Search CSRC

Post-quantum candidate algorithm nominations are due November 30, 2017. Call for Proposals NIST will form an internal selection panel composed of NIST employees for the technical evaluations of the submitted algorithms. This panel will analyze the submitted algorithms and review public comments that are received in response to the posting of the “complete and proper” submissions. The panel will also take into account all presentations, discussions and technical papers presented at the PQC standardization conferences, as well as other pertinent papers and presentations made at other...

API Notes Intermediate Values KAT Source Code Files for KATs (license updated Dec 2021)

The National Institute of Standards and Technology (NIST) is requesting comments on a new process to solicit, evaluate, and standardize one or more quantum-resistant public-key cryptographic algorithms. Currently, public-key cryptographic algorithms are specified in FIPS 186–4, Digital Signature Standard, as well as special publications SP 800-56A Revision 2, Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography and SP 800-56B Revision 1, Recommendation for Pair-Wises Key-Establishment Schemes Using Integer Factorization Cryptography. However, these...

AES Overview | NIST Reports | Federal Register Notices | Rijndael Info | Related Publications AES Overview Beginning in 1997, NIST worked with industry and the cryptographic community to develop an Advanced Encryption Standard (AES). The overall goal was to develop a Federal Information Processing Standard (FIPS) specifying an encryption algorithm capable of protecting sensitive government information well into the 21st century. The algorithm was expected to be used by the U.S. Government and, on a voluntary basis, by the private sector. On January 2, 1997, NIST announced the initiation of...

Since announcing KECCAK as the winning algorithm of the SHA-3 Cryptographic Hash Algorithm Competition on October 2, 2012, NIST has consulted with the Keccak design team and the cryptographic community in its effort to specify Keccak as the new SHA-3 Standard. The table below shows major events in the development of FIPS 202, SHA-3 Standard:  Permutation-Based Hash and Extendable-Output Functions. Date Event 10/02/2012 SHA-3 competition ended; KECCAK announced as the winner. (NIST News Release) 02/06/2013 KECCAK team’s visit and presentation on SHA-3....

At A Glance   Purpose: Carry out essential activities to help prepare all levels of the organization to manage its security and privacy risks using the RMF   Outcomes:  key risk management roles identified organizational risk management strategy established, risk tolerance determined organization-wide risk assessment organization-wide strategy for continuous monitoring developed and implemented common controls identified   Resources for Implementers RMF Quick Start Guide (QSG): Prepare Step FAQs Privacy Risk Assessment Methodology (PRAM) Supporting NIST...

At A Glance     Purpose: Inform organizational risk management processes and tasks by determining the adverse impact  with respect to the loss of confidentiality, integrity, and availability of systems and the information processed, stored, and transmitted by those systems   Outcomes:  system characteristics documented security categorization of the system and information completed categorization decision reviewed/approved by authorizing official   Resources for Implementers RMF Quick Start Guide (QSG): Categorize Step FAQs Controlled Unclassified Information (CUI)...

At A Glance   Purpose: Select, tailor, and document the controls necessary to protect the system and organization commensurate with risk   Outcomes:  control baselines selected and tailored controls designated as system-specific, hybrid, or common controls allocated to specific system components system-level continuous monitoring strategy developed security and privacy plans that reflect the control selection, designation, and allocation are reviewed and approved   Resources for Implementers RMF Quick Start Guide (QSG): Select Step FAQs View and Search the SP 800-53...

At A Glance   Purpose: Maintain ongoing situational awareness about the security and privacy posture of the system and organization to support risk management decisions   Outcomes:  system and environment of operation monitored in accordance with continuous monitoring strategy ongoing assessments of control effectiveness conducted in accordance with continuous monitoring strategy output of continuous monitoring activities analyzed and responded to process in place to report security and privacy posture to management ongoing authorizations conducted using results of continuous...

A total of fifteen statistical tests were developed, implemented and evaluated. The following describes each of the tests. Frequency (Monobits) Test Description: The focus of the test is the proportion of zeroes and ones for the entire sequence. The purpose of this test is to determine whether that number of ones and zeros in a sequence are approximately the same as would be expected for a truly random sequence. The test assesses the closeness of the fraction of ones to ½, that is, the number of ones and zeroes in a sequence should be about the same. Test For Frequency Within A...

November 21, 2014: NIST requests comments on the latest revision of NIST SP 800-90A, Recommendation for Random Number Generation Using Deterministic Random Bit Generators, which is dated November 2014. This document specifies Deterministic Random Bit Generators based on approved hash functions (as specified in FIPS 180-4), HMAC (as specified in FIPS 198-1) and block ciphers (as specified in FIPS 197 for AES, and SP 800-67 for TDEA). This revision removes the previously approved Dual_EC_DRBG that was based on the use of elliptic curves and includes a number of other changes that are listed in...

SP 800-38A: Five Confidentiality Modes In Special Publication 800-38A, five confidentiality modes are specified for use with any approved block cipher, such as the AES algorithm. The modes in SP 800-38A are updated versions of the ECB, CBC, CFB, and OFB modes that are specified in FIPS Pub. 81; in addition, SP 800-38A specifies the CTR mode. In the Addendum to SP 800-38A, NIST has specified three variants for extending the domain of the CBC mode using "ciphertext stealing." SP 800-38B: An Authentication Mode The CMAC authentication mode is specified in Special...

Submissions should specify a mode of operation for a symmetric (secret) key block cipher algorithm.  At a minimum, the mode should support underlying block ciphers with key-block combinations of 128-128, 192-128, and 256-128 bits.  However, the specification should be generic – i.e., written to handle other key-block combinations, if they can be supported.  Example modes include, but are not limited to, techniques for performing encryption, message authentication, hashing, and random bit generation.  It will be helpful to receive variations of Counter mode arising from alternative...

Proposed Modes This page contains links to the proposals for block cipher modes of operation (modes, for short) that have been submitted to NIST for consideration. NIST maintains this page in order to facilitate public review of the modes; comments may be submitted to EncryptionModes@nist.gov. Appearance of a mode in this list does not constitute endorsement or approval by NIST. See the Current Modes page for descriptions of the modes that are currently approved. For each proposal below, links are given to the available documentation, as described in the following list of abbreviations:...

NIST continues to accept public comments on modes of operation, including comments on: Properties of individual modes (security, performance, etc.) Comparisons of proposed modes Recommendations for standardization Other related issues, such as padding. Comments may be submitted to EncryptionModes@nist.gov Comments on the Draft Specification of FPE Modes On February 28, 2019, NIST announced a public comment period, ending April 15, 2019, on Draft Special Publication 800-38G Revision 1, Recommendation for Block Cipher Modes of Operation: Methods for Format-Preserving Encryption.  In...

Use this form to search for information on validated cryptographic modules.  Select the basic search type to search modules on the active validation list.  Select the advanced search type to to search modules on the historical and revoked module lists.

The following listing represents specifications for emerging security automation capabilities: Languages Asset Summary Reporting (ASR) Open Checklist Reporting Language (OCRL) Metrics Common Misuse Scoring System (CMSS) Specification Descriptions Asset Summary Reporting (ASR) The Asset Summary Reporting (ASR) is a data model to express the transport format of summary information about one or more sets of assets. The standardized data model facilitates the interchange of aggregate asset information throughout and between organizations. ASR is vendor and technology neutral,...

The Asset Summary Reporting (ASR) is a data model to express the transport format of summary information about one or more sets of assets. The standardized data model facilitates the interchange of aggregate asset information throughout and between organizations. ASR is vendor and technology neutral, flexible, and suited for a wide variety of reporting applications. The Emerging Specifications Discussion List is available for developers interested in ASR and other emerging security automation standards. Please subscribe to this list through the SCAP Community page. ASR Resources Release...

The following specifications comprise SCAP version 1.3. Protocol SCAP: Security Content Automation Protocol Version: 1.3 Status: Final Specification: NIST Special Publication (SP) 800-126 rev 3 Specification Annex: NIST Special Publication (SP) 800-126 rev 3 Annex XML Schema: Source Data Stream, Constructs Example: Source Data Stream Example Schematron: Instructions and Download Tools SCAP Content Validation Tool Version: 1.3.6 Release Candidate 3 Released: 1/6/2022 Download: SCAP Content Validation Tool (Download 49 MB) SHA-256:...

The following specifications comprise SCAP version 1.2. Protocol SCAP: Security Content Automation Protocol Version: 1.2 Status: Final Specification: NIST Special Publication (SP) 800-126 rev 2 XML Schema: Source Data Stream, Constructs Example: Source Data Stream Example Schematron: Instructions and Download Errata: NIST Special Publication (SP) 800-126 Rev 2 Errata Change Proposals: Summer 2011 Developer Days (May 31, 2011) Tools SCAP Content Validation Tool Version: 1.2.1.16 Released: 12/16/2016 Download: SCAP Content Validation Tool (Download 25 MB) sha-256:...

The following specifications comprise SCAP version 1.1. Protocol SCAP: Security Content Automation Protocol Version: 1.1 Status: Final Specification: NIST SP 800-126 Rev. 1 Tools SCAP Content Validation Tool Version: 1.1.2.9 Released: 04/28/2011 Download: SCAP Content Validation Tool for SCAP 1.0 and 1.1 (Download 20.9 MB) [Note: A new version is available here that supports SCAP 1.2.] sha-1: E327A3477E4B6E9CD313B021E88572244967C4F8 sha-256: E9A49AF8DDC4E4A79785174969BD644ECDFF4C91E690625E9E9933FB9E2E33E5 Description: The SCAP Content Validation Tool is designed to validate the...

The following specifications comprise SCAP version 1.0. Please note that this version of SCAP is no longer supported by NIST. Protocol SCAP: Security Content Automation Protocol Version: 1.0 Status: Final (Support Withdrawn) Specification: NIST SP800-126 Tools SCAP Content Validation Tool Version: 1.1.2.9 Released: 04/28/2011 Download: SCAP Content Validation Tool for SCAP 1.0 and 1.1 (Download 20.9 MB) [Note: A new version is available here that supports SCAP 1.2.] sha-1: E327A3477E4B6E9CD313B021E88572244967C4F8 sha-256:...

Asset identification plays an important role in an organization's ability to quickly correlate different sets of information about assets. This specification provides the necessary constructs to uniquely identify assets based on known identifiers and/or known information about the assets. This specification describes the purpose of asset identification, a data model for identifying assets, methods for identifying assets, and guidance on how to use asset identification. It also identifies a number of known use cases for asset identification. The Asset Specifications Development List is...

The Asset Reporting Format (ARF) is a data model to express the transport format of information about assets, and the relationships between assets and reports. The standardized data model facilitates the reporting, correlating, and fusing of asset information throughout and between organizations. ARF is vendor and technology neutral, flexible, and suited for a wide variety of reporting applications. The Emerging Specifications Discussion List is available for developers interested in ARF and other emerging security automation standards. Please subscribe to this list through the SCAP...

The CCE List provides unique identifiers to security-related system configuration issues in order to improve workflow by facilitating fast and accurate correlation of configuration data across multiple information sources and tools. For example, CCE Identifiers are included for the settings in Microsoft Corporation’s Windows Server 2008 Security Guide and 2007 Microsoft Office Security Guide; are the main identifiers used for the settings in the U.S. Federal Desktop Core Configuration (FDCC) data file downloads; and provide a mapping between the elements in configuration best-practice...