IUT after 18 months. Effective January 1, 2018, the CMVP will drop modules that have not been validated within 2 years of submission or IUTB, whichever occurred first. When the module is dropped, the vendor and lab will have to restart the validation process by sending an updated submission and paying a new cost recovery fee at the current rate. [Updated 06-01-2016][11-12-2015] -- Validation Sunsetting Policy The CMVP is adopting a five year validation...

Project Pages https://csrc.nist.rip/projects/cryptographic-module-validation-program/notices/2013-2009-notices

2013 [04-05-2013] -- The First International Cryptographic Module Conference Bringing experts together from around the world to confer on the topic of cryptographic modules. Discussion on technical topics underlying the implementation of a cryptographic module including physical security, key management, side-channel analysis, key management, cryptographic algorithm implementation testing, standardization (FIPS 140-2, ISO/IEC 19790), validation programs and more. September 24-26, 2013 in Gaithersburg, MD. Registration February through August 2013. Details at: ICMC 2013 2012...

Project Pages https://csrc.nist.rip/projects/cryptographic-module-validation-program/notices/2007-2003-notices

2007 [11-30-2007] -- Non-Compliance update to Certificate #733 RNG (Cert. #216) changed to non-compliant. This RNG shall not be used for any services requiring the use of random bits. [10-12-2007] -- Federal Register Notice DEPARTMENT OF COMMERCE National Institute of Standards and Technology Docket No. 070321067–7068–01 Public Draft of Federal Information Processing Standard (FIPS) 140-3, a revision of FIPS 140-2, Security Requirements for Cryptographic Modules AGENCY: National Institute of Standards and Technology (NIST), Department of Commerce. ACTION: Public comment period...

Project Pages https://csrc.nist.rip/projects/cryptographic-module-validation-program/announcements/announcements-archive

2018-2017 Announcements Archive 2018 [11-30-2018] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program has been updated. Updated Guidance: General: changed all references of Communications Security Establishment (CSE) to Canadian Centre for Cyber Security (CCCS). IG G.2 - Completion of a test report: Information that must be provided to NIST and CCCS – Added acceptance of draft certificate submissions from the CST lab to the CMVP in the RTF format (but still recommending DOC or DOCX formatting). IG G.13 - Instructions for Validation...

Project Pages https://csrc.nist.rip/projects/piv/announcements/piv-news-archives

POSTED December 13, 2013 -- Draft NIST Interagency Report 7863, Cardholder Authentication for the PIV Digital Signature Key is available for public comment. NIST is pleased to announce that Draft NIST Interagency Report 7863, Cardholder Authentication for the PIV Digital Signature Key, is available for public comment. NISTIR 7863 provides clarification for the requirement in FIPS 201-2 that a PIV cardholder perform an explicit user action prior to each use of the digital signature key stored on the card. NIST requests comments on NISTIR 7863 by 5:00pm EST on January 17, 2014. Please submit...

Project Pages https://csrc.nist.rip/projects/piv/announcements/pre-2008-piv-news-archive

POSTED November 30, 2007: NIST Interagency Report 7452: Secure Biometric Match-on-Card Feasibility Report (NIST IR 7452) NIST is pleased to announce the release of NIST Interagency Report 7452, Secure Biometric Match-on-Card Feasibility Report. NIST conducted the feasibility study to understand the effects of combining asymmetric cryptography with Biometric Match-on-Card. The report describes the tests that were conducted to obtain timing metrics for the SBMOC transaction and provides a summary of the test results. POSTED October 4, 2007: Draft Special Publication 800-73-2, Interfaces...

Project Pages https://csrc.nist.rip/projects/piv/announcements/sp-800-116-revision-1-high-level-change-summary

NIST SP 800-116 been updated to Revision 1 to align with FIPS 201-2. High-level changes include: Update to section 4.4 (previously section 7.1) to reflect the FIPS 201-2 requirements for credential validation. Reflection of the FIPS 201-2 deprecation of CHUID authentication mechanism throughout the document. Reflection of the downgrade of VIS authentication mechanism to LITTLE or NO” confidence in cardholder’s identity. Removal of the CHUID +VIS authentication mechanism from the list of recommended authentication mechanisms. Addition of a new appendix titled “Improving Authentication...

Project Pages https://csrc.nist.rip/projects/nist-personal-identity-verification-program/pre-validation-lists/pre-validation-lists-(1)

DISCLAIMER: The pre-validation list is provided for information purposes only. Participation on the list is voluntary and is a joint decision by the vendor and the NPIVP test facility. Products are listed alphabetically by vendor name. Posting on the list does not imply guarantee of final validation. The following phases describe the pre-validation process. The status of each product in the process is identified in the list.   PIV Card Application Testing in Progress There exists a viable contract between a vendor and a NPIVP testing facility for the testing of the vendor’s PIV card...

Project Pages https://csrc.nist.rip/projects/nist-personal-identity-verification-program/pre-validation-lists/pre-validation-list-for-piv-middleware

DISCLAIMER: The pre-validation list is provided for information purposes only. Participation on the list is voluntary and is a joint decision by the vendor and the NPIVP test facility. Products are listed alphabetically by name. Posting on the list does not imply guarantee of final validation. The following phases describe the pre-validation process. The status of each product in the process is identified in the list.   PIV Middleware Testing in Progress There exists a viable contract between a vendor and a NPIVP testing facility for the testing of the vendor’s PIV Middleware. The PIV...

Project Pages https://csrc.nist.rip/projects/nist-personal-identity-verification-program/validation-lists/piv-card-application-validation-list

The NIST maintains a validation list of all validated PIV Card Application (past and present). The list is maintained in descending order of certificate numbers and is updated as new PIV Card Applications receive validation certificates from the NPIVP. All questions regarding the implementation and/or use of any PIV Card Application located on the validation list should first be directed to the vendor. Cert # Product Name Vendor Issue Date/Update Date FIPS 140-2 validation certificate # and date Product Details...

Project Pages https://csrc.nist.rip/projects/nist-personal-identity-verification-program/validation-lists/sp-800-73-4-piv-middleware-validation-list

All questions regarding the implementation and/or use of any PIV Middleware included in the validation list should first be directed to the vendor.  SP 800-73-4 PIV Middleware Validation List Certificate # Product Name Vendor Validation Date 23 90meter PIV Middleware, Version 1.4 90meter, Inc. 03/13/2018 22  ID-One PIV Client API SP800-73-4 version 2.1.0.0 Oberthur Technologies 06/13/2017   SP 800-73-3 PIV Middleware Validation List Certificate # Product Name Vendor...

Project Pages https://csrc.nist.rip/projects/nist-personal-identity-verification-program/announcements/announcements-archive

09/05/2014 The NIST PIV Validation Program (NPIVP) has updated its PIV Middleware and PIV Card Application Validation lists to reflect the FIPS 201-2 implementation schedule. This schedule requires that beginning 09/05/14, new and replacement cards issued by Department and Agencies have to conform to FIPS 201-2 when on-boarding or when replacing PIV Cards as they expire over the next 5 years. The impact for the NPIVP Validation Program is that some cards with FIPS 201-1 conformant PIV Card Applications have to be removed from the validation list. Only a few cards on the validated list are...

Project Pages https://csrc.nist.rip/projects/risk-management/about-rmf/assess-step/assessment-cases-overview

The Assessment Cases available for download correspond with NIST Special Publication 800-53, Revision 3. The assessment cases were developed by an interagency working group that has disbanded. Assessment cases for consistency with SP 800-53A Rev 4 or newer will not be developed but the existing assessment cases may continue to be applied and also may be used as a model to extrapolate assessment cases for controls added or changed in NIST SP 800-53 Revision 4 or newer. Cautionary Note: The assessment cases developed for this project are not the only acceptable assessment cases; rather, the...

Project Pages https://csrc.nist.rip/projects/risk-management/about-rmf/assess-step/assessment-cases-download-page

The Assessment Cases available for download correspond with NIST Special Publication 800-53, Revision 3. The assessment cases were developed by an interagency working group that has disbanded. Assessment cases for consistency with SP 800-53A Rev 4 or newer will not be developed but the existing assessment cases may continue to be applied and also may be used as a model to extrapolate assessment cases for controls added or changed in NIST SP 800-53 Revision 4 or newer. Cautionary Note: The assessment cases developed for this project are not the only acceptable assessment cases; rather, the...

Project Pages https://csrc.nist.rip/projects/risk-management/sp800-53-controls

Resources for Implementers   NIST SP 800-53 Controls Public Comment Site     Comment on Controls & Baselines Suggest ideas for new controls and enhancements Submit comments on existing controls and baselines  Track the status of your feedback Participate in comment periods Preview changes to future SP 800-53 releases  See More: Infographic and Announcement Download the Control System Cybersecurity Tips & Tactics Infographic -->   View/Search Controls & Baselines     SP 800-53 Release Search View controls & baselines in browser Search controls & baselines...

Project Pages
42%
https://csrc.nist.rip/projects/automated-combinatorial-testing-for-software/acts-library/papers

Fundamental background papers: Empirical justification for combinatorial testing:  D.R. Kuhn, D.R. Wallace, A.M. Gallo, Jr., Software Fault Interactions and Implications for Software Testing, IEEE Transactions on Software Engineering, vol. 30, no. 6, June 2004, pp. 418-421.Abstract; DOI: 10.1109/TSE.2004.24  Preprint.  Comment: Investigates interaction level required to trigger faults in a large distributed database system. IPOG algorithm used in construction of covering arrays:  Y.Lei, R. Kacker, D.R. Kuhn, V. Okun and J. Lawrence, IPOG: a General Strategy for T-way Software Testing, 14th...

Project Pages https://csrc.nist.rip/projects/automated-combinatorial-testing-for-software/acts-library/covering-array-library

Although most combinatorial testing problems have varying numbers of values per variable, in some cases all variables have the same number of values and a pre-computed array can be found.    NIST library of pre-computed covering arrays   Arrays are available for t=2 to t=5, with 2 to 6 values per variable, and for t=6 with 2 to 5 values per variable.    Large collection of covering arrays available for download  (Jose Torres-Jimenez)   Data on the smallest uniform covering array sizes  for up to 20,000 variables for t=2, and up to 10,000 for t=3 through t=6. (Note that this database...

Project Pages https://csrc.nist.rip/projects/automated-combinatorial-testing-for-software/acts-library/seminars-talks

Quick introductions to Combinatorial Testing: Practical Applications of Combinatorial Testing, East Carolina University, March 22, 2012. Combinatorial Testing and Design of Experiments, TU Berlin, June 28, 2011. Combinatorial Testing, Institute for Defense Analyses, April 6, 2011. (approx. 2 hours) Combinatorial Testing Seminar, US Army Test & Evaluation Command, Aberdeen Proving Ground, May 17, 2010. (approx. 3 hours). Combinatorial Testing, Carnegie-Mellon University Jan 26, 2010. (approx. 60 min.) Combinatorial Testing Tutorial, National Defense Industrial Association, Reston, VA,...

Project Pages https://csrc.nist.rip/projects/automated-combinatorial-testing-for-software/acts-library/combinatorial-methods-for-modeling-simulation

D.R. Kuhn, R. Kacker and Y.Lei, Random vs. Combinatorial Methods for Discrete Event Simulation of a Grid Computer Network, MODSIM World 2009, Virginia Beach, Virginia, October 14-16, 2009. In Selected Papers Presented at MODSIM World 2009 Conference and Expo, edited by T.E. Pinelli, NASA/CP-2010-216205, National Aeronautics and Space Administration, pp. 83-88. R. Kessel and R. Kacker, A Test of Linearity Using Covering Arrays for Evaluating Uncertainty in Measurement, Advanced Mathematical and Computational Tools in Metrology and Testing (AMCTM VIII), Paris, France, June 23-25, 2008, Series...

Project Pages https://csrc.nist.rip/projects/automated-combinatorial-testing-for-software/acts-library/workshop-papers

In 2012, we co-founded the International Workshop on Combinatorial Testing, focused on theory and application of CT.  Papers from previous workshops are listed below.    IWCT 2022 A C++ implementation of the IPO algorithm Ken'Ya Takemura A Combinatorial Approach to Fairness Testing of Machine Learning Models Ankita Ramjibhai Patel, Jaganmohan Chandrasekaran, Jeff Yu Lei, Raghu Kacker, Rick Kuhn A Constrained Covering Array Generator using Adaptive Penalty based Parallel Tabu Search Yan Wang, Huayao Wu, Changhai Nie, Xintao Niu, Jiaxi Xu Applying Combinatorial Testing to High-Speed...

Project Pages https://csrc.nist.rip/projects/automated-combinatorial-testing-for-software/software-testing-methodology/dos-and-don-ts-of-testing

DON'T assume that 2-way combinations (pairwise testing) will be enough. Empirical data, documented in papers on this site, show that 2-way combinations are important, but a large proportion of faults involve more than two parameters.  but DO consider the appropriate level of t-way combinations to be used.   It is reasonable to expect that 30% or more of the faults that need to be found in testing may require three factors for detection.   DON’T try to develop the input model (the parameters and test values) only from use cases.  Considering only use cases is likely to lead to missing some...

Project Pages https://csrc.nist.rip/projects/post-quantum-cryptography/workshops-and-timeline/external-workshops

NIST includes here a list of events which may be of interest to those involved with post-quantum cryptography.  In particular, this list is intended to include events which will promote research in the main areas involved with our post-quantum cryptography standardization project.  For example, workshops devoted to the families comprising the Round 2 candidates (lattices, codes, isogenies, multivariate, etc).  It should be noted that NIST is not affiliated with or involved with the organizing of these workshops, and is providing this list as a source of information for the community.  Any...

Project Pages https://csrc.nist.rip/projects/post-quantum-cryptography/post-quantum-cryptography-standardization/call-for-proposals

Authority:  This work is being initiated pursuant to NIST’s responsibilities under the Federal Information Security Management Act (FISMA) of 2002, Public Law 107–347. The submission deadline of November 30, 2017 has passed.  Please see the Round 1 Submission page for a list of complete and proper submsisions. The Call for Proposals is available for historical reference.   Background In recent years, there has been a substantial amount of research on quantum computers – machines that exploit quantum mechanical phenomena to solve mathematical problems that are difficult or intractable for...

Project Pages https://csrc.nist.rip/projects/post-quantum-cryptography/post-quantum-cryptography-standardization/submission-requirements

Post-quantum candidate algorithm nominations are due November 30, 2017. Call for Proposals   Submission packages must be received by NIST by November 30, 2017. Submission packages received before September 30, 2017 will be reviewed for completeness by NIST; the submitters will be notified of any deficiencies by October 31, 2017, allowing time for deficient packages to be amended by the submission deadline. No amendments to packages will be permitted after the submission deadline, except at specified times during the evaluation phase (see Section 5). Due to the specific requirements of the...

Project Pages https://csrc.nist.rip/projects/post-quantum-cryptography/post-quantum-cryptography-standardization/minimum-acceptability-requirements

Post-quantum candidate algorithm nominations are due November 30, 2017. Call for Proposals Those submission packages that are deemed by NIST to be “complete” will be evaluated for the inclusion of a “proper” post-quantum public-key cryptosystem. To be considered as a “proper” post-quantum public-key cryptosystem (and continue further in the standardization process), the scheme shall meet the following minimum acceptability requirements: The algorithms shall be publicly disclosed and made available for public review and the evaluation process, and for standardization if selected, freely...

<< first   < previous   18     19     20     21     22     23     24     25     26     27     28     29     30     31     32     33     34     35     36     37     38     39     40     41     42  next >  last >>